From: Alan T. DeKok Date: Tue, 18 Feb 2025 19:36:54 +0000 (-0500) Subject: remove more '&' X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8bd1745ee4661dae74acdc3e140da72a67e916d;p=thirdparty%2Ffreeradius-server.git remove more '&' --- diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap index fc8d07ea294..7e336734280 100644 --- a/raddb/mods-available/eap +++ b/raddb/mods-available/eap @@ -117,7 +117,7 @@ eap { # # ### EAP-PWD (Secure password-based authentication) # - # In v4, the "known good" password is taken from the `&request.control.Password.Cleartext` list, + # In v4, the "known good" password is taken from the `request.control.Password.Cleartext` list, # as is done by other modules. The change from v3 is that the `inner-tunnel` virtual server # is no not used. # @@ -455,7 +455,7 @@ eap { # # The file should be provided as the attribute: # - # &control.TLS-Session-Cert-File + # control.TLS-Session-Cert-File # # If there are any errors loading or verifying the # certificate, then authentication will fail. @@ -686,7 +686,7 @@ eap { # `virtual_server`. # # Attributes created during certificate processing - # will be placed in the `&session-state` list. + # will be placed in the `session-state` list. # This is to simplify session-resumption, as the # contents of this list also contains session data # for stateful resumption, and this list is encoded @@ -721,7 +721,7 @@ eap { # ==== # Attribute generation is only performed on full # handshake, or where we detect that attributes - # are missing from the &session-state list during + # are missing from the `session-state` list during # stateful session-resumption. # # Certificate attributes will usually be retrieved @@ -795,8 +795,8 @@ eap { # You must ensure that any attributes required for policy # decisions are cached along with the TLS session # data. This is usually done by placing policy attributes in the - # `&session-state` list, or in the case of EAP-PEAP, EAP-TTLS and - # EAP-FAST, the `&parent.session-state` list (i.e. in the request + # `session-state` list, or in the case of EAP-PEAP, EAP-TTLS and + # EAP-FAST, the `parent.session-state` list (i.e. in the request # which sets up the TLS part of the authentication attempt). # # Caching this data means that the policies are cached at the @@ -980,7 +980,7 @@ eap { # # You can override this configuration item at run-time by setting: # - # &control.EAP-TLS-Require-Client-Cert = Yes/No + # control.EAP-TLS-Require-Client-Cert = Yes/No # # require_client_cert = yes @@ -1066,7 +1066,7 @@ eap { # following option. You can also override this option by # setting: # - # &control.EAP-TLS-Require-Client-Cert = Yes + # control.EAP-TLS-Require-Client-Cert = Yes # # NOTE: The majority of supplicants do not support using a # client certificate with `EAP-TTLS`, so this option is unlikely @@ -1160,7 +1160,7 @@ eap { # However, you can require one by setting the following # option. You can also override this option by setting # - # &control.EAP-TLS-Require-Client-Cert = Yes + # control.EAP-TLS-Require-Client-Cert = Yes # # NOTE: The majority of supplicants do not support using a # client certificate with `PEAP`, so this option is unlikely to diff --git a/raddb/mods-available/exec b/raddb/mods-available/exec index f3d77055cdb..a03704feefb 100644 --- a/raddb/mods-available/exec +++ b/raddb/mods-available/exec @@ -24,7 +24,7 @@ # Note that when the assignment is to a list, the `exec` call _must_ be # inside of a double-quoted string. # -# &request += "%exec(/path/to/program,args, ...)" +# request += "%exec(/path/to/program,args, ...)" # # The value of the attribute will be replaced with the output of the # program which is executed. @@ -96,7 +96,7 @@ exec { # |=== # | Pairs | Description # | &request | attributes from the request - # | &config | attributes from the configuration items list + # | &control | attributes from the control list # | &reply | attributes from the reply # | &session-state | attributes that persist over multiple request/response rounds. # |=== diff --git a/raddb/mods-available/totp b/raddb/mods-available/totp index d1dc0cc20b2..25fe96e94ca 100644 --- a/raddb/mods-available/totp +++ b/raddb/mods-available/totp @@ -12,17 +12,17 @@ # # The Base32-encoded secret should be placed into: # -# `&control.TOTP.Secret` +# `control.TOTP.Secret` # # Any "bare" key should be placed into: # -# `&control.TOTP.Key` +# `control.TOTP.Key` # # If `TOTP.Key` exists, then it will be used instead of `TOTP.Secret`. # # The TOTP password entered by the user should be placed into: # -# `&request.TOTP.From-User` +# `request.TOTP.From-User` # # The module will return `ok` if the passwords match, and `fail` # if the passwords do not match. diff --git a/raddb/mods-available/winbind b/raddb/mods-available/winbind index ae8da461de0..c2e356f757d 100644 --- a/raddb/mods-available/winbind +++ b/raddb/mods-available/winbind @@ -25,7 +25,7 @@ winbind { # # username:: The username to pass to `winbind` for authentication. # - username = "%{&Stripped-User-Name || &User-Name}" + username = "%{Stripped-User-Name || User-Name}" # # domain:: The windows domain. @@ -52,7 +52,7 @@ winbind { # This should generally not include a realm, so `Stripped-User-Name` # is likely the best attribute if it exists. # - search_username = "%{&Stripped-User-Name || &User-Name}" + search_username = "%{Stripped-User-Name || User-Name}" # # add_domain:: Include the domain in group searches. diff --git a/raddb/mods-available/yubikey b/raddb/mods-available/yubikey index 48da2a890a8..41d8f4a3b05 100644 --- a/raddb/mods-available/yubikey +++ b/raddb/mods-available/yubikey @@ -31,8 +31,8 @@ yubikey { # split:: If true, the authorize method of `rlm_yubikey` will attempt to split the # value of `User-Password`, into the user's password, and the OTP token. # - # NOTE: If enabled and successful, the value of `&request.User-Password` will be - # truncated and `&request.Vendor-Specific.Yubicon.Yubikey-OTP` will be added. + # NOTE: If enabled and successful, the value of `request.User-Password` will be + # truncated and `request.Vendor-Specific.Yubicon.Yubikey-OTP` will be added. # # split = yes @@ -66,11 +66,11 @@ yubikey { # [options="header,autowidth"] # |=== # | Attributes | Description - # | `&control.Vendor-Specific.Yubicon.Yubikey-Key` | The AES key used to decrypt the OTP data. + # | `control.Vendor-Specific.Yubicon.Yubikey-Key` | The AES key used to decrypt the OTP data. # The `Yubikey-Public-Id` and/or User-Name # attributes may be used to retrieve the key. # The value is a `16-byte` binary blob. - # | `&control.Vendor-Specific.Yubicon.Yubikey-Counter` | This is compared with the counter in the OTP + # | `control.Vendor-Specific.Yubicon.Yubikey-Counter` | This is compared with the counter in the OTP # data and used to prevent replay attacks. # This attribute will also be available in # the request list after successful decryption. @@ -84,7 +84,7 @@ yubikey { # [options="header,autowidth"] # |=== # | Attributes | Description - # | `&request.Vendor-Specific.Yubicon.Yubikey-Public-ID` | The public portion of the OTP string. + # | `request.Vendor-Specific.Yubicon.Yubikey-Public-ID` | The public portion of the OTP string. # The value is a `id_len` modhex string. # |=== # @@ -93,7 +93,7 @@ yubikey { # [options="header,autowidth"] # |=== # | Attributes | Description - # | `&request.Vendor-Specific.Yubicon.Yubikey-OTP` | The OTP portion of `User-Password`. + # | `request.Vendor-Specific.Yubicon.Yubikey-OTP` | The OTP portion of `User-Password`. # |=== # # These attributes are available after authentication (if successful): @@ -101,19 +101,19 @@ yubikey { # [options="header,autowidth"] # |=== # | Attributes | Description - # | `&request.Vendor-Specific.Yubicon.Yubikey-Private-ID` | The encrypted ID included in OTP data, + # | `request.Vendor-Specific.Yubicon.Yubikey-Private-ID` | The encrypted ID included in OTP data, # should be verified for increased security. # The value is a `6-byte` binary blob. - # | `&request.Vendor-Specific.Yubicon.Yubikey-Counter` | The last counter value (should be recorded). + # | `request.Vendor-Specific.Yubicon.Yubikey-Counter` | The last counter value (should be recorded). # The value is a concatenation of the 16-bit # session count & `8-bit` use count which form a # `24-bit` monotonically strictly increasing # integer (until the individual count ceilings # are hit) - # | `&request.Vendor-Specific.Yubicon.Yubikey-Timestamp` | Token's internal clock (mainly useful for debugging). + # | `request.Vendor-Specific.Yubicon.Yubikey-Timestamp` | Token's internal clock (mainly useful for debugging). # The value is a 24-bit increasing `integer @ 8 Hz` # with rollover which is randomly initialized each session. - # | `&request.Vendor-Specific.Yubicon.Yubikey-Random` | Randomly generated value from the token. + # | `request.Vendor-Specific.Yubicon.Yubikey-Random` | Randomly generated value from the token. # The value is a 16-bit integer. # |=== #