[SR-Users] Kamailio/Asterisk combination + hashed passwords?
Stoyan Mihaylov
stoyan.v.mihaylov at gmail.com
Thu Jun 6 14:11:59 CEST 2013
I use Kamailio for register and Asterisk servers for processing call.
Asterisk accept all calls from Kamailio and dont know nothing about users
and their passwords.
I think this is simplest way for integration and using best from both
applications.
On Thu, Jun 6, 2013 at 12:05 PM, Daniel Pocock <daniel at pocock.com.au> wrote:
>
> I was just looking over:
>
> http://kb.asipto.com/asterisk:realtime:kamailio-3.3.x-asterisk-10.7.0-astdb
>
> A couple of things I noticed:
>
> - Kamailio is using a column sippasswd which is not hashed. Asterisk
> doesn't use that column at all. Is there any reason this can't be done
> with the H(A1) and H(A1b) columns? The INSERT example shows a
> non-encrypted password.
>
> - Is it all considered valid for Kamailio 4 and Asterisk 11? (maybe a
> disclaimer could be added at the top)
>
> - The Asterisk columns `md5secret' and `secret' are left empty so that
> Asterisk won't challenge. I believe there are other ways of doing this:
> for example, telling Kamailio to be the registrar and forcing Asterisk
> to use outbound proxy mode. I managed to make this work against repro -
> Asterisk no longer receives any REGISTER messages, but all INVITEs go
> through Asterisk, so the double-challenge problem only arises for
> INVITEs. Maybe Asterisk can be told that Kamailio's source IP:port is
> `trusted' and doesn't need to be challenged - is anybody aware of such
> an option in Asterisk?
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130606/76fee17f/attachment.html>
More information about the sr-users
mailing list