#
if (&Test-Paircmp == &NAS-Identifier) {
success
-
}
else {
test_fail
#
# Hex encoded SSHA2-512 password
#
-update {
- &control.Password.With-Header += "{ssha512}%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
+&control += {
+ &Password.With-Header = "{ssha512}%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
}
pap.authorize
#
# Base64 encoded SSHA2-512 password
#
-update {
- &control.Tmp-String-1 := "%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
-}
+&control.Tmp-String-1 := "%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
# To Binary
-update {
- &control.Tmp-Octets-0 := "%{bin:%{control.Tmp-String-1}}"
-}
+&control.Tmp-Octets-0 := "%{bin:%{control.Tmp-String-1}}"
# To Base64
-update {
- &control.Tmp-String-1 := "%{base64:%{control.Tmp-Octets-0}}"
-}
+&control.Tmp-String-1 := "%{base64:%{control.Tmp-Octets-0}}"
-update {
- &control.Password.With-Header += "{ssha512}%{control.Tmp-String-1}"
+&control += {
+ &Password.With-Header = "{ssha512}%{control.Tmp-String-1}"
}
pap.authorize
#
# Base64 of Base64 encoded SSHA2-512 password
#
-update {
- &control.Tmp-String-1 := "%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
-}
+&control.Tmp-String-1 := "%{hex:%{sha2_512:%{User-Password}%{Tmp-String-0}}}%{hex:%{Tmp-String-0}}"
# To Binary
-update {
- &control.Tmp-Octets-0 := "%{bin:%{control.Tmp-String-1}}"
-}
+&control.Tmp-Octets-0 := "%{bin:%{control.Tmp-String-1}}"
# To Base64
-update {
- &control.Tmp-String-1 := "{ssha512}%{base64:%{control.Tmp-Octets-0}}"
-}
+&control.Tmp-String-1 := "{ssha512}%{base64:%{control.Tmp-Octets-0}}"
-update {
- &control.Password.With-Header += "%{base64:%{control.Tmp-String-1}}"
+&control += {
+ &Password.With-Header = "%{base64:%{control.Tmp-String-1}}"
}
pap.authorize
#
# Base64 of SHA2-384 password (in SHA2-Password)
#
-update control {
- &control.Password.SHA2 := "%{hex:%{sha2_384:%{User-Password}}}"
-}
+&control.Password.SHA2 := "%{hex:%{sha2_384:%{User-Password}}}"
pap.authorize
pap.authenticate {
#
# Base64 of SHA2-256 password (in SHA2-256-Password)
#
-update control {
- &control.Password.SHA2-256 := "%{hex:%{sha2_256:%{User-Password}}}"
-}
+&control.Password.SHA2-256 := "%{hex:%{sha2_256:%{User-Password}}}"
pap.authorize
pap.authenticate {
#
# Base64 of SHA2-224 password (in SHA2-224-Password - No hex armour)
#
-update control {
- &control.Password.SHA2-224 := "%{sha2_224:%{User-Password}}"
-}
+&control.Password.SHA2-224 := "%{sha2_224:%{User-Password}}"
pap.authorize
pap.authenticate {
}
recv Access-Request {
- update control {
- &Password.Cleartext := 'hello'
- }
+ &control.Password.Cleartext := "hello"
#
# Include the test file specified by the
#
# PRE: update if
#
-update {
- &request.Tmp-String-0 := "This is a string\n"
- &request.Tmp-Octets-0 := 0x000504030201
-}
+&request.Tmp-String-0 := "This is a string\n"
+&request.Tmp-Octets-0 := 0x000504030201
-update {
- &request.Tmp-Octets-1 := "%{sha2_256:This is a string\n}"
- &request.Tmp-Octets-2 := "%{sha2_256:%{Tmp-String-0}}"
- &request.Tmp-Octets-3 := "%{sha2_256:%{request.Tmp-String-0}}"
- &request.Tmp-Octets-4 := "%{sha2_256:%{request.Tmp-Octets-0}}"
- &request.Tmp-Octets-5 := "%{sha2_256:%{request.Tmp-Octets-9}}"
-}
+&request.Tmp-Octets-1 := "%{sha2_256:This is a string\n}"
+&request.Tmp-Octets-2 := "%{sha2_256:%{Tmp-String-0}}"
+&request.Tmp-Octets-3 := "%{sha2_256:%{request.Tmp-String-0}}"
+&request.Tmp-Octets-4 := "%{sha2_256:%{request.Tmp-Octets-0}}"
+&request.Tmp-Octets-5 := "%{sha2_256:%{request.Tmp-Octets-9}}"
#
# Put "This is a string" into a file and call "sha2_256sum" on it.
# SHA512 and SHA256 share common code paths, so the tests don't need to be
# as exhaustive.
#
-update {
- &request.Tmp-Octets-1 := "%{sha2_512:This is a string\n}"
- &request.Tmp-Octets-2 := "%{sha2_512:%{Tmp-String-0}}"
- &request.Tmp-Octets-3 := "%{sha2_512:%{request.Tmp-Octets-0}}"
-}
+&request.Tmp-Octets-1 := "%{sha2_512:This is a string\n}"
+&request.Tmp-Octets-2 := "%{sha2_512:%{Tmp-String-0}}"
+&request.Tmp-Octets-3 := "%{sha2_512:%{request.Tmp-Octets-0}}"
if (&request.Tmp-Octets-1 != 0x56b57df5cce42d4e35c644649798ea23ec16f4f4626e78faf4d2d8f430ea349bcc28cd5532457c82f0aa66bf68988346039fe75b900a92ff94fd53993d45990f) {
test_fail
# cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-f0-9' | head -c <n>
# 8192 - 0x (2) - '' (2) there are unlikely to be any static buffers this big outside of the conffile parser
-update request {
- &Tmp-Octets-0 := 0x\
+&Tmp-Octets-0 := 0x\
d8abccb7834711af1de1812be2579febe946f5d7beef6fa5c7074c0cb917e9b91e23e14b016f27610097c16c0e0fad88176e077b24198c770746159\
05b8810d1c8b774d98889fa5c6027cde5e9c56dd4f7c48298c7713aeca5ba5dcfd506032ad05b1396f50e825b633d5a6af0dce6181b640287e03a65\
8734df46a86341556f28455b3f377313a5a2ac8c8267b8a5de559b95f9b493a68b9e0278485f9e3914d702b2b7b90ee85ff393461f197386d09b836\
fc6afab4c5dd4aae4a2e6f0293c15278d557c2925acba90c73eeea09ebb95f0d469aa77ae983a0e69dacd55bd8a7e78a41df5227de35af05127fa3b\
a02f4a3ab98d75992d68a15d393387fe9ef01041569570ad6fe884764e55567311bcacfcffae76554dcfebfde607500f50ec85f589eaade607500f5\
3ae4bcef324b9a3f47ba5c835b54a010ca42f3b9cc5368278c148c9b02ea8c4c9f244fd49f
-}
# Actual length of octet string is 4083 bytes
if (%(length:%{Tmp-Octets-0}) != 4083) {
#
# Check that a known but malformed attr is malformed
#
-update request {
- &26.24757.84.9.5.7 = 0xab
-}
+&request.26.24757.84.9.5.7 := 0xab
if (&26.24757.84.9.5.7 != 0xab) {
test_fail
#
# Check that an unknown attr is OK
#
-update request {
- &26.24757.84.9.5.15 = 0xabcdef
-}
+&request.26.24757.84.9.5.15 := 0xabcdef
if (&26.24757.84.9.5.15 != 0xabcdef) {
test_fail
test_fail
}
-update request {
- &26.11344.1 := 0x7f000001
-}
+&request.26.11344.1 := 0x7f000001
if (&Vendor-Specific.FreeRADIUS.Proxied-To == 127.0.0.2) {
test_fail
test_fail
}
-update request {
- &26.66.1 = 0x01020304
-}
+&request.26.66.1 = 0x01020304
if (&26.66.1 != 0x01020304) {
test_fail
projects / thirdparty / freeradius-server.git / commitdiff
