When using DOUBLE_QUOTED_STRING, passwords with '\"' may not work
平林 哲
Satoshi.Hirabayashi at soliton.co.jp
Wed Sep 13 03:31:33 UTC 2023
> So it should work with this:
>
> password = "pass\\"word at 2022"
>
> The first backslash stands as it is. The second escapes the double quote.
This setting will result in a syntax error.
This is the first one I posted.
Summary of results.
| Configration | Result | Passwords in packets
|-----------------------|----------------|---------------------
| "pass\"word at 2022" | OK | pass"word at 2022
| "pass\\"word at 2022" | Syntax error | -
| "pass\\\"word at 2022" | OK | pass\\"word at 2022
| "pass\\\\"word at 2022" | Syntax error | -
| "pass\\\\\"word at 2022" | OK | pass\\\\"word at 2022
I feel that this behaviour is not correct.
Is there any way to correct this behaviour?
> Or you simply use single quotes:
>
> password = 'pass\"word at 2022'
thank you.
I understand that it can be used by using single quotes.
On 2023/09/13 11:55, g4-lisz at tonarchiv.ch wrote:
> September 13, 2023 1:53 AM, "平林 哲" <Satoshi.Hirabayashi at soliton.co.jp> wrote:
>
>> I set pass\\\"word at 2022 (three backslashes) in the configuration file to send the unescaped
>> password pass\"word at 2022.
>>
>> password = "pass\\\"word at 2022"
>>
>> However, when I check the LDAP packet with Wireshark, it sends pass\\"word at 2022 and the
>> authentication fails.
>>
>> Is this phenomenon unique to my environment?
>>
>
> You are right, I could reproduce this behavior.
> It seems that in module config string types, the backslashes themselves don't need to be escaped!
> Hence a the UNESCAPED password some\password can remain unescaped. password = "some\password".
>
> So it should work with this:
>
> password = "pass\\"word at 2022"
>
> The first backslash stands as it is. The second escapes the double quote.
>
> Or you simply use single quotes:
>
> password = 'pass\"word at 2022'
More information about the Freeradius-Users
mailing list