11 Jan
2012
11 Jan
'12
7:17 a.m.
Hi,
On 1/9/12 12:25 AM, Ben WIlliams wrote:
Is it possible to make Siremis store passwords in
plaintext?
siremis stores plaintext password, but I assume you want not to store.
At this moment there is no config option for that, it will store plain
text. You can update in the php file
siremis/modules/ser/sbs/authdb/do/SubscriberDO.php to set an emty value
for password field and just store ha1 and ha1b -- the file online in git
repo:
http://siremis.git.sourceforge.net/git/gitweb.cgi?p=siremis/siremis;a=blob;…
After computation of ha1 and ha1b, reset the value of $recArr['password'].
Also, as alternative, you can have a cron.d job to delete the values in
password column of subscriber table.
Regards,
Ramona
I've just
converted to hashed passwords as well and
kamctlrc has STORE_PLAINTEXT_PW=0 but Siremis is still storing
passwords in plaintext.
On Wed, Jan 4, 2012 at 12:28 AM, Ali Jawad<ali.jawad(a)splendor.net> wrote:
Did trigger an email to fast this time, for
people who might get here
using Google
modparam("auth_db", "calculate_ha1", yes)
should be
modparam("auth_db", "calculate_ha1", 0)
On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawad<ali.jawad(a)splendor.net> wrote:
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hi All
We are using plain text passwords for authentication, for the obvious
reasons we want to change to hashed passwords so first I executed the
following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':',
password)), ha1b = md5(concat(username, '@', domain, ':', domain,
':',
password))
The related config is :
# ----- auth_db params -----
#!ifdef WITH_AUTH
modparam("auth_db", "db_url", DBURL)
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "ha1")
modparam("auth_db", "load_credentials", "")
modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params -----
#!ifdef WITH_AUTH
modparam("auth_db", "db_url", DBURL)
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "ha1")
modparam("auth_db", "load_credentials", "")
modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
--
Ali Jawad
Information Systems Manager
Splendor Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users