blob: 69d44f7f2e471fe613099f98425701b5e7c56f78 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
#
# Minimal radiusd.conf for testing
#
raddb = $ENV{RADDB}
modconfdir = ${raddb}/mods-config
testdir = $ENV{TEST_PATH}
pidfile = ${testdir}/radiusd.pid
panic_action = "gdb -batch -x ${raddb}/panic.gdb %e %p > ${testdir}/gdb-radiusd.log 2>&1; cat ${testdir}/gdb-radiusd.log"
certdir = ${raddb}/certs
cadir = ${raddb}/certs
libdir = $ENV{LIB_PATH}
max_requests = 1048576
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
cleanup_delay = 5
max_queue_size = 65536
auto_limit_acct = no
}
#
# Referenced by some modules for default thread pool configuration
#
modules {
$INCLUDE ${raddb}/mods-available/always
}
clients radsec {
client home {
ipaddr = 127.0.0.1
proto = tls
}
}
listen {
type = auth
ipaddr = 127.0.0.1
port = $ENV{FR_LOCAL_PREFIX}2083
proto = tcp
clients = radsec
virtual_server = default
tls {
private_key_password = whatever
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
ca_file = ${cadir}/ca.pem
fragment_size = 8192
ca_path = ${cadir}
cipher_list = "DEFAULT"
tls_min_version = "1.2"
tls_max_version = "1.2"
}
}
listen {
type = acct
ipaddr = 127.0.0.1
port = $ENV{FR_LOCAL_PREFIX}2084
proto = tcp
clients = radsec
virtual_server = default
tls {
private_key_password = whatever
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
ca_file = ${cadir}/ca.pem
fragment_size = 8192
ca_path = ${cadir}
cipher_list = "DEFAULT"
tls_min_version = "1.3"
tls_max_version = "1.3"
}
}
server default {
authorize {
update control {
Auth-Type := accept
}
}
preacct {
update control {
Response-Packet-Type := Accounting-Response
}
}
acct {
ok
}
}
|