[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-devel
Subject:    Re: Escaping of User Names
From:       Peter Nixon <listuser () peternixon ! net>
Date:       2007-02-06 7:11:40
Message-ID: 200702060911.40304.listuser () peternixon ! net
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Tue 06 Feb 2007 08:49, Alan DeKok wrote:
> Peter Nixon wrote:
> >>   The solution is probably to hack "sql_safe_chars" to escape
> >> characters above 0x80, or to have it validate UTF-8 strings... and then
> >> escape non-UTF-8 characers.
> >
> > Eeek. The user? Shouldn't the NAS be checking this then?
>
>   Nope.  NASes are dumb.

Yep. And users?

> > I am wondering why I am only getting the error from sqlippool and not
> > from the sql accounting or auth queries. It makes me think that we are
> > not doing something correctly in sqlippool. If you have a moment would
> > you be able to look at the sqlippool code and tell me if we are doing
> > something incredibly stupid?
>
>   Last I looked at it, it seemed fine.  I'll go check again.

Thanks.

-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc

[Attachment #5 (application/pgp-signature)]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html

[prev in list] [next in list] [prev in thread] [next in thread]