diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 14:11:00 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 14:11:00 +0000 |
| commit | af754e596a8dbb05ed8580c342e7fe02e08b28e0 (patch) | |
| tree | b2f334c2b55ede42081aa6710a72da784547d8ea /src/tests/config | |
| parent | Initial commit. (diff) | |
| download | freeradius-af754e596a8dbb05ed8580c342e7fe02e08b28e0.tar.xz freeradius-af754e596a8dbb05ed8580c342e7fe02e08b28e0.zip | |
Adding upstream version 3.2.3+dfsg.upstream/3.2.3+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/tests/config')
| -rw-r--r-- | src/tests/config/test.conf | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/src/tests/config/test.conf b/src/tests/config/test.conf new file mode 100644 index 0000000..832b125 --- /dev/null +++ b/src/tests/config/test.conf @@ -0,0 +1,114 @@ +# -*- text -*- +## +## test.conf -- Virtual server configuration for testing radiusd. +## +## $Id$ +## + +test_port = 10000 + +correct_escapes = true + +# Only for testing! +# Setting this on a production system is a BAD IDEA. +security { + allow_vulnerable_openssl = yes +} + +modules { + $INCLUDE ${maindir}/mods-enabled/ + $INCLUDE ${testdir}/config/eap-test +} + +realm test.example.com { + authhost = 127.0.0.1:${test_port} + secret = testing123 +} + +policy { + files.authorize { + if (User-Name == "bob") { + update control { + &Cleartext-Password := "bob" + } + } + } + + $INCLUDE ${maindir}/policy.d/ +} + + +# +# This virtual server is chosen for processing requests when using: +# +# radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test +# +server test { + listen { + ipaddr = 127.0.0.1 + port = ${test_port} + type = auth + } + +authorize { + update reply { + &Test-Server-Port = "%{Packet-Dst-Port}" + } + + if (User-Name == "bob") { + # + # Digest-* tests have a password of "zanzibar" + # Or, a hashed version thereof. + # + if (Digest-Response) { + if (&Test-Number == "1") { + update control { + &Cleartext-Password := "zanzibar" + } + } + elsif (Test-Number == "2") { + update control { + &Digest-HA1 := 12af60467a33e8518da5c68bbff12b11 + } + } + } + else { + update control { + &Cleartext-Password := "bob" + } + } + } + + if (User-Name =~ /^(.*)@test\.example\.com$/) { + update request { + &Stripped-User-Name := "%{1}" + } + update control { + &Proxy-To-Realm := test.example.com + } + } + + chap + mschap + digest + eap-test + pap +} + +authenticate { + pap + chap + mschap + digest + eap-test +} + +accounting { + if (Packet-Src-IP-Address != 255.255.255.255) { + detail + } + + ok +} + +} |