freeradius.patch - pfSense Packages - pfSense bugtracker

Regression #13628 » freeradius.patch

Marcos M, 12/06/2022 01:39 PM

+    }
     function freeradius_deinstall_command() {
     	global $config;
     	$pidFile = "/var/run/radiusd.pid";
     	$i = 0;
-...
+    	}
     	/* Remove package settings from config if 'Keep Settings' is disabled */
     	init_config_arr(array('installedpackages', 'freeradiussettings', 'config', 0));
     	if (isset($config['installedpackages']['freeradiussettings']['config'][0]['keep_settings']) &&
     	    empty($config['installedpackages']['freeradiussettings']['config'][0]['keep_settings'])) {
     	if (!config_path_enabled('installedpackages/freeradiussettings/config/0/', 'keep_settings')) {
     		$uninstall = array(
     			'installedpackages/freeradius',
     			'installedpackages/freeradiusauthorizedmacs',
     			'installedpackages/freeradiusclients',
     			'installedpackages/freeradiusinterfaces',
     			'installedpackages/freeradiussettings',
     			'installedpackages/freeradiuseapconf',
     			'installedpackages/freeradiussqlconf',
     			'installedpackages/freeradiusmodulesldap',
     			'installedpackages/freeradiussync'
     		);
     		log_error("[freeRADIUS] Removing all FreeRADIUS settings since 'Keep Settings/Data' is disabled...");
     		$uninstall = array('freeradius', 'freeradiusauthorizedmacs', 'freeradiusclients', 'freeradiusinterfaces',
     		'freeradiussettings', 'freeradiuseapconf', 'freeradiussqlconf', 'freeradiusmodulesldap', 'freeradiussync');
     		foreach ($uninstall as $unin) {
     			if (is_array($config['installedpackages'][$unin])) {
     				unset($config['installedpackages'][$unin]);
+    			}
     		foreach ($uninstall as $path) {
     			config_del_path($path);
+    		}
     		rmdir_recursive(FREERADIUS_RADDB, false);
     		write_config("[freeRADIUS] Package uninstalled.");
+    	}
-...
+    }
     function freeradius_upgrade_config() {
     	global $config;
     	// FreeRADIUS built-in certificate manager was removed (Bug #7170)
     	if (is_array($config['installedpackages']['freeradiuscerts'])) {
     		unset($config['installedpackages']['freeradiuscerts']);
     		log_error(gettext("freeRADIUS: Removing deprecated built-in certificate manager configuration."));
+    	}
     	if (is_array($config['installedpackages']['freeradiuseapconf']['config'][0])) {
     		if (isset($config['installedpackages']['freeradiuseapconf']['config'][0]['vareapconfchoosecertmanager'])) {
     			unset($config['installedpackages']['freeradiuseapconf']['config'][0]['vareapconfchoosecertmanager']);
+    		}
     		if (isset($config['installedpackages']['freeradiuseapconf']['config'][0]['vareapconfprivatekeypassword'])) {
     			unset($config['installedpackages']['freeradiuseapconf']['config'][0]['vareapconfprivatekeypassword']);
     	$deprecated_config_paths = array(
     		'installedpackages/freeradiuscerts',
     		'installedpackages/freeradiuseapconf/config/0/vareapconfchoosecertmanager',
     		'installedpackages/freeradiuseapconf/config/0/vareapconfprivatekeypassword'
     	);
     	$isremoved = false;
     	foreach ($deprecated_config_paths as $path) {
     		if (config_get_path($path)) {
     			$isremoved = true;
     			config_del_path($path);
+    		}
+    	}
     	if ($isremoved) {
     		log_error(gettext("freeRADIUS: Removed deprecated built-in certificate manager configuration."));
+    	}
+    }
     function freeradius_install_command() {
     	global $config;
     	// We create here different folders for different counters.
     	safe_mkdir("/var/log/radacct/datacounter/daily");
     	safe_mkdir("/var/log/radacct/datacounter/weekly");
-...
+    }
     function freeradius_settings_resync($restart_svc = true) {
     	global $config;
     	$conf = '';
     	// put the constant to a variable
-...
     		touch("/var/log/radwtmp");
+    	}
     	if (is_array($config['installedpackages']['freeradiussettings']['config'][0])) {
     		$varsettings = $config['installedpackages']['freeradiussettings']['config'][0];
     	} else {
     		$varsettings = array();
+    	}
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config/0', []);
     	// Variables: General configuration
     	$varsettingsmaxrequests = ($varsettings['varsettingsmaxrequests'] ?: '1024');
-...
     	$varsettingsmaxrequestsperserver = ($varsettings['varsettingsmaxrequestsperserver'] ?: '0');
     	// For more details look at freeradius_sqlconf_resync()
     	if (is_array($config['installedpackages']['freeradiussqlconf']['config'][0])) {
     		$sqlconf = $config['installedpackages']['freeradiussqlconf']['config'][0];
     	} else {
     		$sqlconf = array();
+    	}
     	$sqlconf = config_get_path('installedpackages/freeradiussqlconf/config/0', []);
     	// Dis-/Enable SQL in "instatiate" section in freeradius_settings_resync() and radiusd.conf SQL SERVER 2
     	if ($sqlconf['varsqlconf2includeenable'] == 'on') {
-...
+    }
     function freeradius_users_resync($via_rpc = false) {
     	global $config;
     	$conf = '';
     	$arrausers = config_get_path('installedpackages/freeradius/config', []);
     	$arrusers = config_get_path('installedpackages/freeradius/config', []);
     	if (!empty($arrusers)) {
     		foreach ($arrusers as $users) {
-...
+    	}
+    }
     function freeradius_authorizedmacs_resync($restart_svc = true, $via_rpc = false) {
     	$conf = '';
-...
+    	}
+    }
     function freeradius_eapconf_resync($restart_svc = true) {
     	global $config;
     	$conf = '';
     	if (!is_array($config['installedpackages']['freeradiuseapconf']['config'][0])) {
     		$config['installedpackages']['freeradiuseapconf']['config'][0] = array();
+    	}
     	$eapconf = & $config['installedpackages']['freeradiuseapconf']['config'][0];
     	$eapconf_path = 'installedpackages/freeradiuseapconf/config/0';
     	$eapconf = config_get_path($eapconf_path);
     	// Disable weak EAP types like MD5, and GTC
     	if ($eapconf['vareapconfdisableweakeaptypes'] == '') {
-...
     	// Variables: EAP-TLS
     	$vareapconffragmentsize = ($eapconf['vareapconffragmentsize'] ?: '1024');
     	$vareapconfincludelength = ($eapconf['vareapconfincludelength'] ?: 'yes');
     	$vareapconfcountry = ($eapconf['vareapconfcountry'] ?: '');
     	$vareapconfstate = ($eapconf['vareapconfstate'] ?: '');
     	$vareapconfcity = ($eapconf['vareapconfcity'] ?: '');
     	$vareapconforganization = ($eapconf['vareapconforganization'] ?: '');
     	$vareapconfemail = ($eapconf['vareapconfemail'] ?: '');
     	$vareapconfcommonname = ($eapconf['vareapconfcommonname'] ?: 'internal-ca');
     	// Variables: Cache
     	$vareapconfcacheenablecache = ($eapconf['vareapconfcacheenablecache'] ?: 'no');
-...
     	$vareapconfpeapdefaulteaptype = ($eapconf['vareapconfpeapdefaulteaptype'] ?: 'mschapv2');
     	$vareapconfpeapcopyrequesttotunnel = ($eapconf['vareapconfpeapcopyrequesttotunnel'] ?: 'no');
     	$vareapconfpeapusetunneledreply = ($eapconf['vareapconfpeapusetunneledreply'] ? 1 : 0);
     	$vareapconfpeapsohenable = ($eapconf['vareapconfpeapsohenable'] ?: 'Disable');
     	// This is for enable/disbable MS SoH in EAP-PEAP and the virtuial-server "soh-server"
     	if ($eapconf['vareapconfpeapsohenable'] == 'Enable') {
-...
     		unlink_if_exists(FREERADIUS_SITESENABLED . "/soh");
+    	}
     	// For pfSense cert manager
     	$ca_cert = lookup_ca($eapconf["ssl_ca_cert"]);
     	if ($ca_cert == false) {
     		if (!is_array($config['ca'])) {
     			$config['ca'] = array();
+    		}
     		$a_ca =& $config['ca'];
     		if (!is_array($config['cert'])) {
     			$config['cert'] = array();
+    		}
     		$a_cert =& $config['cert'];
     		/* Generate CA with generic details */
     		$ca = array();
     		$ca['refid'] = uniqid();
-...
     		} else {
     			$eapconf["ssl_ca_cert"] = $ca['refid'];
     			$ca_cert = $ca;
     			$a_ca = config_get_path('ca');
     			$a_ca[] = $ca;
     			config_set_path('ca', $a_ca);
     			$cert = array();
     			$cert['refid'] = uniqid();
     			$cert['descr'] = "FreeRADIUS Server Certificate";
-...
     				file_notice("FreeRADIUS", gettext("Cannot create temporary FreeRADIUS certificate. Visit Services &gt; FreeRADIUS &gt; EAP tab and configure server certificates in the 'Certificates for TLS' section: " . openssl_error_string()));
     				$cert_error = true;
     			} else {
     				$a_cert = config_get_path('cert');
     				$a_cert[] = $cert;
     				config_set_path('cert', $a_cert);
     				$eapconf["ssl_server_cert"] = $cert['refid'];
+    			}
+    		}
-...
     				file_put_contents(FREERADIUS_CERTS . "/server_key.pem", base64_decode($svr_cert['prv']));
+    			}
     			if (base64_decode($svr_cert['crt'])) {
     				file_put_contents(FREERADIUS_CERTS . "/server_cert.pem",
     				file_put_contents(FREERADIUS_CERTS . "/server_cert.pem",
     					base64_decode($svr_cert['crt']) . "\n" .
     					ca_chain($svr_cert));
+    			}
-...
     		$vareapconftlsminversion = '1.0';
+    	}
     	config_set_path($eapconf_path, $eapconf);
     	$conf .= <<<EOD
     ### EAP
     eap {
-...
     	file_put_contents($filename, $conf);
     	chmod($filename, 0640);
     	freeradius_sync_on_changes();
     	if ($restart_svc === true) {
     		restart_service("radiusd");
-...
     // Gets started from freeradiuseapconf.xml
     function freeradius_get_ca_crl() {
     	global $config;
     	$crl_arr = array();
     	$crl_arr[] = array('refid' => 'none', 'descr' => 'none');
     	if (is_array($config['crl'])) {
     		foreach ($config['crl'] as $crl) {
     			$crl_arr[] = array('refid' => $crl['refid'], 'descr' => $crl['descr']);
+    		}
     	foreach (config_get_path('crl', []) as $crl) {
     		$crl_arr[] = array('refid' => $crl['refid'], 'descr' => $crl['descr']);
+    	}
     	return $crl_arr;
+    }
-...
     function freeradius_sqlconf_resync() {
     	$conf = '';
     	$sqlconf = config_get_path('installedpackages/freeradiussqlconf/config', []);
     	$sqlconf = config_get_path('installedpackages/freeradiussqlconf/config/0', []);
     	// Variables: SQL DATABASE 1
     	$varsqlconfdatabase = ($sqlconf['varsqlconfdatabase'] ?: 'mysql');
-...
     	\$INCLUDE \${modconfdir}/sql/counter/\${dialect}/\${.:instance}.conf
+    }
     EOD;
     	$filename = FREERADIUS_MODSENABLED . '/sqlcounter';
-...
     function freeradius_serverdefault_resync() {
     	$conf = '';
     	$arrmodulesldap = config_get_path('installedpackages/freeradiusmodulesldap/config', []);
     	// Get Variables from freeradiusmodulesldap.xml
     	$arrmodulesldap = config_get_path('installedpackages/freeradiusmodulesldap/config/0', []);
     	// failover/loadbalancing mode
     	$varmodulesldap2failover = ($arrmodulesldap['varmodulesldap2failover'] ?: 'redundant');
-...
     		@unlink_if_exists(FREERADIUS_MODSENABLED . '/ldap');
+    	}
     	$sqlconf = config_get_path('installedpackages/freeradiussqlconf/config', []);
     	$varsqlconfenableauthorize = ($sqlconf['varsqlconfenableauthorize'] ?: 'Disable');
     	$varsqlconfenableaccounting = ($sqlconf['varsqlconfenableaccounting'] ?: 'Disable');
     	$varsqlconfenablesession = ($sqlconf['varsqlconfenablesession'] ?: 'Disable');
     	$varsqlconfenablepostauth = ($sqlconf['varsqlconfenablepostauth'] ?: 'Disable');
     	// Get Variables from freeradiussqlconf.xml for DATABASE 2
     	$varsqlconf2enableauthorize = ($sqlconf['varsqlconf2enableauthorize'] ?: 'Disable');
     	$varsqlconf2enableaccounting = ($sqlconf['varsqlconf2enableaccounting'] ?: 'Disable');
     	$varsqlconf2enablesession = ($sqlconf['varsqlconf2enablesession'] ?: 'Disable');
     	$varsqlconf2enablepostauth = ($sqlconf['varsqlconf2enablepostauth'] ?: 'Disable');
     	// Get Variables from freeradiussqlconf.xml for DATABASE 1
     	$sqlconf = config_get_path('installedpackages/freeradiussqlconf/config/0', []);
     	// authorize section DATABASE 2
     	if (($sqlconf['varsqlconf2includeenable'] == 'on') && ($sqlconf['varsqlconf2enableauthorize'] == 'Enable')) {
-...
     		$varsqlconfpostauthtypereject = '# sql';
+    	}
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config', []);
     	// Changing authorize section for plain mac auth
     	// Variables: If not using 802.1x, mac address must be known
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config/0', []);
     	// If unchecked we need the normal EAP section.
     	if (!$varsettings['varsettingsenablemacauth']) {
-...
     		} // endforeach
     	} // endif empty
     	$conf .= <<<EOD
     authorize {
-...
     /* Uses XMLRPC to synchronize the changes to a remote node */
     function freeradius_sync_on_changes() {
     	global $config;
     	if (is_array($config['installedpackages']['freeradiussync'])) {
     		$synconchanges = $config['installedpackages']['freeradiussync']['config'][0]['varsyncenablexmlrpc'];
     		$varsynctimeout = $config['installedpackages']['freeradiussync']['config'][0]['varsynctimeout'] ?: '150';
     	} else {
     		return;
+    	}
     	$synconchanges = config_get_path('installedpackages/freeradiussync/config/0/varsyncenablexmlrpc');
     	$varsynctimeout = config_get_path('installedpackages/freeradiussync/config/0/varsynctimeout') ?: '150';
     	// if checkbox is NOT checked do nothing
     	switch ($synconchanges) {
     		case "manual":
     			if (is_array($config['installedpackages']['freeradiussync']['config'][0]['row'])) {
     				$rs = $config['installedpackages']['freeradiussync']['config'][0]['row'];
     			} else {
     			$rs = config_get_path('installedpackages/freeradiussync/config/0/row');
     			if (!is_array($rs)) {
     				log_error("[FreeRADIUS]: XMLRPC sync is enabled but there are no hosts configured as replication targets.");
     				return;
+    			}
     			break;
     		case "auto":
     			if (is_array($config['hasync'])) {
     				$system_carp = $config['hasync'];
     				$rs[0]['varsyncipaddress'] = $system_carp['synchronizetoip'];
     				$rs[0]['varsyncusername'] = $system_carp['username'];
     				$rs[0]['varsyncpassword'] = $system_carp['password'];
     				$rs[0]['varsyncdestinenable'] = FALSE;
     				// XMLRPC sync is currently only supported over connections using the same protocol and port as this system
     				if ($config['system']['webgui']['protocol'] == "http") {
     					$rs[0]['varsyncprotocol'] = "http";
     					$rs[0]['varsyncport'] = $config['system']['webgui']['port'] ?: '80';
     				} else {
     					$rs[0]['varsyncprotocol'] = "https";
     					$rs[0]['varsyncport'] = $config['system']['webgui']['port'] ?: '443';
+    				}
     				if ($system_carp['synchronizetoip'] == "") {
     					log_error("[FreeRADIUS]: XMLRPC CARP/HA sync is enabled but there are no system backup hosts configured as replication targets.");
     					return;
     				} else {
     					$rs[0]['varsyncdestinenable'] = TRUE;
+    				}
     			$system_carp = config_get_path('hasync');
     			if (!is_array($system_carp)) {
     				log_error("[FreeRADIUS]: XMLRPC CARP/HA sync is enabled but there are no system backup hosts configured as replication targets.");
     				return;
+    			}
     			$rs[0]['varsyncipaddress'] = $system_carp['synchronizetoip'];
     			$rs[0]['varsyncusername'] = $system_carp['username'];
     			$rs[0]['varsyncpassword'] = $system_carp['password'];
     			$rs[0]['varsyncdestinenable'] = FALSE;
     			// XMLRPC sync is currently only supported over connections using the same protocol and port as this system
     			if (config_get_path('system/webgui/protocol') == "http") {
     				$rs[0]['varsyncprotocol'] = "http";
     				$rs[0]['varsyncport'] = config_get_path('system/webgui/port') ?: '80';
     			} else {
     				$rs[0]['varsyncprotocol'] = "https";
     				$rs[0]['varsyncport'] = config_get_path('system/webgui/port') ?: '443';
+    			}
     			if ($system_carp['synchronizetoip'] == "") {
     				log_error("[FreeRADIUS]: XMLRPC CARP/HA sync is enabled but there are no system backup hosts configured as replication targets.");
     				return;
     			} else {
     				$rs[0]['varsyncdestinenable'] = TRUE;
+    			}
     			break;
     		default:
-...
     /* Do the actual XMLRPC sync */
     function freeradius_do_xmlrpc_sync($sync_to_ip, $username, $password, $varsyncport, $varsyncprotocol, $varsynctimeout) {
     	global $config, $g;
     	/* Detect boot process, do nothing during boot. */
     	if (platform_booting()) {
     		return;
-...
     	$syncsections = array('freeradius', 'freeradiusauthorizedmacs', 'freeradiusclients', 'freeradiusinterfaces',
     	'freeradiussettings', 'freeradiuseapconf', 'freeradiussqlconf', 'freeradiusmodulesldap');
     	foreach ($syncsections as $section) {
     		if (is_array($config['installedpackages'][$section])) {
     			$xml[$section] = $config['installedpackages'][$section];
     		if (is_array(config_get_path("installedpackages/{$section}"))) {
     			$xml[$section] = config_get_path("installedpackages/{$section}");
+    		}
+    	}
-...
     		$msg = new XML_RPC_Message($method, $params);
     		$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
     		$cli->setCredentials($username, $password);
     		if ($g['debug']) {
     		if (g_has('debug')) {
     			$cli->setDebug(1);
+    		}
     		/* Send our XMLRPC message and timeout after defined sync timeout value */
-...
+    }
     function freeradius_modulescounter_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
+    }
     function freeradius_modulesmschap_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
+    }
     function freeradius_modulesrealm_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
+    }
     function freeradius_modulesldap_resync($restart_svc = true) {
     	global $config;
     	$raddb = FREERADIUS_RADDB;
     	$conf = '';
     	$arrmodulesldap = config_get_path('installedpackages/freeradiusmodulesldap/config', []);
     	$arrmodulesldap = config_get_path('installedpackages/freeradiusmodulesldap/config/0', []);
     	// Enable and Disable LDAP for "authorize" and "authenticate" will be done in freeradius_serverdefault_resync()
     	// redundatnt-load-balancing will there be done, too
-...
+    	}
     	// Miscellaneous Configuration + MS Active Directory Compatibility ldap1
     	$varmodulesldapmsadcompatibilityenable = ($arrmodulesldap['varmodulesldapmsadcompatibilityenable'] ?: 'Disable');
     	if ($arrmodulesldap['varmodulesldapmsadcompatibilityenable'] == 'Disable') {
     		$varmodulesldapmsadcompatibility = '### MS Active Directory Compatibility is disabled ###';
     	} else {
-...
+    	}
     	// Miscellaneous Configuration + MS Active Directory Compatibility ldap2
     	$varmodulesldap2msadcompatibilityenable = ($arrmodulesldap['varmodulesldap2msadcompatibilityenable'] ?: 'Disable');
     	if ($arrmodulesldap['varmodulesldap2msadcompatibilityenable'] == 'Disable') {
     		$varmodulesldap2msadcompatibility = '### MS Active Directory Compatibility is disabled ###';
     	} else {
-...
+    }
     function freeradius_plainmacauth_resync() {
     	global $config;
     	$conf = '';
     	// Variables: If not using 802.1x, mac address must be known
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config', []);
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config/0', []);
     	// defining variables with filename path
     	$filemodulesfiles = FREERADIUS_MODSENABLED . '/files';
-...
+    }
     function freeradius_modulesfiles_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
+    }
     function freeradius_motp_resync() {
     	global $config, $bash_path;
     	global $bash_path;
     	$conf = '';
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config', []);
     	$varsettings = config_get_path('installedpackages/freeradiussettings/config/0', []);
     	$varsettingsmotptimespan = ($varsettings['varsettingsmotptimespan'] ?: '2');
     	$varsettingsmotptimespanbeforeafter = $varsettingsmotptimespan + $varsettingsmotptimespan;
-...
+    }
     function freeradius_modulesmotp_resync() {
     	global $config, $bash_path;
     	global $bash_path;
     	$conf = '';
     	// put the constant to a variable
-...
+    }
     function freeradius_modulesgoogleauth_resync() {
     	global $config;
     	$conf = '';
     	// put the constant to a variable
-...
+    }
     function freeradius_modulesdatacounter_resync() {
     	global $config;
     	$conf = '';
     	// put the constant to a variable
-...
+    }
     function freeradius_datacounter_auth_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
     USERNAME=`echo -n "\\$1" | sed 's/[^0-9a-zA-Z._:-]/X/g' `
     TIMERANGE=`echo -n "\\$2" | sed 's/[^a-z]//g' `
     ### This is to make sure there is a used-octets file after the cronjob resetted the counter
     if [ -e "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME" ] && [ ! -e "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" ]; then
     	echo 0 > "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME"
-...
+    }
     function freeradius_datacounter_acct_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
+    }
     function freeradius_dictionary_resync() {
     	global $config;
     	$conf = '';
     	$conf .= <<<EOD
-...
     /* Users input validation */
     function freeradius_validate_users($post, &$input_errors) {
     	// Username
     	if (($post['varusersmotpenable'] == 'on') && !preg_match('/^[a-zA-Z0-9_.-]*$/', $post['varusersusername'])) {
     		$input_errors[] = "The 'Username' field may only contain a-z, A-Z, 0-9, underscore, period and hyphen (regex /^[a-zA-Z0-9_.-]*$/).";
-...
     /* MACs input validation */
     function freeradius_validate_macs($post, &$input_errors) {
     	// MAC Address
     	if (!empty($post['varmacsaddress'])) {
     		if (!preg_match('/^[0-9A-F]{2}(?:[-:][0-9A-F]{2}){5}$/i', $post['varmacsaddress'])) {
-...
     /* NAS/Clients input validation */
     function freeradius_validate_clients($post, &$input_errors) {
     	// Client IP Address
     	if ($post['varclientip'] != '*') {
     		if (preg_match('/^(.+)\/(\d+)$/',$post['varclientip'], $matches)) {
-...
     /* Interfaces input validation */
     function freeradius_validate_interfaces($post, &$input_errors) {
     	// Interface IP Address
     	if (empty($post['varinterfaceip'])) {
     		$input_errors[] = "The 'Interface IP Address' field must not be empty.";
-...
     /* General Settings input validation */
     function freeradius_validate_settings($post, &$input_errors) {
     	global $config;
     	// Maximum Requests Tracked
     	if ($post['varsettingsmaxrequests'] != '' && !is_numericint($post['varsettingsmaxrequests'])) {
     		$input_errors[] = "The 'Maximum Requests Tracked' field must contain an integer value.";
-...
     /* EAP settings input validation */
     function freeradius_validate_eap($post, &$input_errors) {
     	// Disable Weak EAP Types sanity check
     	if ($post['vareapconfdisableweakeaptypes'] == 'on') {
     		if (in_array($post['vareapconfdefaulteaptype'], array('md5', 'gtc'))) {
-...
     /* SQL settings input validation */
     function freeradius_validate_sql($post, &$input_errors) {
     	// SQL Server Address
     	if ($post['varsqlconfincludeenable'] == 'on') {
     		if (empty($post['varsqlconfserver'])) {
-...
+    }
     /* LDAP settings input validation */
     function freeradius_validate_ldap($post, &$input_errors) {
     	global $config;
     	// LDAP Server Address
     	if ($post['varmodulesldapenableauthorize'] == 'on') {
     		if (empty($post['varmodulesldapserver'])) {
-...
+    }
     function freeradius_plugin_certificates($pluginparams) {
     	global $config;
     	$result = array();
     	init_config_arr(array('installedpackages', 'freeradiuseapconf', 'config'));
     	$eapconf = $config['installedpackages']['freeradiuseapconf']['config'][0];
     	$eapconf = config_get_path('installedpackages/freeradiuseapconf/config/0', []);
     	if (($pluginparams['type'] == 'certificates') && !empty($eapconf)) {
     		if (($pluginparams['event'] == 'used_ca') && !empty($eapconf['ssl_ca_cert'])) {

« Previous
1
2
3
Next »

(3-3/3)

Project

General

Profile

pfSense » pfSense Packages

Regression #13628 » freeradius.patch