Using %{User-Password} in sql query for mschapv2
Oliver
oliver at anonsphere.com
Sun Apr 1 21:25:25 CEST 2012
Thanks Matthew,
I know this restrictions. My idea was to encrypt the password with the user
password, because it's a really bad idea to store plain text passwords
in mysql. So far, I can encrypt it with a server side key, but of course
if someone hacks the server, this is pretty useless.
Is there any way to send the plain password with the challenge request to use
in my sql query?
Oliver
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3868 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20120401/37757d93/attachment.bin>
More information about the Freeradius-Devel
mailing list