-This is the very first experimental version of a generic RADIUS proxy
-that can support various RADIUS clients over UDP or TLS (RadSec).
+This is a revision from the radsecproxy 2.0 devel branch.
-It should build on most Linux platforms by simply typing "make".
-To use it you need to create three config files. These are the
-main config file "radsecproxy.conf" and server and client files
-"servers.conf" and "clients.conf". See the enclosed example files
-for further instructions.
+radsecproxy is a generic RADIUS proxy that can support various
+RADIUS clients over UDP or TLS (RadSec).
-The config files must be in either "/etc/radsecproxy" or the
-proxy's current work directory. You may alter the path near
-the top of radsecproxy.h if necessary.
+It should build on most Linux and BSD platforms by simply typing
+"make". You may also try to use autoconf. It is possible to
+specify which RADIUS transport the build should support. With
+just doing "make" one will support only UDP and TLS. See the
+Makefile for how to change this. With autoconf (configure) there
+will normally be support for all transport. You can use the
+configure options --enable-udp, --enable-tcp, --enable-tls and
+--enable-dtls where each of them may be set to yes or no to
+enable or disable them.
-For more information, feedback etc. contact <venaas@uninett.no>.
+To use it you need to create a config file which normally is
+called "/etc/radsecproxy.conf". You can also specify the location
+with the "-c" command line option (see below). For further
+instructions, please see the enclosed example file and the
+documentation at
+http://software.uninett.no/radsecproxy/?page=documentation
-Stig Venaas, 2007.01.08
+There are five options that may be specified on the command line.
+"-c configfile" to specify a non-default config file path;
+"-d loglevel" to set a loglevel of 1, 2, 3 or 4 where 4 is the most
+detailed; and "-f" to run the proxy in the foreground with logging
+to stderr. Without "-f" the default is to detach as a daemon and
+log to syslog. "-v" just prints version information and exits, while
+"-p" (pretend) makes the proxy go through the configuration files as
+normal, but stops before creating any sockets or doing any serious
+work. This is useful for validating config files.
+
+Thanks to Stefan Winter and Andreas Solberg for talking me into
+doing this, and the funding from GEANT2. Stefan as well as Kolbjørn
+Barmen, Ralf Paffrath and Maja Wolniewicz have helped with early
+testing of the code.
+
+Thanks for contributing code goes to Arne Schwabe, Maja Wolniewicz,
+and Simon Leinen.
+
+All of the above plus Milan Sova have provided good feedback on
+several implementation choices. Finally thanks to Hans Zandbelt
+for providing the autoconf stuff. I may have forgotten someone,
+let me know if you feel left out.
+
+For more information, feedback etc. please see the information
+at http://software.uninett.no/radsecproxy/
+
+Stig Venaas <venaas@uninett.no> -- 2009.07.22
projects / radsecproxy.git / blobdiff