(RADIATOR) Re: (RADMIN) Unable to properly use stored crypted passwords in Radiator/Radmin...

Mike McCauley mikem at open.com.au
Sat Oct 6 06:20:28 CDT 2001 

Hello Colin,


On Fri, 5 Oct 2001 02:31, Colin D. Easton wrote:
> Hi,
>
> I've upgraded from Radiator 2.8.2/Radmin 1.4 where I've stored crypted
> UNIX passwords in an SQL db.
>
> i.e. username x has a stored password of {crypt}xxxxxxxx
>
> I tested the new release of Radiator 2.8.3/Radmin 1.5 where the stored
> password is able to be crypted by default but the routines store just
> the xxxxxxxx password in crypted format.
>
> I was able to change my password and the routines below worked ok,
> however I was then unable to login or authenticate.  What am I missing?

If you are using a Radmin PasswordFormat of 'crypt', then all passwords will 
stored into theRadmin database as straight Unix crypt, (ie without the 
{crypt} tag). 

Up until now, you could make AuthBy RADMIN understand straight unix crypt 
passwords only by customising. Attached is a new version of AuthRADMIN.pm 
that understands the EncrypttedPasswrod parameter, same as AuthBy SQL.

If you do that, it will auth against plain UNix crypt, but still recognise 
the ones with the {crypt} tag, and auth against them properly.

So install the attached AuthRADMIN.pm, set EncryptedPassword in your AuthBy 
RADMIN, and continue to use Radmin PasswordFormat of 'crypt'

Cheers.

>crypt
> Colin
>
>
> .../Radmin/Site.pm snippet which allows stored insert/updates of crypted
> passwords in Radiator/Radmin:
>
> # Here are some sample hooks that maintain PASS_WORD in the RADUSERS
> # table
> # as the Unix encrypted version of the plaintext password
> # entered by the user.
>
> ###################################################################
> # Heres an example pre_insert_hook.
> # Change the new password to Unix crypt before insertion
> sub db_pre_insert_hook
> {
>     my ($db, $newobj) = @_;
>
>     # Change the new plaintext password to Unix crypt
>     $newobj->{PASS_WORD} =
>          &Radmin::Util::unixEncryptPassword($newobj->{PASS_WORD})
>         if $newobj->{Type} eq 'RADUSERS';
> }
>
> ###################################################################
> # Heres an example pre_update_hook.
> # If the password has been changed, re-encrypt it
> sub db_pre_update_hook
> {
>     my ($db, $newobj, $oldobj) = @_;
>
>     # If the password is not 13 chars, its been changed
>     # to a new one: reencrypt
>     $newobj->{PASS_WORD} =
>        &Radmin::Util::unixEncryptPassword($newobj->{PASS_WORD})
>         if $newobj->{Type} eq 'RADUSERS'
>             && length $newobj->{PASS_WORD} != 13;
> }
>
> 1;
>
> ===
> Archive at http://www.open.com.au/archives/radmin/
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radmin' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list