On Sep 18, 2017, at 8:59 AM, Anton Kiryushkin <swood@fotofor.biz> wrote:
Thank's for answered.
I've changed a config of SQL module from:
authorize_check_query = "SELECT vpn_id as id, vpn_username as UserName, 'User-Password' as attribute, pass as value, ':=' as op \
Having "User-Password" here has been not recommended for a decade.
FROM ${authcheck_table} \ WHERE (vpn_username = '%{SQL-User-Name}' AND msk='1') \ ORDER BY id"
to:
authorize_check_query = "SELECT vpn_id as id, vpn_username as UserName, 'MD5-Password' as attribute, pass as value, ':=' as op \ FROM ${authcheck_table} \ WHERE (vpn_username = '%{SQL-User-Name}' AND msk='1') \ ORDER BY id"
And after that, I changed a value of password in a database from "{MD5}hash" to "hash".
Please use "Password-With-Header" instead of MD5-Password. And leave the headers on the passwords. The server will figure it out. Alan DeKok.