Initial support of Multi Valued Attributes operators
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 25 18:42:38 CET 2013
On 25/03/13 17:35, Brian Candler wrote:
> With a single-valued attribute I would do a string expansion:
>
> if ("%{control:Tmp-String-0}" =~ /foo/) { ...
>
> But that won't work here unless the &=~ operator expands the LHS multiple
> times (and then you get into problems if a string contains multiple
> expansions)
>
> I don't think freeradius will currently let you select the list directly:
>
> if (control:Tmp-String-0 =~ /foo/) { ... nope
Sure it will. I do this all the time, as using a string xlat on the LHS
is both messy (extraneous "%{}" - 5 chars!) and loses attribute type
info (because it's string-expanded).
From my standard config:
update control {
Tmp-String-0 = "%{new:select ...}"
}
if (control:Tmp-String-0 =~ /^(.+),(.+),(.+)$/) {
update request {
Calling-Station-Id := "%{1}"
ICzone = "%{2}"
ICvlan = "%{3}"
}
}
> but if we could do that, the problem goes away. Taking this idea further, I
> would very much like to be able to return attribute names from rlm_sql which
> specify the list:
>
> insert into radgroupcheck (attribute, op, value) values (
> "reply:Framed-IP-Address", "=~", "^192\\.168\\."
> );
>
> That would let me check the reply attributes already built up, at the
> moment I have to copy specific attributes from the reply to the request list
> just so they can be checked in rlm_sql.
Yeah, it would be nice to use rlm_sql in a more generic fashion, rather
than the hard-coded check/reply behaviours.
>
> Another idea along these lines:
>
> update {
> control:Tmp-String-1 += "bar"
> reply:Reply-Message += "Wibble"
> }
Hasn't that already gone in?
More information about the Freeradius-Devel
mailing list