Escaping of User Names
Alan DeKok
aland at deployingradius.com
Tue Feb 6 07:49:59 CET 2007
Peter Nixon wrote:
>> The solution is probably to hack "sql_safe_chars" to escape characters
>> above 0x80, or to have it validate UTF-8 strings... and then escape
>> non-UTF-8 characers.
>
> Eeek. The user? Shouldn't the NAS be checking this then?
Nope. NASes are dumb.
> I am wondering why I am only getting the error from sqlippool and not from
> the sql accounting or auth queries. It makes me think that we are not doing
> something correctly in sqlippool. If you have a moment would you be able to
> look at the sqlippool code and tell me if we are doing something incredibly
> stupid?
Last I looked at it, it seemed fine. I'll go check again.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Devel
mailing list