[OpenSIPS-Users] OpenSIPS CP 9.3.2 password mode ha1_sha256 for adding new user

jacky z zjack0992 at gmail.com
Thu Sep 15 07:16:59 UTC 2022


Hi Bogdan-Andrei,

I tried either specifying it or not. Neither worked. Here is the script
when I tried:

www_challenge("","auth,auth-int","SHA-256");

I also tried specifying the realm in the above code. When the above is
used, there is no such error, but always returns 401. I checked the column
ha1_sha256 and the hash of the password is correct.

Thanks!

On Thu, Sep 15, 2022 at 2:07 PM Bogdan-Andrei Iancu <bogdan at opensips.org>
wrote:

> Hi,
>
> In your opensips.cfg, when doing auth challenge to the end points, do you
> specify the SHA256 alg?
>
> https://opensips.org/html/docs/modules/3.2.x/auth.html#func_www_challenge
>
> Regards,
>
> Bogdan-Andrei Iancu
>
> OpenSIPS Founder and Developer
>   https://www.opensips-solutions.com
> OpenSIPS Summit 27-30 Sept 2022, Athens
>   https://www.opensips.org/events/Summit-2022Athens/
>
> On 9/15/22 7:18 AM, jacky z wrote:
>
> Hi Team,
>
> Does ha1_sha256 work in general opensips config settings? I have the
> following in the scripts:
>
> modparam("auth_db", "calculate_ha1", 0)
>
> modparam("auth_db", "password_column", "ha1_sha256")
>
>
> but got the following error in the log:
>
>
> /usr/sbin/opensips[28261]: ERROR:auth:auth_calc_HA1: Incorrect length of
> pre-hashed credentials for the algorithm "MD5": 32 expected, 64 provided
>
>
> It seems though the sha256 was specified, but the server still calculated
> MD5 and compared with the database column ha1_sha256.
>
> On Tue, Aug 9, 2022 at 5:39 PM Bogdan-Andrei Iancu <bogdan at opensips.org>
> wrote:
>
>> Hi Bela,
>>
>> The OCP does not support ha1_sha256 AFAIK. Consider opening a feature
>> request here https://github.com/OpenSIPS/opensips-cp/issues
>>
>> Regards,
>>
>> Bogdan-Andrei Iancu
>>
>> OpenSIPS Founder and Developer
>>   https://www.opensips-solutions.com
>> OpenSIPS Summit 27-30 Sept 2022, Athens
>>   https://www.opensips.org/events/Summit-2022Athens/
>>
>> On 6/29/22 9:10 AM, Bela H wrote:
>>
>> Hi all,
>>
>>
>>
>> Is there any way to add new subscriber from OpenSIPS CP 9.3.2 using
>> password mode ha1_sha256?
>>
>> The ha1 (MD5(username:realm:password)) works fine but I had no luck with
>> the value generation for the ha1_sha256 field in “subscriber” table.
>>
>>
>>
>> I have this setting:
>>
>> modparam("auth_db", "calculate_ha1", 0)
>>
>> modparam("auth_db", "password_column", "ha1_sha256")
>>
>>
>>
>> Thanks!
>>
>> Bela
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20220915/73a36ccf/attachment.html>


More information about the Users mailing list