summaryrefslogtreecommitdiffstats
path: root/src/tests/config
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/tests/config/test.conf114
1 files changed, 114 insertions, 0 deletions
diff --git a/src/tests/config/test.conf b/src/tests/config/test.conf
new file mode 100644
index 0000000..832b125
--- /dev/null
+++ b/src/tests/config/test.conf
@@ -0,0 +1,114 @@
+# -*- text -*-
+##
+## test.conf -- Virtual server configuration for testing radiusd.
+##
+## $Id$
+##
+
+test_port = 10000
+
+correct_escapes = true
+
+# Only for testing!
+# Setting this on a production system is a BAD IDEA.
+security {
+ allow_vulnerable_openssl = yes
+}
+
+modules {
+ $INCLUDE ${maindir}/mods-enabled/
+ $INCLUDE ${testdir}/config/eap-test
+}
+
+realm test.example.com {
+ authhost = 127.0.0.1:${test_port}
+ secret = testing123
+}
+
+policy {
+ files.authorize {
+ if (User-Name == "bob") {
+ update control {
+ &Cleartext-Password := "bob"
+ }
+ }
+ }
+
+ $INCLUDE ${maindir}/policy.d/
+}
+
+
+#
+# This virtual server is chosen for processing requests when using:
+#
+# radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test
+#
+server test {
+ listen {
+ ipaddr = 127.0.0.1
+ port = ${test_port}
+ type = auth
+ }
+
+authorize {
+ update reply {
+ &Test-Server-Port = "%{Packet-Dst-Port}"
+ }
+
+ if (User-Name == "bob") {
+ #
+ # Digest-* tests have a password of "zanzibar"
+ # Or, a hashed version thereof.
+ #
+ if (Digest-Response) {
+ if (&Test-Number == "1") {
+ update control {
+ &Cleartext-Password := "zanzibar"
+ }
+ }
+ elsif (Test-Number == "2") {
+ update control {
+ &Digest-HA1 := 12af60467a33e8518da5c68bbff12b11
+ }
+ }
+ }
+ else {
+ update control {
+ &Cleartext-Password := "bob"
+ }
+ }
+ }
+
+ if (User-Name =~ /^(.*)@test\.example\.com$/) {
+ update request {
+ &Stripped-User-Name := "%{1}"
+ }
+ update control {
+ &Proxy-To-Realm := test.example.com
+ }
+ }
+
+ chap
+ mschap
+ digest
+ eap-test
+ pap
+}
+
+authenticate {
+ pap
+ chap
+ mschap
+ digest
+ eap-test
+}
+
+accounting {
+ if (Packet-Src-IP-Address != 255.255.255.255) {
+ detail
+ }
+
+ ok
+}
+
+}