[freeside-users] Re: Self signup

Shivkumar shivkumar at outbackwifi.com
Wed Mar 22 09:00:07 PST 2006 

hi,

pasted below find the thread from a previous post that i mentioned. if 
this is not your problem, then we might need to dig deeper.
"
In a nutshell, freeside assumes passwords > 12 characters are not plain

text passwords, but crypt'd passwords, and thus, exports them as
'Crypt-Password' instead of 'Password' to RADIUS.  The quick fix is to set
the 'passwordmax' config option back down to <= 12.  Then you won't run
into this 'bug'.  You'll need to truncate existing passwords that are > 12
chars in order for them to work properly as well.

-Kristian

On 21 Mar 2006, Admore Nyamaka wrote:


>> l am using freeside-1.5.0pre6 on Red Hat 9 and am using freeradius as
>> the RADIUS server. l have managed to set up a perfect export, when a new
>> user in added, they get added to the freeradius database(MySQL), but the
>> password is encrypted and the user cannot login (they get Access-Reject)
>> because of the encryption. l am scared to look into ivan's code (again),
>> because l don't want to hack to much into it (l have done that too much
>> now, and  l am afraid l will loose track of the changes l have made and
>> won't have a good upgrade when l need one). How can l disable the
>> encryption and export the passwords as plain text, or enable the same
>> encryption(l understand freeside uses crypt()) in freeradius DB.  :-( 
>>
>> Ideas are welcome, speed will be appreciated.  :-) 
>>
>> Please don't call me eidiot (although l am one)........l am three months
>> old in *NIX.
>>
>>
>> --
>> Admore Nyamaka <admore at adept.co.zw>
>> Adept Solutions
>>
>>
>  
>



Regards,
Shivkumar





Rich said the following:

> I am using version 1.5.7, on Freebsd ,PostgreSQL
>
> The exporting is working fine, for example if someone were to call in 
> and establish an account and a cust. rep enters the info, the radius 
> exports plain text no problem.
>
> The problem is when say a user goes to the self signup page, enters 
> their information, the export occurs, but the password pushed over is 
> a crypted password
>
> ie:
>
> 20 | testabcd1    | Password  | == | n8eoE5Oj
>
>
> ------------------------------
> If i go into their account, and "update" their password using the 
> office staff's interface, it correctly updates the password on the 
> radius server with a plain text password.
>
>
> What i need to happen is after a customer does a self-signup, the 
> password that gets pushed over needs to be plain text.
>
> Any thoughts?
>
> Rich
>
> ----- Original Message ----- From: "Shivkumar" 
> <shivkumar at outbackwifi.com>
> To: "Freeside users mailing list" <freeside-users at sisd.com>
> Sent: Wednesday, March 22, 2006 5:47 AM
> Subject: Re: [freeside-users] Re: Self signup
>
>
>> hi,
>> if you trawl thro the mailing list, you'll find the ans to this.
>> the gist is that any passwords over a certain number of characters 
>> are treated as encrypted by mysql and so inserted accordingly
>>
>> Regards,
>> Shivkumar
>> IT Global Solutions
>> F-4/7, Vasant Vihar
>> New Delhi-110057
>> Ph:+91-11-55262828
>> Cell:+91-9312878533
>> VOIP:30002225#
>> Website:www.itglobalsolutions.com
>>
>> ----------------------------------------------------------------------------------------- 
>>
>> NOTICE: The contents of this e-mail message are proprietary and 
>> intended only for personal and confidential use of the recipient(s) 
>> named above. If the recipient is not the addressee, he or she should 
>> immediately notify the sender and destroy the information transmitted 
>> without making any copy or distribution thereof. The information 
>> contained in this transmission may also be subject to a 
>> non-disclosure agreement. If so, for confidentiality retention, the 
>> recipient is only allowed to disclose the information to those who 
>> are bound under provisions of the agreement . Thank you.
>>
>>
>>
>> Rich said the following:
>>
>>> subject: Self signup
>>>
>>>
>>> Id like to know how to have the self signup interface push clear 
>>> passwords
>>> to free radius. If i create an account the password gets pushed over in
>>> plain text, but if I use the self signup is gets put in the database as
>>> encrypted password. Any ideas/thoughts?
>>>
>>> Rich
>>> _______________________________________________
>>> freeside-users mailing list
>>> freeside-users at sisd.com
>>> http://420.am/cgi-bin/mailman/listinfo/freeside-users
>>>
>> _______________________________________________
>> freeside-users mailing list
>> freeside-users at sisd.com
>> http://420.am/cgi-bin/mailman/listinfo/freeside-users
>>
>
> _______________________________________________
> freeside-users mailing list
> freeside-users at sisd.com
> http://420.am/cgi-bin/mailman/listinfo/freeside-users
>

More information about the freeside-users mailing list