openvpn remote authentication via bash script

[eric66300]

hi

im using cent OS 5.6 and im a confused how it's to be done exactly the way i want it to be.

can somebody help me?



i put this on server side

auth-user-pass-verify "/etc/openvpn/auth_vpn.sh" via-file

and put this code inside auth_vpn.sh

#!/bin/bash
### Database Informations
DBUSER='user'
DBPASS='pass'
DBHOST='x.x.x.x'
DBNAME='dbase'

user_name=`head -n1 $1 | tail -1` #first line -> Username
pass_word=`head -n2 $1 | tail -1 ` #second line -> Password

user_query=`mysql -u $DBUSER -p$DBPASS -D $DBNAME -h $DBHOST --skip-column-name -e "SELECT username FROM user WHERE ( (active = '1') AND (username = '$user_name') AND (password = ('$pass_word')) );" $DBNAME`

if [ "$user_query" == "$user_name" ]; then
exit 0
else
exit 1
fi

pls help me

thank you

[janjust]

did you debug the script?
what happens if you print out the username+password after reading them from file - are they correct?
what happens if you manually execute the mysql query with the username+password?

this is a forum about openvpn , not about mysql/shell script debugging...

[eric66300]

Hi

sorry for my ignorance how may i print out the result after reading it from file?

tying to execute mysql both username and password are correct.

[janjust]

add these lines

Code: Select all

user_name=`head -n1 $1 | tail -1` #first line -> Username
pass_word=`head -n2 $1 | tail -1 ` #second line -> Password

# add these lines
echo "user_name=[$user_name]"
echo "pass_word=[$pass_word]"

and check to see that the right values are there. Adding things like

Code: Select all

set -vx

to the script will also produce lots of debugging output

[eric66300]

thanks i got to try it tomorrow

too busy today.

thank you again

[eric66300]

./auth_vpn.sh: line 11: unexpected EOF while looking for matching
./auth_vpn.sh: line 18: synteax error: enexpected end of file

head: cannot open 'database' for reading: No such file or directory
head: cannot open 'database' for reading: No such file or directory

but what weird later i got authenticated using this script dont know what i did just it happen then tried to insert another data to the database and BOOM!! can't authenticate again.


ooppsss i put this code and it works for i little time

auth-user-pass-verify "/etc/openvpn/auth_vpn.sh" via-env

i change via-file into via-env

did i miss something?

[janjust]

i change via-file into via-env

that means the username+password will be available via env vars, but you must add

Code: Select all

script-security 3

to the openvpn server config if you have not already done so.

If you want to try it using 'via-file' then create a sample password file /tmp/password containing only:

Code: Select all

testuser
testpasword

then run

Code: Select all

bash -vx /etc/openvpn/auth_vpn.sh /tmp/password

and look for any errors.

[eric66300]

got error

/etc/openvpn/auth_vpn.sh: line 11: unexpected EOF while looking for matching
/etc/openvpn/auth_vpn.sh: line 20: syntax error: unexpected EOF while looking for matching

wew kinda got headache

[eric66300]

do you have alternative way to authenticate user via mysql?

i built database and open port for this remote connection

[janjust]

this is a scripting error, not an openvpn error; if you don't know how to write a script to talk to a mysql database then you might be better of asking your questions on a scripting/mysql forum.

[eric66300]

Hi


Wanna say thank you to you without you i can't figure out what's wrong on our sql query

your the best sir

now our code is perfectly working now

[padhu]

Hi


Wanna say thank you to you without you i can't figure out what's wrong on our sql query

your the best sir

now our code is perfectly working now

Can you please share your solution here.I am having same problem.

[esson]

Please share~