summaryrefslogtreecommitdiffstats
path: root/src/tests/modules/radiusd.conf
blob: 220f341074f6724df51a92a42e31930b16a7925b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#
#  Minimal radiusd.conf for testing modules
#

raddb		= raddb

modconfdir	= ${raddb}/mods-config

correct_escapes	= true

#  Only for testing!
#  Setting this on a production system is a BAD IDEA.
security {
	allow_vulnerable_openssl = yes
}

modules {
	$INCLUDE ${raddb}/mods-enabled/always

	$INCLUDE ${raddb}/mods-enabled/pap

	$INCLUDE ${raddb}/mods-enabled/expr

	$INCLUDE $ENV{MODULE_TEST_DIR}/module.conf
}

server default {
	authorize {
		#
		# Include the test file specified by the
		# KEYWORD environment variable.
		#
		$INCLUDE $ENV{MODULE_TEST_UNLANG}

		pap
	}

	authenticate {
		pap
	}
}

policy {
	test_pass {
		update control {
			Tmp-String-8 := "%{expr:%{%{control:Tmp-String-8}:-0} + 1}"
			Auth-Type := Accept
		}
	}

	test_fail {
		update reply {
			Reply-Message := "fail %{%{control:Tmp-String-8}:-0}"
		}
		reject
	}

	#
	#  Outputs the contents of the control list in debugging (-X) mode
	#
	debug_control {
		if("%{debug_attr:control:}" == '') {
			noop
		}
	}

	#
	#  Outputs the contents of the request list in debugging (-X) mode
	#
	debug_request {
		if("%{debug_attr:request:}" == '') {
			noop
		}
	}

	#
	#  Outputs the contents of the reply list in debugging (-X) mode
	#
	debug_reply {
		if("%{debug_attr:reply:}" == '') {
			noop
		}
	}

	#
	#  Outputs the contents of the session state list in debugging (-X) mode
	#
	debug_session_state {
		if("%{debug_attr:session-state:}" == '') {
			noop
		}
	}

	#
	#  Outputs the contents of the main lists in debugging (-X) mode
	#
	debug_all {
		debug_control
		debug_request
		debug_reply
		debug_session_state
	}
}