[asterisk-dev] AstriDevCon Follow Up - Asterisk and Kamailio - smoother integration
Olle E. Johansson
oej at edvina.net
Wed Mar 11 15:31:28 CDT 2015
>>
>> So far most of authorization between Kamailio and Asterisk relies on IP
>> addresses, but those need to be provisioned one by one in both sides. The
>> new module is practically adding a custom header with a hash over parts of
>> the message or other environment attributes (eg., IP address) and a shared
>> secret. The www-digest with username and password has the overhead of an
>> extra round of signaling messages, but also the constraint on CSeq increment
>> after the challenge. Also, the MD5 is rather week hashing these days.
>>
Why can't this be done in the dialplan?. This is exactly why I implemented the MD5
dialplan stuff in Asterisk years ago. We need something else than MD5 today,
but still - both Asterisk and Kamailio can handle it without modules or extra coding...
The IETF is working on OAUTH authentication for SIP - which is the solution
we really want to look into - not copy weak auth from the API world... :-)
/O
More information about the asterisk-dev
mailing list