From: Alan T. DeKok Date: Thu, 6 Apr 2023 17:03:36 +0000 (-0400) Subject: add accounting, and do minor cleanups X-Git-Tag: release_3_2_3~88 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=85492f56e2cb088bf1f98c61aa2a7e303c979705;p=thirdparty%2Ffreeradius-server.git add accounting, and do minor cleanups --- diff --git a/src/tests/tls/README.md b/src/tests/tls/README.md index e614c5905b..e0cb6867ed 100644 --- a/src/tests/tls/README.md +++ b/src/tests/tls/README.md @@ -32,3 +32,9 @@ Send 500,000 packets: ./radclient.sh -c 500000 ``` +You can also send accounting packets: + +``` +./radacct.sh +``` + diff --git a/src/tests/tls/acct b/src/tests/tls/acct new file mode 100644 index 0000000000..c246714d1d --- /dev/null +++ b/src/tests/tls/acct @@ -0,0 +1,7 @@ +User-Name = "bob" +Acct-Session-Id := "0000" +Acct-Status-Type = Start +Called-Station-Id := "00:01:02:03" +Calling-Station-Id := "04:05:06:07" +Message-Authenticator = 0x00 +Framed-IP-Address = 127.0.0.1 diff --git a/src/tests/tls/home/radiusd.conf b/src/tests/tls/home/radiusd.conf index 46e66a85f4..d38c4f1e2c 100644 --- a/src/tests/tls/home/radiusd.conf +++ b/src/tests/tls/home/radiusd.conf @@ -27,6 +27,8 @@ thread pool { # Referenced by some modules for default thread pool configuration # modules { + +$INCLUDE ${raddb}/mods-available/always } clients radsec { @@ -60,10 +62,44 @@ listen { } } +listen { + type = acct + + ipaddr = 127.0.0.1 + port = 2084 + proto = tcp + + clients = radsec + + virtual_server = default + + tls { + private_key_password = whatever + private_key_file = ${certdir}/server.pem + certificate_file = ${certdir}/server.pem + ca_file = ${cadir}/ca.pem + fragment_size = 8192 + ca_path = ${cadir} + cipher_list = "DEFAULT" + tls_min_version = "1.3" + tls_max_version = "1.3" + } +} + server default { authorize { update control { Auth-Type := accept } } + + preacct { + update control { + Response-Packet-Type := Accounting-Response + } + } + + acct { + ok + } } diff --git a/src/tests/tls/proxy/proxy.conf b/src/tests/tls/proxy/proxy.conf index 56b345340e..bb8ec1ea72 100644 --- a/src/tests/tls/proxy/proxy.conf +++ b/src/tests/tls/proxy/proxy.conf @@ -27,3 +27,33 @@ home_server_pool home { type = fail-over home_server = home } + +home_server home_acct { + ipaddr = 127.0.0.1 + port = 2084 + type = acct + secret = radsec + proto = tcp + status_check = none + +# nonblock = yes + + revive_interval = 10 + + tls { + private_key_password = whatever + private_key_file = ${certdir}/client.pem + certificate_file = ${certdir}/client.pem + ca_file = ${cadir}/ca.pem + fragment_size = 8192 + ca_path = ${cadir} + cipher_list = "DEFAULT" + tls_min_version = "1.3" + tls_max_version = "1.3" + } +} + +home_server_pool home_acct { + type = fail-over + home_server = home_acct +} diff --git a/src/tests/tls/proxy/radiusd.conf b/src/tests/tls/proxy/radiusd.conf index 605d531e55..89a14bb59e 100644 --- a/src/tests/tls/proxy/radiusd.conf +++ b/src/tests/tls/proxy/radiusd.conf @@ -39,10 +39,25 @@ listen { virtual_server = default } +listen { + type = acct + ipaddr = 127.0.0.1 + port = 1813 + proto = udp + virtual_server = default +} + + server default { authorize { update control { &Home-Server-Pool = "home" } } + + preacct { + update control { + &Home-Server-Pool = "home_acct" + } + } } diff --git a/src/tests/tls/radacct.sh b/src/tests/tls/radacct.sh new file mode 100755 index 0000000000..e00b4829a2 --- /dev/null +++ b/src/tests/tls/radacct.sh @@ -0,0 +1,7 @@ +#!/bin/sh +. $(dirname $0)/common.sh + +# +# Run radclient acct +# +exec $DIR/build/make/jlibtool --mode=execute $FR_DEBUGGER $DIR/build/bin/local/radclient -d $(dirname $0)/home -D $DIR/share/ -f acct $@ localhost acct testing123 diff --git a/src/tests/tls/radclient.sh b/src/tests/tls/radclient.sh index 4b38168ba7..49f83b25ae 100755 --- a/src/tests/tls/radclient.sh +++ b/src/tests/tls/radclient.sh @@ -1,14 +1,7 @@ #!/bin/sh +. $(dirname $0)/common.sh # -# Run the home server. +# Run radclient auth # - -DIR=$(dirname $0)/../../.. -PROGRAM=$(basename $0) - -export RADDB=$DIR/raddb -export TEST_PATH=$(dirname $0)/ -export LIB_PATH=$DIR/build/lib/local/ - exec $DIR/build/make/jlibtool --mode=execute $FR_DEBUGGER $DIR/build/bin/local/radclient -d $(dirname $0)/home -D $DIR/share/ -f user_password $@ localhost auth testing123 diff --git a/src/tests/tls/radiusd-home.sh b/src/tests/tls/radiusd-home.sh index fb1f6780c0..ea2e694233 100755 --- a/src/tests/tls/radiusd-home.sh +++ b/src/tests/tls/radiusd-home.sh @@ -1,14 +1,7 @@ #!/bin/sh +. $(dirname $0)/common.sh # # Run the home server. # - -DIR=$(dirname $0)/../../.. -PROGRAM=$(basename $0) - -export RADDB=$DIR/raddb -export TEST_PATH=$(dirname $0)/ -export LIB_PATH=$DIR/build/lib/local/ - exec $DIR/build/make/jlibtool --mode=execute $FR_DEBUGGER $DIR/build/bin/local/radiusd -d $(dirname $0)/home -D $DIR/share/ -fxx -l stdout $@ diff --git a/src/tests/tls/radiusd-proxy.sh b/src/tests/tls/radiusd-proxy.sh index 12e8d81bd4..65f8066eea 100755 --- a/src/tests/tls/radiusd-proxy.sh +++ b/src/tests/tls/radiusd-proxy.sh @@ -1,14 +1,7 @@ #!/bin/sh +. $(dirname $0)/common.sh # -# Run the home server. +# Run the proxy server. # - -DIR=$(dirname $0)/../../.. -PROGRAM=$(basename $0) - -export RADDB=$DIR/raddb -export TEST_PATH=$(dirname $0)/ -export LIB_PATH=$DIR/build/lib/local/ - exec $DIR/build/make/jlibtool --mode=execute $FR_DEBUGGER $DIR/build/bin/local/radiusd -d $(dirname $0)/proxy -D $DIR/share/ -fxx -l stdout $@