regex 'fun'
Alan DeKok
aland at deployingradius.com
Tue Nov 3 14:07:54 CET 2009
Alexander Clouter wrote:
> Okay, maybe my regex is bad...so I tested it:
> ----
> alex at berk:~$ cat moo
> xwFMNc02QnAbZlQ9wI9tiG at GlobalSignRootCA.test
> xwFMNc02QnAbZlQ9wI9tiG at GlobalSign Root CA
> wobble at example.com
> wibble at example.co.uk
>
> alex at berk:~$ grep '[[:graph:]]*@\([-[:alnum:]]\+\.\)\+[[:alpha:]]\{2,\}' moo
> xwFMNc02QnAbZlQ9wI9tiG at GlobalSignRootCA.test
> wobble at example.com
> wibble at example.co.uk
> ----
>
> Any ideas? Bug? Feature?
FreeRADIUS uses the system regex libraries. grep might be using its
own regex implementation.
Specifically, I'm not sure [[:alpha:]] and friends are supported by
the system regex library.
I would suggest writing the rules to sanitize realms in layers:
- reject requests containing malformed User-Names (spaces, etc.)
- proxy *known* realms to another virtual server to handle them
- proxy *other* realms to eduroam.
Eduroam should really be creating a routing protocol for RADIUS. I
don't think it would be hard: git + ssh + text files. See Section 2.7 of:
http://tools.ietf.org/id/draft-dekok-radext-nai-00.txt
Alan DeKok.
More information about the Freeradius-Users
mailing list