is it dangerous to change sql safe_characters ?
Alan DeKok
aland at deployingradius.com
Thu Jul 30 09:38:53 CEST 2015
On Jul 30, 2015, at 8:11 AM, d tbsky <tbskyd at gmail.com> wrote:
> we are using freeradius 3.0.9. and we want to make the sql
> accounting data easier to read/process.
> currently the characters below we may use are escaped by default
>
> '\' => for windows account like "domain\user".
> "+","=" => for base64 encoding these two characters are used
>
> is it safe the add these characters to query.conf "safe_characters"?
No.
> PS: by default the method to escap the "\" character seems not
> correct. when user use "domain\user" to login, if I check with
> "radiusd -X", the name sometimes present as 'domain\user', and
> sometimes present as "domain\\user". but finally when it write to sql,
> it becomes "domain=5C=5Cuser".
> I think the correct escaped string should be "domain=5Cuser" ?
It depends where the string comes from. See the debug output for details.
Alan DeKok.
More information about the Freeradius-Users
mailing list