When using DOUBLE_QUOTED_STRING, passwords with '\"' may not work
g4-lisz at tonarchiv.ch
g4-lisz at tonarchiv.ch
Wed Sep 13 02:55:52 UTC 2023
September 13, 2023 1:53 AM, "平林 哲" <Satoshi.Hirabayashi at soliton.co.jp> wrote:
> I set pass\\\"word at 2022 (three backslashes) in the configuration file to send the unescaped
> password pass\"word at 2022.
>
> password = "pass\\\"word at 2022"
>
> However, when I check the LDAP packet with Wireshark, it sends pass\\"word at 2022 and the
> authentication fails.
>
> Is this phenomenon unique to my environment?
>
You are right, I could reproduce this behavior.
It seems that in module config string types, the backslashes themselves don't need to be escaped!
Hence a the UNESCAPED password some\password can remain unescaped. password = "some\password".
So it should work with this:
password = "pass\\"word at 2022"
The first backslash stands as it is. The second escapes the double quote.
Or you simply use single quotes:
password = 'pass\"word at 2022'
More information about the Freeradius-Users
mailing list