Trimming character of variables within configuration files
Alan DeKok
aland at deployingradius.com
Wed Apr 17 15:40:37 CEST 2013
P. Manton wrote:
> OK, So I see there is a preprocess module that says you can manipulate
> attributes:
>
> # The preprocess module takes care of sanitizing some bizarre
> # attributes in the request, and turning them into attributes
> # which are more standard.
Yes. Quoting the configuration files here is useful. It's not like
we've seen them before.
> so I added the following:
>
> if (User-Password =~ /^(.+)([0-9]{6})$/) {
> update request {
> User-Password = "%{1}"
> Some-PIN-Attr = "%{2}"
> }
> }
Which has absolutely nothing to do with the preprocess module. That
is the generic attribute conditions / rewriting, as documented in "man
unlang".
> Although it did not trim the password and returned Access_Reject (I also
> saw from the debug that the 6 digit number had not been trimmed) , so I
> also attempted to add this to the ntlm_auth module with the same result,
> I am really at a loss here..
You're adding random bits of text to random configuration files. That
won't work.
Adding "unlang" if/update sections to module configurtions WILL NOT
WORK. And if you read "man unlang", it's DOCUMENTED as not working.
You need to put the if/update sections inside of the
raddb/sites-enabled/ files. They WILL NOT WORK anywhere else.
Alan DeKok.
More information about the Freeradius-Users
mailing list