xlat failure in 2.1.8 (worked in 2.1.6)
Alan DeKok
aland at deployingradius.com
Wed Feb 3 12:08:30 CET 2010
Stefan Winter wrote:
> After some tests, we think that either the space character (" ") or the
> single quote ("'") cause xlat to fail.
OK.
> The basic use scenario is a mySQL DB backend which pulls a NT-Hash for
> the user. Input is PAP, so rlm_pap calls xlat:NT-Hash for the input, and
> then returns with the log message that mschap xlat failed.
Debug says?
> I've traced down the code in rlm_pap (no changes between the two
> versions), rlm_mschap (only unrelated changes), and main/xlat.c. xlat.c
> seems to have had a *major* revision in between.
Yes. The old code in xlat.c was wrong. It didn't do conditional
expansion correctly. On looking into that, it did a number of other
things wrong, too. i.e. it's a bit surprising that it worked.
The new code is clearer, and doesn't have the problems of the old code.
> For the moment, I rolled back to 2.1.6+ (and had to give up on the
> "do_not_respond feature, sigh) but it would sure be nice if this worked
> again :-/.
Send a test case over, and I'll take a look. It should be easy to
fix, as the new code isn't insane.
Alan DeKok.
More information about the Freeradius-Devel
mailing list