(RADIATOR) Use of the %{Eval:}

[Hugh Irvine]

Hello Vangelis -

Radiator no longer supports "%{Eval:...} due to security concerns.

See the comments in the history file ("doc/history.html").

Revision 3.3 (27/8/02 Important Security Update and some minor new 
features)
	◦ 	Important Security Update: Removed support for the %Eval special 
character syntax due to security issues that can effect AuthBy SQL and 
AuthBy LDAP*. We recommend that all operators of Radiator 3.0, 3.1 and 
3.2 upgrade to this version immediately.

You will need to use a hook to do this, or an SQL query if you are 
using a database. There are some example hooks in the file 
"goodies/hooks.txt".

regards

Hugh


On 26/11/2003, at 9:58 PM, Vangelis Kyriakakis wrote:

> Hello,
>     I'm trying to use something like the following:
>
>      %{Eval: (%{Acct-Output-Octets}<2000000000) ? 
> %{Acct-Output-Octets} : 0}
>
>      but it doesn't work. How is the correct syntax of this?
>      I'm also trying the following %{Eval: %{Acct-Output-Octets}%% 
> 2000000000} but it doesn't work too.
>
>              Regards
>                    Vangelis
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.