Problem with backslash in User-Name
Brian Candler
b.candler at pobox.com
Fri Feb 10 09:21:33 CET 2017
On 09/02/2017 22:14, Alan DeKok wrote:
> On Feb 9, 2017, at 5:08 PM, Marco Scholl<mail at marco-scholl.de> wrote:
>> i have a problem with 3.0.12 and User-Name.
>>
>> I send a request with domain name included in User-Name:
>>
>> radtest -t mschap "test\radius" radius localhost 1 testing123
> That's the problem.
>
> The shell is looking at the string "test\radius", and converting the \r to CR.
>
> You need to do:
>
> radtest -t mschap "test\\radius" radius localhost 1 testing123
I don't think it's the shell which is doing this; bash doesn't convert
\r even in double quotes.
$ echo "test\radius"
test\radius
However, tcpdump *does* show that by the time the RADIUS packet has been
sent, it has been turned into CR:
# radtest -t mschap "test\radius" radius localhost 1 testing123
Sent Access-Request Id 155 from 0.0.0.0:40801 to 127.0.0.1:1812 length 136
User-Name = "test\radius"
...
0x0030: 010c 7465 7374 0d61 6469 7573 0406 7f00 ..test.adius....
So I think what's happening is that radtest is sending
User-Name = "test\radius"
to radclient on stdin, and then radclient is converting \r to CR.
Ideally radtest would escape \ to \\. Since it doesn't, you need to pass
two real backslashes to radtest. You can do this using either:
radtest -t mschap "test\\\\radius" ... # with double-quotes
radtest -t mschap 'test\\radius' ... # with single-quotes
Both of these will generate the string t e s t \ \ r a d i u s
Regards,
Brian.
More information about the Freeradius-Users
mailing list