When using DOUBLE_QUOTED_STRING, passwords with '\"' may not work
Alan DeKok
aland at deployingradius.com
Mon Sep 11 09:10:03 UTC 2023
On Sep 10, 2023, at 9:16 PM, 平林 哲 <Satoshi.Hirabayashi at soliton.co.jp> wrote:
> ===
> # cat /usr/local/etc/raddb/mods-enabled/ldap1
> ldap {
> server = '192.168.1.6'
> identity = 'cn=tkt10886-3,cn=users,dc=srv2022,dc=rdd-osaka,dc=soliton,dc=example,dc=jp'
> password = "pass\\"word at 2022"
Two backslashes.
> However, it behaves differently in the shell.
>
> ===
> $ echo "pass\\\"word at 2022"
Three backslashes.
> pass\"word at 2022
> ===
Use three backslashes with FreeRADIUS, and it will work.
> Maybe the two backslashes need to be escaped into one backslash?
I explained the rules for double-quoted strings. They're the same for all double quoted strings in FreeRADIUS, and in the shell.
If you want a " in the middle of a double quoted string, you have to escape it: \"
If you want a \ in the middle of a double quoted string, you have to escape it: \\
Which means that if you want *both* a " and a \ in a double quoted string, you need to have an *odd* number of backslashes.
All you need to do is count the number of backslashes. Even *and* there's a quote in the middle of the string? Parse error. Odd number of backslashes? It's fine.
Alan DeKok.
More information about the Freeradius-Users
mailing list