# HG changeset patch
# User Sebastien Decugis <sdecugis@nict.go.jp>
# Date 1280311052 -32400
# Node ID 45d7725a915c2f0e8d1f3ee06515a4d674eb4159
# Parent  71cfef80a3ea389efc584b3f6df7f99bb1f1e15f
Prepared testbed configuration for app_diameap

diff -r 71cfef80a3ea -r 45d7725a915c conf/backend.eap.testbed.aaa/freeDiameter/CMakeFlags
--- a/conf/backend.eap.testbed.aaa/freeDiameter/CMakeFlags	Wed Jul 28 15:55:40 2010 +0900
+++ b/conf/backend.eap.testbed.aaa/freeDiameter/CMakeFlags	Wed Jul 28 18:57:32 2010 +0900
@@ -3,3 +3,8 @@
 -DBUILD_TESTING:BOOL=OFF 
 -DCMAKE_BUILD_TYPE:STRING=Debug 
 -DDEFAULT_CONF_PATH:PATH=/root/conf/freeDiameter
+-DBUILD_APP_DIAMEAP:BOOL=ON
+-DBUILD_EAP_IDENTITY:BOOL=ON
+-DBUILD_EAP_MD5:BOOL=ON
+-DBUILD_EAP_TLS:BOOL=ON
+
diff -r 71cfef80a3ea -r 45d7725a915c conf/backend.eap.testbed.aaa/freeDiameter/app_diameap.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/conf/backend.eap.testbed.aaa/freeDiameter/app_diameap.conf	Wed Jul 28 18:57:32 2010 +0900
@@ -0,0 +1,44 @@
+##### a sample Configuration file for DiamEAP
+
+# MySQL Database settings
+# Specify connection parameters for DiamEAP MySQL database:
+# - username and password to connect to the MySQL Server
+# - databaseserver : the MySQL server location. It can be the IP address or the host name where MySQL server is located. 'localhost' can be used as the location if the server is locatd in the same host than DiamEAP.
+# - database_name : the created database for DiamEAP.
+
+# Syntax :
+# DiamEAP_MySQL = "<username>" , "<password>" , "<databaseserver>" , "<database_name>";
+DiamEAP_MySQL = "diameap", "eapdiam", "localhost", "diameap";
+
+
+##### Extensible Authentication Protocol (EAP) Methods Plugins #####
+# An EAP method is identified by its EAP method name, EAP TYPE, VENDOR and path to its EAP Method Plugin.
+# Optionally, path to a configuration file of plugin can also be provided.
+# Location of plugins and their configuration files can be provided by the absolute pathor the relative path from the location configured in cmake.
+# An EAP Method Plugin can not be loaded twice. Only the first added method will be loaded.
+# Any EAP Method plugin with a same EAP_TYPE value than an already loaded one will be discarded.
+# EAP Methods are added in the same order they are added to the the configuration file.
+
+# Syntax :
+# Load_plugin = "<EAP method name>":EAP_TYPE:VENDOR:"<Path to EAP method >":"<Path to configuration file>";
+#
+# Example:
+# Load_plugin = "EAP MD5":4:0:"/extensions/eap_md5.emp":"";
+# Load_plugin = "EAP TLS":13:0;"/extensions/eap_tls.emp":"/doc/eap_tls_plugin.diameap.conf";
+
+Load_plugin = "EAP Identity":1:0:"/root/freeDiameter/extensions/eap_identity.emp":"";
+Load_plugin = "EAP md5":4:0:"/root/freeDiameter/extensions/eap_md5.emp":"";
+Load_plugin = "EAP TLS":13:0:"/root/freeDiameter/extensions/eap_tls.emp":"/root/conf/freeDiameter/eap_tls.conf";
+
+
+# In addition to authentication DiamEAP can be configured to check authorization of authenticated users. If set to 0 authorization is disabled, otherwise enabled.( by default disabled).
+Authorization = 1;
+
+# This parameter specify the maximum number of seconds provided to the access device for responding to an EAP request. (by default set to 30 seconds)
+#Multi_Round_Time_Out=30;
+
+# After receivin a number of invalid EAP packets, DiamEAP reject the authentication by responding with Failure Authentication.
+# The default value of maximum number of invalid EAP packets is set to 5 packets.
+# The value of maximum invalid EAP packets can be modified by adding a new value.
+#MAX_Invalid_EAP_Packets=5;
+
diff -r 71cfef80a3ea -r 45d7725a915c conf/backend.eap.testbed.aaa/freeDiameter/app_diameap.sql
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/conf/backend.eap.testbed.aaa/freeDiameter/app_diameap.sql	Wed Jul 28 18:57:32 2010 +0900
@@ -0,0 +1,52 @@
+# aptitude install mysql-server mysql-client libmysqlclient-dev
+# mysql -u root -p
+## create user diameap@localhost identified by 'eapdiam';
+## create database diameap;
+## GRANT ALL PRIVILEGES ON diameap.* TO diameap@localhost;
+## Bye
+# mysql -u diameap -p -D diameap < /root/conf/freeDiameter/app_diameap.sql
+
+CREATE TABLE `auth` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `grp` int(11) NOT NULL,
+  `attrib` char(255) NOT NULL,
+  `operator` char(255) NOT NULL,
+  `value` char(255) NOT NULL,
+  PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `authentication` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `grp` int(11) NOT NULL,
+  `attribute` set('Authorization-Lifetime','Auth-Grace-Period','Auth-Session-State','Re-Auth-Request-Type','Session-Timeout','Multi-Round-Time-Out','Acct-Interim-Interval') NOT NULL DEFAULT 'Authorization-Lifetime',
+  `operator` set('=','==') NOT NULL DEFAULT '=',
+  `value` char(255) NOT NULL,
+  PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `grp` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `grp_name` char(255) NOT NULL,
+  `active` set('Y','N') NOT NULL DEFAULT 'Y',
+  PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `user_grp` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `user` int(11) NOT NULL,
+  `grp` int(11) NOT NULL,
+  PRIMARY KEY (`id`)
+);
+
+CREATE TABLE `users` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `username` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
+  `eapmethod` tinyint(3) unsigned NOT NULL DEFAULT '0',
+  `vendor` int(11) NOT NULL DEFAULT '0',
+  `password` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL,
+  `active` enum('Y','N') CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL DEFAULT 'Y',
+  PRIMARY KEY (`id`)
+);
+
+INSERT INTO users (username, eapmethod) values ( 'client@eap.testbed.aaa', 13 );
+
diff -r 71cfef80a3ea -r 45d7725a915c conf/backend.eap.testbed.aaa/freeDiameter/eap_tls.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/conf/backend.eap.testbed.aaa/freeDiameter/eap_tls.conf	Wed Jul 28 18:57:32 2010 +0900
@@ -0,0 +1,14 @@
+#### a sample configuration file for EAP-TLS
+
+#Certificate and Private key files
+#Cred = "<Path to certificate>" : "<Path to private Key>";
+Cred = "/home/aaa/ca/ca_data/mgr.testbed.aaa/clients/server/cert.pem"
+                : "/home/aaa/ca/ca_data/mgr.testbed.aaa/clients/server/privkey.pem";
+
+#CA file
+#CA = "<Path to CA file>";
+CA = "/home/aaa/ca/ca_data/mgr.testbed.aaa/public/cacert.pem";
+
+#CRL file
+#CRL = "<Path to CRL file>";
+
diff -r 71cfef80a3ea -r 45d7725a915c conf/backend.eap.testbed.aaa/freeDiameter/freeDiameter.conf
--- a/conf/backend.eap.testbed.aaa/freeDiameter/freeDiameter.conf	Wed Jul 28 15:55:40 2010 +0900
+++ b/conf/backend.eap.testbed.aaa/freeDiameter/freeDiameter.conf	Wed Jul 28 18:57:32 2010 +0900
@@ -54,5 +54,9 @@
 LoadExtension = "/root/freeDiameter/extensions/dict_eap.fdx";
 LoadExtension = "/root/freeDiameter/extensions/app_acct.fdx"
 		: "/root/conf/freeDiameter/app_acct.conf";
+
+LoadExtension = "/root/freeDiameter/extensions/app_diameap.fdx"
+		: "/root/conf/freeDiameter/app_diameap.conf";
+
 ConnectPeer = "gw.eap.testbed.aaa" { No_TLS; };
 
diff -r 71cfef80a3ea -r 45d7725a915c conf/supauth.eap.testbed.aaa/wpasupplicant/wpa_supplicant.conf
--- a/conf/supauth.eap.testbed.aaa/wpasupplicant/wpa_supplicant.conf	Wed Jul 28 15:55:40 2010 +0900
+++ b/conf/supauth.eap.testbed.aaa/wpasupplicant/wpa_supplicant.conf	Wed Jul 28 18:57:32 2010 +0900
@@ -10,7 +10,7 @@
 #	password="himitsu"
 
 	eap=TLS
-	identity="client"
+	identity="client@eap.testbed.aaa"
 	ca_cert="/home/aaa/ca/ca_data/mgr.testbed.aaa/public/cacert.pem"
 	client_cert="/home/aaa/ca/ca_data/mgr.testbed.aaa/clients/client/cert.pem"
 	private_key="/home/aaa/ca/ca_data/mgr.testbed.aaa/clients/client/privkey.pem"