08-31-2012, 09:13 PM
It looks like SIP has at least two places that use MD5 digest:
One of which is in the password storage on disk on the SIP server - that's the MD5(username:domain:password).
The other place is during the in-flight network operations, and that, I think, is what quentusrex was referring to, since he was mentioning the nonce/salt and two md5 operations.
SIP password storage from one vendor, under a1-hash
http://wiki.freeswitch.org/wiki/XML_User...tory_Guide
of which the most relevant part is:
openssl dgst -md5 < filename, or echo -n "username:domain:password" | openssl dgst -md5.
Additional guidance on the in-flight MD5 use may be found at:
http://www.sipsorcery.com/mainsite/Help/...rdSecurity
I don't have FreeSwitch running, but when I have a test install, I'll generate some test samples.
One of which is in the password storage on disk on the SIP server - that's the MD5(username:domain:password).
The other place is during the in-flight network operations, and that, I think, is what quentusrex was referring to, since he was mentioning the nonce/salt and two md5 operations.
SIP password storage from one vendor, under a1-hash
http://wiki.freeswitch.org/wiki/XML_User...tory_Guide
of which the most relevant part is:
openssl dgst -md5 < filename, or echo -n "username:domain:password" | openssl dgst -md5.
Additional guidance on the in-flight MD5 use may be found at:
http://www.sipsorcery.com/mainsite/Help/...rdSecurity
I don't have FreeSwitch running, but when I have a test install, I'll generate some test samples.