[asterisk-gui] Question regarding Challenge/Response mechanism
over rawman
Jared Smith
jaredsmith at jaredsmith.net
Fri May 11 13:09:41 MST 2007
On 5/11/07, Pari Nannapaneni <pari at digium.com> wrote:
> the challenge/token/md5 stuff does work fine over http, but you need to make sure you use
> the same mansession_id you got along with the token, while making the login request.
Thanks Pari. There were a couple of items that were causing me grief
-- I'll document them here so that others can learn from my mistakes.
The first problem was a buglet in mananger.c that was causing the
wrong error message to be displayed. Russell Bryant fixed that today.
(Thanks Russell!)
The second problem was that rawman only gives you 5 seconds between
the time you issue the Challenge action and the time you respond with
the Login action using the calculated key. In my tests, I was
obviously waiting too long between the actions. In the future, this
should probably be documented somewhere (besides the documentation I'm
adding to my book), or even exposed as a setting in manager.conf.
-Jared
More information about the asterisk-gui
mailing list