On Aug 10, 2015, at 3:38 PM, Moataz Elmasry <zaza1851983ml@googlemail.com> wrote:
Hi Arran and thanks for the quick reply
Unfortunately I can't seem to get it running, getting a "[pap] Passwords don't match" error
Here's the simplest example I could come up with:
username: freddi password: wilma salt: berlin
Then hashed the password+salt: echo -n "wilmaberlin" | openssl sha1 (stdin)= ae5fb20004bd032779db7ecb7eda7973fa25d281
In the users table, the hash is set to that sha1, while salt=berlin
Then here's the configuration from sites-enabled/default:
update control { Tmp-String-0 := "%{sql:SELECT hash FROM accounts WHERE username = '%{User-Name}'}" Tmp-String-1 := "%{sql:SELECT salt FROM accounts WHERE username = '%{User-Name}'}" }
update control { SSHA-Password := "%{control:Tmp-String-0}%{control:Tmp-String-1}" }
I removed the 0x before the password value, so that it gets normalized
Is the salt hex encoded also when it comes out of the db? -Arran