<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2802" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>I've tracked down why some of my users aren't
authenticating...</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Appartenly somewhere (rlm_sql ?) the username is
being changed possible in an anti-injection function, I don't know.</FONT></DIV>
<DIV><FONT face=Arial size=2>Can someone shed some light on this?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>For instance, in the debug snip below, the username
'dcox&dcox' is changed to 'dcox=26dcox' which of course fails the sql select
statement.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>radius_xlat: 'dcox&dcox'<BR>rlm_sql
(sql): sql_set_user escaped user --> 'dcox&dcox'<BR>radius_xlat:
'select id, username, attribute, value, op from radcheck where username =
'dcox=26dcox' order by id'<BR>rlm_sql (sql): Reserving sql socket id:
4<BR>rlm_sql (sql): User dcox&dcox not found in radcheck</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>