src/test/setup/radius-config/freeradius/mods-available/rest - cord-tester - Gitiles

 rest {
 	#
 	#  This subsection configures the tls related items
 	#  that control how FreeRADIUS connects to a HTTPS
 	#  server.
 	#
 	tls {
 #		ca_file	= ${certdir}/cacert.pem
 #		ca_path	= ${certdir}

 #		certificate_file	= /path/to/radius.crt
 #		private_key_file	= /path/to/radius.key
 #		private_key_password	= "supersecret"
 #		random_file		= ${certdir}/random

 		#  Server certificate verification requirements.  Can be:
 		#    "no"  (don't even bother trying)
 		#    "yes" (verify the cert was issued by one of the
 		#	   trusted CAs)
 		#
 		#  The default is "yes"
 #		check_cert     = "yes"

 		#  Server certificate CN verification requirements.  Can be:
 		#    "no"  (don't even bother trying)
 		#    "yes" (verify the CN in the certificate matches the host
 		#	   in the URI)
 		#
 		#  The default is "yes"
 #		check_cert_cn  = "yes"
 	}

 	# rlm_rest will open a connection to the server specified in connect_uri
 	# to populate the connection cache, ready for the first request.
 	# The server will not start if the server specified is unreachable.
 	#
 	# If you wish to disable this pre-caching and reachability check,
 	# comment out the configuration item below.
 	connect_uri = "http://127.0.0.1/"

 	#
 	#  The following config items can be used in each of the sections.
 	#  The sections themselves reflect the sections in the server.
 	#  For example if you list rest in the authorize section of a virtual server,
 	#  the settings from the authorize section here will be used.
 	#
 	#  The following config items may be listed in any of the sections:
 	#    uri          - to send the request to.
 	#    method       - HTTP method to use, one of 'get', 'post', 'put', 'delete'.
 	#    body         - The format of the HTTP body sent to the remote server.
 	#                   May be 'none', 'post' or 'json', defaults to 'none'.
 	#    tls          - TLS settings for HTTPS.
 	#    auth         - HTTP auth method to use, one of 'none', 'srp', 'basic',
 	#                   'digest', 'digest-ie', 'gss-negotiate', 'ntlm',
 	#                   'ntlm-winbind', 'any', 'safe'. defaults to 'none'.
 	#    username     - User to authenticate as, will be expanded.
 	#    password     - Password to use for authentication, will be expanded.
 	#    require_auth - Require HTTP authentication.
 	#    timeout      - HTTP request timeout in seconds, defaults to 4.
 	#
 	authorize {
 		uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=authorize"
 		method = "get"
 		tls = ${..tls}
 	}
 	authenticate {
 		uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=authenticate"
 		method = "get"
 		tls = ${..tls}
 	}
 	accounting {
 		uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=accounting"
 		method = "post"
 		tls = ${..tls}
 	}
 	session {
 		uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=checksimul"
 		method = "post"
 		tls = ${..tls}
 	}
 	post-auth {
 		uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=post-auth"
 		method = "post"
 		tls = ${..tls}
 	}

 	#
 	#  The connection pool is new for 3.0, and will be used in many
 	#  modules, for all kinds of connection-related activity.
 	#
 	pool {
 		# Number of connections to start
 		start = 5

 		# Minimum number of connections to keep open
 		min = 4

 		# Maximum number of connections
 		#
 		# If these connections are all in use and a new one
 		# is requested, the request will NOT get a connection.
 		max = 10

 		# Spare connections to be left idle
 		#
 		# NOTE: Idle connections WILL be closed if "idle_timeout"
 		# is set.
 		spare = 3

 		# Number of uses before the connection is closed
 		#
 		# 0 means "infinite"
 		uses = 0

 		# The lifetime (in seconds) of the connection
 		lifetime = 0

 		# idle timeout (in seconds).  A connection which is
 		# unused for this length of time will be closed.
 		idle_timeout = 60

 		# NOTE: All configuration settings are enforced.  If a
 		# connection is closed because of "idle_timeout",
 		# "uses", or "lifetime", then the total number of
 		# connections MAY fall below "min".  When that
 		# happens, it will open a new connection.  It will
 		# also log a WARNING message.
 		#
 		# The solution is to either lower the "min" connections,
 		# or increase lifetime/idle_timeout.
 	}
 }
	rest {
	#
	# This subsection configures the tls related items
	# that control how FreeRADIUS connects to a HTTPS
	# server.
	#
	tls {
	# ca_file = ${certdir}/cacert.pem
	# ca_path = ${certdir}

	# certificate_file = /path/to/radius.crt
	# private_key_file = /path/to/radius.key
	# private_key_password = "supersecret"
	# random_file = ${certdir}/random

	# Server certificate verification requirements. Can be:
	# "no" (don't even bother trying)
	# "yes" (verify the cert was issued by one of the
	# trusted CAs)
	#
	# The default is "yes"
	# check_cert = "yes"

	# Server certificate CN verification requirements. Can be:
	# "no" (don't even bother trying)
	# "yes" (verify the CN in the certificate matches the host
	# in the URI)
	#
	# The default is "yes"
	# check_cert_cn = "yes"
	}

	# rlm_rest will open a connection to the server specified in connect_uri
	# to populate the connection cache, ready for the first request.
	# The server will not start if the server specified is unreachable.
	#
	# If you wish to disable this pre-caching and reachability check,
	# comment out the configuration item below.
	connect_uri = "http://127.0.0.1/"

	#
	# The following config items can be used in each of the sections.
	# The sections themselves reflect the sections in the server.
	# For example if you list rest in the authorize section of a virtual server,
	# the settings from the authorize section here will be used.
	#
	# The following config items may be listed in any of the sections:
	# uri - to send the request to.
	# method - HTTP method to use, one of 'get', 'post', 'put', 'delete'.
	# body - The format of the HTTP body sent to the remote server.
	# May be 'none', 'post' or 'json', defaults to 'none'.
	# tls - TLS settings for HTTPS.
	# auth - HTTP auth method to use, one of 'none', 'srp', 'basic',
	# 'digest', 'digest-ie', 'gss-negotiate', 'ntlm',
	# 'ntlm-winbind', 'any', 'safe'. defaults to 'none'.
	# username - User to authenticate as, will be expanded.
	# password - Password to use for authentication, will be expanded.
	# require_auth - Require HTTP authentication.
	# timeout - HTTP request timeout in seconds, defaults to 4.
	#
	authorize {
	uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=authorize"
	method = "get"
	tls = ${..tls}
	}
	authenticate {
	uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=authenticate"
	method = "get"
	tls = ${..tls}
	}
	accounting {
	uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=accounting"
	method = "post"
	tls = ${..tls}
	}
	session {
	uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=checksimul"
	method = "post"
	tls = ${..tls}
	}
	post-auth {
	uri = "${..connect_uri}/user/%{User-Name}/mac/%{Called-Station-ID}?section=post-auth"
	method = "post"
	tls = ${..tls}
	}

	#
	# The connection pool is new for 3.0, and will be used in many
	# modules, for all kinds of connection-related activity.
	#
	pool {
	# Number of connections to start
	start = 5

	# Minimum number of connections to keep open
	min = 4

	# Maximum number of connections
	#
	# If these connections are all in use and a new one
	# is requested, the request will NOT get a connection.
	max = 10

	# Spare connections to be left idle
	#
	# NOTE: Idle connections WILL be closed if "idle_timeout"
	# is set.
	spare = 3

	# Number of uses before the connection is closed
	#
	# 0 means "infinite"
	uses = 0

	# The lifetime (in seconds) of the connection
	lifetime = 0

	# idle timeout (in seconds). A connection which is
	# unused for this length of time will be closed.
	idle_timeout = 60

	# NOTE: All configuration settings are enforced. If a
	# connection is closed because of "idle_timeout",
	# "uses", or "lifetime", then the total number of
	# connections MAY fall below "min". When that
	# happens, it will open a new connection. It will
	# also log a WARNING message.
	#
	# The solution is to either lower the "min" connections,
	# or increase lifetime/idle_timeout.
	}
	}