summaryrefslogtreecommitdiffstats
path: root/raddb/mods-available/expr
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-13 14:11:00 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-13 14:11:00 +0000
commitaf754e596a8dbb05ed8580c342e7fe02e08b28e0 (patch)
treeb2f334c2b55ede42081aa6710a72da784547d8ea /raddb/mods-available/expr
parentInitial commit. (diff)
downloadfreeradius-af754e596a8dbb05ed8580c342e7fe02e08b28e0.tar.xz
freeradius-af754e596a8dbb05ed8580c342e7fe02e08b28e0.zip
Adding upstream version 3.2.3+dfsg.upstream/3.2.3+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'raddb/mods-available/expr')
-rw-r--r--raddb/mods-available/expr148
1 files changed, 148 insertions, 0 deletions
diff --git a/raddb/mods-available/expr b/raddb/mods-available/expr
new file mode 100644
index 0000000..ca0b3bf
--- /dev/null
+++ b/raddb/mods-available/expr
@@ -0,0 +1,148 @@
+# -*- text -*-
+#
+# $Id$
+
+#
+# This module performs mathematical calculations:
+#
+# Attribute-Name = "%{expr:2 + 3 + &NAS-Port}"
+#
+# It supports the following operators (in order of precedence)
+#
+# & binary AND
+# | binary OR
+# << left shift
+# >> right shift
+# + addition
+# - subtraction
+# * multiply
+# / divide
+# %% remainder
+# ^ exponentiation
+# (...) sub-expression
+#
+# Operator precedence follows the normal rules.
+# Division by zero means that the entire expression is invalid.
+#
+# It also allows unary negation: -1
+# And twos complement: ~1
+#
+# All calculations are done on signed 63-bit integers.
+# e.g. int64_t. This should be sufficient for all normal
+# purposes.
+#
+# Hex numbers are supported: 0xabcdef
+#
+# As with all string expansions, you can nest the expansions:
+#
+# %{expr: %{NAS-Port} + 1}
+# %{expr: %{sql:SELECT ... } + 1}
+#
+# Attribute references are supported for integer attributes.
+# e.g. &NAS-Port. The benefit of using attribute references
+# is that the expression is calculated directly on the
+# attribute. It skips the step of "print to string, and then
+# parse to number". This means it's a little faster.
+#
+# Otherwise, all numbers are decimal.
+#
+
+#
+# The module also registers a few paircompare functions, and
+# many string manipulation functions, including:
+#
+# rand get random number from 0 to n-1
+# "%{rand:10}" == "9"
+#
+# randstr get random string built from character classes:
+# c lowercase letters
+# C uppercase letters
+# n numbers
+# a alphanumeric
+# ! punctuation
+# . alphanumeric + punctuation
+# s alphanumeric + "./"
+# o characters suitable for OTP (easily confused removed)
+# h binary data as lowercase hex
+# H binary data as uppercase hex
+#
+# "%{randstr:CCCC!!cccnnn}" == "IPFL>{saf874"
+# "%{randstr:oooooooo}" == "rfVzyA4y"
+# "%{randstr:hhhh}" == "68d60de3"
+#
+# urlquote quote special characters in URI
+# "%{urlquote:http://example.org/}" == "http%3A%47%47example.org%47"
+#
+# urlunquote unquote URL special characters
+# "%{urlunquote:http%%3A%%47%%47example.org%%47}" == "http://example.org/"
+#
+# escape escape string similar to rlm_sql safe_characters
+# "%{escape:<img>foo.jpg</img>}" == "=60img=62foo.jpg=60/img=62"
+#
+# unescape reverse of escape
+# "%{unescape:=60img=62foo.jpg=60/img=62}" == "<img>foo.jpg</img>"
+#
+# tolower convert to lowercase
+# "%{tolower:Bar}" == "bar"
+#
+# toupper convert to uppercase
+# "%{toupper:Foo}" == "FOO"
+#
+# md5 get md5sum hash
+# "%{md5:foo}" == "acbd18db4cc2f85cedef654fccc4a4d8"
+#
+# sha1 get sha1 hash
+# "%{sha1:foo}" == "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
+#
+# sha256 get sha256 hash
+# "%{sha256:foo}" == "2c26b46b68ffc68ff99b453c1d30413413422d706..."
+#
+# sha512 get sha512 hash
+# "%{sha512:foo}" == "f7fbba6e0636f890e56fbbf3283e524c6fa3204ae29838..."
+#
+# hmacmd5 generate HMAC-MD5 of string
+# "%{hmacmd5:foo bar}" == "31b6db9e5eb4addb42f1a6ca07367adc"
+#
+# hmacsha1 generate HMAC-SHA1 of string
+# "%{hmacsha1:foo bar}" == "85d155c55ed286a300bd1cf124de08d87e914f3a"
+#
+# crypt encrypt with a salt: %{crypt:salt:password}
+# "%{crypt:aa:foo}" == "aaKNIEDOaueR6"
+# "%{crypt:$1$abcdefgh:foo}" == "$1$abcdefgh$XxzGe9Muun7wTYbZO4sdr0"
+# "%{crypt:$5$%{randstr:aaaaaaaaaaaaaaaa}:foo}" == "$1$fu4P2fcAdo9gM..."
+#
+# pairs serialize attributes as comma-delimited string
+# "%{pairs:request:}" == "User-Name = 'foo', User-Password = 'bar', ..."
+#
+# base64 encode string as base64
+# "%{base64:foo}" == "Zm9v"
+#
+# base64tohex convert base64 to hex
+# "%{base64tohex:Zm9v}" == "666f6f"
+#
+# explode split an attribute into multiple new attributes based on a delimiter
+# "%{explode:&ref <delim>}"
+#
+# nexttime calculate number of seconds until next n hour(s), day(s), week(s), year(s)
+# if it were 16:18, %{nexttime:1h} would expand to 2520
+#
+# lasttime calculate number of seconds until last n hour(s), day(s), week(s), year(s)
+# if it were 16:18, %{lasttime:1h} would expand to 4680
+#
+# lpad left-pad a string
+# if User-Name is "foo": "%{lpad:&User-Name 6 x}" == "xxxfoo"
+#
+# rpad right-pad a string
+# if User-Name is "foo": "%{rpad:&User-Name 5 -}" == "foo--"
+#
+# concat concatenate a set of attributes, separated by a character.
+# "%{concat:foo[*] ;}"
+#
+
+expr {
+ #
+ # Characters that will not be encoded by the %{escape}
+ # xlat function.
+ #
+ safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /äéöüàâæçèéêëîïôœùûüaÿÄÉÖÜßÀÂÆÇÈÉÊËÎÏÔŒÙÛÜŸ"
+}