addition to policy.conf
alan buxey
A.L.M.Buxey at lboro.ac.uk
Sat Jun 2 23:34:25 CEST 2012
Hi,
> Which appears to be buggy:
yep - some of which was due to a couple of last minute additions...but
thats why we have open source and many eye ;-)
> > # Realm begins with a dot e.g. user at .site.com
> > #
> > if (User-Name !~ /@\\./) {
> > update reply {
> > Reply-Message = "misconfigured client. Realm begins with a dot"
> > }
> > reject
> > }
>
> Unless I am mistaken, that code will reject users whose realm *doesn't*
> start with a dot.
# Realm begins with a dot e.g. user at .site.com
#
if (User-Name =~ /@\\./) {
update reply {
Reply-Message = "misconfigured client. Realm begins with a dot"
}
reject
}
> There are also a number of simplifications possible, e.g.
>
> > if(User-Name =~ /@(.+)?@/i ) {
>
> could be more directly written as:
>
> > if(User-Name =~ /@.*@/ ) {
cheers - some peoples styles differ. I will test/verify the other operation.
I'm also keen on those who can supply combined REGEX foo - such as making a single
check for e.g. begins with . or ends with . (or would people prefer each rule
to be seperate so that locally they could easily just comment out a rule that wouldnt
apply to them?)
alan
More information about the Freeradius-Devel
mailing list