Browse code
- update: nonce_auth_max_drift, auth_extra_checks split into auth_checks_*
Andrei Pelinescu-Onciul authored on 17/07/2008 13:37:49
Showing 1 changed files
| ... | ... |
@@ -28,6 +28,10 @@ modules: |
| 28 | 28 |
- added extra authentication checks support, to protect |
| 29 | 29 |
against various reply attacks. |
| 30 | 30 |
- params: |
| 31 |
+ - nonce_auth_max_drift - maximum difference in seconds |
|
| 32 |
+ from the current time, if a nonce appears to be |
|
| 33 |
+ created in the future (if exceeded the nonce is |
|
| 34 |
+ considered stale). |
|
| 31 | 35 |
- one_time_nonce - if enabled each nonce is allowed |
| 32 | 36 |
only once => each new request (including |
| 33 | 37 |
retransmissions!) will be challenged. It should be |
| ... | ... |
@@ -65,7 +69,8 @@ modules: |
| 65 | 69 |
and index partitions, useful for increasing |
| 66 | 70 |
performance on multi-cpu systems (default 1, |
| 67 | 71 |
recommended 4) |
| 68 |
- - auth_extra_checks - flags specifying which extra |
|
| 72 |
+ - auth_checks_register, auth_checks_no_dlg, |
|
| 73 |
+ auth_checks_in_dlg - flags specifying which extra |
|
| 69 | 74 |
message part/parts will be checked for change before |
| 70 | 75 |
allowing nonce reuse. See the auth module docs for |
| 71 | 76 |
for more information (modules/auth/README). |