[Freeswitch-users] how to force sofia to use digest auth first?

Avi Marcus avi at avimarcus.net
Sun Jul 29 21:39:31 MSD 2012


It's not what you think...
part of the 401 unauthorized attempt is that it sends back a nonce key that
you use to encrypt your password. That way, SIP has built-in protection
against replay attacks even over unencrypted connections.
(If someone is watching though, they can try to brute force your passwords
based on the nonce key...)

-Avi



On Sun, Jul 29, 2012 at 8:05 PM, Mi Ke <mi.ke at null.net> wrote:

> Hi All,
>
> I use the following bridge params to originate call:
>
>
> {sip_auth_username=xxx,sip_auth_password=yyy,effective_caller_id_name=xxx,effective_caller_id_number=xxx}sofia/external/
> 1111 at 1.1.1.1
>
> Since my remote carrier supports only digest authentication, it replies
> with 401 (Unauthorized) for my first INVITE, and then FS falls back to
> digest auth and my calls goes OK.
>
> Is it possible to change auth type priority for sip profile/globally so
> digest auth will be used first or disable plain auth completely ?
>
> WBR / Mike
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120729/5174e05e/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list