SQL escaping
Phil Mayers
p.mayers at imperial.ac.uk
Thu Sep 20 18:30:50 CEST 2012
On 20/09/12 07:21, Alan DeKok wrote:
> add REQUEST and context (void*) to the RADIUS_ESCAPE_FUNC.
>
> Add it to the prototypes, to all modules (as UNUSED), and have xlat.c
> store the context, and pass it and REQUEST to the calling function
>
> then, add the proper pass of the context in LDAP, SQL, etc.
> individually. Have it pass the right context, and then use it in the
> escaping function.
Actually I've started to have a doubt about this having spent some time
looking at it.
The xlat stuff is a bit more complex than I first appreciated. There are
quite a few places where the escape func is just ignored when passed
into *_xlat handlers, and even in quite a few places in radius_xlat
itself (most of the single-string expansions that aren't passed off to
valuepair2str).
In addition, literally the only places the escape function are used in
the source are rlm_ldap, rlm_sql and rlm_rest, so it's a both a
limited-use code path, but very important.
I don't know that I really want to touch it now!
[I did spot a bug in rlm_ldap though - one-liner pull request submitted]
I'll give it some more thought in a week or so, when I've finished my
current assignment.
More information about the Freeradius-Devel
mailing list