Version 3.0.3 has been released

Wed May 14 10:03:04 CEST 2014

The regex case insensitiv problem is solved now but another strange
behavior with FR 3.0.3-git:

Policy:

set_eduroam_vlan {

   # add some debug values
   update {
      request:Cisco-AVpair += "debug1=123"
      request:Cisco-AVpair += "debug2=abc"
   }

   foreach Cisco-Avpair {
      if("%{Foreach-Variable-0}" =~ /ssid=eduroam/i) {
         update {
            reply:Tunnel-Type := 'VLAN'
            reply:Tunnel-Medium-Type := 'IEEE-802'
         }
         switch &reply:Class {
            case 'staff' {
               update {
                  reply:Filter-Id := 'staff'
                  reply:Tunnel-Private-Group-Id := '1'
               }
            }
            case 'student' {
               update {
                  reply:Filter-Id := 'student'
                  reply:Tunnel-Private-Group-Id := '2'
               }
            }
            case 'phbern' {
               noop
            }
            case {
               update {
                  reply:Filter-Id := 'external'
                  reply:Tunnel-Private-Group-Id := '3'
               }
            }
         }
         break
      }
   }
   updated
}

Debug output:

(11)   set_eduroam_vlan set_eduroam_vlan {
(11)    update  {
(11) 	request:Cisco-AVpair += 'debug1=123'
(11) 	request:Cisco-AVpair += 'debug2=abc'
(11)    } # update  = noop
(11)    foreach Cisco-Avpair
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)
(11) EXPAND %{Foreach-Variable-0}
(11)    --> ssid=EDUROAM
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)  -> TRUE
(11)     if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)  {
(11)      update  {
(11) 	reply:Tunnel-Type := VLAN
(11) 	reply:Tunnel-Medium-Type := IEEE-802
(11)      } # update  = noop
(11)      switch &reply:Class {
(11)       case staff {
(11)        update  {
(11) 	reply:Filter-Id := 'staff'
(11) 	reply:Tunnel-Private-Group-Id := '1'
(11)        } # update  = noop
(11)       } # case staff = noop
(11)      } # switch &reply:Class = noop
(11)       # break Foreach-Variable-0
(11)     } # if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)  = noop
(11)      # unwind to enclosing foreach
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)
(11) EXPAND %{Foreach-Variable-0}
(11)    --> debug1=123
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)  -> FALSE
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)
(11) EXPAND %{Foreach-Variable-0}
(11)    --> debug2=abc
(11)      if ("%{Foreach-Variable-0}" =~ /ssid=eduroam/i)  -> FALSE
Aborted

:O why does the break statment not work at the current iteration? And why
crashes the freeradius daemon here?
Same policy works with FR 3.0.2Š

- Peter

>
>Gag reflex suppressed, code fixed.
>
>https://github.com/FreeRADIUS/freeradius-server/commit/89d8281c11737f2e7b8
>1dc3bc325235b3783d779
>
>Arran Cudbard-Bell <a.cudbardb at freeradius.org>
>FreeRADIUS Development Team
>
>FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2