Re: [radsecproxy] Rather severe bug in 1.8.0 : secret field content erroneously interpreted

Hi Christian, On 12.09.19, 15:34, "radsecproxy on behalf of Christian Claveleira" <radsecproxy-bounces(a)lists.nordu.net on behalf of Christian.Claveleira(a)renater.fr> wrote: it seems the content of the secret string is interpreted when it contains a "%" : when a client (or server) declaration contains secret fht8CD%E7am it is interpreted as getgenericconfig: block client xxxx.yyyyy: secret = fht8CDçam One can see "%E7" is translated as the "ç" character. This case is mentioned in the manpage radsecproxy.conf(5): If you want to write a % and not use this decoding, you may of course write % in hex; i.e., %25. Regards, Fabian -- SWITCH Fabian Mauchle, Network Engineer Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland Phone +41 44 268 15 30, direct +41 44 268 15 39 fabian.mauchle(a)switch.ch, http://www.switch.ch