then which field contains the encrypted password
Regards
Dhawan K
---------- Original Message ----------- From: Jan Janak jan@iptel.org To: Kapil Dhawan kdhawan@primus-direct.com Cc: Jiri Kuthan jiri@iptel.org, "serusers@lists.iptel.org " serusers@lists.iptel.org Sent: Wed, 11 Feb 2004 20:10:45 +0100 Subject: Re: [Serusers] Password
No, nonce is a string generated by server.
Jan.
On 10-02 08:32, Kapil Dhawan wrote:
one thing i like to ask is is nonce field used as encrypted password...
Regards
Dhawan K
---------- Original Message ----------- From: Jiri Kuthan jiri@iptel.org To: "kapil dhawan" oswriter@hotmail.com Cc: serusers@lists.iptel.org Sent: Tue, 10 Feb 2004 02:18:36 +0100 Subject: Re: [Serusers] Password
At 02:11 AM 2/10/2004, kapil dhawan wrote:
thats absolutely fine i know md5 is used....i can also compare coming
password in requested with my md5 converted password but i am stuck with
how
and where to read pasword information coming in a request
The authentication module does it for you. It takes the MD5-hashed value from request (example bellow) and compares it against expected value
based
on credentials stored in subscriber table. The table may be located in
mysql,
dbtext or whereever.
-jiri
example: Authorization: DIGEST username="17479383213",
realm="proxy01.foobar.com",
algorithm=MD5, uri="sip:proxy01.foobar.com", nonce="4028321e2577ba09167c3c5702bc2105d560dbaa", response="6e71e5747df3198d24d00fb2a8733392"
From: Jiri Kuthan jiri@iptel.org To: "kapil dhawan" oswriter@hotmail.com, serusers@lists.iptel.org Subject: Re: [Serusers] Password Date: Mon, 09 Feb 2004 08:27:26 +0100
At 05:04 AM 2/9/2004, kapil dhawan wrote:
Hi How can i retrieve password coming in 'REGISTER' Request.
There is fortunately no easy way to do it. SIP used MD5 digest function which would be quite hard to reverse for you.
problem is i don't want to do mysql authentication as i have less
space...
use dbtext module.
-jiri
Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?
ptnr=hmltag
Only on www.shaadi.com. Register now!
-- Jiri Kuthan http://iptel.org/~jiri/
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
------- End of Original Message -------
.
Disclaimer
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Recipients must check this email and any attachments for the presence of viruses before downloading them. Direct Internet / Primus India accepts no liability for any damage caused by any virus transmitted by this email.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
------- End of Original Message -------
.
Disclaimer -------------------------------------------------------------------------- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Recipients must check this email and any attachments for the presence of viruses before downloading them. Direct Internet / Primus India accepts no liability for any damage caused by any virus transmitted by this email.