Possible bug in unlang?

Phil Mayers p.mayers at imperial.ac.uk
Thu Jul 31 15:45:26 CEST 2008 

Alan DeKok wrote:
> Phil Mayers wrote:
>> I've had a dig in the guts of radius_xlat (yikes, complex) and done some
>> testing with "user\random" e.g.:
>>
>> update reply {
>>   # works
>>   My-Attr-1 = "%{User-Name}"
> 
>   How is that different from %{request:User-Name}, which didn't seem to
> work?

Hmm. That's a good point.

> 
>>   # fails, "user\random" turns to "user<cr>andom"
>>   My-Attr-1 = "%{SQL-User-Name}"
> 
>   I'd like to see the debug output...

Sure:

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 32938, id=252, 
length=41
         User-Name = "IC\\rmtw"
         NAS-Port = 5060
         NAS-IP-Address = 127.0.0.1
+- entering group authorize
         expand: %{NAS-IP-Address} -> 127.0.0.1
         expand: %{NAS-IP-Address} -> 127.0.0.1
   hints: Matched DEFAULT at 35
         expand: %{Client-IP-Address} -> 127.0.0.1
         expand: %{Client-IP-Address} -> 127.0.0.1
         expand: %{Client-IP-Address} -> 127.0.0.1
         expand: %{Client-IP-Address} -> 127.0.0.1
         expand: %{Client-IP-Address} -> 127.0.0.1
++[preprocess] returns ok
         expand: %{User-Name} -> IC\rmtw
WARNING: Deprecated conditional expansion ":-".  See "man unlang" for 
details
WARNING: Deprecated conditional expansion ":-".  See "man unlang" for 
details
         expand: %{Stripped-User-Name:-%{User-Name:-none}} -> IC\rmtw
rlm_sql (sql): - sql_xlat
WARNING: Deprecated conditional expansion ":-".  See "man unlang" for 
details
WARNING: Deprecated conditional expansion ":-".  See "man unlang" for 
details
         expand: %{Stripped-User-Name:-%{User-Name:-none}} -> IC\rmtw
rlm_sql (sql): sql_set_user escaped user --> 'IC\rmtw'
         expand: select '%{SQL-User-Name}' -> select 'IC=0Dmtww'
rlm_sql (sql): Reserving sql socket id: 31
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
rlm_sql (sql): - sql_xlat finished
rlm_sql (sql): Released sql socket id: 31
         expand: %{sql:select '%{SQL-User-Name}'} -> IC=0Dmtww
++[reply] returns ok
++[control] returns ok
   rad_check_password:  Found Auth-Type Accept
   rad_check_password: Auth-Type = Accept, accepting the user
Sending Access-Accept of id 252 to 127.0.0.1 port 32938
         ICzone = "IC\rmtw"
         ICbuilding = "IC\rmtw"
         ICgroup = "IC=0Dmtww"
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 252 with timestamp +0
Ready to process requests.

Ok, so I'm wrong - looking closer, the radius_xlat inside "sql_set_user" 
is definitely succeeding:

rlm_sql (sql): sql_set_user escaped user --> 'IC\rmtw'

...but then the final query which is passed into SQL is wrong:

         expand: select '%{SQL-User-Name}' -> select 'IC=0Dmtww'

...so maybe it's the bit that handles xlatname:string?

More information about the Freeradius-Users mailing list