diff options
Diffstat (limited to 'config')
-rwxr-xr-x | config/freeradius2/freeradius.inc | 18 | ||||
-rwxr-xr-x | config/freeradius2/freeradius.xml | 5 | ||||
-rwxr-xr-x | config/freeradius2/freeradiuseapconf.xml | 13 |
3 files changed, 29 insertions, 7 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 356f4229..816eb984 100755 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -521,7 +521,20 @@ function freeradius_eapconf_resync() { $vareapconfpeapdefaulteaptype = ($eapconf['vareapconfpeapdefaulteaptype']?$eapconf['vareapconfpeapdefaulteaptype']:'mschapv2'); $vareapconfpeapcopyrequesttotunnel = ($eapconf['vareapconfpeapcopyrequesttotunnel']?$eapconf['vareapconfpeapcopyrequesttotunnel']:'no'); $vareapconfpeapusetunneledreply = ($eapconf['vareapconfpeapusetunneledreply']?$eapconf['vareapconfpeapusetunneledreply']:'no'); - + $vareapconfpeapsohenable = ($eapconf['vareapconfpeapsohenable']?$eapconf['vareapconfpeapsohenable']:'Disable'); + + // This is for enable/disbable MS SoH in EAP-PEAP and the virtuial-server "soh-server" + if ($eapconf['vareapconfpeapsohenable'] == 'Enable') { + $vareapconfpeapsoh = 'soh = yes' . "\n\t\t\tsoh_virtual_server = " . '"' . "soh-server" . '"'; + exec("ln -s /usr/local/etc/raddb/sites-available/soh /usr/local/etc/raddb/sites-enabled/"); + } + else { + $vareapconfpeapsoh = '### MS SoH Server is disabled ###'; + if (file_exists("/usr/local/etc/raddb/sites-enabled/soh")) { + exec("rm -f /usr/local/etc/raddb/sites-enabled/soh"); + } + } + // The filenames of pfsense cert manager are different from freeradius cert manager so it is possible to store both in the same folder at any time. // This is for the pfsense cert manager @@ -653,8 +666,7 @@ if ($vareapconfchoosecertmanager == 'radiuscertmgr') { copy_request_to_tunnel = $vareapconfpeapcopyrequesttotunnel use_tunneled_reply = $vareapconfpeapusetunneledreply # proxy_tunneled_request_as_eap = yes - soh = yes - soh_virtual_server = "soh" + $vareapconfpeapsoh } mschapv2 { # send_error = no diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index 2f37b067..bcff9b17 100755 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -55,10 +55,10 @@ <url>/pkg.php?xml=freeradius.xml</url> </menu> <service> - <name>FreeRADIUS</name> + <name>radiusd</name> <rcfile>radiusd.sh</rcfile> <executable>radiusd</executable> - <description><![CDATA[The FreeRADIUS daemon.]]></description> + <description><![CDATA[FreeRADIUS Server]]></description> </service> <tabs> @@ -332,7 +332,6 @@ freeradius_sqlconf_resync(); exec("rm -f /usr/local/etc/raddb/sites-enabled/control-socket"); exec("rm -f /usr/local/etc/raddb/sites-enabled/inner-tunnel"); - exec("ln -s /usr/local/etc/raddb/sites-available/soh /usr/local/etc/raddb/sites-enabled/"); </custom_php_install_command> <custom_php_deinstall_command> freeradius_deinstall_command(); diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml index 759c6065..dd70a959 100755 --- a/config/freeradius2/freeradiuseapconf.xml +++ b/config/freeradius2/freeradiuseapconf.xml @@ -289,7 +289,18 @@ <option><name>No</name><value>no</value></option> <option><name>Yes</name><value>yes</value></option> </options> - </field> + </field> + <field> + <fielddescr>Microsoft Statement of Health (SoH) Support</fielddescr> + <fieldname>vareapconfpeapsohenable</fieldname> + <description><![CDATA[You can accept/reject clients if they have not actual windows updates and more. You need to change server-file for your needs. It cannot be changed from GUI and will be deleted after package (re)installation. (/usr/local/etc/raddb/sites-available/soh). (Default: no)]]></description> + <type>select</type> + <default_value>Disable</default_value> + <options> + <option><name>Disable</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> + </options> + </field> </fields> <custom_delete_php_command> freeradius_eapconf_resync(); |