From 4ea5f1dbbcec9d62aeb3e5ce0c3de5c1f9c127a6 Mon Sep 17 00:00:00 2001 From: Jorge Pereira Date: Wed, 4 Oct 2023 19:10:31 -0300 Subject: [PATCH] move to %func(args) everywhere in raddb/* --- raddb/mods-available/mschap | 7 +-- raddb/mods-config/sql/cui/mysql/queries.conf | 2 +- .../sql/cui/postgresql/queries.conf | 2 +- raddb/mods-config/sql/cui/sqlite/queries.conf | 3 +- .../sql/main/cassandra/queries.conf | 22 ++++----- raddb/mods-config/sql/main/mssql/queries.conf | 36 +++++++------- raddb/mods-config/sql/main/mysql/queries.conf | 48 +++++++++---------- .../mods-config/sql/main/oracle/queries.conf | 48 ++++++++----------- .../main/postgresql/extras/voip-postpaid.conf | 12 ++--- .../sql/main/postgresql/queries.conf | 38 ++++++--------- .../mods-config/sql/main/sqlite/queries.conf | 31 +++++------- raddb/sites-available/abfab-tls | 2 +- raddb/sites-available/challenge | 2 +- raddb/sites-available/coa-relay | 6 +-- raddb/sites-available/default | 2 +- raddb/sites-available/eap-aka-sim | 2 +- raddb/sites-available/ldap_sync | 2 +- raddb/sites-available/resource-check | 7 ++- raddb/sites-available/vmps | 2 +- 19 files changed, 122 insertions(+), 152 deletions(-) diff --git a/raddb/mods-available/mschap b/raddb/mods-available/mschap index b8512c819d..13d92a4cc5 100644 --- a/raddb/mods-available/mschap +++ b/raddb/mods-available/mschap @@ -139,7 +139,7 @@ mschap { # WARNING: Be VERY careful when editing the following line! # Change the path, and ideally nothing else. # -# ntlm_auth = "/path/to/ntlm_auth --request-nt-key --allow-mschapv2 --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%mschap(Challenge):-00} --nt-response=%{%mschap(NT-Response):-00}" +# ntlm_auth = "/path/to/ntlm_auth --request-nt-key --allow-mschapv2 --username=%{&Stripped-User-Name || &User-Name || 'None'} --challenge=%{%mschap(Challenge) || 00} --nt-response=%{%mschap(NT-Response) || 00}" # # ntlm_auth_timeout:: Time to wait for `ntlm_auth` to run. @@ -335,8 +335,9 @@ mschap { # # TIP: We give both examples here, but *only one should be used*. # -# local_cpw = "%exec(/path/to/script %mschap(User-Name) %{MS-CHAP-New-Password.Cleartext})" -# local_cpw = "%sql(UPDATE radcheck set value='%{MS-CHAP-New-NT-Password}' where username='%{User-Name}' and attribute='Password.NT'}" +# local_cpw = %exec('/path/to/script', %mschap(User-Name), %{MS-CHAP-New-Password.Cleartext}) + local_cpw = %sql("UPDATE radcheck set value='%{MS-CHAP-New-NT-Password}' where username='%{User-Name}' and attribute='Password.NT'") + } # diff --git a/raddb/mods-config/sql/cui/mysql/queries.conf b/raddb/mods-config/sql/cui/mysql/queries.conf index ce53b4f8b3..7e9ca48ae7 100644 --- a/raddb/mods-config/sql/cui/mysql/queries.conf +++ b/raddb/mods-config/sql/cui/mysql/queries.conf @@ -18,7 +18,7 @@ post-auth { } accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" type { start { query = "\ diff --git a/raddb/mods-config/sql/cui/postgresql/queries.conf b/raddb/mods-config/sql/cui/postgresql/queries.conf index d2959e34a4..cbad2385cb 100644 --- a/raddb/mods-config/sql/cui/postgresql/queries.conf +++ b/raddb/mods-config/sql/cui/postgresql/queries.conf @@ -20,7 +20,7 @@ post-auth { } accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" type { start { query = "\ diff --git a/raddb/mods-config/sql/cui/sqlite/queries.conf b/raddb/mods-config/sql/cui/sqlite/queries.conf index eff87b4f36..297a22e0ab 100644 --- a/raddb/mods-config/sql/cui/sqlite/queries.conf +++ b/raddb/mods-config/sql/cui/sqlite/queries.conf @@ -15,7 +15,8 @@ post-auth { } accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" + type { start { query = "\ diff --git a/raddb/mods-config/sql/main/cassandra/queries.conf b/raddb/mods-config/sql/main/cassandra/queries.conf index 3e4a9bf70d..90a4a1acfc 100644 --- a/raddb/mods-config/sql/main/cassandra/queries.conf +++ b/raddb/mods-config/sql/main/cassandra/queries.conf @@ -33,7 +33,7 @@ # Use Stripped-User-Name, if it's there. # Else use User-Name, if it's there, # Else use hard-coded string "DEFAULT" as the user name. -#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}" +#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}" # sql_user_name = "%{User-Name}" @@ -49,7 +49,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -143,7 +143,7 @@ authorize_group_reply_query = "\ # as INSERTS are really UPSERTS so we can work around it. ####################################################################### accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -201,7 +201,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-Id}:-%{NAS-Port}}', \ + '%{&NAS-Port-Id || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ ${....event_timestamp}, \ @@ -263,14 +263,14 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-Id}:-%{NAS-Port}}', \ + '%{&NAS-Port-Id || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ null, \ '%{Acct-Authentic}', \ '%{Connect-Info}', \ - %{(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}, \ - %{(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}, \ + %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Service-Type}', \ @@ -326,14 +326,14 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-Id}:-%{NAS-Port}}', \ + '%{&NAS-Port-Id || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ ${....event_timestamp}, \ '%{Acct-Authentic}', \ '%{Connect-Info}', \ - %{(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}, \ - %{(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}, \ + %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Service-Type}', \ @@ -368,7 +368,7 @@ post-auth { (username, pass, reply, authdate, class) \ VALUES ( \ '%{SQL-User-Name}', \ - '%{%{User-Password}:-%{Chap-Password}}', \ + '%{&User-Password || &Chap-Password}', \ '%{reply.Packet-Type}', \ '%{%l * 1000 + %M / 1000}', \ '%{reply.Class}')" diff --git a/raddb/mods-config/sql/main/mssql/queries.conf b/raddb/mods-config/sql/main/mssql/queries.conf index c4f77b0772..d02e3269ae 100644 --- a/raddb/mods-config/sql/main/mssql/queries.conf +++ b/raddb/mods-config/sql/main/mssql/queries.conf @@ -22,7 +22,7 @@ # Use Stripped-User-Name, if it's there. # Else use User-Name, if it's there, # Else use hard-coded string "none" as the user name. -#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}" +#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'none'}" # sql_user_name = "%{User-Name}" @@ -38,7 +38,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -141,7 +141,7 @@ simul_verify_query = "\ # combination of attributes, or custom 'Acct-Status-Type' values. ####################################################################### accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -155,8 +155,8 @@ accounting { AcctStopTime=${....event_timestamp}, \ AcctSessionTime=${....event_timestamp_epoch} - \ DATEDIFF(SS, '1970-01-01', AcctStartTime), \ - AcctTerminateCause='%{%{Acct-Terminate-Cause}:-NAS-Reboot}', \ - AcctStopDelay = %{%{Acct-Delay-Time}:-0} \ + AcctTerminateCause='%{&Acct-Terminate-Cause || &NAS-Reboot}', \ + AcctStopDelay = %{&Acct-Delay-Time || 0} \ WHERE AcctStopTime = 0 \ AND NASIPAddress = '%{NAS-IP-Address}' \ AND AcctStartTime <= ${....event_timestamp}" @@ -211,7 +211,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ '0', \ @@ -238,7 +238,7 @@ accounting { UPDATE ${....acct_table1} \ SET \ AcctStartTime = ${....event_timestamp}, \ - AcctStartDelay = '%{%{Acct-Delay-Time}:-0}', \ + AcctStartDelay = '%{&Acct-Delay-Time || 0}', \ ConnectInfo_start = '%{Connect-Info}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \ AND AcctStopTime = 0" @@ -251,8 +251,8 @@ accounting { AcctInterval = DATEDIFF(second, CASE WHEN AcctUpdateTime > 0 THEN AcctUpdateTime ELSE AcctStartTime END, ${....event_timestamp}), \ AcctUpdateTime = ${....event_timestamp}, \ AcctSessionTime = '%{Acct-Session-Time}', \ - AcctInputOctets = convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \ - AcctOutputOctets = convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \ + AcctInputOctets = convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \ + AcctOutputOctets = convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \ FramedIPAddress = '%{Framed-IP-Address}', \ FramedIPv6Address = '%{Framed-IPv6-Address}', \ FramedIPv6Prefix = '%{Framed-IPv6-Prefix}', \ @@ -295,7 +295,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ ${....event_timestamp}, \ @@ -323,10 +323,10 @@ accounting { SET \ AcctStopTime = ${....event_timestamp}, \ AcctSessionTime = '%{Acct-Session-Time}', \ - AcctInputOctets = convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \ - AcctOutputOctets = convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \ + AcctInputOctets = convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \ + AcctOutputOctets = convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ - AcctStopDelay = '%{%{Acct-Delay-Time}:-0}', \ + AcctStopDelay = '%{&Acct-Delay-Time || 0}', \ ConnectInfo_stop = '%{Connect-Info}', \ Class = '%{Class}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \ @@ -367,7 +367,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ '%{Acct-Session-Time}', \ @@ -375,8 +375,8 @@ accounting { '', \ '%{Connect-Info}', \ NULL, \ - convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \ - convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \ + convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \ + convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ @@ -388,7 +388,7 @@ accounting { '%{Framed-Interface-Id}', \ '%{Delegated-IPv6-Prefix}', \ '0', \ - '%{%{Acct-Delay-Time}:-0}', \ + '%{&Acct-Delay-Time || 0}', \ '%{Class}')" } } @@ -404,7 +404,7 @@ post-auth { (userName, pass, reply, authdate, class) \ VALUES(\ '%{User-Name}', \ - '%{%{User-Password}:-CHAP-PASSWORD}', \ + '%{&User-Password || CHAP-PASSWORD}', \ '%{reply.Packet-Type}', \ '%S.%{%M / 1000}', \ '%{reply.Class}')" diff --git a/raddb/mods-config/sql/main/mysql/queries.conf b/raddb/mods-config/sql/main/mysql/queries.conf index 964ba80044..78d087f0f6 100644 --- a/raddb/mods-config/sql/main/mysql/queries.conf +++ b/raddb/mods-config/sql/main/mysql/queries.conf @@ -33,7 +33,7 @@ # Use Stripped-User-Name, if it's there. # Else use User-Name, if it's there, # Else use hard-coded string "DEFAULT" as the user name. -#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}" +#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}" # sql_user_name = "%{User-Name}" @@ -49,7 +49,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -167,7 +167,7 @@ authorize_group_reply_query = "\ # combination of attributes, or custom 'Acct-Status-Type' values. ####################################################################### accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -205,7 +205,7 @@ accounting { acctstoptime = ${....event_timestamp}, \ acctsessiontime = '${....event_timestamp_epoch}' \ - UNIX_TIMESTAMP(acctstarttime), \ - acctterminatecause = '%{%{Acct-Terminate-Cause}:-NAS-Reboot}' \ + acctterminatecause = '%{&Acct-Terminate-Cause || &NAS-Reboot}' \ WHERE acctstoptime IS NULL \ AND nasipaddress = '%{NAS-IP-Address}' \ AND acctstarttime <= ${....event_timestamp}" @@ -261,7 +261,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ ${....event_timestamp}, \ @@ -315,11 +315,9 @@ accounting { framedipv6prefix = '%{Framed-IPv6-Prefix}', \ framedinterfaceid = '%{Framed-Interface-Id}', \ delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', \ - acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \ - acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' \ - << 32 | '%{%{Acct-Input-Octets}:-0}', \ - acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' \ - << 32 | '%{%{Acct-Output-Octets}:-0}', \ + acctsessiontime = %{&Acct-Session-Time || NULL}, \ + acctinputoctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + acctoutputoctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ class = '%{Class}' \ WHERE acctuniqueid = '%{Acct-Unique-Session-Id}'" @@ -336,17 +334,17 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ - FROM_UNIXTIME(${....event_timestamp_epoch} - %{%{Acct-Session-Time}:-0}), \ + FROM_UNIXTIME(${....event_timestamp_epoch} - %{&Acct-Session-Time || 0}), \ ${....event_timestamp}, \ NULL, \ - %{%{Acct-Session-Time}:-NULL}, \ + %{&Acct-Session-Time || NULL}, \ '%{Acct-Authentic}', \ '%{Connect-Info}', \ '', \ - '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', \ - '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', \ + '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '', \ @@ -367,11 +365,9 @@ accounting { query = "\ UPDATE ${....acct_table2} SET \ acctstoptime = ${....event_timestamp}, \ - acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \ - acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' \ - << 32 | '%{%{Acct-Input-Octets}:-0}', \ - acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' \ - << 32 | '%{%{Acct-Output-Octets}:-0}', \ + acctsessiontime = %{&Acct-Session-Time || NULL}, \ + acctinputoctets = '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + acctoutputoctets = '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ acctterminatecause = '%{Acct-Terminate-Cause}', \ connectinfo_stop = '%{Connect-Info}', \ class = '%{Class}' \ @@ -390,17 +386,17 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ - FROM_UNIXTIME(${....event_timestamp_epoch} - %{%{Acct-Session-Time}:-0}), \ + FROM_UNIXTIME(${....event_timestamp_epoch} - %{&Acct-Session-Time || 0}), \ ${....event_timestamp}, \ ${....event_timestamp}, \ - %{%{Acct-Session-Time}:-NULL}, \ + %{&Acct-Session-Time || NULL}, \ '%{Acct-Authentic}', \ '', \ '%{Connect-Info}', \ - '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', \ - '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', \ + '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ @@ -433,7 +429,7 @@ post-auth { (username, pass, reply, authdate, class) \ VALUES ( \ '%{SQL-User-Name}', \ - '%{%{User-Password}:-%{Chap-Password}}', \ + '%{&User-Password || &Chap-Password}', \ '%{reply.Packet-Type}', \ '%S.%M', \ '%{reply.Class}')" diff --git a/raddb/mods-config/sql/main/oracle/queries.conf b/raddb/mods-config/sql/main/oracle/queries.conf index df77a5718f..e62eda3ad2 100644 --- a/raddb/mods-config/sql/main/oracle/queries.conf +++ b/raddb/mods-config/sql/main/oracle/queries.conf @@ -17,7 +17,7 @@ # Use Stripped-User-Name, if it's there. # Else use User-Name, if it's there, # Else use hard-coded string "DEFAULT" as the user name. -#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}" +#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}" # sql_user_name = "%{User-Name}" @@ -33,7 +33,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -148,7 +148,7 @@ group_membership_query = "\ # combination of attributes, or custom 'Acct-Status-Type' values. ####################################################################### accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -162,8 +162,8 @@ accounting { AcctStopTime = ${....event_timestamp}, \ AcctSessionTime = ROUND((${....event_timestamp} - \ TO_DATE(TO_CHAR(acctstarttime, 'yyyy-mm-dd hh24:mi:ss'),'yyyy-mm-dd hh24:mi:ss'))*86400), \ - AcctTerminateCause='%{%{Acct-Terminate-Cause}:-NAS-Reboot}', \ - AcctStopDelay = %{%{Acct-Delay-Time}:-0}, \ + AcctTerminateCause='%{&Acct-Terminate-Cause || NAS-Reboot}', \ + AcctStopDelay = %{&Acct-Delay-Time || 0}, \ Class = '%{Class}' \ WHERE AcctStopTime IS NULL \ AND NASIPAddress = '%{NAS-IP-Address}' \ @@ -222,7 +222,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ ${....event_timestamp}, \ NULL, \ @@ -250,7 +250,7 @@ accounting { UPDATE ${....acct_table1} \ SET \ AcctStartTime = ${....event_timestamp}, \ - AcctStartDelay = '%{%{Acct-Delay-Time}:-0}', \ + AcctStartDelay = '%{&Acct-Delay-Time || 0}', \ ConnectInfo_start = '%{Connect-Info}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \ AND AcctStopTime IS NULL" @@ -266,10 +266,8 @@ accounting { FramedInterfaceId = NULLIF('%{Framed-Interface-Id}', ''), \ DelegatedIPv6Prefix = NULLIF('%{Delegated-IPv6-Prefix}', ''), \ AcctSessionTime = '%{Acct-Session-Time}', \ - AcctInputOctets = '%{Acct-Input-Octets}' + \ - ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \ - AcctOutputOctets = '%{Acct-Output-Octets}' + \ - ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \ + AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ Class = '%{Class}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \ AND AcctStopTime IS NULL" @@ -304,16 +302,14 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ NULL, \ '%{Acct-Session-Time}', \ '%{Acct-Authentic}', \ '', \ - '%{Acct-Input-Octets}' + \ - ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \ - '%{Acct-Output-Octets}' + \ - ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \ + '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Service-Type}', \ @@ -329,12 +325,10 @@ accounting { SET \ AcctStopTime = ${....event_timestamp}, \ AcctSessionTime = '%{Acct-Session-Time}', \ - AcctInputOctets = '%{Acct-Input-Octets}' + \ - ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \ - AcctOutputOctets = '%{Acct-Output-Octets}' + \ - ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \ + AcctInputOctets = '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + AcctOutputOctets = '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ - AcctStopDelay = '%{%{Acct-Delay-Time}:-0}', \ + AcctStopDelay = '%{&Acct-Delay-Time || 0}', \ ConnectInfo_stop = '%{Connect-Info}', \ Class = '%{Class}' WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \ @@ -374,7 +368,7 @@ accounting { '%{SQL-User-Name}', \ '%{Realm}', \ '%{NAS-IP-Address}', \ - '%{%{NAS-Port-ID}:-%{NAS-Port}}', \ + '%{&NAS-Port-ID || &NAS-Port}', \ '%{NAS-Port-Type}', \ NULL, \ ${....event_timestamp}, \ @@ -383,10 +377,8 @@ accounting { '', \ '%{Connect-Info}', \ NULL, \ - '%{Acct-Input-Octets}' + \ - ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \ - '%{Acct-Output-Octets}' + \ - ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \ + '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \ + '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ @@ -394,7 +386,7 @@ accounting { '%{Framed-Protocol}', \ '%{Framed-IP-Address}', \ '0', \ - '%{%{Acct-Delay-Time}:-0}', \ + '%{&Acct-Delay-Time || 0}', \ '%{Class}')" } @@ -422,7 +414,7 @@ post-auth { (username, pass, reply, authdate, class) \ VALUES (\ '%{User-Name}', \ - '%{%{User-Password}:-%{Chap-Password}}', \ + '%{&User-Password || &Chap-Password}', \ '%{reply.Packet-Type}', \ TO_TIMESTAMP('%S.%M','YYYY-MM-DDHH24:MI:SS.FF'), \ '%{reply.Class}')" diff --git a/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf b/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf index c5cb4c38f0..e33d390448 100644 --- a/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf +++ b/raddb/mods-config/sql/main/postgresql/extras/voip-postpaid.conf @@ -20,12 +20,12 @@ # Else use User-Name, if it's there, # Else use hard-coded string "none" as the user name. # - #sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}" + #sql_user_name = "%{&Stripped-User-Name || &User-Name || 'none'}" # sql_user_name = "%{User-Name}" accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -40,7 +40,7 @@ VALUES(\ '${radius_server_name}', '%{SQL-User-Name}', \ '%{NAS-IP-Address}', now(), '%{Called-Station-Id}', \ - '%{Calling-Station-Id}', '%{%{Acct-Delay-Time}:-0}', '%{h323-gw-id}', \ + '%{Calling-Station-Id}', '%{&Acct-Delay-Time || 0}', '%{h323-gw-id}', \ '%{h323-call-origin}', strip_dot('%{h323-setup-time}'), \ strip_dot('%{h323-connect-time}'), pick_id('%{h323-conf-id}', \ '%{call-id}'))" @@ -55,10 +55,10 @@ h323disconnectcause, h323disconnecttime, h323gwid, h323setuptime) \ VALUES(\ '${radius_server_name}', '%{SQL-User-Name}', '%{NAS-IP-Address}', \ - NOW(), '%{%{Acct-Session-Time}:-0}', \ - '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Octets}:-0}', \ + NOW(), '%{&Acct-Session-Time || 0}', \ + '%{&Acct-Input-Octets || 0}', '%{&Acct-Output-Octets || 0}', \ '%{Called-Station-Id}', '%{Calling-Station-Id}', \ - '%{%{Acct-Delay-Time}:-0}', NULLIF('%{h323-remote-address}', '')::inet, \ + '%{&Acct-Delay-Time || 0}', NULLIF('%{h323-remote-address}', '')::inet, \ NULLIF('%{h323-voice-quality}','')::integer, \ NULLIF('%{Cisco-NAS-Port}', ''), \ '%{h323-call-origin}', pick_id('%{h323-conf-id}', '%{call-id}'), \ diff --git a/raddb/mods-config/sql/main/postgresql/queries.conf b/raddb/mods-config/sql/main/postgresql/queries.conf index 9c5e6386d4..bb28cffb71 100644 --- a/raddb/mods-config/sql/main/postgresql/queries.conf +++ b/raddb/mods-config/sql/main/postgresql/queries.conf @@ -23,7 +23,7 @@ # Else use User-Name, if it's there, # Else use hard-coded string "none" as the user name. # -#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}" +#sql_user_name = "%{ &Stripped-User-Name || &User-Name | 'none'}" sql_user_name = "%{User-Name}" @@ -39,7 +39,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -191,7 +191,7 @@ group_membership_query = "\ ####################################################################### accounting { - reference = "%{tolower:type.%{%{Acct-Status-Type}:-none}.query}" + reference = "%tolower(type.%{&Acct-Status-Type || none}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -356,10 +356,8 @@ accounting { AcctSessionTime = %{%{Acct-Session-Time}:-NULL}, \ AcctInterval = (${....event_timestamp_epoch} - EXTRACT(EPOCH FROM (COALESCE(AcctUpdateTime, AcctStartTime)))), \ AcctUpdateTime = ${....event_timestamp}, \ - AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Input-Octets}:-0}'::bigint), \ - AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Output-Octets}:-0}'::bigint), \ + AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ Class = '%{Class}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}' \ AND AcctStopTime IS NULL" @@ -382,10 +380,8 @@ accounting { '%{Acct-Authentic}', \ '%{Connect-Info}', \ NULL, \ - (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Input-Octets}:-0}'::bigint), \ - (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Output-Octets}:-0}'::bigint), \ + (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \ + (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ NULL, \ @@ -409,10 +405,8 @@ accounting { AcctUpdateTime = ${....event_timestamp}, \ AcctSessionTime = COALESCE(%{%{Acct-Session-Time}:-NULL}, \ (${....event_timestamp_epoch} - EXTRACT(EPOCH FROM(AcctStartTime)))), \ - AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Input-Octets}:-0}'::bigint), \ - AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Output-Octets}:-0}'::bigint), \ + AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \ FramedIPv6Address = NULLIF('%{Framed-IPv6-Address}', '')::inet, \ @@ -442,10 +436,8 @@ accounting { '%{Acct-Authentic}', \ '%{Connect-Info}', \ NULL, \ - (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Input-Octets}:-0}'::bigint), \ - (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Output-Octets}:-0}'::bigint), \ + (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \ + (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ @@ -468,10 +460,8 @@ accounting { AcctUpdateTime = ${....event_timestamp}, \ AcctSessionTime = COALESCE(%{%{Acct-Session-Time}:-NULL}, \ (${....event_timestamp_epoch} - EXTRACT(EPOCH FROM(AcctStartTime)))), \ - AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Input-Octets}:-0}'::bigint), \ - AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \ - '%{%{Acct-Output-Octets}:-0}'::bigint), \ + AcctInputOctets = (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \ + AcctOutputOctets = (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \ FramedIPv6Address = NULLIF('%{Framed-IPv6-Address}', '')::inet, \ @@ -509,7 +499,7 @@ post-auth { (username, pass, reply, authdate, class) \ VALUES(\ '%{User-Name}', \ - '%{%{User-Password}:-Chap-Password}', \ + '%{&User-Password || &Chap-Password}', \ '%{reply.Packet-Type}', \ '%S.%M', \ '%{reply.Class}')" diff --git a/raddb/mods-config/sql/main/sqlite/queries.conf b/raddb/mods-config/sql/main/sqlite/queries.conf index 7f868c1579..40714dc01a 100644 --- a/raddb/mods-config/sql/main/sqlite/queries.conf +++ b/raddb/mods-config/sql/main/sqlite/queries.conf @@ -38,7 +38,7 @@ sql_user_name = "%{User-Name}" # distrust the provided Event-Timestamp. #event_timestamp_epoch = "%l" -event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}" +event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l} # event_timestamp is the SQL snippet for converting an epoch timestamp # to an SQL date. @@ -162,7 +162,7 @@ authorize_group_reply_query = "\ # combination of attributes, or custom 'Acct-Status-Type' values. ####################################################################### accounting { - reference = "%{tolower:type.%{Acct-Status-Type}.query}" + reference = "%tolower(type.%{Acct-Status-Type}.query)" # Write SQL queries to a logfile. This is potentially useful for bulk inserts # when used with the rlm_sql_null driver. @@ -325,11 +325,8 @@ accounting { framedipv6prefix = '%{Framed-IPv6-Prefix}', \ framedinterfaceid = '%{Framed-Interface-Id}', \ delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', \ - acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \ - acctinputoctets = %{%{Acct-Input-Gigawords}:-0} \ - << 32 | %{%{Acct-Input-Octets}:-0}, \ - acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} \ - << 32 | %{%{Acct-Output-Octets}:-0}, \ + acctsessiontime = %{&Acct-Session-Time || NULL}, \ + class = '%{Class}' \ WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'" @@ -355,10 +352,8 @@ accounting { '%{Acct-Authentic}', \ '%{Connect-Info}', \ '', \ - %{%{Acct-Input-Gigawords}:-0} << 32 | \ - %{%{Acct-Input-Octets}:-0}, \ - %{%{Acct-Output-Gigawords}:-0} << 32 | \ - %{%{Acct-Output-Octets}:-0}, \ + %{%{Acct-Input-Gigawords}:-0} << 32 | %{%{Acct-Input-Octets}:-0}, \ + %{%{Acct-Output-Gigawords}:-0} << 32 | %{%{Acct-Output-Octets}:-0}, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '', \ @@ -380,10 +375,8 @@ accounting { UPDATE ${....acct_table2} SET \ acctstoptime = ${....event_timestamp}, \ acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \ - acctinputoctets = %{%{Acct-Input-Gigawords}:-0} \ - << 32 | %{%{Acct-Input-Octets}:-0}, \ - acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} \ - << 32 | %{%{Acct-Output-Octets}:-0}, \ + acctinputoctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + acctoutputoctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ acctterminatecause = '%{Acct-Terminate-Cause}', \ connectinfo_stop = '%{Connect-Info}', \ class = '%{Class}' \ @@ -411,10 +404,8 @@ accounting { '%{Acct-Authentic}', \ '', \ '%{Connect-Info}', \ - %{%{Acct-Input-Gigawords}:-0} << 32 | \ - %{%{Acct-Input-Octets}:-0}, \ - %{%{Acct-Output-Gigawords}:-0} << 32 | \ - %{%{Acct-Output-Octets}:-0}, \ + %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \ + %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ @@ -446,7 +437,7 @@ post-auth { (username, pass, reply, authdate, class) \ VALUES ( \ '%{SQL-User-Name}', \ - '%{%{User-Password}:-%{Chap-Password}}', \ + '%{&User-Password || &Chap-Password}', \ '%{reply.Packet-Type}', \ '%S.%M', \ '%{reply.Class}')" diff --git a/raddb/sites-available/abfab-tls b/raddb/sites-available/abfab-tls index 291c96c8f4..c85bcc9559 100644 --- a/raddb/sites-available/abfab-tls +++ b/raddb/sites-available/abfab-tls @@ -53,7 +53,7 @@ listen { } - psk_query = "%{psksql:select hex(key) from psk_keys where keyid = '%{TLS-PSK-Identity}'}" + psk_query = %psksql("select hex(key) from psk_keys where keyid = '%{TLS-PSK-Identity}'") } # diff --git a/raddb/sites-available/challenge b/raddb/sites-available/challenge index 8d23c7ae02..7c23930fd7 100644 --- a/raddb/sites-available/challenge +++ b/raddb/sites-available/challenge @@ -54,7 +54,7 @@ authenticate step1 { # # Set the random number to save. # - &session-state.Tmp-Integer-0 := "%{randstr:n}" + &session-state.Tmp-Integer-0 := "%randstr(n)" &reply.Reply-Message := &session-state.Tmp-Integer-0 # diff --git a/raddb/sites-available/coa-relay b/raddb/sites-available/coa-relay index eb4b844f97..fbe55d091d 100644 --- a/raddb/sites-available/coa-relay +++ b/raddb/sites-available/coa-relay @@ -127,12 +127,12 @@ server coa { # # Example MySQL lookup # -# &control.Tmp-String-0 := "%{sql:SELECT IFNULL(GROUP_CONCAT(CONCAT(nasipaddress,'#',acctsessionid) separator '|'),'') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a}" +# &control.Tmp-String-0 := %sql("SELECT IFNULL(GROUP_CONCAT(CONCAT(nasipaddress,'#',acctsessionid) separator '|'),'') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a") # # Example PostgreSQL lookup # -# &control.Tmp-String-0 := "%{sql:SELECT STRING_AGG(CONCAT(nasipaddress,'#',acctsessionid),'|') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a}" +# &control.Tmp-String-0 := %sql("SELECT STRING_AGG(CONCAT(nasipaddress,'#',acctsessionid),'|') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a") # # Keep a count of what we send. @@ -142,7 +142,7 @@ server coa { # # Split the string and split into pieces. # - if ("%(explode:&control.Tmp-String-0 |)") { + if ("%explode(&control.Tmp-String-0, '|')") { foreach &control.Tmp-String-0 { diff --git a/raddb/sites-available/default b/raddb/sites-available/default index f3ba0b18ae..92f695c5cd 100644 --- a/raddb/sites-available/default +++ b/raddb/sites-available/default @@ -1128,7 +1128,7 @@ send Access-Accept { # Service-Type = Authorize-Only. # # if (!&reply.State) { -# &reply.State := "0x%{randstr:16h}" +# &reply.State := "0x%randstr(16h)" # } # diff --git a/raddb/sites-available/eap-aka-sim b/raddb/sites-available/eap-aka-sim index 190469c2a0..8f49bce7d8 100644 --- a/raddb/sites-available/eap-aka-sim +++ b/raddb/sites-available/eap-aka-sim @@ -530,7 +530,7 @@ server eap-aka-sim { # # - The encrypt expansions of the `rlm_cipher` module. # - The `%(3gpp_pseudonym_encrypt:)` expansion. - # - The `%{rand:}` expansion. + # - The `%randstr()` expansion. # # NOTE: Add a `&reply.Next-Pseudonym-Id` attribute in this section to # avoid having the permanent Id of the SIM exposed during subsequent diff --git a/raddb/sites-available/ldap_sync b/raddb/sites-available/ldap_sync index aaae5fad8e..db726099dc 100644 --- a/raddb/sites-available/ldap_sync +++ b/raddb/sites-available/ldap_sync @@ -368,7 +368,7 @@ server ldap_sync { # if (!&reply.LDAP-Sync.Cookie) { # string csn # -# &csn := "%{ldap:ldap:///%{LDAP-Sync.Directory-Root-DN}?contextCSN?base}" +# &csn := %ldap("ldap:///%{LDAP-Sync.Directory-Root-DN}?contextCSN?base") # if (&csn) { # &reply.LDAP-Sync.Cookie := "rid=000,csn=%{csn}" # updated diff --git a/raddb/sites-available/resource-check b/raddb/sites-available/resource-check index 452b21031b..6640d86ae3 100644 --- a/raddb/sites-available/resource-check +++ b/raddb/sites-available/resource-check @@ -70,15 +70,14 @@ # # pap # } -# # ... +# } # # # The configuration for this virtual server follows and should be amended as -# required... +# required. # - # # Listen on a local port for Server-Status requests that trigger the resource # checks. @@ -119,7 +118,7 @@ recv Status-Server { # interval to avoid buildup of checks when resources do not respond. # See rlm_exec for details. # - if ("%{sql:SELECT pg_is_in_recovery()}" != "f") { + if ("%sql('SELECT pg_is_in_recovery()')" != "f") { # Fail the db_online module, if it isn't already if ("%{db_online:}" != "fail") { diff --git a/raddb/sites-available/vmps b/raddb/sites-available/vmps index 087be71ea3..5cf7e61c49 100644 --- a/raddb/sites-available/vmps +++ b/raddb/sites-available/vmps @@ -99,7 +99,7 @@ server vmps { # NOTE: If you have VLAN's in a database, you can `select` # the VLAN name based on the MAC address. # -# &reply.VLAN-Name = "%{sql:select ... where mac='%{MAC-Address}'}" +# &reply.VLAN-Name = %sql("select ... where mac='%{MAC-Address}'") } # -- 2.47.2