[Serusers] Password

Jan Janak jan at iptel.org
Thu Feb 12 12:20:44 CET 2004 

response field.

  Jan.

On 12-02 12:46, Kapil Dhawan wrote:
> then which field contains the encrypted password
> 
> Regards
> 
> Dhawan K
> 
> ---------- Original Message -----------
> From: Jan Janak <jan at iptel.org>
> To: Kapil Dhawan <kdhawan at primus-direct.com>
> Cc: Jiri Kuthan <jiri at iptel.org>, "serusers at lists.iptel.org " <serusers at lists.iptel.org>
> Sent: Wed, 11 Feb 2004 20:10:45 +0100
> Subject: Re: [Serusers] Password
> 
> > No, nonce is a string generated by server.
> > 
> >   Jan.
> > 
> > On 10-02 08:32, Kapil Dhawan wrote:
> > > one thing i like to ask is is nonce field used as encrypted password...
> > > 
> > > Regards
> > > 
> > > Dhawan K
> > > 
> > > ---------- Original Message -----------
> > > From: Jiri Kuthan <jiri at iptel.org>
> > > To: "kapil dhawan" <oswriter at hotmail.com>
> > > Cc: serusers at lists.iptel.org
> > > Sent: Tue, 10 Feb 2004 02:18:36 +0100
> > > Subject: Re: [Serusers] Password
> > > 
> > > > At 02:11 AM 2/10/2004, kapil dhawan wrote:
> > > > >thats absolutely fine i know md5 is used....i can also compare coming 
> > > password in requested with my md5 converted password but i am stuck with 
> how 
> > > and where to read pasword information coming in a request
> > > > 
> > > > The authentication module does it for you. It takes the MD5-hashed value
> > > > from request (example bellow) and compares it against expected value 
> based 
> > > > on credentials stored in subscriber table. The table may be located in 
> > > mysql, 
> > > > dbtext or whereever.
> > > > 
> > > > -jiri
> > > > 
> > > > example: 
> > > > Authorization: DIGEST username="17479383213", 
> realm="proxy01.foobar.com", 
> > > algorithm=MD5, uri="sip:proxy01.foobar.com", 
> > > nonce="4028321e2577ba09167c3c5702bc2105d560dbaa", 
> > > response="6e71e5747df3198d24d00fb2a8733392"
> > > > 
> > > > >>From: Jiri Kuthan <jiri at iptel.org>
> > > > >>To: "kapil dhawan" <oswriter at hotmail.com>, serusers at lists.iptel.org
> > > > >>Subject: Re: [Serusers] Password
> > > > >>Date: Mon, 09 Feb 2004 08:27:26 +0100
> > > > >>
> > > > >>At 05:04 AM 2/9/2004, kapil dhawan wrote:
> > > > >>>Hi
> > > > >>>How can i retrieve password coming in 'REGISTER' Request.
> > > > >>
> > > > >>There is fortunately no easy way to do it. SIP used MD5 digest
> > > > >>function which would be quite hard to reverse for you.
> > > > >>
> > > > >>>problem is i don't want to do mysql authentication as i have less 
> > > space...
> > > > >>
> > > > >>use dbtext module.
> > > > >>
> > > > >>-jiri
> > > > >
> > > > >_________________________________________________________________
> > > > >Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?
> ptnr=hmltag 
> > > Only on www.shaadi.com. Register now!
> > > > 
> > > > --
> > > > Jiri Kuthan            http://iptel.org/~jiri/
> > > > 
> > > > _______________________________________________
> > > > Serusers mailing list
> > > > serusers at lists.iptel.org
> > > > http://lists.iptel.org/mailman/listinfo/serusers
> > > ------- End of Original Message -------
> > > 
> > > 
> > > .
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > Disclaimer
> > > --------------------------------------------------------------------------
> > > This email and any files transmitted with it are confidential
> > > and intended solely for the use of the individual or entity 
> > > to whom they are addressed. If you have received this email 
> > > in error please notify the system manager. Recipients must 
> > > check this email and any attachments for the presence of 
> > > viruses before downloading them. Direct Internet / 
> > > Primus India accepts no liability for any damage caused by
> > > any virus transmitted by this email.
> > > 
> > > 
> > > _______________________________________________
> > > Serusers mailing list
> > > serusers at lists.iptel.org
> > > http://lists.iptel.org/mailman/listinfo/serusers
> ------- End of Original Message -------
> 
> 
> .
> 
> 
> 
> 
> 
> 
> 
> Disclaimer
> --------------------------------------------------------------------------
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity 
> to whom they are addressed. If you have received this email 
> in error please notify the system manager. Recipients must 
> check this email and any attachments for the presence of 
> viruses before downloading them. Direct Internet / 
> Primus India accepts no liability for any damage caused by
> any virus transmitted by this email.
> 
>

More information about the sr-users mailing list