[prev in list] [next in list] [prev in thread] [next in thread]
List: serusers
Subject: [SR-Users] Meddling with password during authentication
From: Olli Heiskanen <ohjelmistoarkkitehti () gmail ! com>
Date: 2014-12-26 18:33:43
Message-ID: CALu7wuY=H4vXwy8J4KeOj3gy36rLM4AA3o3oT9jNzvkM0NKzDQ () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello all,
During authentication, is there any way to affect the password user is
sending? I do suspect not as it is a clear security matter, but won't hurt
to ask. I use auth_db module with calculate_ha1 parameter set to 1. For
reasons in integrating Kamailio into my system architecture there is a need
to store a password in some other format than for example
md5('555:domain.com:password)') while not allowing any passwords to be
stored as plaintext.
For example: md5('555:domain.com:md5('password')') but this would require
me to hash the password before authentication, in Kamailio script as I
can't do it in the clients.
Reason for this question is to have my users in a separate database, and
these users could have 0-n sip peers assigned to them, and have users
authenticate to my software and the sip peers using the same password.
cheers,
Olli
[Attachment #5 (text/html)]
<div dir="ltr"><div><br></div><div>Hello all,</div><div><br></div><div>During \
authentication, is there any way to affect the password user is sending? I do suspect \
not as it is a clear security matter, but won't hurt to ask. I use auth_db module \
with calculate_ha1 parameter set to 1. For reasons in integrating Kamailio into my \
system architecture there is a need to store a password in some other format than for \
example md5('555:domain.com:password)') while not allowing any passwords to \
be stored as plaintext. </div><div><br></div><div>For example: \
md5('555:domain.com:md5('password')') but this would require me to \
hash the password before authentication, in Kamailio script as I can't do it in \
the clients. </div><div><br></div><div>Reason for this question is to have my users \
in a separate database, and these users could have 0-n sip peers assigned to them, \
and have users authenticate to my software and the sip peers using the same \
password.</div><div><br></div><div>cheers,</div><div>Olli</div></div>
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic