testing/freeradius3: move to main

1 files changed, 130 insertions, 0 deletions

diff --git a/main/freeradius3/freeradius3-301-default-config.patch b/main/freeradius3/freeradius3-301-default-config.patch
new file mode 100644
index 0000000000..dc30a6d436
--- /dev/null
+++ b/main/freeradius3/freeradius3-301-default-config.patch
@@ -0,0 +1,130 @@
+--- a/raddb/policy.d/accounting
++++ b/raddb/policy.d/accounting
+@@ -34,7 +34,7 @@
+ 	#
+ 	if("%{string:Class}" =~ /${policy.class_value_prefix}([0-9a-f]{32})/i) {
+ 		update request {
+-			Acct-Unique-Session-Id := "%{md5:%{1},%{Acct-Session-ID}}"
++			&Acct-Unique-Session-Id := "%{md5:%{1},%{Acct-Session-ID}}"
+ 		}
+ 	}
+ 
+@@ -46,7 +46,7 @@
+ 	#
+ 	else {
+ 		update request {
+-			Acct-Unique-Session-Id := "%{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}"
++			&Acct-Unique-Session-Id := "%{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}"
+ 		 }
+ 	}
+ }
+@@ -65,8 +65,8 @@
+ #
+ acct_counters64.preacct {
+ 	update request {
+-		Acct-Input-Octets64 = "%{expr:(%{%{Acct-Input-Gigawords}:-0} * 4294967296) + %{%{Acct-Input-Octets}:-0}}"
+-		Acct-Output-Octets64 = "%{expr:(%{%{Acct-Output-Gigawords}:-0} * 4294967296) + %{%{Acct-Output-Octets}:-0}}"
++		&Acct-Input-Octets64 = "%{expr:(%{%{Acct-Input-Gigawords}:-0} * 4294967296) + %{%{Acct-Input-Octets}:-0}}"
++		&Acct-Output-Octets64 = "%{expr:(%{%{Acct-Output-Gigawords}:-0} * 4294967296) + %{%{Acct-Output-Octets}:-0}}"
+ 	}
+ }
+ 
+--- a/raddb/policy.d/eap
++++ b/raddb/policy.d/eap
+@@ -76,7 +76,7 @@
+ remove_reply_message_if_eap {
+ 	if(reply:EAP-Message && reply:Reply-Message) {
+ 		update reply {
+-			Reply-Message !* ANY
++			&Reply-Message !* ANY
+ 		}
+ 	}
+ 	else {
+--- a/raddb/radiusd.conf.in
++++ b/raddb/radiusd.conf.in
+@@ -415,8 +415,8 @@
+ 	#  member.  This can allow for some finer-grained access
+ 	#  controls.
+ 	#
+-#	user = radius
+-#	group = radius
++	user = radius
++	group = radius
+ 
+ 	#  Core dumps are a bad thing.  This should only be set to
+ 	#  'yes' if you're debugging a problem with the server.
+--- a/raddb/sites-available/default
++++ b/raddb/sites-available/default
+@@ -314,9 +314,9 @@
+ 	#  for the many packets that go back and forth to set up TTLS
+ 	#  or PEAP.  The load on those servers will therefore be reduced.
+ 	#
+-	eap {
+-		ok = return
+-	}
++#	eap {
++#		ok = return
++#	}
+ 
+ 	#
+ 	#  Pull crypt'd passwords from /etc/passwd or /etc/shadow,
+@@ -457,7 +457,7 @@
+ 
+ 	#
+ 	#  Allow EAP authentication.
+-	eap
++#	eap
+ 
+ 	#
+ 	#  The older configurations sent a number of attributes in
+@@ -748,7 +748,7 @@
+ 		# Insert EAP-Failure message if the request was
+ 		# rejected by policy instead of because of an
+ 		# authentication failure
+-		eap
++#		eap
+ 
+ 		#  Remove reply message if the response contains an EAP-Message
+ 		remove_reply_message_if_eap
+@@ -817,7 +817,7 @@
+ 	#  hidden inside of the EAP packet, and the end server will
+ 	#  reject the EAP request.
+ 	#
+-	eap
++#	eap
+ 
+ 	#
+ 	#  If the server tries to proxy a request and fails, then the
+--- a/raddb/sites-available/inner-tunnel
++++ b/raddb/sites-available/inner-tunnel
+@@ -116,9 +116,9 @@
+ 	#  for the many packets that go back and forth to set up TTLS
+ 	#  or PEAP.  The load on those servers will therefore be reduced.
+ 	#
+-	eap {
+-		ok = return
+-	}
++#	eap {
++#		ok = return
++#	}
+ 
+ 	#
+ 	#  Read the 'users' file
+@@ -227,7 +227,7 @@
+ 
+ 	#
+ 	#  Allow EAP authentication.
+-	eap
++#	eap
+ }
+ 
+ ######################################################################
+@@ -380,7 +380,7 @@
+ 	#  hidden inside of the EAP packet, and the end server will
+ 	#  reject the EAP request.
+ 	#
+-	eap
++#	eap
+ 
+ 	#
+ 	#  If the server tries to proxy a request and fails, then the