Hi, yes, you should be concerned about it, thats why I put it on the page. When the gatekeeper exchanges passwords with an endpoint or another gatekeeper, usually only a has (a 'check-sum') of the password is transported as an MD5 token. If both sides calculate the MD5 token the same way, they can compare the tokens and know if the password was correct. PTLib broke the way these tokens are calculated at a certain version. Starting with H323Plus 1.22 and PTLib 2.7.1 there is a way for GnuGk to work around this bug. Interestingly, the way the MD5 hash is calculated is not defined by the H.235 standard as most people expect, but an old 'industry standard'. But everybody has to stick to it anyway. ;-) Regards, Jan Frank Liu wrote: > Hi all, > > I see at http://www.gnugk.org/compiling-gnugk.html > > 2.3.1 H323Plus 1.21.0 2.4.5 see note on MD5 tokens > > All All PTLib 2.2.x - 2.6.5 won't produce compatible MD5 hashes in > crypto tokens, fixed in the combination of H323Plus 1.22 and PTLib > 2.7.1 > > What exactly is compatible MD5 tokens? Is this something we should > concern about, and upgrade to the h323plus 1.22, ptlib 2.71? > > Thanks! > Frank -- Jan Willamowius, jan@xxxxxxxxxxxxxx, http://www.gnugk.org/ ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
