radius: Make secret actually configurable

netauth · Jan 21, 2023 · 6017a9b · 6017a9b
1 parent 2954efb
commit 6017a9b
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 2 deletions.
diff --git a/main.go b/main.go
@@ -56,7 +56,11 @@ func main() {
 	}
 	nacl.SetServiceName("netradius")
 
-	srvr, err := radius.New(radius.WithLogger(appLogger), radius.WithNetAuth(nacl))
+	srvr, err := radius.New(
+		radius.WithLogger(appLogger),
+		radius.WithNetAuth(nacl),
+		radius.WithSecret(os.Getenv("NETAUTH_RADIUS_SECRET")),
+	)
 	if err != nil {
 		appLogger.Error("Error initializing", "error", err)
 		os.Exit(1)

diff --git a/radius/option.go b/radius/option.go
@@ -19,3 +19,11 @@ func WithNetAuth(n netauth) Option {
 		return nil
 	}
 }
+
+// WithSecret sets the RADIUS secret for the server.
+func WithSecret(scrt string) Option {
+	return func(s *Server) error {
+		s.secret = scrt
+		return nil
+	}
+}
diff --git a/radius/server.go b/radius/server.go
@@ -42,7 +42,7 @@ func (s *Server) handler(w radius.ResponseWriter, r *radius.Request) {
 func (s *Server) Serve() error {
 	server := radius.PacketServer{
 		Handler:      radius.HandlerFunc(s.handler),
-		SecretSource: radius.StaticSecretSource([]byte("secret")),
+		SecretSource: radius.StaticSecretSource([]byte(s.secret)),
 	}
 	s.radsrv = server
 

diff --git a/radius/type.go b/radius/type.go
@@ -13,6 +13,8 @@ type Server struct {
 	n   netauth
 
 	radsrv radius.PacketServer
+
+	secret string
 }
 
 // Option enables passing of various options to the server on startup.