3.0.17 password ending in '\' problem, LDAP backend [bug?]
kzorba at otenet.gr
Fri Sep 7 11:55:42 CEST 2018
On Παρ, Σεπ 07 2018 at 11:30:19 πμ, Olivier <Olivier.Nicole at cs.ait.ac.th> wrote:
the heart of the problem I am describing refers to the inability of the
LDAP module to retrieve a clear text password from the directory if this
ends in '\'.
Radclient refers to how I send the request and it seems in freeradius 3
there were changes to that as well. No shell is involved and I use vim
on linux for the file editing.
>> Debugging output (stripping the sensitive information):
>> kzorba at system(0)[10:19 AM]~/radius->cat test_kzorba1.txt
>> User-Name = kzorba1 at otenet.gr
>> NAS-Port-Type = xDSL
>> User-Password = test123\
>> NAS-Port-Id ="#DSLAM PORT DESCRIPTION HERE#"
>> Calling-Station-Id = "BNG INTERFACE # DSLAM PORT DESCRIPTION"
>> NAS-Port = 12234455
>> using freeradius 3.0.17 radclient:
>> kzorba at system(0)[10:26 AM]~/radius->/opt/freeradius3-auth/bin/radclient -f test_kzorba1.txt -x localhost:1812 auth XXXXX
>> (0) Error parsing "test_kzorba1.txt": Invalid escape at end of string
>> radclient: Failed parsing input files
>> With radclient 3.0.17 I needed to add an extra \ at the end of the
>> User-Password to send the request. No Cleartext-Password is set.
> It looks like a problem of escaping character in whatever shell, text
> editor, operating system you are using.
> On Unix, a line ending with a \ traditionnaly means that the line is
> continuing on the next line. Even it could be that when copying from one
> system to the other, you have added invisible character at the end of
> each line (your text editor consider that it should not display any
> CRTL-M at the end of the line, but if it is there, it messes up with
> LDAP, it happened to me earlier this week).
> Good luck,
Kostas Zorbadelos http://gr.linkedin.com/in/kzorba
More information about the Freeradius-Users