Unverified Commit 546e99db authored by Jonathan's avatar Jonathan Committed by GitHub
Browse files

Merge pull request #119 from OlivierLM/PrepareBuster

Next version of Debian is 10
parents 39cddccc 9cdadc08
Loading
Loading
Loading
Loading
+2 −0
Original line number Diff line number Diff line
@@ -36,6 +36,8 @@ define freeradius::module::eap (
  Optional[String] $tls_check_cert_cn                               = undef,
  String $tls_cipher_list                                           = 'DEFAULT',
  Optional[Freeradius::Boolean] $tls_disable_tlsv1_2                = undef,
  Optional[String] $tls_min_version                                 = undef,
  Optional[String] $tls_max_version                                 = undef,
  String $tls_ecdh_curve                                            = 'prime256v1',
  Freeradius::Boolean $tls_cache_enable                             = 'yes',
  Integer $tls_cache_lifetime                                       = 24,
+10 −6
Original line number Diff line number Diff line
@@ -87,11 +87,15 @@ class freeradius::params {
    'Debian': {
      $fr_basepath = $::operatingsystemmajrelease ? {
        '9'          => '/etc/freeradius/3.0',
        '10'         => '/etc/freeradius/3.0',
        'buster/sid' => '/etc/freeradius/3.0',
        '18.04'      => '/etc/freeradius/3.0',
        default      => '/etc/freeradius',
      }
      $fr_raddbdir = $::operatingsystemmajrelease ? {
        '9'          => "\${sysconfdir}/freeradius/3.0",
        '10'         => '\${sysconfdir}/freeradius/3.0',
        'buster/sid' => '\${sysconfdir}/freeradius/3.0',
        '18.04'      => "\${sysconfdir}/freeradius/3.0",
        default      => "\${sysconfdir}/freeradius",
      }
+20 −0
Original line number Diff line number Diff line
@@ -381,7 +381,27 @@ eap {
    disable_tlsv1_2 = <%= @tls_disable_tlsv1_2 %>
<%- end -%>

<%- if @tls_min_version or @tls_max_version -%>
    #  Set min / max TLS version.  Mainly for Debian
    #  "trusty", which disables older versions of TLS, and
    #  requires the application to manually enable them.
    #
    #  If you are running Debian trusty, you should set
    #  these options, otherwise older clients will not be
    #  able to connect.
    #
    #  Allowed values are "1.0", "1.1", and "1.2".
    #
    #  The values must be in quotes.
    #
<%- end -%>

<%- if @tls_min_version -%>
    tls_min_version = "<%= @tls_min_version -%>"
<%- end -%>
<%- if @tls_max_version -%>
    tls_max_version = "<%= @tls_max_version -%>"
<%- end -%>

    #
    #  Elliptical cryptography configuration