diff --git a/config.yml b/config.yml index cd8532ea5..e0436356b 100644 --- a/config.yml +++ b/config.yml @@ -12,6 +12,5 @@ patch_folders: - patches/ipq40xx - patches/ipq806x - patches/ipq807x - - patches/wifi - patches/rtkmipsel - patches/rest diff --git a/feeds/ucentral/ucentral-freeradius/Makefile b/feeds/ucentral/ucentral-freeradius/Makefile deleted file mode 100644 index dd64ab480..000000000 --- a/feeds/ucentral/ucentral-freeradius/Makefile +++ /dev/null @@ -1,34 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=ucentral-freeradius -PKG_RELEASE:=1 - -PKG_MAINTAINER:=John Crispin - -include $(INCLUDE_DIR)/package.mk - -define Package/ucentral-freeradius - SECTION:=ucentral - CATEGORY:=uCentral - TITLE:=ucentral-freeradius cfg wrapper - DEPENDS:=+freeradius3-mod-eap +freeradius3-mod-files +freeradius3-mod-eap-pwd -endef - -define Package/ucentral-freeradius/description - Allow Wireless client rate limiting -endef - -define Build/Prepare - mkdir -p $(PKG_BUILD_DIR) -endef - -define Build/Compile/Default - -endef -Build/Compile = $(Build/Compile/Default) - -define Package/ucentral-freeradius/install - $(CP) ./files/* $(1) -endef - -$(eval $(call BuildPackage,ucentral-freeradius)) diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/config/radiusd b/feeds/ucentral/ucentral-freeradius/files/etc/config/radiusd deleted file mode 100644 index 73e25f864..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/config/radiusd +++ /dev/null @@ -1,8 +0,0 @@ -config client - option name uCentral - option ipaddr * - option secret secret - -config user - option username test - option password example diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/default/radiusd b/feeds/ucentral/ucentral-freeradius/files/etc/default/radiusd deleted file mode 100644 index 9f8675cba..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/default/radiusd +++ /dev/null @@ -1 +0,0 @@ -OPTIONS="-d /etc/freeradius3-ucentral" diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/ca.pem b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/ca.pem deleted file mode 100644 index 2ace5293b..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/ca.pem +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE5DCCA8ygAwIBAgIJALUPlXk37qsqMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD -VQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUxFTAT -BgNVBAoMDEV4YW1wbGUgSW5jLjEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBs -ZS5vcmcxJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X -DTIxMDUwNTAyMTMxNloXDTIyMDUwNTAyMTMxNlowgZMxCzAJBgNVBAYTAkZSMQ8w -DQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMGA1UECgwMRXhh -bXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzEmMCQG -A1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCi3jwwRL0/sg24rhZ4/s45PwaZn1v7nxJrItvO -W6wgPBsOp0gwEeybV6tmw7+R5n1IYPFV1AVz1XckfH459pbxRNPJok7BFCO6Oa0r -p2U/rJdXCPKR0Sy2yHEw5ooWraPE6O9swCGv4YjFLTmAsQL2+PRs538ng6s6jYaA -Ju9ZKDf7Eic9RFMkudN75KYjaXKDOUVKvMIDW3Jb+MD2iLg8nTbkYdFaUif+zNNU -g47svkNRKFlckrYSPU0odC1MMTRzxkirl35NGEi1I+TcXcFhkPH53I9WTxfI7mmq -bKQ75i8HJuDKxBbYIOXXnPRYz76G6weHMg4lTXTlod5FgEN5AgMBAAGjggE3MIIB -MzAdBgNVHQ4EFgQU4XyrFousF2fZ9vdcMWBuhPJhlawwgcgGA1UdIwSBwDCBvYAU -4XyrFousF2fZ9vdcMWBuhPJhlayhgZmkgZYwgZMxCzAJBgNVBAYTAkZSMQ8wDQYD -VQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMGA1UECgwMRXhhbXBs -ZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzEmMCQGA1UE -AwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCCQC1D5V5N+6rKjAPBgNV -HRMBAf8EBTADAQH/MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly93d3cuZXhhbXBs -ZS5vcmcvZXhhbXBsZV9jYS5jcmwwDQYJKoZIhvcNAQELBQADggEBAI+nEdd9G7VI -xLlvFE8B49CjYX1Bbn3dxbSmpcF0SPG49ZnjH1H54y7ab64nWOMVxrwDurqdo0z9 -dNuazYD0WeAKoHOW5/CJ0LCuZ5AJIAvxrUpeoSF7SnycjzKx9UwGfXQxrYvykuM4 -ihpq2c41ezLtKxRnvBSDMJPWGx1jBKDjEtu1K7IAxhL20L2MCNRE6ut96g2KtEdG -4hHyM42QelCalJgXfLzp1bsl75k7dMy9Bj3Qbq6nc1+egdQG2dDNJkcHgwTkEmDf -DTWtEkZlkRrQPqgs6TANxR594flikBx/2sOmfRxfhuq8p1wW/7B5hHjLVi7AGLBS -toZcDP6CBn8= ------END CERTIFICATE----- diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/dh b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/dh deleted file mode 100644 index a35929ea8..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/dh +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN DH PARAMETERS----- -MIIBCAKCAQEAw6U9O9lNo45nVpheg8+DLoGQDvs7kTPHn/I3mxLWUDsWE6QghUhS -TX2pvkZDzSsWGHKMz7vJm3h2C8p7R3nhAI/LX1iCZkGKYvCsR7pHhCSujFtGiBqc -XeXE5j2pQpB9G6UFql+7gqRSV+mw4MckoR1bqI1W4ibH/vnAOJOVq8PQucMITsqY -JIhFJdVMJRIR5rPfZnaGdeokljE1tnK5/ycWfjYGp2fBLbTqGu7G7LSvzb8+VttF -nVTDbbdp1LBQzxYj0a0MS54jLOxxDKM0C/HVn71hMnLTakASGu3qcMkMwuiLzX1i -MNMsi7dYnGWXA1AcICag61CYqlJ3AccMgwIBAg== ------END DH PARAMETERS----- diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/server.pem b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/server.pem deleted file mode 100644 index f20dcc874..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/certs/server.pem +++ /dev/null @@ -1,61 +0,0 @@ -Bag Attributes - localKeyID: AB 3D 8E E1 1B 78 0B 8E 15 2B 3F A7 E7 D3 B4 B8 7A 91 94 89 -subject=/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org -issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority ------BEGIN CERTIFICATE----- -MIID9DCCAtygAwIBAgIBATANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCRlIx -DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF -eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUub3JnMSYw -JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMTA1MDUw -MjEzMTZaFw0yMjA1MDUwMjEzMTZaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS -YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT -ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu -b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEqpvZdH9B6iMpI2 -b5titfABWy6aaI6SYHna8TS5FF/i/xzjyhGmEQ2S38aHECw1dxYuKOGuvNcABVWu -WmakdFwcTFkPRg7RSQBgktWCVfkPRukQ8roMS9by9rbRdtT0VeC229WigWzUNiuA -BrtJCDMdzdbh2bNBCKXpxsx9yI5bv1ZdlRmixyA4XE4wseGFy1RZaCEZ56aiF0M1 -q5slld4L3vfDFPSAQhk87G0jw+HipO6q51X8zCwwySAYbdqErUxLOHCL1rIO3Im5 -46dspVyEMperT6kVM2cxFpphPUvHdiDhwxT/fWomzXA1ElvMKg6se1En5HVip9dn -i1mjmQIDAQABo2kwZzATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug -KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMBgGA1Ud -IAQRMA8wDQYLKwYBBAGCvmgBAwIwDQYJKoZIhvcNAQELBQADggEBAFynmC8gLhmc -Y/GeSg35LBNapllIns8lnneF/D3fJ0JrlkYUGH8I6nQiH5838J235omkjue2hyy8 -w40NQqL5N5wv29gUhbRJgNxEBg0CcWP9gfT/H54gdrhiewfspyxApyLQVuGqf2px -Ba6STD41jnvGVf1L7WB0MueypxD0hTb6vgQjbcp+2yBUWyR2RhFVMcrdbmJFRdwF -aui4gksF2UWSsXhmy88tc0Xw4svbR+sepQhIidYg3U0qVh6iaXrds7LqNo6XAfn3 -ss+lc0efkX6UOg4gQNhO9RMAYi9ONbw0x8xgdjKAQLbvEmT+nbFu82DkhuwxjRIE -a89fVn5xduo= ------END CERTIFICATE----- -Bag Attributes - localKeyID: AB 3D 8E E1 1B 78 0B 8E 15 2B 3F A7 E7 D3 B4 B8 7A 91 94 89 -Key Attributes: ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIaErHBLSTVqECAggA -MBQGCCqGSIb3DQMHBAgcNkbiAf7DVgSCBMjDeGJkfFxUKTEfRzyUvh8Y8ij62IgR -r+SmuQadDNoIzVv0sPbAkUVRB/NA/zYkwfrF4CWNdT+S9LvpnrMGsncjrxWZUu2J -PmUxddJa/TCHCQ0BM+Cw6EktOVhb9kiXCANH1sf/3AtoU7x89CrHAyMAyBRc6MIo -m94CEczqkLKt9TAdsEw87rgBjIN1PDaHJjC3sl6nvqACuibd8OiiL8V0Fv1isjYK -daxfZCWLuvW42OJ2pt4bIwS6VBbkJrIPsFJUUSgkpXUVniB/mtgaxafU3FpR5jU8 -kbUAjjQAqrvj8AL6fjzTbZsOHWOz0wo/5wt9HebqwoopCvUNTPOaNZ5pKYC2FWB0 -Eh4sIShq9qdAASjEgt6vJGiTO6OBVx6AxrtKUGPj4NFNkhQy4Frpy22qRcX5fd9T -QNP7hEWkPLGxRzxtxuYCVHu7Uwk99OA1xsaLx+2RttfbPThKxTXJa6OZHAZBVa14 -1kcFRBJbK0O6r4ni5dR7/SdcnuSj1yJusdcU5Fgdn+8F5J7qPB+Pr59EIxLRraL8 -8KvpAYunGPhR71FnxmWXbXRl0IEwvtJ+zsX4nfSDn0i9SNeGunBD2wtK6izq3dWw -FRI4o5tGm8uA4bRD2am5NAZoEnuKqnfDpnqpHEakKBLC1QOhPvRqGWP/IdZC1bCy -WF0KGjJYyQ1m638RzYaxfuUVZ3Vwm2YQTcixAfAdpGHkIRhc0cAuOEekSbftFTrV -fRPKI0AFxVswJVsnUsnbyFcmSXaVkcVeDgRzcJ/4bQWOsLNdeJXozVd0zd0lxJf2 -rjVbbO056luwtdCN6G9d1OwIDk0H16lmcHkQ23Omvw45vCBhKcQiEEoCwsNSfJ/n -vxvXgY2txvgt5WASNIwJmBsRUIbev6daV2zOKtfRFGNQh7PujwPKIglAWib8q05n -sdUSQi77nRY0YHIP3Og9f+brZCxR0U4zylZa6NXlzo4nO+8GcrjYF6jxfXk179oK -SOiqnCZ4K1EBDSJgWNexRrpNEdBW4JMfduV+BKIUUt4tieFL8CQMiO3/IATQzDSm -ehyDPcXmc/DHiW4wt3fOkqy2huDReu6u7YPf6xUS+XiyLnPvWXIe9Y1ofvUjpCeS -FAh+HBWaYLhOoO7Nj0/8MtOpeK0w4eUJvTCenwtBd9AnxLX55sY3/dRVtOZcOtwH -FSBnTkEGs5yW/eNZI4DsKhHA7MmwbWaV9C8CgRnKoSQq+PvDGD3pq80NjJxz/l6X -2uETwOPYgAjekQs7bZSB8P5xkzUT1zXCCsJBJFzIPOs5kvVG7BqwBbHbJUt/g1/1 -bOzCR53fzuq7dKnPyGSD8J8Y7dXdYPHYy4jqwMnDKqstahGlq4lE8rRcLvP47Z/v -9+9Aa3hmmpTfkjVE+q99oZamK9zFWiWNhyeaNJuTXJaToW4Gj5h7d4T5xsBWwyhG -JkZhbkMYlqp2zDxyW18wAznTVZutfu4Wx0Ot/JU3ye6BarJD/hWeOF51QD0fyrFV -q5NX1CS/T8cO5mFTRqdqQXzXJaPKST4SSu0pDRrYLKnGuGrUQMVszjcv/TQkjs0u -UbZJXNozsK9EXCrtokDSjMXzjob8t+MwzgU9AtzO7JnAa1jvLYq2ggODHOOCVRyz -bO0= ------END ENCRYPTED PRIVATE KEY----- diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/clients.conf b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/clients.conf deleted file mode 100644 index 39122f248..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/clients.conf +++ /dev/null @@ -1,11 +0,0 @@ -client 0.0.0.0/0 { - ipaddr = * - secret = uSyncRad1u5 - require_message_authenticator = no - shortname = usync - limit { - max_connections = 16 - lifetime = 0 - idle_timeout = 30 - } -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/dictionary b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/dictionary deleted file mode 100644 index 1f7dc903f..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/dictionary +++ /dev/null @@ -1,49 +0,0 @@ -# -# This is the local dictionary file which can be -# edited by local administrators. It will be loaded -# AFTER the main dictionary files are loaded. -# -# As of version 3.0.2, FreeRADIUS will automatically -# load the main dictionary files from -# -# ${prefix}/share/freeradius/dictionary -# -# It is no longer necessary for this file to $INCLUDE -# the main dictionaries. However, if the $INCLUDE -# line is here, nothing bad will happen. -# -# Any new/changed attributes MUST be placed in this file. -# The pre-defined dictionaries SHOULD NOT be edited. -# -# See "man dictionary" for documentation on its format. -# -# $Id: eed5d70f41b314f9ed3f006a22d9f9a2be2c9516 $ -# - -# -# All local attributes and $INCLUDE's should go into -# this file. -# - -# If you want to add entries to the dictionary file, -# which are NOT going to be placed in a RADIUS packet, -# add them to the 'dictionary.local' file. -# -# The numbers you pick should be between 3000 and 4000. -# These attributes will NOT go into a RADIUS packet. -# -# If you want that, you will need to use VSAs. This means -# requesting allocation of a Private Enterprise Code from -# http://iana.org. We STRONGLY suggest doing that only if -# you are a vendor of RADIUS equipment. -# -# See RFC 6158 for more details. -# http://ietf.org/rfc/rfc6158.txt -# - -# -# These attributes are examples -# -#ATTRIBUTE My-Local-String 3000 string -#ATTRIBUTE My-Local-IPAddr 3001 ipaddr -#ATTRIBUTE My-Local-Integer 3002 integer diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/accounting b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/accounting deleted file mode 100644 index 0c3d8ee35..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/accounting +++ /dev/null @@ -1 +0,0 @@ -john Cleartext-Password := "SuperGeheim" diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/authorize b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/authorize deleted file mode 100644 index 0c3d8ee35..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-config/files/authorize +++ /dev/null @@ -1 +0,0 @@ -john Cleartext-Password := "SuperGeheim" diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/eap b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/eap deleted file mode 100644 index 24a6f38d9..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/eap +++ /dev/null @@ -1,13 +0,0 @@ -eap { - default_eap_type = pwd - timer_expire = 60 - ignore_unknown_eap_types = no - cisco_accounting_username_bug = no - max_sessions = ${max_requests} - - pwd { - group = 19 - server_id = theserver@example.com - fragment_size = 1020 - } -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/files b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/files deleted file mode 100644 index d76e1501d..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/mods-enabled/files +++ /dev/null @@ -1,5 +0,0 @@ -files { - moddir = ${modconfdir}/${.:instance} - filename = ${moddir}/authorize - acctusersfile = ${moddir}/accounting -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/accounting b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/accounting deleted file mode 100644 index 23049e6f2..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/accounting +++ /dev/null @@ -1,117 +0,0 @@ -# We check for this prefix to determine whether the class -# value was generated by this server. It should be changed -# so that it is globally unique. -class_value_prefix = 'ai:' - -# -# Replacement for the old rlm_acct_unique module -# -acct_unique { - # - # If we have a class attribute in the format - # 'auth_id:[0-9a-f]{32}' it'll have a local value - # (defined by insert_acct_class), this ensures - # uniqueness and suitability. - # - # We could just use the Class attribute as - # Acct-Unique-Session-Id, but this may cause problems - # with NAS that carry Class values across between - # multiple linked sessions. So we rehash class with - # Acct-Session-ID to provide a truely unique session - # identifier. - # - # Using a Class/Session-ID combination is more robust - # than using elements in the Accounting-Request, - # which may be subject to change, such as - # NAS-IP-Address, Client-IP-Address and - # NAS-Port-ID/NAS-Port. - # - # This policy should ensure that session data is not - # affected if NAS IP addresses change, or the client - # roams to a different 'port' whilst maintaining its - # initial authentication session (Common in a - # wireless environment). - # - update request { - &Tmp-String-9 := "${policy.class_value_prefix}" - } - - if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) && \ - ("%{string:&Class}" =~ /^${policy.class_value_prefix}([0-9a-f]{32})/i)) { - update request { - &Acct-Unique-Session-Id := "%{md5:%{1},%{Acct-Session-ID}}" - } - } - - # - # Not All devices respect RFC 2865 when dealing with - # the class attribute, so be prepared to use the - # older style of hashing scheme if a class attribute - # is not included - # - else { - update request { - &Acct-Unique-Session-Id := "%{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}" - } - } -} - -# -# Insert a (hopefully unique) value into class -# -insert_acct_class { - update reply { - &Class = "${policy.class_value_prefix}%{md5:%t,%I,%{Packet-Src-Port},%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}},%{NAS-IP-Address},%{Calling-Station-ID},%{User-Name}}" - } -} - -# -# Merges Acct-[Input|Output]-Octets and Acct-[Input|Output]-Gigawords into Acct-[Input|Output]-Octets64 -# -# If the &Attr-Foo doesn't exist, it's value is taken as zero. -# -acct_counters64.preacct { - update request { - &Acct-Input-Octets64 = "%{expr:(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}" - &Acct-Output-Octets64 = "%{expr:(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}" - } -} - -# -# There is a delay between sending the Access-Accept and receiving -# the corresponding Accounting-Request "start" packet. This delay -# can be leveraged by a user to bypass Simultaneous-Use checks. -# -# The user can start up multiple sessions at the same time. When -# that happens, both Simultaneous-Use checks are performed before any -# Accounting-Request packet is received. Both Simultaneous-Use -# checks will result in "no user session" in the radacct table, and -# both sessions will be allowed. At some point later in time, the -# Accounting-Request packets are received. But by then it's too -# late. -# -# The solution is to insert a temporary session into the "radacct" -# table, during the "post-auth" section. This is done by -# uncommenting the "sql_session_start" entry in -# sites-enabled/default. Then, reading -# raddb/mods-config/sql/main/*/queries.conf, and looking for the -# "sql_session_start" comments. Follow the instructions there to -# finalize the configuration. -# -# The server will then create a temporary entry in "radacct" before -# it returns the Access-Request. Any other Access-Request which is -# received at the same time will then have it's Simultaneous-Use -# check see that entry, and will be rejected. -# -# Subsequent Accounting-Request packets for the first session will -# then UPDATE (not INSERT) the data for the session. -# -# There is still a small race condition as the Simultaneous-Use -# checks are not done at the same time as updating radacct. But the -# window of opportunity is much smaller. i.e. milliseconds, instead -# of seconds. -# -sql_session_start.post-auth { - acct_unique - sql.accounting -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/eap b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/eap deleted file mode 100644 index 0718eab51..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/policy.d/eap +++ /dev/null @@ -1,85 +0,0 @@ -# -# Response caching to handle proxy failovers -# -Xeap.authorize { - cache_eap - if (ok) { - # - # Expire previous cache entry - # - if (&control:State) { - update control { - &Cache-TTL := 0 - } - cache_eap - - update control { - &State !* ANY - } - } - - handled - } - else { - eap.authorize - } -} - -# -# Populate cache with responses from the EAP module -# -Xeap.authenticate { - eap { - handled = 1 - } - if (handled) { - cache_eap.authorize - - handled - } - - cache_eap.authorize -} - -# -# Forbid all EAP types. Enable this by putting "forbid_eap" -# into the "authorize" section. -# -forbid_eap { - if (&EAP-Message) { - reject - } -} - -# -# Forbid all non-EAP types outside of an EAP tunnel. -# -permit_only_eap { - if (!&EAP-Message) { - # We MAY be inside of a TTLS tunnel. - # PEAP and EAP-FAST require EAP inside of - # the tunnel, so this check is OK. - # If so, then there MUST be an outer EAP message. - if (!&outer.request || !&outer.request:EAP-Message) { - reject - } - } -} - -# -# Remove Reply-Message from response if were doing EAP -# -# Be RFC 3579 2.6.5 compliant - EAP-Message and Reply-Message should -# not be present in the same response. -# -remove_reply_message_if_eap { - if (&reply:EAP-Message && &reply:Reply-Message) { - update reply { - &Reply-Message !* ANY - } - } - else { - noop - } -} - diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/radiusd.conf b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/radiusd.conf deleted file mode 100644 index 7f6fbffae..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/radiusd.conf +++ /dev/null @@ -1,62 +0,0 @@ -prefix = /usr -exec_prefix = /usr -sysconfdir = /etc -localstatedir = /var -sbindir = /usr/sbin -logdir = /var/log -raddbdir = /etc/freeradius3 -radacctdir = /var/db/radacct -name = radiusd -confdir = ${raddbdir} -modconfdir = ${confdir}/mods-config -certdir = ${confdir}/certs -cadir = ${confdir}/certs -run_dir = ${localstatedir}/run/${name} -db_dir = ${raddbdir} -libdir = /usr/lib/freeradius3 -pidfile = ${run_dir}/${name}.pid -correct_escapes = true -max_request_time = 30 -cleanup_delay = 5 -max_requests = 16384 -hostname_lookups = no -log { - destination = syslog - colourise = yes - syslog_facility = daemon - stripped_names = no - auth = no - auth_badpass = no - auth_goodpass = no - msg_denied = "You are already logged in - access denied" -} - -checkrad = ${sbindir}/checkrad -security { - allow_core_dumps = no - max_attributes = 200 - reject_delay = 1 - status_server = yes -} - -proxy_requests = no -$INCLUDE clients.conf - -thread pool { - start_servers = 5 - max_servers = 32 - min_spare_servers = 3 - max_spare_servers = 10 - max_requests_per_server = 0 - auto_limit_acct = no -} - -modules { - $INCLUDE mods-enabled/ -} - -policy { - $INCLUDE policy.d/ -} - -$INCLUDE sites-enabled/ diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/default b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/default deleted file mode 100644 index d435e509b..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/default +++ /dev/null @@ -1,33 +0,0 @@ -server default { - -listen { - type = auth - ipaddr = * - port = 0 -# interface = eth0 - limit { - max_connections = 16 - lifetime = 0 - idle_timeout = 30 - } -} - -listen { - type = acct - ipaddr = * - port = 0 -# interface = eth0 -} - -authorize { - eap { - ok = return - } - files -} - -authenticate { - eap -} - -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/inner-tunnel b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/inner-tunnel deleted file mode 100644 index 5b616c029..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/sites-enabled/inner-tunnel +++ /dev/null @@ -1,19 +0,0 @@ -server inner-tunnel { -listen { - ipaddr = 127.0.0.1 - port = 18120 - type = auth -} - -authorize { - eap { - ok = return - } - files -} - -authenticate { - eap -} - -} diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/users b/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/users deleted file mode 100644 index 0c3d8ee35..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/freeradius3-ucentral/users +++ /dev/null @@ -1 +0,0 @@ -john Cleartext-Password := "SuperGeheim" diff --git a/feeds/ucentral/ucentral-freeradius/files/etc/init.d/uradiusd b/feeds/ucentral/ucentral-freeradius/files/etc/init.d/uradiusd deleted file mode 100755 index 1daab120c..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/etc/init.d/uradiusd +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=49 - -USE_PROCD=1 -PROG=/usr/libexec/ucentral-radiusd.sh - -service_triggers() { - procd_add_reload_trigger radiusd -} - -start_service() { - procd_open_instance - procd_set_param command "$PROG" - procd_close_instance -} diff --git a/feeds/ucentral/ucentral-freeradius/files/usr/libexec/ucentral-radiusd.sh b/feeds/ucentral/ucentral-freeradius/files/usr/libexec/ucentral-radiusd.sh deleted file mode 100755 index 570ddbea1..000000000 --- a/feeds/ucentral/ucentral-freeradius/files/usr/libexec/ucentral-radiusd.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh - -. /lib/functions.sh - -config_load radiusd - -user_add() { - config_get username $1 username - config_get password $1 password - [ -z "$username" -o -z "$password" ] && return - echo -e "$username\tCleartext-Password := \"$password\"" >> /etc/freeradius3-ucentral/mods-config/files/authorize - echo -e "$username\tCleartext-Password := \"$password\"" >> /etc/freeradius3-ucentral/mods-config/files/accounting - chmod 0600 /etc/freeradius3-ucentral/mods-config/files/authorize - chmod 0600 /etc/freeradius3-ucentral/mods-config/files/accounting -} - -rm /etc/freeradius3-ucentral/mods-config/files/authorize -rm /etc/freeradius3-ucentral/mods-config/files/accounting -config_foreach user_add user - -client_add() { - config_get name $1 name - config_get secret $1 secret - config_get ipaddr $1 ipaddr "*" - config_get netmask $1 netmask 0 - - echo "client $name { - ipaddr = $ipaddr - secret = $secret - require_message_authenticator = no - shortname = $name - limit { - max_connections = 16 - lifetime = 0 - idle_timeout = 30 - } -} -" >> /etc/freeradius3-ucentral/clients.conf -chmod 0600 /etc/freeradius3-ucentral/clients.conf -} - -rm /etc/freeradius3-ucentral/clients.conf -config_foreach client_add client - -/etc/init.d/radiusd restart diff --git a/feeds/ucentral/ucentral-mqtt/Makefile b/feeds/ucentral/ucentral-mqtt/Makefile deleted file mode 100644 index e77327b10..000000000 --- a/feeds/ucentral/ucentral-mqtt/Makefile +++ /dev/null @@ -1,32 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=ucentral-mqtt -PKG_RELEASE:=1 - -PKG_SOURCE_URL=https://github.com/blogic/ucentral-mqtt.git -PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2022-11-27 -PKG_SOURCE_VERSION:=6323938ad7f6b1b9dc172cdf6831dd7085c30100 - -PKG_MAINTAINER:=John Crispin -PKG_LICENSE:=BSD-3-Clause - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -define Package/ucentral-mqtt - SECTION:=ucentral - CATEGORY:=uCentral - TITLE:=OpenWrt uCentral mqtt client - DEPENDS:=+libubox +libubus +libblobmsg-json +libmosquitto-ssl -endef - -define Package/ucentral-mqtt/install - $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config/ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/ucentral-mqtt $(1)/usr/sbin/ - $(INSTALL_BIN) ./files/ucentral-mqtt $(1)/etc/init.d/ - $(INSTALL_BIN) ./files/umqtt.config $(1)/etc/config/umqtt - $(INSTALL_BIN) ./files/ucentral_stats.sh $(1)/usr/sbin -endef - -$(eval $(call BuildPackage,ucentral-mqtt)) diff --git a/feeds/ucentral/ucentral-mqtt/files/ucentral-mqtt b/feeds/ucentral/ucentral-mqtt/files/ucentral-mqtt deleted file mode 100644 index b07f30169..000000000 --- a/feeds/ucentral/ucentral-mqtt/files/ucentral-mqtt +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=80 - -USE_PROCD=1 -PROG=/usr/sbin/ucentral-mqtt - -service_triggers() { - procd_add_reload_trigger ucentral umqtt -} - -start_service() { - . /lib/functions.sh - - config_load 'ucentral' - config_get serial 'config' 'serial' - config_get venue 'config' 'venue' - - config_load 'umqtt' - config_get username 'mqtt' 'username' - config_get password 'mqtt' 'password' - config_get server 'mqtt' 'server' - config_get port 'mqtt' 'port' - config_get debug 'mqtt' 'debug' 0 - config_get debug 'mqtt' 'enable' 0 - - [ "$enable" -eq 1 ] || return 0 - procd_open_instance - procd_set_param command "$PROG" - [ -n "$serial" ] && procd_append_param command -S $serial - [ -n "$username" ] && procd_append_param command -u $username - [ -n "$password" ] && procd_append_param command -p $password - [ -n "$server" ] && procd_append_param command -s $server - [ -n "$port" ] && procd_append_param command -P $port - [ -n "$venue" ] && procd_append_param command -v $venue - [ "$debug" -eq 0 ] || procd_append_param command -d - procd_set_param respawn - procd_close_instance -} diff --git a/feeds/ucentral/ucentral-mqtt/files/ucentral_stats.sh b/feeds/ucentral/ucentral-mqtt/files/ucentral_stats.sh deleted file mode 100755 index 34c03d4f9..000000000 --- a/feeds/ucentral/ucentral-mqtt/files/ucentral_stats.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -ucode -m ubus -i /usr/share/ucentral/state.uc -E cfg=/etc/ucentral/ucentral.active > /tmp/ucentral.stats - diff --git a/feeds/ucentral/ucentral-mqtt/files/umqtt.config b/feeds/ucentral/ucentral-mqtt/files/umqtt.config deleted file mode 100644 index fd6267177..000000000 --- a/feeds/ucentral/ucentral-mqtt/files/umqtt.config +++ /dev/null @@ -1,6 +0,0 @@ -config ucentral mqtt - option enable 0 - option username 'test' - option password 'test' - option server '192.168.178.9' - option port '8883'