<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <font face="monospace">Hi,<br>
      <br>
      In your opensips.cfg, when doing auth challenge to the end points,
      do you specify the SHA256 alg?<br>
      <br>
<a class="moz-txt-link-freetext" href="https://opensips.org/html/docs/modules/3.2.x/auth.html#func_www_challenge">https://opensips.org/html/docs/modules/3.2.x/auth.html#func_www_challenge</a><br>
      <br>
      Regards,<br>
    </font>
    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
    <div class="moz-cite-prefix">On 9/15/22 7:18 AM, jacky z wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAOB03DvvWoZqk7o=3WN8fAO9WfbPmwhDYy4GoC2njYesys0AEw@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="ltr">
        <div dir="ltr">
          <div dir="ltr">
            <div dir="ltr">
              <div dir="ltr">Hi Team,<br>
                <div><br>
                </div>
                <div><font size="1" face="arial, sans-serif">Does <span
                      class="gmail-il"
                      style="background-color:rgb(255,255,255)">ha1_sha256</span> work
                    in general opensips config settings? I have the
                    following in the scripts:</font></div>
                <div><font size="1" face="arial, sans-serif"><br>
                  </font></div>
                <div>
                  <p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
                      "calculate_ha1", 0)</span></p>
                  <p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
                      "password_column", "<span class="gmail-il">ha1_sha256</span>")</span></p>
                  <p class="MsoNormal"><span lang="EN-US"><br>
                    </span></p>
                  <p class="MsoNormal"><span lang="EN-US">but got the
                      following error in the log:</span></p>
                  <p class="MsoNormal"><span lang="EN-US"><br>
                    </span></p>
                  <p class="MsoNormal"><span lang="EN-US">/usr/sbin/opensips[28261]:
                      ERROR:auth:auth_calc_HA1: Incorrect length of
                      pre-hashed credentials for the algorithm "MD5": 32
                      expected, 64 provided<br>
                    </span></p>
                  <p class="MsoNormal"><span lang="EN-US"><br>
                    </span></p>
                  <p class="MsoNormal"><span lang="EN-US">It seems
                      though the sha256 was specified, but the server
                      still calculated MD5 and compared with the
                      database column </span>ha1_sha256.</p>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <div class="gmail_quote">
        <div dir="ltr" class="gmail_attr">On Tue, Aug 9, 2022 at 5:39 PM
          Bogdan-Andrei Iancu <<a href="mailto:bogdan@opensips.org"
            moz-do-not-send="true">bogdan@opensips.org</a>> wrote:<br>
        </div>
        <blockquote class="gmail_quote" style="margin:0px 0px 0px
          0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div> <font face="monospace">Hi Bela,<br>
              <br>
              The OCP does not support ha1_sha256 AFAIK. Consider
              opening a feature request here <a
                href="https://github.com/OpenSIPS/opensips-cp/issues"
                target="_blank" moz-do-not-send="true">https://github.com/OpenSIPS/opensips-cp/issues</a><br>
              <br>
              Regards,<br>
            </font>
            <pre cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a href="https://www.opensips-solutions.com" target="_blank" moz-do-not-send="true">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a href="https://www.opensips.org/events/Summit-2022Athens/" target="_blank" moz-do-not-send="true">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
            <div>On 6/29/22 9:10 AM, Bela H wrote:<br>
            </div>
            <blockquote type="cite">
              <div>
                <p class="MsoNormal"><span lang="EN-US">Hi all,</span></p>
                <p class="MsoNormal"><span lang="EN-US"> </span></p>
                <p class="MsoNormal"><span lang="EN-US">Is there any way
                    to add new subscriber from OpenSIPS CP 9.3.2 using
                    password mode ha1_sha256?</span></p>
                <p class="MsoNormal"><span lang="EN-US">The ha1 (</span>MD5(username:realm:password)<span
                    lang="EN-US">) works fine but I had no luck with the
                    value generation for the ha1_sha256 field in
                    “subscriber” table. </span></p>
                <p class="MsoNormal"><span lang="EN-US"> </span></p>
                <p class="MsoNormal"><span lang="EN-US">I have this
                    setting:</span></p>
                <p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
                    "calculate_ha1", 0)</span></p>
                <p class="MsoNormal"><span lang="EN-US">modparam("auth_db",
                    "password_column", "ha1_sha256")</span></p>
                <p class="MsoNormal"><span lang="EN-US"> </span></p>
                <p class="MsoNormal"><span lang="EN-US">Thanks!</span></p>
                <p class="MsoNormal"><span lang="EN-US">Bela</span></p>
                <p class="MsoNormal"><span lang="EN-US"> </span></p>
                <br>
              </div>
            </blockquote>
          </div>
        </blockquote>
      </div>
    </blockquote>
    <br>
  </body>
</html>