From 31584bacbf8659ad5706c329b11c3755102fa5f2 Mon Sep 17 00:00:00 2001
From: Guy Halse <guy@tenet.ac.za>
Date: Tue, 8 Aug 2017 10:56:06 +0200
Subject: [PATCH 1/2] Make the servdata YAML more complete

Extend the YAML output from the servdata command to include the two
missing pieces of data from the current model: proto and addr_type. The
latter is useful when one wants to provide the option for IPv6 support
in a RADIUS server that supports it.
---
 edumanage/management/commands/servdata.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/edumanage/management/commands/servdata.py b/edumanage/management/commands/servdata.py
index c2cb986f..fa4c7edf 100644
--- a/edumanage/management/commands/servdata.py
+++ b/edumanage/management/commands/servdata.py
@@ -74,6 +74,8 @@ def servdata():
         if srv.name:
             srv_dict['label'] = srv.name
         srv_dict['secret'] = srv.secret
+        srv_dict['addr_type'] = srv.addr_type
+        srv_dict['proto'] = srv.proto
         root['clients'].update({srv_id: srv_dict})
 
     servers = hosts.filter(ertype__in=[1,3])
@@ -92,6 +94,8 @@ def servdata():
             srv_dict['label'] = srv.name
         srv_dict['secret'] = srv.secret
         srv_dict['status_server'] = bool(srv.status_server)
+        srv_dict['addr_type'] = srv.addr_type
+        srv_dict['proto'] = srv.proto
         root['servers'].update({srv_id: srv_dict})
 
     if insts:

From 565e5fab4040c8303895d33703f59793a9d67d95 Mon Sep 17 00:00:00 2001
From: Guy Halse <guy@tenet.ac.za>
Date: Tue, 8 Aug 2017 11:05:24 +0200
Subject: [PATCH 2/2] Provide support for IPv6Only

If the addr_type is available in the YAML, we can extend this template
to correctly set the IPv4Only and IPv6Only options depending on the info
in the database.

This change introduces a backwards incompatibility - previously if the
addr_type was set to `any` this was interpreted as setting IPv4Only
---
 extras/radsecproxy.tpl | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/extras/radsecproxy.tpl b/extras/radsecproxy.tpl
index 0423a17c..18b8fa92 100644
--- a/extras/radsecproxy.tpl
+++ b/extras/radsecproxy.tpl
@@ -46,7 +46,11 @@ rewrite rewrite-${client}-sp {
 }
 client ${client} {
         host ${clients[client]['host']}
+% if clients[client]['addr_type'] == 'ipv4':
         IPv4Only on
+% elif clients[client]['addr_type'] == 'ipv6':
+        IPv6Only on
+% endif
         type udp
         secret ${clients[client]['secret'] | percent_escape}
         fticksVISCOUNTRY GR
@@ -82,7 +86,11 @@ rewrite rewrite-${srv}-idp {
 }
 server ${srv}${'-acct' if servers[srv]['rad_pkt_type'] == 'acct' else ''} {
         host ${servers[srv]['host']}
+% if servers[srv]['addr_type'] == 'ipv4':
         IPv4Only on
+% elif servers[srv]['addr_type'] == 'ipv6':
+        IPv6Only on
+% endif
         type udp
         port ${servers[srv]['auth_port'] if servers[srv]['rad_pkt_type'] in ('auth', 'auth+acct') else servers[srv]['acct_port']}
         secret ${servers[srv]['secret'] | percent_escape}