12 Feb
2004
12 Feb
'04
9:16 a.m.
then which field contains the encrypted password
Regards
Dhawan K
---------- Original Message -----------
From: Jan Janak <jan(a)iptel.org>
To: Kapil Dhawan <kdhawan(a)primus-direct.com>
Cc: Jiri Kuthan <jiri(a)iptel.org>rg>, "serusers(a)lists.iptel.org "
<serusers(a)lists.iptel.org>
Sent: Wed, 11 Feb 2004 20:10:45 +0100
Subject: Re: [Serusers] Password
No, nonce is a string generated by server.
Jan.
On 10-02 08:32, Kapil Dhawan wrote:
> one thing i like to ask is is nonce field used as encrypted password...
>
> Regards
>
> Dhawan K
>
> ---------- Original Message -----------
> From: Jiri Kuthan <jiri(a)iptel.org>
> To: "kapil dhawan" <oswriter(a)hotmail.com>
> Cc: serusers(a)lists.iptel.org
> Sent: Tue, 10 Feb 2004 02:18:36 +0100
> Subject: Re: [Serusers] Password
>
> > At 02:11 AM 2/10/2004, kapil dhawan wrote:
> > >thats absolutely fine i know md5 is used....i can also compare coming
> password in requested with my md5 converted password but i am stuck with
how
> and where to read pasword information coming in a
request
> >
> > The authentication module does it for you. It takes the MD5-hashed value
> > from request (example bellow) and compares it against expected value
based
> > on credentials stored in subscriber table.
The table may be located in
> mysql,
> > dbtext or whereever.
> >
> > -jiri
> >
> > example:
> > Authorization: DIGEST username="17479383213",
realm="proxy01.foobar.com",
> algorithm=MD5,
uri="sip:proxy01.foobar.com",
> nonce="4028321e2577ba09167c3c5702bc2105d560dbaa",
> response="6e71e5747df3198d24d00fb2a8733392"
> >
> > >>From: Jiri Kuthan <jiri(a)iptel.org>
> > >>To: "kapil dhawan" <oswriter(a)hotmail.com>om>,
serusers(a)lists.iptel.org
> > >>Subject: Re: [Serusers] Password
> > >>Date: Mon, 09 Feb 2004 08:27:26 +0100
> > >>
> > >>At 05:04 AM 2/9/2004, kapil dhawan wrote:
> > >>>Hi
> > >>>How can i retrieve password coming in 'REGISTER' Request.
> > >>
> > >>There is fortunately no easy way to do it. SIP used MD5 digest
> > >>function which would be quite hard to reverse for you.
> > >>
> > >>>problem is i don't want to do mysql authentication as i have
less
> space...
> > >>
> > >>use dbtext module.
> > >>
> > >>-jiri
> > >
> > >_________________________________________________________________
> > >Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?
ptnr=hmltag
> Only on www.shaadi.com. Register now!
> >
> > --
> > Jiri Kuthan http://iptel.org/~jiri/
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> ------- End of Original Message -------
>
>
> .
>
>
>
>
>
>
>
> Disclaimer
> --------------------------------------------------------------------------
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity
> to whom they are addressed. If you have received this email
> in error please notify the system manager. Recipients must
> check this email and any attachments for the presence of
> viruses before downloading them. Direct Internet /
> Primus India accepts no liability for any damage caused by
> any virus transmitted by this email.
>
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
------- End of Original
Message -------
.
Disclaimer
--------------------------------------------------------------------------
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity
to whom they are addressed. If you have received this email
in error please notify the system manager. Recipients must
check this email and any attachments for the presence of
viruses before downloading them. Direct Internet /
Primus India accepts no liability for any damage caused by
any virus transmitted by this email.