From 2171a57b622bceb8248bfac3290ce093928d32f7 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:50:39 +0100
Subject: Update config/freeradius2/freeradiussqlconf.xml

---
 config/freeradius2/freeradiussqlconf.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiussqlconf.xml b/config/freeradius2/freeradiussqlconf.xml
index 82d0b4e1..226f021d 100644
--- a/config/freeradius2/freeradiussqlconf.xml
+++ b/config/freeradius2/freeradiussqlconf.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiussqlconf.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
-- 
cgit v1.2.3


From 5491accef4dc2d7a78ec96b42a6f88c863ece030 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:51:48 +0100
Subject: Update config/freeradius2/freeradiussettings.xml

---
 config/freeradius2/freeradiussettings.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml
index 7becfed3..7a4c14fb 100644
--- a/config/freeradius2/freeradiussettings.xml
+++ b/config/freeradius2/freeradiussettings.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiussettings.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
-- 
cgit v1.2.3


From c556560f520d439641a687332239f6f4ca4d1fca Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:52:15 +0100
Subject: Update config/freeradius2/freeradiusinterfaces.xml

---
 config/freeradius2/freeradiusinterfaces.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiusinterfaces.xml b/config/freeradius2/freeradiusinterfaces.xml
index 1697e5ca..9d720020 100644
--- a/config/freeradius2/freeradiusinterfaces.xml
+++ b/config/freeradius2/freeradiusinterfaces.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiusinterfaces.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
-- 
cgit v1.2.3


From 73ec1ee7ab70513966e17284a2beafd219ae1c1e Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:52:49 +0100
Subject: Update config/freeradius2/freeradiuseapconf.xml

---
 config/freeradius2/freeradiuseapconf.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml
index 5722ba50..6639ec57 100644
--- a/config/freeradius2/freeradiuseapconf.xml
+++ b/config/freeradius2/freeradiuseapconf.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiuseapconf.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
@@ -176,7 +176,7 @@
 		<field>
 			<fielddescr>Private Key Password</fielddescr>
 			<fieldname>vareapconfprivatekeypassword</fieldname>
-			<description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reaading the certificate.<b>
+			<description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reading the certificate.<br>
 								The certificates created by pfSense Cert Manager are not protected so you must leave this field empty. (Default: whatever)]]></description>
 			<type>password</type>
 			<default_value>whatever</default_value>
-- 
cgit v1.2.3


From 3da43b9b1e65e7a41c09ae4ec4d386737c74925c Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:53:21 +0100
Subject: Update config/freeradius2/freeradiusclients.xml

---
 config/freeradius2/freeradiusclients.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml
index c9562ab4..8040242e 100644
--- a/config/freeradius2/freeradiusclients.xml
+++ b/config/freeradius2/freeradiusclients.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiusclients.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
-- 
cgit v1.2.3


From b25586cd986896e4c123d9e21660c386ea173e30 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:53:53 +0100
Subject: Update config/freeradius2/freeradiuscerts.xml

---
 config/freeradius2/freeradiuscerts.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradiuscerts.xml b/config/freeradius2/freeradiuscerts.xml
index 27ab3753..629a92ae 100644
--- a/config/freeradius2/freeradiuscerts.xml
+++ b/config/freeradius2/freeradiuscerts.xml
@@ -9,7 +9,7 @@
 /*
 	freeradiuscerts.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
-- 
cgit v1.2.3


From 848208a8f2859252218ca825871677df9638d667 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:54:50 +0100
Subject: Update config/freeradius2/freeradius_view_config.php

---
 config/freeradius2/freeradius_view_config.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradius_view_config.php b/config/freeradius2/freeradius_view_config.php
index 7a5c52a4..7242851d 100644
--- a/config/freeradius2/freeradius_view_config.php
+++ b/config/freeradius2/freeradius_view_config.php
@@ -1,8 +1,10 @@
 <?php
 /*
-	postfix_view_config.php
+	freeradius_view_config.php
 	part of pfSense (http://www.pfsense.com/)
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	Copyright (C) 2011 Marcello Coutinho <marcellocoutinho@gmail.com>
+	based on postfix_view_config.php
 	based on varnish_view_config.
 	All rights reserved.
 
@@ -30,6 +32,7 @@
 
 require("guiconfig.inc");
 function get_file($file){
+	$files['radiusd']="/usr/local/etc/raddb/radiusd.conf";
 	$files['eap']="/usr/local/etc/raddb/eap.conf";
 	$files['sql']="/usr/local/etc/raddb/sql.conf";
 	$files['clients']="/usr/local/etc/raddb/clients.conf";
@@ -98,6 +101,7 @@ else{
 						</tr>
 							<tr>
 							<td class="tabcont" >
+							<input type="button" onClick="get_freeradius_file('radiusd');" id='btn_radiusd' value="radiusd.conf">&nbsp;
 							<input type="button" onClick="get_freeradius_file('eap');" id='btn_eap' value="eap.conf">&nbsp;
 							<input type="button" onClick="get_freeradius_file('sql');" id='btn_sql' value="sql.conf">&nbsp;
 							<input type="button" onClick="get_freeradius_file('clients');" id='btn_clients' value="clients.conf">&nbsp;
@@ -137,6 +141,7 @@ else{
 			}
 		function activitycallback_postfix_file(transport) {
 			$('file_div').innerHTML = transport.responseText;
+			$('btn_radiusd').value="radiusd.conf";
 			$('btn_eap').value="eap.conf";
 			$('btn_sql').value="sql.conf";
 			$('btn_clients').value="clients.conf";
-- 
cgit v1.2.3


From bddb33d8a93d155a352f197d85300b11e3d33f38 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:55:23 +0100
Subject: Update config/freeradius2/freeradius.xml

---
 config/freeradius2/freeradius.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml
index d6ecd41d..9b49c0a1 100644
--- a/config/freeradius2/freeradius.xml
+++ b/config/freeradius2/freeradius.xml
@@ -9,7 +9,7 @@
 /*
 	freeradius.xml
 	part of pfSense (http://www.pfSense.com)
-	Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de>
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
 	All rights reserved.
 
 	Based on m0n0wall (http://m0n0.ch/wall)
@@ -304,11 +304,11 @@
 	</custom_php_resync_config_command>
 	<custom_php_install_command>
 		freeradius_install_command();
-		freeradius_settings_resync();
 		freeradius_clients_resync();
 		freeradius_users_resync();
 		freeradius_eapconf_resync();
 		freeradius_sqlconf_resync();
+		freeradius_settings_resync();
 		freeradius_serverdefault_resync();
 		freeradius_clientcertcnf_resync();
 		freeradius_servercertcnf_resync();
-- 
cgit v1.2.3


From 2983d0330f2bad35af84a94d3ee139d706a89885 Mon Sep 17 00:00:00 2001
From: Nachtfalke <nachtfalkeaw@web.de>
Date: Thu, 29 Dec 2011 17:56:00 +0100
Subject: Update config/freeradius2/freeradius.inc

---
 config/freeradius2/freeradius.inc | 71 ++++++++++++++++++++++++++-------------
 1 file changed, 47 insertions(+), 24 deletions(-)

(limited to 'config/freeradius2')

diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc
index c4edf183..29d4cf12 100755
--- a/config/freeradius2/freeradius.inc
+++ b/config/freeradius2/freeradius.inc
@@ -1,4 +1,41 @@
 <?php
+/* copyright */
+/* ========================================================================== */
+/*
+	freeradius.inc
+	part of pfSense (http://www.pfSense.com)
+	Copyright (C) 2011 - 2012 Alexander Wilke <nachtfalkeaw@web.de>
+	All rights reserved.
+
+	Based on m0n0wall (http://m0n0.ch/wall)
+	Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+									      */
+/* ========================================================================== */
+/*
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+									      */
+/* ========================================================================== */
+
 require_once('config.inc');
 require_once('service-utils.inc');
 
@@ -83,14 +120,14 @@ function freeradius_settings_resync() {
 	
 	// Dis-/Enable SQL in "instatiate" section in "freeradius_settings_resync" and radiusd.conf
 	if ($sqlconf['varsqlconfincludeenable'] == 'Enable') {
-		$varsqlconfinclude = '\$INCLUDE sql.conf';
-		$varsqlconfincludecounter = '\$INCLUDE sql/mysql/counter.conf';
+		$varsqlconfinclude = '$INCLUDE sql.conf';
+		$varsqlconfincludecounter = '$INCLUDE sql/mysql/counter.conf';
 		$varsqlconfinstantiate = 'sql';
 	}
 
 	if ($sqlconf['varsqlconfincludeenable'] == 'Disable') {
-		$varsqlconfinclude = '#\$INCLUDE sql.conf';
-		$varsqlconfincludecounter = '#\$INCLUDE sql/mysql/counter.conf';
+		$varsqlconfinclude = '#$INCLUDE sql.conf';
+		$varsqlconfincludecounter = '#$INCLUDE sql/mysql/counter.conf';
 		$varsqlconfinstantiate = '#sql';
 	}
 
@@ -262,8 +299,6 @@ global $config;
 
 $conf = '';
 
-// Empty variables
-
 $arrusers = $config['installedpackages']['freeradius']['config'];
 
 if (is_array($arrusers) && !empty($arrusers)) {
@@ -285,7 +320,6 @@ if (is_array($arrusers) && !empty($arrusers)) {
 	$varuserstopadditionaloptions = '';
 	$varusersadditionaloptionstop = '';
 	
-	
 	if(!empty($users['varuserstopadditionaloptions'])) {
 		$varuserstopadditionaloptions = explode("|", ($users['varuserstopadditionaloptions']));
 		foreach ($varuserstopadditionaloptions as $toptmp) {
@@ -304,8 +338,6 @@ if (is_array($arrusers) && !empty($arrusers)) {
 			$varusersadditionaloptionsbottom .= $bottomtmp . "\n\t";
 		}
 	}
-	
-	
 
 	// Empty variable
 	$varusersmainoptions = '';
@@ -442,7 +474,7 @@ function freeradius_eapconf_resync() {
 	$vareapconfmaxsessions = ($eapconf['vareapconfmaxsessions']?$eapconf['vareapconfmaxsessions']:'4096');
 	
 	// Variables: EAP-TLS and EAP-TLS with OCSP support
-	$vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:'');
+	$vareapconfprivatekeypassword = ($eapconf['vareapconfprivatekeypassword']?$eapconf['vareapconfprivatekeypassword']:'whatever');
 	$vareapconfocspenable = ($eapconf['vareapconfocspenable']?$eapconf['vareapconfocspenable']:'no');
 	$vareapconfocspoverridecerturl = ($eapconf['vareapconfocspoverridecerturl']?$eapconf['vareapconfocspoverridecerturl']:'no');
 	$vareapconfocspurl = ($eapconf['vareapconfocspurl']?$eapconf['vareapconfocspurl']:'http://127.0.0.1/ocsp/');
@@ -665,7 +697,7 @@ function freeradius_sqlconf_resync() {
 	$varsqlconfreadclients = ($sqlconf['varsqlconfreadclients']?$sqlconf['varsqlconfreadclients']:'yes');
 	$varsqlconfnastable = ($sqlconf['varsqlconfnastable']?$sqlconf['varsqlconfnastable']:'nas');
 	
-	// For more information look at "freeradius_settings_resync"
+	// Additional changes were made in "freeradius_settings_resync"
 
 	$conf .= <<<EOD
 
@@ -719,16 +751,7 @@ function freeradius_serverdefault_resync() {
 	$varsqlconfenableaccounting = ($sqlconf['varsqlconfenableaccounting']?$sqlconf['varsqlconfenableaccounting']:'Disable');
 	$varsqlconfenablesession = ($sqlconf['varsqlconfenablesession']?$sqlconf['varsqlconfenablesession']:'Disable');
 	$varsqlconfenablepostauth = ($sqlconf['varsqlconfenablepostauth']?$sqlconf['varsqlconfenablepostauth']:'Disable');	
-	
-	
-	// Disable all sql sections if sql is global disabled
-	// if ($sqlconf['varsqlconfincludeenable'] == 'Disable') {
-	// $varsqlconfauthorize = '#sql';
-	// $varsqlconfaccounting = '#sql';
-	// $varsqlconfsession = 'radutmp';
-	// $varsqlconfpostauth = '#sql';
-	// }
-	
+
 	// authorize section
 	if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenableauthorize'] == 'Enable')) {
 	$varsqlconfauthorize = 'sql';
@@ -1689,7 +1712,7 @@ function freeradius_allcertcnf_resync() {
 
 	$arrcerts = $config['installedpackages']['freeradiuscerts']['config'][0];
 	
-	// General variable for deleting/further generation of Client-Cert
+	// General variable for deleting and generation of further Client-Cert
 	$varcertscreateclient = ($arrcerts['varcertscreateclient']?$arrcerts['varcertscreateclient']:'no');
 	
 	// General variables for deleting: CA, Server, Client
@@ -1722,14 +1745,14 @@ function freeradius_allcertcnf_resync() {
 		// tar client-cert files
 		exec("cd /usr/local/etc/raddb/certs && tar -cf client.tar client.crt client.csr client.key ca.der client.pem");
 		
-		// Make all files in certs folder re-only for root
+		// Make all files in certs folder read/write only for root
 		exec("chmod -R 0600 /usr/local/etc/raddb/certs/");
 		}
 
 		
 		if ($arrcerts['varcertsdeleteall'] == 'yes') {
 	
-		// delete all old certificates and keys
+		// delete all old certificates and keys - deletes certs from pfsense cert-manager IN THIS FOLDER, too.
 		exec("rm -f /usr/local/etc/raddb/certs/*.pem");
 		exec("rm -f /usr/local/etc/raddb/certs/*.der");
 		exec("rm -f /usr/local/etc/raddb/certs/*.csr");
-- 
cgit v1.2.3