On Feb 5, 2021, at 7:24 PM, Matt Zagrabelny via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
To get the ball rolling I decided for this option. As expected, the AVP is going into the database.
Here is one of the lines from queries.conf:
NULLIF('%{Cisco-AVPair[*]}', '')
Yes. The docs say that doing a [*] expansion prints all of the attributes, separated by commas.
Looking at the database I see what looks to be quoted-printable [0] strings:
mdm-tlv=3Ddevice-platform=3Dlinux-64=2Caudit-session-id=3Dc0a87311021f3000601dda71=2Cmdm-tlv=3Dac-user-agent=3DOpenConnect VPN Agent =28NetworkManager=29 v8.10-1
The =3D is an encoded "=", the =2C is an encoded ",".
Is FR encoding the data in quoted-printable format?
The file containing the SQL module queries describe which characters are escaped, and why.
If so, is there a way to decode it?
You can decode is quoted-printable. You do NOT want to allow random things from the network to change your SQL queries. So quoting them is entirely the correct thing to do. One plan for v4 is to allow for stored procedures, and have the strings passed as parameters rather than in-line. This would remove the need for quoting strings from the network. Alan DeKok.