diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:49:46 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:49:46 +0000 |
commit | 50b37d4a27d3295a29afca2286f1a5a086142cec (patch) | |
tree | 9212f763934ee090ef72d823f559f52ce387f268 /src/tests/config/test.conf | |
parent | Initial commit. (diff) | |
download | freeradius-upstream/3.2.1+dfsg.tar.xz freeradius-upstream/3.2.1+dfsg.zip |
Adding upstream version 3.2.1+dfsg.upstream/3.2.1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/tests/config/test.conf')
-rw-r--r-- | src/tests/config/test.conf | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/src/tests/config/test.conf b/src/tests/config/test.conf new file mode 100644 index 0000000..832b125 --- /dev/null +++ b/src/tests/config/test.conf @@ -0,0 +1,114 @@ +# -*- text -*- +## +## test.conf -- Virtual server configuration for testing radiusd. +## +## $Id$ +## + +test_port = 10000 + +correct_escapes = true + +# Only for testing! +# Setting this on a production system is a BAD IDEA. +security { + allow_vulnerable_openssl = yes +} + +modules { + $INCLUDE ${maindir}/mods-enabled/ + $INCLUDE ${testdir}/config/eap-test +} + +realm test.example.com { + authhost = 127.0.0.1:${test_port} + secret = testing123 +} + +policy { + files.authorize { + if (User-Name == "bob") { + update control { + &Cleartext-Password := "bob" + } + } + } + + $INCLUDE ${maindir}/policy.d/ +} + + +# +# This virtual server is chosen for processing requests when using: +# +# radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test +# +server test { + listen { + ipaddr = 127.0.0.1 + port = ${test_port} + type = auth + } + +authorize { + update reply { + &Test-Server-Port = "%{Packet-Dst-Port}" + } + + if (User-Name == "bob") { + # + # Digest-* tests have a password of "zanzibar" + # Or, a hashed version thereof. + # + if (Digest-Response) { + if (&Test-Number == "1") { + update control { + &Cleartext-Password := "zanzibar" + } + } + elsif (Test-Number == "2") { + update control { + &Digest-HA1 := 12af60467a33e8518da5c68bbff12b11 + } + } + } + else { + update control { + &Cleartext-Password := "bob" + } + } + } + + if (User-Name =~ /^(.*)@test\.example\.com$/) { + update request { + &Stripped-User-Name := "%{1}" + } + update control { + &Proxy-To-Realm := test.example.com + } + } + + chap + mschap + digest + eap-test + pap +} + +authenticate { + pap + chap + mschap + digest + eap-test +} + +accounting { + if (Packet-Src-IP-Address != 255.255.255.255) { + detail + } + + ok +} + +} |