配置 openvpn 使用数据库(MySQL)认证方式

主要内容为如下脚本:

 

checkpsw.sh

LOG_FILE="/etc/openvpn/openvpn_pw.log"
TIME_STAMP=`date "+%Y-%m-%d %T"`
CORRECT_PASSWORD=`/usr/bin/mysql -uopenvpn -popenvpn -h10.10.10.10 openvpn -e "select password from user where username = '${username}' and enabled = true and expire_date > now();G" --skip-column-name |tail -1`
MD5PASSWORD=`echo -n ${password}|md5sum|awk '{print $1}'`
if [ "${CORRECT_PASSWORD}" = "" ]; then
echo "${TIME_STAMP}: User does not exist: username="${username}", password="${password}"." >> ${LOG_FILE}
exit 1
fi
if [ "$MD5PASSWORD" = "${CORRECT_PASSWORD}" ]; then
echo "${TIME_STAMP} Successful authentication username: ${username} IP: $ifconfig_pool_remote_ip RemoteIP: $trusted_ip" >> ${LOG_FILE}
exit 0
fi
echo "${TIME_STAMP}: Incorrect password: username="${username}", password="${password}"." >> ${LOG_FILE}
exit 1

点赞

发表评论

电子邮件地址不会被公开。 必填项已用*标注