---------- Forwarded Message ---------- Subject: Performing a case-insensitive password match in a users file? Date: Tue, 4 Jul 2000 12:01:11 +0930 From: Simon Hackett <[EMAIL PROTECTED]> Hi folks (again!), I'm transitioning various radius user files, each servicing a different realm name, into the one radiator setup at the moment. It's all working - as simply as using AuthBy FILE on each relevant radius file from each previously different system, plus the StripRealm operator we added (as noted in the previous msg) to make each one match while preserving the realm in the accounting files. What I'd really like to do, because the previous system did case-insensitive password matching, is preserve that behavior under radiator. The user file concerned has plain text user passwords in it, which we've flattened down to all lower case (they weren't even consistent in the file, let alone being consistently used by the customers concerned). Now, what I want to do with this realm is handle it with an <AuthBy FILE>, but convince radiator to do the ultimate password check independently of the case of the user specified password. I've tried various approaches to this tonight, all in vain so far - trying to work out which routine, and where, in Radiator, to frob in order to achieve this effect. Unfortunately, the password comparison(s) concerned are buried deep inside routines which seem impossible to override (check_plaintext_password, in particular, seems like the most likely candidate). Any chance of adding a flag into Radiator, Mike, which might convince it on a per-realm basis to do the password checking in a case-insensitive manner (I understand that this will only make sense in a limited subset of cases - where the plaintext password is available, and where it's using PAP and not CHAP, I guess - but that's my situation). I almost want something resembling a 'RewritePassword' operator - though a 'LowercasePassword' or 'CaseInsensitivePasswordChecking' one would do just fine... The extreme version of such a notion would be to convince the attribute checking code to do case insensitive comparisons in general via a flag - which might then be called something like CaseInsensitiveCheckItems, I guess :) Cheers, Simon --- Simon Hackett, Technical Director, Internode Systems Pty Ltd 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia Email: [EMAIL PROTECTED] Web: http://www.on.net Phone: +61-8-8223-2999 Fax: +61-8-8223-1777 ------------------------------------------------------- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
