%{rand} in recent versions

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Jul 15 14:41:09 CEST 2013

On 15 Jul 2013, at 13:38, Stefan Winter <stefan.winter at restena.lu> wrote:

> Hi,
>> So after investigating this a bit more, it seems the correct way to pass arguments to xlat functions in 2.x.x is with a space after the colon.
>> This is because xlat functions which take numerical arguments, may get mistaken for attributes with tag selectors by the xlat parser code (in 2.x.x at least).
>> The behaviour change which caused your issue was introduced by https://github.com/FreeRADIUS/freeradius-server/commit/33e9e1f7fbf5e63baa0fbd734e570474bee10878, but it's not a bug. The man pages for xlat, show a space after the ':' for module calls.
>> The parser is 3.0.0 is smarter, and uses the table of registered xlat functions to determine whether it's an xlat module or an attribute. We don't do this in 2.x.x because of the potential performance hit. Though as compilation and evaluation is still done at runtime... um never mind, that'll be fixed in 3.1 :) The difficult work was splitting it into two stages, which is now complete.
>> Anyway %{rand: 1000000} should work fine.
>> +- entering group authorize {...}
>> 	expand:  500 ->  500
>> 	expand: %{rand: 500} -> 309
>> 	expand: ccccccccccccc -> ccccccccccccc
>> 	expand: %{randstr:ccccccccccccc} -> aodcqryxbsgpg
> Rrrright. You know, I would almost buy your "RTFM", except that you
> admitted that this is way too unexpected and confusing for a normal
> users to "get it" - by writing "it's broken" yourself ;-)

No comment :)

> Anyway, this works indeed, I changed my config and see actual randomness.

Good. Any more last minute oddities or can we release 2.2.1 now?

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

More information about the Freeradius-Devel mailing list