|
|
Hi Kim Sia, 1. No, I'm not using the openvpn GUI. But I hardly see how it would impact the way openvpn works. Also, the scripts I'm running (such as client-connect) are server-side. OpenVPN runs of course as a service on the server. 2. Yes, of course. Much like server.ovpn in the sample config dir. Serge. http://www.apptranslator.com > -----Original Message----- > From: Sim Kim Sia [mailto:simksi@xxxxxxxxxxxxxxx] > Sent: vendredi 2 février 2007 3:13 > To: Serge Wautier > Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: [Openvpn-users] how to code for authentication > to a mysql server > > Hi Serge, > > It appears that when I use auth-user-pass-verify, my batch > script does not appear to run. No windows console was generated. > > Can I confirm the following with you? > > 1) that you are also using the openvpn GUI for windows? > > 2) the openvpn.conf that you refer to is actually a .ovpn > file for configuration? the type you can find inside the > OpenVPN\sample-config folder? > > Thank you. > > Regards > Kim Sia > > Extension: 3160 > ----- Original Message ----- > From: "Serge Wautier" <serge@xxxxxxxxxxx> > To: <simksi@xxxxxxxxxxxxxxx> > Cc: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx> > Sent: Tuesday, January 30, 2007 10:08 PM > Subject: RE: [Openvpn-users] how to code for authentication > to a mysql server > > > >I guess so. However I never used it before so I can't say for sure. > > > > Neither OpenVPN nor the OS (Whether Windows or Linux at > least) relies > > on a specific scripting language. > > > > On Windows, OpenVPN executes external scripts as batch files. Up to > > you to launch a Windows script (.vbs, .js, .php, .py,...) from the > > batch file using the method I showed earlier. On Linux, the script > > engine is specified in the script's header line (which is a Linux > > shell feature btw, not an OpenVPN one). > > > > From there on, you can use the script language you want > provided the > > corresponding engine is installed on the machine (Yes, vbscript is > > installed by default on Windows ;-). > > > > HTH, > > > > Serge. > > http://www.apptranslator.com > > > > > >> -----Original Message----- > >> From: simksi@xxxxxxxxxxxxxxx [mailto:simksi@xxxxxxxxxxxxxxx] > >> Sent: mardi 30 janvier 2007 14:37 > >> To: Serge Wautier > >> Cc: 'Sim Kim Sia'; openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >> Subject: RE: [Openvpn-users] how to code for authentication to a > >> mysql server > >> > >> Hi Serge, > >> > >> I suppose it is not impossible to use > auth-user-pass-verify using a > >> vbscript instead of the pam perl script, is it? > >> > >> Thank you. > >> > >> > I don't use auth-user-pass-verify. I use certificate-based > >> > authentication only. > >> > > >> > > >> > _____ > >> > > >> > From: Sim Kim Sia [mailto:simksi@xxxxxxxxxxxxxxx] > >> > Sent: mardi 30 janvier 2007 10:18 > >> > To: Serge Wautier > >> > Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >> > Subject: Re: [Openvpn-users] how to code for authentication > >> to a mysql > >> > server > >> > > >> > > >> > Hi, > >> > > >> > so I understand this as you added the following line to > the server > >> > config file : > >> > > >> > client-connect connect.bat > >> > > >> > If so, do you still include the auth-user-pass-verify > <script file > >> > name> <method>? > >> > > >> > Thank you. > >> > Regards > >> > Kim Sia > >> > > >> > Extension: 3160 > >> > > >> > ----- Original Message ----- > >> > From: Serge Wautier <mailto:serge@xxxxxxxxxxx> > >> > To: 'Sim Kim Sia' <mailto:simksi@xxxxxxxxxxxxxxx> > >> > Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >> > Sent: Tuesday, January 30, 2007 5:01 PM > >> > Subject: RE: [Openvpn-users] how to code for authentication > >> to a mysql > >> > server > >> > > >> > in openvpn.conf: > >> > client-connect connect.bat > >> > > >> > connect.bat: > >> > echo Client connected : %common_name% echo Optional > dynamic config > >> > file : %1 pushd %~dp0 cscript > >> connect.js > >> > %common_name% %1 popd > >> > > >> > (pushd %~dp0 -> more info here: > >> > > >> > <http://www.apptranslator.com/blog/2006/03/directory-management-in-ba > >> t > >> > ch-fil > >> > es.html>) > >> > > >> > All files are stored in the same dir as openvpn.conf > (used as the > >> > current working directory for scripts launched by > OpenVPN). But it > >> > should be no problem storing them elsewhere. > >> > > >> > HTH, > >> > > >> > > >> > Serge. > >> > http://www.apptranslator.com <http://www.apptranslator.com/> > >> > > >> > > >> > > >> > _____ > >> > > >> > From: Sim Kim Sia [mailto:simksi@xxxxxxxxxxxxxxx] > >> > Sent: mardi 30 janvier 2007 9:50 > >> > To: Serge Wautier > >> > Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >> > Subject: Re: [Openvpn-users] how to code for authentication > >> to a mysql > >> > server > >> > > >> > > >> > Hi, > >> > > >> > thank you for your reply. > >> > > >> > May I ask how did you include your JScript file? > >> > > >> > Did you place it in the plugin folder of openvpn or just > >> anywhere you > >> > like on the server machine? > >> > > >> > thank you. > >> > > >> > Regards > >> > Kim Sia > >> > > >> > Extension: 3160 > >> > > >> > ----- Original Message ----- > >> > From: Serge <mailto:serge@xxxxxxxxxxx> Wautier > >> > To: 'Sim Kim Sia' <mailto:simksi@xxxxxxxxxxxxxxx> > >> > Sent: Tuesday, January 30, 2007 4:34 PM > >> > Subject: RE: [Openvpn-users] how to code for authentication > >> to a mysql > >> > server > >> > > >> > Hi, > >> > > >> > I have a setup with an OpenVPN server (using PKI). I > validate user > >> > certificates against MySQL using a --client-connect script > >> written in > >> > JScript using ADO to look up the DB: > >> > OpenVPN validates the certificate. Then it calls my > >> --client-connect > >> > script (passing it the CommonName as an argument. Read the > >> doc, there > >> > are more parameters passed through environment > variables. My script > >> > validates the CommonName by looking up the DB (I don't > use CRL. For > >> > this app, a white list was preferred to a black list). One > >> can reject > >> > a connection by having the script return a non-0 value. > >> > > >> > HTH, > >> > > >> > > >> > Serge. > >> > http://www.apptranslator.com <http://www.apptranslator.com/> > >> > > >> > > >> > _____ > >> > > >> > From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx > >> > [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On > >> Behalf Of Sim > >> > Kim Sia > >> > Sent: mardi 30 janvier 2007 9:18 > >> > To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >> > Subject: [Openvpn-users] how to code for authentication > to a mysql > >> > server > >> > > >> > > >> > Hi, > >> > > >> > I am using OpenVPN on Windows based machines. > >> > > >> > I have looked at the example scripts. They are using > >> something called > >> > pam library and the scripts are written in c and perl -- > languages > >> > that I am not strong at. > >> > > >> > I need to to ask the following: > >> > > >> > 1) > >> > > >> > How do I write a script such that the username and password > >> supplied > >> > by the user will be checked against a mysql database table > >> containing > >> > a list of usernames and passwords? > >> > > >> > And in a secure manner? > >> > > >> > 2) > >> > > >> > How do I use the command auth-user-pass-verify to do the above? > >> > > >> > I understand that the usual way is to have the line > >> > > >> > auth-user-pass-verify <script filename> > >> > > >> > are there other arguments that I must include? > >> > > >> > Thank you. > >> > > >> > Regards > >> > Kim Sia > >> > > >> > Extension: 3160 > >> > [This e-mail is confidential and may be priviledged. If > you are not > >> > the > >> > > >> > intended recipient, please kindly notify us immediately and > >> delete the > >> > message > >> > > >> > from your system; please do not copy or use it for any > purpose, nor > >> > disclose > >> > > >> > its contents to any other person. Thank you.] > >> > > >> > ---ST Electronics Group--- > >> > > >> > > >> > > >> > > >> > >> > >> > > > ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |