summaryrefslogtreecommitdiffstats
path: root/lib/libradius
diff options
context:
space:
mode:
authorru <ru@FreeBSD.org>2004-07-02 23:52:20 +0000
committerru <ru@FreeBSD.org>2004-07-02 23:52:20 +0000
commit01548ace1533487f9c0488f55112c9d8641f8184 (patch)
tree23294a96f715e1e5bc35c1029ec151c90ee95b96 /lib/libradius
parent47f5e31e2bb626743fa9e912918201fe505b1419 (diff)
downloadFreeBSD-src-01548ace1533487f9c0488f55112c9d8641f8184.zip
FreeBSD-src-01548ace1533487f9c0488f55112c9d8641f8184.tar.gz
Mechanically kill hard sentence breaks.
Diffstat (limited to 'lib/libradius')
-rw-r--r--lib/libradius/radius.conf.546
1 files changed, 31 insertions, 15 deletions
diff --git a/lib/libradius/radius.conf.5 b/lib/libradius/radius.conf.5
index d5ef42d..6fa5cd7 100644
--- a/lib/libradius/radius.conf.5
+++ b/lib/libradius/radius.conf.5
@@ -35,10 +35,12 @@
.Sh DESCRIPTION
.Nm
contains the information necessary to configure the RADIUS client
-library. It is parsed by
+library.
+It is parsed by
.Xr rad_config 3 .
The file contains one or more lines of text, each describing a
-single RADIUS server which will be used by the library. Leading
+single RADIUS server which will be used by the library.
+Leading
white space is ignored, as are empty lines and lines containing
only comments.
.Pp
@@ -57,13 +59,16 @@ Timeout
Retries
.El
.Pp
-The fields are separated by white space. The
+The fields are separated by white space.
+The
.Ql #
character at the beginning of a field begins a comment, which extends
-to the end of the line. A field may be enclosed in double quotes,
+to the end of the line.
+A field may be enclosed in double quotes,
in which case it may contain white space and/or begin with the
.Ql #
-character. Within a quoted string, the double quote character can
+character.
+Within a quoted string, the double quote character can
be represented by
.Ql \e\&" ,
and the backslash can be represented by
@@ -75,9 +80,12 @@ The first field gives the service type, either
.Ql auth
for RADIUS authentication or
.Ql acct
-for RADIUS accounting. If a single server provides both services, two
-lines are required in the file. Earlier versions of this file did
-not include a service type. For backward compatibility, if the first
+for RADIUS accounting.
+If a single server provides both services, two
+lines are required in the file.
+Earlier versions of this file did
+not include a service type.
+For backward compatibility, if the first
field is not
.Ql auth
or
@@ -89,9 +97,11 @@ were fields two through five.
.Pp
The second field specifies
the server host, either as a fully qualified domain name or as a
-dotted-quad IP address. The host may optionally be followed by a
+dotted-quad IP address.
+The host may optionally be followed by a
.Ql \&:
-and a numeric port number, without intervening white space. If the
+and a numeric port number, without intervening white space.
+If the
port specification is omitted, it defaults to the
.Ql radius
or
@@ -107,21 +117,27 @@ If no such entry is present, the standard ports 1812 and 1813 are
used.
.Pp
The third field contains the shared secret, which should be known
-only to the client and server hosts. It is an arbitrary string of
+only to the client and server hosts.
+It is an arbitrary string of
characters, though it must be enclosed in double quotes if it
-contains white space. The shared secret may be
+contains white space.
+The shared secret may be
any length, but the RADIUS protocol uses only the first 128
-characters. N.B., some popular RADIUS servers have bugs which
+characters.
+N.B., some popular RADIUS servers have bugs which
prevent them from working properly with secrets longer than 16
characters.
.Pp
The fourth field contains a decimal integer specifying the timeout in
-seconds for receiving a valid reply from the server. If this field
+seconds for receiving a valid reply from the server.
+If this field
is omitted, it defaults to 3 seconds.
.Pp
The fifth field contains a decimal integer specifying the maximum
number of attempts that will be made to authenticate with the server
-before giving up. If omitted, it defaults to 3 attempts. Note,
+before giving up.
+If omitted, it defaults to 3 attempts.
+Note,
this is the total number of attempts and not the number of retries.
.Pp
Up to 10 RADIUS servers may be specified for each service type.
OpenPOWER on IntegriCloud