Hi All We are using plain text passwords for authentication, for the obvious reasons we want to change to hashed passwords so first I executed the following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':', password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':', password))
The related config is :
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
Hi
I must add at log level 3 I get this error
7(17642) DEBUG: auth [challenge.c:102]: build_challenge_hf: realm='register.nymgo.com' 7(17642) DEBUG: auth [challenge.c:244]: auth: 'WWW-Authenticate: Digest realm="register.mydomain.com", nonce="TwLkEk8C4uaGawXB1G3p4AfjIGPhpa3T" ' 7(17642) DEBUG: sl [sl.c:278]: reply in stateless mode (sl) 7(17642) DEBUG: <core> [msg_translator.c:204]: check_via_address(pubIP, 192.168.0.191, 0)
And I use this in my config
if (!www_authorize("$fd", "subscriber")) {
Regards
On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawad ali.jawad@splendor.net wrote:
Hi All We are using plain text passwords for authentication, for the obvious reasons we want to change to hashed passwords so first I executed the following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':', password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':', password))
The related config is :
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
Did trigger an email to fast this time, for people who might get here using Google
modparam("auth_db", "calculate_ha1", yes) should be modparam("auth_db", "calculate_ha1", 0)
On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawad ali.jawad@splendor.net wrote:
Hi All We are using plain text passwords for authentication, for the obvious reasons we want to change to hashed passwords so first I executed the following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':', password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':', password))
The related config is :
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
Is it possible to make Siremis store passwords in plaintext? I've just converted to hashed passwords as well and kamctlrc has STORE_PLAINTEXT_PW=0 but Siremis is still storing passwords in plaintext.
On Wed, Jan 4, 2012 at 12:28 AM, Ali Jawad ali.jawad@splendor.net wrote:
Did trigger an email to fast this time, for people who might get here using Google
modparam("auth_db", "calculate_ha1", yes) should be modparam("auth_db", "calculate_ha1", 0)
On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawad ali.jawad@splendor.net wrote:
Hi All We are using plain text passwords for authentication, for the obvious reasons we want to change to hashed passwords so first I executed the following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':', password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':', password))
The related config is :
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
-- Ali Jawad Information Systems Manager Splendor Telecom (www.splendor.net) Beirut, Lebanon Phone: +9611373725/ext 116 FAX: +9611375554
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hi,
On 1/9/12 12:25 AM, Ben WIlliams wrote:
Is it possible to make Siremis store passwords in plaintext?
siremis stores plaintext password, but I assume you want not to store.
At this moment there is no config option for that, it will store plain text. You can update in the php file siremis/modules/ser/sbs/authdb/do/SubscriberDO.php to set an emty value for password field and just store ha1 and ha1b -- the file online in git repo:
http://siremis.git.sourceforge.net/git/gitweb.cgi?p=siremis/siremis;a=blob;f...
After computation of ha1 and ha1b, reset the value of $recArr['password'].
Also, as alternative, you can have a cron.d job to delete the values in password column of subscriber table.
Regards, Ramona
I've just converted to hashed passwords as well and kamctlrc has STORE_PLAINTEXT_PW=0 but Siremis is still storing passwords in plaintext.
On Wed, Jan 4, 2012 at 12:28 AM, Ali Jawadali.jawad@splendor.net wrote:
Did trigger an email to fast this time, for people who might get here using Google
modparam("auth_db", "calculate_ha1", yes) should be modparam("auth_db", "calculate_ha1", 0)
On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawadali.jawad@splendor.net wrote:
Hi All We are using plain text passwords for authentication, for the obvious reasons we want to change to hashed passwords so first I executed the following on the SQL server :
update subscriber set ha1 = md5(concat(username, ':', domain, ':', password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':', password))
The related config is :
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
and
# ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "ha1") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", 1)
But I keep getting unauthorized, what did I miss here.
Regards
-- Ali Jawad Information Systems Manager Splendor Telecom (www.splendor.net) Beirut, Lebanon Phone: +9611373725/ext 116 FAX: +9611375554
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Ali Jawad -
Ben WIlliams -
Elena-Ramona Modroiu