diff options
Diffstat (limited to 'src/tests/sql_nas_table/config/radiusd.conf')
| -rw-r--r-- | src/tests/sql_nas_table/config/radiusd.conf | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/src/tests/sql_nas_table/config/radiusd.conf b/src/tests/sql_nas_table/config/radiusd.conf new file mode 100644 index 0000000..16513bb --- /dev/null +++ b/src/tests/sql_nas_table/config/radiusd.conf @@ -0,0 +1,143 @@ +# -*- text -*- +# +# test configuration file. Do not install. +# +# $Id$ +# + +# +# Minimal radiusd.conf for testing +# +top_srcdir = $ENV{TOP_SRCDIR} +testdir = $ENV{TESTDIR} +output = ${top_srcdir}/$ENV{OUTPUT} +run_dir = ${output} +raddb = raddb +pidfile = ${run_dir}/radiusd.pid +panic_action = "gdb -batch -x src/tests/panic.gdb %e %p > ${run_dir}/gdb.log 2>&1; cat ${run_dir}/gdb.log" + +maindir = ${raddb} +radacctdir = ${run_dir}/radacct +modconfdir = ${maindir}/mods-config +certdir = ${maindir}/certs +cadir = ${maindir}/certs +test_port = $ENV{TEST_PORT} + +client docnet { + ipaddr = 192.0.2.1 + secret = testing123123 +} + +# Only for testing! +# Setting this on a production system is a BAD IDEA. +security { + allow_vulnerable_openssl = yes +} + +policy { + files.authorize { + if (&User-Name == "bob") { + update control { + &Password.Cleartext := "hello" + } + } + } + $INCLUDE ${maindir}/policy.d/ +} + +modules { + expr { + + } + + sql { + driver = "rlm_sql_sqlite" + dialect = "sqlite" + sqlite { + # Path to the sqlite database + filename = "$ENV{SQL_NASTABLE_DB}" + + # How long to wait for write locks on the database to be + # released (in ms) before giving up. + busy_timeout = 200 + + # The bootstrap is handled by src/tests/sql_nas_table/all.mk + } + + radius_db = "radius" + + acct_table1 = "radacct" + acct_table2 = "radacct" + postauth_table = "radpostauth" + authcheck_table = "radcheck" + groupcheck_table = "radgroupcheck" + authreply_table = "radreply" + groupreply_table = "radgroupreply" + usergroup_table = "radusergroup" + read_groups = yes + read_profiles = yes + + # Set to 'yes' to read radius clients from the database ('nas' table) + # Clients will ONLY be read on server startup. + read_clients = yes + + # Table to keep radius client info + client_table = "nas" + + # The group attribute specific to this instance of rlm_sql + group_attribute = "SQL-Group" + + # Read database-specific queries + $INCLUDE ${modconfdir}/${.:name}/main/${dialect}/queries.conf + } + + always reject { + rcode = reject + } + always fail { + rcode = fail + } + always ok { + rcode = ok + } + always handled { + rcode = handled + } + always invalid { + rcode = invalid + } + always notfound { + rcode = notfound + } + always noop { + rcode = noop + } + always updated { + rcode = updated + } +} + +# +# This virtual server is chosen for processing requests when using: +# +# radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test +# +server extra { + listen { + ipaddr = 127.0.0.1 + port = ${test_port} + type = auth + } + + authorize { + if (&User-Name == "bob") { + accept + } else { + reject + } + } + + authenticate { + + } +} |