fix broken radius clients, where password contains Null-Byte

privacyidea / FreeRADIUS

Add two factor authentication to FreeRADIUS via privacyIDEA

GNU General Public License v2.0

19 stars 17 forks source link

fix broken radius clients, where password contains Null-Byte #13

Closed cornelinux closed 5 years ago

cornelinux commented 5 years ago

Some RADIUS clients send a longer password string, that contains a Null-Byte. I.e. the real password is terminated by a Null-Byte but the string is longer and contains some gibberish.

The FreeRADIUS plugin should contain a switch, that finds the substring before the Null-Byte and only sends this part to the privacyIDEA system.

cornelinux commented 5 years ago

We can handle it like this:

my @a = split(/\0/, password);
password = @a[0];