Re: RADIUS is a Wh*%@

[Alexander Keremidarski]

Jeff,

I am affraid your question has nothing to do with MySQL internals. It is all about 
 MySQL usage.

Stout, Jeff wrote:
I am using MySQL 4.0.15 on Win2K (not by choice, vendor chose this platform)

I user the Database to store user information to Allow RADIUS to authenticate
users against the tables.  I have to encrypt the password fields,  If I use
MD5 it is a one way algorithm,  enable for me to user MD5 I have to compare
the hashes if hashes match then I'm golden and user is granted access,
however the flavor of RADIUS the Vendor has chosen to use can not by it's self
do a hash comparison thus all Hash encrypted passwords can't be read by
Radius and users are denied access.
Doesn't matter. You only need to define what RADIUS has to match and do it within 
SQL query.

For an example if you store MD5 hashes of passwords into table you can just use:

SELECT MD5("plaintextpasswd") = password WHERE userid="userid";

In case hashes match above query will return 1 (true)

Please don't crospost such kind of questions in internals@ It is dedicated to 
MySQL source, algorithms etc.

Use general list [EMAIL PROTECTED] or consider purchasing Support. You can 
read more about Support MySQL AB provides at http://www.mysql.com/support/

Has any one had experience with this and know of a way to fix this ????

My other thought was to use:

INSERT INTO user_profile (userid, password)
VALUES ('sam', AES_ENCRYPT("sam","password"));
this will allow me to encrypt the password field, but I still need to get RADIUS to
do the AES_DECRYPT any thoughts.
ugh !!!!!!!!

Jeff Stout
CSG Systems, Inc.
303-200-3204                                                 


Best regards

--
 Are you MySQL certified? -- http://www.mysql.com/certification
 For technical support contracts, visit https://order.mysql.com/?ref=msal
    __  ___     ___ ____  __
   /  |/  /_ __/ __/ __ \/ /    Mr. Alexander Keremidarski <[EMAIL PROTECTED]>
  / /|_/ / // /\ \/ /_/ / /__   MySQL AB, Full-Time Developer
 /_/  /_/\_, /___/\___\_\___/   Sofia, Bulgaria
         <___/  www.mysql.com


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]