[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Using ldap_xlat in unlang with Chars not allowed in an ldap search
From: Phil Mayers <p.mayers () imperial ! ac ! uk>
Date: 2012-09-20 16:28:11
Message-ID: 505B441B.1010503 () imperial ! ac ! uk
[Download RAW message or body]
On 29/08/12 17:42, Phil Mayers wrote:
> There's no easy way to do this with the built-in LDAP code. When the
> "xlat" is called, it's called with one big string i.e. the un-escaped
> value is already inside the string, and can't be escaped.
Actually, following this up: I'm wrong here, due to misunderstanding how
the xlat & escape stuff applies.
I think the actual problem is that ldap_xlat doesn't use the
ldap_escape_func on the URL, because the escape func was added after the
xlat, and the xlat not updated. That is, it's a simple bug.
If you edit rlm_ldap.c around line 1231, and change:
if (!radius_xlat(url, sizeof(url), fmt, request, func))
...to:
if (!radius_xlat(url, sizeof(url), fmt, request, ldap_escape_func))
...this should work. I'll submit a one-liner.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic