Escaping of User Names
Peter Nixon
listuser at peternixon.net
Tue Feb 6 08:11:40 CET 2007
On Tue 06 Feb 2007 08:49, Alan DeKok wrote:
> Peter Nixon wrote:
> >> The solution is probably to hack "sql_safe_chars" to escape
> >> characters above 0x80, or to have it validate UTF-8 strings... and then
> >> escape non-UTF-8 characers.
> >
> > Eeek. The user? Shouldn't the NAS be checking this then?
>
> Nope. NASes are dumb.
Yep. And users?
> > I am wondering why I am only getting the error from sqlippool and not
> > from the sql accounting or auth queries. It makes me think that we are
> > not doing something correctly in sqlippool. If you have a moment would
> > you be able to look at the sqlippool code and tell me if we are doing
> > something incredibly stupid?
>
> Last I looked at it, it seemed fine. I'll go check again.
Thanks.
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20070206/68f2233b/attachment.pgp>
More information about the Freeradius-Devel
mailing list