Alan DeKok wrote:
Phil Mayers wrote:
I've had a dig in the guts of radius_xlat (yikes, complex) and done some testing with "user\random" e.g.:
update reply { # works My-Attr-1 = "%{User-Name}"
How is that different from %{request:User-Name}, which didn't seem to work?
Hmm. That's a good point.
# fails, "user\random" turns to "user<cr>andom" My-Attr-1 = "%{SQL-User-Name}"
I'd like to see the debug output...
Sure: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 32938, id=252, length=41 User-Name = "IC\\rmtw" NAS-Port = 5060 NAS-IP-Address = 127.0.0.1 +- entering group authorize expand: %{NAS-IP-Address} -> 127.0.0.1 expand: %{NAS-IP-Address} -> 127.0.0.1 hints: Matched DEFAULT at 35 expand: %{Client-IP-Address} -> 127.0.0.1 expand: %{Client-IP-Address} -> 127.0.0.1 expand: %{Client-IP-Address} -> 127.0.0.1 expand: %{Client-IP-Address} -> 127.0.0.1 expand: %{Client-IP-Address} -> 127.0.0.1 ++[preprocess] returns ok expand: %{User-Name} -> IC\rmtw WARNING: Deprecated conditional expansion ":-". See "man unlang" for details WARNING: Deprecated conditional expansion ":-". See "man unlang" for details expand: %{Stripped-User-Name:-%{User-Name:-none}} -> IC\rmtw rlm_sql (sql): - sql_xlat WARNING: Deprecated conditional expansion ":-". See "man unlang" for details WARNING: Deprecated conditional expansion ":-". See "man unlang" for details expand: %{Stripped-User-Name:-%{User-Name:-none}} -> IC\rmtw rlm_sql (sql): sql_set_user escaped user --> 'IC\rmtw' expand: select '%{SQL-User-Name}' -> select 'IC=0Dmtww' rlm_sql (sql): Reserving sql socket id: 31 rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 1 , fields = 1 rlm_sql (sql): - sql_xlat finished rlm_sql (sql): Released sql socket id: 31 expand: %{sql:select '%{SQL-User-Name}'} -> IC=0Dmtww ++[reply] returns ok ++[control] returns ok rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user Sending Access-Accept of id 252 to 127.0.0.1 port 32938 ICzone = "IC\rmtw" ICbuilding = "IC\rmtw" ICgroup = "IC=0Dmtww" Finished request 0. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 252 with timestamp +0 Ready to process requests. Ok, so I'm wrong - looking closer, the radius_xlat inside "sql_set_user" is definitely succeeding: rlm_sql (sql): sql_set_user escaped user --> 'IC\rmtw' ...but then the final query which is passed into SQL is wrong: expand: select '%{SQL-User-Name}' -> select 'IC=0Dmtww' ...so maybe it's the bit that handles xlatname:string?