[SR-Users] Kamailio authentication method

Daniel-Constantin Mierla miconda at gmail.com
Wed May 6 16:43:43 CEST 2015 

Hello,

to understand properly, do you need to have:

HA1=SHA(username:realm:password)
HA2=SHA(method:digestURI)
response=SHA(HA1:nonce:HA2)

Perhaps it can be done with config file scripting, if you are familiar
with transformations and header manipulation. But I think it will be
simpler to extend auth module to support different hashing algorithm.

The code for computing shaX is already in kamailio (used for shaX
transformations), so the change in auth should be about advertising and
detecting when the new algorithm has to be used.

Cheers,
Daniel


On 06/05/15 16:28, Mathys Frédéric wrote:
>
> Hello,
>
>  
>
> In my scenario with a Kamailio server, I have a VOIP client connecting
> to the server which, for some reasons, cannot calculate MD5 hashes but
> only SHA. In this situation, would it be possible to change the
> authentication algorithm by either modifying Kamailio scripts or
> writing an external module to do that?
>
>  
>
> As far as I know, the authentication response is calculated as follow
> (standard HTTP Digest authentication) :
>
> HA1=MD5(username:realm:password)
>
> HA2=MD5(method:digestURI)
>
> response=MD5(HA1:nonce:HA2)
>
>  
>
> For that, I have to save ha1 and ha1b values in the DB with the SHA
> function directly (with a trigger for example), and then change the
> authentication method too.
>
> What is the best solution to do that? Does a module already exists?
>
>  
>
> Thank you!
>
>  
>
> Frederic Mathys
>
> System Integration & Validation
>
>  
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - http://www.kamailioworld.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150506/db198239/attachment.html>

More information about the sr-users mailing list