multiple fields from rlm_mysql?

Arran Cudbard-Bell a.cudbardb at
Mon May 4 18:26:59 CEST 2015

> On Apr 29, 2015, at 3:51 PM, Jorge Pereira <jpereiran at> wrote:
> done

Just an update for this.

We've decided to create a new 'map proc' API (instead of hacking xlats to do more). This allows multi attribute, multi value, results to be mapped to server attributes.

The tentative syntax looks something like:

map <map proc isnt> <source> {
	<server attr0> <op> <result attr0>
	<server attr1> <op> <result attr1>
	<server attrN> <op> <result attrN>

update request {
	Tmp-String-0 := 'replyMessage'

map sql "SELECT * FROM foo WHERE 1;" {
	User-Name = 'username'
	User-Password = 'cleartextpassword'
	Reply-Message += &Tmp-String-0

Behind the scenes, processing of the LHS is identical to an update section.

Like xlat, the map proc API allows registrations of map proc callbacks. So each module can register multiple callbacks.

The map section will return an rcode indicating success or failure.

This simple syntax provides a nice way of processing complex JSON, YAML, XML documents. Although it doesn't exist yet, something like:

map json "%{rest: <> GET}" {
	User-Name = ''
}	User-Password = '.user.password'

should be possible.

I've pushed a simple map proc API to the v3.1.x branch, along with map proc callbacks for SQL, and LDAP. Currently mysql, postgresql and sqlite drivers are supported.

To be supported the drive must implement the sql_fields method, which returns an array of field/column names for the result.

Pull requests for the other drivers would be appreciated.


More information about the Freeradius-Users mailing list