2 Feb
2009
2 Feb
'09
9:37 a.m.
Matej Vadnjal wrote:
I'm having trouble getting the value of auth_pool of a realm. Realms are defined as regular expressions matched by suffix module against the domain portion of users username.
Ok... *why* are you doing that?
if ("%{config:realm[%{Realm}].auth_pool}" =~ /%{client-shortname}/i) { reject }
That's odd. What do you think that configuration does, and why do you want it to do that?
Is this a bug or a safety feature (preventing some sort of injection attacks)? I tried all sorts of combination of single quites, double quotes, no quotes, but to no avail.
Escaping characters is a security feature. Alan DeKok.