[SR-Users] Meddling with password during authentication
Olli Heiskanen
ohjelmistoarkkitehti at gmail.com
Fri Dec 26 19:33:43 CET 2014
Hello all,
During authentication, is there any way to affect the password user is
sending? I do suspect not as it is a clear security matter, but won't hurt
to ask. I use auth_db module with calculate_ha1 parameter set to 1. For
reasons in integrating Kamailio into my system architecture there is a need
to store a password in some other format than for example
md5('555:domain.com:password)') while not allowing any passwords to be
stored as plaintext.
For example: md5('555:domain.com:md5('password')') but this would require
me to hash the password before authentication, in Kamailio script as I
can't do it in the clients.
Reason for this question is to have my users in a separate database, and
these users could have 0-n sip peers assigned to them, and have users
authenticate to my software and the sip peers using the same password.
cheers,
Olli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20141226/29f05cb1/attachment.html>
More information about the sr-users
mailing list