aboutsummaryrefslogtreecommitdiffstats
path: root/config/freeradius2
diff options
context:
space:
mode:
Diffstat (limited to 'config/freeradius2')
-rwxr-xr-xconfig/freeradius2/freeradius.inc71
-rw-r--r--config/freeradius2/freeradius.xml4
-rw-r--r--config/freeradius2/freeradius_view_config.php7
-rw-r--r--config/freeradius2/freeradiuscerts.xml2
-rw-r--r--config/freeradius2/freeradiusclients.xml2
-rw-r--r--config/freeradius2/freeradiuseapconf.xml4
-rw-r--r--config/freeradius2/freeradiusinterfaces.xml2
-rw-r--r--config/freeradius2/freeradiussettings.xml2
-rw-r--r--config/freeradius2/freeradiussqlconf.xml2
9 files changed, 62 insertions, 34 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc
index c4edf183..29d4cf12 100755
--- a/config/freeradius2/freeradius.inc
+++ b/config/freeradius2/freeradius.inc
@@ -1,4 +1,41 @@
<?php
+/* copyright */
+/* ========================================================================== */
+/*
+ freeradius.inc
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
+ All rights reserved.
+
+ Based on m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
require_once('config.inc');
require_once('service-utils.inc');
@@ -83,14 +120,14 @@ function freeradius_settings_resync() {
// Dis-/Enable SQL in "instatiate" section in "freeradius_settings_resync" and radiusd.conf
if ($sqlconf['varsqlconfincludeenable'] == 'Enable') {
- $varsqlconfinclude = '\$INCLUDE sql.conf';
- $varsqlconfincludecounter = '\$INCLUDE sql/mysql/counter.conf';
+ $varsqlconfinclude = '$INCLUDE sql.conf';
+ $varsqlconfincludecounter = '$INCLUDE sql/mysql/counter.conf';
$varsqlconfinstantiate = 'sql';
}
if ($sqlconf['varsqlconfincludeenable'] == 'Disable') {
- $varsqlconfinclude = '#\$INCLUDE sql.conf';
- $varsqlconfincludecounter = '#\$INCLUDE sql/mysql/counter.conf';
+ $varsqlconfinclude = '#$INCLUDE sql.conf';
+ $varsqlconfincludecounter = '#$INCLUDE sql/mysql/counter.conf';
$varsqlconfinstantiate = '#sql';
}
@@ -262,8 +299,6 @@ global $config;
$conf = '';
-// Empty variables
-
$arrusers = $config['installedpackages']['freeradius']['config'];
if (is_array($arrusers) && !empty($arrusers)) {
@@ -285,7 +320,6 @@ if (is_array($arrusers) && !empty($arrusers)) {
$varuserstopadditionaloptions = '';
$varusersadditionaloptionstop = '';
-
if(!empty($users['varuserstopadditionaloptions'])) {
$varuserstopadditionaloptions = explode("|", ($users['varuserstopadditionaloptions']));
foreach ($varuserstopadditionaloptions as $toptmp) {
@@ -304,8 +338,6 @@ if (is_array($arrusers) && !empty($arrusers)) {
$varusersadditionaloptionsbottom .= $bottomtmp . "\n\t";
}
}
-
-
// Empty variable
$varusersmainoptions = '';
@@ -442,7 +474,7 @@ function freeradius_eapconf_resync() {
$vareapconfmaxsessions = ($eapconf['vareapconfmaxsessions']?$eapconf['vareapconfmaxsessions']:'4096');
// Variables: EAP-TLS and EAP-TLS with OCSP support
- $vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:'');
+ $vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:'whatever');
$vareapconfocspenable = ($eapconf['vareapconfocspenable']?$eapconf['vareapconfocspenable']:'no');
$vareapconfocspoverridecerturl = ($eapconf['vareapconfocspoverridecerturl']?$eapconf['vareapconfocspoverridecerturl']:'no');
$vareapconfocspurl = ($eapconf['vareapconfocspurl']?$eapconf['vareapconfocspurl']:'http://127.0.0.1/ocsp/');
@@ -665,7 +697,7 @@ function freeradius_sqlconf_resync() {
$varsqlconfreadclients = ($sqlconf['varsqlconfreadclients']?$sqlconf['varsqlconfreadclients']:'yes');
$varsqlconfnastable = ($sqlconf['varsqlconfnastable']?$sqlconf['varsqlconfnastable']:'nas');
- // For more information look at "freeradius_settings_resync"
+ // Additional changes were made in "freeradius_settings_resync"
$conf .= <<<EOD
@@ -719,16 +751,7 @@ function freeradius_serverdefault_resync() {
$varsqlconfenableaccounting = ($sqlconf['varsqlconfenableaccounting']?$sqlconf['varsqlconfenableaccounting']:'Disable');
$varsqlconfenablesession = ($sqlconf['varsqlconfenablesession']?$sqlconf['varsqlconfenablesession']:'Disable');
$varsqlconfenablepostauth = ($sqlconf['varsqlconfenablepostauth']?$sqlconf['varsqlconfenablepostauth']:'Disable');
-
-
- // Disable all sql sections if sql is global disabled
- // if ($sqlconf['varsqlconfincludeenable'] == 'Disable') {
- // $varsqlconfauthorize = '#sql';
- // $varsqlconfaccounting = '#sql';
- // $varsqlconfsession = 'radutmp';
- // $varsqlconfpostauth = '#sql';
- // }
-
+
// authorize section
if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenableauthorize'] == 'Enable')) {
$varsqlconfauthorize = 'sql';
@@ -1689,7 +1712,7 @@ function freeradius_allcertcnf_resync() {
$arrcerts = $config['installedpackages']['freeradiuscerts']['config'][0];
- // General variable for deleting/further generation of Client-Cert
+ // General variable for deleting and generation of further Client-Cert
$varcertscreateclient = ($arrcerts['varcertscreateclient']?$arrcerts['varcertscreateclient']:'no');
// General variables for deleting: CA, Server, Client
@@ -1722,14 +1745,14 @@ function freeradius_allcertcnf_resync() {
// tar client-cert files
exec("cd /usr/local/etc/raddb/certs && tar -cf client.tar client.crt client.csr client.key ca.der client.pem");
- // Make all files in certs folder re-only for root
+ // Make all files in certs folder read/write only for root
exec("chmod -R 0600 /usr/local/etc/raddb/certs/");
}
if ($arrcerts['varcertsdeleteall'] == 'yes') {
- // delete all old certificates and keys
+ // delete all old certificates and keys - deletes certs from pfsense cert-manager IN THIS FOLDER, too.
exec("rm -f /usr/local/etc/raddb/certs/*.pem");
exec("rm -f /usr/local/etc/raddb/certs/*.der");
exec("rm -f /usr/local/etc/raddb/certs/*.csr");
diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml
index d6ecd41d..9b49c0a1 100644
--- a/config/freeradius2/freeradius.xml
+++ b/config/freeradius2/freeradius.xml
@@ -9,7 +9,7 @@
/*
freeradius.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
@@ -304,11 +304,11 @@
</custom_php_resync_config_command>
<custom_php_install_command>
freeradius_install_command();
- freeradius_settings_resync();
freeradius_clients_resync();
freeradius_users_resync();
freeradius_eapconf_resync();
freeradius_sqlconf_resync();
+ freeradius_settings_resync();
freeradius_serverdefault_resync();
freeradius_clientcertcnf_resync();
freeradius_servercertcnf_resync();
diff --git a/config/freeradius2/freeradius_view_config.php b/config/freeradius2/freeradius_view_config.php
index 7a5c52a4..7242851d 100644
--- a/config/freeradius2/freeradius_view_config.php
+++ b/config/freeradius2/freeradius_view_config.php
@@ -1,8 +1,10 @@
<?php
/*
- postfix_view_config.php
+ freeradius_view_config.php
part of pfSense (http://www.pfsense.com/)
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
Copyright (C) 2011 Marcello Coutinho <marcellocoutinho@gmail.com>
+ based on postfix_view_config.php
based on varnish_view_config.
All rights reserved.
@@ -30,6 +32,7 @@
require("guiconfig.inc");
function get_file($file){
+ $files['radiusd']="/usr/local/etc/raddb/radiusd.conf";
$files['eap']="/usr/local/etc/raddb/eap.conf";
$files['sql']="/usr/local/etc/raddb/sql.conf";
$files['clients']="/usr/local/etc/raddb/clients.conf";
@@ -98,6 +101,7 @@ else{
</tr>
<tr>
<td class="tabcont" >
+ <input type="button" onClick="get_freeradius_file('radiusd');" id='btn_radiusd' value="radiusd.conf">&nbsp;
<input type="button" onClick="get_freeradius_file('eap');" id='btn_eap' value="eap.conf">&nbsp;
<input type="button" onClick="get_freeradius_file('sql');" id='btn_sql' value="sql.conf">&nbsp;
<input type="button" onClick="get_freeradius_file('clients');" id='btn_clients' value="clients.conf">&nbsp;
@@ -137,6 +141,7 @@ else{
}
function activitycallback_postfix_file(transport) {
$('file_div').innerHTML = transport.responseText;
+ $('btn_radiusd').value="radiusd.conf";
$('btn_eap').value="eap.conf";
$('btn_sql').value="sql.conf";
$('btn_clients').value="clients.conf";
diff --git a/config/freeradius2/freeradiuscerts.xml b/config/freeradius2/freeradiuscerts.xml
index 27ab3753..629a92ae 100644
--- a/config/freeradius2/freeradiuscerts.xml
+++ b/config/freeradius2/freeradiuscerts.xml
@@ -9,7 +9,7 @@
/*
freeradiuscerts.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml
index c9562ab4..8040242e 100644
--- a/config/freeradius2/freeradiusclients.xml
+++ b/config/freeradius2/freeradiusclients.xml
@@ -9,7 +9,7 @@
/*
freeradiusclients.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml
index 5722ba50..6639ec57 100644
--- a/config/freeradius2/freeradiuseapconf.xml
+++ b/config/freeradius2/freeradiuseapconf.xml
@@ -9,7 +9,7 @@
/*
freeradiuseapconf.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
@@ -176,7 +176,7 @@
<field>
<fielddescr>Private Key Password</fielddescr>
<fieldname>vareapconfprivatekeypassword</fieldname>
- <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reaading the certificate.<b>
+ <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reading the certificate.<br>
The certificates created by pfSense Cert Manager are not protected so you must leave this field empty. (Default: whatever)]]></description>
<type>password</type>
<default_value>whatever</default_value>
diff --git a/config/freeradius2/freeradiusinterfaces.xml b/config/freeradius2/freeradiusinterfaces.xml
index 1697e5ca..9d720020 100644
--- a/config/freeradius2/freeradiusinterfaces.xml
+++ b/config/freeradius2/freeradiusinterfaces.xml
@@ -9,7 +9,7 @@
/*
freeradiusinterfaces.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml
index 7becfed3..7a4c14fb 100644
--- a/config/freeradius2/freeradiussettings.xml
+++ b/config/freeradius2/freeradiussettings.xml
@@ -9,7 +9,7 @@
/*
freeradiussettings.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)
diff --git a/config/freeradius2/freeradiussqlconf.xml b/config/freeradius2/freeradiussqlconf.xml
index 82d0b4e1..226f021d 100644
--- a/config/freeradius2/freeradiussqlconf.xml
+++ b/config/freeradius2/freeradiussqlconf.xml
@@ -9,7 +9,7 @@
/*
freeradiussqlconf.xml
part of pfSense (http://www.pfSense.com)
- Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+ Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
All rights reserved.
Based on m0n0wall (http://m0n0.ch/wall)