Musing and digressing around sqlite

Axel Luttgens axel.luttgens at skynet.be
Thu Jul 10 16:17:17 CEST 2014


Le 10 juil. 2014 à 11:58, Herwin Weststrate a écrit :

> On 10-07-14 11:26, Axel Luttgens wrote:
>> 
>> ...
>> 
>> So, perhaps could it be inferred that unlang expansions misbehave in an sqlite context only.
> 
> I don't think this is misbehaving, it's more likely the module is trying
> to prevent SQL injections.
> 
> I'm not that familiar with SQLite, but possibly something like this
> would work:
> 
>  COALESCE(%{%{Event-Timestamp}:NULL}, date('now'))

Hello Herwin,

I tend to believe your proposal would just avoid the problematic parts of the expansion, the ones relying on unlang's conditional syntax (i.e. those constructs of the form ${ … -: … }), more specifically when the default value (i.e. the right one) has to be fetched.

In that sense, the above would just ask sqlite to provide a default value itself, instead of asking unlang to build the query (to be passed to sqlite) with that default value.

Anyway, your suggestion may prove very useful as a workaround.

Anecdotally, it is interesting to see that the post-auth queries provided in raddb/mods-config/sql/main for the various db engines but sqlite all feed column "authdate" with simple values such as:

	'%S'
	NOW()
	TO_TIMESTAMP('%S','YYYY-MM-DDHH24:MI:SS')

Axel




More information about the Freeradius-Users mailing list