Proposed release of 2.1.6

Alan DeKok aland at
Thu May 14 16:27:38 CEST 2009

A.L.M.Buxey at wrote:
> something is stripping the "\n" string formfactor from requests... ie
> if User-Name = LUNET\netsec-1  then it all works fine - authentication
> etc etc but right at the end, something b0rks - heres the final bits of log

  \n is interpreted as a LF.

> Sending Access-Accept of id 215 to port 1645
> 	User-Name = "LUNET\netsec-1\000"
> 	User-Name = "LUNET\netsec-1"

  Hmm... that doesn't look right.  Two User-Names, one of which has a
trailing zero?

> as you can see, all the access-accept stuff is fine - LUNET\netsec-1  = great

  Nope.  It SHOULD be printing out:

	User-Name = "LUNET\\netsec-1"

  See what it prints out in the Access-Request.  It ONLY prints out
"LUNET\netsec-1" if there is an embedded CR.  If there really is a
backslash followed by an 'n', then it escapes the backslash, as above.

> however, after this has happened, the accouting stuff kicks in and its all turned into "LUNET etsec-1"
> - is this a debug cosmetic issue or is something internal getting twisted?

  It's always behaved like that...

> PS cached EAP credentials - fantastic! 

  That's been there for a bit, IIRC.

  Alan DeKok.

More information about the Freeradius-Users mailing list