In article <[EMAIL PROTECTED]>,
Nathan Miller <[EMAIL PROTECTED]> wrote:
>At 11:48 AM 11/13/2001 +0000, you wrote:
>
>> >1. A perl routine to convert octal -> hex OR octal -> binary for use in
>> >md5 for comparing chap-password to digest.
>>
>># Octal to binary
>>$string =~ s/\\(\d\d\d)/sprintf("%c", oct $1)/ge;
>>
>># Binary to hex
>>$string =~ s/(.)/sprintf("%02X", ord $1)/ge;
>
>Mike, thanks for the info. I tried using these; however, about 50% of the
>time it seems to not convert the data properly and therefore the
>$chap-password and $digest do not match even if the password is
>correct. This would have been my preferred method as then nothing with
>freeradius would have had to been modified, not even the dictionary
>files... makes for easy upgrades. =)
Right. I think I know why.
FreeRadius doesn't print out all non-printable characters as
\<octal> - it can also print \r, \n or \t for CR, LF and TAB.
Also \\ is used to indicate a backslash.
So you'd use something like this first:
# Process \\, \r, \t, \n, \"
%tr = ( '\\' => "\\", 'r' => "\r", 'n' => "\n", 't' => "\t", '"' => '"' );
$string =~ s/\\([\\rtn])/$tr{$1}/ge;
Now there's still a bug in FreeRadius in that it doesn't escape
double-quotes in a double-quoted string. librad_safeprint should
probably get an extra argument that indicates if double-quotes
should be escaped or not.
Even better, it should mean "double quote this string". If the
arg is true, librad_safeprint adds the outer quotes itself
and escapes double-quotes in the string. If the arg is false it
should at least escape spaces as well (" " => "\ ")
Or we drop the \\ \r \t \n \" \<space> special cases and
always use the octal versions for those characters.
Mike.
--
"Only two things are infinite, the universe and human stupidity,
and I'm not sure about the former" -- Albert Einstein.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
