# split a username into username and domain. We reject user-name
# strings without domains, as they're not routable.
split_username_nai
- if (noop || !&Stripped-User-Domain) {
+ if (noop || !Stripped-User-Domain) {
reject
}
# The outer username is considered garabage for autz purposes, but
# the domain portion of the outer and inner identities must match.
split_username_nai
- if (noop || (&Stripped-User-Domain && \
- (outer.Stripped-User-Domain != &Stripped-User-Domain))) {
+ if (noop || (Stripped-User-Domain && \
+ (outer.Stripped-User-Domain != Stripped-User-Domain))) {
reject
}
# it in the outer server.
if (outer.session-state:)
update {
- outer.session-state:Stripped-User-Name := &Stripped-User-Name
+ outer.session-state:Stripped-User-Name := Stripped-User-Name
}
}
projects / thirdparty / freeradius-server.git / commitdiff
