76 lines
3 KiB
Text
76 lines
3 KiB
Text
# -*- text -*-
|
|
#
|
|
# dhcp/postgresql/queries.conf -- PostgreSQL configuration for DHCP schema (schema.sql)
|
|
#
|
|
# $Id: 14ca79a2432c60e658df0334963c42caadbc361c $
|
|
|
|
# Use the driver specific SQL escape method.
|
|
#
|
|
# If you enable this configuration item, the "safe_characters"
|
|
# configuration is ignored. FreeRADIUS then uses the PostgreSQL escape
|
|
# functions to escape input strings. The only downside to making this
|
|
# change is that the PostgreSQL escaping method is not the same the one
|
|
# used by FreeRADIUS. So characters which are NOT in the
|
|
# "safe_characters" list will now be stored differently in the database.
|
|
#
|
|
#auto_escape = yes
|
|
|
|
# Safe characters list for sql queries. Everything else is replaced
|
|
# with their mime-encoded equivalents.
|
|
# The default list should be ok
|
|
# Using 'auto_escape' is preferred
|
|
# safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
|
|
|
|
#######################################################################
|
|
# Query config: Identifier
|
|
#######################################################################
|
|
# This is the identifier that will get substituted, escaped, and added
|
|
# as attribute 'SQL-User-Name'. '%{SQL-User-Name}' should be used
|
|
# below everywhere an identifier substitution is needed so you you can
|
|
# be sure the identifier passed from the client is escaped properly.
|
|
#
|
|
sql_user_name = "%{control:DHCP-SQL-Option-Identifier}"
|
|
|
|
#######################################################################
|
|
# Open Query
|
|
#######################################################################
|
|
# This query is run whenever a new connection is opened.
|
|
# It is commented out by default.
|
|
#
|
|
# If you have issues with connections hanging for too long, uncomment
|
|
# the next line, and set the timeout in milliseconds. As a general
|
|
# rule, if the queries take longer than a second, something is wrong
|
|
# with the database.
|
|
#open_query = "set statement_timeout to 1000"
|
|
|
|
#######################################################################
|
|
# Attribute Lookup Queries
|
|
#######################################################################
|
|
# These queries setup the reply items in ${dhcpreply_table} and
|
|
# ${group_reply_query}. You can use any query/tables you want, but
|
|
# the return data for each row MUST be in the following order:
|
|
#
|
|
# 0. Row ID (currently unused)
|
|
# 1. Identifier
|
|
# 2. Item Attr Name
|
|
# 3. Item Attr Value
|
|
# 4. Item Attr Operation
|
|
#######################################################################
|
|
|
|
authorize_reply_query = "\
|
|
SELECT id, Identifier, Attribute, Value, Op \
|
|
FROM ${dhcpreply_table} \
|
|
WHERE Identifier = '%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
|
|
ORDER BY id"
|
|
|
|
authorize_group_reply_query = "\
|
|
SELECT id, GroupName, Attribute, Value, op \
|
|
FROM ${groupreply_table} \
|
|
WHERE GroupName = '%{${group_attribute}}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
|
|
ORDER BY id"
|
|
|
|
group_membership_query = "\
|
|
SELECT GroupName \
|
|
FROM ${dhcpgroup_table} \
|
|
WHERE Identifier='%{SQL-User-Name}' AND Context = '%{control:DHCP-SQL-Option-Context}' \
|
|
ORDER BY priority"
|