From: Jorge Pereira Date: Wed, 21 Sep 2022 18:18:37 +0000 (+0100) Subject: More convert 'update' to 'edit' (#4724) X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e78e684b674171a5da804447d93ebea8d7eb04b;p=thirdparty%2Ffreeradius-server.git More convert 'update' to 'edit' (#4724) * More convert 'update' to 'edit' against EAPOL tests * More convert 'update' to 'edit' against bin tests * More convert 'update' to 'edit' against TACACS tests * More convert 'update' to 'edit' against AUTH tests * More convert 'update' to 'edit' against DIGEST tests * More convert 'update' to 'edit' against PERFORMANCE tests * More convert 'update' to 'edit' against RADCLIENT tests * More convert 'update' to 'edit' against VMPS tests * More convert 'update' to 'edit' against XLAT tests --- diff --git a/src/tests/auth/chap b/src/tests/auth/chap index e8ce87a0c04..580f197e176 100644 --- a/src/tests/auth/chap +++ b/src/tests/auth/chap @@ -5,6 +5,4 @@ # # Set CHAP-Password # -update request { - &CHAP-Password := "%(chap_password:%{request.CHAP-Password})" -} +&CHAP-Password := "%(chap_password:%{CHAP-Password})" diff --git a/src/tests/auth/chap_header b/src/tests/auth/chap_header index 685457855b9..58fab442478 100644 --- a/src/tests/auth/chap_header +++ b/src/tests/auth/chap_header @@ -1,14 +1,13 @@ # # over-ride password set in radiusd.conf # -update control { - &Password.Cleartext -= 'hello' - &Password.With-Header := 'oracle01' +&control -= { + &Password.Cleartext == 'hello' } +&control.Password.With-Header := 'oracle01' + # # Set CHAP-Password # -update request { - &CHAP-Password := "%(chap_password:%{request.CHAP-Password})" -} +&request.CHAP-Password := "%(chap_password:%{request.CHAP-Password})" diff --git a/src/tests/auth/chap_mac_auth b/src/tests/auth/chap_mac_auth index 1decad59c57..b40c9187503 100644 --- a/src/tests/auth/chap_mac_auth +++ b/src/tests/auth/chap_mac_auth @@ -1,3 +1 @@ -update control { - &Password.Cleartext := &User-Name -} +&control.Password.Cleartext := &User-Name diff --git a/src/tests/auth/chap_mac_auth_2 b/src/tests/auth/chap_mac_auth_2 index 1decad59c57..b40c9187503 100644 --- a/src/tests/auth/chap_mac_auth_2 +++ b/src/tests/auth/chap_mac_auth_2 @@ -1,3 +1 @@ -update control { - &Password.Cleartext := &User-Name -} +&control.Password.Cleartext := &User-Name diff --git a/src/tests/auth/digest b/src/tests/auth/digest index 7d7d5e2ae7e..7919afda7d2 100644 --- a/src/tests/auth/digest +++ b/src/tests/auth/digest @@ -1,3 +1 @@ -update control { - &Password.Cleartext := "zanzibar" -} +&control.Password.Cleartext := "zanzibar" diff --git a/src/tests/auth/md5_password b/src/tests/auth/md5_password index 1e8c0d43eae..a0c540e60bb 100644 --- a/src/tests/auth/md5_password +++ b/src/tests/auth/md5_password @@ -1,7 +1,5 @@ # # over-ride password set in radiusd.conf # -update control { - &Password.Cleartext -= ANY - &Password.With-Header := '{md5}5d41402abc4b2a76b9719d911017c592' -} +&control -= &Password.Cleartext[*] +&control.Password.With-Header := '{md5}5d41402abc4b2a76b9719d911017c592' diff --git a/src/tests/auth/password_with_header b/src/tests/auth/password_with_header index 02f1e4de69a..678fec7079b 100644 --- a/src/tests/auth/password_with_header +++ b/src/tests/auth/password_with_header @@ -1,7 +1,8 @@ # # over-ride password set in radiusd.conf # -update control { - &Password.Cleartext -= 'hello' - &Password.With-Header := '{clear}hello' +&control -= { + &Password.Cleartext == 'hello' } + +&control.Password.With-Header := '{clear}hello' diff --git a/src/tests/auth/password_without_header b/src/tests/auth/password_without_header index 6fe3abebb09..db814b612c3 100644 --- a/src/tests/auth/password_without_header +++ b/src/tests/auth/password_without_header @@ -1,7 +1,8 @@ # # over-ride password set in radiusd.conf # -update control { - &Password.Cleartext -= 'hello' - &Password.With-Header := 'hello' +&control -= { + &Password.Cleartext == 'hello' } + +&control.Password.With-Header := 'hello' diff --git a/src/tests/auth/unit_test_module.conf b/src/tests/auth/unit_test_module.conf index b103cc09599..4eaebaaacac 100644 --- a/src/tests/auth/unit_test_module.conf +++ b/src/tests/auth/unit_test_module.conf @@ -31,9 +31,7 @@ server default { } recv Access-Request { - update control { - &Password.Cleartext := 'hello' - } + &control.Password.Cleartext := 'hello' # # Include the test file specified by the diff --git a/src/tests/bin/unit_test_module.conf b/src/tests/bin/unit_test_module.conf index a734581aa32..4161b9cb154 100644 --- a/src/tests/bin/unit_test_module.conf +++ b/src/tests/bin/unit_test_module.conf @@ -16,9 +16,7 @@ server default { } recv Access-Request { - update control { - &Auth-Type := accept - } + &control.Auth-Type := accept } recv CoA-Request { diff --git a/src/tests/digest/config/digest.conf b/src/tests/digest/config/digest.conf index 3f9e7ac1a17..a4f744d3ae4 100644 --- a/src/tests/digest/config/digest.conf +++ b/src/tests/digest/config/digest.conf @@ -32,9 +32,7 @@ security { policy { files.authorize { if (&User-Name == "bob") { - update control { - &Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" } } $INCLUDE ${maindir}/policy.d/ @@ -147,31 +145,20 @@ recv Access-Request { # if (&Digest-Response) { if (&Vendor-Specific.Test.Test-Number == "1") { - update control { - &Password.Cleartext := "zanzibar" - } + &control.Password.Cleartext := "zanzibar" } elsif (&Vendor-Specific.Test.Test-Number == "2") { - update control { - &Digest-Attributes.HA1 := 12af60467a33e8518da5c68bbff12b11 - } + &control.Digest-Attributes.HA1 := 12af60467a33e8518da5c68bbff12b11 } } else { - update control { - &Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" } } if (&User-Name =~ /^(.*)@test\.example\.com$/) { - update request { - &Stripped-User-Name := "%{1}" - } - - update control { - &Password.Cleartext := "bob" - } + &Stripped-User-Name := "%{1}" + &control.Password.Cleartext := "bob" } chap diff --git a/src/tests/eapol_test/config/aka-prime/sites-enabled/aka-prime b/src/tests/eapol_test/config/aka-prime/sites-enabled/aka-prime index f77c8c71a4d..a7580d9f5ba 100644 --- a/src/tests/eapol_test/config/aka-prime/sites-enabled/aka-prime +++ b/src/tests/eapol_test/config/aka-prime/sites-enabled/aka-prime @@ -8,12 +8,8 @@ server eap-aka-prime { recv Identity-Response { "%(debug_attr:&session-state.)" if (!&session-state.Tmp-String-0) { - update reply { - &Any-ID-Req := yes - } - update session-state { - &Tmp-String-0 := yes - } + &reply.Any-ID-Req := yes + &session-state.Tmp-String-0 := yes } ok } @@ -23,22 +19,18 @@ server eap-aka-prime { } send Challenge-Request { - update control { - &Sim-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc - &Sim-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf - &Sim-SQN := 3 - } - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &control.SIM-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc + &control.SIM-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf + &control.SIM-SQN := 3 + + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" } send Reauthentication-Request { - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" + ok } diff --git a/src/tests/eapol_test/config/aka/sites-enabled/aka b/src/tests/eapol_test/config/aka/sites-enabled/aka index bc66dd01de8..c5d03e6202e 100644 --- a/src/tests/eapol_test/config/aka/sites-enabled/aka +++ b/src/tests/eapol_test/config/aka/sites-enabled/aka @@ -9,12 +9,8 @@ server eap-aka { recv Identity-Response { "%(debug_attr:&session-state.)" if (!&session-state.Tmp-String-0) { - update reply { - &Any-ID-Req := yes - } - update session-state { - &Tmp-String-0 := yes - } + &reply.Any-ID-Req := yes + &session-state.Tmp-String-0 := yes } ok } @@ -24,22 +20,18 @@ server eap-aka { } send Challenge-Request { - update control { - &Sim-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc - &Sim-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf - &Sim-SQN := 3 - } - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &control.SIM-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc + &control.SIM-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf + &control.SIM-SQN := 3 + + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" } send Reauthentication-Request { - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" + ok } diff --git a/src/tests/eapol_test/config/servers.conf b/src/tests/eapol_test/config/servers.conf index d8b807eb61a..6513acd7d76 100644 --- a/src/tests/eapol_test/config/servers.conf +++ b/src/tests/eapol_test/config/servers.conf @@ -108,9 +108,7 @@ policy { files.authorize { split_username_nai if (&Stripped-User-Name == "bob") { - update control { - &Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" } } @@ -135,9 +133,7 @@ server test { recv Access-Request { if (&User-Name =~ /with.*client.*cert/) { - update control { - &EAP-TLS-Require-Client-Cert := yes - } + &control.EAP-TLS-Require-Client-Cert := yes } files eap diff --git a/src/tests/eapol_test/config/sim/sites-enabled/sim b/src/tests/eapol_test/config/sim/sites-enabled/sim index 75aa6bc83dc..8028affe7f3 100644 --- a/src/tests/eapol_test/config/sim/sites-enabled/sim +++ b/src/tests/eapol_test/config/sim/sites-enabled/sim @@ -4,12 +4,8 @@ server eap-sim { recv Identity-Response { "%(debug_attr:&session-state.)" if (!&session-state.Tmp-String-0) { - update reply { - &Any-ID-Req := yes - } - update session-state { - &Tmp-String-0 := yes - } + &reply.Any-ID-Req := yes + &session-state.Tmp-String-0 := yes } ok } @@ -19,23 +15,20 @@ server eap-sim { } send Challenge-Request { - update control { - &Sim-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc - &Sim-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf - &Sim-SQN := 3 - } - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &control.SIM-Ki := 0x465b5ce8b199b49faa5f0a2ee238a6bc + &control.SIM-Opc := 0xcd63cb71954a9f4e48a5994e37a02baf + &control.SIM-SQN := 3 + + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" + ok } send Reauthentication-Request { - update reply { - &Encr-Data.Next-Reauth-Id := "" - &Encr-Data.Next-Pseudonym := "" - } + &reply.Encr-Data.Next-Reauth-Id := "" + &reply.Encr-Data.Next-Pseudonym := "" + ok } diff --git a/src/tests/eapol_test/config/tls/sites-enabled/tls b/src/tests/eapol_test/config/tls/sites-enabled/tls index d975a806d0a..e7f5d988041 100644 --- a/src/tests/eapol_test/config/tls/sites-enabled/tls +++ b/src/tests/eapol_test/config/tls/sites-enabled/tls @@ -2,9 +2,8 @@ server eap-tls-test { namespace = tls load session { - update control { - &control.Cache-Allow-Insert := no - } + &control.Cache-Allow-Insert := no + cache_tls_session } @@ -13,11 +12,10 @@ server eap-tls-test { } clear session { - update control { - &control.Cache-Allow-Insert := no - &control.Cache-Allow-Merge := no - &control.Cache-TTL := 0 - } + &control.Cache-Allow-Insert := no + &control.Cache-Allow-Merge := no + &control.Cache-TTL := 0 + cache_tls_session } diff --git a/src/tests/performance/ack.conf b/src/tests/performance/ack.conf index 78447fd0ea9..039473a26a3 100644 --- a/src/tests/performance/ack.conf +++ b/src/tests/performance/ack.conf @@ -44,9 +44,7 @@ server default { secret = testing123 } recv Access-Request { - update control { - &Auth-Type := Accept - } + &control.Auth-Type := Accept } send Access-Accept { } diff --git a/src/tests/performance/proxy.conf b/src/tests/performance/proxy.conf index e5dab434b8a..9eff94dbc0f 100644 --- a/src/tests/performance/proxy.conf +++ b/src/tests/performance/proxy.conf @@ -45,9 +45,7 @@ server default { } recv Access-Request { - update control { - &Auth-Type := proxy - } + &control.Auth-Type := proxy } authenticate proxy { radius_auth @@ -59,9 +57,7 @@ server default { recv Accounting-Request { if (!&Event-Timestamp) { - update request { - &Event-Timestamp := "%l" - } + &Event-Timestamp = "%l" # only sets it if there's no Event-Timestamp } radius_acct } diff --git a/src/tests/radclient/config/radiusd.conf b/src/tests/radclient/config/radiusd.conf index 3bcf6e31415..4daf7f6866b 100644 --- a/src/tests/radclient/config/radiusd.conf +++ b/src/tests/radclient/config/radiusd.conf @@ -32,9 +32,7 @@ security { policy { files.authorize { if (&User-Name == "bob") { - update control { - &Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" } } $INCLUDE ${maindir}/policy.d/ @@ -112,13 +110,10 @@ server test { # Ensure that we can send unknown attributes back. # if (&NAS-Identifier == "auth_4") { - update reply { - &Class := 0x483d342c493d34 - } - - update reply { - &raw.26 := &reply.Class - &raw.26 += 0x483d342c493d43 + &reply.Class := 0x483d342c493d34 + &reply += { + &raw.26 = &reply.Class + &raw.26 = 0x483d342c493d43 } } diff --git a/src/tests/tacacs/config/radiusd.conf b/src/tests/tacacs/config/radiusd.conf index 8b2e5afdf2f..38b057b4d48 100644 --- a/src/tests/tacacs/config/radiusd.conf +++ b/src/tests/tacacs/config/radiusd.conf @@ -32,9 +32,7 @@ security { policy { files.authorize { if (&User-Name == "bob") { - update control { - &Password.Cleartext := "bob" - } + &control.Password.Cleartext := "bob" } } $INCLUDE ${maindir}/policy.d/ @@ -115,68 +113,53 @@ server test { recv Authentication-Start { if (&User-Name == "tapioca") { - update reply { - &Authentication-Status := Pass - &Server-Message := "Authentication-Start accepted" - } + &reply.Authentication-Status := Pass + &reply.Server-Message := "Authentication-Start accepted" + ok } else { - update reply { - &Authentication-Status := Fail - &Server-Message := "Authentication-Start failed for %{User-Name}" - } + &reply.Authentication-Status := Fail + &reply.Server-Message := "Authentication-Start failed for %{User-Name}" } } send Authentication-Start-Reply { - update reply { - &Data := "Authentication-Data" - } + &reply.Data := "Authentication-Data" } recv Authentication-Continue { if (&User-Name == "tapioca") { - update reply { - &Authentication-Status := Pass - &Server-Message := "Authentication-Cont accepted" - } + &reply.Authentication-Status := Pass + &reply.Server-Message := "Authentication-Cont accepted" + ok } else { - update reply { - &Authentication-Status := Fail - &Server-Message := "Authentication-Cont failed for %{User-Name}" - } + &reply.Authentication-Status := Fail + &reply.Server-Message := "Authentication-Cont failed for %{User-Name}" } } send Authentication-Continue-Reply { - update reply { - &Data := "Authentication-Data" - } + &reply.Data := "Authentication-Data" } recv Authorization-Request { if (&User-Name == "tapioca") { - update reply { - &Authorization-Status := Pass-Add - &Server-Message := "Authorization-Request accepted" - } + &reply.Authorization-Status := Pass-Add + &reply.Server-Message := "Authorization-Request accepted" + ok } else { - update reply { - &Authorization-Status := Error - &Server-Message := "Authorization-Request failed for %{User-Name}" - } + &reply.Authorization-Status := Error + &reply.Server-Message := "Authorization-Request failed for %{User-Name}" } } send Authorization-Response { - update reply { - &Data := "Authorization-Data" - } + &reply.Data := "Authorization-Data" } recv Accounting-Request { @@ -188,29 +171,21 @@ server test { # First packet for a session accounting Start { - update reply { - &Server-Message := "Accounting-Start Section" - } + &reply.Server-Message := "Accounting-Start Section" } # Updates a session accounting Watchdog { - update reply { - &Server-Message := "Accounting-Watchdog Section" - } + &reply.Server-Message := "Accounting-Watchdog Section" } # Stops a session accounting Stop { - update reply { - &Server-Message := "Accounting-Stop Section" - } + &reply.Server-Message := "Accounting-Stop Section" } send Accounting-Reply { - update reply { - &Accounting-Status := Success - &Data := 0x12 - } + &reply.Accounting-Status := Success + &reply.Data := 0x12 } } diff --git a/src/tests/vmps/config/radiusd.conf b/src/tests/vmps/config/radiusd.conf index 61180778942..668b701da8a 100644 --- a/src/tests/vmps/config/radiusd.conf +++ b/src/tests/vmps/config/radiusd.conf @@ -99,22 +99,16 @@ server vmps { # Validate reply # if ("%{VLAN-Name}" == "Kalos0") { - update reply { - &Error-Code := No-Error - } + &reply.Error-Code := No-Error } else { - update reply { - &Error-Code := Deny - } + &reply.Error-Code := Deny } } send Join-Response { - update reply { - &Packet-Type = Join-Response - &Cookie = &MAC-Address - &VLAN-Name := &VLAN-Name - } + &reply.Packet-Type = Join-Response + &reply.Cookie = &MAC-Address + &reply.VLAN-Name := &VLAN-Name } recv Reconfirm-Request { diff --git a/src/tests/xlat/unit_test_module.conf b/src/tests/xlat/unit_test_module.conf index c17c7934173..03bd37fda18 100644 --- a/src/tests/xlat/unit_test_module.conf +++ b/src/tests/xlat/unit_test_module.conf @@ -29,9 +29,7 @@ server default { } recv Access-Request { - update control { - &Password.Cleartext := 'hello' - } + &control.Password.Cleartext := 'hello' pap }