diff -urN ../freeradius-server-2.1.4.orig/src/modules/rlm_sql_log/rlm_sql_log.c src/modules/rlm_sql_log/rlm_sql_log.c
--- ../freeradius-server-2.1.4.orig/src/modules/rlm_sql_log/rlm_sql_log.c	2009-03-11 03:26:50.000000000 +0100
+++ src/modules/rlm_sql_log/rlm_sql_log.c	2009-05-11 13:26:27.000000000 +0200
@@ -47,6 +47,7 @@
 	char		*path;
 	char		*postauth_query;
 	char		*sql_user_name;
+	int		utf8;	
 	char		*allowed_chars;
 	CONF_SECTION	*conf_section;
 } rlm_sql_log_t;
@@ -61,6 +62,8 @@
 	 offsetof(rlm_sql_log_t,postauth_query), NULL, ""},
 	{"sql_user_name", PW_TYPE_STRING_PTR,
 	 offsetof(rlm_sql_log_t,sql_user_name), NULL, ""},
+	{"utf8", PW_TYPE_BOOLEAN,
+         offsetof(rlm_sql_log_t,utf8), NULL, "no"},
 	{"safe-characters", PW_TYPE_STRING_PTR,
 	 offsetof(rlm_sql_log_t,allowed_chars), NULL,
 	"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"},
@@ -193,6 +196,71 @@
 	return len;
 }
 
+static size_t sql_utf8_escape_func(char *out, size_t outlen, const char *in)
+{
+	int len = 0;
+	int utf8 = 0;
+
+	while (in[0]) {
+		/* 
+		 * Skip over UTF8 characters
+		 */
+		utf8 = utf8_char((uint8_t *)in);
+		if (utf8) {
+			if (outlen <= utf8) {
+				break;
+			}
+			while (utf8-- > 0) {
+				*out = *in;
+				out++;
+				in++;
+				outlen--;
+				len++;
+			}
+			continue;
+		}
+
+		/*
+		 *	Non-printable characters get replaced with their
+		 *	mime-encoded equivalents.
+		 */
+		if ((in[0] < 32) ||
+		    strchr(allowed_chars, *in) == NULL) {
+			/*
+			 *	Only 3 or less bytes available.
+			 */
+			if (outlen <= 3) {
+				break;
+			}
+
+			snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
+			in++;
+			out += 3;
+			outlen -= 3;
+			len += 3;
+			continue;
+		}
+
+		/*
+		 *	Only one byte left.
+		 */
+		if (outlen <= 1) {
+			break;
+		}
+
+		/*
+		 *	Allowed character.
+		 */
+		*out = *in;
+		out++;
+		in++;
+		outlen--;
+		len++;
+	}
+	*out = '\0';
+	return len;
+}
+
 /*
  *	Add the 'SQL-User-Name' attribute to the packet.
  */
@@ -251,7 +319,10 @@
 
 	/* Expand variables in the query */
 	xlat_query[0] = '\0';
-	radius_xlat(xlat_query, len, query, request, sql_escape_func);
+	if (inst->utf8)
+		radius_xlat(xlat_query, len, query, request, sql_utf8_escape_func);
+	else
+		radius_xlat(xlat_query, len, query, request, sql_escape_func);
 	if (xlat_query[0] == '\0') {
 		radlog_request(L_ERR, 0, request, "Couldn't xlat the query %s",
 		       query);
