18 May
2016
18 May
'16
10:18 a.m.
Probably the easiest way without radius_xlat calling some sort of module "pre-xlat" function before doing the xlat. Or having a "delayed expansion" flag which tells radius_xlat not to expand anything and to let the module do it. But I guess that's what happened before; it was probably fixing all the \\\\\\\\ escaping madness that broke this...
SQL-User-Name is only useful because it expands to the group being processed. For everything else the xlat escape function will prevent injection attacks. -Arran Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2