<div dir="ltr"><div dir="ltr"><div dir="ltr">Hi Bogdan-Andrei,<div><br></div><div>I tried either specifying it or not. Neither worked. Here is the script when I tried:</div><div><br></div><div>www_challenge("","auth,auth-int","SHA-256");<br></div><div><br></div><div>I also tried specifying the realm in the above code. When the above is used, there is no such error, but always returns 401. I checked the column ha1_sha256 and the hash of the password is correct.</div><div><br></div><div>Thanks!</div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Sep 15, 2022 at 2:07 PM Bogdan-Andrei Iancu <<a href="mailto:bogdan@opensips.org">bogdan@opensips.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<font face="monospace">Hi,<br>
<br>
In your opensips.cfg, when doing auth challenge to the end points,
do you specify the SHA256 alg?<br>
<br>
<a href="https://opensips.org/html/docs/modules/3.2.x/auth.html#func_www_challenge" target="_blank">https://opensips.org/html/docs/modules/3.2.x/auth.html#func_www_challenge</a><br>
<br>
Regards,<br>
</font>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="https://www.opensips-solutions.com" target="_blank">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
<a href="https://www.opensips.org/events/Summit-2022Athens/" target="_blank">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
<div>On 9/15/22 7:18 AM, jacky z wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hi Team,<br>
<div><br>
</div>
<div><font size="1" face="arial, sans-serif">Does <span style="background-color:rgb(255,255,255)">ha1_sha256</span> work
in general opensips config settings? I have the
following in the scripts:</font></div>
<div><font size="1" face="arial, sans-serif"><br>
</font></div>
<div>
<p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
"calculate_ha1", 0)</span></p>
<p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
"password_column", "<span>ha1_sha256</span>")</span></p>
<p class="MsoNormal"><span lang="EN-US"><br>
</span></p>
<p class="MsoNormal"><span lang="EN-US">but got the
following error in the log:</span></p>
<p class="MsoNormal"><span lang="EN-US"><br>
</span></p>
<p class="MsoNormal"><span lang="EN-US">/usr/sbin/opensips[28261]:
ERROR:auth:auth_calc_HA1: Incorrect length of
pre-hashed credentials for the algorithm "MD5": 32
expected, 64 provided<br>
</span></p>
<p class="MsoNormal"><span lang="EN-US"><br>
</span></p>
<p class="MsoNormal"><span lang="EN-US">It seems
though the sha256 was specified, but the server
still calculated MD5 and compared with the
database column </span>ha1_sha256.</p>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue, Aug 9, 2022 at 5:39 PM
Bogdan-Andrei Iancu <<a href="mailto:bogdan@opensips.org" target="_blank">bogdan@opensips.org</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div> <font face="monospace">Hi Bela,<br>
<br>
The OCP does not support ha1_sha256 AFAIK. Consider
opening a feature request here <a href="https://github.com/OpenSIPS/opensips-cp/issues" target="_blank">https://github.com/OpenSIPS/opensips-cp/issues</a><br>
<br>
Regards,<br>
</font>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="https://www.opensips-solutions.com" target="_blank">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
<a href="https://www.opensips.org/events/Summit-2022Athens/" target="_blank">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
<div>On 6/29/22 9:10 AM, Bela H wrote:<br>
</div>
<blockquote type="cite">
<div>
<p class="MsoNormal"><span lang="EN-US">Hi all,</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">Is there any way
to add new subscriber from OpenSIPS CP 9.3.2 using
password mode ha1_sha256?</span></p>
<p class="MsoNormal"><span lang="EN-US">The ha1 (</span>MD5(username:realm:password)<span lang="EN-US">) works fine but I had no luck with the
value generation for the ha1_sha256 field in
“subscriber” table. </span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">I have this
setting:</span></p>
<p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
"calculate_ha1", 0)</span></p>
<p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
"password_column", "ha1_sha256")</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">Thanks!</span></p>
<p class="MsoNormal"><span lang="EN-US">Bela</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<br>
</div>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
<br>
</div>
</blockquote></div>