Insecure SIP registration #116
Description
There are some clients that would use the same sip username and password to send calls out from a single application that many users use.
In such a case, sending sip username and password to the server in clear text is not a good idea and very insecure which may cause the app developer to be a victim of unauthorized calls/charges.
To avoid this issue, the sip password can travel in MD5 hash over the network and decrypts on the server side to check it it matches or not.