Testing Round #12

最新推荐文章于 2022-07-23 15:40:25 发布
原创 最新推荐文章于 2022-07-23 15:40:25 发布 · 713 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#CF

本文深入探讨了三个核心问题:寻找特定区间内被整除的数字数量,餐厅订单的最大接受数量,以及序列中递增子序列的计数。通过优化算法和数据结构的应用,实现高效求解。对于每个问题,我们详细阐述了解决策略,包括状态转移方程的构建、树状数组与线段树的使用等关键步骤。
A. Divisibility

Find the number of k-divisible numbers on the segment [a, b]. In other words you need to find the number of such integer values x that a ≤ x ≤ b and x is divisible by k.

Input

The only line contains three space-separated integers k, a and b (1 ≤ k ≤ 1018; - 1018 ≤ a ≤ b ≤ 1018).

Output

Print the required number.

Sample test(s)
Input
1 1 10
Output
10
Input
2 -4 4
Output
5


题解: 简单水题

AC代码:

/* ***********************************************
Author        :xdlove
Created Time  :2015年11月12日 星期四 10时28分42秒
File Name     :xdlove/codeforces/Testing_Round_#12/A/A.cpp
************************************************ */

#pragma comment(linker, "/STACK:1024000000,1024000000")
#include <stdio.h>
#include <string.h>
#include <iostream>
#include <algorithm>
#include <memory.h>
#include <vector>
#include <queue>
#include <set>
#include <map>
#include <string>
#include <math.h>
#include <stdlib.h>
#include <time.h>

using namespace std;


#define REP_ab(i,a,b) for(int i = a; i <= b; i++)
#define REP(i, n) for(int i = 0; i < n; i++)
#define REP_1(i,n) for(int i = 1; i <= n; i++)
#define DEP(i,n) for(int i = n - 1; i >= 0; i--)
#define DEP_N(i,n) for(int i = n; i >= 1; i--)
#define CPY(A,B) memcpy(A,B,sizeof(B))
#define MEM(A) memset(A,0,sizeof(A))
#define MEM_1(A) memset(A,-1,sizeof(A))
#define MEM_INF(A) memset(A,0x3f,sizeof(A))
#define MEM_INFLL(A) memset(A,0x3f3f,sizeof(A))
#define mid (((l + r) >> 1))
#define lson l, mid, u << 1
#define rson mid + 1, r, u << 1 | 1
#define ls (u << 1)
#define rs (u << 1 | 1)


typedef long long ll;
typedef unsigned long long ull;
const int INF = 0x3f3f3f3f;
const ll INFLL = 0x3f3f3f3f3f3f3f3f;
const int MAXN = 1e5 + 5;
const int MAXM = MAXN;
const int mod = 1e9 + 7;


int main()
{
    //freopen("in.txt","r",stdin);
    //freopen("out.txt","w",stdout);
    ll k,a,b,ans = 0;
    cin>>k>>a>>b;
    if(a == b && a == 0) ans = 1;
    else 
    {
        if(b >= 0) 
        {
            ans += b / k;
            if(a > 0) ans -= (a - 1) / k;
            else ans += -a / k + 1;
        }
        else 
            ans += -a / k - (-b - 1) / k;
    }
    cout<<ans<<endl;
    return 0;
}


                   B. Restaurant

A restaurant received n orders for the rental. Each rental order reserve the restaurant for a continuous period of time, the i-th order is characterized by two time values — the start time li and the finish time ri (li ≤ ri).
Restaurant management can accept and reject orders. What is the maximal number of orders the restaurant can accept?
No two accepted orders can intersect, i.e. they can't share even a moment of time. If one order ends in the moment other starts, they can't be accepted both.
Input
The first line contains integer number n (1 ≤ n ≤ 5·105) — number of orders. The following n lines contain integer values li and ri each (1 ≤ li ≤ ri ≤ 109).
Output
Print the maximal number of orders that can be accepted.
Sample test(s)
Input
2
7 11
4 7

Output
1

Input
5
1 2
2 3
3 4
4 5
5 6

Output
3

Input
6
4 8
1 5
4 7
2 5
1 3
6 8

Output
2

题解: 简单水题

AC代码:

/* ***********************************************
Author        :xdlove
Created Time  :2015年11月12日 星期四 10时39分50秒
File Name     :xdlove/codeforces/Testing_Round_#12/B/B.cpp
************************************************ */

#pragma comment(linker, "/STACK:1024000000,1024000000")
#include <stdio.h>
#include <string.h>
#include <iostream>
#include <algorithm>
#include <memory.h>
#include <vector>
#include <queue>
#include <set>
#include <map>
#include <string>
#include <math.h>
#include <stdlib.h>
#include <time.h>

using namespace std;


#define REP_ab(i,a,b) for(int i = a; i <= b; i++)
#define REP(i, n) for(int i = 0; i < n; i++)
#define REP_1(i,n) for(int i = 1; i <= n; i++)
#define DEP(i,n) for(int i = n - 1; i >= 0; i--)
#define DEP_N(i,n) for(int i = n; i >= 1; i--)
#define CPY(A,B) memcpy(A,B,sizeof(B))
#define MEM(A) memset(A,0,sizeof(A))
#define MEM_1(A) memset(A,-1,sizeof(A))
#define MEM_INF(A) memset(A,0x3f,sizeof(A))
#define MEM_INFLL(A) memset(A,0x3f3f,sizeof(A))
#define mid (((l + r) >> 1))
#define lson l, mid, u << 1
#define rson mid + 1, r, u << 1 | 1
#define ls (u << 1)
#define rs (u << 1 | 1)


typedef long long ll;
typedef unsigned long long ull;
const int INF = 0x3f3f3f3f;
const ll INFLL = 0x3f3f3f3f3f3f3f3f;
const int MAXN = 5e5 + 5;
const int MAXM = MAXN;
const int mod = 1e9 + 7;

struct RE
{
    int l,r;
    void in()
    {
        scanf("%d %d",&l,&r);
    }
    bool operator < (const RE &a) const
    {
        return r < a.r;
    }
}p[MAXN];

int main()
{
    //freopen("in.txt","r",stdin);
    //freopen("out.txt","w",stdout);
    int n;
    cin>>n;
    REP(i,n) p[i].in();
    sort(p,p + n);
    int num = 1,pos = p[0].r;
    REP_1(i,n - 1)
    {
        if(p[i].l > pos)
        {
            num++;
            pos = p[i].r;
        }
    }
    cout<<num<<endl;
    return 0;
}

C. Subsequences

For the given sequence with n different elements find the number of increasing subsequences with k + 1 elements. It is guaranteed that the answer is not greater than 8·1018.
Input
First line contain two integer values n and k (1 ≤ n ≤ 105, 0 ≤ k ≤ 10) — the length of sequence and the number of elements in increasing subsequences.
Next n lines contains one integer ai (1 ≤ ai ≤ n) each — elements of sequence. All values ai are different.
Output
Print one integer — the answer to the problem.
Sample test(s)
Input
5 2
1
2
3
5
4

Output
7

题解:
       很好的一道用数据结构来优化DP的一道题,首先很容易想到DP的状态转移方程,以dp[i][j]表示前i个数以a[i]结尾的递增序列长度为j的方案数,则状态的转移方程就可以写为
 dp[i][j] += dp[x][j - 1],其中满足a[x]<a[i];这部分的处理如果不用数据结构优化,时间复杂度是n^2的,因为注意到我们是统计所有小于a[i]的DP值的和,所以可以利用树状数组或者
线段树优化;

AC代码:

/* ***********************************************
Author        :xdlove
Created Time  :2015年11月12日 星期四 10时49分32秒
File Name     :xdlove/codeforces/Testing_Round_#12/C/c.cpp
************************************************ */

#pragma comment(linker, "/STACK:1024000000,1024000000")
#include <stdio.h>
#include <string.h>
#include <iostream>
#include <algorithm>
#include <memory.h>
#include <vector>
#include <queue>
#include <set>
#include <map>
#include <string>
#include <math.h>
#include <stdlib.h>
#include <time.h>

using namespace std;


#define REP_ab(i,a,b) for(int i = a; i <= b; i++)
#define REP(i, n) for(int i = 0; i < n; i++)
#define REP_1(i,n) for(int i = 1; i <= n; i++)
#define DEP(i,n) for(int i = n - 1; i >= 0; i--)
#define DEP_N(i,n) for(int i = n; i >= 1; i--)
#define CPY(A,B) memcpy(A,B,sizeof(B))
#define MEM(A) memset(A,0,sizeof(A))
#define MEM_1(A) memset(A,-1,sizeof(A))
#define MEM_INF(A) memset(A,0x3f,sizeof(A))
#define MEM_INFLL(A) memset(A,0x3f3f,sizeof(A))
#define mid (((l + r) >> 1))
#define lson l, mid, u << 1
#define rson mid + 1, r, u << 1 | 1
#define ls (u << 1)
#define rs (u << 1 | 1)


typedef long long ll;
typedef unsigned long long ull;
const int INF = 0x3f3f3f3f;
const ll INFLL = 0x3f3f3f3f3f3f3f3f;
const int MAXN = 1e5 + 5;
const int MAXM = MAXN;
const int mod = 1e9 + 7;
int n,k;
ll dp[MAXN][20],val[20][MAXN];

int lowbit(int x)
{
    return x & -x;
}

void add(ll c,ll b[],int v)
{
    while(v <= n)
    {
        b[v] += c;
        v += lowbit(v);
    }
}

ll sum(ll b[],int v)
{
    ll s = 0;
    while(v > 0)
    {
        s += b[v];
        v -= lowbit(v);
    }
    return s;
}

int main()
{
    //freopen("in.txt","r",stdin);
    //freopen("out.txt","w",stdout);
    cin>>n>>k;
    k++;
    REP_1(i,n)
    {
        int x;
        scanf("%d",&x);
        dp[i][1] = 1;
        REP_1(j,k)
        {
            if(j > i) break;
            ll tp = sum(val[j - 1],x - 1);
            dp[i][j] += tp;
            add(dp[i][j],val[j],x);
        }
    }
    ll ans = 0;
    REP_1(i,n) ans += dp[i][k];
    cout<<ans<<endl;
    return 0;
}



【Codeforces Testing Round #2】 Codeforces 125E MST Company
YHaX的博客
12-07 871
MST+增量法
System Testing(Codeforces Round #543 (Div. 2, based on Technocup 2019 Final Round))D
caowenbo2311694605的博客
03-05 481
C. System Testing time limit per test 1 second memory limit per test 256 megabytes input standard input output standard output Vasya likes taking part in Codeforces contests. When a round is ...
Testing Round #12 C Subsequences
Yick_Liao的专栏
11-13 496
这场比赛叫做Testing Round,显然很水的。因为已经明确的知道这场比赛不计rating,我当然是没有做的。这是昨天凌晨的比赛,一个和我一起刷比赛的网友让我去看看这道题目。看到题目这么短,题意很明确,这就是我心目中的好题,我显然是开心的。题目连接:http://codeforces.com/contest/597/problem/C题目大意:给出一个N和K,1 ~ N的N个不同的数组成一个序列
Testing Round #12:C(dp+树状数组)
weixin_30787531的博客
12-24 83
dp[i][j]表示以i结尾,长度为j的序列个数 dp[i][j]=dp[k][j-1](k=0.1.....i-1) 用树状数组求和 要注意的一点就是在读入一个数的时候就进行update以及求和,这样保证其后的序列对其无影响。 具体看代码 #include"cstdio" #include"queue" #include"cmath" #include"stack" #in...
Testing Round #16 (Unrated)
C_Dreamy的博客
05-11 351
#include <bits/stdc++.h> #define rush() int T;cin>>T;while(T--) #define go(a) while(cin>>a) #define ms(a,b) memset(a,b,sizeof a) #define E 1e-8 using namespace std; typedef __int64 ll; const int idata=1e6+5; ll n,m,t,_; int i,j,k; int c.
Testing Round #12 597ABC题解
GKHack's Blog
11-15 927
题目链接: 点击打开链接 A: 给出k, a, b. 问你在[a, b]区间内有多少可以整除k的数. 脑洞题目, 计算此区间长度可以存放k的个数即可. AC代码: #include "iostream" #include "cstdio" #include "cstring" #include "algorithm" using namespace std; typedef lon
【Codeforces】Testing Round #12
11-12 724
【A. Divisibility】 【题目大意】输出[a,b]中能被k整除的数。【分析】……我没看到负数…… 代码:#include <cstdio> #include <algorithm> using namespace std;int main() { long long a,b,k; scanf("%I64d%I64d%I64d",&k,&a,&b); if
Codeforces 597 A. Divisibility 【Testing Round #12
weixin_33958366的博客
11-12 119
A. Divisibility time limit per test 1 second memory limit per test 256 megabytes input standard input output standard output Find the number ofk-divisible numb...
Codeforces Testing Round #12 B. Restaurant (贪心)
围巾的ACM博客
01-20 757
题解:题意:旅店的租房时间,有一个开始时间,一个结束时间,问最多能安排多少个旅客,两个时间段不能重叠,对结束时间排序,贪心就好了,第一段时间一定要选。代码#include<stdio.h> #include<math.h> #include<string.h> #include<stack> #include<queue> #include<vector> #include<iostream> #i
Codeforces Testing Round #12 B - Restaurant ( 贪心 )
qwesde
11-12 460
题目链接 题意:给出n个不相交的区间,求出不相交区间的最大个数 解答:先按照区间右断点排序,再按照区间左端点排序 #include<bits/stdc++.h> using namespace std; #define LL long long const int maxn=500002;struct node{ int l,r; bool operator<(const nod
Codeforces Testing Round #9
lost@hdu
01-21 928
题解
【材料测试实验室】 proficiency testing与内部round robin审计标准:Nadcap AC7101/14规范全实验室应用要求
09-15
内容概要:本文档为Nadcap发布的AC7101.14 Rev NA审计标准,适用于材料测试实验室的能力认证,重点规定了实验室在化学分析、机械测试、金属lography、硬度测试、紧固件测试等领域必须满足的 proficiency testing...
WSO2 Enterprise Service Bus (ESB) Performance Testing - Round 3
10-26
在"WSO2 Enterprise Service Bus (ESB) Performance Testing - Round 3"中,重点考察了WSO2 ESB与其他竞争对手——ServiceMix、Mule和OpenESB的性能对比。这些测试通常涉及吞吐量、响应时间和资源消耗等方面,以评估...
Codeforces Round #808 (Div. 2)C - Doremy‘s IQ
weixin_62765166的博客
07-23 479
Codeforces Round #808 (Div. 2)C - Doremy's IQ 逆着推IQ值就行,题目看懂题就出了
win10提示没有注册类,什么都打不开了
热门推荐
xdlove
12-17 2万+
@ 调出任务管理器,点击服务,右键点击任意一个服务,打开服务,找到user Manager开头的一个服务,设置成自动,注销,开机就可以了。
用Windows API 编写的简单贪吃蛇游戏
xdlove
12-06 4031
一、基础知识笔记           一种结构体,用于在控制台屏幕上定位一个字符的坐标。           应用程序中 的不同对象和同类中的不同的实例,增加了系统对引用对象的控制,句柄不是指针,但是功能类似指针。           SetConsoleCursorPosition(HANDLE Hout,COORD pos) ,定位光标的地址。           SetConso
2015年广东工业大学编译原理课设
xdlove
12-21 3893
一、PL/0编译程序的总流程图 二、扩充赋值运算:*=,/=
素数生成器
xdlove
06-04 3890
#!/usr/bin/python3 #coding=utf-8 __author__ = 'xdlove' '素数生成器' #奇数生成器(不包括1)生成的是一个无限序列 def odd_list(): n = 1 while True: n += 2 yield n #过滤因子--- def filter_not_prime(n):
###################################################################### # # Initial implementation of RADIUS over TLS (radsec) # ###################################################################### listen { ipaddr = 192.168.0.105 port = 2083 # # TCP and TLS sockets can accept Access-Request and # Accounting-Request on the same socket. # # auth = only Access-Request # acct = only Accounting-Request # auth+acct = both # type = auth+acct # For now, only TCP transport is allowed. proto = tcp # Send packets to the default virtual server virtual_server = default clients = radsec # # Connection limiting for sockets with "proto = tcp". # limit { # # Limit the number of simultaneous TCP connections to the socket # # The default is 16. # Setting this to 0 means "no limit" max_connections = 16 # The per-socket "max_requests" option does not exist. # # The lifetime, in seconds, of a TCP connection. After # this lifetime, the connection will be closed. # # Setting this to 0 means "forever". lifetime = 0 # # The idle timeout, in seconds, of a TCP connection. # If no packets have been received over the connection for # this time, the connection will be closed. # # Setting this to 0 means "no timeout". # # We STRONGLY RECOMMEND that you set an idle timeout. # idle_timeout = 30 } # This is *exactly* the same configuration as used by the EAP-TLS # module. It&#39;s OK for testing, but for production use it&#39;s a good # idea to use different server certificates for EAP and for RADIUS # transport. # # If you want only one TLS configuration for multiple sockets, # then we suggest putting "tls { ...}" into radiusd.conf. # The subsection below can then be changed into a reference: # # tls = ${tls} # # Which means "the tls sub-section is not here, but instead is in # the top-level section called &#39;tls&#39;". # # If you have multiple tls configurations, you can put them into # sub-sections of a top-level "tls" section. There&#39;s no need to # call them all "tls". You can then use: # # tls = ${tls.site1} # # to refer to the "site1" sub-section of the "tls" section. # tls { private_key_password = tplink private_key_file = /home/certificate/server_key.pem # If Private key & Certificate are located in # the same file, then private_key_file & # certificate_file must contain the same file # name. # # If ca_file (below) is not used, then the # certificate_file below MUST include not # only the server certificate, but ALSO all # of the CA certificates used to sign the # server certificate. certificate_file = /home/certificate/server_cert.pem # Trusted Root CA list # # ALL of the CA&#39;s in this list will be trusted # to issue client certificates for authentication. # # In general, you should use self-signed # certificates for 802.1x (EAP) authentication. # In that case, this CA file should contain # *one* CA certificate. # # This parameter is used only for EAP-TLS, # when you issue client certificates. If you do # not use client certificates, and you do not want # to permit EAP-TLS authentication, then delete # this configuration item. ca_file = /home/certificate/ca_cert.pem # # For DH cipher suites to work, you have to # run OpenSSL to create the DH file first: # # openssl dhparam -out certs/dh 1024 # dh_file = ${certdir}/dh # # If your system doesn&#39;t have /dev/urandom, # you will need to create this file, and # periodically change its contents. # # For security reasons, FreeRADIUS doesn&#39;t # write to files in its configuration # directory. # # random_file = /dev/urandom # # The default fragment size is 1K. # However, it&#39;s possible to send much more data than # that over a TCP connection. The upper limit is 64K. # Setting the fragment size to more than 1K means that # there are fewer round trips when setting up a TLS # connection. But only if the certificates are large. # fragment_size = 8192 # include_length is a flag which is # by default set to yes If set to # yes, Total Length of the message is # included in EVERY packet we send. # If set to no, Total Length of the # message is included ONLY in the # First packet of a fragment series. # # include_length = yes # Check the Certificate Revocation List # # 1) Copy CA certificates and CRLs to same directory. # 2) Execute &#39;c_rehash <CA certs&CRLs Directory>&#39;. # &#39;c_rehash&#39; is OpenSSL&#39;s command. # 3) uncomment the line below. # 5) Restart radiusd # check_crl = yes ca_path = ${cadir} # # If check_cert_issuer is set, the value will # be checked against the DN of the issuer in # the client certificate. If the values do not # match, the certificate verification will fail, # rejecting the user. # # In 2.1.10 and later, this check can be done # more generally by checking the value of the # TLS-Client-Cert-Issuer attribute. This check # can be done via any mechanism you choose. # # check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd" # # If check_cert_cn is set, the value will # be xlat&#39;ed and checked against the CN # in the client certificate. If the values # do not match, the certificate verification # will fail rejecting the user. # # This check is done only if the previous # "check_cert_issuer" is not set, or if # the check succeeds. # # In 2.1.10 and later, this check can be done # more generally by checking the value of the # TLS-Client-Cert-CN attribute. This check # can be done via any mechanism you choose. # # check_cert_cn = %{User-Name} # # Set this option to specify the allowed # TLS cipher suites. The format is listed # in "man 1 ciphers". cipher_list = "DEFAULT" # If enabled, OpenSSL will use server cipher list # (possibly defined by cipher_list option above) # for choosing right cipher suite rather than # using client-specified list which is OpenSSl default # behavior. Having it set to yes is a current best practice # for TLS cipher_server_preference = no # # Session resumption / fast reauthentication # cache. # # The cache contains the following information: # # session Id - unique identifier, managed by SSL # User-Name - from the Access-Accept # Stripped-User-Name - from the Access-Request # Cached-Session-Policy - from the Access-Accept # # The "Cached-Session-Policy" is the name of a # policy which should be applied to the cached # session. This policy can be used to assign # VLANs, IP addresses, etc. It serves as a useful # way to re-apply the policy from the original # Access-Accept to the subsequent Access-Accept # for the cached session. # # On session resumption, these attributes are # copied from the cache, and placed into the # reply list. # # You probably also want "use_tunneled_reply = yes" # when using fast session resumption. # cache { # # Enable it. The default is "no". # Deleting the entire "cache" subsection # Also disables caching. # # # As of version 3.0.13-4 (upstream 3.0.14), the session # cache requires the use of the "name" and # "persist_dir" configuration items, below. # # The internal OpenSSL session cache has been permanently # disabled. # # You can disallow resumption for a # particular user by adding the following # attribute to the control item list: # # Allow-Session-Resumption = No # # If "enable = no" below, you CANNOT # enable resumption for just one user # by setting the above attribute to "yes". # enable = no # # Lifetime of the cached entries, in hours. # The sessions will be deleted after this # time. # lifetime = 24 # hours # # Internal "name" of the session cache. # Used to distinguish which TLS context # sessions belong to. # # The server will generate a random value # if unset. This will change across server # restart so you MUST set the "name" if you # want to persist sessions (see below). # # If you use IPv6, change the "ipaddr" below # to "ipv6addr" # #name = "TLS ${..ipaddr} ${..port} ${..proto}" # # Simple directory-based storage of sessions. # Two files per session will be written, the SSL # state and the cached VPs. This will persist session # across server restarts. # # The server will need write perms, and the directory # should be secured from anyone else. You might want # a script to remove old files from here periodically: # # find ${logdir}/tlscache -mtime +2 -exec rm -f {} \; # # This feature REQUIRES "name" option be set above. # #persist_dir = "${logdir}/tlscache" } # # Require a client certificate. # require_client_cert = yes # # As of version 2.1.10, client certificates can be # validated via an external command. This allows # dynamic CRLs or OCSP to be used. # # This configuration is commented out in the # default configuration. Uncomment it, and configure # the correct paths below to enable it. # verify { # A temporary directory where the client # certificates are stored. This directory # MUST be owned by the UID of the server, # and MUST not be accessible by any other # users. When the server starts, it will do # "chmod go-rwx" on the directory, for # security reasons. The directory MUST # exist when the server starts. # # You should also delete all of the files # in the directory when the server starts. # tmpdir = /tmp/radiusd # The command used to verify the client cert. # We recommend using the OpenSSL command-line # tool. # # The ${..ca_path} text is a reference to # the ca_path variable defined above. # # The %{TLS-Client-Cert-Filename} is the name # of the temporary file containing the cert # in PEM format. This file is automatically # deleted by the server when the command # returns. # client = "/path/to/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}" } } } clients radsec { client 127.0.0.1 { ipaddr = 127.0.0.1 # # Ensure that this client is TLS *only*. # proto = tls # # TCP clients can have any shared secret. # # TLS clients MUST have the shared secret # set to "radsec". Or, for "proto = tls", # you can omit the secret, and it will # automatically be set to "radsec". # secret = radsec # # You can also use a "limit" section here. # See raddb/clients.conf for examples. # # Note that BOTH limits are applied. You # should therefore set the "listen" limits # higher than the ones for each individual # client. # } } home_server tls { ipaddr = 192.168.0.105 port = 2083 type = auth secret = radsec proto = tcp status_check = none tls { private_key_password = whatever private_key_file = ${certdir}/client.pem # If Private key & Certificate are located in # the same file, then private_key_file & # certificate_file must contain the same file # name. # # If ca_file (below) is not used, then the # certificate_file below MUST include not # only the server certificate, but ALSO all # of the CA certificates used to sign the # server certificate. certificate_file = ${certdir}/client.pem # Trusted Root CA list # # ALL of the CA&#39;s in this list will be trusted # to issue client certificates for authentication. # # In general, you should use self-signed # certificates for 802.1x (EAP) authentication. # In that case, this CA file should contain # *one* CA certificate. # # This parameter is used only for EAP-TLS, # when you issue client certificates. If you do # not use client certificates, and you do not want # to permit EAP-TLS authentication, then delete # this configuration item. ca_file = ${cadir}/ca.pem # # For TLS-PSK, the key should be specified # dynamically, instead of using a hard-coded # psk_identity and psk_hexphrase. # # The input to the dynamic expansion will be the PSK # identity supplied by the client, in the # TLS-PSK-Identity attribute. The output of the # expansion should be a hex string, of no more than # 512 characters. The string should not be prefixed # with "0x". e.g. "abcdef" is OK. "0xabcdef" is not. # # psk_query = "%{psksql:select hex(key) from psk_keys where keyid = &#39;%{TLS-PSK-Identity}&#39;}" # # For DH cipher suites to work, you have to # run OpenSSL to create the DH file first: # # openssl dhparam -out certs/dh 1024 # dh_file = ${certdir}/dh random_file = /dev/urandom # # The default fragment size is 1K. # However, TLS can send 64K of data at once. # It can be useful to set it higher. # fragment_size = 8192 # include_length is a flag which is # by default set to yes If set to # yes, Total Length of the message is # included in EVERY packet we send. # If set to no, Total Length of the # message is included ONLY in the # First packet of a fragment series. # # include_length = yes # Check the Certificate Revocation List # # 1) Copy CA certificates and CRLs to same directory. # 2) Execute &#39;c_rehash <CA certs&CRLs Directory>&#39;. # &#39;c_rehash&#39; is OpenSSL&#39;s command. # 3) uncomment the line below. # 5) Restart radiusd # check_crl = yes ca_path = ${cadir} # # If check_cert_issuer is set, the value will # be checked against the DN of the issuer in # the client certificate. If the values do not # match, the certificate verification will fail, # rejecting the user. # # In 2.1.10 and later, this check can be done # more generally by checking the value of the # TLS-Client-Cert-Issuer attribute. This check # can be done via any mechanism you choose. # # check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd" # # If check_cert_cn is set, the value will # be xlat&#39;ed and checked against the CN # in the client certificate. If the values # do not match, the certificate verification # will fail rejecting the user. # # This check is done only if the previous # "check_cert_issuer" is not set, or if # the check succeeds. # # In 2.1.10 and later, this check can be done # more generally by checking the value of the # TLS-Client-Cert-CN attribute. This check # can be done via any mechanism you choose. # # check_cert_cn = %{User-Name} # # Set this option to specify the allowed # TLS cipher suites. The format is listed # in "man 1 ciphers". cipher_list = "DEFAULT" } } home_server_pool tls { type = fail-over home_server = tls } realm tls { auth_pool = tls } centos目录/etc/raddb/sites-available/tls 的tls文件,详细解释每一个参数项的含义,可能需要填入什么参数。
最新发布
12-02
由于用户提供的配置内容非常长,我将按照配置文件的各个部分进行详细解释。主要分为以下几个部分:`listen`、`clients`、`home_server`、`home_server_pool`和`realm`。每个配置项的含义和可能的参数值都会进行说明...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值