CUI and unlang

Maja Wolniewicz mgw at
Thu Feb 28 13:59:32 CET 2013


I tested CUI handling in the current git version and found a few problems.
They have to do with unlang rules in policy.d/cui.
The current git version doesn't handle such a condition:
if (outer.request:EAP-Message) { }
(I'm getting: WARNING: Specified request "outer" is not available in
this context)
I found, that others rules in the policy.d use
"%{outer.request:EAP-Message}" instead and it works indeed.
Now the cui code works, but I'm trying to analyse all rules because I'm
not sure
if they are written correctly.

Strange for me is that
if (outer.request:Chargeable-User-Identity) { }
works smoothly. When, to follow outer.request:EAP-Message example, I
change it to
if ("%{outer.request:Chargeable-User-Identity") {}
I'm having troubles: when a request contains empty CUI this rule returns
(because "%{outer.request:Chargeable-User-Identity" is evaluated to '').

I've tried to use this variable without quotes, but then I'm getting:
Bare %{...} is invalid in condition at:

Is it really not in accordance with unlang definition
To find a way to check an attribute existence I've tried
it is accepted, but it is evaluated to 0 when I have a CUI in request.
I've tried the example from unlang manual but "%{request:User-Name[#]}"
gives 0 as well.

Isn't unlang broken?


Maja Gorecka-Wolniewicz          mgw at
Uczelniane Centrum               Information & Communication
Informatyczne                    Technology Centre
Uniwersytet Mikolaja Kopernika   Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3393 bytes
Desc: Kryptograficzna sygnatura S/MIME
URL: <>

More information about the Freeradius-Devel mailing list