update call_env flags, and remove '&' from the test

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index d3ae16a98488b5ab4b4be483d72a9f0b9d61a1f7..e830842c50e4e408fa47558d87b07fed2e6aecca 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -90,8 +90,8 @@ static int ldap_group_filter_parse(TALLOC_CTX *ctx, void *out, tmpl_rules_t cons
 
 static const call_env_parser_t sasl_call_env[] = {
        { FR_CALL_ENV_OFFSET("mech", FR_TYPE_STRING, CALL_ENV_FLAG_NONE, ldap_auth_call_env_t, user_sasl_mech) },
-       { FR_CALL_ENV_OFFSET("authname", FR_TYPE_STRING, CALL_ENV_FLAG_NONE, ldap_auth_call_env_t, user_sasl_authname) },
-       { FR_CALL_ENV_OFFSET("proxy", FR_TYPE_STRING, CALL_ENV_FLAG_NONE, ldap_auth_call_env_t, user_sasl_proxy) },
+       { FR_CALL_ENV_OFFSET("authname", FR_TYPE_STRING, CALL_ENV_FLAG_BARE_WORD_ATTRIBUTE, ldap_auth_call_env_t, user_sasl_authname) },
+       { FR_CALL_ENV_OFFSET("proxy", FR_TYPE_STRING, CALL_ENV_FLAG_BARE_WORD_ATTRIBUTE, ldap_auth_call_env_t, user_sasl_proxy) },
        { FR_CALL_ENV_OFFSET("realm", FR_TYPE_STRING, CALL_ENV_FLAG_NONE, ldap_auth_call_env_t, user_sasl_realm) },
        CALL_ENV_TERMINATOR
 };
@@ -192,7 +192,7 @@ static const call_env_method_t authenticate_method_env = {
                                         ((call_env_parser_t[]) {
                                                USER_CALL_ENV_COMMON(ldap_auth_call_env_t),
                                                { FR_CALL_ENV_PARSE_OFFSET("password_attribute", FR_TYPE_STRING,
-                                                                         CALL_ENV_FLAG_ATTRIBUTE | CALL_ENV_FLAG_REQUIRED | CALL_ENV_FLAG_NULLABLE | CALL_ENV_FLAG_CONCAT,
+                                                                         CALL_ENV_FLAG_ATTRIBUTE | CALL_ENV_FLAG_REQUIRED | CALL_ENV_FLAG_NULLABLE | CALL_ENV_FLAG_CONCAT | CALL_ENV_FLAG_BARE_WORD_ATTRIBUTE,
                                                                          ldap_auth_call_env_t, password, password_tmpl),
                                                                          .pair.dflt = "&User-Password", .pair.dflt_quote = T_BARE_WORD },
                                                { FR_CALL_ENV_SUBSECTION("sasl", NULL, CALL_ENV_FLAG_NONE, sasl_call_env) },

diff --git a/src/tests/modules/ldap/module.conf b/src/tests/modules/ldap/module.conf
index fcd4cb0635f345e4252e21da92336b9683621041..a7e49240531e6b14708b847b0fd2dd919e79b921 100644 (file)
--- a/src/tests/modules/ldap/module.conf
+++ b/src/tests/modules/ldap/module.conf
@@ -735,7 +735,7 @@ ldap ldapsasl {
                filter = "(uid=%{%{Stripped-User-Name} || %{User-Name}})"
                sasl {
                        mech = 'SCRAM-SHA-512'
-                       authname = &User-Name
+                       authname = User-Name
                }
        }
 
@@ -782,7 +782,7 @@ ldap ldapldapi {
                filter = "(uid=%{%{Stripped-User-Name} || %{User-Name}})"
                sasl {
                        mech = 'SCRAM-SHA-512'
-                       authname = &User-Name
+                       authname = User-Name
                }
        }