1 diff -ruN freeradius-1.0.4-old/raddb/eap.conf freeradius-1.0.4-new/raddb/eap.conf
2 --- freeradius-1.0.4-old/raddb/eap.conf 2004-04-15 20:34:41.000000000 +0200
3 +++ freeradius-1.0.4-new/raddb/eap.conf 2005-06-18 18:53:06.000000000 +0200
5 # User-Password, or the NT-Password attributes.
6 # 'System' authentication is impossible with LEAP.
16 # the users password will go over the wire in plain-text,
21 # The default challenge, which many clients
23 #challenge = "Password: "
25 # configured for the request, and do the
26 # authentication itself.
36 # of MS-CHAPv2 in EAP by Cisco, which FreeRADIUS does not
45 diff -ruN freeradius-1.0.4-old/raddb/radiusd.conf.in freeradius-1.0.4-new/raddb/radiusd.conf.in
46 --- freeradius-1.0.4-old/raddb/radiusd.conf.in 2005-06-12 00:20:40.000000000 +0200
47 +++ freeradius-1.0.4-new/raddb/radiusd.conf.in 2005-06-18 18:53:32.000000000 +0200
50 # Location of config and logfiles.
52 -run_dir = ${localstatedir}/run/radiusd
53 +run_dir = ${localstatedir}/run
56 # The logging messages for the server are appended to the
59 -log_file = ${logdir}/radius.log
60 +log_file = ${localstatedir}/log/radiusd.log
63 # libdir: Where to find the rlm_* modules.
67 # The program to execute to do concurrency checks.
68 -checkrad = ${sbindir}/checkrad
69 +#checkrad = ${sbindir}/checkrad
71 # SECURITY CONFIGURATION
75 # allowed values: {no, yes}
78 -$INCLUDE ${confdir}/proxy.conf
80 +#$INCLUDE ${confdir}/proxy.conf
83 # CLIENTS CONFIGURATION
85 # 'snmp' attribute to 'yes'
88 -$INCLUDE ${confdir}/snmp.conf
89 +#$INCLUDE ${confdir}/snmp.conf
92 # THREAD POOL CONFIGURATION
94 # For all EAP related authentications.
95 # Now in another file, because it is very large.
97 -$INCLUDE ${confdir}/eap.conf
98 +# $INCLUDE ${confdir}/eap.conf
100 # Microsoft CHAP authentication
102 @@ -1034,8 +1034,8 @@
105 usersfile = ${confdir}/users
106 - acctusersfile = ${confdir}/acct_users
107 - preproxy_usersfile = ${confdir}/preproxy_users
108 +# acctusersfile = ${confdir}/acct_users
109 +# preproxy_usersfile = ${confdir}/preproxy_users
111 # If you want to use the old Cistron 'users' file
112 # with FreeRADIUS, you should change the next line
113 @@ -1168,7 +1168,7 @@
114 # For MS-SQL, use: ${confdir}/mssql.conf
115 # For Oracle, use: ${confdir}/oraclesql.conf
117 - $INCLUDE ${confdir}/sql.conf
118 +# $INCLUDE ${confdir}/sql.conf
121 # For Cisco VoIP specific accounting with Postgresql,
122 @@ -1536,7 +1536,7 @@
123 # The entire command line (and output) must fit into 253 bytes.
125 # e.g. Framed-Pool = `%{exec:/bin/echo foo}`
130 # The expression module doesn't do authorization,
131 @@ -1549,7 +1549,7 @@
132 # listed in any other section. See 'doc/rlm_expr' for
139 # We add the counter module here so that it registers
140 @@ -1576,7 +1576,7 @@
141 # 'raddb/huntgroups' files.
143 # It also adds the %{Client-IP-Address} attribute to the request.
148 # If you want to have a log of authentication requests,
149 @@ -1589,7 +1589,7 @@
151 # The chap module will set 'Auth-Type := CHAP' if we are
152 # handling a CHAP request and Auth-Type has not already been set
157 # If the users are logging in with an MS-CHAP-Challenge
158 @@ -1597,7 +1597,7 @@
159 # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP'
160 # to the request, which will cause the server to then use
161 # the mschap module for authentication.
166 # If you have a Cisco SIP server authenticating against
167 @@ -1617,7 +1617,7 @@
168 # Otherwise, when the first style of realm doesn't match,
169 # the other styles won't be checked.
176 @@ -1626,11 +1626,11 @@
178 # It also sets the EAP-Type attribute in the request
179 # attribute list to the EAP type from the packet.
184 # Read the 'users' file
189 # Look in an SQL database. The schema of the database
190 @@ -1684,24 +1684,24 @@
191 # PAP authentication, when a back-end database listed
192 # in the 'authorize' section supplies a password. The
193 # password can be clear-text, or encrypted.
202 # Most people want CHAP authentication
203 # A back-end database listed in the 'authorize' section
204 # MUST supply a CLEAR TEXT password. Encrypted passwords
214 # MSCHAP authentication.
215 - Auth-Type MS-CHAP {
218 +# Auth-Type MS-CHAP {
223 # If you have a Cisco SIP server authenticating against
224 @@ -1719,7 +1719,7 @@
225 # containing CHAP-Password attributes CANNOT be authenticated
226 # against /etc/passwd! See the FAQ for details.
231 # Uncomment it if you want to use ldap for authentication
233 @@ -1732,7 +1732,7 @@
236 # Allow EAP authentication.
242 @@ -1740,12 +1740,12 @@
243 # Pre-accounting. Decide which accounting type to use.
250 # Ensure that we have a semi-unique identifier for every
251 # request, and many NAS boxes are broken.
256 # Look for IPASS-style 'realm/', and if not found, look for
257 @@ -1755,12 +1755,12 @@
258 # Accounting requests are generally proxied to the same
259 # home server as authentication requests.
266 # Read the 'acct_users' file
272 @@ -1771,20 +1771,20 @@
273 # Create a 'detail'ed log of the packets.
274 # Note that accounting requests which are proxied
275 # are also logged in the detail file.
280 # Update the wtmp file
282 # If you don't use "radlast", you can delete this line.
287 # For Simultaneous-Use tracking.
289 # Due to packet losses in the network, the data here
290 # may be incorrect. There is little we can do about it.
295 # Return an address to the IP Pool when we see a stop record.
296 @@ -1807,7 +1807,7 @@
297 # or rlm_sql module can handle this.
298 # The rlm_sql module is *much* faster
304 # See "Simultaneous Use Checking Querie" in sql.conf
305 @@ -1904,5 +1904,5 @@
306 # hidden inside of the EAP packet, and the end server will
307 # reject the EAP request.