Adding upstream version 3.2.1+dfsg.upstream/3.2.1+dfsgupstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

12 files changed, 660 insertions, 0 deletions

diff --git a/raddb/mods-config/sql/dhcp/mssql/queries.conf b/raddb/mods-config/sql/dhcp/mssql/queries.conf
new file mode 100644
index 0000000..8345c70
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mssql/queries.conf
@@ -0,0 +1,52 @@
+# -*- text -*-
+#
+#  dhcp/mssql/queries.conf -- MSSQL configuration for DHCP schema (schema.sql)
+#
+#  $Id$
+
+# Safe characters list for sql queries. Everything else is replaced
+# with their mime-encoded equivalents.
+# The default list should be ok
+# safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
+
+#######################################################################
+#  Query config:  Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'.  '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+#  Attribute Lookup Queries
+#######################################################################
+#  These queries setup the reply items in ${dhcpreply_table} and
+#  ${group_reply_query}.  You can use any query/tables you want, but
+#  the return data for each row MUST be in the following order:
+#
+#  0. Row ID (currently unused)
+#  1. Identifier
+#  2. Item Attr Name
+#  3. Item Attr Value
+#  4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+	SELECT id, Identifier, Attribute, Value, op \
+	FROM ${dhcpreply_table} \
+	WHERE Identifier = '%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+authorize_group_reply_query = "\
+	SELECT id, GroupName, Attribute, Value, op \
+	FROM ${groupreply_table} \
+	WHERE GroupName = '%{${group_attribute}}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+group_membership_query = "\
+	SELECT GroupName \
+	FROM ${dhcpgroup_table} \
+	WHERE Identifier='%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY priority"
diff --git a/raddb/mods-config/sql/dhcp/mssql/schema.sql b/raddb/mods-config/sql/dhcp/mssql/schema.sql
new file mode 100644
index 0000000..8584949
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mssql/schema.sql
@@ -0,0 +1,91 @@
+-- $Id$
+--
+-- MSSQL schema for DHCP for FreeRADIUS
+--
+-- To load:
+--  isql -S db_ip_addr -d db_name -U db_login -P db_passwd -i schema.sql
+
+--
+-- Table structure for table 'dhcpgroupreply'
+--
+CREATE TABLE [dhcpgroupreply] (
+	[id] [int] IDENTITY (1, 1) NOT NULL,
+	[GroupName] [varchar] (64) NOT NULL,
+	[Attribute] [varchar] (32) NOT NULL,
+	[Value] [varchar] (253) NOT NULL,
+	[op] [char] (2) NULL,
+	[prio] [int] NOT NULL,
+	[Context] [varchar] (16) NOT NULL
+) ON [PRIMARY]
+GO
+
+ALTER TABLE [dhcpgroupreply] WITH NOCHECK ADD
+	CONSTRAINT [DF_dhcpgroupreply_GroupName] DEFAULT ('') FOR [GroupName],
+	CONSTRAINT [DF_dhcpgroupreply_Attribute] DEFAULT ('') FOR [Attribute],
+	CONSTRAINT [DF_dhcpgroupreply_Value] DEFAULT ('') FOR [Value],
+	CONSTRAINT [DF_dhcpgroupreply_op] DEFAULT (null) FOR [op],
+	CONSTRAINT [DF_dhcpgroupreply_prio] DEFAULT (0) FOR [prio],
+	CONSTRAINT [DF_dhcpgroupreply_context] DEFAULT ('') FOR [Context],
+	CONSTRAINT [PK_dhcpgroupreply] PRIMARY KEY NONCLUSTERED
+	(
+		[id]
+	) ON [PRIMARY]
+GO
+
+CREATE INDEX [GroupName] ON [dhcpgroupreply]([Context],[GroupName]) ON [PRIMARY]
+GO
+
+
+--
+-- Table structure for table 'dhcpreply'
+--
+CREATE TABLE [dhcpreply] (
+	[id] [int] IDENTITY (1, 1) NOT NULL,
+	[Identifier] [varchar] (64) NOT NULL,
+	[Attribute] [varchar] (32) NOT NULL,
+	[Value] [varchar] (253) NOT NULL,
+	[op] [char] (2) NULL,
+	[Context] [varchar] (16) NOT NULL
+) ON [PRIMARY]
+GO
+
+ALTER TABLE [dhcpreply] WITH NOCHECK ADD
+	CONSTRAINT [DF_dhcpreply_Identifier] DEFAULT ('') FOR [Identifier],
+	CONSTRAINT [DF_dhcpreply_Attribute] DEFAULT ('') FOR [Attribute],
+	CONSTRAINT [DF_dhcpreply_Value] DEFAULT ('') FOR [Value],
+	CONSTRAINT [DF_dhcpreply_op] DEFAULT (null) FOR [op],
+	CONSTRAINT [DF_dhcpreply_Context] DEFAULT ('') FOR [Context],
+	CONSTRAINT [PK_dhcpreply] PRIMARY KEY NONCLUSTERED
+	(
+		[id]
+	) ON [PRIMARY]
+GO
+
+CREATE INDEX [Identifier] ON [dhcpreply]([Context],[Identifier]) ON [PRIMARY]
+GO
+
+
+--
+-- Table structure for table 'dhcpgroup'
+--
+CREATE TABLE [dhcpgroup] (
+	[id] [int] IDENTITY (1, 1) NOT NULL,
+	[Identifier] [varchar] (64) NOT NULL,
+	[GroupName] [varchar] (64) NULL,
+	[Priority] [int] NULL,
+	[Context] [varchar] (16) NULL
+) ON [PRIMARY]
+GO
+
+ALTER TABLE [dhcpgroup] WITH NOCHECK ADD
+	CONSTRAINT [DF_dhcpgroup_Identifier] DEFAULT ('') FOR [Identifier],
+	CONSTRAINT [DF_dhcpgroup_GroupName] DEFAULT ('') FOR [GroupName],
+	CONSTRAINT [DF_dhcpgroup_Context] DEFAULT ('') FOR [Context],
+	CONSTRAINT [PK_dhcpgroup] PRIMARY KEY NONCLUSTERED
+	(
+		[id]
+	) ON [PRIMARY]
+GO
+
+CREATE INDEX [Identifier] ON [dhcpgroup]([Context],[Identifier]) ON [PRIMARY]
+GO
diff --git a/raddb/mods-config/sql/dhcp/mysql/queries.conf b/raddb/mods-config/sql/dhcp/mysql/queries.conf
new file mode 100644
index 0000000..a28037b
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mysql/queries.conf
@@ -0,0 +1,75 @@
+# -*- text -*-
+#
+#  dhcp/mysql/queries.conf -- MySQL configuration for DHCP schema (schema.sql)
+#
+#  $Id$
+
+# Use the driver specific SQL escape method.
+#
+# If you enable this configuration item, the "safe_characters"
+# configuration is ignored.  FreeRADIUS then uses the PostgreSQL escape
+# functions to escape input strings.  The only downside to making this
+# change is that the PostgreSQL escaping method is not the same the one
+# used by FreeRADIUS.  So characters which are NOT in the
+# "safe_characters" list will now be stored differently in the database.
+#
+#auto_escape = yes
+
+# Safe characters list for sql queries. Everything else is replaced
+# with their mime-encoded equivalents.
+# The default list should be ok
+# Using 'auto_escape' is preferred
+safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
+
+#######################################################################
+#  Connection config
+#######################################################################
+# The character set is not configurable. The default character set of
+# the mysql client library is used. To control the character set,
+# create/edit my.cnf (typically in /etc/mysql/my.cnf or /etc/my.cnf)
+# and enter
+# [client]
+# default-character-set = utf8
+#
+
+#######################################################################
+#  Query config:  Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'.  '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+#  Attribute Lookup Queries
+#######################################################################
+#  These queries setup the reply items in ${dhcpreply_table} and
+#  ${group_reply_query}.  You can use any query/tables you want, but
+#  the return data for each row MUST be in the following order:
+#
+#  0. Row ID (currently unused)
+#  1. Identifier
+#  2. Item Attr Name
+#  3. Item Attr Value
+#  4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+	SELECT id, identifier, attribute, value, Op \
+	FROM ${dhcpreply_table} \
+	WHERE identifier = '%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+authorize_group_reply_query = "\
+	SELECT id, groupname, attribute, value, op \
+	FROM ${groupreply_table} \
+	WHERE groupname = '%{${group_attribute}}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+group_membership_query = "\
+	SELECT groupnme \
+	FROM ${dhcpgroup_table} \
+	WHERE identifier='%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY priority"
diff --git a/raddb/mods-config/sql/dhcp/mysql/schema.sql b/raddb/mods-config/sql/dhcp/mysql/schema.sql
new file mode 100644
index 0000000..85a121a
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mysql/schema.sql
@@ -0,0 +1,47 @@
+#
+# $Id$
+#
+# PostgreSQL schema for DHCP for FreeRADIUS
+#
+#
+
+#
+# Table structure for table 'dhcpgroupreply'
+#
+CREATE TABLE IF NOT EXISTS dhcpgroupreply (
+  id int(11) unsigned NOT NULL auto_increment,
+  groupname varchar(64) NOT NULL default '',
+  attribute varchar(64) NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '=',
+  value varchar(253) NOT NULL default '',
+  context varchar(16) NOT NULL default '',
+  PRIMARY KEY (id),
+  KEY groupname (context,groupname(32))
+);
+
+#
+# Table structure for table 'dhcpreply'
+#
+CREATE TABLE IF NOT EXISTS dhcpreply (
+  id int(11) unsigned NOT NULL auto_increment,
+  identifier varchar(253) NOT NULL default '',
+  attribute varchar(64) NOT NULL default '',
+  op char(2) NOT NULL DEFAULT '=',
+  value varchar(253) NOT NULL default '',
+  context varchar(16) NOT NULL default '',
+  PRIMARY KEY (id),
+  KEY identifier (context,identifier(32))
+);
+
+#
+# Table structure for table 'dhcpgroup'
+#
+CREATE TABLE IF NOT EXISTS dhcpgroup (
+  id int(11) unsigned NOT NULL auto_increment,
+  identifier varchar(253) NOT NULL default '',
+  groupname varchar(64) NOT NULL default '',
+  priority int(11) NOT NULL default '1',
+  context varchar(16) NOT NULL default '',
+  PRIMARY KEY (id),
+  KEY identifier (context,identifier(32))
+);
diff --git a/raddb/mods-config/sql/dhcp/mysql/setup.sql b/raddb/mods-config/sql/dhcp/mysql/setup.sql
new file mode 100644
index 0000000..d20a82c
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mysql/setup.sql
@@ -0,0 +1,21 @@
+/*
+ * setup.sql -- MySQL commands for creating the RADIUS user.
+ *
+ *	WARNING: You should change 'localhost' and 'radpass'
+ *		 to something else.  Also update raddb/mods-available/sql
+ *		 with the new RADIUS password.
+ *
+ *	WARNING: This example file is untested.  Use at your own risk.
+ *		 Please send any bug fixes to the mailing list.
+ *
+ *	$Id$
+ */
+
+/*
+ *  Create default administrator for RADIUS
+ */
+CREATE USER 'radius'@'localhost' IDENTIFIED BY 'radpass';
+
+GRANT SELECT ON radius.dhcpreply TO 'radius'@'localhost';
+GRANT SELECT ON radius.dhcpgroupreply TO 'radius'@'localhost';
+GRANT SELECT ON radius.dhcpgroup TO 'radius'@'localhost';
diff --git a/raddb/mods-config/sql/dhcp/oracle/queries.conf b/raddb/mods-config/sql/dhcp/oracle/queries.conf
new file mode 100644
index 0000000..dd312d5
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/oracle/queries.conf
@@ -0,0 +1,47 @@
+# -*- text -*-
+#
+#  dhcp/oracle/queries.conf -- Oracle configuration for DHCP schema (schema.sql)
+#
+#  $Id$
+
+#######################################################################
+#  Query config:  Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'.  '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+#  Attribute Lookup Queries
+#######################################################################
+#  These queries setup the reply items in ${dhcpreply_table} and
+#  ${group_reply_query}.  You can use any query/tables you want, but
+#  the return data for each row MUST be in the following order:
+#
+#  0. Row ID (currently unused)
+#  1. Identifier
+#  2. Item Attr Name
+#  3. Item Attr Value
+#  4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+	SELECT id, identifier, attribute, value, op \
+	FROM ${dhcpreply_table} \
+	WHERE identifier = '%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+authorize_group_reply_query = "\
+	SELECT id, groupname, attribute, value, op \
+	FROM ${groupreply_table} \
+	WHERE groupname = '%{${group_attribute}}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+group_membership_query = "\
+	SELECT groupname \
+	FROM ${dhcpgroup_table} \
+	WHERE identifier='%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY priority"
diff --git a/raddb/mods-config/sql/dhcp/oracle/schema.sql b/raddb/mods-config/sql/dhcp/oracle/schema.sql
new file mode 100644
index 0000000..085e346
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/oracle/schema.sql
@@ -0,0 +1,81 @@
+/*
+ * $Id$
+ *
+ * Oracle schema for DHCP for FreeRADIUS
+ *
+ */
+
+/*
+ * Table structure for table 'dhcpgroupreply'
+ */
+CREATE TABLE dhcpgroupreply (
+	id		INT PRIMARY KEY,
+	groupname	VARCHAR(64) NOT NULL,
+	attribute	VARCHAR(64) NOT NULL,
+	op		CHAR(2) NOT NULL,
+	value		VARCHAR(253) NOT NULL,
+	context		VARCHAR(16) NOT NULL
+);
+CREATE INDEX dhcpgroupreply_idx1 ON dhcpgroupreply(context,groupname);
+CREATE SEQUENCE dhcpgroupreply_seq START WITH 1 INCREMENT BY 1;
+
+/* Trigger to emulate a serial # on the primary key */
+CREATE OR REPLACE TRIGGER dhcpgroupreply_serialnumber
+	BEFORE INSERT OR UPDATE OF id ON dhcpgroupreply
+	FOR EACH ROW
+	BEGIN
+		if ( :new.id = 0 or :new.id is null ) then
+			SELECT dhcpgroupreply_seq.nextval into :new.id from dual;
+		end if;
+	END;
+/
+
+/*
+ * Table structure for table 'dhcpreply'
+ */
+CREATE TABLE dhcpreply (
+	id		INT PRIMARY KEY,
+	identifier	VARCHAR(253) NOT NULL,
+	attribute	VARCHAR(64) NOT NULL,
+	op		CHAR(2) NOT NULL,
+	value		VARCHAR(253) NOT NULL,
+	context		VARCHAR(16) NOT NULL
+);
+CREATE INDEX dhcpreply_idx1 ON dhcpreply(context,identifier);
+CREATE SEQUENCE dhcpreply_seq START WITH 1 INCREMENT BY 1;
+
+/* Trigger to emulate a serial # on the primary key */
+CREATE OR REPLACE TRIGGER dhcpreply_serialnumber
+	BEFORE INSERT OR UPDATE OF id ON dhcpreply
+	FOR EACH ROW
+	BEGIN
+		if ( :new.id = 0 or :new.id is null ) then
+			SELECT dhcpreply_seq.nextval into :new.id from dual;
+		end if;
+	END;
+/
+
+/*
+ * Table structure for table 'dhcpgroup'
+ */
+CREATE TABLE dhcpgroup (
+	id		INT PRIMARY KEY,
+	identifier	VARCHAR(253) NOT NULL,
+	groupname	VARCHAR(64) NOT NULL,
+	priority	INT NOT NULL,
+	context		VARCHAR(16) NOT NULL
+);
+CREATE INDEX dhcpgroup_idx1 ON dhcpgroup(context,identifier);
+CREATE SEQUENCE dhcpgroup_seq START WITH 1 INCREMENT BY 1;
+
+/* Trigger to emulate a serial # on the primary key */
+CREATE OR REPLACE TRIGGER dhcpgroup_serialnumber
+	BEFORE INSERT OR UPDATE OF id ON dhcpgroup
+	FOR EACH ROW
+	BEGIN
+		if ( :new.id = 0 or :new.id is null ) then
+			SELECT dhcpgroup_seq.nextval into :new.id from dual;
+		end if;
+	END;
+/
+
diff --git a/raddb/mods-config/sql/dhcp/postgresql/queries.conf b/raddb/mods-config/sql/dhcp/postgresql/queries.conf
new file mode 100644
index 0000000..14ca79a
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/postgresql/queries.conf
@@ -0,0 +1,76 @@
+# -*- text -*-
+#
+#  dhcp/postgresql/queries.conf -- PostgreSQL configuration for DHCP schema (schema.sql)
+#
+#  $Id$
+
+# Use the driver specific SQL escape method.
+#
+# If you enable this configuration item, the "safe_characters"
+# configuration is ignored.  FreeRADIUS then uses the PostgreSQL escape
+# functions to escape input strings.  The only downside to making this
+# change is that the PostgreSQL escaping method is not the same the one
+# used by FreeRADIUS.  So characters which are NOT in the
+# "safe_characters" list will now be stored differently in the database.
+#
+#auto_escape = yes
+
+# Safe characters list for sql queries. Everything else is replaced
+# with their mime-encoded equivalents.
+# The default list should be ok
+# Using 'auto_escape' is preferred
+# safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
+
+#######################################################################
+#  Query config:  Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'.  '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+#  Open Query
+#######################################################################
+# This query is run whenever a new connection is opened.
+# It is commented out by default.
+#
+# If you have issues with connections hanging for too long, uncomment
+# the next line, and set the timeout in milliseconds.  As a general
+# rule, if the queries take longer than a second, something is wrong
+# with the database.
+#open_query = "set statement_timeout to 1000"
+
+#######################################################################
+#  Attribute Lookup Queries
+#######################################################################
+#  These queries setup the reply items in ${dhcpreply_table} and
+#  ${group_reply_query}.  You can use any query/tables you want, but
+#  the return data for each row MUST be in the following order:
+#
+#  0. Row ID (currently unused)
+#  1. Identifier
+#  2. Item Attr Name
+#  3. Item Attr Value
+#  4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+	SELECT id, Identifier, Attribute, Value, Op \
+	FROM ${dhcpreply_table} \
+	WHERE Identifier = '%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+authorize_group_reply_query = "\
+	SELECT id, GroupName, Attribute, Value, op \
+	FROM ${groupreply_table} \
+	WHERE GroupName = '%{${group_attribute}}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+group_membership_query = "\
+	SELECT GroupName \
+	FROM ${dhcpgroup_table} \
+	WHERE Identifier='%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY priority"
diff --git a/raddb/mods-config/sql/dhcp/postgresql/schema.sql b/raddb/mods-config/sql/dhcp/postgresql/schema.sql
new file mode 100644
index 0000000..0d1727f
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/postgresql/schema.sql
@@ -0,0 +1,44 @@
+/*
+ * $Id$
+ *
+ * PostgreSQL schema for DHCP for FreeRADIUS
+ *
+ */
+
+/*
+ * Table structure for table 'dhcpgroupreply'
+ */
+CREATE TABLE IF NOT EXISTS dhcpgroupreply (
+	id			serial PRIMARY KEY,
+	GroupName		text NOT NULL DEFAULT '',
+	Attribute		text NOT NULL DEFAULT '',
+	op			VARCHAR(2) NOT NULL DEFAULT '=',
+	Value			text NOT NULL DEFAULT '',
+	Context			text NOT NULL DEFAULT ''
+);
+CREATE INDEX dhcpgroupreply_GroupName ON dhcpgroupreply (Context,GroupName,Attribute);
+
+/*
+ * Table structure for table 'dhcpreply'
+ */
+CREATE TABLE IF NOT EXISTS dhcpreply (
+	id			serial PRIMARY KEY,
+	Identifier		text NOT NULL DEFAULT '',
+	Attribute		text NOT NULL DEFAULT '',
+	op			VARCHAR(2) NOT NULL DEFAULT '=',
+	Value			text NOT NULL DEFAULT '',
+	Context			text NOT NULL DEFAULT ''
+);
+CREATE INDEX dhcpreply_Identifier ON dhcpreply (Context,Identifier,Attribute);
+
+/*
+ * Table structure for table 'dhcpgroup'
+ */
+CREATE TABLE IF NOT EXISTS dhcpgroup (
+	id			serial PRIMARY KEY,
+	Identifier		text NOT NULL DEFAULT '',
+	GroupName		text NOT NULL DEFAULT '',
+	Priority		integer NOT NULL DEFAULT 0,
+	Context			text NOT NULL DEFAULT ''
+);
+CREATE INDEX dhcpgroup_Identifier ON dhcpgroup (Context,Identifier);
diff --git a/raddb/mods-config/sql/dhcp/postgresql/setup.sql b/raddb/mods-config/sql/dhcp/postgresql/setup.sql
new file mode 100644
index 0000000..884aa5a
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/postgresql/setup.sql
@@ -0,0 +1,28 @@
+/*
+ * admin.sql -- PostgreSQL commands for creating the RADIUS user.
+ *
+ *	WARNING: You should change 'localhost' and 'radpass'
+ *		 to something else.  Also update raddb/mods-available/sql
+ *		 with the new RADIUS password.
+ *
+ *	WARNING: This example file is untested.  Use at your own risk.
+ *		 Please send any bug fixes to the mailing list.
+ *
+ *	$Id$
+ */
+
+/*
+ *  Create default administrator for RADIUS
+ */
+CREATE USER radius WITH PASSWORD 'radpass';
+
+/*
+ * The server can read any table in SQL
+ */
+GRANT SELECT ON dhcpreply TO radius;
+GRANT SELECT ON dhcpgroupreply TO radius;
+GRANT SELECT ON dhcpgroup TO radius;
+
+GRANT USAGE, SELECT ON SEQUENCE dhcpgroupreply_id_seq TO radius;
+GRANT USAGE, SELECT ON SEQUENCE dhcpreply_id_seq TO radius;
+GRANT USAGE, SELECT ON SEQUENCE dhcpgroup_id_seq TO radius;
diff --git a/raddb/mods-config/sql/dhcp/sqlite/queries.conf b/raddb/mods-config/sql/dhcp/sqlite/queries.conf
new file mode 100644
index 0000000..0cc7202
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/sqlite/queries.conf
@@ -0,0 +1,52 @@
+# -*- text -*-
+#
+#  dhcp/sqlite/queries.conf -- SQLite configuration for DHCP schema (schema.sql)
+#
+#  $Id$
+
+# Safe characters list for sql queries. Everything else is replaced
+# with their mime-encoded equivalents.
+# The default list should be ok
+# safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
+
+#######################################################################
+#  Query config:  Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'.  '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+#  Attribute Lookup Queries
+#######################################################################
+#  These queries setup the reply items in ${dhcpreply_table} and
+#  ${group_reply_query}.  You can use any query/tables you want, but
+#  the return data for each row MUST be in the following order:
+#
+#  0. Row ID (currently unused)
+#  1. Identifier
+#  2. Item Attr Name
+#  3. Item Attr Value
+#  4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+	SELECT id, identifier, attribute, value, op \
+	FROM ${dhcpreply_table} \
+	WHERE identifier = '%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+authorize_group_reply_query = "\
+	SELECT id, groupname, attribute, value, op \
+	FROM ${groupreply_table} \
+	WHERE groupname = '%{${group_attribute}}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY id"
+
+group_membership_query = "\
+	SELECT groupname \
+	FROM ${dhcpgroup_table} \
+	WHERE identifier='%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+	ORDER BY priority"
diff --git a/raddb/mods-config/sql/dhcp/sqlite/schema.sql b/raddb/mods-config/sql/dhcp/sqlite/schema.sql
new file mode 100644
index 0000000..54a9abb
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/sqlite/schema.sql
@@ -0,0 +1,46 @@
+-----------------------------------------------------------------------------
+-- $Id$                 ␉····   --
+--                                                                         --
+--  schema.sql                       rlm_sql - FreeRADIUS SQLite Module    --
+--                                                                         --
+--     Database schema for SQLite rlm_sql module for DHCP                  --
+--                                                                         --
+-----------------------------------------------------------------------------
+
+--
+-- Table structure for table 'dhcpgroupreply'
+--
+CREATE TABLE IF NOT EXISTS dhcpgroupreply (
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	groupname varchar(64) NOT NULL default '',
+	attribute varchar(64) NOT NULL default '',
+	op char(2) NOT NULL DEFAULT '=',
+	value varchar(253) NOT NULL default '',
+	context varchar(16) NOT NULL default ''
+);
+CREATE INDEX dhcpgroupreply_groupname ON dhcpgroupreply(context,groupname);
+
+--
+-- Table structure for table 'dhcpreply'
+--
+CREATE TABLE IF NOT EXISTS dhcpreply (
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	identifier varchar(253) NOT NULL default '',
+	attribute varchar(64) NOT NULL default '',
+	op char(2) NOT NULL DEFAULT '=',
+	value varchar(253) NOT NULL default '',
+	context varchar(16) NOT NULL default ''
+);
+CREATE INDEX dhcpreply_identifier ON dhcpreply(context,identifier);
+
+--
+-- Table structure for table 'dhcpgroup'
+--
+CREATE TABLE IF NOT EXISTS dhcpgroup (
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	identifier varchar(253) NOT NULL default '',
+	groupname varchar(64) NOT NULL default '',
+	priority int(11) NOT NULL default '1',
+	context varchar(16) NOT NULL default ''
+);
+CREATE INDEX dhcpgroup_identifier ON dhcpgroup(context,identifier);