From 8bebc284ef7d44ab7e10277c4e34a4cbcd3cb654 Mon Sep 17 00:00:00 2001
From: Federico Capoano <f.capoano@openwisp.io>
Date: Fri, 13 Aug 2021 18:05:17 -0500
Subject: [PATCH] [fix] Added safe_characters to freeradius SQL conf

---
 README.md            | 1 +
 defaults/main.yml    | 3 ++-
 tasks/freeradius.yml | 8 ++++++++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b4d59b83..62842b16 100644
--- a/README.md
+++ b/README.md
@@ -854,6 +854,7 @@ Below are listed all the variables you can customize (you may also want to take
     freeradius_sites_enabled_dir: "{{ freeradius_dir }}/sites-enabled"
     freeradius_rest:
         url: "https://{{ inventory_hostname }}/api/v1/freeradius"
+    freeradius_safe_characters: "+@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
     cron_delete_old_notifications: "'hour': 0, 'minute': 0"
     cron_deactivate_expired_users: "'hour': 0, 'minute': 5"
     cron_delete_old_users: "'hour': 0, 'minute': 10"
diff --git a/defaults/main.yml b/defaults/main.yml
index 8e55e8c0..9ef95753 100755
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -144,9 +144,10 @@ freeradius_sql:
 freeradius_rest:
     url: "https://{{ inventory_hostname }}/api/v1/freeradius"
 freeradius_expire_attr_after_seconds: 86400
+freeradius_safe_characters: "+@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
 cron_delete_old_notifications: "'hour': 0, 'minute': 0"
 cron_deactivate_expired_users: "'hour': 0, 'minute': 5"
 cron_delete_old_users: "'hour': 0, 'minute': 10"
 cron_cleanup_stale_radacct: "'hour': 0, 'minute': 20"
 cron_delete_old_postauth: "'hour': 0, 'minute': 30"
-cron_delete_old_radacct: "'hour': 1, 'minute': 30"
\ No newline at end of file
+cron_delete_old_radacct: "'hour': 1, 'minute': 30"
diff --git a/tasks/freeradius.yml b/tasks/freeradius.yml
index afa174ed..64bb9dee 100644
--- a/tasks/freeradius.yml
+++ b/tasks/freeradius.yml
@@ -39,6 +39,14 @@
     owner: freerad
     group: freerad
 
+- name: Add plus sign to safe characters
+  lineinfile:
+    path: "{{ freeradius_mods_config_dir }}/sql/main/{{ freeradius_sql.dialect }}/queries.conf"
+    regexp: "^(.*)safe_characters =(.*)$"
+    line: "safe_characters = \"{{ freeradius_safe_characters }}\""
+    state: present
+  notify: restart freeradius
+
 - name: adding user 'freerad' to www-data group for database access
   when: freeradius_sql.dialect == "sqlite"
   user: