aboutsummaryrefslogtreecommitdiffstats
path: root/config/freeradius2
diff options
context:
space:
mode:
Diffstat (limited to 'config/freeradius2')
-rwxr-xr-xconfig/freeradius2/freeradius.inc18
-rwxr-xr-xconfig/freeradius2/freeradius.xml5
-rwxr-xr-xconfig/freeradius2/freeradiuseapconf.xml13
3 files changed, 29 insertions, 7 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc
index 356f4229..816eb984 100755
--- a/config/freeradius2/freeradius.inc
+++ b/config/freeradius2/freeradius.inc
@@ -521,7 +521,20 @@ function freeradius_eapconf_resync() {
$vareapconfpeapdefaulteaptype = ($eapconf['vareapconfpeapdefaulteaptype']?$eapconf['vareapconfpeapdefaulteaptype']:'mschapv2');
$vareapconfpeapcopyrequesttotunnel = ($eapconf['vareapconfpeapcopyrequesttotunnel']?$eapconf['vareapconfpeapcopyrequesttotunnel']:'no');
$vareapconfpeapusetunneledreply = ($eapconf['vareapconfpeapusetunneledreply']?$eapconf['vareapconfpeapusetunneledreply']:'no');
-
+ $vareapconfpeapsohenable = ($eapconf['vareapconfpeapsohenable']?$eapconf['vareapconfpeapsohenable']:'Disable');
+
+ // This is for enable/disbable MS SoH in EAP-PEAP and the virtuial-server "soh-server"
+ if ($eapconf['vareapconfpeapsohenable'] == 'Enable') {
+ $vareapconfpeapsoh = 'soh = yes' . "\n\t\t\tsoh_virtual_server = " . '"' . "soh-server" . '"';
+ exec("ln -s /usr/local/etc/raddb/sites-available/soh /usr/local/etc/raddb/sites-enabled/");
+ }
+ else {
+ $vareapconfpeapsoh = '### MS SoH Server is disabled ###';
+ if (file_exists("/usr/local/etc/raddb/sites-enabled/soh")) {
+ exec("rm -f /usr/local/etc/raddb/sites-enabled/soh");
+ }
+ }
+
// The filenames of pfsense cert manager are different from freeradius cert manager so it is possible to store both in the same folder at any time.
// This is for the pfsense cert manager
@@ -653,8 +666,7 @@ if ($vareapconfchoosecertmanager == 'radiuscertmgr') {
copy_request_to_tunnel = $vareapconfpeapcopyrequesttotunnel
use_tunneled_reply = $vareapconfpeapusetunneledreply
# proxy_tunneled_request_as_eap = yes
- soh = yes
- soh_virtual_server = "soh"
+ $vareapconfpeapsoh
}
mschapv2 {
# send_error = no
diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml
index 2f37b067..bcff9b17 100755
--- a/config/freeradius2/freeradius.xml
+++ b/config/freeradius2/freeradius.xml
@@ -55,10 +55,10 @@
<url>/pkg.php?xml=freeradius.xml</url>
</menu>
<service>
- <name>FreeRADIUS</name>
+ <name>radiusd</name>
<rcfile>radiusd.sh</rcfile>
<executable>radiusd</executable>
- <description><![CDATA[The FreeRADIUS daemon.]]></description>
+ <description><![CDATA[FreeRADIUS Server]]></description>
</service>
<tabs>
@@ -332,7 +332,6 @@
freeradius_sqlconf_resync();
exec("rm -f /usr/local/etc/raddb/sites-enabled/control-socket");
exec("rm -f /usr/local/etc/raddb/sites-enabled/inner-tunnel");
- exec("ln -s /usr/local/etc/raddb/sites-available/soh /usr/local/etc/raddb/sites-enabled/");
</custom_php_install_command>
<custom_php_deinstall_command>
freeradius_deinstall_command();
diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml
index 759c6065..dd70a959 100755
--- a/config/freeradius2/freeradiuseapconf.xml
+++ b/config/freeradius2/freeradiuseapconf.xml
@@ -289,7 +289,18 @@
<option><name>No</name><value>no</value></option>
<option><name>Yes</name><value>yes</value></option>
</options>
- </field>
+ </field>
+ <field>
+ <fielddescr>Microsoft Statement of Health (SoH) Support</fielddescr>
+ <fieldname>vareapconfpeapsohenable</fieldname>
+ <description><![CDATA[You can accept/reject clients if they have not actual windows updates and more. You need to change server-file for your needs. It cannot be changed from GUI and will be deleted after package (re)installation. (/usr/local/etc/raddb/sites-available/soh). (Default: no)]]></description>
+ <type>select</type>
+ <default_value>Disable</default_value>
+ <options>
+ <option><name>Disable</name><value>Disable</value></option>
+ <option><name>Enable</name><value>Enable</value></option>
+ </options>
+ </field>
</fields>
<custom_delete_php_command>
freeradius_eapconf_resync();