1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
# -*- text -*-
#
# dhcp/mysql/queries.conf -- MySQL configuration for DHCP schema (schema.sql)
#
# $Id$
# Use the driver specific SQL escape method.
#
# If you enable this configuration item, the "safe_characters"
# configuration is ignored. FreeRADIUS then uses the PostgreSQL escape
# functions to escape input strings. The only downside to making this
# change is that the PostgreSQL escaping method is not the same the one
# used by FreeRADIUS. So characters which are NOT in the
# "safe_characters" list will now be stored differently in the database.
#
#auto_escape = yes
# Safe characters list for sql queries. Everything else is replaced
# with their mime-encoded equivalents.
# The default list should be ok
# Using 'auto_escape' is preferred
safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
#######################################################################
# Connection config
#######################################################################
# The character set is not configurable. The default character set of
# the mysql client library is used. To control the character set,
# create/edit my.cnf (typically in /etc/mysql/my.cnf or /etc/my.cnf)
# and enter
# [client]
# default-character-set = utf8
#
#######################################################################
# Query config: Identifier
#######################################################################
# This is the identifier that will get substituted, escaped, and added
# as attribute 'SQL-User-Name'. '%{SQL-User-Name}' should be used
# below everywhere an identifier substitution is needed so you you can
# be sure the identifier passed from the client is escaped properly.
#
sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
#######################################################################
# Attribute Lookup Queries
#######################################################################
# These queries setup the reply items in ${dhcpreply_table} and
# ${group_reply_query}. You can use any query/tables you want, but
# the return data for each row MUST be in the following order:
#
# 0. Row ID (currently unused)
# 1. Identifier
# 2. Item Attr Name
# 3. Item Attr Value
# 4. Item Attr Operation
#######################################################################
authorize_reply_query = "\
SELECT id, identifier, attribute, value, Op \
FROM ${dhcpreply_table} \
WHERE identifier = '%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
ORDER BY id"
authorize_group_reply_query = "\
SELECT id, groupname, attribute, value, op \
FROM ${groupreply_table} \
WHERE groupname = '%{${group_attribute}}' AND context = '%{control:DHCP-SQL-Option-Context}' \
ORDER BY id"
group_membership_query = "\
SELECT groupnme \
FROM ${dhcpgroup_table} \
WHERE identifier='%{SQL-User-Name}' AND context = '%{control:DHCP-SQL-Option-Context}' \
ORDER BY priority"
|
