On Mon, May 17, 2004 at 02:41:57PM +0300, Fabian Ritzmann wrote: > I found that sql_escape_func in rlm_sql.c does not encode the '=' > character. That makes it impossible later to decode the string correctly > again. If you are looking at e.g. an encoded username "=3B", you don't > know whether the unencoded original was ";" or "=3B". Would it be > possible to change that in the next release?
Indeed. Fixed in CVS. (rlm_sql 1.129, sql.conf 1.41). This's however the default, local configs that are using safe-characters will need fixing. > While I am already at it, I am under the impression that this function > only deals with US-ASCII characters correctly. Can anybody confirm that? The data is treated as a stream of bytes, so it depends on what you mean by correctly. It should be possible to recover the original data, but as far as being an intelligible of non-ASCII data it's not spectacular. :-) -- Paul "TBBle" Hampson, on an alternate email client. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
