summaryrefslogtreecommitdiffstats
path: root/raddb/mods-config/sql/dhcp/mysql/queries.conf
diff options
context:
space:
mode:
Diffstat (limited to 'raddb/mods-config/sql/dhcp/mysql/queries.conf')
-rw-r--r--raddb/mods-config/sql/dhcp/mysql/queries.conf75
1 files changed, 75 insertions, 0 deletions
diff --git a/raddb/mods-config/sql/dhcp/mysql/queries.conf b/raddb/mods-config/sql/dhcp/mysql/queries.conf
new file mode 100644
index 0000000..a28037b
--- /dev/null
+++ b/raddb/mods-config/sql/dhcp/mysql/queries.conf
@@ -0,0 +1,75 @@
+# -*- text -*-
+#
+# dhcp/mysql/queries.conf -- MySQL configuration for DHCP schema (schema.sql)
+#
+# $Id$
+
+# Use the driver specific SQL escape method.
+#
+# If you enable this configuration item, the "safe_characters"
+# configuration is ignored. FreeRADIUS then uses the PostgreSQL escape
+# functions to escape input strings. The only downside to making this
+# change is that the PostgreSQL escaping method is not the same the one
+# used by FreeRADIUS. So characters which are NOT in the
+# "safe_characters" list will now be stored differently in the database.
+#
+#auto_escape = yes
+
+# Safe characters list for sql queries. Everything else is replaced
+# with their mime-encoded equivalents.
+# The default list should be ok
+# Using 'auto_escape' is preferred
+safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
+
+#######################################################################
+# Connection config
+#######################################################################
+# The character set is not configurable. The default character set of
+# the mysql client library is used. To control the character set,
+# create/edit my.cnf (typically in /etc/mysql/my.cnf or /etc/my.cnf)
+# and enter
+# [client]
+# default-character-set = utf8
+#
+
+#######################################################################
+# Query config: Identifier
+#######################################################################
+# This is the identifier that will get substituted, escaped, and added
+# as attribute 'SQL-User-Name'. '%{SQL-User-Name}' should be used
+# below everywhere an identifier substitution is needed so you you can
+# be sure the identifier passed from the client is escaped properly.
+#
+sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
+
+#######################################################################
+# Attribute Lookup Queries
+#######################################################################
+# These queries setup the reply items in ${dhcpreply_table} and
+# ${group_reply_query}. You can use any query/tables you want, but
+# the return data for each row MUST be in the following order:
+#
+# 0. Row ID (currently unused)
+# 1. Identifier
+# 2. Item Attr Name
+# 3. Item Attr Value
+# 4. Item Attr Operation
+#######################################################################
+
+authorize_reply_query = "\
+ SELECT id, identifier, attribute, value, Op \
+ FROM ${dhcpreply_table} \
+ WHERE identifier = '%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+ ORDER BY id"
+
+authorize_group_reply_query = "\
+ SELECT id, groupname, attribute, value, op \
+ FROM ${groupreply_table} \
+ WHERE groupname = '%{${group_attribute}}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+ ORDER BY id"
+
+group_membership_query = "\
+ SELECT groupnme \
+ FROM ${dhcpgroup_table} \
+ WHERE identifier='%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
+ ORDER BY priority"