[Freeswitch-users] Is there a mod_xml_curl password hashing scheme that doesn't include the domain?
Michael Jerris
mike at jerris.com
Tue Jun 25 07:35:27 MSD 2013
There is no way to do that because of how sip challenge auth works.
On Jun 24, 2013, at 11:27 PM, Matthew Cordes <cordes.matthew at gmail.com> wrote:
> Hi,
>
> I'm interested in using mod_xml_curl's 'a1-hash' hashing to avoid storing plain text passwords. Unfortunately I'm finding building that hash cumbersome because it includes the domain. I don't see anything in the documentation, but is there an option to to provide a md5 hash of just the password when doing a directory lookup via mod_xml_curl? Or perhaps some way to tell freeswitch to ignore the domain (or use some other value) when generating the hash?
>
> -Matt
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list