User-Name return glitch in FR 3.0.17?

Stefan Paetow Stefan.Paetow at
Tue Apr 24 14:25:25 CEST 2018

>  I suspect your rules added User-Name to the reply when it didn't already exist.  Now that it exists in 3.0.17, your rules run into issues.  That's really the main issue here.

Well, 'my' rule is the standard rule set here:

I'm using this filter, so it's set to 'if (1) {'. I just commented out line 337.

> post-auth {
> 	if (session-state:User-Name && reply:User-Name && request:User-Name &&
>    		(reply:User-Name == request:User-Name)) {
> 		update reply {
> 			User-Name !* ANY
> 		}
> 		... copy session-state to reply ...
> }

Ok, shall I pop over a pull request to fix this in the post-auth of the 'default' and 'abfab-tr-idp' servers? Or do you want to fix this in code for 3.0.18?

>  3.0.15 would sometimes not send a User-Name in the reply.  That was wrong.

Interesting. I assume that's the reply in the outer? Just clarifying here. :-)

With Regards

Stefan Paetow
Consultant, Trust and Identity

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at
skype: stefan.paetow.janet

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <>

More information about the Freeradius-Users mailing list