FreeRadius replaces characters in '%{User-Password}' after upgrade 3.0.16->3.0.19

belyj at belyj.eu belyj at belyj.eu
Thu Jul 18 08:51:06 CEST 2019


(0) Received Access-Request Id 161 from 127.0.0.1:37025 to 
127.0.0.1:1812 length 76                                                 
                                                                          
                          [50/862]
(0)   User-Name = "p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw="
(0)   NAS-Identifier = "nas-here"
(0) # Executing section authorize from file 
/etc/freeradius/sites-enabled/default
(0)   authorize {
(0)     policy filter_username {
(0)       if (&User-Name) {
(0)       if (&User-Name)  -> TRUE
(0)       if (&User-Name)  {
(0)         if (&User-Name =~ / /) {
(0)         if (&User-Name =~ / /)  -> FALSE
(0)         if (&User-Name =~ /@[^@]*@/ ) {
(0)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(0)         if (&User-Name =~ /\.\./ ) {
(0)         if (&User-Name =~ /\.\./ )  -> FALSE
(0)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  
{
(0)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   
-> FALSE
(0)         if (&User-Name =~ /\.$/)  {
(0)         if (&User-Name =~ /\.$/)   -> FALSE
(0)         if (&User-Name =~ /@\./)  {
(0)         if (&User-Name =~ /@\./)   -> FALSE
(0)       } # if (&User-Name)  = notfound
(0)     } # policy filter_username = notfound
(0)     [preprocess] = ok
(0)     [chap] = noop
(0)     [mschap] = noop
(0)     [digest] = noop
(0) suffix: Checking for suffix after "@"
(0) suffix: No '@' in User-Name = 
"p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=", looking up realm NULL
(0) suffix: No such realm "NULL"
(0)     [suffix] = noop
(0) eap: No EAP-Message, not doing EAP
(0)     [eap] = noop
(0)     [files] = noop
(0) sql: EXPAND %{User-Name}
(0) sql:    --> p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=
(0) sql: SQL-User-Name set to 
'p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw='
rlm_sql (sql): Reserved connection (0)
(0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck 
WHERE username = '%{SQL-User-Name}' ORDER BY id
(0) sql:    --> SELECT id, username, attribute, value, op FROM radcheck 
WHERE username = 'p6suf=2BFyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=3D' 
ORDER BY id
(0) sql: Executing select query: SELECT id, username, attribute, value, 
op FROM radcheck WHERE username = 
'p6suf=2BFyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=3D' ORDER BY id

echo 
"User-Name="p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=",NAS-Identifier=nas-here" 
| radclient 127.0.0.1 auth testing123

same with username %{User-Name}, default install just enabled sql module



On 2019-07-17 16:58, Jorge Pereira wrote:
> Please share the entire debug output
> 
>> On 17 Jul 2019, at 08:41, belyj at belyj.eu wrote:
>> 
>> Hello.
>> 
>> After upgrade from 3.0.16 to 3.0.19 freeradius is replacing characters 
>> in mysql queries.
>> 
>> 
>> (76475085) Tue Jul 16 16:16:06 2019: Debug: Received Access-Request Id 
>> 54 from  length 126
>> (76475085) Tue Jul 16 16:16:06 2019: Debug:   NAS-Identifier = "XXXX"
>> (76475085) Tue Jul 16 16:16:06 2019: Debug:   User-Password = 
>> "p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw="
>> 
>> query
>> 
>> ... xxx.value = '%{User-Password}' AND ...
>> 
>> 
>> (76475085) Tue Jul 16 16:16:06 2019: Debug: sql3: Executing select 
>> query: SELECT ... xxx.value = 
>> 'p6suf=2BFyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=3D' AND ...
>> 
>> \+ is replaced and =3D added at the end.
>> 
>> `p6suf+FyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=`
>> 
>> `p6suf=2BFyNBebQgLMTdAXD4q0U/yZVIaxSN/w8LzVMlw=3D`
>> 
>> radiusd: FreeRADIUS Version 3.0.19 (git #1156b5361), for host 
>> x86_64-pc-linux-gnu
>> FreeRADIUS Version 3.0.19
>> 
>> 
>> On 3.0.16 same config, same query, password is not changed.
>> 
>> 
>> 
>> 
>> Any help would be appreciated.
>> 
>> Andrzej
>> -
>> List info/subscribe/unsubscribe? See 
>> http://www.freeradius.org/list/users.html
> 
> 
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list