Paul Hampson wrote: > On Mon, May 17, 2004 at 02:41:57PM +0300, Fabian Ritzmann wrote: > > I found that sql_escape_func in rlm_sql.c does not encode the '=' > > character. That makes it impossible later to decode the string > > correctly again. If you are looking at e.g. an encoded username > > "=3B", you don't know whether the unencoded original was ";" or > > "=3B". Would it be possible to change that in the next release? > > Indeed. Fixed in CVS. (rlm_sql 1.129, sql.conf 1.41). This's however > the default, local configs that are using safe-characters will need > fixing.
Thanks. > > While I am already at it, I am under the impression that this > > function only deals with US-ASCII characters correctly. Can anybody > > confirm that? > > The data is treated as a stream of bytes, so it depends on what you > mean by correctly. It should be possible to recover the original data, > but as far as being an intelligible of non-ASCII data it's not > spectacular. :-) I guess I meant independent from whatever locale FreeRADIUS happens to run with. I was dealing with the User-Name and was probably too emerged in my platform-independent Java world. :-) Just took another look at RFCs 2865 and 2486. The NAI may only contain US-ASCII characters, no problem there. In theory, the User-Name might also contain UTF-8 or ASN.1 encoded data. Since I (and presumably everybody else) have to deal only with NAIs, US-ASCII is good enough for me. :-) Fabian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
