Fix Antora examples to not use update

diff --git a/doc/antora/modules/developers/pages/todo.adoc b/doc/antora/modules/developers/pages/todo.adoc
index 809a8ffda3d5e2b88480de2b53604ee1a2a7d568..16d33fcb3819ab5716efd2ef50a5c1563dbe4813 100644 (file)
--- a/doc/antora/modules/developers/pages/todo.adoc
+++ b/doc/antora/modules/developers/pages/todo.adoc
@@ -15,12 +15,10 @@ Unlang syntax for an attribute called `Grouped-Foo`
 
 [source,unlang]
 ----
-update request {
-    Grouped-Foo {
-        User-Name = bar
-        Foo = baz
-        ...
-    }
+&request.Grouped-Foo := {
+    User-Name = bar
+    Foo = baz
+    ...
 }
 ----
 

diff --git a/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc b/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc
index 3ee10b0f68839b231fc715558e0f1ecd9c801fed..a22c346fcc61eb0093170be585b13f93ce976e3e 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc
+++ b/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc
@@ -149,9 +149,7 @@ You have two options avaliable to you here (`Ctrl-C` the running FreeRADIUS serv
 ----
 -ldap
 if ((ok || updated) && &User-Password) {
-    update {
-        &control.Auth-Type := ldap
-    }
+  &control.Auth-Type := ldap
 }
 ----
  ** FreeRADIUS is now configured to attempt to LDAP bind if the `ldap` module finds a user and the RADIUS request contains a `User-Password` RADIUS attribute
@@ -170,9 +168,7 @@ If you use LDAP bind'ing to perform user authentication, then when `radclient` r
 (0)    ldap - Released connection (0)
 (0)    ldap (ok)
 (0)    if ((ok || updated) && &User-Password) {
-(0)      update {
-(0)        &control.Auth-Type := ldap
-(0)      } # update (noop)
+(0)      &control.Auth-Type := ldap
 (0)    } # if ((ok || updated) && &User-Password) (noop)
 (0)    expiration (noop)
 (0)    pap - WARNING: No "known good" password found for the user.  Not setting Auth-Type

diff --git a/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc b/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc
index d0126881705db5dc4931da37a8167bc92e651bf6..a8293a7d80ad5688575ed0f0cc77961efaae8067 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc
+++ b/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc
@@ -144,9 +144,7 @@ appropriately.
 [source,unlang]
 ----
 if (%(ldap.memberof:cn=foo,ou=groups,dc=example,dc=com) == true) {
-       update reply {
-               &Reply-Message := "Welcome member of group 'foo'"
-       }
+       &reply.Reply-Message := "Welcome member of group 'foo'"
 }
 ----
 
@@ -155,9 +153,7 @@ if (%(ldap.memberof:cn=foo,ou=groups,dc=example,dc=com) == true) {
 [source,unlang]
 ----
 if (%(ldap.memberof:foo) == true) {
-       update reply {
-               &Reply-Message := "Welcome member of group 'foo'"
-       }
+       &reply.Reply-Message := "Welcome member of group 'foo'"
 }
 ----
 

diff --git a/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc b/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc
index 5baaa06ae868f4c072972cb68c09be091267fe12..cf1f37555f79ca022c1beba571aeddcfa4335ea7 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc
+++ b/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc
@@ -154,9 +154,7 @@ server default {
        recv Access-Request {
                ldap
                if (ok || updated) {
-                       update control {
-                               &Auth-Type := ldap
-                       }
+                       &control.Auth-Type := ldap
                }
        }
 

diff --git a/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc b/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc
index 1c3ee3f2c96dc5e9bc7831d032833587e2814118..207013ffc4a14827e67de00206a0bc1f66d3730d 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc
+++ b/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc
@@ -24,7 +24,7 @@
 | Purpose                                     | `ldap { user { ... } }` config item
 | Specify where to search for users           | ```base_dn = '<user_base_dn>'```
 | Specify how to find a user                  | ```filter = "(&(<user_filter>)(<user_uid_attribute>=%{%{Stripped-User-Name}:-%{User-Name}})"```
-| Retrieve a "known good" password            | ```update { &control.Password.With-Header = <user_password_attribute>```
+| Retrieve a "known good" password            | ```&control.Password.With-Header = <user_password_attribute>```
 | Allow accounts to be explicitly disabled    | ```access_attribute = '<user_access_disabled_attribute>'``` +
                                                 ```access_positive = 'no'```
 | Require accounts to be explicitly enabled   | ```access_attribute = '<user_access_enabled_attribute>'``` +

diff --git a/doc/antora/modules/howto/pages/modules/mschap/index.adoc b/doc/antora/modules/howto/pages/modules/mschap/index.adoc
index fbd111442c74e21d4e728b75c5b58b0b6740ec33..d60bb755caf51f06117d30a778fc25ea3f2f6b19 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/mschap/index.adoc
+++ b/doc/antora/modules/howto/pages/modules/mschap/index.adoc
@@ -118,10 +118,10 @@ To actually force a client to change passwords, you must set the expiry
 bit in the `SMB-Account-Ctrl` value - for example::
 
 ```
-update control {
-  # U == user
-  # e == expired SMB-Account-Ctrl-Text := [Ue]
-}
+# U == user
+# e == expired
+
+&control.SMB-Account-Ctrl-Text := '[Ue]'
 ```
 
 This will cause the client to receive `error 648 - password expired`.

diff --git a/doc/antora/modules/howto/pages/modules/rest/configuration.adoc b/doc/antora/modules/howto/pages/modules/rest/configuration.adoc
index f9623265b722c3075d1fac8091c7a665a25a0a91..ef118a783fa42c145c67c574e3a35b8895b41c08 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/rest/configuration.adoc
+++ b/doc/antora/modules/howto/pages/modules/rest/configuration.adoc
@@ -109,9 +109,7 @@ server default {
        ...
        recv Access-Request {
                if (&User-Password) {
-                       update control {
-                               &Auth-Type := rest
-                       }
+                       &control.Auth-Type := rest
                }
        }
 

diff --git a/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc b/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc
index c40a965fb7da82bcf795f8c880b3e9fe1769e8f9..b87acb4242480c2888cf7b7d3199d932bb4b11ec 100644 (file)
--- a/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc
+++ b/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc
@@ -272,9 +272,9 @@ send Access-Accept {
                         noop = return
                 }
                 # On failure for any reason, reject
-                update {
-                        &reply.Reply-Message += Module-Failure-Message
-                }
+                &reply += {
+                       Reply-Message = Module-Failure-Message
+               }
                 reject
         }
 ...
@@ -520,10 +520,7 @@ echo "INSERT INTO radcheck (username,attribute,op,value)   \
 ----
 send Access-Accept {
 ...
-        update control {
-                &IP-Pool.Name := 'internet'
-        }
-
+        &control.IP-Pool.Name := 'internet'
         sqlippool
 ...
 }

diff --git a/doc/antora/modules/raddb/pages/mods-available/csv.adoc b/doc/antora/modules/raddb/pages/mods-available/csv.adoc
index 3d6612866af0e26c65bede181a994d63a0eb430e..ccb9994c96de9c2600eeca8347b4a8b0345e2d73 100644 (file)
--- a/doc/antora/modules/raddb/pages/mods-available/csv.adoc
+++ b/doc/antora/modules/raddb/pages/mods-available/csv.adoc
@@ -171,8 +171,8 @@ as given the the key` field above.  For example, the map could
 look like this:
 
 map csv &User-Name {
-&reply.Reply-Message := 'color'
-&Tmp-Integer-0 := 'count'
+  &reply.Reply-Message := 'color'
+  &Tmp-Integer-0 := 'count'
 }
 
 This map does the same operations as the key / update

diff --git a/doc/antora/modules/raddb/pages/mods-available/ldap.adoc b/doc/antora/modules/raddb/pages/mods-available/ldap.adoc
index 753f7c2f584e51c12813e93a43ea9f983413537a..2853a731e922bf81fcf17dfce731dd32ae938b90 100644 (file)
--- a/doc/antora/modules/raddb/pages/mods-available/ldap.adoc
+++ b/doc/antora/modules/raddb/pages/mods-available/ldap.adoc
@@ -698,12 +698,8 @@ Escape a string for use in an LDAP filter or DN.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?(objectClass=radiusprofile)"
-}
-update reply {
-    &Reply-Message := "The LDAP url is %{ldap_escape:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?(objectClass=radiusprofile)"
+&reply.Reply-Message := "The LDAP url is %{ldap_escape:%{control.Tmp-String-0}}"
 ----
 
 .Output
@@ -722,12 +718,8 @@ Unescape a string for use in an LDAP filter or DN.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?\28objectClass=radiusprofile\29"
-}
-update reply {
-    &Reply-Message := "The LDAP url is %{ldap_unescape:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?\28objectClass=radiusprofile\29"
+&reply.Reply-Message := "The LDAP url is %{ldap_unescape:%{control.Tmp-String-0}}"
 ----
 
 .Output

diff --git a/doc/antora/modules/raddb/pages/radrelay.conf.adoc b/doc/antora/modules/raddb/pages/radrelay.conf.adoc
index 7fcc221f0fe85178adf500e1d49a97160a459753..5bd1bd5aa382155d88506ff9679f352a98596c8f 100644 (file)
--- a/doc/antora/modules/raddb/pages/radrelay.conf.adoc
+++ b/doc/antora/modules/raddb/pages/radrelay.conf.adoc
@@ -296,9 +296,7 @@ server radrelay {
                load_factor = 90
        }
        recv Accounting-Request {
-               update control {
-                       Proxy-To-Realm := "radrelay"
-               }
+               &control.Proxy-To-Realm := "radrelay"
        }
 }
 ```

diff --git a/doc/antora/modules/raddb/pages/sites-available/default.adoc b/doc/antora/modules/raddb/pages/sites-available/default.adoc
index a984dd501bd4b2b225f217b762b16904f99e71ec..38f225fb46a900e0189c0ccfa414cf2eecab5933 100644 (file)
--- a/doc/antora/modules/raddb/pages/sites-available/default.adoc
+++ b/doc/antora/modules/raddb/pages/sites-available/default.adoc
@@ -1389,9 +1389,11 @@ send Access-Accept {
 #      sql_log
 #      ldap
 #      &request.WiMAX-MN-NAI = "%{User-Name}"
-#      update reply {
-#              &Vendor-Specific.WiMAX.FA-RK-Key = 0x00
-#              &Vendor-Specific.WiMAX.MSK = "%{reply.EAP-MSK}"
+#      &reply += {
+#              &Vendor-Specific.WiMAX = {
+#                      &FA-RK-Key = 0x00
+#                      &MSK = &reply.EAP-MSK
+#              }
 #      }
 #      wimax
 #      &reply += {

diff --git a/doc/antora/modules/raddb/pages/sites-available/index.adoc b/doc/antora/modules/raddb/pages/sites-available/index.adoc
index fc910ac51b67a61fd3915b1e31bac3cac4121446..2e08f72c271ffc17319eb6285ff2f1528c58ecf3 100644 (file)
--- a/doc/antora/modules/raddb/pages/sites-available/index.adoc
+++ b/doc/antora/modules/raddb/pages/sites-available/index.adoc
@@ -57,9 +57,7 @@ server foo {
     }
 
     recv Access-Request {
-        update control {
-            Password.Cleartext := "bob"
-        }
+        &control.Password.Cleartext := "bob"
         pap
     }
 

diff --git a/doc/antora/modules/reference/pages/xlat/builtin.adoc b/doc/antora/modules/reference/pages/xlat/builtin.adoc
index 1c189b3be0279d2886378e80af16b15eb53782c3..0328838fbb5e00ac0ea55bb198869b539905b2a4 100644 (file)
--- a/doc/antora/modules/reference/pages/xlat/builtin.adoc
+++ b/doc/antora/modules/reference/pages/xlat/builtin.adoc
@@ -398,7 +398,7 @@ Used to join two or more attributes, separated by an optional delimiter.
        &Tmp-String-0 = "c"
 }
 
-reply += {
+&reply += {
     &Reply-Message = "%(concat:%{control.Tmp-String-0[*]} ', ')"
     &Reply-Message = "%(concat:%{control.Tmp-String-0[*]} ,)"
 }
@@ -488,14 +488,8 @@ Serialize attributes as comma-delimited string.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "This is a string"
-    &control.Tmp-String-0 += "This is another one"
-}
-
-update reply {
-    &Reply-Message := "Serialize output: %(pairs:&control.[*])"
-}
+&control.Tmp-String-0 := { "This is a string", "This is another one" }
+&reply.Reply-Message := "Serialize output: %(pairs:&control.[*])"
 ----
 
 .Output
@@ -514,9 +508,7 @@ Get random string built from character classes.
 
 [source,unlang]
 ----
-update reply {
-    &Reply-Message := "The random string output is %{randstr:aaaaaaaa}"
-}
+&reply.Reply-Message := "The random string output is %{randstr:aaaaaaaa}"
 ----
 
 .Output
@@ -535,12 +527,8 @@ Length of given string.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "Caipirinha"
-}
-update reply {
-    &Reply-Message := "The length of %{control.Tmp-String-0} is %{strlen:&control.Tmp-String-0}"
-}
+&control.Tmp-String-0 := "Caipirinha"
+&reply.Reply-Message := "The length of %{control.Tmp-String-0} is %{strlen:&control.Tmp-String-0}"
 ----
 
 .Output
@@ -560,12 +548,8 @@ it. This definition is only available in version 2.1.10 and later.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "CAIPIRINHA"
-}
-update reply {
-    &Reply-Message := "tolower of %{control.Tmp-String-0} is %{tolower:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "CAIPIRINHA"
+&reply.Reply-Message := "tolower of %{control.Tmp-String-0} is %{tolower:%{control.Tmp-String-0}}"
 ----
 
 .Output
@@ -585,12 +569,8 @@ it. This definition is only available in version 2.1.10 and later.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "caipirinha"
-}
-update reply {
-    &Reply-Message := "toupper of %{control.Tmp-String-0} is %{toupper:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "caipirinha"
+&reply.Reply-Message := "toupper of %{control.Tmp-String-0} is %{toupper:%{control.Tmp-String-0}}"
 ----
 
 .Output
@@ -611,12 +591,8 @@ Encode a string using Base64.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "Caipirinha"
-}
-update reply {
-    &Reply-Message := "The base64 of %{control.Tmp-String-0} is %(base64.encode:%{control.Tmp-String-0})"
-}
+&control.Tmp-String-0 := "Caipirinha"
+&reply.Reply-Message := "The base64 of %{control.Tmp-String-0} is %(base64.encode:%{control.Tmp-String-0})"
 ----
 
 .Output
@@ -635,12 +611,8 @@ Decode a string previously encoded using Base64.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "Q2FpcGlyaW5oYQ=="
-}
-update reply {
-    &Reply-Message := "The base64.decode of %{control.Tmp-String-0} is %(base64.decode:%{control.Tmp-String-0})"
-}
+&control.Tmp-String-0 := "Q2FpcGlyaW5oYQ=="
+&reply.Reply-Message := "The base64.decode of %{control.Tmp-String-0} is %(base64.decode:%{control.Tmp-String-0})"
 ----
 
 .Output
@@ -659,12 +631,8 @@ Convert string to binary.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "10"
-}
-update reply {
-    &Reply-Message := "The %{control.Tmp-String-0} in binary is %{bin:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "10"
+&reply.Reply-Message := "The %{control.Tmp-String-0} in binary is %{bin:%{control.Tmp-String-0}}"
 ----
 
 .Output
@@ -683,12 +651,8 @@ Convert to hex.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "12345"
-}
-update reply {
-    &Reply-Message := "The value of %{control.Tmp-String-0} in hex is %{hex:%{control.Tmp-String-0}}"
-}
+&control.Tmp-String-0 := "12345"
+&reply.Reply-Message := "The value of %{control.Tmp-String-0} in hex is %{hex:%{control.Tmp-String-0}}"
 ----
 
 .Output
@@ -707,11 +671,9 @@ Quote URL special characters.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "http://example.org/"
-}
-update reply {
-    &Reply-Message += "The urlquote of %{control.Tmp-String-0} is %{urlquote:%{control.Tmp-String-0}}"
+&control.Tmp-String-0 := "http://example.org/"
+&reply += {
+       &Reply-Message = "The urlquote of %{control.Tmp-String-0} is %{urlquote:%{control.Tmp-String-0}}"
 }
 ----
 
@@ -731,11 +693,9 @@ Unquote URL special characters.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "http%%3A%%2F%%2Fexample.org%%2F" # Attention for the double %.
-}
-update reply {
-    &Reply-Message += "The urlunquote of %{control.Tmp-String-0} is %{urlunquote:%{control.Tmp-String-0}}"
+&control.Tmp-String-0 := "http%%3A%%2F%%2Fexample.org%%2F" # Attention for the double %.
+&reply += {
+       &Reply-Message = "The urlunquote of %{control.Tmp-String-0} is %{urlunquote:%{control.Tmp-String-0}}"
 }
 ----
 
@@ -757,17 +717,13 @@ Generate `HMAC-MD5` of string.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "mykey"
-    &control.Tmp-String-1 := "Caipirinha"
-}
-update {
-    &control.Tmp-Octets-0 := "%(hmacmd5:%{control.Tmp-String-0} %{control.Tmp-String-1})"
-}
+&control.Tmp-String-0 := "mykey"
+&control.Tmp-String-1 := "Caipirinha"
+&reply.control.Tmp-Octets-0 := "%(hmacmd5:%{control.Tmp-String-0} %{control.Tmp-String-1})"
 
-update reply {
-    &Reply-Message := "The HMAC-MD5 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}"
-    &Reply-Message += "The HMAC-MD5 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}"
+&reply += {
+    &Reply-Message = "The HMAC-MD5 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}"
+    &Reply-Message = "The HMAC-MD5 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}"
 }
 ----
 
@@ -788,17 +744,13 @@ Generate `HMAC-SHA1` of string.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "mykey"
-    &control.Tmp-String-1 := "Caipirinha"
-}
-update {
-    &control.Tmp-Octets-0 := "%(hmacsha1:%{control.Tmp-String-0} %{control.Tmp-String-1})"
-}
+&control.Tmp-String-0 := "mykey"
+&control.Tmp-String-1 := "Caipirinha"
+&control.Tmp-Octets-0 := "%(hmacsha1:%{control.Tmp-String-0} %{control.Tmp-String-1})"
 
-update reply {
-    &Reply-Message := "The HMAC-SHA1 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}"
-    &Reply-Message += "The HMAC-SHA1 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}"
+&reply += {
+    &Reply-Message = "The HMAC-SHA1 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}"
+    &Reply-Message = "The HMAC-SHA1 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}"
 }
 ----
 
@@ -820,12 +772,10 @@ result is binary data.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "Caipirinha"
-}
-update reply {
-    &Reply-Message := "md5 of %{control.Tmp-String-0} is octal=%{md5:%{control.Tmp-String-0}}"
-    &Reply-Message := "md5 of %{control.Tmp-String-0} is hex=%{hex:%{md5:%{control.Tmp-String-0}}}"
+&control.Tmp-String-0 := "Caipirinha"
+&reply += {
+    &Reply-Message = "md5 of %{control.Tmp-String-0} is octal=%{md5:%{control.Tmp-String-0}}"
+    &Reply-Message = "md5 of %{control.Tmp-String-0} is hex=%{hex:%{md5:%{control.Tmp-String-0}}}"
 }
 ----
 
@@ -870,12 +820,10 @@ families of digest functions.
 
 [source,unlang]
 ----
-update {
-    &control.Tmp-String-0 := "Caipirinha"
-}
-update reply {
-    &Reply-Message := "The md5 of %{control.Tmp-String-0} in octal is %{md5:%{control.Tmp-String-0}}"
-    &Reply-Message += "The md5 of %{control.Tmp-String-0} in hex is %{hex:%{md5:%{control.Tmp-String-0}}}"
+&control.Tmp-String-0 := "Caipirinha"
+&reply += {
+    &Reply-Message = "The md5 of %{control.Tmp-String-0} in octal is %{md5:%{control.Tmp-String-0}}"
+    &Reply-Message = "The md5 of %{control.Tmp-String-0} in hex is %{hex:%{md5:%{control.Tmp-String-0}}}"
 }
 ----
 
@@ -936,19 +884,12 @@ Evaluates the string as an expansion, and returns the result.  The main differen
 [source,unlang]
 ----
 if (&User-Name == "bob") {
-    update request {
-        &Tmp-String-0 := "&User-Name"
-   }
+    &request.Tmp-String-0 := "&User-Name"
 } else {
-    update request {
-        &Tmp-String-0 := "not bob!"
-   }
-}
-
-update reply {
-    &Reply-Message := "%{eval:&Tmp-String-0}"
+    &request.Tmp-String-0 := "not bob!"
 }
 
+&reply.Reply-Message := "%{eval:&request.Tmp-String-0}"
 ----
 
 .Output when `&User-Name == bob`
@@ -980,11 +921,7 @@ You probably don't want to use this.  In v4, the main use of `%{expr:...}` is in
 
 [source,unlang]
 ----
-update reply
-        &Tmp-String-0 := "%{expr: 1 + 2}"
-   }
-}
-
+&reply.Tmp-String-0 := "%{expr:1 + 2}"
 ----
 
 .Output
@@ -1014,9 +951,7 @@ With the current time at 16:18, `%(nexttime:1h)` will expand to `2520`.
 
 [source,unlang]
 ----
-update reply {
-    &Reply-Message := "You should wait for %(nexttime:1h)s"
-}
+&reply.Reply-Message := "You should wait for %(nexttime:1h)s"
 ----
 
 .Output
@@ -1040,9 +975,7 @@ See also the `unpack` module, which is the inverse to `pack`.
 
 [source,unlang]
 ----
-update reply {
-    &Class := "%{pack:%{reply.Framed-IP-Address}%{NAS-IP-Address}}"
-}
+&reply.Class := "%{pack:%{reply.Framed-IP-Address}%{NAS-IP-Address}}"
 ----
 
 .Output
@@ -1080,14 +1013,10 @@ The source/destination ports associated with the packet.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "user@example.com"
-}
+&control.Tmp-String-0 := "user@example.com"
 
 if (&control.Tmp-String-0 =~ /^(?<login>(.*))@(?<domain>(.*))$/) {
-    update reply {
-        &Reply-Message := "The %{control.Tmp-String-0} { login=%{regex:login}, domain=%{regex:domain} }"
-    }
+    &reply.Reply-Message := "The %{control.Tmp-String-0} { login=%{regex:login}, domain=%{regex:domain} }"
 }
 ----
 
@@ -1107,12 +1036,8 @@ Substitute text just as easily as it can match it, even using regex patterns.
 
 [source,unlang]
 ----
-update control {
-    &Tmp-String-0 := "Caipirinha is a light and refreshing drink!"
-}
-update reply {
-    &Reply-Message := "%(sub:%{control.Tmp-String-0} / / ,)"
-}
+&control.Tmp-String-0 := "Caipirinha is a light and refreshing drink!"
+&reply.Reply-Message := "%(sub:%{control.Tmp-String-0} / / ,)"
 ----
 
 .Output

diff --git a/doc/antora/modules/tutorials/pages/unlang_policies.adoc b/doc/antora/modules/tutorials/pages/unlang_policies.adoc
index 24b91c0223b4c54484ced24179a2e41d9286a9d7..8883a5c087ba5046295819bfc985e35d4d98ee92 100644 (file)
--- a/doc/antora/modules/tutorials/pages/unlang_policies.adoc
+++ b/doc/antora/modules/tutorials/pages/unlang_policies.adoc
@@ -22,9 +22,7 @@ braces containing the body of the policy
 ------------------------------------------------
 a_policy {
        if (&User-Name =~ /@([\w.+])/) {
-               update reply {
-                       Reply-Message := "Hello remote %{User-Name}"
-               }
+               &reply.Reply-Message := "Hello remote %{User-Name}"
        }
 }
 ------------------------------------------------

diff --git a/doc/antora/modules/tutorials/pages/virtual.adoc b/doc/antora/modules/tutorials/pages/virtual.adoc
index 9b39d078e4aadb237f1e8400d669bc5e7661db05..0aea6e128e1366ebc25e6a45fd4869e4450bc1ef 100644 (file)
--- a/doc/antora/modules/tutorials/pages/virtual.adoc
+++ b/doc/antora/modules/tutorials/pages/virtual.adoc
@@ -33,9 +33,7 @@ listen {
 }
 
 authorize {
-    update control {
-        Clearext-Password := "hello"
-    }
+    &control.Clearext-Password := "hello"
     pap
 }
 

diff --git a/raddb/sites-available/default b/raddb/sites-available/default
index 0af55c0d9566aef4cd8e9237c57bc68b09c9dd64..94004144d5fbfe0af849ff86919750a7199aba50 100644 (file)
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -1133,9 +1133,11 @@ send Access-Accept {
        #  with the correct ones taken from the cryptographic
        #  calculations, e.g.
        #
-#      update reply {
-#              &Vendor-Specific.WiMAX.FA-RK-Key = 0x00
-#              &Vendor-Specific.WiMAX.MSK = "%{reply.EAP-MSK}"
+#      &reply += {
+#              &Vendor-Specific.WiMAX = {
+#                      &FA-RK-Key = 0x00
+#                      &MSK = &reply.EAP-MSK
+#              }
 #      }
 
        #  You may want to delete the `MS-MPPE-*-Keys` from the