[Serusers] Password

Jan Janak jan at iptel.org
Wed Feb 11 20:10:45 CET 2004 

No, nonce is a string generated by server.

  Jan.

On 10-02 08:32, Kapil Dhawan wrote:
> one thing i like to ask is is nonce field used as encrypted password...
> 
> Regards
> 
> Dhawan K
> 
> ---------- Original Message -----------
> From: Jiri Kuthan <jiri at iptel.org>
> To: "kapil dhawan" <oswriter at hotmail.com>
> Cc: serusers at lists.iptel.org
> Sent: Tue, 10 Feb 2004 02:18:36 +0100
> Subject: Re: [Serusers] Password
> 
> > At 02:11 AM 2/10/2004, kapil dhawan wrote:
> > >thats absolutely fine i know md5 is used....i can also compare coming 
> password in requested with my md5 converted password but i am stuck with how 
> and where to read pasword information coming in a request
> > 
> > The authentication module does it for you. It takes the MD5-hashed value
> > from request (example bellow) and compares it against expected value based 
> > on credentials stored in subscriber table. The table may be located in 
> mysql, 
> > dbtext or whereever.
> > 
> > -jiri
> > 
> > example: 
> > Authorization: DIGEST username="17479383213", realm="proxy01.foobar.com", 
> algorithm=MD5, uri="sip:proxy01.foobar.com", 
> nonce="4028321e2577ba09167c3c5702bc2105d560dbaa", 
> response="6e71e5747df3198d24d00fb2a8733392"
> > 
> > >>From: Jiri Kuthan <jiri at iptel.org>
> > >>To: "kapil dhawan" <oswriter at hotmail.com>, serusers at lists.iptel.org
> > >>Subject: Re: [Serusers] Password
> > >>Date: Mon, 09 Feb 2004 08:27:26 +0100
> > >>
> > >>At 05:04 AM 2/9/2004, kapil dhawan wrote:
> > >>>Hi
> > >>>How can i retrieve password coming in 'REGISTER' Request.
> > >>
> > >>There is fortunately no easy way to do it. SIP used MD5 digest
> > >>function which would be quite hard to reverse for you.
> > >>
> > >>>problem is i don't want to do mysql authentication as i have less 
> space...
> > >>
> > >>use dbtext module.
> > >>
> > >>-jiri
> > >
> > >_________________________________________________________________
> > >Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?ptnr=hmltag 
> Only on www.shaadi.com. Register now!
> > 
> > --
> > Jiri Kuthan            http://iptel.org/~jiri/
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> ------- End of Original Message -------
> 
> 
> .
> 
> 
> 
> 
> 
> 
> 
> Disclaimer
> --------------------------------------------------------------------------
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity 
> to whom they are addressed. If you have received this email 
> in error please notify the system manager. Recipients must 
> check this email and any attachments for the presence of 
> viruses before downloading them. Direct Internet / 
> Primus India accepts no liability for any damage caused by
> any virus transmitted by this email.
> 
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers

More information about the sr-users mailing list