FreeRADIUS 3.0 - Help with understanding op value for cleartext-password
Michael Schwartzkopff
ms at sys4.de
Wed Jul 6 13:10:32 CEST 2016
Am Mittwoch, 6. Juli 2016, 12:06:28 schrieb Ian Hiddleston:
> Hi all,
>
> I've got my server working ok, one thing that I'm curious about is why the
> op value for Cleartext-Password is ':=' rather than '==' ?
>
> As my google-fu appears to be lacking I figured I might as well ask the
> question.
>
> Thanks,
> Ian.
goole: man 5 users
bash: man 5 users
Attribute := Value
Always matches as a check item, and replaces in the configuration items any
attribute of the same name. If no attribute of that name appears in the
request, then this attribute is added.
As a reply item, it has an identical meaning, but for the reply items,
instead of the request items.
Attribute == Value
As a check item, it matches if the named attribute is present in the
request, AND has the given value.
Not allowed as a reply item.
if you use "==" the Cleartext-Password must be in the incomming RADIUS
request. Very unlikely.
Mit freundlichen Grüßen,
Michael Schwartzkopff
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160706/37d1fd2a/attachment.sig>
More information about the Freeradius-Users
mailing list