# -*- text -*- ## ## test.conf -- Virtual server configuration for testing radiusd. ## ## $Id$ ## test_port = 10000 correct_escapes = true # Only for testing! # Setting this on a production system is a BAD IDEA. security { allow_vulnerable_openssl = yes } modules { $INCLUDE ${maindir}/mods-enabled/ $INCLUDE ${testdir}/config/eap-test } realm test.example.com { authhost = 127.0.0.1:${test_port} secret = testing123 } policy { files.authorize { if (User-Name == "bob") { update control { &Cleartext-Password := "bob" } } } $INCLUDE ${maindir}/policy.d/ } # # This virtual server is chosen for processing requests when using: # # radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test # server test { listen { ipaddr = 127.0.0.1 port = ${test_port} type = auth } authorize { update reply { &Test-Server-Port = "%{Packet-Dst-Port}" } if (User-Name == "bob") { # # Digest-* tests have a password of "zanzibar" # Or, a hashed version thereof. # if (Digest-Response) { if (&Test-Number == "1") { update control { &Cleartext-Password := "zanzibar" } } elsif (Test-Number == "2") { update control { &Digest-HA1 := 12af60467a33e8518da5c68bbff12b11 } } } else { update control { &Cleartext-Password := "bob" } } } if (User-Name =~ /^(.*)@test\.example\.com$/) { update request { &Stripped-User-Name := "%{1}" } update control { &Proxy-To-Realm := test.example.com } } chap mschap digest eap-test pap } authenticate { pap chap mschap digest eap-test } accounting { if (Packet-Src-IP-Address != 255.255.255.255) { detail } ok } }