make_passwd(), rlm_perl and double quotes in the password
John Morrissey
jwm at horde.net
Tue Sep 8 18:17:01 CEST 2009
On Wed, Sep 02, 2009 at 07:30:37PM -0400, John Morrissey wrote:
> On Wed, 20 May 2009 14:10:07 +0200, Alan DeKok wrote:
> > Niko Tyni wrote:
> > > It seems to me that the escaping and unescaping done in rlm_perl via
> > > perl_store_vps() -> vp_prints_value() -> librad_safeprint()
> > > and
> > > get_hv_content() -> pairadd_sv() -> pairmake() -> pairparsevalue()
> > > is a bit unnecessary,
>
> I agree; there doesn't seem to be a reason to quote double-quotes
> (or anything else that fr_print_string() guards against) in rlm_perl.
>
> > The rlm_perl code could arguable be updated, too. But that's less of
> > a priority.
>
> Alan, would you accept a patch to get rid of the vp_prints_value() in
> perl_store_vps?
Getting rid of vp_prints_value() in perl_store_vps() won't be possible
without other backwards-compatibility-breaking changes.
Namely, fr_print_string() encodes non-printing characters as octal values
(e.g., ASCII 29 -> '\035'). rlm_perl modules may be expecting this behavior.
How should this be handled?
john
--
John Morrissey _o /\ ---- __o
jwm at horde.net _-< \_ / \ ---- < \,
www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__
More information about the Freeradius-Devel
mailing list