Help: AUTH_FAILED and remote authentication script issues.

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
User avatar
xauen
Forum Team
Posts: 80
Joined: Tue May 10, 2011 7:57 pm
Location: Manila, Philippines
Contact:
Contact xauen

Help: AUTH_FAILED and remote authentication script issues.

Post by xauen » Sat May 21, 2011 8:10 pm

Hello,

I managed to get a script for remote authentication using wordpress db as my base access details storage. However I cannot seem to get past AUTH-FAILED issue. Possible source of conflict might be my database query inside the script which returns nothing.

Hope someone with enough knowledge of scripting and database querying can help me here.

here is my vpn_auth.sh:

Code: Select all

#!/bin/bash

### Database Informations
DBUSER='dbuser'
DBPASS='dbpass'
DBHOST='host.ip'
DBNAME='dbname'

### OpenVPN get's send the filename to the script, with the script's first parameter = $1
### The file contains 2 lines, Username and Password what the client sent to the server ( --auth-user-pass )
### When the script finished, the file will be removed
vpnnev=`head -n1 $1 | tail -1`      # Get the First line -> Username
vpnjelszo=`head -n2 $1 | tail -1 `   # Get the Second line -> Password

### Name + Password
sqlnev=`mysql -u $DBUSER -p$DBPASS -h $DBHOST --skip-column-name -e 
"SELECT user_login FROM wp_users WHERE ((user_login = '$vpnnev') AND (user_pass = PASSWORD('$vpnjelszo')));" $DBNAME`

### If the MySQL Query failed, the "sqlnev" variable contains nothing! If the "sqlnev" contains Bob's username,
##  we are good to go! If this script exit with errorcode 0, that means the script is successful, OpenVPN will
## If the exit code IS NOT "0", OpenVPN will destroy the tunnel.
##
if [ "$sqlnev" == "$vpnnev" ]; then
exit 0
   else
exit 1
fi
Here is my server.conf:

Code: Select all

port 9200
proto udp
dev tun0
cipher BF-CBC
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
script-security 2
auth-user-pass-verify "/etc/openvpn/vpn_auth" via-file
tmp-dir "/etc/openvpn"
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
status /etc/openvpn/onlineusers.log 5
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 4.2.2.1"
push "dhcp-option DNS 4.2.2.2"
reneg-sec 0
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server.log
verb 3
mute 10
Notice the:

Code: Select all

script-security 2
auth-user-pass-verify "/etc/openvpn/vpn_auth" via-file
Authentication via file.

Im having problem with the following sql query if its right or wrong:

Code: Select all

sqlnev=`mysql -u $DBUSER -p$DBPASS -h $DBHOST --skip-column-name -e 
"SELECT user_login FROM wp_users WHERE ((user_login = '$vpnnev') AND (user_pass = PASSWORD('$vpnjelszo')));" $DBNAME`
Please note that:
user_login; and
user_pass
are columns for the table "wp_users", which is inside my wordpress db.

Any help on solving this mysql query problem or restructuring of vpn_auth.sh is of great help to me.

Thanks:)
"Never be bullied into silence. Never allow yourself to be made a victim. Accept no ones definition of you"
-IDK
Top
Post Reply

Return to “Authentication Scripts”