[Date Prev][Date Next] [Chronological] [Thread] [Top]

storing HA1 password hash for HTTP DIGEST, SIP, TURN

Hi all,

There are a few protocols that use a HA1[1] password hash, such as HTTP
DIGEST[1], SIP DIGEST[2] and TURN[3] (which uses HMAC rather than DIGEST)

Is there a standard LDAP attribute name for storing a HA1 value or
should it be stored in a regular userPassword attribute as described in
the manual[4]?

I came across smbk5pwd for keeping SMB password attributes in sync.  Is
there a similar facility for keeping HA1 passwords in sync when a user
changes the password or how could a developer go about adding that,
would the smbk5pwd source be a useful model?



1. http://tools.ietf.org/html/rfc2617#section-3
2. https://tools.ietf.org/html/rfc3261#section-22.4
3. https://tools.ietf.org/html/rfc5389#section-15.4
4. http://www.openldap.org/doc/admin24/security.html#Password%20Storage