From 8b8ef9536b134baba93a78e5e84c63240fccfc68 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@debian.org>
Date: Fri, 3 Feb 2012 14:09:23 -0500
Subject: [PATCH] chbind: sample virtual server

this is a sample channel binding virtual server for
draft-ietf-abfab-gss-eap.  It's not complete but is intended to be
sufficient to start testing.
---
 raddb/sites-available/chbind | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 raddb/sites-available/chbind

diff --git a/raddb/sites-available/chbind b/raddb/sites-available/chbind
new file mode 100644
index 0000000..4b07bd3
--- /dev/null
+++ b/raddb/sites-available/chbind
@@ -0,0 +1,19 @@
+server chbind{
+    authorize {
+	if (GSS-Acceptor-Service-Name && outer.request:GSS-Acceptor-Service-Name != GSS-Acceptor-Service-Name ) {
+	    reject
+	}
+	update reply {
+	    GSS-Acceptor-Service-NAME == "%{GSS-ACCEPTOR-SERVICE-Name}"
+	    GSS-ACCEPTOR-Host-Name == "%{GSS-Acceptor-Host-Name}"
+	    GSS-Acceptor-Realm-Name == "%{GSS-Acceptor-Realm-Name}"
+	}
+	if (GSS-Acceptor-Service-Name || GSS-Acceptor-Realm-Name || GSS-Acceptor-Host-Name) {
+	    update control {
+		Chbind-Response-Code := success
+	    }
+	}
+	handled
+    }
+}
+
-- 
2.1.4