[master] questions about recent changes in xlat

Chaigneau, Nicolas nicolas.chaigneau at capgemini.com
Mon Oct 26 19:11:12 CET 2020


Thanks for your detailled explanation.
I was a bit confused when you and Arran told me escaping "just worked", but of course you couldn't guess what I was trying to do (custom things using some FreeRADIUS functions that are not meant for that).

So I'll just use my own version of xlat_eval as you suggested.
By the way, the new parsing facilities you've added recently makes this very easy. I like that :)

Keep up the good work!


Regards,
Nicolas.


>   That's an issue.  You want *some* things to be escaped, but (sort of randomly) other things to *not* be escaped.
>
>   One of the things we've been doing in v4 is to regularize all of the escaping.  We're gradually getting rid of "ad hoc" things like the above, and just moving to:
>
> * strings are 'single quoted' - minimal escaping, no xlat expansions
> * strings are "double quoted" - more escaping, and xlat expansions.
>
>   What you're asking for is something else.  The escaping rules will be custom...
>
>   So the best way is for you to just use xlat_tokenize_ephemeral(), which lets you define your own escaping rules.  Because the rules you propose for this case aren't generalizable to other cases.  You can then call xlat_eval_compiled() to get the results.
>
>   i.e. just re-implement xlat_eval(), but with your rules.
>
>   We've been gradually moving all of the "bare xlat expansion" calls to using tmpls, which contain the escaping rules.  This change avoids the issue you're running into, by making the rules simple:  "It's a double quoted string".
>
>   There are still a number of calls to xlat_eval() in the server.  e.g. creating the detail filename.  These calls will have exactly the same issue you're seeing.  So they're broken to some extent.  But since people don't generally put "%" into filenames, it's less of an issue.
>
>   We're working on fixing all that.  But there's only so much time in a day.  :(
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.



More information about the Freeradius-Devel mailing list