From: Sam Hartman <hartmans@debian.org>
Date: Fri, 3 Feb 2012 19:09:23 +0000 (-0500)
Subject: chbind: sample virtual server
X-Git-Tag: debian/3.0.0.rc0+git+moonshot1-6~57
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=8b8ef9536b134baba93a78e5e84c63240fccfc68;p=freeradius.git

chbind: sample virtual server

this is a sample channel binding virtual server for
draft-ietf-abfab-gss-eap.  It's not complete but is intended to be
sufficient to start testing.
---

diff --git a/raddb/sites-available/chbind b/raddb/sites-available/chbind
new file mode 100644
index 0000000..4b07bd3
--- /dev/null
+++ b/raddb/sites-available/chbind
@@ -0,0 +1,19 @@
+server chbind{
+    authorize {
+	if (GSS-Acceptor-Service-Name && outer.request:GSS-Acceptor-Service-Name != GSS-Acceptor-Service-Name ) {
+	    reject
+	}
+	update reply {
+	    GSS-Acceptor-Service-NAME == "%{GSS-ACCEPTOR-SERVICE-Name}"
+	    GSS-ACCEPTOR-Host-Name == "%{GSS-Acceptor-Host-Name}"
+	    GSS-Acceptor-Realm-Name == "%{GSS-Acceptor-Realm-Name}"
+	}
+	if (GSS-Acceptor-Service-Name || GSS-Acceptor-Realm-Name || GSS-Acceptor-Host-Name) {
+	    update control {
+		Chbind-Response-Code := success
+	    }
+	}
+	handled
+    }
+}
+