diff --git a/root/etc/dnf/plugins/post-transaction-actions.d/radius.action b/root/etc/dnf/plugins/post-transaction-actions.d/radius.action new file mode 100644 index 0000000..948884c --- /dev/null +++ b/root/etc/dnf/plugins/post-transaction-actions.d/radius.action @@ -0,0 +1 @@ +freeradius*:any:/sbin/e-smith/signal-event smeserver-radius-update diff --git a/root/etc/e-smith/templates.metadata/etc/radiusclient/dictionary b/root/etc/e-smith/templates.metadata/etc/radiusclient/dictionary new file mode 100644 index 0000000..bb0d29c --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/radiusclient/dictionary @@ -0,0 +1 @@ +TEMPLATE_PATH="/usr/share/radiusclient/dictionary" diff --git a/root/etc/e-smith/templates/usr/share/radiusclient-ng/dictionary b/root/etc/e-smith/templates/usr/share/radiusclient/dictionary similarity index 72% rename from root/etc/e-smith/templates/usr/share/radiusclient-ng/dictionary rename to root/etc/e-smith/templates/usr/share/radiusclient/dictionary index 40381b9..5f3a93e 100644 --- a/root/etc/e-smith/templates/usr/share/radiusclient-ng/dictionary +++ b/root/etc/e-smith/templates/usr/share/radiusclient/dictionary @@ -75,22 +75,67 @@ ATTRIBUTE Acct-Output-Packets 48 integer ATTRIBUTE Acct-Terminate-Cause 49 integer ATTRIBUTE Acct-Multi-Session-Id 50 string ATTRIBUTE Acct-Link-Count 51 integer +TTRIBUTE Acct-Input-Gigawords 52 integer +ATTRIBUTE Acct-Output-Gigawords 53 integer ATTRIBUTE Event-Timestamp 55 integer +ATTRIBUTE Egress-VLANID 56 string +ATTRIBUTE Ingress-Filters 57 integer +ATTRIBUTE Egress-VLAN-Name 58 string +ATTRIBUTE User-Priority-Table 59 string ATTRIBUTE CHAP-Challenge 60 string ATTRIBUTE NAS-Port-Type 61 integer ATTRIBUTE Port-Limit 62 integer ATTRIBUTE Login-LAT-Port 63 integer +ATTRIBUTE Tunnel-Type 64 string +ATTRIBUTE Tunnel-Medium-Type 65 string +ATTRIBUTE Tunnel-Client-Endpoint 66 string +ATTRIBUTE Tunnel-Server-Endpoint 67 string +ATTRIBUTE Acct-Tunnel-Connection 68 string +ATTRIBUTE Tunnel-Password 69 string +ATTRIBUTE ARAP-Password 70 string +ATTRIBUTE ARAP-Features 71 string +ATTRIBUTE ARAP-Zone-Access 72 integer +ATTRIBUTE ARAP-Security 73 integer +ATTRIBUTE ARAP-Security-Data 74 string +ATTRIBUTE Password-Retry 75 integer +ATTRIBUTE Prompt 76 integer ATTRIBUTE Connect-Info 77 string +ATTRIBUTE Configuration-Token 78 string +ATTRIBUTE EAP-Message 79 string +ATTRIBUTE Message-Authenticator 80 string +ATTRIBUTE Tunnel-Private-Group-ID 81 string +ATTRIBUTE Tunnel-Assignment-ID 82 string +ATTRIBUTE Tunnel-Preference 83 string +ATTRIBUTE ARAP-Challenge-Response 84 string +ATTRIBUTE Acct-Interim-Interval 85 integer +ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer +ATTRIBUTE NAS-Port-Id-String 87 string +ATTRIBUTE Framed-Pool 88 string +ATTRIBUTE Chargeable-User-Identity 89 string +ATTRIBUTE Tunnel-Client-Auth-ID 90 string +ATTRIBUTE Tunnel-Server-Auth-ID 91 string +ATTRIBUTE NAS-Filter-Rule 92 string +ATTRIBUTE Originating-Line-Info 94 string # # RFC3162 IPv6 attributes # -ATTRIBUTE NAS-IPv6-Address 95 string +ATTRIBUTE NAS-IPv6-Address 95 ipv6addr ATTRIBUTE Framed-Interface-Id 96 string -ATTRIBUTE Framed-IPv6-Prefix 97 string -ATTRIBUTE Login-IPv6-Host 98 string +ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix +ATTRIBUTE Login-IPv6-Host 98 ipv6addr ATTRIBUTE Framed-IPv6-Route 99 string ATTRIBUTE Framed-IPv6-Pool 100 string +ATTRIBUTE Error-Cause 101 integer +ATTRIBUTE EAP-Key-Name 102 string + +# +# RFC6911 IPv6 attributes +# +ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix +ATTRIBUTE Framed-IPv6-Address 168 ipv6addr +ATTRIBUTE DNS-Server-IPv6-Address 169 ipv6addr +ATTRIBUTE Route-IPv6-Information 170 ipv6prefix # # Experimental Non Protocol Attributes used by Cistron-Radiusd @@ -133,11 +178,19 @@ VALUE Service-Type Callback-Framed-User 4 VALUE Service-Type Outbound-User 5 VALUE Service-Type Administrative-User 6 VALUE Service-Type NAS-Prompt-User 7 +VALUE Service-Type Authenticate-Only 8 +VALUE Service-Type Callback-NAS-Prompt 9 +VALUE Service-Type Call-Check 10 +VALUE Service-Type Callback-Administrative 11 # Framed Protocols VALUE Framed-Protocol PPP 1 VALUE Framed-Protocol SLIP 2 +VALUE Framed-Protocol ARAP 3 +VALUE Framed-Protocol GANDALF-SLMLP 4 +VALUE Framed-Protocol XYLOGICS-IPX-SLIP 5 +VALUE Framed-Protocol X75 6 # Framed Routing Values @@ -150,6 +203,8 @@ VALUE Framed-Routing Broadcast-Listen 3 VALUE Framed-Compression None 0 VALUE Framed-Compression Van-Jacobson-TCP-IP 1 +VALUE Framed-Compression IPX-Header 2 +VALUE Framed-Compression Stac-LZS 3 # Login Services @@ -157,6 +212,10 @@ VALUE Login-Service Telnet 0 VALUE Login-Service Rlogin 1 VALUE Login-Service TCP-Clear 2 VALUE Login-Service PortMaster 3 +VALUE Login-Service LAT 4 +VALUE Login-Service X.25-PAD 5 +VALUE Login-Service X.25-T3POS 6 +VALUE Login-Service TCP-Clear-Quiet 8 # Status Types @@ -170,6 +229,7 @@ VALUE Acct-Status-Type Accounting-Off 8 VALUE Acct-Authentic RADIUS 1 VALUE Acct-Authentic Local 2 +VALUE Acct-Authentic Remote 3 VALUE Acct-Authentic PowerLink128 100 # Termination Options @@ -184,6 +244,17 @@ VALUE NAS-Port-Type Sync 1 VALUE NAS-Port-Type ISDN 2 VALUE NAS-Port-Type ISDN-V120 3 VALUE NAS-Port-Type ISDN-V110 4 +VALUE NAS-Port-Type Virtual 5 +VALUE NAS-Port-Type PIAFS 6 +VALUE NAS-Port-Type HDLC-Clear-Channel 7 +VALUE NAS-Port-Type X.25 8 +VALUE NAS-Port-Type X.75 9 +VALUE NAS-Port-Type G.3-Fax 10 +VALUE NAS-Port-Type SDSL 11 +VALUE NAS-Port-Type ADSL-CAP 12 +VALUE NAS-Port-Type ADSL-DMT 13 +VALUE NAS-Port-Type IDSL 14 +VALUE NAS-Port-Type Ethernet 15 # Acct Terminate Causes, available in 3.3.2 and later diff --git a/root/etc/e-smith/templates/usr/share/radiusclient-ng/dictionary.microsoft b/root/etc/e-smith/templates/usr/share/radiusclient/dictionary.microsoft similarity index 100% rename from root/etc/e-smith/templates/usr/share/radiusclient-ng/dictionary.microsoft rename to root/etc/e-smith/templates/usr/share/radiusclient/dictionary.microsoft diff --git a/root/sbin/e-smith/systemd/radiusd-configure b/root/sbin/e-smith/systemd/radiusd-configure index 75f48ff..1f6144c 100644 --- a/root/sbin/e-smith/systemd/radiusd-configure +++ b/root/sbin/e-smith/systemd/radiusd-configure @@ -2,9 +2,9 @@ # Ensure that PRNG is adequately seeded. [ -s /etc/raddb/certs/dh ] ||\ - /usr/local/bin/envuidgid stunnel \ - /usr/bin/openssl gendh > /etc/raddb/certs/dh + /usr/bin/envuidgid stunnel \ + /usr/bin/openssl dhparam -out /etc/raddb/certs/dh 2048 [ -s /etc/raddb/certs/random ] ||\ - /usr/local/bin/envuidgid stunnel \ + /usr/bin/envuidgid stunnel \ /bin/dd if=/dev/urandom of=/etc/raddb/certs/random bs=1k count=1 diff --git a/smeserver-radiusd.spec b/smeserver-radiusd.spec index 9b85b8b..232c5c8 100644 --- a/smeserver-radiusd.spec +++ b/smeserver-radiusd.spec @@ -4,7 +4,7 @@ Summary: smeserver server and gateway - configure PPTP inbound VPN %define name smeserver-radiusd Name: %{name} %define version 11.0.0 -%define release 6 +%define release 7 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -28,6 +28,10 @@ Provides: e-smith-radiusd smeserver server and gateway - configure radius server %changelog +* Mon Apr 15 2024 Jean-Philippe Pialasse 11.0.0-7.sme +- rewrite radiusd-configure [SME: 12624] +- move forgotten templates [SME: 12623] + * Sat Apr 13 2024 Jean-Philippe Pialasse 11.0.0-6.sme - change path from radiusclient-ng to radiusclient [SME: 12526] - update tmpfiles.d [SME: 12584]