Problem with expansion of %{Ldap-UserDn} containing UTF-8 (cf. Bug #411)
Alan DeKok
aland at deployingradius.com
Mon Aug 27 14:40:38 CEST 2007
Enrik Berkhan wrote:
>> Change it to allow UTF-8. Most modern systems support this.
>
> So, this could be done using iconv(), for example. Would this be ok?
No. iconv() returns error on invalid UTF-8 sequence. What we want is
to escape invalid UTF-8 sequences.
> Hmm, I've just looked at HEAD: there, vp_prints_value() has a special
> case (delimitst < 0) used by valuepair2str in xlat.c explicitly to make
> vp_prints_value() 8bit clean ... now I'm a bit confused ...
That isn't good enough. The input character stream should be
sanitized for UTF-8.
> May be just put this on the 1.1.x branch instead?
If CVS head is fixed, that's a Good Thing. If 1.1.x is broken, we can
release a patched version at some point.
Alan DeKok.
More information about the Freeradius-Devel
mailing list