[SR-Users] Hashed Passwords
Elena-Ramona Modroiu
ramona at asipto.com
Wed Jan 11 13:17:39 CET 2012
Hi,
On 1/9/12 12:25 AM, Ben WIlliams wrote:
> Is it possible to make Siremis store passwords in plaintext?
siremis stores plaintext password, but I assume you want not to store.
At this moment there is no config option for that, it will store plain
text. You can update in the php file
siremis/modules/ser/sbs/authdb/do/SubscriberDO.php to set an emty value
for password field and just store ha1 and ha1b -- the file online in git
repo:
http://siremis.git.sourceforge.net/git/gitweb.cgi?p=siremis/siremis;a=blob;f=siremis/modules/ser/sbs/authdb/do/SubscriberDO.php;hb=HEAD
After computation of ha1 and ha1b, reset the value of $recArr['password'].
Also, as alternative, you can have a cron.d job to delete the values in
password column of subscriber table.
Regards,
Ramona
> I've just
> converted to hashed passwords as well and
> kamctlrc has STORE_PLAINTEXT_PW=0 but Siremis is still storing
> passwords in plaintext.
>
> On Wed, Jan 4, 2012 at 12:28 AM, Ali Jawad<ali.jawad at splendor.net> wrote:
>> Did trigger an email to fast this time, for people who might get here
>> using Google
>>
>> modparam("auth_db", "calculate_ha1", yes)
>> should be
>> modparam("auth_db", "calculate_ha1", 0)
>>
>> On Tue, Jan 3, 2012 at 1:03 PM, Ali Jawad<ali.jawad at splendor.net> wrote:
>>> Hi All
>>> We are using plain text passwords for authentication, for the obvious
>>> reasons we want to change to hashed passwords so first I executed the
>>> following on the SQL server :
>>>
>>> update subscriber set ha1 = md5(concat(username, ':', domain, ':',
>>> password)), ha1b = md5(concat(username, '@', domain, ':', domain, ':',
>>> password))
>>>
>>> The related config is :
>>>
>>>
>>>
>>> # ----- auth_db params -----
>>> #!ifdef WITH_AUTH
>>> modparam("auth_db", "db_url", DBURL)
>>> modparam("auth_db", "calculate_ha1", yes)
>>> modparam("auth_db", "password_column", "ha1")
>>> modparam("auth_db", "load_credentials", "")
>>> modparam("auth_db", "use_domain", MULTIDOMAIN)
>>>
>>> and
>>>
>>> # ----- auth_db params -----
>>> #!ifdef WITH_AUTH
>>> modparam("auth_db", "db_url", DBURL)
>>> modparam("auth_db", "calculate_ha1", yes)
>>> modparam("auth_db", "password_column", "ha1")
>>> modparam("auth_db", "load_credentials", "")
>>> modparam("auth_db", "use_domain", 1)
>>>
>>>
>>> But I keep getting unauthorized, what did I miss here.
>>>
>>> Regards
>>
>>
>> --
>> Ali Jawad
>> Information Systems Manager
>> Splendor Telecom (www.splendor.net)
>> Beirut, Lebanon
>> Phone: +9611373725/ext 116
>> FAX: +9611375554
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
More information about the sr-users
mailing list