[英]MySQL hashed column password+script bash
I'd a little problem. 我有点问题。
I'd created a MySQL table with the password column encrypted with SHA1. 我创建了一个MySQL表,其中的密码列已使用SHA1加密。
mysql> CREATE TABLE IF NOT EXISTS user_encrypted (
username varchar(50) COLLATE utf8_unicode_ci NOT NULL PRIMARY KEY DEFAULT 'username',
hashed_password varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'password',
user_mail varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL DEFAULT 'your@email.com',
user_phone varchar(20) COLLATE utf8_unicode_ci DEFAULT NULL DEFAULT '+33 1 23 45 67 89',
user_online tinyint(1) NOT NULL DEFAULT '0',
user_enable tinyint(1) NOT NULL DEFAULT '1',
user_max_connection tinyint(1) NOT NULL DEFAULT '2',
user_start_date date NOT NULL DEFAULT '2015-05-01',
user_end_date date NOT NULL DEFAULT '0000-00-00',
KEY hashed_password (hashed_password)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
Result 结果
Query OK, 0 rows affected (0.01 sec)
I'd a script, which call the MySQL table : 我要编写一个脚本,该脚本调用MySQL表:
#!/bin/bash
. /etc/openvpn/script/config.sh
#New Encrypted_password
#username=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select username from user_encrypted where username = '$username' AND hashed_password = '$password' AND user_enable=1 AND user_max_connection=2 AND user_start_date != user_end_date AND TO_DAYS(now()) >= TO_DAYS(user_start_date) AND (TO_DAYS(now()) <= TO_DAYS(user_end_date) OR user_end_date='0000-00-00')")
##Check user
[ "$username" != '' ] && [ "$username" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1
The problem is, when I use the script, and OpenVPn ask me for user / password, I use Test and Test1234, but, the system refuse the password. 问题是,当我使用脚本并且OpenVPn要求我提供用户名/密码时,我使用Test和Test1234,但是系统拒绝密码。 It seems the 'non-encrypted" password can't be translated to encrypted password for checking if the password for the table is the same as i entered in the client OpenVPN.
似乎“非加密”密码无法转换为加密密码,无法检查该表的密码是否与我在客户端OpenVPN中输入的密码相同。
I don't know how to do, in my script bash for the password I enter is "converted" to encrypted password for checking with the database... 我不知道该怎么办,在我输入的密码的脚本bash中,“转换”为加密的密码,以便与数据库进行检查...
Rhank you 谢谢你
Your bash script doesn't hash the password. 您的bash脚本不会对密码进行哈希处理。 Hence, you're comparing the password with a hash of the password.
因此,您正在将密码与密码的哈希值进行比较。
You say it's a SHA1 hash, which conveniently exists as a built-in function in MySQL . 您说这是SHA1哈希, 在MySQL中很方便地作为内置函数存在。 Changing
更改
where username = '$username' AND hashed_password = '$password' ...
into 成
where username = '$username' AND hashed_password = SHA1('$password') ...
should fix your immediate problem. 应该解决您的直接问题。
I want to bring up two other problems with your code -- these are unfortunately pretty common mistakes: 我想在您的代码中提出另外两个问题-不幸的是,这是很常见的错误:
admin'; SELECT * FROM user_encrypted WHERE 0 AND '
admin'; SELECT * FROM user_encrypted WHERE 0 AND '
这样的字符串怎么办? admin'; SELECT * FROM user_encrypted WHERE 0 AND '
(or something to that effect) as a username? admin'; SELECT * FROM user_encrypted WHERE 0 AND '
(或类似的意思)作为用户名? Please read this .
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.