Hash/Salt password with mysql
Moataz Elmasry
zaza1851983ml at googlemail.com
Mon Aug 10 21:38:19 CEST 2015
Hi Arran and thanks for the quick reply
Unfortunately I can't seem to get it running, getting a "[pap] Passwords
don't match" error
Here's the simplest example I could come up with:
username: freddi
password: wilma
salt: berlin
Then hashed the password+salt:
echo -n "wilmaberlin" | openssl sha1
(stdin)= ae5fb20004bd032779db7ecb7eda7973fa25d281
In the users table, the hash is set to that sha1, while salt=berlin
Then here's the configuration from sites-enabled/default:
update control {
Tmp-String-0 := "%{sql:SELECT hash FROM accounts WHERE
username = '%{User-Name}'}"
Tmp-String-1 := "%{sql:SELECT salt FROM accounts WHERE
username = '%{User-Name}'}"
}
update control {
SSHA-Password :=
"%{control:Tmp-String-0}%{control:Tmp-String-1}"
}
I removed the 0x before the password value, so that it gets normalized
Any idea what I'm doing wrong?
Regards and thanks
On Sun, Aug 9, 2015 at 8:22 PM, Arran Cudbard-Bell <
a.cudbardb at freeradius.org> wrote:
> >
> > update control {
> > Tmp-String-0 := "%{sql:SELECT hash FROM users WHERE
> > <USERNAME_CONNECTING = username>}"
> > Tmp-String-1 := "%{sql:SELECT salt FROM users WHERE
> > <USERNAME_CONNECTING = username>}"
> >
> > }
> >
>
> WHERE username='%{User-Name}'
>
> man unlang
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS development team
>
> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>
>
More information about the Freeradius-Users
mailing list