LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

Merge pull request #2982 from oskar456/radsecproxy_ucified 

Radsecproxy ucified
lilik-openwrt-22.03
Toke Høiland-Jørgensen 9 years ago
committed by GitHub
parent
351babe8e3 a1d0525e27
commit
f43ed86a5a
3 changed files with 178 additions and 6 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +8
    -5
      net/radsecproxy/Makefile
  2. +43
    -0
      net/radsecproxy/files/radsecproxy.conf
  3. +127
    -1
      net/radsecproxy/files/radsecproxy.init

+ 8
- 5
net/radsecproxy/Makefile View File

@ -1,5 +1,5 @@
# #
# Copyright (C) 2008-2012 OpenWrt.org
# Copyright (C) 2008-2016 OpenWrt.org
# #
# This is free software, licensed under the GNU General Public License v2. # This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information. # See /LICENSE for more information.
@ -9,12 +9,15 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=radsecproxy PKG_NAME:=radsecproxy
PKG_VERSION:=1.6.7 PKG_VERSION:=1.6.7
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://software.uninett.no/radsecproxy/ PKG_SOURCE_URL:=http://software.uninett.no/radsecproxy/
PKG_MD5SUM:=d76cf4fc68515667b8c67387f5045150 PKG_MD5SUM:=d76cf4fc68515667b8c67387f5045150
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=LICENSE
PKG_INSTALL:=1 PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@ -43,14 +46,14 @@ TARGET_CFLAGS += -Wno-long-long
define Package/radsecproxy/install define Package/radsecproxy/install
$(INSTALL_DIR) $(1)/usr/sbin/ $(INSTALL_DIR) $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/radsecproxy $(1)/usr/sbin/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/radsecproxy $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/
$(CP) $(PKG_BUILD_DIR)/radsecproxy.conf-example $(1)/etc/radsecproxy.conf
$(INSTALL_DIR) $(1)/etc/config/
$(INSTALL_DATA) ./files/radsecproxy.conf $(1)/etc/config/radsecproxy
$(INSTALL_DIR) $(1)/etc/init.d/ $(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/radsecproxy.init $(1)/etc/init.d/radsecproxy $(INSTALL_BIN) ./files/radsecproxy.init $(1)/etc/init.d/radsecproxy
endef endef
define Package/radsecproxy/conffiles define Package/radsecproxy/conffiles
/etc/radsecproxy.conf
/etc/config/radsecproxy
endef endef
$(eval $(call BuildPackage,radsecproxy)) $(eval $(call BuildPackage,radsecproxy))


+ 43
- 0
net/radsecproxy/files/radsecproxy.conf View File

@ -0,0 +1,43 @@
# Sample radsecproxy configuration
#Basic options
config options
option include '/etc/radsecproxy.conf'
#option LogLevel '3'
#option LogDestination 'x-syslog:///'
#list ListenUDP '127.0.0.1:1812'
#list ListenTLS '0.0.0.0:2083'
#list ListenTLS '[::]:2083'
#config tls
# option name 'default'
# option CACertificatePath '/etc/ssl/certs'
# option certificateFile '/etc/ssl/certs/host.example.com.pem'
# option certificateKeyFile '/etc/ssl/private/host.example.com.key.pem'
#config client
# option name 'localhost'
# option type 'udp'
# option secret 'mysecret'
#config server
# option name '[2001:db8::1]'
# option type 'tls'
# option secret 'radsec'
# option statusServer '1'
# Please note that ordering of realm blocks is important
#config realm
# option name '/myabc\.com$'
# option replyMessage 'Misconfigured client: default realm of Intel PRO/Wireless supplicant!'
#
#config realm
# option name '/^$/'
# option replyMessage 'Misconfigured client: empty realm!'
#
#config realm
# option name '*'
# list server '[2001:db8::1]'

+ 127
- 1
net/radsecproxy/files/radsecproxy.init View File

@ -5,12 +5,138 @@ START=70
USE_PROCD=1 USE_PROCD=1
PROG=/usr/sbin/radsecproxy PROG=/usr/sbin/radsecproxy
CONFFILE=/etc/radsecproxy.conf
CONFFILE=/var/etc/radsecproxy.conf
LIST_SEP="
"
append_params() {
local param
local value
local section="$1"
shift
for param in $*; do
config_get value "$section" "$param"
[ -z "$value" ] && {
param=$(echo $param | tr [A-Z] [a-z])
config_get value "$section" "$param"
}
IFS="$LIST_SEP"
for value in $value; do
[ -n "$value" ] && echo " $param '$value'" >> "$CONFFILE"
done
unset IFS
done
}
append_bools() {
local param
local value
local section="$1"
shift
for param in $*; do
config_get_bool value "$section" "$param"
[ -z "$value" ] && {
param=$(echo $param | tr [A-Z] [a-z])
config_get_bool value "$section" "$param"
}
[ -n "$value" ] && {
[ "$value" -eq 0 ] && echo " $param off" >> "$CONFFILE"
[ "$value" -eq 1 ] && echo " $param on" >> "$CONFFILE"
}
done
}
radsecproxy_options() {
local cfg="$1"
append_params "$cfg" \
Include PidFile LogLevel LogDestination FTicksReporting FTicksMAC FTicksKey \
FTicksSyslogFacility ListenUDP ListenTCP ListenTLS ListenDTLS SourceUDP \
SourceTCP SourceTLS SourceDTLS TTLAttribute AddTTL
append_bools "$cfg" \
LoopPrevention IPv4Only IPv6Only
}
tls_block() {
local cfg="$1"
local name
config_get name "$cfg" name
echo "tls '$name' {" >> "$CONFFILE"
append_params "$cfg" \
Include CACertificateFile CACertificatePath certificateFile certificateKeyFile \
certificateKeyPassword cacheExpiry policyOID
append_bools "$cfg" \
CRLCheck
echo "}" >> "$CONFFILE"
}
rewrite_block() {
local cfg="$1"
local name
config_get name "$cfg" name
echo "rewrite '$name' {" >> "$CONFFILE"
append_params "$cfg" \
Include addAttribute addVendorAttribute removeAttribute removeVendorAttribute \
modifyAttribute
echo "}" >> "$CONFFILE"
}
client_block() {
local cfg="$1"
local name
config_get name "$cfg" name
echo "client '$name' {" >> "$CONFFILE"
append_params "$cfg" \
Include host type secret tls matchCertificateAttribute duplicateInterval \
AddTTL fticksVISCOUNTRY fticksVISINST rewrite rewriteIn rewriteOut \
rewriteAttribute
append_bools "$cfg" \
IPv4Only IPv6Only certificateNameCheck
echo "}" >> "$CONFFILE"
}
server_block() {
local cfg="$1"
local name
config_get name "$cfg" name
echo "server '$name' {" >> "$CONFFILE"
append_params "$cfg" \
Include host port type secret tls matchCertificateAttribute \
AddTTL rewrite rewriteIn rewriteOut retryCount dynamicLookupCommand \
retryInterval
append_bools "$cfg" \
IPv4Only IPv6Only certificateNameCheck statusServer LoopPrevention
echo "}" >> "$CONFFILE"
}
realm_block() {
local cfg="$1"
local name
config_get name "$cfg" name
echo "realm '$name' {" >> "$CONFFILE"
append_params "$cfg" \
Include server accountingServer replyMessage
append_bools "$cfg" \
accountingResponse
echo "}" >> "$CONFFILE"
}
start_service() { start_service() {
mkdir -p $(dirname $CONFFILE)
echo "# auto-generated config file from /etc/config/radsecproxy" > $CONFFILE
config_load 'radsecproxy'
config_foreach radsecproxy_options options
config_foreach tls_block tls
config_foreach rewrite_block rewrite
config_foreach client_block client
config_foreach server_block server
config_foreach realm_block realm
procd_open_instance procd_open_instance
procd_set_param command $PROG -f -c $CONFFILE procd_set_param command $PROG -f -c $CONFFILE
procd_set_param file $CONFFILE procd_set_param file $CONFFILE
procd_set_param respawn procd_set_param respawn
procd_close_instance procd_close_instance
} }
service_triggers() {
procd_add_reload_trigger 'radsecproxy'
}

Write Preview
Loading…
Cancel
Save