10 Sep
2003
10 Sep
'03
6:04 p.m.
On 10-09 16:53, Jakob Schlyter wrote:
Yes, but if you have calculate_ha1=1 then you don't need gen_ha1. I
thought you wanted to generate HA1 strings and insert them into the
database.
Separate ? If you enter username and password in your user agent then
it should display the realm to you so you know for which realm are the
credentials used.
Example:
Please enter username and password for realm "iptel.org":
Username:
Password:
It is the server who chooses the realm/domain. User agents can't
change it.
What exactly are you trying to achieve ?
Jan.
On Wed, 10 Sep 2003, Jan Janak wrote:
There was a bug in the digest code (discovered by Andrei), if you use
calc_ha1 and "jakob(a)schlyter.net" in the digest username then the
server will not authenticate you.
You have two choices, either update the server from the stable branch
of the CVS where the problem is fixed or use only "jakob" in the
digest username.
You must use ./gen_ha1 jakob(a)schlyter.net
schlyter.net ser2003 to get
the same hash.
does the internal ha1 calcualtion tries to match both username@domain and
only username? it seems to me it only tries to match the hash for
username. The reason
is that you have realm in the username. A user agent that
sent the credentials above also calculate the response using
"jakob(a)schlyter.net" as username so you must do the same.
I though ser was doing the hashing since i set calculate_ha1=1. BTW you
don't have to put @chlyter.net into the username, it is not
mandatory, you can use just "jakob".
how could it separate jakob(a)schlyter.se and (some other) jakob(a)example.com
user if I don't put the domain in the username?