3.0.4: binary LDAP attributes
Alan DeKok
aland at deployingradius.com
Tue Dec 9 14:02:42 CET 2014
On Dec 9, 2014, at 6:51 AM, Nikolai Kondrashov <Nikolai.Kondrashov at redhat.com> wrote:
> They have noticed that binary LDAP values get truncated on embedded zero
> characters (\0) in RADIUS replies, in radiusReplyMessage in particular.
> I.e. for
Arran and I have spent the last two weeks fixing those issues. The server *never* dealt well with embedded zeros in “string” data. Octets, yes. Strings, no.
> In related discoveries, it seems that backslashes get removed from LDAP
> attribute values in RADIUS replies, so
That’s part of what we were fixing.
> Is this intended?
No. Please try the v3.0.x git branch. We’ve fixed these issues, and added test cases for them all.
The normal user won’t see any change. People who have embedded zeros in strings will see that they now work.
Alan DeKok.
More information about the Freeradius-Users
mailing list