[Authentication] Password with special character gets rejected?!

  • Seems that if I have a Password with the " § " Character I am not able to authenticate (credentials gets rejected).

    Problem doesn't seems to be the openvpn client as when I go to DIAG->Authentication the credentials will also be rejected. When I change the Password and remove the character it works fine.

    Is this a bug or by design?

    Openvpn with userauthentication + RADIUS server (2 Server + local database)

  • Your posting in the General section, so this concerns the pfSene password,
    or, your talking about OpenVPN, so this section ?

    I tried DIAG->Authentication to test directly a FreeRadius user "x" and password "§ " and it falied.
    Which was non conclusive because I detected that I could even create a "§ " password, it was refused by the pfSense GUI ....

  • I dont thing it is openvpn related. It seems to be the RADIUS component. There was to no better related section or is RADIUS a OpenVPN component?

  • @8h532f7 said in [Authentication] Password with special character gets rejected?!:

    There was to no better related section or is RADIUS a OpenVPN component?

    I edited above. I couldn't even create a "§" password - or a password which contains "§" for a user.
    pfSense gives me a alert notice right away :

    pfSense   Configurator
    pfSense is restoring the configuration /cf/conf/backup/config-1548674779.xml @ 2019-01-28 12:29:29

  • So is it a bug?

  • Dono.
    Can't see a reason why "§" isn't acceptable.

  • Rebel Alliance Developer Netgate

    The FreeRADIUS package stores passwords in plain text inside xml, without cdata protection, so only content that is valid in XML can be used in FreeRADIUS passwords. Anything else (unicode, etc) won't work.

    That could be changed, but it isn't a bug; It's a design flaw in the package that would require a bit of effort to change.

  • Okay. Thanks for the explanation.

Log in to reply