v2 Conditions bug
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Thu May 31 18:44:33 CEST 2007
elsif((("%{Supplicant-Flags}" == "")||("%{Supplicant-Flags}" =~
/^10........$/)) && ("%{Pre-Proxy-Realm}" == "sussex.ac.uk")){
update config {
Autz-Type := "soft-ban"
}
}
generates
++? elsif ((("%{Supplicant-Flags}" == "")||("%{Supplicant-Flags}" =~
/^10........$/)) && ("%{Pre-Proxy-Realm}" == "sussex.ac.uk"))
radius_xlat: '0000000000'
??? Evaluating ("%{Supplicant-Flags}" == "") -> FALSE
radius_xlat: '0000000000'
??? Evaluating ("%{Supplicant-Flags}" =~ /^10........$/) -> FALSE
?? Skipping ("%{Pre-Proxy-Realm}" == "sussex.ac.uk")
++? elsif ((("%{Supplicant-Flags}" == "")||("%{Supplicant-Flags}" =~
/^10........$/)) && ("%{Pre-Proxy-Realm}" == "sussex.ac.uk")) -> TRUE
So it's evaluated the zero length condition found it to be false
evaluated Supplicant-Flags regex found it to be false.
Skipped the &&
and should return false
but instead returns true.
Also leaving
Autz-Type module{
}
Empty results in
"Bus error"
If the requests hits one, and the process dies,
Might be good to check when parsing the config file for empty Autz-Type
declarations .
Though it's a very minor issue.
--
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk)
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
More information about the Freeradius-Devel
mailing list