hints file based rewrite does not work (migration from freeradius 1.1.x to 3.0.x)

[Herwin Weststrate]

On 12-10-15 17:12, Bernd wrote:
> The code itself seems to work, thanks a lot! However, it still sends a
> "=25" (which originates from the forbidden character "%" regarding its
> use within a MySQL setup) to the MySQL:
> 
> (20) if (&User-Name =~ /@\\./)
> (20) if (&User-Name =~ /@\\./) -> FALSE
> (20) if (User-Name =~ /bla\-bla\/([^%%]+)%%kroenchenstadt.de/)
> (20) EXPAND bla-bla/([^%%]+)%%kroenchenstadt.de
> (20) --> bla-bla/([^%]+)%kroenchenstadt.de
> (20) if (User-Name =~ /bla\-bla\/([^%%]+)%%kroenchenstadt.de/) -> TRUE
> (20) if (User-Name =~ /bla\-bla\/([^%%]+)%%kroenchenstadt.de/) {
> (20) update control {
> (20) EXPAND %{1}@kroenchenstadt.de
> (20) --> 20082105 at kroenchenstadt.de
> (20) User-Name := "20082105 at kroenchenstadt.de"
> (20) } # update control = noop
> (20) } # if (User-Name =~ /bla\-bla\/([^%%]+)%%kroenchenstadt.de/) = noop
> ...
> (20) sql : EXPAND %{User-Name}
> (20) sql : --> bla-bla/20082105%kroenchenstadt.de
> (20) sql : SQL-User-Name set to 'bla-bla/20082105%kroenchenstadt.de'
> rlm_sql (sql): Reserved connection (4)

It changes control:User-Name to "20082105 at kroenchenstadt.de", the
expansion in the second part used User-Name without a list prefix, which
defaults to request:User-Name. Update on of these two statements and
you're fine.

> So, filter in policy.d doesn't really *apply* it as I get from
> 
> (20) } # if (User-Name =~ /bla\-bla\/([^%%]+)%%kroenchenstadt.de/) = noop
> (20) } # filter_username filter_username = noop
> 
> That makes no sense to me because I didn't tell it to noop.

noop is a kind of return value used in unlang. You could add a more
explicit value by specifying it:

  if (User-Name =~ /bla-bla\/([^%%]+)%%kroenchenstadt.de/) {
    ... update control block
    updated
  }

Using this will make it show as "updated". But as long as there is no
direct check for the return value, they're not that useful and can be
safely omitted.

-- 
Herwin Weststrate