Operator ":=" in reply packets
Axel Luttgens
axel.luttgens at skynet.be
Thu Aug 21 13:30:44 CEST 2014
Hello,
Let's define this query:
authorize_reply_query = "\
SELECT 1, '%{SQL-User-Name}', 'Reply-Message', 'Hey', ':=' \
UNION \
SELECT 2, '%{SQL-User-Name}', 'Reply-Message', 'Hello', ':=' \
ORDER BY 1"
In radiusd -X output, on may then read:
Sending Access-Accept Id 201 from 127.0.0.1:1812 to 127.0.0.1:62417
Reply-Message = 'Hey'
Reply-Message = 'Hello'
A Reply-Message may indeed appear multiple times in an Acces-Accept (or -Reject or -Challenge) packet.
Now, according to http://wiki.freeradius.org/config/Operators, operator ":=" has the same meaning as a reply item than as a check item. As a check item, it
"replaces in the configuration items any attribute of the same name. If
no attribute of that name appears in the request, then this attribute
is added."
How should that idea of replacement of "any attribute of the same name" then be interpreted?
TIA,
Axel
More information about the Freeradius-Users
mailing list