[OpenSIPS-Devel] [opensips] Add support to uac_registrant module to understand ha1 hash in password field in database (#692)
Alexander Mustafin
notifications at github.com
Sun Nov 8 04:07:00 CET 2015
At the moment password field have to contain plain passwords - it is not secure.
It would be grate if module can use ha1 (ha1b) hash for registering purposes.
Variant 1:
Keep plain or hash passwords and change behavior of module by option.
modparam("uac_registrant", "password_type", 2)
"0 - plain password
1 - ha1 hash"
Variant 2:
Other way, to check value of password field and if it hash - send it 'as is' and calculate ha1 if it is plain text.
Maybe use additional flag in options for this behavior
modparam("uac_registrant", "use_calculated_ha1", 1)
I think, it is not good idea to change database scheme for another one field in table. So I suggest to use the same password field.
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/issues/692
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20151107/e4446f19/attachment.htm>
More information about the Devel
mailing list