Hi All,
Got a regex thing I can’t explain, but it may of course be down to my inexperience with regexs generally. Please forgive the non-ideal email address regex, it’s not great, but not really my focus here at this point, I aim to improve it. For now it’s as simple as I can make it, having paired it down to hopefully find the problem.
We’re using a captive portal which only allows pass-through of a username and password as user “fields”. The system uses voucher auth, so we don’t actually use the password field for a password, rather using it to capture email address, browser agent, version and OS details from the client’s browser.
This is a via the user-password string in the format field:<string> field2:<string> - fields, with the string following a colon, separated by spaces.
e.g.
email:my.email@address.com browseragent:safari version:7 os:ios5
The string is passed through a few regexes, each picking off the field string in a capture group. It’s failing on the first, the email regex being pretty simple:
^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})
I’ve tried various delimiters but all result in the same issue:
email:my.email@address.com,browseragent:safari,version:7,os:ios5
email:my.email@address.com#browseragent:safari#version:7#os:ios5
I’ve also tried compiling with and without libpcre3-dev, same - the regex is not stopping at the space or , or #, whatever delimiter I choose. The non email regexes seem to work ok..
Code : (in policy.d folder)
email_regexp= "^email:([a-z0-9._-]+@[a-z0-9.-]+\\.[a-z]{2,4})"
if ("%{User-Password}" =~ /${policy.email_regexp}/){
update control {
Email-Address := "%{1}"
}
}
Result:
? if ("%{User-Password}" =~ /^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/)
(0) expand: "%{User-Password}" -> 'email:my.email@address.com browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/) -> TRUE
(0) if ("%{User-Password}" =~ /^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/) {
(0) update control {
(0) expand: "%{1}" -> 'my.email@address.com brow'
(0) Email-Address := "my.email@address.com brow"
(0) } # update control = noop
(0) [noop] = noop
(0) } # if ("%{User-Password}" =~ /^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/) = noop
(0) ... skipping else for request 0: Preceding "if" was taken
(0) } # check_email_address check_email_address = noop
(0) check_browser_agent check_browser_agent {
(0) ? if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/)
(0) expand: "%{User-Password}" -> 'email:my.email@address.com browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) -> TRUE
(0) if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) {
(0) update control {
(0) expand: "%{1}" -> 'safari'
(0) Browser-Agent := "safari"
(0) } # update control = noop
(0) } # if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) = noop
(0) } # check_browser_agent check_browser_agent = noop
(0) check_browser_version check_browser_version {
(0) ? if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/)
(0) expand: "%{User-Password}" -> 'email:my.email@address.com browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) -> TRUE
(0) if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) {
(0) update control {
(0) expand: "%{1}" -> '7'
(0) Browser-Version := "7"
(0) } # update control = noop
(0) } # if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) = noop
(0) } # check_browser_version check_browser_version = noop
(0) check_browser_os check_browser_os {
(0) ? if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/)
(0) expand: "%{User-Password}" -> 'email:my.email@address.com browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/) -> TRUE
(0) if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/) {
(0) update control {
(0) expand: "%{1}" -> 'ios5'
(0) Browser-OS := "ios5"
I also tried a different regex, but the problems seem worse there..
? if ("%{User-Password}" =~ /^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]{2,4}))/)
(1) expand: "%{User-Password}" -> 'email:my.email@address.com browseragent:safari version:7 os:ios5'
(1) ? if ("%{User-Password}" =~ /^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]{2,4}))/) -> TRUE
(1) if ("%{User-Password}" =~ /^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]{2,4}))/) {
(1) update control {
(1) expand: "%{1}" -> 'my.email@address.com browseragent:safari version:7 os:ios'
(1) Email-Address := "my.email@address.com browseragent:safari version:7 os:ios"
(1) } # update control = noop
Any ideas what I’m doing wrong?
Thanks
andy