Blank value of temporary variable in Unlang
I am implementing a setup where we return expiry date value as per a user's settings. For this I have added a column in radcheck table called ExpiryDate. I have added following in authorize section in sites-available/defaults update control{ My-Local-Int-1 := "%{sql: select id from radcheck where username='%{User-Name}' order by id desc limit 1}" } update reply{ WISPr-Session-Terminate-Time = "%{sql: select ExpiryDate from radcheck where id = '%{My-Local-Int-1}'}" } The username I am testing with has ExpiryDate value in radcheck table, however mysql query log shows me blank value for '%{My-Local-Int-1}' for query in update reply {.. } section. Please suggest what I am doing wrong. My-Local-Int-1 has been defined in dictionary as integer.
On 06/11/14 12:27, Mrinal K wrote:
The username I am testing with has ExpiryDate value in radcheck table, however mysql query log shows me blank value for '%{My-Local-Int-1}' for query in update reply {.. } section.
Your SQL query returned no rows. Run "radiusd -X" and look at the debug. It will show you want is going on.
Hi Phil, I am getting value from the first query Heres my debug log, I have highlighted the required queries # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "14-F6-5A-F0-80-61-0000000010", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [sql] expand: %{User-Name} -> 14-F6-5A-F0-80-61-0000000010 [sql] sql_set_user escaped user --> '14-F6-5A-F0-80-61-0000000010' rlm_sql (sql): Reserving sql socket id: 4 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '14-F6-5A-F0-80-61-0000000010' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '14-F6-5A-F0-80-61-0000000010' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '14-F6-5A-F0-80-61-0000000010' ORDER BY priority rlm_sql (sql): Released sql socket id: 4 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop sql_xlat expand: %{User-Name} -> 14-F6-5A-F0-80-61-0000000010 sql_set_user escaped user --> '14-F6-5A-F0-80-61-0000000010' expand: select id from radcheck where username='%{User-Name}' order by id desc limit 1 -> select id from radcheck where username='14-F6-5A-F0-80-61-0000000010' order by id desc limit 1 rlm_sql (sql): Reserving sql socket id: 3 sql_xlat finished rlm_sql (sql): Released sql socket id: 3 * expand: %{sql: select id from radcheck where username='%{User-Name}' order by id desc limit 1} -> 24* ++[control] returns noop sql_xlat expand: %{User-Name} -> 14-F6-5A-F0-80-61-0000000010 sql_set_user escaped user --> '14-F6-5A-F0-80-61-0000000010' * expand: select ExpiryDate from radcheck where id = '%{My-Local-Int-1}' -> select ExpiryDate from radcheck where id = ' '* rlm_sql (sql): Reserving sql socket id: 2 SQL query did not return any results rlm_sql (sql): Released sql socket id: 2 * expand: %{sql: select ExpiryDate from radcheck where id = '%{My-Local-Int-1}'} -> * ++[reply] returns noop Found Auth-Type = CHAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group CHAP {...} [chap] login attempt by "14-F6-5A-F0-80-61-0000000010" with CHAP password [chap] Using clear text password "14-F6-5A-F0-80-61-0000000010" for user 14-F6-5A-F0-80-61-0000000010 authentication. [chap] chap user 14-F6-5A-F0-80-61-0000000010 authenticated succesfully ++[chap] returns ok # Executing section post-auth from file /etc/freeradius/sites-enabled/default +- entering group post-auth {...} [sql] expand: %{User-Name} -> 14-F6-5A-F0-80-61-0000000010 [sql] sql_set_user escaped user --> '14-F6-5A-F0-80-61-0000000010' [sql] expand: %{User-Password} -> [sql] ... expanding second conditional [sql] expand: %{Chap-Password} -> 0x00d3c7d69aaad14438d01478ad05d2ad00 On Thu, Nov 6, 2014 at 6:07 PM, Phil Mayers <p.mayers@imperial.ac.uk> wrote:
On 06/11/14 12:27, Mrinal K wrote:
The username I am testing with has ExpiryDate value in radcheck table,
however mysql query log shows me blank value for '%{My-Local-Int-1}' for query in update reply {.. } section.
Your SQL query returned no rows.
Run "radiusd -X" and look at the debug. It will show you want is going on. - List info/subscribe/unsubscribe? See http://www.freeradius.org/ list/users.html
On 06/11/14 13:08, Mrinal K wrote:
Hi Phil,
I am getting value from the first query
Yes sorry I'm being stupid and not reading. You're doing: update control { My-Int = "..." My-Thing = "... %{My-Int}" } ...i.e. setting it in "control" but not referencing "control:" when you expand it. In the 2nd query you want %{control:My-Int}
On 6 Nov 2014, at 13:08, Mrinal K <sinha.mrinal@gmail.com> wrote:
I am getting value from the first query
Heres my debug log, I have highlighted the required queries [snip] expand: %{sql: select ExpiryDate from radcheck where id = '%{My-Local-Int-1}'} ->
Use "%{sql: select ExpiryDate from radcheck where id = '%{control:My-Local-Int-1}'}" You have to specify the attribute list that the attribute is from, otherwise it is assumed that the attribute is from the same list you are updating (in this case 'reply'). :-) Stefan Paetow Moonshot Industry & Research Liaison Coordinator t: +44 (0)1235 822 125 gpg: 0x3FCE5142 xmpp: stefanp@jabber.dev.ja.net skype: stefan.paetow.janet Janet, the UK’s research and education network. Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
@Phil : that was it. I wrongly presumed that variables were directly accessible. Thank you. @Stefan: Thanks you Stefan for the response and clarity on how variables from lists are accessed. On Thu, Nov 6, 2014 at 7:06 PM, Stefan Paetow <Stefan.Paetow@ja.net> wrote:
On 6 Nov 2014, at 13:08, Mrinal K <sinha.mrinal@gmail.com> wrote:
I am getting value from the first query
Heres my debug log, I have highlighted the required queries [snip] expand: %{sql: select ExpiryDate from radcheck where id = '%{My-Local-Int-1}'} ->
Use "%{sql: select ExpiryDate from radcheck where id = '%{control:My-Local-Int-1}'}"
You have to specify the attribute list that the attribute is from, otherwise it is assumed that the attribute is from the same list you are updating (in this case 'reply').
:-)
Stefan Paetow Moonshot Industry & Research Liaison Coordinator
t: +44 (0)1235 822 125 gpg: 0x3FCE5142 xmpp: stefanp@jabber.dev.ja.net skype: stefan.paetow.janet
Janet, the UK’s research and education network.
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (4)
-
Alan DeKok -
Mrinal K -
Phil Mayers -
Stefan Paetow