SQL default eval character for reply packets

Mon, 26 Aug 2002 12:01:50 -0700 

I'm trying to get Cisco-AVPairs working correctly with Freeradius via my
SQL database.  I have a group setup which I attach to usernames which
send all the AV pair reply items.  As I understand it,  when the data is
pulled from mysql, the format of the reply packet is Attribute = Value
which as an example would expand into something like:

Cisco-AVPair = ipsec:key-exchange=ike

The problem with this is when I have the same attributes in my group,
the default "=" only adds an attribute to the reply list if it isn't
there already.  That problem gives entires like this:

mysql> select * from radgroupreply where GroupName = "IPSEC";  
+----+-----------+-----------------+-----------------------------------+
----+
| id | GroupName | Attribute       | Value                             |
op |
+----+-----------+-----------------+-----------------------------------+
----+
|  5 | IPSEC     | Cisco-AVPair    | ipsec:key-exchange=ike            |
|
|  6 | IPSEC     | Cisco-AVPair    | ipsec:key-exchange=preshared-key  |
|
|  7 | IPSEC     | Cisco-AVPair    | ipsec:addr-pool=vpnpool1          |
|
|  9 | IPSEC     | Cisco-AVPair    | ipsec:inacl=ipsec                 |
|
| 10 | IPSEC     | Tunnel-Type     | IP ESP                            |
|
| 11 | IPSEC     | Tunnel-Password | cisco123                          |
|
| 12 | IPSEC     | Cisco-AVPair    | ipsec:default-domain=fastvibe.com |
|
| 13 | IPSEC     | Cisco-AVPair    | ipsec:dns-servers=216.7.221.3     |
|
+----+-----------+-----------------+-----------------------------------+
----+
8 rows in set (0.00 sec)

mysql>

Radius responses like this:

Mon Aug 26 15:04:21 2002 : Auth: Login OK: [cisco3000] (from client
frn1-r3.tor port 0 cli 172.17.7.129)
Sending Access-Accept of id 161 to 172.16.2.3:1645
        Cisco-AVPair = "ipsec:key-exchange=ike"
        Tunnel-Password:0 =
"\375\346\036\257\037\255*\337\265\363A\374I\036{\207\227\266"
Mon Aug 26 15:04:21 2002 : Debug: Finished request 16
Mon Aug 26 15:04:21 2002 : Debug: Going to the next request
Mon Aug 26 15:04:21 2002 : Debug: Thread 2 waiting to be assigned a
request

The subsequent Cisco-AVPair reply items aren't being sent.

Is there a way to replace "=" with "+="?

Regards,
--

Jason Lixfeld
Senior IP Network Engineer
Fastvibe Corporation

--

tel://416.341.0099:223
fax://416.341.0088
mailto:[EMAIL PROTECTED]



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to