From 974621d5a22cccb83d777208992e0785576ef2fa Mon Sep 17 00:00:00 2001 From: ivan Date: Thu, 23 Aug 2007 08:23:29 +0000 Subject: fix bug where user could log in to RADIUS with uppercase usernameand avoid bandwidth acconting (mysql is case-insensitive? wtf! thanks a fucking lot for nothing, grr!) --- FS/FS/Conf.pm | 2 +- FS/FS/part_export/sqlradius.pm | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'FS') diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm index e1fa0517a..0d37feaef 100644 --- a/FS/FS/Conf.pm +++ b/FS/FS/Conf.pm @@ -1099,7 +1099,7 @@ httemplate/docs/config.html { 'key' => 'username-uppercase', 'section' => 'username', - 'description' => 'Allow uppercase characters in usernames', + 'description' => 'Allow uppercase characters in usernames. Not recommended for use with FreeRADIUS with MySQL backend, which is case-insensitive by default.', 'type' => 'checkbox', }, diff --git a/FS/FS/part_export/sqlradius.pm b/FS/FS/part_export/sqlradius.pm index 2615a16ad..fec494976 100644 --- a/FS/FS/part_export/sqlradius.pm +++ b/FS/FS/part_export/sqlradius.pm @@ -626,6 +626,8 @@ sub usage_sessions { sub update_svc_acct { my $self = shift; + my $conf = new FS::Conf; + my $dbh = sqlradius_connect( map $self->option($_), qw( datasrc username password ) ); @@ -650,7 +652,10 @@ sub update_svc_acct { "$RadAcctId ($UserName\@$Realm for ${AcctSessionTime}s" if $DEBUG; + $UserName = lc($UserName) unless $conf->exists('username-uppercase'); + my %search = ( 'username' => $UserName ); + my $extra_sql = ''; if ( ref($self) =~ /withdomain/ ) { #well... $extra_sql = " AND '$Realm' = ( SELECT domain FROM svc_domain -- cgit v1.2.1