30 Nov
2015
30 Nov
'15
11:04 a.m.
On Nov 30, 2015, at 11:00 AM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
Better to do something more explicit with a regex, in case we get around to fixing string expansion :)
Regexes on some platforms don't deal well with embedded zeros. I'm happy with leaving %{string:..} as being explicitly not binary safe. The alternative is: update request { Tmp-Octets-0 := &User-Password } # Some systems send User-Password = "\000\000foo" # which is stupid if (Tmp-Octets-0 =~ /^0x00/) { reject } if (Tmp-Octets-0 =~ /^(0x(..)+)00/) { # get the text BEFORE the zeros update request { Tmp-Octets-0 := "%{1}" } update request { User-Password := "%{string:Tmp-Octets-0}" } } Alan DeKok.