3.0.4: binary LDAP attributes

Nikolai Kondrashov Nikolai.Kondrashov at redhat.com
Thu Mar 23 10:23:38 CET 2017


On 12/09/2014 01:51 PM, Nikolai Kondrashov wrote:
> Our (Red Hat) QA was testing the effect of this entry in 3.0.4 ChangeLog:
>
>     * Modify pairparsevalue to deal with embedded NULLs better,
>       and use the binary versions of attribute values in rlm_ldap.
>
> They have noticed that binary LDAP values get truncated on embedded zero
> characters (\0) in RADIUS replies, in radiusReplyMessage in particular.
> I.e. for
>
>     radiusReplyMessage:: cmVwbHkgd2l0aCBhAGI=
>
> The response output by radtest was
>
>     Reply-Message = 'reply with a'
>
> The network capture also showed that RADIUS reply packets contained truncated
> values.

We still see the above behavior in v3.0.13.

Please excuse me, if you explained it before, but is this intended,
or is this a bug?

Thank you.

Nick


More information about the Freeradius-Users mailing list