force_check_config - how to use?

William Bulley web at umich.edu
Thu Jan 20 15:33:26 CET 2011 

According to Alan DeKok <aland at deployingradius.com> on Thu, 01/20/11 at 09:23:
> 
>   How does the server now that some random module will expand some
> random string in the configuration file?
> 
>   FYI, it's possible to have "%{...}" in a string which *isn't*
> dynamically expanded.

I think we are having a misunderstanding here.  I don't disagree with what
you say above.

> >  Proper _syntax_ checking
> > would have caught this gnarly typo.  Discovering the actual problem was
> > made more difficult by admins assuming that -XC was more than the above
> > described superficial configuration test.  Thank you for your repsonses.
> 
>   The only way to test run-time expansions is by running packets through
> the server.

This is true - but this is not my current issue.

>   If you have a *patch* which helps, great.  Until then...

You said yourself to not look at the source code.  Patches are unlikely
in that atmosphere.  My point: _syntax_ checking for valid _syntax_ at
a time _other_ than run time _is_ _possible_ without having to go the
extra mile of semantic checking, as in, variable expansion.  I am not
talking about variable expansion, since that is only possible by running
packets through the server (at run time).

Since I am not allowed to inspect the source code, I would not have been
able to discover the following comments relevant to this thread:

conffile.c - Yep I should learn to use lex & yacc, or at least write a decent parser.

conffile.c - FIXME: Add support for ${foo:-bar}, like in xlat.c

conffile.c - The parser is getting to be evil.

conffile.c - I really really really hate this file.

conffile.c - More sanity checking.  This is getting to be a horrible hack.

conffile.c - yuck...

xlat.c - Did I mention that this parser is garbage?

If my employer would permit, and if you would allow me to look at the source,
I would be happy to supply a patch.  Neither of these are likely to happen in
any event.  This thread was created to shed some light on the issue.  I do
appreciate your comments.  Thanks again.  :-)

Regards,

web...

--
William Bulley                     Email: web at umich.edu

72 characters width template ----------------------------------------->|

More information about the Freeradius-Users mailing list