I've tracked down why some of my users aren't
authenticating...
Appartenly somewhere (rlm_sql ?) the username is
being changed possible in an anti-injection function, I don't know.
Can someone shed some light on this?
For instance, in the debug snip below, the username
'dcox&dcox' is changed to 'dcox=26dcox' which of course fails the sql select
statement.
radius_xlat: 'dcox&dcox'
rlm_sql
(sql): sql_set_user escaped user --> 'dcox&dcox'
radius_xlat:
'select id, username, attribute, value, op from radcheck where username =
'dcox=26dcox' order by id'
rlm_sql (sql): Reserving sql socket id:
4
rlm_sql (sql): User dcox&dcox not found in radcheck