[SR-Users] UAC ha1 password

Henning Westerholt hw at skalatan.de
Wed Aug 28 20:54:56 CEST 2019 

Hello Alexandru,

you are right, right now the ha1 value in the database is not used from the uac registration functionality. This could be added similar to the functionality in auth_db, I think. If you need some pointers for an extension of the code, let us know on sr-dev list.

I don't think it will work correctly if you just use the uac registration functionality and then interact with a failure_route on the auth error.

About your security concerns, you are right that of course plain text passwords are not good. The MD5 hash that is used in the ha1 will not provide much protection as of today, as you probably know as well.

Cheers,

Henning

Am 28.08.19 um 16:54 schrieb Alexandru Covalschi:
Can I fire REGISTER's w/o authentication but then process 401/407 in a failure route and somehow tell UAC module which ha1 to use? Keeping all the timers functionality and uac_reg_lookup feature? Or at least if I process 401/407 in a failure_route and manually create the Auth header, will UAC module still be able to keep track of the registrations?
Anyway, an in-memory registration table is preferred as I'm using an API which will push all trunks inside Kamailio... Using a database is the worst scenario in my case.
________________________________
Regards,
Alexandru Covalschi
VoIP Engineer and System Administrator
tel: +37367367850

28 авг. 2019 г., в 16:15, Alexandru Covalschi <568691 at gmail.com<mailto:568691 at gmail.com>> написал(а):

Hello,
I'm trying to make Kamailio to SIP register on a remote server. However storing plaintext password looks very unsecure.
Is there a possibility to store password for uac module using ha1 hash instead of the plaintext password? I see there's a row for it in the database, but in the source code it's not used and it seems i can't neither use it in db neither set up in-memory as avp.
Maybe there's a workaround to directly access the in-memory uac registration htable?

________________________________
Regards,
Alexandru Covalschi
VoIP Engineer and System Administrator
tel: +37367367850





_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users


--
Henning Westerholt - https://skalatan.de/blog/
Kamailio services - https://skalatan.de/services
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20190828/54df5887/attachment.html>

More information about the sr-users mailing list