Earlier today I was throwing together a five-minute RADIUS server using FreeRadius. The idea was to quickly get it to authenticate users from an existing MySQL table on a database server.

Unfortunately the existing table only has the user's password in an MD5 format, and as far as I'm aware FreeRadius doesn't deal with MD5 passwords except in EAP (which this is not). Herein lies the dodgy hack.

First, as this system is a throwaway that only needs to do basic authentication - let's dodge up a quick view with the data in the following standard FreeRadius table. Please note that field names have been changed to protect IP.

CREATE VIEW `radcheck` AS SELECT primkey AS id, name_user AS UserName, 'Cleartext-Password' AS Attribute, ':=' AS op, password AS Value FROM otherdb.othertable;

Strictly the above isn't necessary, as you can configure the FreeRadius queries as you wish. The aim of this is to minimise the changes made to the freeradius configuration.

Once that's done, I modified the FreeRadius configuration so instead of the standard query which grabs all the fields out of the table, to do the following:

authorize_check_query = "SELECT id, UserName, Attribute, IF( MD5('${User-Password}') = Value, ${User-Password}, Value ) as Value, op FROM ${authcheck_table} WHERE Username = '%{SQL-User-Name}' ORDER BY id"

This dodgy little statement forces MySQL to compare the MD5 of the plaintext password in the radius request against the MD5 in the database. If they match, it will return the specified plaintext (which will match later) and pass. Otherwise it will return the MD5 password from the table.

I should state that this actually allows two passwords for the user, their actual password or the MD5 of their password. For the purposes of this exercise the tradeoff was acceptable (though there are arguments that this isn't so bad anyway).

Really dirty hack, but I thought it was a novel solution to the problem :P

Okay so my lovely partner was apparently up at all hours engaged in a riveting conversation with a good friend of ours. Chatting to him afterwards it sounds like it was a very epic conversation, so I felt obliged to say something about my beliefs. Actually, I've been meaning to post something about this for a while (hooray for the little extrovert who *could*!), so it's as good enough excuse as any.

Already I've used the obligatory and self-indulgent words like beliefs, values, and a liberal dash of italics to boot - so I should make one thing clear:

I don't really beleive in anything

Yeah that's right, religiously speaking: I'm an Agnostic Atheist. No, that doesn't mean I'm sitting on the fence, really. I don't think too much about Heaven, Hell and the afterlife - because, well - let's be honest - it's not exactly straightforward and it hurts to think about it.

But that's not to say I'm closed to the idea of [insert religious postulation here], but as someone who likes to think in the abstract, I can't sit down and accept a concept on the basis of this-is-the-way-it-is without studying the various aspects of it and figuring out how it ticks. If I could, that would be faith.

So I'm sitting on the fence after all it seems... But here's my core belief:

It doesn't matter what you beleive in, as long as your beleifs don't cause your actions to restrict others from freely excercising *their* beleifs

I don't think theres many people out there who would disagree that this seems like a reasonable and fairly straightforward way to govern your actions as an individual. And if you do, guess what - that's nice dear, unless you're screaming some foreign language and running with me with a machete, I don't mind that you disagree.

And if I'm wrong about there being any greater power upstairs (or downstairs, or flying and made of spaghetti), I don't beleive any benevolent force could possibly find fault with someone who lives their lives by those rules.

My motivation over the Christmas break was short lived... I managed to get a few days of half-starting a whole bunch of projects, which is pretty much how I work: result!

But after the first week, the need to take a break hit me. 2009 for me has been very stressful and with things sorting themselves out I'm finally starting to feel human again. I'm keen to start work on new projects, but I want to spend a heckuva lot more time with my fabulous partner, Pia! Seriously, she's been awesome putting up with more than the usual level of shit this year and I couldn't have made it without her!

And there may be a bit of a spanner in the works. I've mentioned on my twitter feed that I've been going through the interview process at a fairly prominent search company. In the last few days before Christmas I flew over to Sydney and had the final round of interviews.

If I get a job offer and it ticks all my boxes, it might mean a move to Sydney is in order - which will put the kibosh on some of those projects. There are some personal, financial and family considerations for sure - but I'm trying not to get ahead of myself or even excited (fingers crossed).

Which is a pretty good start to the new year, I think. With perhaps an exception on the financial side of things, I'm definately feeling the most human I have in probably two years - and I'm keen to have a kick-arse 2010.