From 461baa0e2820334905b4b0c03fa7bb3ab6fac8dc Mon Sep 17 00:00:00 2001 From: Sylvain Berfini Date: Tue, 10 Sep 2013 15:48:23 +0200 Subject: [PATCH] Added linphonerc setting to disable ha1 password storage for auth info --- coreapi/authentication.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coreapi/authentication.c b/coreapi/authentication.c index 4682325e9..57af57927 100644 --- a/coreapi/authentication.c +++ b/coreapi/authentication.c @@ -162,7 +162,7 @@ void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, in if (obj==NULL || lp_config_get_int(config, "sip", "store_auth_info", 1) == 0){ return; } - if (!obj->ha1 && obj->realm && obj->passwd && (obj->username||obj->userid)) { + if (!obj->ha1 && obj->realm && obj->passwd && (obj->username||obj->userid) && lp_config_get_int(config, "sip", "store_ha1_passwd", 1) == 1) { /*compute ha1 to avoid storing clear text password*/ obj->ha1=ms_malloc(33); sal_auth_compute_ha1(obj->userid?obj->userid:obj->username,obj->realm,obj->passwd,obj->ha1);