Hi Liviu, Ah, thanks, perfect, that totally makes sense, I will do it as you suggest!!! Pity I didn't figure that out myself :(
Best regards, Yury. On Mon, 10 Apr 2023, 22:21 Liviu Chircu, <[email protected]> wrote: > On 10.04.2023 14:07, Yury Kirsanov wrote: > > I'm actually NOT using any type of DB, hence the problem, how do I specify > multiple hashes with $var(password) for different auth types, as per the > documentation? > > I think there is a bit of confusion on the "timings" when the > multi-algorithm "xxx_challenge()" function is used vs. the single-algorithm > reply verification for the client step. As such: > > * during the challenge step, you simply invoke xxx_challenge(MD5, SHA256), > to advertise multiple challenge headers to the client > * during the verification step, you are supposed to read the *$auth.alg*, > thus "learning" what the auth algorithm the client selected (*modern* > phone vs. *classic* phone, i.e. SHA256 or MD5), then > populate *$var(password)* with the corresponding hash selected from > your cache or database > > Hope this helps, > > -- > Liviu Chircuwww.twitter.com/liviuchircu | www.opensips-solutions.com > OpenSIPS Summit 2023 Houston, May 23-26 | www.opensips.org/events > >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
