Hi, we've written a small set of php scripts and web pages to give users the possibility of changing their SIP-Passwords in addition with the usage of MD5-Hashes as secret. The md5secrets are stored in a MySQL-database to avoid trouble if several users update their passwords the same time. We've alse written a small perl script which checks for changes between database and sip.conf and - if neccessary - it updates the sip.conf and reloads asterisk.
The idea with the md5 hashes was just to prevent the admin of the asterisk-server seeing the user's secrets in plain-text. And as the MD5-hashes are needed for SIP anyway we just did this patch. I've posted it already this evening on -dev and put it in the bugtracker: http://bugs.digium.com/bug_view_page.php?bug_id=0000288 Cheers, Rainer -- http://graphics.cs.uni-sb.de/VoIP/
pgp00000.pgp
Description: PGP signature
