[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Additional backslash being added in password
From: Alan DeKok <aland () deployingradius ! com>
Date: 2022-04-08 13:07:26
Message-ID: 15CF4E18-1C95-4848-BCD4-95A8C3181262 () deployingradius ! com
[Download RAW message or body]
On Apr 8, 2022, at 6:02 AM, Burn Zero <burnzerog@gmail.com> wrote:
> I am using FreeRADIUS version - 3.0.17
I suggest upgrading, but OK/
> While investigating some login authentication failures, I found that if the
> user has a backslash \ in their password, then another backslash is being
> added and the login fails.
Added... where? Which module are you using? If you read the docs, you'll see that \
you should be using / posting the debug output. That will help us help you.
The issue is that there's a lot of string expansion going on in various places. \
For example, when attributes are used in SQL queries.
But... you should never use passwords in SQL queries. That doesn't make sense.
> For example: if a user has a password R@ndom\String, then in FreeRADIUS it
> is being taken as R@ndom\\String. ( one more backslash is added ).
>
> Could you please let me know how to make FreeRADIUS accept the single
> backslash character as it is and not to add extra backslash?
The default configuration works. The default queries / password checks work, even \
when passwords have backslashes.
What did you change? Can you post the debug output, as suggested in ALL of the \
documentation?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic