On 18 Jul 2013, at 16:43, Alan DeKok <aland@deployingradius.com> wrote:
Stefan Winter wrote:
* when using: SSHA1-Password = "%{base64tohex:RESTENA-SSHA1-Password}"
That won't work.
Ug yes, sorry this one works with strings not directly on attributes.
I tried to be clever and force an expansion of the attribute content with:
* SSHA1-Password := "%{base64tohex:%{RESTENA-SSHA1-Password}}"
That should work. So long as you put RESTENA-SSHA1-Password in the request list.
Actually, no, that's wrong too *sigh* update reply { Tmp-String-1 := "dGVzdGluZzEyMw==" } update reply { Tmp-Octets-0 := "0x%{base64tohex: %{reply:Tmp-String-1}}" } update reply { Tmp-String-0 := "%{string:reply:Tmp-Octets-0}" } +- entering group authorize {...} ++[reply] returns notfound expand: %{reply:Tmp-String-1} -> dGVzdGluZzEyMw== expand: 0x%{base64tohex: %{reply:Tmp-String-1}} -> 0x74657374696e67313233 ++[reply] returns notfound expand: %{string:reply:Tmp-Octets-0} -> testing123 You want: update reply { SSHA1-Password := "0x%{base64tohex: %{control:RESTENA-SSHA1-Password1}}" } Assuming it was a check item. You also want the latest HEAD version.
But that makes xlat fail completely. Maybe that's me not understanding unlang enough though.
rlm_sql_mysql: query: (SELECT id, username, 'RESTENA-SSHA1-Password', value, op FROM check_smtp_ssha1 WHERE username='xyz') [sql-smtp-hash] User found in radcheck table rlm_sql (sql-smtp-hash): Released sql socket id: 2 +++[sql-smtp-hash] returns ok ++- policy redundant returns ok expand: %{RESTENA-SSHA1-Password} ->
So RESTENA-SSHA1-Password doesn't work.
This is on 2.x.x from today's GIT BTW, as it's the first version that works without any modifications on systemd. Except for the 0X thing of course; otherwise I'd be happy with a 2.2.1 rollout.
We'll get that sorted out, and release 2.2.1.
Done. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team