From: Jorge Pereira Date: Sat, 23 Sep 2023 01:02:32 +0000 (-0300) Subject: Fix Antora examples to not use update X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0c906d860502560422d0bfdaffb73a7252e9a227;p=thirdparty%2Ffreeradius-server.git Fix Antora examples to not use update --- diff --git a/doc/antora/modules/developers/pages/todo.adoc b/doc/antora/modules/developers/pages/todo.adoc index 809a8ffda3d..16d33fcb381 100644 --- a/doc/antora/modules/developers/pages/todo.adoc +++ b/doc/antora/modules/developers/pages/todo.adoc @@ -15,12 +15,10 @@ Unlang syntax for an attribute called `Grouped-Foo` [source,unlang] ---- -update request { - Grouped-Foo { - User-Name = bar - Foo = baz - ... - } +&request.Grouped-Foo := { + User-Name = bar + Foo = baz + ... } ---- diff --git a/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc b/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc index 3ee10b0f688..a22c346fcc6 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/authentication.adoc @@ -149,9 +149,7 @@ You have two options avaliable to you here (`Ctrl-C` the running FreeRADIUS serv ---- -ldap if ((ok || updated) && &User-Password) { - update { - &control.Auth-Type := ldap - } + &control.Auth-Type := ldap } ---- ** FreeRADIUS is now configured to attempt to LDAP bind if the `ldap` module finds a user and the RADIUS request contains a `User-Password` RADIUS attribute @@ -170,9 +168,7 @@ If you use LDAP bind'ing to perform user authentication, then when `radclient` r (0) ldap - Released connection (0) (0) ldap (ok) (0) if ((ok || updated) && &User-Password) { -(0) update { -(0) &control.Auth-Type := ldap -(0) } # update (noop) +(0) &control.Auth-Type := ldap (0) } # if ((ok || updated) && &User-Password) (noop) (0) expiration (noop) (0) pap - WARNING: No "known good" password found for the user. Not setting Auth-Type diff --git a/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc b/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc index d0126881705..a8293a7d80a 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/authorization/groups.adoc @@ -144,9 +144,7 @@ appropriately. [source,unlang] ---- if (%(ldap.memberof:cn=foo,ou=groups,dc=example,dc=com) == true) { - update reply { - &Reply-Message := "Welcome member of group 'foo'" - } + &reply.Reply-Message := "Welcome member of group 'foo'" } ---- @@ -155,9 +153,7 @@ if (%(ldap.memberof:cn=foo,ou=groups,dc=example,dc=com) == true) { [source,unlang] ---- if (%(ldap.memberof:foo) == true) { - update reply { - &Reply-Message := "Welcome member of group 'foo'" - } + &reply.Reply-Message := "Welcome member of group 'foo'" } ---- diff --git a/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc b/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc index 5baaa06ae86..cf1f37555f7 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/base_configuration/index.adoc @@ -154,9 +154,7 @@ server default { recv Access-Request { ldap if (ok || updated) { - update control { - &Auth-Type := ldap - } + &control.Auth-Type := ldap } } diff --git a/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc b/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc index 1c3ee3f2c96..207013ffc4a 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/ldapsearch/translating_to_the_ldap_module.adoc @@ -24,7 +24,7 @@ | Purpose | `ldap { user { ... } }` config item | Specify where to search for users | ```base_dn = ''``` | Specify how to find a user | ```filter = "(&()(=%{%{Stripped-User-Name}:-%{User-Name}})"``` -| Retrieve a "known good" password | ```update { &control.Password.With-Header = ``` +| Retrieve a "known good" password | ```&control.Password.With-Header = ``` | Allow accounts to be explicitly disabled | ```access_attribute = ''``` + ```access_positive = 'no'``` | Require accounts to be explicitly enabled | ```access_attribute = ''``` + diff --git a/doc/antora/modules/howto/pages/modules/mschap/index.adoc b/doc/antora/modules/howto/pages/modules/mschap/index.adoc index fbd111442c7..d60bb755caf 100644 --- a/doc/antora/modules/howto/pages/modules/mschap/index.adoc +++ b/doc/antora/modules/howto/pages/modules/mschap/index.adoc @@ -118,10 +118,10 @@ To actually force a client to change passwords, you must set the expiry bit in the `SMB-Account-Ctrl` value - for example:: ``` -update control { - # U == user - # e == expired SMB-Account-Ctrl-Text := [Ue] -} +# U == user +# e == expired + +&control.SMB-Account-Ctrl-Text := '[Ue]' ``` This will cause the client to receive `error 648 - password expired`. diff --git a/doc/antora/modules/howto/pages/modules/rest/configuration.adoc b/doc/antora/modules/howto/pages/modules/rest/configuration.adoc index f9623265b72..ef118a783fa 100644 --- a/doc/antora/modules/howto/pages/modules/rest/configuration.adoc +++ b/doc/antora/modules/howto/pages/modules/rest/configuration.adoc @@ -109,9 +109,7 @@ server default { ... recv Access-Request { if (&User-Password) { - update control { - &Auth-Type := rest - } + &control.Auth-Type := rest } } diff --git a/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc b/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc index c40a965fb7d..b87acb42424 100644 --- a/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc +++ b/doc/antora/modules/howto/pages/modules/sqlippool/index.adoc @@ -272,9 +272,9 @@ send Access-Accept { noop = return } # On failure for any reason, reject - update { - &reply.Reply-Message += Module-Failure-Message - } + &reply += { + Reply-Message = Module-Failure-Message + } reject } ... @@ -520,10 +520,7 @@ echo "INSERT INTO radcheck (username,attribute,op,value) \ ---- send Access-Accept { ... - update control { - &IP-Pool.Name := 'internet' - } - + &control.IP-Pool.Name := 'internet' sqlippool ... } diff --git a/doc/antora/modules/raddb/pages/mods-available/csv.adoc b/doc/antora/modules/raddb/pages/mods-available/csv.adoc index 3d6612866af..ccb9994c96d 100644 --- a/doc/antora/modules/raddb/pages/mods-available/csv.adoc +++ b/doc/antora/modules/raddb/pages/mods-available/csv.adoc @@ -171,8 +171,8 @@ as given the the key` field above. For example, the map could look like this: map csv &User-Name { -&reply.Reply-Message := 'color' -&Tmp-Integer-0 := 'count' + &reply.Reply-Message := 'color' + &Tmp-Integer-0 := 'count' } This map does the same operations as the key / update diff --git a/doc/antora/modules/raddb/pages/mods-available/ldap.adoc b/doc/antora/modules/raddb/pages/mods-available/ldap.adoc index 753f7c2f584..2853a731e92 100644 --- a/doc/antora/modules/raddb/pages/mods-available/ldap.adoc +++ b/doc/antora/modules/raddb/pages/mods-available/ldap.adoc @@ -698,12 +698,8 @@ Escape a string for use in an LDAP filter or DN. [source,unlang] ---- -update control { - &Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?(objectClass=radiusprofile)" -} -update reply { - &Reply-Message := "The LDAP url is %{ldap_escape:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?(objectClass=radiusprofile)" +&reply.Reply-Message := "The LDAP url is %{ldap_escape:%{control.Tmp-String-0}}" ---- .Output @@ -722,12 +718,8 @@ Unescape a string for use in an LDAP filter or DN. [source,unlang] ---- -update control { - &Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?\28objectClass=radiusprofile\29" -} -update reply { - &Reply-Message := "The LDAP url is %{ldap_unescape:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "ldap:///ou=profiles,dc=example,dc=com??sub?\28objectClass=radiusprofile\29" +&reply.Reply-Message := "The LDAP url is %{ldap_unescape:%{control.Tmp-String-0}}" ---- .Output diff --git a/doc/antora/modules/raddb/pages/radrelay.conf.adoc b/doc/antora/modules/raddb/pages/radrelay.conf.adoc index 7fcc221f0fe..5bd1bd5aa38 100644 --- a/doc/antora/modules/raddb/pages/radrelay.conf.adoc +++ b/doc/antora/modules/raddb/pages/radrelay.conf.adoc @@ -296,9 +296,7 @@ server radrelay { load_factor = 90 } recv Accounting-Request { - update control { - Proxy-To-Realm := "radrelay" - } + &control.Proxy-To-Realm := "radrelay" } } ``` diff --git a/doc/antora/modules/raddb/pages/sites-available/default.adoc b/doc/antora/modules/raddb/pages/sites-available/default.adoc index a984dd501bd..38f225fb46a 100644 --- a/doc/antora/modules/raddb/pages/sites-available/default.adoc +++ b/doc/antora/modules/raddb/pages/sites-available/default.adoc @@ -1389,9 +1389,11 @@ send Access-Accept { # sql_log # ldap # &request.WiMAX-MN-NAI = "%{User-Name}" -# update reply { -# &Vendor-Specific.WiMAX.FA-RK-Key = 0x00 -# &Vendor-Specific.WiMAX.MSK = "%{reply.EAP-MSK}" +# &reply += { +# &Vendor-Specific.WiMAX = { +# &FA-RK-Key = 0x00 +# &MSK = &reply.EAP-MSK +# } # } # wimax # &reply += { diff --git a/doc/antora/modules/raddb/pages/sites-available/index.adoc b/doc/antora/modules/raddb/pages/sites-available/index.adoc index fc910ac51b6..2e08f72c271 100644 --- a/doc/antora/modules/raddb/pages/sites-available/index.adoc +++ b/doc/antora/modules/raddb/pages/sites-available/index.adoc @@ -57,9 +57,7 @@ server foo { } recv Access-Request { - update control { - Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" pap } diff --git a/doc/antora/modules/reference/pages/xlat/builtin.adoc b/doc/antora/modules/reference/pages/xlat/builtin.adoc index 1c189b3be02..0328838fbb5 100644 --- a/doc/antora/modules/reference/pages/xlat/builtin.adoc +++ b/doc/antora/modules/reference/pages/xlat/builtin.adoc @@ -398,7 +398,7 @@ Used to join two or more attributes, separated by an optional delimiter. &Tmp-String-0 = "c" } -reply += { +&reply += { &Reply-Message = "%(concat:%{control.Tmp-String-0[*]} ', ')" &Reply-Message = "%(concat:%{control.Tmp-String-0[*]} ,)" } @@ -488,14 +488,8 @@ Serialize attributes as comma-delimited string. [source,unlang] ---- -update { - &control.Tmp-String-0 := "This is a string" - &control.Tmp-String-0 += "This is another one" -} - -update reply { - &Reply-Message := "Serialize output: %(pairs:&control.[*])" -} +&control.Tmp-String-0 := { "This is a string", "This is another one" } +&reply.Reply-Message := "Serialize output: %(pairs:&control.[*])" ---- .Output @@ -514,9 +508,7 @@ Get random string built from character classes. [source,unlang] ---- -update reply { - &Reply-Message := "The random string output is %{randstr:aaaaaaaa}" -} +&reply.Reply-Message := "The random string output is %{randstr:aaaaaaaa}" ---- .Output @@ -535,12 +527,8 @@ Length of given string. [source,unlang] ---- -update control { - &Tmp-String-0 := "Caipirinha" -} -update reply { - &Reply-Message := "The length of %{control.Tmp-String-0} is %{strlen:&control.Tmp-String-0}" -} +&control.Tmp-String-0 := "Caipirinha" +&reply.Reply-Message := "The length of %{control.Tmp-String-0} is %{strlen:&control.Tmp-String-0}" ---- .Output @@ -560,12 +548,8 @@ it. This definition is only available in version 2.1.10 and later. [source,unlang] ---- -update control { - &Tmp-String-0 := "CAIPIRINHA" -} -update reply { - &Reply-Message := "tolower of %{control.Tmp-String-0} is %{tolower:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "CAIPIRINHA" +&reply.Reply-Message := "tolower of %{control.Tmp-String-0} is %{tolower:%{control.Tmp-String-0}}" ---- .Output @@ -585,12 +569,8 @@ it. This definition is only available in version 2.1.10 and later. [source,unlang] ---- -update control { - &Tmp-String-0 := "caipirinha" -} -update reply { - &Reply-Message := "toupper of %{control.Tmp-String-0} is %{toupper:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "caipirinha" +&reply.Reply-Message := "toupper of %{control.Tmp-String-0} is %{toupper:%{control.Tmp-String-0}}" ---- .Output @@ -611,12 +591,8 @@ Encode a string using Base64. [source,unlang] ---- -update control { - &Tmp-String-0 := "Caipirinha" -} -update reply { - &Reply-Message := "The base64 of %{control.Tmp-String-0} is %(base64.encode:%{control.Tmp-String-0})" -} +&control.Tmp-String-0 := "Caipirinha" +&reply.Reply-Message := "The base64 of %{control.Tmp-String-0} is %(base64.encode:%{control.Tmp-String-0})" ---- .Output @@ -635,12 +611,8 @@ Decode a string previously encoded using Base64. [source,unlang] ---- -update control { - &Tmp-String-0 := "Q2FpcGlyaW5oYQ==" -} -update reply { - &Reply-Message := "The base64.decode of %{control.Tmp-String-0} is %(base64.decode:%{control.Tmp-String-0})" -} +&control.Tmp-String-0 := "Q2FpcGlyaW5oYQ==" +&reply.Reply-Message := "The base64.decode of %{control.Tmp-String-0} is %(base64.decode:%{control.Tmp-String-0})" ---- .Output @@ -659,12 +631,8 @@ Convert string to binary. [source,unlang] ---- -update control { - &Tmp-String-0 := "10" -} -update reply { - &Reply-Message := "The %{control.Tmp-String-0} in binary is %{bin:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "10" +&reply.Reply-Message := "The %{control.Tmp-String-0} in binary is %{bin:%{control.Tmp-String-0}}" ---- .Output @@ -683,12 +651,8 @@ Convert to hex. [source,unlang] ---- -update control { - &Tmp-String-0 := "12345" -} -update reply { - &Reply-Message := "The value of %{control.Tmp-String-0} in hex is %{hex:%{control.Tmp-String-0}}" -} +&control.Tmp-String-0 := "12345" +&reply.Reply-Message := "The value of %{control.Tmp-String-0} in hex is %{hex:%{control.Tmp-String-0}}" ---- .Output @@ -707,11 +671,9 @@ Quote URL special characters. [source,unlang] ---- -update { - &control.Tmp-String-0 := "http://example.org/" -} -update reply { - &Reply-Message += "The urlquote of %{control.Tmp-String-0} is %{urlquote:%{control.Tmp-String-0}}" +&control.Tmp-String-0 := "http://example.org/" +&reply += { + &Reply-Message = "The urlquote of %{control.Tmp-String-0} is %{urlquote:%{control.Tmp-String-0}}" } ---- @@ -731,11 +693,9 @@ Unquote URL special characters. [source,unlang] ---- -update { - &control.Tmp-String-0 := "http%%3A%%2F%%2Fexample.org%%2F" # Attention for the double %. -} -update reply { - &Reply-Message += "The urlunquote of %{control.Tmp-String-0} is %{urlunquote:%{control.Tmp-String-0}}" +&control.Tmp-String-0 := "http%%3A%%2F%%2Fexample.org%%2F" # Attention for the double %. +&reply += { + &Reply-Message = "The urlunquote of %{control.Tmp-String-0} is %{urlunquote:%{control.Tmp-String-0}}" } ---- @@ -757,17 +717,13 @@ Generate `HMAC-MD5` of string. [source,unlang] ---- -update { - &control.Tmp-String-0 := "mykey" - &control.Tmp-String-1 := "Caipirinha" -} -update { - &control.Tmp-Octets-0 := "%(hmacmd5:%{control.Tmp-String-0} %{control.Tmp-String-1})" -} +&control.Tmp-String-0 := "mykey" +&control.Tmp-String-1 := "Caipirinha" +&reply.control.Tmp-Octets-0 := "%(hmacmd5:%{control.Tmp-String-0} %{control.Tmp-String-1})" -update reply { - &Reply-Message := "The HMAC-MD5 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}" - &Reply-Message += "The HMAC-MD5 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}" +&reply += { + &Reply-Message = "The HMAC-MD5 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}" + &Reply-Message = "The HMAC-MD5 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}" } ---- @@ -788,17 +744,13 @@ Generate `HMAC-SHA1` of string. [source,unlang] ---- -update { - &control.Tmp-String-0 := "mykey" - &control.Tmp-String-1 := "Caipirinha" -} -update { - &control.Tmp-Octets-0 := "%(hmacsha1:%{control.Tmp-String-0} %{control.Tmp-String-1})" -} +&control.Tmp-String-0 := "mykey" +&control.Tmp-String-1 := "Caipirinha" +&control.Tmp-Octets-0 := "%(hmacsha1:%{control.Tmp-String-0} %{control.Tmp-String-1})" -update reply { - &Reply-Message := "The HMAC-SHA1 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}" - &Reply-Message += "The HMAC-SHA1 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}" +&reply += { + &Reply-Message = "The HMAC-SHA1 of %{control.Tmp-String-1} in octets is %{control.Tmp-Octets-0}" + &Reply-Message = "The HMAC-SHA1 of %{control.Tmp-String-1} in hex is %{hex:control.Tmp-Octets-0}" } ---- @@ -820,12 +772,10 @@ result is binary data. [source,unlang] ---- -update control { - &Tmp-String-0 := "Caipirinha" -} -update reply { - &Reply-Message := "md5 of %{control.Tmp-String-0} is octal=%{md5:%{control.Tmp-String-0}}" - &Reply-Message := "md5 of %{control.Tmp-String-0} is hex=%{hex:%{md5:%{control.Tmp-String-0}}}" +&control.Tmp-String-0 := "Caipirinha" +&reply += { + &Reply-Message = "md5 of %{control.Tmp-String-0} is octal=%{md5:%{control.Tmp-String-0}}" + &Reply-Message = "md5 of %{control.Tmp-String-0} is hex=%{hex:%{md5:%{control.Tmp-String-0}}}" } ---- @@ -870,12 +820,10 @@ families of digest functions. [source,unlang] ---- -update { - &control.Tmp-String-0 := "Caipirinha" -} -update reply { - &Reply-Message := "The md5 of %{control.Tmp-String-0} in octal is %{md5:%{control.Tmp-String-0}}" - &Reply-Message += "The md5 of %{control.Tmp-String-0} in hex is %{hex:%{md5:%{control.Tmp-String-0}}}" +&control.Tmp-String-0 := "Caipirinha" +&reply += { + &Reply-Message = "The md5 of %{control.Tmp-String-0} in octal is %{md5:%{control.Tmp-String-0}}" + &Reply-Message = "The md5 of %{control.Tmp-String-0} in hex is %{hex:%{md5:%{control.Tmp-String-0}}}" } ---- @@ -936,19 +884,12 @@ Evaluates the string as an expansion, and returns the result. The main differen [source,unlang] ---- if (&User-Name == "bob") { - update request { - &Tmp-String-0 := "&User-Name" - } + &request.Tmp-String-0 := "&User-Name" } else { - update request { - &Tmp-String-0 := "not bob!" - } -} - -update reply { - &Reply-Message := "%{eval:&Tmp-String-0}" + &request.Tmp-String-0 := "not bob!" } +&reply.Reply-Message := "%{eval:&request.Tmp-String-0}" ---- .Output when `&User-Name == bob` @@ -980,11 +921,7 @@ You probably don't want to use this. In v4, the main use of `%{expr:...}` is in [source,unlang] ---- -update reply - &Tmp-String-0 := "%{expr: 1 + 2}" - } -} - +&reply.Tmp-String-0 := "%{expr:1 + 2}" ---- .Output @@ -1014,9 +951,7 @@ With the current time at 16:18, `%(nexttime:1h)` will expand to `2520`. [source,unlang] ---- -update reply { - &Reply-Message := "You should wait for %(nexttime:1h)s" -} +&reply.Reply-Message := "You should wait for %(nexttime:1h)s" ---- .Output @@ -1040,9 +975,7 @@ See also the `unpack` module, which is the inverse to `pack`. [source,unlang] ---- -update reply { - &Class := "%{pack:%{reply.Framed-IP-Address}%{NAS-IP-Address}}" -} +&reply.Class := "%{pack:%{reply.Framed-IP-Address}%{NAS-IP-Address}}" ---- .Output @@ -1080,14 +1013,10 @@ The source/destination ports associated with the packet. [source,unlang] ---- -update control { - &Tmp-String-0 := "user@example.com" -} +&control.Tmp-String-0 := "user@example.com" if (&control.Tmp-String-0 =~ /^(?(.*))@(?(.*))$/) { - update reply { - &Reply-Message := "The %{control.Tmp-String-0} { login=%{regex:login}, domain=%{regex:domain} }" - } + &reply.Reply-Message := "The %{control.Tmp-String-0} { login=%{regex:login}, domain=%{regex:domain} }" } ---- @@ -1107,12 +1036,8 @@ Substitute text just as easily as it can match it, even using regex patterns. [source,unlang] ---- -update control { - &Tmp-String-0 := "Caipirinha is a light and refreshing drink!" -} -update reply { - &Reply-Message := "%(sub:%{control.Tmp-String-0} / / ,)" -} +&control.Tmp-String-0 := "Caipirinha is a light and refreshing drink!" +&reply.Reply-Message := "%(sub:%{control.Tmp-String-0} / / ,)" ---- .Output diff --git a/doc/antora/modules/tutorials/pages/unlang_policies.adoc b/doc/antora/modules/tutorials/pages/unlang_policies.adoc index 24b91c0223b..8883a5c087b 100644 --- a/doc/antora/modules/tutorials/pages/unlang_policies.adoc +++ b/doc/antora/modules/tutorials/pages/unlang_policies.adoc @@ -22,9 +22,7 @@ braces containing the body of the policy ------------------------------------------------ a_policy { if (&User-Name =~ /@([\w.+])/) { - update reply { - Reply-Message := "Hello remote %{User-Name}" - } + &reply.Reply-Message := "Hello remote %{User-Name}" } } ------------------------------------------------ diff --git a/doc/antora/modules/tutorials/pages/virtual.adoc b/doc/antora/modules/tutorials/pages/virtual.adoc index 9b39d078e4a..0aea6e128e1 100644 --- a/doc/antora/modules/tutorials/pages/virtual.adoc +++ b/doc/antora/modules/tutorials/pages/virtual.adoc @@ -33,9 +33,7 @@ listen { } authorize { - update control { - Clearext-Password := "hello" - } + &control.Clearext-Password := "hello" pap } diff --git a/raddb/sites-available/default b/raddb/sites-available/default index 0af55c0d956..94004144d5f 100644 --- a/raddb/sites-available/default +++ b/raddb/sites-available/default @@ -1133,9 +1133,11 @@ send Access-Accept { # with the correct ones taken from the cryptographic # calculations, e.g. # -# update reply { -# &Vendor-Specific.WiMAX.FA-RK-Key = 0x00 -# &Vendor-Specific.WiMAX.MSK = "%{reply.EAP-MSK}" +# &reply += { +# &Vendor-Specific.WiMAX = { +# &FA-RK-Key = 0x00 +# &MSK = &reply.EAP-MSK +# } # } # You may want to delete the `MS-MPPE-*-Keys` from the