md5-hashed password in mod_auth_sql
82 views
Skip to first unread message
Daniel Kaupp
Feb 18, 2014, 12:10:18 PM2/18/14
to prosod...@googlegroups.com
Hi,
i customized mod_auth_sql to fetch user credentials from an external database.
The passwords there are md5 hashes. unfortunately i can't get a connection (not authorized) and i'm sure that the sql statement is right.
is there a way to determine if the password matches?
how can i tell prosody to use md5?
Thanks,
Daniel
i customized mod_auth_sql to fetch user credentials from an external database.
The passwords there are md5 hashes. unfortunately i can't get a connection (not authorized) and i'm sure that the sql statement is right.
is there a way to determine if the password matches?
how can i tell prosody to use md5?
Thanks,
Daniel
Daniel Kaupp
Feb 19, 2014, 5:49:53 AM2/19/14
to prosod...@googlegroups.com
Update:
I tried to connect with the hash of the password, and this worked.
so, how can i tell prosody that the stored passwords are already md5?
Documentation says:
If it has the plaintext password in the database, it can compare this directly with the password it received from the client. If it has a hashed password stored, it hashes the password from the client and compares the hashes.
but i already use "sql" for authentication method, so i can't say "PLAIN" here.
Perhaps someone can clarify things.
Thanks, Daniel
I tried to connect with the hash of the password, and this worked.
so, how can i tell prosody that the stored passwords are already md5?
Documentation says:
If it has the plaintext password in the database, it can compare this directly with the password it received from the client. If it has a hashed password stored, it hashes the password from the client and compares the hashes.
but i already use "sql" for authentication method, so i can't say "PLAIN" here.
Perhaps someone can clarify things.
Thanks, Daniel
Vadim A. Misbakh-Soloviov
Feb 19, 2014, 1:35:31 PM2/19/14
to prosod...@googlegroups.com
Hi!
> to fetch user credentials
> passwords ... are md5 hashes
So, why don't you want to use SQL server's MD5 function?
AFAIR, any of MySQL and PgSQL (and, probably SQLite3 too) supports MD5.
--
Best regsrds,
mva
> to fetch user credentials
> passwords ... are md5 hashes
> sql statement is right.
>
> is there a way to determine if the password matches?
> how can i tell prosody to use md5?
If you're fetching credentials -> you can run SQL queries.
>
> is there a way to determine if the password matches?
> how can i tell prosody to use md5?
So, why don't you want to use SQL server's MD5 function?
AFAIR, any of MySQL and PgSQL (and, probably SQLite3 too) supports MD5.
--
Best regsrds,
mva
Vadim A. Misbakh-Soloviov
Feb 19, 2014, 1:37:25 PM2/19/14
to prosod...@googlegroups.com
[although, anyway, util.hashes.md5 ]
--
Best regsrds,
mva
--
Best regsrds,
mva
Reply all
Reply to author
Forward
0 new messages