2 * radclient.c General radius packet debug tool.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2000,2006 The FreeRADIUS server project
21 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
22 * Copyright 2000 Alan DeKok <aland@ox.org>
27 #include <freeradius-devel/libradius.h>
28 #include <freeradius-devel/conf.h>
29 #include <freeradius-devel/radpaths.h>
39 typedef struct REQUEST REQUEST; /* to shut up warnings about mschap.h */
44 static int success = 0;
45 static int retries = 3;
46 static float timeout = 5;
47 static char const *secret = NULL;
48 static int do_output = 1;
49 static int totalapp = 0;
50 static int totaldeny = 0;
51 static int totallost = 0;
53 static int server_port = 0;
54 static int packet_code = 0;
55 static fr_ipaddr_t server_ipaddr;
56 static int resend_count = 1;
58 static int print_filename = 0;
60 static fr_ipaddr_t client_ipaddr;
61 static int client_port = 0;
64 static int last_used_id = -1;
67 char const *proto = NULL;
69 static int ipproto = IPPROTO_UDP;
71 static rbtree_t *filename_tree = NULL;
72 static fr_packet_list_t *pl = NULL;
74 static int sleep_time = -1;
76 typedef struct radclient_t {
77 struct radclient_t *prev;
78 struct radclient_t *next;
81 int packet_number; /* in the file */
84 RADIUS_PACKET *request;
91 static radclient_t *radclient_head = NULL;
92 static radclient_t *radclient_tail = NULL;
94 char const *radclient_version = "radclient version " RADIUSD_VERSION_STRING
95 #ifdef RADIUSD_VERSION_COMMIT
96 " (git #" STRINGIFY(RADIUSD_VERSION_COMMIT) ")"
98 ", built on " __DATE__ " at " __TIME__;
100 static void NEVER_RETURNS usage(void)
102 fprintf(stderr, "Usage: radclient [options] server[:port] <command> [<secret>]\n");
104 fprintf(stderr, " <command> One of auth, acct, status, coa, or disconnect.\n");
105 fprintf(stderr, " -c <count> Send each packet 'count' times.\n");
106 fprintf(stderr, " -d <raddb> Set user dictionary directory (defaults to " RADDBDIR ").\n");
107 fprintf(stderr, " -D <dictdir> Set main dictionary directory (defaults to " DICTDIR ").\n");
108 fprintf(stderr, " -f <file> Read packets from file, not stdin.\n");
109 fprintf(stderr, " -F Print the file name, packet number and reply code.\n");
110 fprintf(stderr, " -h Print usage help information.\n");
111 fprintf(stderr, " -i <id> Set request id to 'id'. Values may be 0..255\n");
112 fprintf(stderr, " -n <num> Send N requests/s\n");
113 fprintf(stderr, " -p <num> Send 'num' packets from a file in parallel.\n");
114 fprintf(stderr, " -q Do not print anything out.\n");
115 fprintf(stderr, " -r <retries> If timeout, retry sending the packet 'retries' times.\n");
116 fprintf(stderr, " -s Print out summary information of auth results.\n");
117 fprintf(stderr, " -S <file> read secret from file, not command line.\n");
118 fprintf(stderr, " -t <timeout> Wait 'timeout' seconds before retrying (may be a floating point number).\n");
119 fprintf(stderr, " -v Show program version information.\n");
120 fprintf(stderr, " -x Debugging mode.\n");
121 fprintf(stderr, " -4 Use IPv4 address of server\n");
122 fprintf(stderr, " -6 Use IPv6 address of server.\n");
124 fprintf(stderr, " -P <proto> Use proto (tcp or udp) for transport.\n");
131 * Free a radclient struct, which may (or may not)
132 * already be in the list.
134 static void radclient_free(radclient_t *radclient)
136 radclient_t *prev, *next;
138 if (radclient->request) rad_free(&radclient->request);
139 if (radclient->reply) rad_free(&radclient->reply);
141 prev = radclient->prev;
142 next = radclient->next;
145 assert(radclient_head != radclient);
147 } else if (radclient_head) {
148 assert(radclient_head == radclient);
149 radclient_head = next;
153 assert(radclient_tail != radclient);
155 } else if (radclient_tail) {
156 assert(radclient_tail == radclient);
157 radclient_tail = prev;
163 static int mschapv1_encode(RADIUS_PACKET *packet, VALUE_PAIR **request,
164 char const *password)
168 VALUE_PAIR *challenge, *response;
171 challenge = paircreate(packet, PW_MSCHAP_CHALLENGE, VENDORPEC_MICROSOFT);
176 pairadd(request, challenge);
177 challenge->length = 8;
178 challenge->vp_octets = p = talloc_array(challenge, uint8_t, challenge->length);
179 for (i = 0; i < challenge->length; i++) {
183 response = paircreate(packet, PW_MSCHAP_RESPONSE, VENDORPEC_MICROSOFT);
188 pairadd(request, response);
189 response->length = 50;
190 response->vp_octets = p = talloc_array(response, uint8_t, response->length);
191 memset(p, 0, response->length);
193 p[1] = 0x01; /* NT hash */
195 if (mschap_ntpwdhash(nthash, password) < 0) {
199 smbdes_mschap(nthash, challenge->vp_octets, p + 26);
205 * Initialize a radclient data structure and add it to
206 * the global linked list.
208 static int radclient_init(char const *filename)
213 radclient_t *radclient;
215 int packet_number = 1;
217 assert(filename != NULL);
220 * Determine where to read the VP's from.
222 if (strcmp(filename, "-") != 0) {
223 fp = fopen(filename, "r");
225 fprintf(stderr, "radclient: Error opening %s: %s\n",
226 filename, fr_syserror(errno));
234 * Loop until the file is done.
240 radclient = malloc(sizeof(*radclient));
244 memset(radclient, 0, sizeof(*radclient));
246 radclient->request = rad_alloc(NULL, 1);
247 if (!radclient->request) {
252 radclient->request->src_ipaddr = client_ipaddr;
253 radclient->request->src_port = client_port;
254 radclient->request->dst_ipaddr = server_ipaddr;
255 radclient->request->dst_port = server_port;
258 radclient->filename = filename;
259 radclient->request->id = -1; /* allocate when sending */
260 radclient->packet_number = packet_number++;
265 radclient->request->vps = readvp2(NULL, fp, &filedone, "radclient:");
266 if (!radclient->request->vps) {
267 rad_free(&radclient->request);
269 if (fp != stdin) fclose(fp);
274 * Keep a copy of the the User-Password attribute.
276 if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0, TAG_ANY)) != NULL) {
277 strlcpy(radclient->password, vp->vp_strvalue,
278 sizeof(radclient->password));
280 * Otherwise keep a copy of the CHAP-Password attribute.
282 } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0, TAG_ANY)) != NULL) {
283 strlcpy(radclient->password, vp->vp_strvalue,
284 sizeof(radclient->password));
286 } else if ((vp = pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0, TAG_ANY)) != NULL) {
287 strlcpy(radclient->password, vp->vp_strvalue,
288 sizeof(radclient->password));
290 radclient->password[0] = '\0';
294 * Fix up Digest-Attributes issues
296 for (vp = paircursor(&cursor, &radclient->request->vps);
298 vp = pairnext(&cursor)) {
300 * Double quoted strings get marked up as xlat expansions,
301 * but we don't support that in radclient.
303 if (vp->type == VT_XLAT) {
304 vp->vp_strvalue = vp->value.xlat;
305 vp->value.xlat = NULL;
309 if (!vp->da->vendor) switch (vp->da->attr) {
314 * Allow it to set the packet type in
315 * the attributes read from the file.
318 radclient->request->code = vp->vp_integer;
321 case PW_PACKET_DST_PORT:
322 radclient->request->dst_port = (vp->vp_integer & 0xffff);
325 case PW_PACKET_DST_IP_ADDRESS:
326 radclient->request->dst_ipaddr.af = AF_INET;
327 radclient->request->dst_ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
330 case PW_PACKET_DST_IPV6_ADDRESS:
331 radclient->request->dst_ipaddr.af = AF_INET6;
332 radclient->request->dst_ipaddr.ipaddr.ip6addr = vp->vp_ipv6addr;
335 case PW_PACKET_SRC_PORT:
336 radclient->request->src_port = (vp->vp_integer & 0xffff);
339 case PW_PACKET_SRC_IP_ADDRESS:
340 radclient->request->src_ipaddr.af = AF_INET;
341 radclient->request->src_ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
344 case PW_PACKET_SRC_IPV6_ADDRESS:
345 radclient->request->src_ipaddr.af = AF_INET6;
346 radclient->request->src_ipaddr.ipaddr.ip6addr = vp->vp_ipv6addr;
349 case PW_DIGEST_REALM:
350 case PW_DIGEST_NONCE:
351 case PW_DIGEST_METHOD:
354 case PW_DIGEST_ALGORITHM:
355 case PW_DIGEST_BODY_DIGEST:
356 case PW_DIGEST_CNONCE:
357 case PW_DIGEST_NONCE_COUNT:
358 case PW_DIGEST_USER_NAME:
364 p = talloc_array(vp, uint8_t, vp->length + 2);
366 memcpy(p + 2, vp->vp_octets, vp->length);
367 p[0] = vp->da->attr - PW_DIGEST_REALM + 1;
373 da = dict_attrbyvalue(PW_DIGEST_ATTRIBUTES, 0);
383 } /* loop over the VP's we read in */
386 * Add it to the tail of the list.
388 if (!radclient_head) {
389 assert(radclient_tail == NULL);
390 radclient_head = radclient;
391 radclient->prev = NULL;
393 assert(radclient_tail->next == NULL);
394 radclient_tail->next = radclient;
395 radclient->prev = radclient_tail;
397 radclient_tail = radclient;
398 radclient->next = NULL;
400 } while (!filedone); /* loop until the file is done. */
402 if (fp != stdin) fclose(fp);
410 fprintf(stderr, "radclient: Out of memory\n");
412 if (fp != stdin) fclose(fp);
418 * Sanity check each argument.
420 static int radclient_sane(radclient_t *radclient)
422 if (radclient->request->dst_port == 0) {
423 radclient->request->dst_port = server_port;
425 if (radclient->request->dst_ipaddr.af == AF_UNSPEC) {
426 if (server_ipaddr.af == AF_UNSPEC) {
427 fprintf(stderr, "radclient: No server was given, but request %d in file %s did not contain Packet-Dst-IP-Address\n",
428 radclient->packet_number, radclient->filename);
431 radclient->request->dst_ipaddr = server_ipaddr;
433 if (radclient->request->code == 0) {
434 if (packet_code == -1) {
435 fprintf(stderr, "radclient: Request was \"auto\", but request %d in file %s did not contain Packet-Type\n",
436 radclient->packet_number, radclient->filename);
439 radclient->request->code = packet_code;
441 radclient->request->sockfd = -1;
448 * For request handline.
450 static int filename_cmp(void const *one, void const *two)
452 return strcmp((char const *) one, (char const *) two);
455 static int filename_walk(UNUSED void *context, void *data)
457 char const *filename = data;
460 * Read request(s) from the file.
462 if (!radclient_init(filename)) {
463 return -1; /* stop walking */
471 * Deallocate packet ID, etc.
473 static void deallocate_id(radclient_t *radclient)
475 if (!radclient || !radclient->request ||
476 (radclient->request->id < 0)) {
481 * One more unused RADIUS ID.
483 fr_packet_list_id_free(pl, radclient->request, true);
486 * If we've already sent a packet, free up the old one,
487 * and ensure that the next packet has a unique
488 * authentication vector.
490 if (radclient->request->data) {
491 talloc_free(radclient->request->data);
492 radclient->request->data = NULL;
495 if (radclient->reply) rad_free(&radclient->reply);
499 static void print_hex(RADIUS_PACKET *packet)
503 if (!packet->data) return;
505 printf(" Code:\t\t%u\n", packet->data[0]);
506 printf(" Id:\t\t%u\n", packet->data[1]);
507 printf(" Length:\t%u\n", ((packet->data[2] << 8) |
509 printf(" Vector:\t");
510 for (i = 4; i < 20; i++) {
511 printf("%02x", packet->data[i]);
515 if (packet->data_len > 20) {
520 total = packet->data_len - 20;
521 ptr = packet->data + 20;
527 if (total < 2) { /* too short */
528 printf("%02x\n", *ptr);
532 if (ptr[1] > total) { /* too long */
533 for (i = 0; i < total; i++) {
534 printf("%02x ", ptr[i]);
539 printf("%02x %02x ", ptr[0], ptr[1]);
540 attrlen = ptr[1] - 2;
544 for (i = 0; i < attrlen; i++) {
545 if ((i > 0) && ((i & 0x0f) == 0x00))
547 printf("%02x ", ptr[i]);
548 if ((i & 0x0f) == 0x0f) printf("\n");
551 if ((attrlen & 0x0f) != 0x00) printf("\n");
563 static int send_one_packet(radclient_t *radclient)
565 assert(radclient->done == 0);
568 * Remember when we have to wake up, to re-send the
569 * request, of we didn't receive a response.
571 if ((sleep_time == -1) ||
572 (sleep_time > (int) timeout)) {
573 sleep_time = (int) timeout;
577 * Haven't sent the packet yet. Initialize it.
579 if (radclient->request->id == -1) {
583 assert(radclient->reply == NULL);
586 * Didn't find a free packet ID, we're not done,
587 * we don't sleep, and we stop trying to process
591 radclient->request->src_ipaddr.af = server_ipaddr.af;
592 rcode = fr_packet_list_id_alloc(pl, ipproto,
593 &radclient->request, NULL);
599 mysockfd = fr_tcp_client_socket(NULL,
604 mysockfd = fr_socket(&client_ipaddr, 0);
606 fprintf(stderr, "radclient: Can't open new socket: %s\n",
610 if (!fr_packet_list_socket_add(pl, mysockfd, ipproto,
612 server_port, NULL)) {
613 fprintf(stderr, "radclient: Can't add new socket\n");
619 assert(radclient->request->id != -1);
620 assert(radclient->request->data == NULL);
622 for (i = 0; i < 4; i++) {
623 ((uint32_t *) radclient->request->vector)[i] = fr_rand();
627 * Update the password, so it can be encrypted with the
628 * new authentication vector.
630 if (radclient->password[0] != '\0') {
633 if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0, TAG_ANY)) != NULL) {
634 pairstrcpy(vp, radclient->password);
636 } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0, TAG_ANY)) != NULL) {
640 * If it's 17 octets, it *might* be already encoded.
641 * Or, it might just be a 17-character password (maybe UTF-8)
642 * Check it for non-printable characters. The odds of ALL
643 * of the characters being 32..255 is (1-7/8)^17, or (1/8)^17,
644 * or 1/(2^51), which is pretty much zero.
646 if (vp->length == 17) {
647 for (i = 0; i < 17; i++) {
648 if (vp->vp_octets[i] < 32) {
656 * Allow the user to specify ASCII or hex CHAP-Password
662 len = len2 = strlen(radclient->password);
663 if (len2 < 17) len2 = 17;
665 p = talloc_zero_array(vp, uint8_t, len2);
667 memcpy(p, radclient->password, len);
669 rad_chap_encode(radclient->request,
671 fr_rand() & 0xff, vp);
675 } else if (pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0, TAG_ANY) != NULL) {
676 mschapv1_encode(radclient->request,
677 &radclient->request->vps,
678 radclient->password);
679 } else if (fr_debug_flag) {
680 printf("WARNING: No password in the request\n");
684 radclient->timestamp = time(NULL);
685 radclient->tries = 1;
692 if (client_port == 0) {
693 client_ipaddr = radclient->request->src_ipaddr;
694 client_port = radclient->request->src_port;
698 } else { /* radclient->request->id >= 0 */
699 time_t now = time(NULL);
702 * FIXME: Accounting packets are never retried!
703 * The Acct-Delay-Time attribute is updated to
704 * reflect the delay, and the packet is re-sent
709 * Not time for a retry, do so.
711 if ((now - radclient->timestamp) < timeout) {
713 * When we walk over the tree sending
714 * packets, we update the minimum time
717 if ((sleep_time == -1) ||
718 (sleep_time > (now - radclient->timestamp))) {
719 sleep_time = now - radclient->timestamp;
725 * We're not trying later, maybe the packet is done.
727 if (radclient->tries == retries) {
728 assert(radclient->request->id >= 0);
731 * Delete the request from the tree of
732 * outstanding requests.
734 fr_packet_list_yank(pl, radclient->request);
736 fprintf(stderr, "radclient: no response from server for ID %d socket %d\n", radclient->request->id, radclient->request->sockfd);
737 deallocate_id(radclient);
740 * Normally we mark it "done" when we've received
741 * the response, but this is a special case.
743 if (radclient->resend == resend_count) {
751 * We are trying later.
753 radclient->timestamp = now;
761 if (rad_send(radclient->request, NULL, secret) < 0) {
762 fprintf(stderr, "radclient: Failed to send packet for ID %d: %s\n",
763 radclient->request->id, fr_strerror());
766 if (fr_debug_flag > 2) print_hex(radclient->request);
772 * Receive one packet, maybe.
774 static int recv_one_packet(int wait_time)
778 radclient_t *radclient;
779 RADIUS_PACKET *reply, **request_p;
782 /* And wait for reply, timing out as necessary */
785 max_fd = fr_packet_list_fd_set(pl, &set);
786 if (max_fd < 0) exit(1); /* no sockets to listen on! */
788 if (wait_time <= 0) {
791 tv.tv_sec = wait_time;
796 * No packet was received.
798 if (select(max_fd, &set, NULL, NULL, &tv) <= 0) {
803 * Look for the packet.
806 reply = fr_packet_list_recv(pl, &set);
808 fprintf(stderr, "radclient: received bad packet: %s\n",
812 * If the packet is bad, we close the socket.
813 * I'm not sure how to do that now, so we just
818 return -1; /* bad packet */
822 * udpfromto issues. We may have bound to "*",
823 * and we want to find the replies that are sent to
826 reply->dst_ipaddr = client_ipaddr;
827 reply->dst_port = client_port;
829 reply->src_ipaddr = server_ipaddr;
830 reply->src_port = server_port;
833 if (fr_debug_flag > 2) print_hex(reply);
835 request_p = fr_packet_list_find_byreply(pl, reply);
837 fprintf(stderr, "radclient: received response to request we did not send. (id=%d socket %d)\n", reply->id, reply->sockfd);
839 return -1; /* got reply to packet we didn't send */
841 radclient = fr_packet2myptr(radclient_t, request, request_p);
844 * Fails the signature validation: not a real reply.
845 * FIXME: Silently drop it and listen for another packet.
847 if (rad_verify(reply, radclient->request, secret) < 0) {
848 fr_perror("rad_verify");
850 goto packet_done; /* shared secret is incorrect */
853 if (print_filename) printf("%s:%d %d\n",
855 radclient->packet_number,
857 deallocate_id(radclient);
858 radclient->reply = reply;
862 * If this fails, we're out of memory.
864 if (rad_decode(radclient->reply, radclient->request, secret) != 0) {
865 fr_perror("rad_decode");
870 /* libradius debug already prints out the value pairs for us */
871 if (!fr_debug_flag && do_output) {
872 printf("Received response ID %d, code %d, length = %zd\n",
873 radclient->reply->id, radclient->reply->code,
874 radclient->reply->data_len);
875 vp_printlist(stdout, radclient->reply->vps);
878 if ((radclient->reply->code == PW_AUTHENTICATION_ACK) ||
879 (radclient->reply->code == PW_ACCOUNTING_RESPONSE) ||
880 (radclient->reply->code == PW_COA_ACK) ||
881 (radclient->reply->code == PW_DISCONNECT_ACK)) {
882 success = 1; /* have a good response */
888 if (radclient->resend == resend_count) {
893 rad_free(&radclient->reply);
894 rad_free(&reply); /* may be NULL */
900 static int getport(char const *name)
904 svp = getservbyname (name, "udp");
909 return ntohs(svp->s_port);
912 int main(int argc, char **argv)
916 char const *radius_dir = RADDBDIR;
917 char const *dict_dir = DICTDIR;
918 char filesecret[256];
924 int force_af = AF_UNSPEC;
929 fr_fault_setup(getenv("PANIC_ACTION"), argv[0]);
932 talloc_set_log_stderr();
934 filename_tree = rbtree_create(filename_cmp, NULL, 0);
935 if (!filename_tree) {
936 fprintf(stderr, "radclient: Out of memory\n");
940 while ((c = getopt(argc, argv, "46c:d:D:f:Fhi:n:p:qr:sS:t:vx"
944 )) != EOF) switch(c) {
952 if (!isdigit((int) *optarg))
954 resend_count = atoi(optarg);
963 rbtree_insert(filename_tree, optarg);
968 case 'i': /* currently broken */
969 if (!isdigit((int) *optarg))
971 last_used_id = atoi(optarg);
972 if ((last_used_id < 0) || (last_used_id > 255)) {
978 persec = atoi(optarg);
979 if (persec <= 0) usage();
983 * Note that sending MANY requests in
984 * parallel can over-run the kernel
985 * queues, and Linux will happily discard
986 * packets. So even if the server responds,
987 * the client may not see the response.
990 parallel = atoi(optarg);
991 if (parallel <= 0) usage();
997 if (strcmp(proto, "tcp") != 0) {
998 if (strcmp(proto, "udp") == 0) {
1004 ipproto = IPPROTO_TCP;
1012 fr_log_fp = NULL; /* no output from you, either! */
1015 if (!isdigit((int) *optarg))
1017 retries = atoi(optarg);
1018 if ((retries == 0) || (retries > 1000)) usage();
1024 fp = fopen(optarg, "r");
1026 fprintf(stderr, "radclient: Error opening %s: %s\n",
1027 optarg, fr_syserror(errno));
1030 if (fgets(filesecret, sizeof(filesecret), fp) == NULL) {
1031 fprintf(stderr, "radclient: Error reading %s: %s\n",
1032 optarg, fr_syserror(errno));
1037 /* truncate newline */
1038 p = filesecret + strlen(filesecret) - 1;
1039 while ((p >= filesecret) &&
1045 if (strlen(filesecret) < 2) {
1046 fprintf(stderr, "radclient: Secret in %s is too short\n", optarg);
1049 secret = filesecret;
1052 if (!isdigit((int) *optarg))
1054 timeout = atof(optarg);
1057 printf("%s\n", radclient_version);
1069 argc -= (optind - 1);
1070 argv += (optind - 1);
1073 ((secret == NULL) && (argc < 4))) {
1078 * Mismatch between the binary and the libraries it depends on
1080 if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
1081 fr_perror("radclient");
1085 if (dict_init(dict_dir, RADIUS_DICTIONARY) < 0) {
1086 fr_perror("radclient");
1090 if (dict_read(radius_dir, RADIUS_DICTIONARY) == -1) {
1091 fr_perror("radclient");
1098 if (force_af == AF_UNSPEC) force_af = AF_INET;
1099 server_ipaddr.af = force_af;
1100 if (strcmp(argv[1], "-") != 0) {
1101 char const *hostname = argv[1];
1102 char const *portname = argv[1];
1105 if (*argv[1] == '[') { /* IPv6 URL encoded */
1106 p = strchr(argv[1], ']');
1107 if ((size_t) (p - argv[1]) >= sizeof(buffer)) {
1111 memcpy(buffer, argv[1] + 1, p - argv[1] - 1);
1112 buffer[p - argv[1] - 1] = '\0';
1118 p = strchr(portname, ':');
1119 if (p && (strchr(p + 1, ':') == NULL)) {
1126 if (ip_hton(hostname, force_af, &server_ipaddr) < 0) {
1127 fprintf(stderr, "radclient: Failed to find IP address for host %s: %s\n", hostname, fr_syserror(errno));
1132 * Strip port from hostname if needed.
1134 if (portname) server_port = atoi(portname);
1138 * See what kind of request we want to send.
1140 if (strcmp(argv[2], "auth") == 0) {
1141 if (server_port == 0) server_port = getport("radius");
1142 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1143 packet_code = PW_AUTHENTICATION_REQUEST;
1145 } else if (strcmp(argv[2], "challenge") == 0) {
1146 if (server_port == 0) server_port = getport("radius");
1147 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1148 packet_code = PW_ACCESS_CHALLENGE;
1150 } else if (strcmp(argv[2], "acct") == 0) {
1151 if (server_port == 0) server_port = getport("radacct");
1152 if (server_port == 0) server_port = PW_ACCT_UDP_PORT;
1153 packet_code = PW_ACCOUNTING_REQUEST;
1156 } else if (strcmp(argv[2], "status") == 0) {
1157 if (server_port == 0) server_port = getport("radius");
1158 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1159 packet_code = PW_STATUS_SERVER;
1161 } else if (strcmp(argv[2], "disconnect") == 0) {
1162 if (server_port == 0) server_port = PW_COA_UDP_PORT;
1163 packet_code = PW_DISCONNECT_REQUEST;
1165 } else if (strcmp(argv[2], "coa") == 0) {
1166 if (server_port == 0) server_port = PW_COA_UDP_PORT;
1167 packet_code = PW_COA_REQUEST;
1169 } else if (strcmp(argv[2], "auto") == 0) {
1172 } else if (isdigit((int) argv[2][0])) {
1173 if (server_port == 0) server_port = getport("radius");
1174 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1175 packet_code = atoi(argv[2]);
1183 if (argv[3]) secret = argv[3];
1186 * If no '-f' is specified, we're reading from stdin.
1188 if (rbtree_num_elements(filename_tree) == 0) {
1189 if (!radclient_init("-")) exit(1);
1193 * Walk over the list of filenames, creating the requests.
1195 if (rbtree_walk(filename_tree, InOrder, filename_walk, NULL) != 0) {
1196 fprintf(stderr, "Failed walking over filenames\n");
1201 * No packets read. Die.
1203 if (!radclient_head) {
1204 fprintf(stderr, "radclient: Nothing to send.\n");
1209 * Bind to the first specified IP address and port.
1210 * This means we ignore later ones.
1212 if (radclient_head->request->src_ipaddr.af == AF_UNSPEC) {
1213 memset(&client_ipaddr, 0, sizeof(client_ipaddr));
1214 client_ipaddr.af = server_ipaddr.af;
1217 client_ipaddr = radclient_head->request->src_ipaddr;
1218 client_port = radclient_head->request->src_port;
1222 sockfd = fr_tcp_client_socket(NULL, &server_ipaddr, server_port);
1225 sockfd = fr_socket(&client_ipaddr, client_port);
1227 fprintf(stderr, "radclient: socket: %s\n", fr_strerror());
1231 pl = fr_packet_list_create(1);
1233 fprintf(stderr, "radclient: Out of memory\n");
1237 if (!fr_packet_list_socket_add(pl, sockfd, ipproto, &server_ipaddr,
1238 server_port, NULL)) {
1239 fprintf(stderr, "radclient: Out of memory\n");
1244 * Walk over the list of packets, sanity checking
1247 for (this = radclient_head; this != NULL; this = this->next) {
1248 this->request->src_ipaddr = client_ipaddr;
1249 this->request->src_port = client_port;
1250 if (radclient_sane(this) != 0) {
1256 * Walk over the packets to send, until
1259 * FIXME: This currently busy-loops until it receives
1260 * all of the packets. It should really have some sort of
1261 * send packet, get time to wait, select for time, etc.
1267 char const *filename = NULL;
1273 * Walk over the packets, sending them.
1276 for (this = radclient_head; this != NULL; this = next) {
1280 * If there's a packet to receive,
1281 * receive it, but don't wait for a
1287 * This packet is done. Delete it.
1290 radclient_free(this);
1295 * Packets from multiple '-f' are sent
1298 * Packets from one file are sent in
1299 * series, unless '-p' is specified, in
1300 * which case N packets from each file
1301 * are sent in parallel.
1303 if (this->filename != filename) {
1304 filename = this->filename;
1312 * Send the current packet.
1314 send_one_packet(this);
1317 * Wait a little before sending
1318 * the next packet, if told to.
1324 * Don't sleep elsewhere.
1333 tv.tv_usec = 1000000/persec;
1337 * Sleep for milliseconds,
1340 * If we get an error or
1341 * a signal, treat it like
1344 select(0, NULL, NULL, NULL, &tv);
1348 * If we haven't sent this packet
1349 * often enough, we're not done,
1350 * and we shouldn't sleep.
1352 if (this->resend < resend_count) {
1356 } else { /* haven't sent this packet, we're not done */
1357 assert(this->done == 0);
1358 assert(this->reply == NULL);
1364 * Still have outstanding requests.
1366 if (fr_packet_list_num_elements(pl) > 0) {
1373 * Nothing to do until we receive a request, so
1374 * sleep until then. Once we receive one packet,
1375 * we go back, and walk through the whole list again,
1376 * sending more packets (if necessary), and updating
1379 if (!done && (sleep_time > 0)) {
1380 recv_one_packet(sleep_time);
1384 rbtree_free(filename_tree);
1385 fr_packet_list_free(pl);
1386 while (radclient_head) radclient_free(radclient_head);
1390 printf("\n\t Total approved auths: %d\n", totalapp);
1391 printf("\t Total denied auths: %d\n", totaldeny);
1392 printf("\t Total lost auths: %d\n", totallost);
1395 if (success) return 0;