[OpenSER-Users] Authentication problem in openSER (Henning Westerholt)

Ahmed Huraimel huraimel at gmail.com
Fri May 23 12:54:20 CEST 2008


hello Henning,

i would like to thank you very much. you save alot of work because i decided
to change my database from LDAP to MySQL. just to make it clear to anyone
who may face this problem.

the solution to keep you passwords hashed in the LDAP server is to save it
as HA1 = MD5(username:realm:password). after you build the HA1 save as clear
in the LDAP server (i am using openLADP). if you save it as MD5 you will
retrieve it as {MD5} blablabla which may cause a problem. so hash it then
save it as clear.

thanks for every one helps me in this issue

regards,
Ahmed Huraimel ALALI

On Fri, May 23, 2008 at 12:00 PM, <users-request at lists.openser.org> wrote:

> Send Users mailing list submissions to
>        users at lists.openser.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>        http://lists.openser.org/cgi-bin/mailman/listinfo/users
> or, via email, send a message with subject or body 'help' to
>        users-request at lists.openser.org
>
> You can reach the person managing the list at
>        users-owner at lists.openser.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Users digest..."
>
>
> Today's Topics:
>
>   1. Re: [OT] NGREP showing \r and \n symbols (Andreas Heise)
>   2. Re: [OT] NGREP showing \r and \n symbols (I?aki Baz Castillo)
>   3. Re: Problem with audio when either or both UAs are        not behind
>      NAT (I?aki Baz Castillo)
>   4. Re: Authentication problem in openSER (Henning Westerholt)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 22 May 2008 23:55:56 +0200
> From: Andreas Heise <aheise at gmx.de>
> Subject: Re: [OpenSER-Users] [OT] NGREP showing \r and \n symbols
> To: Ovidiu Sas <osas at voipembedded.com>
> Cc: users at lists.openser.org
> Message-ID: <4835EBEC.7070800 at gmx.de>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi I?aki,
>
> I had the same issue with a Nortel CS1k switch, the easiest way to check
> this
> problem is to use the Wireshark feature "Display raw text for SIP message"
> which can be enabled under preferences / protocols / SIP
>
> regards,
> Andreas
>
>
> Ovidiu Sas schrieb:
> > Hello Inaki,
> >
> > Perform a raw capture using tcpdump and open the file with wireshark.
> > Check the lower window in wireshark where you have the message
> > displayed in hex format.
> > There you will be able to spot '\n' and '\r'.  To find the hex codes,
> > perform a 'man ascii' on your linux box.
> >
> >
> > Regards,
> > Ovidiu Sas
> >
> > On Tue, May 20, 2008 at 10:53 AM, I?aki Baz Castillo <ibc at in.ilimit.es>
> wrote:
> >
> >> El Tuesday 20 May 2008 16:37:03 Bogdan-Andrei Iancu escribi?:
> >>
> >>> Hi I?aki,
> >>>
> >>> have you tried the "-W byline" ? - it will format you the lines.
> >>>
> >> Hi Bogdan. Yes, in fact I use this option "-W byline", but this option
> just
> >> splits the trace into lines (macthing "\n"). This is not enough for me
> since
> >> \r is not showed.
> >>
> >> I need it since I send and receive traffic from a carrier using a
> painful
> >> Nortel CS2K softswitch that separes SDP lines with \r instead of the
> >> mandatory \r\n adn they are applying dirty and not working patches
> during
> >> production state so I need a way to monitorize it.
> >>
> >> Thanks a lot.
> >>
> >>
> >>
> >> --
> >> I?aki Baz Castillo
> >> ibc at in.ilimit.es
> >>
> >> _______________________________________________
> >> Users mailing list
> >> Users at lists.openser.org
> >> http://lists.openser.org/cgi-bin/mailman/listinfo/users
> >>
> >>
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.openser.org
> > http://lists.openser.org/cgi-bin/mailman/listinfo/users
> >
> >
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 23 May 2008 09:31:31 +0200
> From: I?aki Baz Castillo <ibc at in.ilimit.es>
> Subject: Re: [OpenSER-Users] [OT] NGREP showing \r and \n symbols
> To: users at lists.openser.org
> Message-ID: <200805230931.31959.ibc at in.ilimit.es>
> Content-Type: text/plain;       charset="iso-8859-1"
>
> El Thursday 22 May 2008 23:55:56 Andreas Heise escribi?:
> > Hi I?aki,
> >
> > I had the same issue with a Nortel CS1k switch
>
> It's nice to know that I'm not theonly sending/receiving traffic from a
> Nortel
> CS[12]K. ;)
>
> --
> I?aki Baz Castillo
> ibc at in.ilimit.es
>
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 23 May 2008 09:32:21 +0200
> From: I?aki Baz Castillo <ibc at in.ilimit.es>
> Subject: Re: [OpenSER-Users] Problem with audio when either or both
>        UAs are not behind NAT
> To: users at lists.openser.org
> Message-ID: <200805230932.21444.ibc at in.ilimit.es>
> Content-Type: text/plain;       charset="ISO-8859-1"
>
> El Thursday 22 May 2008 18:54:53 Krunal Patel escribi?:
> > Hi,
> >
> > I have registered an UA 12345 , which is public.
> > In location table, I found NULL value for received.
> > I dial any UA , irrespective to their NAT status.
> > Call has been established but can't get audio both side.
> > It does not use mediaproxy for audio signaling.
> >
> > How to resolve this problem?
>
> Do a full sip flow capture and analyze trhe address and port of media in
> SDP
> of INVITE and 200 OK.
>
>
> --
> I?aki Baz Castillo
> ibc at in.ilimit.es
>
>
>
> ------------------------------
>
> Message: 4
> Date: Fri, 23 May 2008 10:57:56 +0200
> From: Henning Westerholt <henning.westerholt at 1und1.de>
> Subject: Re: [OpenSER-Users] Authentication problem in openSER
> To: users at lists.openser.org
> Cc: Ahmed Huraimel <huraimel at gmail.com>
> Message-ID: <200805231057.56974.henning.westerholt at 1und1.de>
> Content-Type: text/plain;  charset="utf-8"
>
> On Thursday 22 May 2008, Ahmed Huraimel wrote:
> > i am investigating the authentication on openSER. I search for a proper
> > explanations but unfortunately i did not find how it is exactly done so i
> > did some experiments. i assumed that the response is generated as the
> > following: note that i set the username and password with the same string
> > "alali"
> >
> > Response = MD5( username + MD5(password) + realm +  nonce)
> > [..]
> > could anyone tell me how exactly the authentication is done in openSER?
> is
> > the response generated is like the one i assumed? what + means in the
> > response? does is mean concatenation or exoring?
>
> Hi Ahmed,
>
> the authentification in OpenSER/ SIP is based on HTTP auth. You find a
> detailed explanation for the construction of the response for example at:
> http://en.wikipedia.org/wiki/Digest_access_authentication , some further
> informations at: http://www.voip-info.org/wiki/view/SIP+Authentication
>
> For the exact logic inside OpenSER just take a look at the auth module
> source
> code, it should be not that hard to understand. ;-)
>
> Cheers,
>
> Henning
>
>
>
> ------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.openser.org
> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>
>
> End of Users Digest, Vol 36, Issue 48
> *************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20080523/d07f891a/attachment.htm 


More information about the Users mailing list