}
Will cause the "sql" reference to be ignored.
Note that you CANNOT do:
if ("${foo}") {
}
Hm, no. Using RFC terms, and assuming were going for optimum efficiency: if (${foo}) MUST NOT be optimised away, it is a attribute or rcode check with the value of the CONF_PAIR ${foo} if ('${foo}') MUST be optmised away, it is a string literal. Where ${foo} -> 'bar' if ("${foo}") SHOULD be optimised away, it is an XLAT expansion only containing string literals. Where ${foo} -> '%{User-Name}' MUST NOT be optimised away, it is an XLAT expansion containing an attribute reference. However, actually testing the code it seems optimisation isn't working as expected... Where ${foo} -> 'User-Name' authorize { if (!'${foo}') { ok } if (!"${foo}") { ok } if (!${foo}) { ok } if (!('${foo}' == 'bar')) { ok } } Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 51784, id=52, length=38 User-Password = 'foo' (0) # Executing section authorize from file /usr/local/freeradius-3.0.x/etc/raddb/sites-enabled/default (0) authorize { (0) ? if (!'User-Name') (0) ? if (!'User-Name') -> FALSE (0) ? if (!"User-Name") (0) expand: "User-Name" -> 'User-Name' (0) ? if (!"User-Name") -> FALSE (0) ? if (!User-Name) (0) ? if (!User-Name) -> TRUE (0) if (!User-Name) { (0) [ok] = ok (0) } # if (!User-Name) = ok (0) ? if (!('User-Name' == 'bar')) (0) ? if (!('User-Name' == 'bar')) -> TRUE (0) if (!('User-Name' == 'bar')) { (0) [ok] = ok (0) } # if (!('User-Name' == 'bar')) = ok But I may be miss-understanding on how it's meant to operate. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2