Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
puppet-freeradius
Commits
546e99db
Unverified
Commit
546e99db
authored
Mar 30, 2019
by
Jonathan
Committed by
GitHub
Mar 30, 2019
Browse files
Merge pull request #119 from OlivierLM/PrepareBuster
Next version of Debian is 10
parents
39cddccc
9cdadc08
Changes
3
Hide whitespace changes
Inline
Side-by-side
manifests/module/eap.pp
View file @
546e99db
...
...
@@ -36,6 +36,8 @@ define freeradius::module::eap (
Optional
[
String
]
$tls_check_cert_cn
=
undef
,
String
$tls_cipher_list
=
'DEFAULT'
,
Optional
[
Freeradius
::
Boolean
]
$tls_disable_tlsv1_2
=
undef
,
Optional
[
String
]
$tls_min_version
=
undef
,
Optional
[
String
]
$tls_max_version
=
undef
,
String
$tls_ecdh_curve
=
'prime256v1'
,
Freeradius
::
Boolean
$tls_cache_enable
=
'yes'
,
Integer
$tls_cache_lifetime
=
24
,
...
...
manifests/params.pp
View file @
546e99db
...
...
@@ -86,14 +86,18 @@ class freeradius::params {
}
'Debian'
:
{
$fr_basepath = $::operatingsystemmajrelease ? {
'9' => '/etc/freeradius/3.0',
'18.04' => '/etc/freeradius/3.0',
default => '/etc/freeradius',
'9' => '/etc/freeradius/3.0',
'10' => '/etc/freeradius/3.0',
'buster/sid' => '/etc/freeradius/3.0',
'18.04' => '/etc/freeradius/3.0',
default => '/etc/freeradius',
}
$f
r_raddbdir
=
$::
operatingsystemmajrelease
?
{
'9' => "\${sysconfdir}
/
freeradius
/
3.0
"
,
'18.04'
=>
"
\$
{sysconfdir}
/
freeradius
/
3.0
"
,
default
=>
"
\$
{sysconfdir}
/
freeradius
"
,
'9' => "\${sysconfdir}
/
freeradius
/
3.0
"
,
'10'
=>
'\${sysconfdir}/freeradius/3.0'
,
'buster/sid'
=>
'\${sysconfdir}/freeradius/3.0'
,
'18.04'
=>
"
\$
{sysconfdir}
/
freeradius
/
3.0
"
,
default
=>
"
\$
{sysconfdir}
/
freeradius
"
,
}
}
default
:
{
...
...
templates/eap.erb
View file @
546e99db
...
...
@@ -381,7 +381,27 @@ eap {
disable_tlsv1_2 =
<%=
@tls_disable_tlsv1_2
%>
<%-
end
-%>
<%-
if
@tls_min_version
or
@tls_max_version
-%>
# Set min / max TLS version. Mainly for Debian
# "trusty", which disables older versions of TLS, and
# requires the application to manually enable them.
#
# If you are running Debian trusty, you should set
# these options, otherwise older clients will not be
# able to connect.
#
# Allowed values are "1.0", "1.1", and "1.2".
#
# The values must be in quotes.
#
<%-
end
-%>
<%-
if
@tls_min_version
-%>
tls_min_version = "
<%=
@tls_min_version
-%>
"
<%-
end
-%>
<%-
if
@tls_max_version
-%>
tls_max_version = "
<%=
@tls_max_version
-%>
"
<%-
end
-%>
#
# Elliptical cryptography configuration
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment