net/freeradius: merge 1.8.0 from master

2026-06-04 14:26:13 -04:00 · 2018-09-03 08:16:29 +02:00 · 2018-09-03 08:16:29 +02:00 · 3ff493ec12
commit 3ff493ec12
parent 72071b7dc5
6 changed files with 69 additions and 1 deletions
--- a/net/freeradius/Makefile
+++ b/net/freeradius/Makefile
@ -1,5 +1,5 @@
 PLUGIN_NAME=		freeradius
-PLUGIN_VERSION=		1.7.0
+PLUGIN_VERSION=		1.8.0
 PLUGIN_COMMENT=		RADIUS Authentication, Authorization and Accounting Server
 PLUGIN_DEPENDS=		freeradius3
 PLUGIN_MAINTAINER=	m.muenz@gmail.com
--- a/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml
+++ b/net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/general.xml
@ -35,6 +35,12 @@
        <type>checkbox</type>
        <help>This enables the Mikrotik attributes assignment via users tab.</help>
    </field>
+    <field>
+        <id>general.sqlite</id>
+        <label>Enable SQLite</label>
+        <type>checkbox</type>
+        <help>This enables SQLite module and accounting.</help>
+    </field>
    <field>
        <id>general.sessionlimit</id>
        <label>Enable Daily Session Limit</label>
--- a/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml
+++ b/net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/General.xml
@ -27,6 +27,10 @@
            <default>0</default>
            <Required>N</Required>
        </mikrotik>
+        <sqlite type="BooleanField">
+            <default>0</default>
+            <Required>N</Required>
+        </sqlite>
        <sessionlimit type="BooleanField">
            <default>0</default>
            <Required>N</Required>
--- a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/+TARGETS
@ -3,6 +3,7 @@ dictionary:/usr/local/etc/raddb/dictionary
 mods-enabled-counter:/usr/local/etc/raddb/mods-enabled/counter
 mods-enabled-eap:/usr/local/etc/raddb/mods-enabled/eap
 mods-enabled-ldap:/usr/local/etc/raddb/mods-enabled/ldap
+mods-enabled-sql:/usr/local/etc/raddb/mods-enabled/sql
 radiusd:/etc/rc.conf.d/radiusd
 radiusd.conf:/usr/local/etc/raddb/radiusd.conf
 sites-enabled-default:/usr/local/etc/raddb/sites-enabled/default
--- a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-sql
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-sql
@ -0,0 +1,46 @@
+{% if helpers.exists('OPNsense.freeradius.general.enabled') and OPNsense.freeradius.general.enabled == '1' %}
+{%   if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+
+sql {
+        driver = "rlm_sql_sqlite"
+        sqlite {
+                # Path to the sqlite database
+                filename = "/usr/local/etc/raddb/freeradius.db"
+
+                # How long to wait for write locks on the database to be
+                # released (in ms) before giving up.
+                busy_timeout = 200
+
+                # If the file above does not exist and bootstrap is set
+                # a new database file will be created, and the SQL statements
+                # contained within the bootstrap file will be executed.
+                bootstrap = "${modconfdir}/${..:name}/main/sqlite/schema.sql"
+        }
+        dialect = "sqlite"
+        radius_db = "radius"
+        acct_table1 = "radacct"
+        acct_table2 = "radacct"
+        postauth_table = "radpostauth"
+        authcheck_table = "radcheck"
+        groupcheck_table = "radgroupcheck"
+        authreply_table = "radreply"
+        groupreply_table = "radgroupreply"
+        usergroup_table = "radusergroup"
+        delete_stale_sessions = yes
+        pool {
+                start = ${thread[pool].start_servers}
+                min = ${thread[pool].min_spare_servers}
+                max = ${thread[pool].max_servers}
+                spare = ${thread[pool].max_spare_servers}
+                uses = 0
+                retry_delay = 30
+                lifetime = 0
+                idle_timeout = 60
+        }
+        client_table = "nas"
+        group_attribute = "SQL-Group"
+        $INCLUDE ${modconfdir}/${.:name}/main/${dialect}/queries.conf
+}
+
+{%   endif %}
+{% endif %}
--- a/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default
+++ b/net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/sites-enabled-default
@ -55,7 +55,11 @@ authorize {
                ok = return
        }
        files
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+        sql
+{% else %}
        -sql
+{% endif %}
 {% if helpers.exists('OPNsense.freeradius.general.ldap_enabled') and OPNsense.freeradius.general.ldap_enabled == '1' %}
        ldap
        if ((ok || updated) && User-Password) {
@ -110,12 +114,19 @@ accounting {
        sradutmp
 {% endif %}
        unix
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+        sql
+{% else %}
        -sql
+{% endif %}
        exec
        attr_filter.accounting_response
 }

 session {
+{% if helpers.exists('OPNsense.freeradius.general.sqlite') and OPNsense.freeradius.general.sqlite == '1' %}
+        sql
+{% endif %}
 }

 post-auth {