Regex question
Franks Andy (RLZ) IT Systems Engineer
Andy.Franks at sath.nhs.uk
Thu Oct 24 13:54:27 CEST 2013
Hi, thanks for the reply.
My original regex was
/^email:([a-z0-9_-]+(\\.[a-z0-9_-]+)*@[a-z0-9_-]+(\\.[a-z0-9_-]+)*(\\.[a
-z]{2,4}))/
<mailto:*@[a-z0-9_-]+(\\.%5ba-z0-9_-%5d+)*(\\.%5ba-z%5d%7b2,4%7d))/>
You're correct with the escaping thing, I was just quickly trying a
shorter simpler version. I didn't know you needed to escape characters
inside a match [] though.
Anyway, online testers are working fine, just FR or the internal regex
library that isn't. I tried compiling with and without libpcre3-dev and
no change.
Thanks
Andy
From:
freeradius-users-bounces+andy.franks=sath.nhs.uk at lists.freeradius.org
[mailto:freeradius-users-bounces+andy.franks=sath.nhs.uk at lists.freeradiu
s.org] On Behalf Of JDL
Sent: 23 October 2013 21:54
To: FreeRadius users mailing list
Subject: Re: Regex question
Not speaking to any FreeRADIUS issues but just to the regular
expression, you typically need to escape the period, dash, and other
special characters within the pattern if you are looking to match them.
For example
^email:([a-z0-9\._\-]+@[a-z0-9\.\-]+\.[a-z]{2,4}
<mailto:+@[a-z0-9\.\-%5d+\.%5ba-z%5d%7b2,4%7d> )
There are a number of regex test tools on the web as well as tools you
can download and install. I would suggest that you start with those and
make sure the pattern is working first and then try to implement it in
FreeRADIUS.
Jim Lohiser
Imagine Net, inc.
On Oct 23, 2013, at 4:36 PM, Franks Andy (RLZ) IT Systems Engineer
<Andy.Franks at sath.nhs.uk> wrote:
Hi All,
Got a regex thing I can't explain, but it may of course be down to my
inexperience with regexs generally. Please forgive the non-ideal email
address regex, it's not great, but not really my focus here at this
point, I aim to improve it. For now it's as simple as I can make it,
having paired it down to hopefully find the problem.
We're using a captive portal which only allows pass-through of a
username and password as user "fields". The system uses voucher auth, so
we don't actually use the password field for a password, rather using it
to capture email address, browser agent, version and OS details from the
client's browser.
This is a via the user-password string in the format field:<string>
field2:<string> - fields, with the string following a colon, separated
by spaces.
e.g.
email:my.email at address.com browseragent:safari version:7 os:ios5
The string is passed through a few regexes, each picking off the field
string in a capture group. It's failing on the first, the email regex
being pretty simple:
^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4}
<mailto:+@[a-z0-9.-]+/.%5ba-z%5d%7b2,4%7d> )
I've tried various delimiters but all result in the same issue:
email:my.email at address.com,browseragent:safari,version:7,os:ios5
email:my.email at address.com#browseragent:safari#version:7#os:ios5
I've also tried compiling with and without libpcre3-dev, same - the
regex is not stopping at the space or , or #, whatever delimiter I
choose. The non email regexes seem to work ok..
Code : (in policy.d folder)
email_regexp= "^email:([a-z0-9._-]+@[a-z0-9.-]+\\.[a-z]{2,4}
<mailto:+@[a-z0-9.-]+\\.%5ba-z%5d%7b2,4%7d> )"
if ("%{User-Password}" =~ /${policy.email_regexp}/){
update control {
Email-Address := "%{1}"
}
}
Result:
? if ("%{User-Password}" =~
/^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/
<mailto:+@[a-z0-9.-]+\.%5ba-z%5d%7b2,4%7d)/> )
(0) expand: "%{User-Password}" -> 'email:my.email at address.com
browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~
/^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/
<mailto:+@[a-z0-9.-]+\.%5ba-z%5d%7b2,4%7d)/> ) -> TRUE
(0) if ("%{User-Password}" =~
/^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/
<mailto:+@[a-z0-9.-]+\.%5ba-z%5d%7b2,4%7d)/> ) {
(0) update control {
(0) expand: "%{1}" -> 'my.email at address.com brow'
(0) Email-Address := "my.email at address.com brow"
(0) } # update control = noop
(0) [noop] = noop
(0) } # if ("%{User-Password}" =~
/^email:([a-z0-9._-]+@[a-z0-9.-]+\.[a-z]{2,4})/
<mailto:+@[a-z0-9.-]+\.%5ba-z%5d%7b2,4%7d)/> ) = noop
(0) ... skipping else for request 0: Preceding "if" was taken
(0) } # check_email_address check_email_address = noop
(0) check_browser_agent check_browser_agent {
(0) ? if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/)
(0) expand: "%{User-Password}" -> 'email:my.email at address.com
browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) ->
TRUE
(0) if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) {
(0) update control {
(0) expand: "%{1}" -> 'safari'
(0) Browser-Agent := "safari"
(0) } # update control = noop
(0) } # if ("%{User-Password}" =~ /browseragent:([a-z0-9_-]+)/) =
noop
(0) } # check_browser_agent check_browser_agent = noop
(0) check_browser_version check_browser_version {
(0) ? if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/)
(0) expand: "%{User-Password}" -> 'email:my.email at address.com
browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) -> TRUE
(0) if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) {
(0) update control {
(0) expand: "%{1}" -> '7'
(0) Browser-Version := "7"
(0) } # update control = noop
(0) } # if ("%{User-Password}" =~ /version:([a-z0-9_-]+)/) = noop
(0) } # check_browser_version check_browser_version = noop
(0) check_browser_os check_browser_os {
(0) ? if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/)
(0) expand: "%{User-Password}" -> 'email:my.email at address.com
browseragent:safari version:7 os:ios5'
(0) ? if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/) -> TRUE
(0) if ("%{User-Password}" =~ /os:([a-z0-9_-]+)$/) {
(0) update control {
(0) expand: "%{1}" -> 'ios5'
(0) Browser-OS := "ios5"
I also tried a different regex, but the problems seem worse there..
? if ("%{User-Password}" =~
/^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]
{2,4}))/)
<mailto:*@[a-z0-9_-]+(\.%5ba-z0-9_-%5d+)*(\.%5ba-z%5d%7b2,4%7d))/)>
(1) expand: "%{User-Password}" -> 'email:my.email at address.com
browseragent:safari version:7 os:ios5'
(1) ? if ("%{User-Password}" =~
/^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]
{2,4}))/)
<mailto:*@[a-z0-9_-]+(\.%5ba-z0-9_-%5d+)*(\.%5ba-z%5d%7b2,4%7d))/)> ->
TRUE
(1) if ("%{User-Password}" =~
/^email:([a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9_-]+(\.[a-z0-9_-]+)*(\.[a-z]
{2,4}))/)
<mailto:*@[a-z0-9_-]+(\.%5ba-z0-9_-%5d+)*(\.%5ba-z%5d%7b2,4%7d))/)> {
(1) update control {
(1) expand: "%{1}" -> 'my.email at address.com browseragent:safari
version:7 os:ios'
(1) Email-Address := "my.email at address.com
browseragent:safari version:7 os:ios"
(1) } # update control = noop
Any ideas what I'm doing wrong?
Thanks
andy
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131024/06d0b8b0/attachment-0001.html>
More information about the Freeradius-Users
mailing list