InnerAttributes not escaped when transmitted to outter
Stun Box
stunbox at gmail.com
Tue Jun 2 09:44:27 CEST 2009
2009/6/2 Alan DeKok <aland at deployingradius.com>:
> Stun Box wrote:
>> I'm using PEAP/Mschapv2 with Windows machines. I need the user-name of
>> the inner-tunnel when the authentication ends to assign the vlan id.
> ...
>> But it seems it has not been escaped...
>> My User-Name "DOMAIN/testx" becomes => "DOMAIN estxx"
>> And if I try DOMAIN/user it works nicely...
>>
>>
>> ++[eap] returns ok
>> +- entering group post-auth {...}
>> ++[exec] returns noop
>> expand: %{request:User-Name} -> ANKAMA\testx
>> expand: %{reply:User-Name} -> ANKAMA estxx
>>
>> How can I escape this ?
>
> You should be able to set it by hand from the inner tunnel:
>
> update outer.reply {
> User-Name = "%{User-Name}"
> }
It does not work for me. The only way I succeed to get the innertunnel
user-name is by setting the eap.conf / peap / use_tunneled_reply to
yes.
It does the same weird result with "DOMAIN\nuser" => DOMAIN nuserr
Could the matter come from my configuration ?
>
> I'll take a look to see if there's anything in the EAP module that
> could affect this.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list