Hi Ekene, I think if you explain the entire scenario and what you're trying to achieve, they'll be able to help. I currently have an external application connected to freeradius, but what i do is entirely different. I authenticate users on the application separately, but i don't use the password they provide as the radius password, it's generated with a formula and SMD5-encrypted. something like usermac + last 2 letters of first name + last 4 digits of phone number. Then salted and encrypted and stored in Freeradius. Uchenna Nebedum On Fri, Apr 5, 2019, 16:23 Ekene Ezeasor <ezeasorekene@gmail.com> wrote:
Hi all,
Please our users' password are encrypted using crypt() (blowfish) function in PHP. Now I want to use password_verify() to check the submitted password and I intend doing that in PHP. I have updated my authorize section to use the external PHP script like this:
update control { Auth-type := "/usr/bin/php -f /etc/freeradius/3.0/php/checkpassword.php %{User-Name} %{User-Password}" &Proxy-To-Realm := LOCAL }
But only the username is sent to the external PHP file. The password is empty.
We are already running a large database and it may not be easy to change to another encryption method. Therefore this is very important and we really need to implement it.
Please can someone help. Thanks. Regards
___________________________ Ekene Ezeasor IT Consultant, Codee Solutions *Phone*: 08063961963 *Web*: www.codeeltd.com ------------------------------
*DISCLAIMER NOTICE:* *This e-mail, any attachments thereto and response string is intended solely for the attention and use of the addressee(s) named herein and may contain legally privileged and/or confidential information. In the event that you are not the intended recipient(s) of this e-mail and any attachments thereto, be notified that any dissemination, distribution or copying of this e-mail and any attachments thereto, is strictly prohibited. If you have received or otherwise encountered this e-mail in error, please immediately notify the sender and permanently delete the e-mail, any attachments and response string as well as any copy printout in connection therewith.* ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html