New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can't cache multiple attributes #2087

Closed
kakash1hatake opened this Issue Oct 6, 2017 · 1 comment

Comments

Projects
None yet
2 participants
@kakash1hatake

kakash1hatake commented Oct 6, 2017

Hello, guys.
I try to cache all attributes of the proxy reply with one name.
But I get only the first item cached.
Using Cache-Merge also doesn't work for me.

I've already read #159 but it didn't helped.

config of the rlm_cache is

        update {
                &reply:Cisco-AVPair += &proxy-reply:Cisco-AVPair
        }

in post-proxy I have

  if (Packet-Type == Access-Request) {
   #when auth request
   if ("x%{request:xpgk-routing-request}" != "x1") {
    cache

    #remove routing attrs from auth reply
    update proxy-reply {
      Cisco-AVPair !* ANY
      xpgk-xrouting-routing !* ANY
    }

    ok
   }
  }

proxy reply has such attributes:


2017-10-06_12:11:23.06262 (0)   h323-return-code = "h323-return-code=0"
2017-10-06_12:11:23.06263 (0)   h323-credit-time = "h323-credit-time=3600"
2017-10-06_12:11:23.06263 (0)   h323-redirect-number = "h323-redirect-number=73422142214"
2017-10-06_12:11:23.06263 (0)   Cisco-AVPair = "xpgk-xrouting-routing=MVTS2/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"
2017-10-06_12:11:23.06264 (0)   Cisco-AVPair = "xpgk-xrouting-routing=TSS/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"
2017-10-06_12:11:23.06264 (0)   Cisco-AVPair = "xpgk-xrouting-routing=Bit/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"
2017-10-06_12:11:23.06264 (0)   Cisco-AVPair = "xpgk-xrouting-routing=MTT/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"

debug output is as follows

2017-10-06_12:11:23.06351 (0) # Executing section post-proxy from file /etc/freeradius3/grsv-proxy/sites-enabled/default
2017-10-06_12:11:23.06352 (0)   post-proxy {
2017-10-06_12:11:23.06352 (0)     if (Packet-Type == Access-Request) {
2017-10-06_12:11:23.06353 (0)     EXPAND Packet-Type
2017-10-06_12:11:23.06353 (0)        --> Access-Request
2017-10-06_12:11:23.06353 (0)     if (Packet-Type == Access-Request)  -> TRUE
2017-10-06_12:11:23.06354 (0)     if (Packet-Type == Access-Request)  {
2017-10-06_12:11:23.06354 (0)       update control {
2017-10-06_12:11:23.06354 (0)         Cache-Status-Only !* ANY
2017-10-06_12:11:23.06355 (0)       } # update control = noop
2017-10-06_12:11:23.06355 (0)       if ("x%{request:xpgk-routing-request}" != "x1") {
2017-10-06_12:11:23.06355 (0)       EXPAND x%{request:xpgk-routing-request}
2017-10-06_12:11:23.06356 (0)          --> x
2017-10-06_12:11:23.06356 (0)       if ("x%{request:xpgk-routing-request}" != "x1")  -> TRUE
2017-10-06_12:11:23.06356 (0)       if ("x%{request:xpgk-routing-request}" != "x1")  {
2017-10-06_12:11:23.06357 (0) cache: EXPAND %{h323-incoming-conf-id}
2017-10-06_12:11:23.06357 (0) cache:    --> 77FD1E16 7D9011E7 A3C60050 56A263C6
2017-10-06_12:11:23.06357 (0) cache: No cache entry found for "77FD1E16 7D9011E7 A3C60050 56A263C6"
2017-10-06_12:11:23.06358 (0) cache: Creating new cache entry
2017-10-06_12:11:23.06358 (0) cache: EXPAND %l
2017-10-06_12:11:23.06358 (0) cache:    --> 1507291883
2017-10-06_12:11:23.06359 (0) cache:   &request:Event-Timestamp = Oct  6 2017 18:11:23 YEKT
2017-10-06_12:11:23.06359 (0) cache:   &reply:Cisco-AVPair += &proxy-reply:Cisco-AVPair -> 'xpgk-xrouting-routing=MVTS2/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214'
2017-10-06_12:11:23.06360 (0) cache: Merging cache entry into request
2017-10-06_12:11:23.06360 (0) cache:   &request:Event-Timestamp = "Oct  6 2017 18:11:23 YEKT"
2017-10-06_12:11:23.06361 (0) cache:   &reply:Cisco-AVPair += "xpgk-xrouting-routing=MVTS2/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"
2017-10-06_12:11:23.06361 (0) cache: Committed entry, TTL 30 seconds
2017-10-06_12:11:23.06362 (0)         [cache] = updated
2017-10-06_12:11:23.06362 (0)         update proxy-reply {
2017-10-06_12:11:23.06362 (0)           Cisco-AVPair !* ANY
2017-10-06_12:11:23.06363 (0)         } # update proxy-reply = noop
2017-10-06_12:11:23.06363 (0)         [ok] = ok
2017-10-06_12:11:23.06363 (0)       } # if ("x%{request:xpgk-routing-request}" != "x1")  = updated
2017-10-06_12:11:23.06364 (0)     } # if (Packet-Type == Access-Request)  = updated

then when I want the next reply be read from cache I get:

2017-10-06_12:11:26.71679 (1)     update control {
2017-10-06_12:11:26.71681 (1)       Cache-Status-Only = yes
2017-10-06_12:11:26.71681 (1)     } # update control = noop
2017-10-06_12:11:26.71681 (1) cache: EXPAND %{h323-incoming-conf-id}
2017-10-06_12:11:26.71682 (1) cache:    --> 77FD1E16 7D9011E7 A3C60050 56A263C6
2017-10-06_12:11:26.71682 (1) cache: Found entry for "77FD1E16 7D9011E7 A3C60050 56A263C6"
2017-10-06_12:11:26.71683 (1)     [cache] = ok
2017-10-06_12:11:26.71683 (1)     if (ok) {
2017-10-06_12:11:26.71684 (1)     if (ok)  -> TRUE
2017-10-06_12:11:26.71684 (1)     if (ok)  {
2017-10-06_12:11:26.71685 (1)       update control {
2017-10-06_12:11:26.71685 (1)         Auth-Type := Accept
2017-10-06_12:11:26.71686 (1)         Cache-Status-Only !* ANY
2017-10-06_12:11:26.71686 (1)       } # update control = noop
2017-10-06_12:11:26.71686 (1) cache: EXPAND %{h323-incoming-conf-id}
2017-10-06_12:11:26.71699 (1) cache:    --> 77FD1E16 7D9011E7 A3C60050 56A263C6
2017-10-06_12:11:26.71700 (1) cache: Found entry for "77FD1E16 7D9011E7 A3C60050 56A263C6"
2017-10-06_12:11:26.71701 (1) cache: Merging cache entry into request
2017-10-06_12:11:26.71702 (1) cache:   &request:Event-Timestamp = "Oct  6 2017 18:11:23 YEKT"
2017-10-06_12:11:26.71702 (1) cache:   &reply:Cisco-AVPair += "xpgk-xrouting-routing=MVTS2/5/516=24vpbx049500226/73422142214/516=24vpbx049500226/73422142214"
2017-10-06_12:11:26.71702 (1)       [cache] = ok
2017-10-06_12:11:26.71703 (1)       update request {
2017-10-06_12:11:26.71703 (1)         EXPAND cached reply for %{Packet-Type}
2017-10-06_12:11:26.71703 (1)            --> cached reply for Access-Request
2017-10-06_12:11:26.71704 (1)         Cached-Session-Policy := cached reply for Access-Request
2017-10-06_12:11:26.71704 (1)       } # update request = noop
2017-10-06_12:11:26.71705 (1)       [ok] = ok
@kakash1hatake

This comment has been minimized.

Show comment
Hide comment
@kakash1hatake

kakash1hatake Oct 6, 2017

ok, googling further gave me the solution

        update {
                &reply:Cisco-AVPair += &proxy-reply:Cisco-AVPair[*]
        }

So now, essentially:
&ldap_xyz-Ldap-Group[0] and &ldap_xyz-Ldap-Group
are synonymous in terms of update blocks, not matter what the operator is.
Guess I should update the man page too.

also the example in rlm_cache config is not updated
this

	update {
		# <list>:<attribute> <op> <value>

		# Cache all instances of Reply-Message in the reply list
		&reply:Reply-Message += &reply:Reply-Message

should be changed to

	update {
		# <list>:<attribute> <op> <value>

		# Cache all instances of Reply-Message in the reply list
		&reply:Reply-Message += &reply:Reply-Message[*]

kakash1hatake commented Oct 6, 2017

ok, googling further gave me the solution

        update {
                &reply:Cisco-AVPair += &proxy-reply:Cisco-AVPair[*]
        }

So now, essentially:
&ldap_xyz-Ldap-Group[0] and &ldap_xyz-Ldap-Group
are synonymous in terms of update blocks, not matter what the operator is.
Guess I should update the man page too.

also the example in rlm_cache config is not updated
this

	update {
		# <list>:<attribute> <op> <value>

		# Cache all instances of Reply-Message in the reply list
		&reply:Reply-Message += &reply:Reply-Message

should be changed to

	update {
		# <list>:<attribute> <op> <value>

		# Cache all instances of Reply-Message in the reply list
		&reply:Reply-Message += &reply:Reply-Message[*]

alandekok added a commit that referenced this issue Oct 6, 2017

@alandekok alandekok closed this Nov 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment