[SR-Users] Kamailio/Asterisk combination + hashed passwords?
Daniel Pocock
daniel at pocock.com.au
Thu Jun 6 11:05:40 CEST 2013
I was just looking over:
http://kb.asipto.com/asterisk:realtime:kamailio-3.3.x-asterisk-10.7.0-astdb
A couple of things I noticed:
- Kamailio is using a column sippasswd which is not hashed. Asterisk
doesn't use that column at all. Is there any reason this can't be done
with the H(A1) and H(A1b) columns? The INSERT example shows a
non-encrypted password.
- Is it all considered valid for Kamailio 4 and Asterisk 11? (maybe a
disclaimer could be added at the top)
- The Asterisk columns `md5secret' and `secret' are left empty so that
Asterisk won't challenge. I believe there are other ways of doing this:
for example, telling Kamailio to be the registrar and forcing Asterisk
to use outbound proxy mode. I managed to make this work against repro -
Asterisk no longer receives any REGISTER messages, but all INVITEs go
through Asterisk, so the double-challenge problem only arises for
INVITEs. Maybe Asterisk can be told that Kamailio's source IP:port is
`trusted' and doesn't need to be challenged - is anybody aware of such
an option in Asterisk?
More information about the sr-users
mailing list