add quotes to function arguments in sample policies

author Alan T. DeKok <aland@freeradius.org>

Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)
author Alan T. DeKok <aland@freeradius.org>
Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)
diff --git a/raddb/policy.d/canonicalisation b/raddb/policy.d/canonicalisation

index 7ab2c3b89cbf4c82872f92ce0270929a6fb0e41b..ba3f548c6d6fb6f68d416f8f9a6ad371a98b82bb 100644 (file)
--- a/raddb/policy.d/canonicalisation
+++ b/raddb/policy.d/canonicalisation
@@ -52,11 +52,11 @@ mac-addr-regexp = '([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^
  #
  rewrite_called_station_id {
         if (Called-Station-Id && (Called-Station-Id =~ /^${policy.mac-addr-regexp}([^0-9a-f](.+))?$/i)) {
-               request.Called-Station-Id := "%toupper(%{1}-%{2}-%{3}-%{4}-%{5}-%{6})"
+               request.Called-Station-Id := %toupper("%{1}-%{2}-%{3}-%{4}-%{5}-%{6}")
  
                 # SSID component?
-               if ("%{8}") {
-                       request.Called-Station-SSID := "%{8}"
+               if (%{8}) {
+                       request.Called-Station-SSID := %{8}
                 }
                 updated
         }
@@ -74,7 +74,7 @@ rewrite_called_station_id {
  #
  rewrite_calling_station_id {
         if (Calling-Station-Id && (Calling-Station-Id =~ /^${policy.mac-addr-regexp}$/i)) {
-               request.Calling-Station-Id := "%toupper(%{1}-%{2}-%{3}-%{4}-%{5}-%{6})"
+               request.Calling-Station-Id := %toupper("%{1}-%{2}-%{3}-%{4}-%{5}-%{6}")
  
                 updated
         }
diff --git a/raddb/policy.d/cui b/raddb/policy.d/cui

index e358e8118919c11bb236fd5c1b0af82bac3178bb..32d2f4452231c57676dd3a34d831d0834000fda3 100644 (file)
--- a/raddb/policy.d/cui
+++ b/raddb/policy.d/cui
@@ -39,7 +39,7 @@ cui_require_operator_name = "no"
  #  }
  #
  cui.authorize {
-       if ("%client(add_cui)" == 'yes') {
+       if (%client('add_cui') == 'yes') {
                 request.Chargeable-User-Identity := 0x00
         }
  }
@@ -54,7 +54,7 @@ cui.authorize {
  cui.post-auth {
         if (!control.Proxy-To-Realm && Chargeable-User-Identity && !reply.Chargeable-User-Identity &&
             (Operator-Name || ('${policy.cui_require_operator_name}' != 'yes')) ) {
-               reply.Chargeable-User-Identity = "%sha1(${policy.cui_hash_key}%tolower(%{User-Name}%{Operator-Name || ''}))"
+               reply.Chargeable-User-Identity = %sha1("${policy.cui_hash_key}%tolower(%{User-Name}%{Operator-Name || ''})")
         }
  
         #
@@ -77,7 +77,7 @@ cui.post-auth {
  cui-inner.post-auth {
         if (outer.request.Chargeable-User-Identity && \
             (outer.request.Operator-Name || ('${policy.cui_require_operator_name}' != 'yes'))) {
-               reply.Chargeable-User-Identity := "%sha1(${policy.cui_hash_key}%tolower(%{User-Name}%{outer.request.Operator-Name || ''}))"
+               reply.Chargeable-User-Identity := %sha1("${policy.cui_hash_key}%tolower(%{User-Name}%{outer.request.Operator-Name || ''})")
         }
  }
  
@@ -93,11 +93,7 @@ cui.accounting {
         #  in the DB.
         #
         if (!Chargeable-User-Identity) {
-               request.Chargeable-User-Identity := %cuisql(\
-                               SELECT cui FROM cui \
-                               WHERE clientipaddress = '%{Net.Src.IP}' \
-                               AND callingstationid = '%{Calling-Station-Id}' \
-                               AND username = '%{User-Name}')
+               request.Chargeable-User-Identity := %cuisql("SELECT cui FROM cui WHERE clientipaddress = '%{Net.Src.IP}' AND callingstationid = '%{Calling-Station-Id}'AND username = '%{User-Name}'")
         }
  
         #
diff --git a/raddb/policy.d/filter b/raddb/policy.d/filter

index f67202b562b3a74a44c717f8a3882aefb51bca5b..3f12f2a4433aa651c2b05a2d579002674bf97606 100644 (file)
--- a/raddb/policy.d/filter
+++ b/raddb/policy.d/filter
@@ -37,7 +37,7 @@ filter_username {
                 #
                 #  reject mixed case e.g. "UseRNaMe"
                 #
-               #if (User-Name != "%tolower(%{User-Name}}") {
+               #if (User-Name != %tolower(User-Name)) {
                 #       reject
                 #}
  
diff --git a/raddb/policy.d/operator-name b/raddb/policy.d/operator-name

index 8fff08761a80f3fc6de5822834cf47331afea38f..7b6a45a65a4be208331ce89a1f6673d739f3604f 100644 (file)
--- a/raddb/policy.d/operator-name
+++ b/raddb/policy.d/operator-name
@@ -26,7 +26,7 @@
  #  an Operator-Name attribute
  #
  operator-name.authorize {
-       if ("%client(Operator-Name)") {
-               request.Operator-Name = "%client(Operator-Name)"
+       if ("%client('Operator-Name')") {
+               request.Operator-Name = "%client('Operator-Name')"
         }
  }
author	Alan T. DeKok <aland@freeradius.org>
	Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)
raddb/policy.d/canonicalisation		patch \| blob \| blame \| history
raddb/policy.d/cui		patch \| blob \| blame \| history
raddb/policy.d/filter		patch \| blob \| blame \| history
raddb/policy.d/operator-name		patch \| blob \| blame \| history