[OpenSIPS-Users] Is auth_db calculate_ha1 parameter documentation wrong?
Jacek Konieczny
jajcus at jajcus.net
Fri May 11 10:52:40 CEST 2012
From
http://www.opensips.org/html/docs/modules/1.8.x/auth_db.html#id250014 :
> 1.3.6. calculate_ha1 (integer)
>
> This parameter tells the server whether it should use plaintext
> passwords or a pre-calculated HA1 string for authentification.
>
> If the parameter is set to 1 and the username parameter of credentials
> contains also “@domain” (some user agents append the domain to the
> username parameter), then the server will use the HA1 values from the
> column specified in the “password_column_2” parameter. If the username
> parameter doesn't contain a domain, the server will use the HA1 values
> from the column given in the “password_column”parameter.
>
> If the parameter is set to 0 then the HA1 value will be calculated from
> the column specified in the “password_column” parameter.
Isn't that the other way round?
I have:
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
…'password' column contains the plain password and it works, although it
should not according to the documentation. The source code also looks
like the pre-computed HA1 values are used when calculate_ha1=0.
Greets,
Jacek
More information about the Users
mailing list