-This is a revision from the radsecproxy 1.2 devel branch.
+This is unreleased radsecproxy 2.0-alpha.
-radsecproxy is a generic RADIUS proxy that can support various
-RADIUS clients over UDP or TLS (RadSec).
+radsecproxy is a generic RADIUS proxy that supports both UDP and TLS
+(RadSec) RADIUS transports. There is also experimental support for
+TCP and DTLS.
It should build on most Linux and BSD platforms by simply typing
-"make". You may also try to use autoconf, but this is currently
-unsupported.
-
-To use it you need to create a config file which normally is
-called "/etc/radsecproxy.conf". If this is not found, the
-proxy will look for radsecproxy.conf in the current directory.
-You can also specify the location with the "-c" command line
-option (see below). For further instructions, please see the
-enclosed example file and the documentation at
+"./configure && make". It is possible to specify which RADIUS
+transport the build should support. Without any special options to
+configure, all transports supported by the system will be enabled.
+See the output from "configure --help" for how to change this.
+
+Known build issues:
+- Older BSD's (like NetBSD 4.x) need newer OpenSSL in order to support
+ DTLS. Workaround: ./configure --disable-dtls.
+- FreeBSD 6.x needs newer OpenSSL to build at all.
+
+To use radsecproxy you need to create a config file which normally is
+called "/etc/radsecproxy.conf". You can also specify the location
+with the "-c" command line option (see below). For further
+instructions, please see the enclosed example file and the
+documentation at
http://software.uninett.no/radsecproxy/?page=documentation
-There are five options that may be specified on the command line.
-"-c configfile" to specify a non-default config file path;
-"-d loglevel" to set a loglevel of 1, 2, 3 or 4 where 4 is the most
-detailed; and "-f" to run the proxy in the foreground with logging
-to stderr. Without "-f" the default is to detach as a daemon and
-log to syslog. "-v" just prints version information and exits, while
+There are five options that may be specified on the command line:
+"-c configfile" to specify a non-default config file path.
+"-d loglevel" to set a loglevel of 1, 2, 3, 4 and 5 where 5 is the
+ most detailed.
+"-f" to run the proxy in the foreground with logging to stderr.
+ Without "-f" the default is to detach as a daemon and log to
+ syslog.
+"-v" just prints version information and exits.
"-p" (pretend) makes the proxy go through the configuration files as
-normal, but stops before creating any sockets or doing any serious
-work. This is useful for validating config files.
-
-Thanks to Stefan Winter and Andreas Solberg for talking me into
-doing this, and the funding from GEANT2. Stefan as well as Kolbjørn
-Barmen, Ralf Paffrath and Maja Wolniewicz have helped with early
-testing of the code.
-
-All of the above plus Milan Sova have provided good feedback on
-several implementation choices. Finally thanks to Hans Zandbelt
-for providing the autoconf stuff. I may have forgotten someone,
-let me know if you feel left out.
-
-For more information, feedback etc. please see the information
-at http://software.uninett.no/radsecproxy/
-
-Stig Venaas <venaas@uninett.no> -- 2007.12.27
+ normal, but stops before creating any sockets or doing any
+ serious work. This is useful for validating config files.
projects / radsecproxy.git / blobdiff