On 10-09 16:53, Jakob Schlyter wrote:
On Wed, 10 Sep 2003, Jan Janak wrote:
You must use ./gen_ha1 jakob@schlyter.net schlyter.net ser2003 to get the same hash.
does the internal ha1 calcualtion tries to match both username@domain and only username? it seems to me it only tries to match the hash for username.
There was a bug in the digest code (discovered by Andrei), if you use calc_ha1 and "jakob@schlyter.net" in the digest username then the server will not authenticate you.
You have two choices, either update the server from the stable branch of the CVS where the problem is fixed or use only "jakob" in the digest username.
The reason is that you have realm in the username. A user agent that sent the credentials above also calculate the response using "jakob@schlyter.net" as username so you must do the same.
I though ser was doing the hashing since i set calculate_ha1=1.
Yes, but if you have calculate_ha1=1 then you don't need gen_ha1. I thought you wanted to generate HA1 strings and insert them into the database.
BTW you don't have to put @chlyter.net into the username, it is not mandatory, you can use just "jakob".
how could it separate jakob@schlyter.se and (some other) jakob@example.com user if I don't put the domain in the username?
Separate ? If you enter username and password in your user agent then it should display the realm to you so you know for which realm are the credentials used.
Example:
Please enter username and password for realm "iptel.org": Username: Password:
It is the server who chooses the realm/domain. User agents can't change it.
What exactly are you trying to achieve ?
Jan.