Problem with expansion of %{Ldap-UserDn} containing UTF-8 (cf. Bug #411)
Alan DeKok
aland at deployingradius.com
Tue Aug 28 13:43:11 CEST 2007
Enrik Berkhan wrote:
> Now, I've tried it in 1.1.7 with the original ldap problem ... of
> course, the UTF-8 part works now, but one problem with LDAP DNs remains:
> The DNs may contain backslashes! Now these suffer from similar problems
> being doubled during the Ldap-UserDn expansion.
Yes, and commas. Multiple layers of variable expansion have problems.
The only way to *really* fix the problem is to track the origin of
data, and keep tainted / untainted flags.
> Currently, I have no idea of how to fix this in a universal robust way
> besides doing variable expansion completely transparently ...
I'm not sure what you mean by that.
Alan DeKok.
More information about the Freeradius-Devel
mailing list