asterisk users - Jun 2005 - chan_sip + MD5 encryption: WARNING Format for authentication entry is user[:secret]@realm

Hi all!

So far I've always used plaintext passwords for SIP, but now I've
decided
to use MD5 encryption.

For each client I edited its section as follows, then:

auth=md5
md5secret=hashed_passwd
;secret=plaintext_passwd

where hashed_passwd is the output of

echo -n "user:realm:plaintext_passwd" | md5sum


When the first SIP clients registers with Asterisk after a "sip
reload" the
following warning is logged:

Jun  4 12:47:12 WARNING[11389]: chan_sip.c:9601 add_realm_authentication:
Format for authentication entry is user[:secret]@realm at line 0

First of all, let me say that the client correctly registers. However, I
know that something changed in chan_sip (
http://voip-info.org/wiki-Asterisk+SIP+chan_sip2
), so I think I should consider how to eliminate that warning. Do you have
any idea about, please?

Since I use Realtime+rtcachefriends, below there's the table structure and
data.

TIA,

Alex


CREATE TABLE `sip_buddies` (
  `id` int(11) NOT NULL auto_increment,
  `name` varchar(80) NOT NULL default '',
  `accountcode` varchar(20) default NULL,
  `amaflags` varchar(7) default NULL,
  `auth` char(3) default NULL,
  `authuser` varchar(80) default NULL,
  `callgroup` varchar(10) default NULL,
  `callerid` varchar(80) default NULL,
  `canreinvite` char(3) default 'yes',
  `context` varchar(80) default NULL,
  `defaultip` varchar(15) default NULL,
  `dtmfmode` varchar(7) default NULL,
  `fromuser` varchar(80) default NULL,
  `fromdomain` varchar(80) default NULL,
  `host` varchar(31) NOT NULL default '',
  `insecure` varchar(4) default NULL,
  `language` char(2) default NULL,
  `mailbox` varchar(50) default NULL,
  `md5secret` varchar(80) default NULL,
  `nat` varchar(5) NOT NULL default 'no',
  `permit` varchar(95) default NULL,
  `deny` varchar(95) default NULL,
  `mask` varchar(95) default NULL,
  `pickupgroup` varchar(10) default NULL,
  `port` varchar(5) NOT NULL default '',
  `qualify` char(3) default NULL,
  `restrictcid` char(1) default NULL,
  `rtptimeout` char(3) default NULL,
  `rtpholdtimeout` char(3) default NULL,
  `secret` varchar(80) default NULL,
  `type` varchar(6) NOT NULL default 'friend',
  `username` varchar(80) NOT NULL default '',
  `disallow` varchar(100) default 'all',
  `allow` varchar(100) default 'g729;ilbc;gsm;ulaw;alaw',
  `musiconhold` varchar(100) default NULL,
  `regseconds` int(11) NOT NULL default '0',
  `ipaddr` varchar(15) NOT NULL default '',
  `regexten` varchar(80) NOT NULL default '',
  `cancallforward` char(3) default 'yes',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `name` (`name`),
  KEY `name_2` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC;


INSERT INTO `sip_buddies` VALUES (1, '304', NULL, NULL, 'md5',
'304', '1',
'Alessandro <304>', 'no', 'sip-in', NULL,
'rfc2833', NULL, NULL, 'dynamic',
NULL, NULL, NULL, 'fd56e4ddc29bd8c1f85ac4a12f4f3ece', 'yes',
NULL, NULL,
NULL, '1', '', 'yes', NULL, NULL, NULL, NULL,
'friend', '304', 'all', 'ilbc;gsm;alaw;ulaw',
NULL, 0, '', '', 'yes');

__________________________________________________________________
TISCALI ADSL 1.25 MEGA a soli 19.95 euro/mese
Solo con Tiscali Adsl navighi senza limiti di tempo
a meno di 20 euro al mese e in piu' telefoni senza
pagare il canone Telecom. Scopri come
http://abbonati.tiscali.it/adsl/sa/1e25flat_tc/

kleis-asterisk-dev@tiscali.it wrote:
> Hi all!
> 
> So far I've always used plaintext passwords for SIP, but now I've
decided
> to use MD5 encryption.
> 
> For each client I edited its section as follows, then:
> 
> auth=md5
> md5secret=hashed_passwd
> ;secret=plaintext_passwd
> 
> where hashed_passwd is the output of
> 
> echo -n "user:realm:plaintext_passwd" | md5sum
> 
> 
> When the first SIP clients registers with Asterisk after a "sip
reload" the
> following warning is logged:
> 
> Jun  4 12:47:12 WARNING[11389]: chan_sip.c:9601 add_realm_authentication:
> Format for authentication entry is user[:secret]@realm at line 0
> 
> First of all, let me say that the client correctly registers. However, I
> know that something changed in chan_sip (
http://voip-info.org/wiki-Asterisk+SIP+chan_sip2
> ), so I think I should consider how to eliminate that warning. Do you have
> any idea about, please?
> 
Plaintext passwords is *not* used in SIP at all, so auth= is used for
realm based authentication. Please check the sip.conf.sample in CVS head
distribution and remove the auth= option.

/Olle

>-- Messaggio Originale --
>Date: Sat, 4 Jun 2005 14:31:07 +0200
>From: kleis-asterisk-dev@tiscali.it
>To: asterisk-users@lists.digium.com
>Subject: [Asterisk-Users] chan_sip + MD5 encryption: WARNING Format for
>	authentication entry is user[:secret]@realm
>Reply-To: Asterisk Users Mailing List - Non-Commercial Discussion
<asterisk-users@lists.digium.com>
>
>
>Hi all!
>
>So far I've always used plaintext passwords for SIP, but now I've
decided
>to use MD5 encryption.
>
>For each client I edited its section as follows, then:
>
>auth=md5
>md5secret=hashed_passwd
>;secret=plaintext_passwd
>
>where hashed_passwd is the output of
>
>echo -n "user:realm:plaintext_passwd" | md5sum
>
>
>When the first SIP clients registers with Asterisk after a "sip
reload"
the
>following warning is logged:
>
>Jun  4 12:47:12 WARNING[11389]: chan_sip.c:9601 add_realm_authentication:
>Format for authentication entry is user[:secret]@realm at line 0
>

I found that removing auth=md5 solves this problem.

I looked into chan_sip.c and it seems that "auth" doesn't matter:
it is a
"struct" (a stucture) and it would be created starting from username,
md5secret/secret
and realm, isn't it? If not, I think it should be reported to developers
as a bug.

Cheers!

Alex

__________________________________________________________________
TISCALI ADSL 1.25 MEGA a soli 19.95 euro/mese
Solo con Tiscali Adsl navighi senza limiti di tempo
a meno di 20 euro al mese e in piu' telefoni senza
pagare il canone Telecom. Scopri come
http://abbonati.tiscali.it/adsl/sa/1e25flat_tc/