Yeah, when using freeradius to authentication users on a SIP proxy for example it would be ideal to be able to use HA(1) instead of basic digest with plain text passwords Several months ago there was a couple patches sent in to add HA(1) support to the digest authentication module (for freeradius 1.0.5) and someone mentioned that they had been added to CVS. I assumed the patch was included in 1.1.0 (based off of the Changelog entry "Support User-Password field encryption in digest mode.") From this email ( http://lists.cistron.nl/pipermail/freeradius-users/2005-October/047818.html ) i was under the impression that i could supplant the "User-Password" field with "MD5-Password" and the digest module would use the HA(1) algorithm to authenticate the request Setting the attribute to MD5-Password causes the sql module to return "notfound" and the digest module complains that there needs to be ' "User-Password" or MD5-Password" ' items and returns invalid Alan DeKok wrote:
Tavis P <tavis.lists@galaxytelecom.net> wrote:
I'm just curious which attribute type (or digest module configuration) i need to use to enable HA1 digest authentication in Freeradius 1.1.0?
What do you mean by that? Using the Digest-HA1 data for authentication, rather than clear-text password?
That's not supported in the module, but it wouldn't be hard to add.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html