projects / openwrt.git / blob
? search:


e75d2efd6a1a8db958c500fc07c86fae657a43e2
[openwrt.git] / package / freeradius / patches / freeradius-1.0.2-config.patch
1 diff -ruN freeradius-1.0.2-orig/raddb/eap.conf freeradius-1.0.2-2/raddb/eap.conf
2 --- freeradius-1.0.2-orig/raddb/eap.conf 2004-04-15 20:34:41.000000000 +0200
3 +++ freeradius-1.0.2-2/raddb/eap.conf 2005-03-13 23:05:13.000000000 +0100
4 @@ -72,8 +72,8 @@
5 # User-Password, or the NT-Password attributes.
6 # 'System' authentication is impossible with LEAP.
7 #
8 - leap {
9 - }
10 +# leap {
11 +# }
12
13 # Generic Token Card.
14 #
15 @@ -86,7 +86,7 @@
16 # the users password will go over the wire in plain-text,
17 # for anyone to see.
18 #
19 - gtc {
20 +# gtc {
21 # The default challenge, which many clients
22 # ignore..
23 #challenge = "Password: "
24 @@ -103,8 +103,8 @@
25 # configured for the request, and do the
26 # authentication itself.
27 #
28 - auth_type = PAP
29 - }
30 +# auth_type = PAP
31 +# }
32
33 ## EAP-TLS
34 #
35 @@ -272,7 +272,7 @@
36 # of MS-CHAPv2 in EAP by Cisco, which FreeRADIUS does not
37 # currently support.
38 #
39 - mschapv2 {
40 - }
41 +# mschapv2 {
42 +# }
43 }
44
45 diff -ruN freeradius-1.0.2-orig/raddb/radiusd.conf.in freeradius-1.0.2-2/raddb/radiusd.conf.in
46 --- freeradius-1.0.2-orig/raddb/radiusd.conf.in 2005-02-07 20:52:05.000000000 +0100
47 +++ freeradius-1.0.2-2/raddb/radiusd.conf.in 2005-03-13 23:05:13.000000000 +0100
48 @@ -31,13 +31,13 @@
49
50 # Location of config and logfiles.
51 confdir = ${raddbdir}
52 -run_dir = ${localstatedir}/run/radiusd
53 +run_dir = ${localstatedir}/run
54
55 #
56 # The logging messages for the server are appended to the
57 # tail of this file.
58 #
59 -log_file = ${logdir}/radius.log
60 +log_file = ${localstatedir}/log/radiusd.log
61
62 #
63 # libdir: Where to find the rlm_* modules.
64 @@ -353,7 +353,7 @@
65 nospace_pass = no
66
67 # The program to execute to do concurrency checks.
68 -checkrad = ${sbindir}/checkrad
69 +#checkrad = ${sbindir}/checkrad
70
71 # SECURITY CONFIGURATION
72 #
73 @@ -425,8 +425,8 @@
74 #
75 # allowed values: {no, yes}
76 #
77 -proxy_requests = yes
78 -$INCLUDE ${confdir}/proxy.conf
79 +proxy_requests = no
80 +#$INCLUDE ${confdir}/proxy.conf
81
82
83 # CLIENTS CONFIGURATION
84 @@ -454,7 +454,7 @@
85 # 'snmp' attribute to 'yes'
86 #
87 snmp = no
88 -$INCLUDE ${confdir}/snmp.conf
89 +#$INCLUDE ${confdir}/snmp.conf
90
91
92 # THREAD POOL CONFIGURATION
93 @@ -657,7 +657,7 @@
94 # For all EAP related authentications.
95 # Now in another file, because it is very large.
96 #
97 -$INCLUDE ${confdir}/eap.conf
98 +# $INCLUDE ${confdir}/eap.conf
99
100 # Microsoft CHAP authentication
101 #
102 @@ -1034,7 +1034,7 @@
103 #
104 files {
105 usersfile = ${confdir}/users
106 - acctusersfile = ${confdir}/acct_users
107 +# acctusersfile = ${confdir}/acct_users
108
109 # If you want to use the old Cistron 'users' file
110 # with FreeRADIUS, you should change the next line
111 @@ -1167,7 +1167,7 @@
112 # For MS-SQL, use: ${confdir}/mssql.conf
113 # For Oracle, use: ${confdir}/oraclesql.conf
114 #
115 - $INCLUDE ${confdir}/sql.conf
116 +# $INCLUDE ${confdir}/sql.conf
117
118
119 # For Cisco VoIP specific accounting with Postgresql,
120 @@ -1535,7 +1535,7 @@
121 # The entire command line (and output) must fit into 253 bytes.
122 #
123 # e.g. Framed-Pool = `%{exec:/bin/echo foo}`
124 - exec
125 +# exec
126
127 #
128 # The expression module doesn't do authorization,
129 @@ -1548,7 +1548,7 @@
130 # listed in any other section. See 'doc/rlm_expr' for
131 # more information.
132 #
133 - expr
134 +# expr
135
136 #
137 # We add the counter module here so that it registers
138 @@ -1575,7 +1575,7 @@
139 # 'raddb/huntgroups' files.
140 #
141 # It also adds the %{Client-IP-Address} attribute to the request.
142 - preprocess
143 +# preprocess
144
145 #
146 # If you want to have a log of authentication requests,
147 @@ -1588,7 +1588,7 @@
148 #
149 # The chap module will set 'Auth-Type := CHAP' if we are
150 # handling a CHAP request and Auth-Type has not already been set
151 - chap
152 +# chap
153
154 #
155 # If the users are logging in with an MS-CHAP-Challenge
156 @@ -1596,7 +1596,7 @@
157 # the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP'
158 # to the request, which will cause the server to then use
159 # the mschap module for authentication.
160 - mschap
161 +# mschap
162
163 #
164 # If you have a Cisco SIP server authenticating against
165 @@ -1616,7 +1616,7 @@
166 # Otherwise, when the first style of realm doesn't match,
167 # the other styles won't be checked.
168 #
169 - suffix
170 +# suffix
171 # ntdomain
172
173 #
174 @@ -1625,11 +1625,11 @@
175 #
176 # It also sets the EAP-Type attribute in the request
177 # attribute list to the EAP type from the packet.
178 - eap
179 +# eap
180
181 #
182 # Read the 'users' file
183 - files
184 +# files
185
186 #
187 # Look in an SQL database. The schema of the database
188 @@ -1683,24 +1683,24 @@
189 # PAP authentication, when a back-end database listed
190 # in the 'authorize' section supplies a password. The
191 # password can be clear-text, or encrypted.
192 - Auth-Type PAP {
193 - pap
194 - }
195 +# Auth-Type PAP {
196 +# pap
197 +# }
198
199 #
200 # Most people want CHAP authentication
201 # A back-end database listed in the 'authorize' section
202 # MUST supply a CLEAR TEXT password. Encrypted passwords
203 # won't work.
204 - Auth-Type CHAP {
205 - chap
206 - }
207 +# Auth-Type CHAP {
208 +# chap
209 +# }
210
211 #
212 # MSCHAP authentication.
213 - Auth-Type MS-CHAP {
214 - mschap
215 - }
216 +# Auth-Type MS-CHAP {
217 +# mschap
218 +# }
219
220 #
221 # If you have a Cisco SIP server authenticating against
222 @@ -1718,7 +1718,7 @@
223 # containing CHAP-Password attributes CANNOT be authenticated
224 # against /etc/passwd! See the FAQ for details.
225 #
226 - unix
227 +# unix
228
229 # Uncomment it if you want to use ldap for authentication
230 #
231 @@ -1731,7 +1731,7 @@
232
233 #
234 # Allow EAP authentication.
235 - eap
236 +# eap
237 }
238
239
240 @@ -1739,12 +1739,12 @@
241 # Pre-accounting. Decide which accounting type to use.
242 #
243 preacct {
244 - preprocess
245 +# preprocess
246
247 #
248 # Ensure that we have a semi-unique identifier for every
249 # request, and many NAS boxes are broken.
250 - acct_unique
251 +# acct_unique
252
253 #
254 # Look for IPASS-style 'realm/', and if not found, look for
255 @@ -1754,12 +1754,12 @@
256 # Accounting requests are generally proxied to the same
257 # home server as authentication requests.
258 # IPASS
259 - suffix
260 +# suffix
261 # ntdomain
262
263 #
264 # Read the 'acct_users' file
265 - files
266 +# files
267 }
268
269 #
270 @@ -1770,20 +1770,20 @@
271 # Create a 'detail'ed log of the packets.
272 # Note that accounting requests which are proxied
273 # are also logged in the detail file.
274 - detail
275 +# detail
276 # daily
277
278 # Update the wtmp file
279 #
280 # If you don't use "radlast", you can delete this line.
281 - unix
282 +# unix
283
284 #
285 # For Simultaneous-Use tracking.
286 #
287 # Due to packet losses in the network, the data here
288 # may be incorrect. There is little we can do about it.
289 - radutmp
290 +# radutmp
291 # sradutmp
292
293 # Return an address to the IP Pool when we see a stop record.
294 @@ -1806,7 +1806,7 @@
295 # or rlm_sql module can handle this.
296 # The rlm_sql module is *much* faster
297 session {
298 - radutmp
299 +# radutmp
300
301 #
302 # See "Simultaneous Use Checking Querie" in sql.conf
303 @@ -1900,5 +1900,5 @@
304 # hidden inside of the EAP packet, and the end server will
305 # reject the EAP request.
306 #
307 - eap
308 +# eap
309 }
Personal OpenWRT clone
This page took 0.060013 seconds and 3 git commands to generate.