From 120938135ccbfca86995585a270c828240d322c7 Mon Sep 17 00:00:00 2001
From: "Alan T. DeKok" <aland@freeradius.org>
Date: Sat, 26 Apr 2025 12:37:20 -0400
Subject: [PATCH] use newer / consistent function names

---
 .../pages/raddb/mods-available/eap.adoc        |  6 +++---
 .../raddb/sites-available/eap-aka-sim.adoc     |  2 +-
 raddb/mods-available/eap                       |  6 +++---
 raddb/sites-available/eap-aka-sim              |  2 +-
 src/lib/eap_aka_sim/xlat.c                     | 16 +++++++++++++---
 src/tests/keywords/radius.conf                 |  2 +-
 src/tests/keywords/timeout-catch               |  2 ++
 .../modules/eap_sim/sim_xlat_id_aka.unlang     | 18 +++++++++---------
 .../sim_xlat_id_aka_decrypt_no_tag.unlang      |  4 ++--
 .../modules/eap_sim/sim_xlat_id_sim.unlang     |  4 ++--
 10 files changed, 37 insertions(+), 25 deletions(-)

diff --git a/doc/antora/modules/reference/pages/raddb/mods-available/eap.adoc b/doc/antora/modules/reference/pages/raddb/mods-available/eap.adoc
index 5436c3cacd..441e814905 100644
--- a/doc/antora/modules/reference/pages/raddb/mods-available/eap.adoc
+++ b/doc/antora/modules/reference/pages/raddb/mods-available/eap.adoc
@@ -1254,7 +1254,7 @@ require configuration for each user.
 
 The rlm_eap module provides the below functions to interact with the `3GPP` and `SIM` protocols.
 
-### %3gpp_temporary_id_decrypt('...)
+### %3gpp_temporary_id.decrypt('...)
 
 TODO
 
@@ -1273,7 +1273,7 @@ TODO
 TODO
 ```
 
-### %3gpp_temporary_id_encrypt(...)
+### %3gpp_temporary_id.encrypt(...)
 
 TODO
 
@@ -1292,7 +1292,7 @@ TODO
 TODO
 ```
 
-### %3gpp_temporary_id_key_index(...)
+### %3gpp_temporary_id.key_index(...)
 
 TODO
 
diff --git a/doc/antora/modules/reference/pages/raddb/sites-available/eap-aka-sim.adoc b/doc/antora/modules/reference/pages/raddb/sites-available/eap-aka-sim.adoc
index 039281843d..e0dc5a9d6e 100644
--- a/doc/antora/modules/reference/pages/raddb/sites-available/eap-aka-sim.adoc
+++ b/doc/antora/modules/reference/pages/raddb/sites-available/eap-aka-sim.adoc
@@ -566,7 +566,7 @@ The following facilitates may be useful when generating pseudonym
 values:
 
 - The encrypt expansions of the `rlm_cipher` module.
-- The `%3gpp_temporary_id_encrypt()` expansion.
+- The `%3gpp_temporary_id.encrypt()` expansion.
 - The `%str.rand()` expansion.
 
 NOTE: Add a `reply.Next-Pseudonym-Id` attribute in this section to
diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
index eee7c23a7a..3df403971e 100644
--- a/raddb/mods-available/eap
+++ b/raddb/mods-available/eap
@@ -1371,7 +1371,7 @@ eap {
 #
 #  The rlm_eap module provides the below functions to interact with the `3GPP` and `SIM` protocols.
 #
-#  ### %3gpp_temporary_id_decrypt('...)
+#  ### %3gpp_temporary_id.decrypt('...)
 #
 #  TODO
 #
@@ -1390,7 +1390,7 @@ eap {
 #  TODO
 #  ```
 #
-#  ### %3gpp_temporary_id_encrypt(...)
+#  ### %3gpp_temporary_id.encrypt(...)
 #
 #  TODO
 #
@@ -1409,7 +1409,7 @@ eap {
 #  TODO
 #  ```
 #
-#  ### %3gpp_temporary_id_key_index(...)
+#  ### %3gpp_temporary_id.key_index(...)
 #
 #  TODO
 #
diff --git a/raddb/sites-available/eap-aka-sim b/raddb/sites-available/eap-aka-sim
index 95d6ef848d..36a7ab1441 100644
--- a/raddb/sites-available/eap-aka-sim
+++ b/raddb/sites-available/eap-aka-sim
@@ -529,7 +529,7 @@ server eap-aka-sim {
 	#  values:
 	#
 	#  - The encrypt expansions of the `rlm_cipher` module.
-	#  - The `%3gpp_temporary_id_encrypt()` expansion.
+	#  - The `%3gpp_temporary_id.encrypt()` expansion.
 	#  - The `%str.rand()` expansion.
 	#
 	#  NOTE: Add a `reply.Next-Pseudonym-Id` attribute in this section to
diff --git a/src/lib/eap_aka_sim/xlat.c b/src/lib/eap_aka_sim/xlat.c
index 82eb874113..e209371d73 100644
--- a/src/lib/eap_aka_sim/xlat.c
+++ b/src/lib/eap_aka_sim/xlat.c
@@ -154,7 +154,7 @@ static xlat_arg_parser_t const aka_sim_id_3gpp_temporary_id_key_index_xlat_args[
 /** Returns the key index from a 3gpp temporary id
  *
 @verbatim
-%3gpp_temporary_id_key_index(%{id_attr})
+%3gpp_temporary_id.key_index(%{id_attr})
 @endverbatim
  *
  * @ingroup xlat_functions
@@ -192,7 +192,7 @@ static xlat_arg_parser_t aka_sim_3gpp_temporary_id_decrypt_xlat_args[] = {
 /** Decrypt a 3gpp temporary id
  *
  @verbatim
- %3gpp_temporary_id_decrypt(<id> <key>)
+ %3gpp_temporary_id.decrypt(<id> <key>)
  @endverbatim
  *
  * The pseudonym is in the format
@@ -335,7 +335,7 @@ static xlat_arg_parser_t aka_sim_3gpp_temporary_id_encrypt_xlat_args[] = {
 /** Encrypts a 3gpp pseudonym
  *
 @verbatim
-%3gpp_temporary_id_encrypt(<id>, <key>, <index>, [(pseudonym|fastauth)])
+%3gpp_temporary_id.encrypt(<id>, <key>, <index>, [(pseudonym|fastauth)])
 @endverbatim
  *
  * @ingroup xlat_functions
@@ -509,10 +509,20 @@ int fr_aka_sim_xlat_func_register(void)
 	xlat_func_args_set(xlat, aka_sim_xlat_id_type_xlat_args);
 	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id_key_index", aka_sim_id_3gpp_temporary_id_key_index_xlat, FR_TYPE_UINT8)) == NULL)) return -1;
 	xlat_func_args_set(xlat, aka_sim_id_3gpp_temporary_id_key_index_xlat_args);
+	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id.key_index", aka_sim_id_3gpp_temporary_id_key_index_xlat, FR_TYPE_UINT8)) == NULL)) return -1;
+	xlat_func_args_set(xlat, aka_sim_id_3gpp_temporary_id_key_index_xlat_args);
+
 	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id_decrypt", aka_sim_3gpp_temporary_id_decrypt_xlat, FR_TYPE_STRING)) == NULL)) return -1;
 	xlat_func_args_set(xlat, aka_sim_3gpp_temporary_id_decrypt_xlat_args);
+
+	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id.decrypt", aka_sim_3gpp_temporary_id_decrypt_xlat, FR_TYPE_STRING)) == NULL)) return -1;
+	xlat_func_args_set(xlat, aka_sim_3gpp_temporary_id_decrypt_xlat_args);
+
 	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id_encrypt", aka_sim_3gpp_temporary_id_encrypt_xlat, FR_TYPE_STRING)) == NULL)) return -1;
 	xlat_func_args_set(xlat, aka_sim_3gpp_temporary_id_encrypt_xlat_args);
+	if (unlikely((xlat = xlat_func_register(NULL, "3gpp_temporary_id.encrypt", aka_sim_3gpp_temporary_id_encrypt_xlat, FR_TYPE_STRING)) == NULL)) return -1;
+	xlat_func_args_set(xlat, aka_sim_3gpp_temporary_id_encrypt_xlat_args);
+
 	aka_sim_xlat_refs = 1;
 
 	return 0;
diff --git a/src/tests/keywords/radius.conf b/src/tests/keywords/radius.conf
index 02902ff2e4..789c1a382b 100644
--- a/src/tests/keywords/radius.conf
+++ b/src/tests/keywords/radius.conf
@@ -10,7 +10,7 @@ modules {
 	}
 
 	delay delay_10s {
-		delay = 10
+		delay = "%{10 + Tmp-String-0}"
 	}
 
 	#
diff --git a/src/tests/keywords/timeout-catch b/src/tests/keywords/timeout-catch
index d08523295c..8f40d24e9b 100644
--- a/src/tests/keywords/timeout-catch
+++ b/src/tests/keywords/timeout-catch
@@ -1,6 +1,8 @@
 #
 # PRE: timeout
 #
+Tmp-String-0 := "xxx"
+
 
 #
 #  @todo - we have to add a leading '0' here, otherwise cf_file.c complains
diff --git a/src/tests/modules/eap_sim/sim_xlat_id_aka.unlang b/src/tests/modules/eap_sim/sim_xlat_id_aka.unlang
index 08dbe06a4f..aa8ab67b63 100644
--- a/src/tests/modules/eap_sim/sim_xlat_id_aka.unlang
+++ b/src/tests/modules/eap_sim/sim_xlat_id_aka.unlang
@@ -13,7 +13,7 @@ if (%aka_sim_id_type(%{User-Name}) != 'permanent') {
 #  Encrypt the permanent ID
 #
 test_string := '1420032219455258'
-control.User-Name := %3gpp_temporary_id_encrypt(%{User-Name},%{test_string},6)
+control.User-Name := %3gpp_temporary_id.encrypt(%{User-Name},%{test_string},6)
 
 #
 #  0.2 - Can we get the EAP method from the encrypted blob correctly?
@@ -32,14 +32,14 @@ if (%aka_sim_id_type(%{control.User-Name}) != 'pseudonym') {
 #
 #  0.4 - We should refuse to re-encrypt an encrypted NAI
 #
-if (%3gpp_temporary_id_encrypt(%{control.User-Name}, %{test_string}, 6) != '') {
+if (%3gpp_temporary_id.encrypt(%{control.User-Name}, %{test_string}, 6) != '') {
 	test_fail
 }
 
 #
 #  0.5 - Get the original IMSI back again
 #
-result_string := %3gpp_temporary_id_decrypt(%{control.User-Name},%{test_string})
+result_string := %3gpp_temporary_id.decrypt(%{control.User-Name},%{test_string})
 
 if (result_string != User-Name) {
 	test_fail
@@ -60,7 +60,7 @@ if (User-Name =~ /^[0-9](.*)/) {
 #
 test_string := '1420032219455259'
 control += {
-	User-Name = %3gpp_temporary_id_encrypt(%{User-Name[1]}, %{test_string}, 6)
+	User-Name = %3gpp_temporary_id.encrypt(%{User-Name[1]}, %{test_string}, 6)
 }
 
 #
@@ -73,14 +73,14 @@ if (%aka_sim_id_type(%{control.User-Name[1]}) != 'pseudonym') {
 #
 #  1.3 - We should refuse to re-encrypt an encrypted NAI
 #
-if (%3gpp_temporary_id_encrypt(%{control.User-Name[1]},%{test_string},6) != '') {
+if (%3gpp_temporary_id.encrypt(%{control.User-Name[1]},%{test_string},6) != '') {
 	test_fail
 }
 
 #
 #  1.4 - Get the original IMSI back again
 #
-result_string := %3gpp_temporary_id_decrypt(%{control.User-Name[1]},%{test_string})
+result_string := %3gpp_temporary_id.decrypt(%{control.User-Name[1]},%{test_string})
 
 if (result_string != "0%{User-Name[1]}") {
 	test_fail
@@ -91,7 +91,7 @@ if (result_string != "0%{User-Name[1]}") {
 #
 test_string := '1420032219455259'
 control += {
-	User-Name = %3gpp_temporary_id_encrypt(%{User-Name[1]},%{test_string},6,'fastauth')
+	User-Name = %3gpp_temporary_id.encrypt(%{User-Name[1]},%{test_string},6,'fastauth')
 }
 
 #
@@ -104,14 +104,14 @@ if (%aka_sim_id_type(%{control.User-Name[2]}) != 'fastauth') {
 #
 #  2.3 - We should refuse to re-encrypt an encrypted NAI
 #
-if (%3gpp_temporary_id_encrypt(%{control.User-Name[2]}, %{test_string}, 6, 'fastauth') != '') {
+if (%3gpp_temporary_id.encrypt(%{control.User-Name[2]}, %{test_string}, 6, 'fastauth') != '') {
 	test_fail
 }
 
 #
 #  2.4 - Get the original IMSI back again
 #
-result_string := %3gpp_temporary_id_decrypt(%{control.User-Name[2]}, %{test_string})
+result_string := %3gpp_temporary_id.decrypt(%{control.User-Name[2]}, %{test_string})
 
 if (result_string != "0%{User-Name[1]}") {
 	test_fail
diff --git a/src/tests/modules/eap_sim/sim_xlat_id_aka_decrypt_no_tag.unlang b/src/tests/modules/eap_sim/sim_xlat_id_aka_decrypt_no_tag.unlang
index c5d588b756..bbaeb36f5b 100644
--- a/src/tests/modules/eap_sim/sim_xlat_id_aka_decrypt_no_tag.unlang
+++ b/src/tests/modules/eap_sim/sim_xlat_id_aka_decrypt_no_tag.unlang
@@ -13,12 +13,12 @@ if (%aka_sim_id_type(%{User-Name}) != 'permanent') {
 #  1.1 - Encrypt the permanent ID
 #
 test_string := '1420032219455259'
-control.User-Name := %3gpp_temporary_id_encrypt(%{User-Name},%{test_string},6)
+control.User-Name := %3gpp_temporary_id.encrypt(%{User-Name},%{test_string},6)
 
 #
 #  1.2 - Get the original IMSI back again sans tag
 #
-result_string := %3gpp_temporary_id_decrypt(%{control.User-Name}, %{test_string}, 'false')
+result_string := %3gpp_temporary_id.decrypt(%{control.User-Name}, %{test_string}, 'false')
 
 if ("%{User-Name}" =~ /^0(.*)/) {
 	if (!result_string || (result_string == '') || (%{result_string} != "%{1}")) {
diff --git a/src/tests/modules/eap_sim/sim_xlat_id_sim.unlang b/src/tests/modules/eap_sim/sim_xlat_id_sim.unlang
index 3276247c62..255217c69d 100644
--- a/src/tests/modules/eap_sim/sim_xlat_id_sim.unlang
+++ b/src/tests/modules/eap_sim/sim_xlat_id_sim.unlang
@@ -12,7 +12,7 @@ if (%aka_sim_id_type(%{User-Name}) != 'permanent') {
 #  Encrypt the permanent ID
 #
 test_string := '1234567812345678'
-control.User-Name := %3gpp_temporary_id_encrypt(%{User-Name},%{test_string},6)
+control.User-Name := %3gpp_temporary_id.encrypt(%{User-Name},%{test_string},6)
 
 #
 #  Can we get the EAP method from the encrypted blob correctly?
@@ -31,7 +31,7 @@ if (%aka_sim_id_type(%{control.User-Name}) != 'pseudonym') {
 #
 #  We should refuse to re-encrypt an encrypted NAI
 #
-if %3gpp_temporary_id_encrypt(%{control.User-Name},%{test_string},6) {
+if %3gpp_temporary_id.encrypt(%{control.User-Name},%{test_string},6) {
 	test_fail
 }
 
-- 
2.47.2