[RADIATOR] RewriteUsername with EAP_26 PEAP not affecting %X EAP_Identity
Christian Kratzer
ck-lists at cksoft.de
Wed Jul 17 12:54:09 UTC 2019
Hi Karri,
On Wed, 17 Jul 2019, Karri Huhtanen wrote:
> On Wed, 3 Jul 2019 at 13:24, Christian Kratzer <ck at cksoft.de> wrote:
>
> Hello,
>
>> I have a fun corner case again in latest Radiator-4.23-18
>>
>> I have a setup doing TTLS EAP-MS-CHAPv2 and PEAP with EAP-MS-CHAPv2 with AuthSQL.
>>
>> The current setup uses %X to pass a stripped EAP_Identity to the AuthSELECT
>>
>> SELECT password FROM table WHERE username=?
>> AuthSelectParam %X
>>
>> We also have another AuthBy which handles TTLS with non EAP MS-CHAPv2 where we use %w
>>
>> SELECT password FROM table WHERE username=?
>> AuthSelectParam %w
>>
>> This works fine but we also have some legacy users that we need to support that are prepending their windows domain to the username with DOMAIN\
>>
>> As there is no matching Special in Utils.pm we tried doing this in the AuthBySQL with:
>>
>> RewriteUsername s/^(.*)\\(.*)/$2/
>
> is there some particular reason why you are using %X instead of %0? %0
> would have the rewritten username in it. Got this tip from Heikki,
> who's currently on holiday.
Thanks for the tip. I did not realise %0 would be of any use in an EAP situation.
I will give it a test as soon as I get that coordinated with the setup in question.
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck at cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
More information about the radiator
mailing list