net/freeradius should allow `:` in username and password.
chelming opened this issue · comments
Chris Helming commented
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
- I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
- I have searched the existing issues, open and closed, and I'm convinced that mine is new.
- The title contains the plugin to which this issue belongs
Describe the bug
When entering a username or password with a :
, and error message appears that says "text does not validate." :
is valid in usernames and passwords for FreeRadius.
# head -n6 /usr/local/etc/raddb/users
94:45:60:5f:1f:6c Cleartext-Password := "94:45:60:5f:1f:6c"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 10,
Framed-Protocol = PPP
# radtest 94:45:60:5f:1f:6c 94:45:60:5f:1f:6c 127.0.0.1 1812 abcd
Sent Access-Request Id 62 from 0.0.0.0:83f to 127.0.0.1:1812 length 103
User-Name = "94:45:60:5f:1f:6c"
User-Password = "94:45:60:5f:1f:6c"
NAS-IP-Address = 192.168.0.1
NAS-Port = 1812
Message-Authenticator = 0x00
Cleartext-Password = "94:45:60:5f:1f:6c"
Received Access-Accept Id 62 from 127.0.0.1:714 to 127.0.0.1:2111 length 42
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "10"
Framed-Protocol = PPP
Tip: to validate your setup was working with the previous version, use opnsense-revert (https://docs.opnsense.org/manual/opnsense_tools.html#opnsense-revert)
To Reproduce
- Go to system > firmware > plugins and install os-freeradius
- Go to services > freeradius > users
- click (+)
- enter ab:cd:ef:12:34:56 for username and password and click save
- see error message
Expected behavior
User record is created
Relevant log files
Additional context
Environment
Software version used and hardware type if relevant.
e.g.:
OPNsense 24.1.6
os-freeradius 1.9.22