From version 71.1
edited by Buildbot
on 2018/06/01 01:01
To version 72.1
edited by Buildbot
on 2018/07/01 01:02
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,4 +1,4 @@
1 -// Documentation based on repostory git version commit 1.0.12-405-gca78774
1 +// Documentation based on repostory git version commit 1.0.12-487-g7669680
2 2  //
3 3  =Module Authentication=
4 4  
... ... @@ -22,7 +22,6 @@
22 22   bellesip@sip.linphone.org clrtxt:secret md5:97ffb1c6af18e5687bf26cdf35e45d30 sha256:d7580069de562f5c7fd932cc986472669122da91a0f72f30ef1b20ad6e4f61a3 ;|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ####|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
23 23  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)nonce-expires|(% style="text-align: left; border: 1px solid #999" %)Expiration time of nonces, in seconds.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##3600##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
24 24  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)cache-expire|(% style="text-align: left; border: 1px solid #999" %)Duration of the validity of the credentials added to the cache in seconds.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##1800##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
25 -|=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)hashed-passwords|(% style="text-align: left; border: 1px solid #999" %)True if retrieved passwords from the database are hashed. HA1=MD5(A1) = MD5(username:realm:pass).|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
26 26  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)no-403|(% style="text-align: left; border: 1px solid #999" %)Don't reply 403, but 401 or 407 even in case of wrong authentication.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)BooleanExpr
27 27  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)reject-wrong-client-certificates|(% style="text-align: left; border: 1px solid #999" %)If set to true, the module will simply reject with 403 forbidden any request coming from client who presented a bad TLS certificate (regardless of reason: improper signature, unmatched subjects). Otherwise, the module will fallback to a digest authentication.
28 28   This policy applies only for transports configured with 'required-peer-certificate=1' parameter; indeed no certificate is requested to the client otherwise.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
... ... @@ -30,5 +30,7 @@
30 30  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)new-auth-on-407|(% style="text-align: left; border: 1px solid #999" %)When receiving a proxy authenticate challenge, generate a new challenge for this proxy.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
31 31  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)enable-test-accounts-creation|(% style="text-align: left; border: 1px solid #999" %)Enable a feature useful for automatic tests, allowing a client to create a temporary account in the password database in memory.This MUST not be used for production as it is a real security hole.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
32 32  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)disable-qop-auth|(% style="text-align: left; border: 1px solid #999" %)Disable the QOP authentication method. Default is to use it, use this flag to disable it if needed.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
33 -|=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)available-algorithms|(% style="text-align: left; border: 1px solid #999" %)List of algorithms, separated by whitespaces (valid values are MD5 and SHA-256).|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##MD5##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
32 +|=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)available-algorithms|(% style="text-align: left; border: 1px solid #999" %)List of algorithms, separated by whitespaces (valid values are MD5 and SHA-256).
33 + This feature allows to force the use of wanted algorithm(s).
34 + If the value is empty, then it will authorize all implemented algorithms.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##MD5##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
34 34  |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)trust-domain-certificates|(% style="text-align: left; border: 1px solid #999" %)If enabled, all requests which have their request URI containing a trusted domain will be accepted.|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean