diff options
Diffstat (limited to 'config/freeradius2')
-rwxr-xr-x | config/freeradius2/freeradius.inc | 71 | ||||
-rw-r--r-- | config/freeradius2/freeradius.xml | 4 | ||||
-rw-r--r-- | config/freeradius2/freeradius_view_config.php | 7 | ||||
-rw-r--r-- | config/freeradius2/freeradiuscerts.xml | 2 | ||||
-rw-r--r-- | config/freeradius2/freeradiusclients.xml | 2 | ||||
-rw-r--r-- | config/freeradius2/freeradiuseapconf.xml | 4 | ||||
-rw-r--r-- | config/freeradius2/freeradiusinterfaces.xml | 2 | ||||
-rw-r--r-- | config/freeradius2/freeradiussettings.xml | 2 | ||||
-rw-r--r-- | config/freeradius2/freeradiussqlconf.xml | 2 |
9 files changed, 62 insertions, 34 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index c4edf183..29d4cf12 100755 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -1,4 +1,41 @@ <?php +/* copyright */ +/* ========================================================================== */ +/* + freeradius.inc + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + require_once('config.inc'); require_once('service-utils.inc'); @@ -83,14 +120,14 @@ function freeradius_settings_resync() { // Dis-/Enable SQL in "instatiate" section in "freeradius_settings_resync" and radiusd.conf if ($sqlconf['varsqlconfincludeenable'] == 'Enable') { - $varsqlconfinclude = '\$INCLUDE sql.conf'; - $varsqlconfincludecounter = '\$INCLUDE sql/mysql/counter.conf'; + $varsqlconfinclude = '$INCLUDE sql.conf'; + $varsqlconfincludecounter = '$INCLUDE sql/mysql/counter.conf'; $varsqlconfinstantiate = 'sql'; } if ($sqlconf['varsqlconfincludeenable'] == 'Disable') { - $varsqlconfinclude = '#\$INCLUDE sql.conf'; - $varsqlconfincludecounter = '#\$INCLUDE sql/mysql/counter.conf'; + $varsqlconfinclude = '#$INCLUDE sql.conf'; + $varsqlconfincludecounter = '#$INCLUDE sql/mysql/counter.conf'; $varsqlconfinstantiate = '#sql'; } @@ -262,8 +299,6 @@ global $config; $conf = ''; -// Empty variables - $arrusers = $config['installedpackages']['freeradius']['config']; if (is_array($arrusers) && !empty($arrusers)) { @@ -285,7 +320,6 @@ if (is_array($arrusers) && !empty($arrusers)) { $varuserstopadditionaloptions = ''; $varusersadditionaloptionstop = ''; - if(!empty($users['varuserstopadditionaloptions'])) { $varuserstopadditionaloptions = explode("|", ($users['varuserstopadditionaloptions'])); foreach ($varuserstopadditionaloptions as $toptmp) { @@ -304,8 +338,6 @@ if (is_array($arrusers) && !empty($arrusers)) { $varusersadditionaloptionsbottom .= $bottomtmp . "\n\t"; } } - - // Empty variable $varusersmainoptions = ''; @@ -442,7 +474,7 @@ function freeradius_eapconf_resync() { $vareapconfmaxsessions = ($eapconf['vareapconfmaxsessions']?$eapconf['vareapconfmaxsessions']:'4096'); // Variables: EAP-TLS and EAP-TLS with OCSP support - $vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:''); + $vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:'whatever'); $vareapconfocspenable = ($eapconf['vareapconfocspenable']?$eapconf['vareapconfocspenable']:'no'); $vareapconfocspoverridecerturl = ($eapconf['vareapconfocspoverridecerturl']?$eapconf['vareapconfocspoverridecerturl']:'no'); $vareapconfocspurl = ($eapconf['vareapconfocspurl']?$eapconf['vareapconfocspurl']:'http://127.0.0.1/ocsp/'); @@ -665,7 +697,7 @@ function freeradius_sqlconf_resync() { $varsqlconfreadclients = ($sqlconf['varsqlconfreadclients']?$sqlconf['varsqlconfreadclients']:'yes'); $varsqlconfnastable = ($sqlconf['varsqlconfnastable']?$sqlconf['varsqlconfnastable']:'nas'); - // For more information look at "freeradius_settings_resync" + // Additional changes were made in "freeradius_settings_resync" $conf .= <<<EOD @@ -719,16 +751,7 @@ function freeradius_serverdefault_resync() { $varsqlconfenableaccounting = ($sqlconf['varsqlconfenableaccounting']?$sqlconf['varsqlconfenableaccounting']:'Disable'); $varsqlconfenablesession = ($sqlconf['varsqlconfenablesession']?$sqlconf['varsqlconfenablesession']:'Disable'); $varsqlconfenablepostauth = ($sqlconf['varsqlconfenablepostauth']?$sqlconf['varsqlconfenablepostauth']:'Disable'); - - - // Disable all sql sections if sql is global disabled - // if ($sqlconf['varsqlconfincludeenable'] == 'Disable') { - // $varsqlconfauthorize = '#sql'; - // $varsqlconfaccounting = '#sql'; - // $varsqlconfsession = 'radutmp'; - // $varsqlconfpostauth = '#sql'; - // } - + // authorize section if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenableauthorize'] == 'Enable')) { $varsqlconfauthorize = 'sql'; @@ -1689,7 +1712,7 @@ function freeradius_allcertcnf_resync() { $arrcerts = $config['installedpackages']['freeradiuscerts']['config'][0]; - // General variable for deleting/further generation of Client-Cert + // General variable for deleting and generation of further Client-Cert $varcertscreateclient = ($arrcerts['varcertscreateclient']?$arrcerts['varcertscreateclient']:'no'); // General variables for deleting: CA, Server, Client @@ -1722,14 +1745,14 @@ function freeradius_allcertcnf_resync() { // tar client-cert files exec("cd /usr/local/etc/raddb/certs && tar -cf client.tar client.crt client.csr client.key ca.der client.pem"); - // Make all files in certs folder re-only for root + // Make all files in certs folder read/write only for root exec("chmod -R 0600 /usr/local/etc/raddb/certs/"); } if ($arrcerts['varcertsdeleteall'] == 'yes') { - // delete all old certificates and keys + // delete all old certificates and keys - deletes certs from pfsense cert-manager IN THIS FOLDER, too. exec("rm -f /usr/local/etc/raddb/certs/*.pem"); exec("rm -f /usr/local/etc/raddb/certs/*.der"); exec("rm -f /usr/local/etc/raddb/certs/*.csr"); diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index d6ecd41d..9b49c0a1 100644 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -9,7 +9,7 @@ /* freeradius.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) @@ -304,11 +304,11 @@ </custom_php_resync_config_command> <custom_php_install_command> freeradius_install_command(); - freeradius_settings_resync(); freeradius_clients_resync(); freeradius_users_resync(); freeradius_eapconf_resync(); freeradius_sqlconf_resync(); + freeradius_settings_resync(); freeradius_serverdefault_resync(); freeradius_clientcertcnf_resync(); freeradius_servercertcnf_resync(); diff --git a/config/freeradius2/freeradius_view_config.php b/config/freeradius2/freeradius_view_config.php index 7a5c52a4..7242851d 100644 --- a/config/freeradius2/freeradius_view_config.php +++ b/config/freeradius2/freeradius_view_config.php @@ -1,8 +1,10 @@ <?php /* - postfix_view_config.php + freeradius_view_config.php part of pfSense (http://www.pfsense.com/) + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> Copyright (C) 2011 Marcello Coutinho <marcellocoutinho@gmail.com> + based on postfix_view_config.php based on varnish_view_config. All rights reserved. @@ -30,6 +32,7 @@ require("guiconfig.inc"); function get_file($file){ + $files['radiusd']="/usr/local/etc/raddb/radiusd.conf"; $files['eap']="/usr/local/etc/raddb/eap.conf"; $files['sql']="/usr/local/etc/raddb/sql.conf"; $files['clients']="/usr/local/etc/raddb/clients.conf"; @@ -98,6 +101,7 @@ else{ </tr> <tr> <td class="tabcont" > + <input type="button" onClick="get_freeradius_file('radiusd');" id='btn_radiusd' value="radiusd.conf"> <input type="button" onClick="get_freeradius_file('eap');" id='btn_eap' value="eap.conf"> <input type="button" onClick="get_freeradius_file('sql');" id='btn_sql' value="sql.conf"> <input type="button" onClick="get_freeradius_file('clients');" id='btn_clients' value="clients.conf"> @@ -137,6 +141,7 @@ else{ } function activitycallback_postfix_file(transport) { $('file_div').innerHTML = transport.responseText; + $('btn_radiusd').value="radiusd.conf"; $('btn_eap').value="eap.conf"; $('btn_sql').value="sql.conf"; $('btn_clients').value="clients.conf"; diff --git a/config/freeradius2/freeradiuscerts.xml b/config/freeradius2/freeradiuscerts.xml index 27ab3753..629a92ae 100644 --- a/config/freeradius2/freeradiuscerts.xml +++ b/config/freeradius2/freeradiuscerts.xml @@ -9,7 +9,7 @@ /* freeradiuscerts.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml index c9562ab4..8040242e 100644 --- a/config/freeradius2/freeradiusclients.xml +++ b/config/freeradius2/freeradiusclients.xml @@ -9,7 +9,7 @@ /* freeradiusclients.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml index 5722ba50..6639ec57 100644 --- a/config/freeradius2/freeradiuseapconf.xml +++ b/config/freeradius2/freeradiuseapconf.xml @@ -9,7 +9,7 @@ /* freeradiuseapconf.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) @@ -176,7 +176,7 @@ <field> <fielddescr>Private Key Password</fielddescr> <fieldname>vareapconfprivatekeypassword</fieldname> - <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reaading the certificate.<b> + <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reading the certificate.<br> The certificates created by pfSense Cert Manager are not protected so you must leave this field empty. (Default: whatever)]]></description> <type>password</type> <default_value>whatever</default_value> diff --git a/config/freeradius2/freeradiusinterfaces.xml b/config/freeradius2/freeradiusinterfaces.xml index 1697e5ca..9d720020 100644 --- a/config/freeradius2/freeradiusinterfaces.xml +++ b/config/freeradius2/freeradiusinterfaces.xml @@ -9,7 +9,7 @@ /* freeradiusinterfaces.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml index 7becfed3..7a4c14fb 100644 --- a/config/freeradius2/freeradiussettings.xml +++ b/config/freeradius2/freeradiussettings.xml @@ -9,7 +9,7 @@ /* freeradiussettings.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) diff --git a/config/freeradius2/freeradiussqlconf.xml b/config/freeradius2/freeradiussqlconf.xml index 82d0b4e1..226f021d 100644 --- a/config/freeradius2/freeradiussqlconf.xml +++ b/config/freeradius2/freeradiussqlconf.xml @@ -9,7 +9,7 @@ /* freeradiussqlconf.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) |