PB with Accent in nspmPassword in request LDAP between new FREE-RADIUS 1.1.2 (suse) and edirectory novell 6.5
Hello, I set up a new solution implementing eap-PEAP user authentication and VLAN assignment with · : - FREE-RADIUS 1.1.2 on suse 9 - ENTERASYS Switch - Edirectory Novell 6.5 This solution is operational. On the other hand, if the user uses a password using characters with accents, this solution does not work. I identified the problem in the LDAP request of the FREE-RADIUS 1.1.2 to the edirectory of novell 6.5. The problem seems to come from FreeRadius server because : The radius server is launched by the command "radiusd -X -A", what allows us to get back password. What appears: when the password does not contain special characters (é.) the password sent by the ldap module of the server freeradius is correct. When the password contains special characters(é), the password sent by the ldap module of freeradius is erroneous (see track accompanying document) for the first character. The conversion is the following one: alé00000 àblé00000 blé00000 àalé00000 clé00000 àalé00000 dlé00000 àalé00000 elé00000 àalé00000 r&é »?(-è à a&é »?(-è I have already met this problem with freeradius 1.0.5. Have you a solution to supply me? thank you in advance. Best regards Stephan
Hello, It is urgent, I need a solution. The bug is identifie in the rlm_ldap module, somebody can help me? Have you a patch to propose me? Thank you in advance Best regards Stephan freeradius@rockwellcollins.com Envoyé par : freeradius-users-bounces+freeradius=rockwellcollins.com@lists.freeradius.org 13/06/2006 17:39 Veuillez répondre à FreeRadius users mailing list <freeradius-users@lists.freeradius.org> A freeradius-users@lists.freeradius.org cc Objet PB with Accent in nspmPassword in request LDAP between new FREE-RADIUS 1.1.2 (suse) and edirectory novell 6.5 Hello, I set up a new solution implementing eap-PEAP user authentication and VLAN assignment with · : - FREE-RADIUS 1.1.2 on suse 9 - ENTERASYS Switch - Edirectory Novell 6.5 This solution is operational. On the other hand, if the user uses a password using characters with accents, this solution does not work. I identified the problem in the LDAP request of the FREE-RADIUS 1.1.2 to the edirectory of novell 6.5. The problem seems to come from FreeRadius server because : The radius server is launched by the command "radiusd -X -A", what allows us to get back password. What appears: when the password does not contain special characters (é.) the password sent by the ldap module of the server freeradius is correct. When the password contains special characters(é), the password sent by the ldap module of freeradius is erroneous (see track accompanying document) for the first character. The conversion is the following one: alé00000 àblé00000 blé00000 àalé00000 clé00000 àalé00000 dlé00000 àalé00000 elé00000 àalé00000 r&é »?(-è à a&é »?(-è I have already met this problem with freeradius 1.0.5. Have you a solution to supply me? thank you in advance. Best regards Stephan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius@rockwellcollins.com wrote:
The bug is identifie in the rlm_ldap module, somebody can help me?
See ldap_escape_func. Maybe it's responsible. Alan DeKok.
this function seems to be only to suppress"*". i continue to test. have you another idea ? Thank you in advance Best regards Stephan "Alan DeKok" <aland@nitros9.org> Envoyé par : freeradius-users-bounces+freeradius=rockwellcollins.com@lists.freeradius.org 14/06/2006 17:15 Veuillez répondre à FreeRadius users mailing list <freeradius-users@lists.freeradius.org> A FreeRadius users mailing list <freeradius-users@lists.freeradius.org> cc Objet Re: URGENT RE PB with Accent in nspmPassword in request LDAP between new FREE-RADIUS 1.1.2 (suse) and edirectory novell 6.5 freeradius@rockwellcollins.com wrote:
The bug is identifie in the rlm_ldap module, somebody can help me?
See ldap_escape_func. Maybe it's responsible. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius@rockwellcollins.com wrote:
this function seems to be only to suppress"*".
It does more than that. The only way to track down what's happening is to instrument the code, and watch the data strings. Alan DeKok.
participants (2)
-
Alan DeKok -
freeradius@rockwellcollins.com