make_passwd(), rlm_perl and double quotes in the password

John Morrissey jwm at horde.net
Thu Sep 3 01:31:44 CEST 2009


On Wed, Sep 02, 2009 at 07:30:37PM -0400, John Morrissey wrote:
> On Wed, 20 May 2009 14:10:07 +0200, Alan DeKok wrote:
> > Niko Tyni wrote:
> > > It seems to me that the escaping and unescaping done in rlm_perl via
> > >  perl_store_vps() -> vp_prints_value() -> librad_safeprint() 
> > > and
> > >  get_hv_content() -> pairadd_sv() -> pairmake() -> pairparsevalue()
> > > is a bit unnecessary,
> 
> I agree; there doesn't seem to be a reason to quote double-quotes
> (or anything else that fr_print_string() guards against) in rlm_perl.
> 
> >   The rlm_perl code could arguable be updated, too.  But that's less of
> > a priority.

For the benefit of the archives, we're working around this with:

    if (defined $RAD_REQUEST{'User-Password'}) {
        $RAD_REQUEST{'User-Password'} =~ s/\\"/"/g;
    }

in our rlm_perl authorize handler.

john
-- 
John Morrissey          _o            /\         ----  __o
jwm at horde.net        _-< \_          /  \       ----  <  \,
www.horde.net/    __(_)/_(_)________/    \_______(_) /_(_)__



More information about the Freeradius-Devel mailing list