Parser problem?

Tue May 13 15:38:24 CEST 2008

I don't want the module saneusername to  be executed, when the username 
either
contains "HOST" or ends with ".net" or contains "@".
Therefore in 2.0.4 I have this code in sites-available/default:

authorize {

        if (!(  "%{User-Name}" =~ /HOST/ || "%{User-Name}" =~ /.net/ ||  
"%{User-Name}" =~ /@/  )) {
        saneusername
        }
......
Starting radiusd -X
...

rad_recv: Access-Request packet from host 149.246.185.169 port 60938, 
id=0, length=168^M
        User-Name = "HOST/02G1-67.us002.mycompany.net"^M
        NAS-IP-Address = 10.10.20.77^M
        Calling-Station-Id = "00-00-00-00-00-02"^M
        Framed-MTU = 1400^M
        NAS-Port-Type = Wireless-802.11^M
        Connect-Info = "CONNECT 11Mbps 802.11b"^M
        EAP-Message = 
0x0200002301484f53542f303247312d36372e75733030322e7369656d656e732e6e6574^M
        Message-Authenticator = 0x1836592939950fab657ec0d5568883c4^M

With that User-Name I would  expect  the module  not be executed.

+- entering group authorize^M
++? if (!(  "%{User-Name}" =~ /HOST/ || "%{User-Name}" =~ /.net/ ||  
"%{User-Name}" =~ /@/  ))^M
        expand: %{User-Name} -> HOST/02G1-67.us002.mycompany.net^M
?? Evaluating ("%{User-Name}" =~ /HOST/) -> TRUE^M
? Converting !TRUE -> FALSE^M
        expand: %{User-Name} -> HOST/02G1-67.us002.mycompany.net^M
? Evaluating ("%{User-Name}" =~ /.net/) -> TRUE^M
 Skipping ("%{User-Name}" =~ /@/)^M
++? if (!(  "%{User-Name}" =~ /HOST/ || "%{User-Name}" =~ /.net/ ||  
"%{User-Name}" =~ /@/  )) -> TRUE^M
++- entering if (!(  "%{User-Name}" =~ /HOST/ || "%{User-Name}" =~ 
/.net/ ||  "%{User-Name}" =~ /@/  ))^M
        expand: [-] -> [-]^M

saneusername: Changed value for attribute User-Name from 
'HOST/02G1-67.us002.mycompany.net' to 'HOST/02G167.us002.mycompany.net'^M

Now unfortunately the username has been changed.

+++[saneusername] returns ok^M
++- if (!(  "%{User-Name}" =~ /HOST/ || "%{User-Name}" =~ /.net/ ||  
"%{User-Name}" =~ /@/  )) returns ok^M
++? if ("%{sqlnastype:SELECT UserName from usergroup where UserName = 
'%{User-Name}' }" == "" )^M

What do I have to change to make it work as expected?

Norbert Wegener