[OpenSIPS-Users] Opensips Registering non-existing users
Saúl Ibarra
saghul at gmail.com
Mon Jun 8 22:29:37 CEST 2009
On Mon, Jun 8, 2009 at 10:07 PM, mani sivaraman<mani.opensips at gmail.com> wrote:
> I'm able to login with out any problem if I
> modparam("auth_db", "calculate_ha1", no)
>
That's because you already store hashed passwords.
> The default one has 'yes' instead of no. Since I saw the ha1 does not match
> in the console output I edited this and started working. Now it is not
> Registering any other user other than the one available in the subscriber
> table.
>
That's right, the only ones that are able to register are the subscribers.
> What implication will I have now. I guess the auth is not very secure now.
> But still it authenticates if I enter wrong password.
>
What piece of code are you using to manage registrations?
--
Saúl -- "Nunca subestimes el ancho de banda de un camión lleno de disketes."
----------------------------------------------------------------
http://www.saghul.net/
More information about the Users
mailing list