[Users] Authentication and Password encryption using dbtext

Wed Mar 15 17:38:03 CET 2006

Hi Istvan,

Just last night I loaded dd-wrt (v23) on a WRT54G.  It loaded SER, not 
OpenSER which was pretty slick but I would rather have OpenSER on it :)

Can you send me the package you created, or instructions on creating a 
package myself ?  Once OpenSER is loaded on the WRT54G, I'll try to give 
you a hand in resolving this problem.

I've been to the milkfish site in the past but didn't have the time to 
dig into it.  I think that a linux (not FreeBSD) development environment 
is required.  If this is the case, it will take me a little while to get 
up to speed as linux isn't for anything over here (which means that we 
would have to re-task an existing machine or build up a new one).

Regards,
Norm
norm at goes dot com

Istvan Hubay Cebrian wrote:
> Hi,
>
> I am currently deploying OpenSER v1.0 on a Linksys WRT54GS router (
> www.milkfish.org ). 
>
> I have read through all available documentation concerning authentication
> and dbtext and I have configured OpenSER such that an MD5 hash string is
> stored in the subscribers file. 
>
> However (and this may-be specific to milkfish) the password was also always
> being stored as text. After editing and removing the parameter that stored
> the password as text in 'dbtextctl' authentication no longer works. This
> IMHO is because the UA is sending the password as text which is then being
> compared to the MD5 hash string, this test obviously fails.
>
> One solution would be to receive the password as text, then construct the
> MD5 hash string then compare, however I don't know how to do this.
>
> I have looked through openser.cfg but I can't seem to make heads or tails of
> (particularly the www_authorize and challenge part):
>
> if (method=="REGISTER") 
>         {                             
>                 if (uri==myself)
>                 {
>                         #wants to register only at router, no external SIP
> provider  
>                         #log(1, "internal REGISTER\n");
>                         #make entry at local registrar
>         		if (!www_authorize("", "subscriber")) {
> 	            		www_challenge("", "0");
> 			        exit;
> 		        };           
>                         save("location");
>                 }
>                 else    
>                 {       
>                         #wants to register at external SIP provider 
>                         #log(1, "external REGISTER\n");
>                         #check if user is already registered at internal
> registrar 
>                         if (!lookup("location"))
>                         {
>                                 #if not do a drive-by registration
>                                 #for registration at internal registrar
>                                 #without a reply 
>                                 save_noreply("location");       
>                         };
>                         #Fixing of private address in contact hf
>                         fix_nated_contact("217.189.167.187"); 
>                         route(1);
>                 };
>                 return;
>                              
>         };   
>
> If anyone could explain what is happening above, or how I could accomplish
> what I need (in which username, password and realm are received and an MD5
> hash string is constructed) I would be much appreciated.
>
> Regards,
> Istvan
>
>
>   