2 * radmin.c RADIUS Administration tool.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2012 The FreeRADIUS server project
21 * Copyright 2012 Alan DeKok <aland@deployingradius.com>
24 #include <freeradius-devel/ident.h>
27 #include <freeradius-devel/radiusd.h>
28 #include <freeradius-devel/radpaths.h>
30 #ifdef HAVE_SYS_SOCKET_H
31 #include <sys/socket.h>
34 #ifdef HAVE_NETINET_IN_H
35 #include <netinet/in.h>
41 #define SUN_LEN(su) (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
49 #ifdef HAVE_SYS_STAT_H
53 #ifdef HAVE_LIBREADLINE
55 #if defined(HAVE_READLINE_READLINE_H)
56 #include <readline/readline.h>
57 #define USE_READLINE (1)
58 #elif defined(HAVE_READLINE_H)
60 #define USE_READLINE (1)
61 #endif /* !defined(HAVE_READLINE_H) */
63 #endif /* HAVE_LIBREADLINE */
65 #ifdef HAVE_READLINE_HISTORY
66 #if defined(HAVE_READLINE_HISTORY_H)
67 #include <readline/history.h>
68 #define USE_READLINE_HISTORY (1)
69 #elif defined(HAVE_HISTORY_H)
71 #define USE_READLINE_HISTORY (1)
72 #endif /* defined(HAVE_READLINE_HISTORY_H) */
74 #endif /* HAVE_READLINE_HISTORY */
77 * For configuration file stuff.
79 char *radius_dir = RADDBDIR;
80 const char *progname = "radmin";
83 * The rest of this is because the conffile.c, etc. assume
84 * they're running inside of the server. And we don't (yet)
85 * have a "libfreeradius-server", or "libfreeradius-util".
88 struct main_config_t mainconfig;
89 char *request_log_file = NULL;
90 char *debug_log_file = NULL;
91 int radius_xlat(UNUSED char *out, UNUSED int outlen, UNUSED const char *fmt,
92 UNUSED REQUEST *request,
93 UNUSED RADIUS_ESCAPE_STRING func, UNUSED void *arg)
97 int check_config = FALSE;
99 static FILE *outputfp = NULL;
100 static int echo = FALSE;
101 static const char *secret = "testing123";
103 static int fr_domain_socket(const char *path)
109 struct sockaddr_un saremote;
112 if (len >= sizeof(saremote.sun_path)) {
113 fprintf(stderr, "%s: Path too long in filename\n", progname);
117 if ((sockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
118 fprintf(stderr, "%s: Failed creating socket: %s\n",
119 progname, strerror(errno));
123 saremote.sun_family = AF_UNIX;
124 memcpy(saremote.sun_path, path, len + 1); /* SUN_LEN does strlen */
126 socklen = SUN_LEN(&saremote);
128 if (connect(sockfd, (struct sockaddr *)&saremote, socklen) < 0) {
132 fprintf(stderr, "%s: Failed connecting to %s: %s\n",
133 progname, path, strerror(errno));
136 * The file doesn't exist. Tell the user how to
139 if ((stat(path, &buf) < 0) &&
141 fprintf(stderr, " Perhaps you need to run the commands:\n\tcd /etc/raddb\n\tln -s sites-available/control-socket sites-enabled/control-socket\n and then re-start the server?\n");
151 if ((flags = fcntl(sockfd, F_GETFL, NULL)) < 0) {
152 fprintf(stderr, "%s: Failure getting socket flags: %s",
153 progname, strerror(errno));
159 if( fcntl(sockfd, F_SETFL, flags) < 0) {
160 fprintf(stderr, "%s: Failure setting socket flags: %s",
161 progname, strerror(errno));
171 static int client_socket(const char *server)
175 char *p, buffer[1024];
177 strlcpy(buffer, server, sizeof(buffer));
179 p = strchr(buffer, ':');
181 port = PW_RADMIN_PORT;
187 if (ip_hton(buffer, AF_INET, &ipaddr) < 0) {
188 fprintf(stderr, "%s: Failed looking up host %s: %s\n",
189 progname, buffer, strerror(errno));
193 sockfd = fr_tcp_client_socket(NULL, &ipaddr, port);
195 fprintf(stderr, "%s: Failed opening socket %s: %s\n",
196 progname, server, strerror(errno));
203 static void do_challenge(int sockfd)
207 uint8_t challenge[16];
209 for (total = 0; total < sizeof(challenge); ) {
210 r = read(sockfd, challenge + total, sizeof(challenge) - total);
215 if (errno == ECONNRESET) {
216 fprintf(stderr, "%s: Connection reset",
221 if (errno == EINTR) continue;
223 fprintf(stderr, "%s: Failed reading data: %s\n",
224 progname, strerror(errno));
231 fr_hmac_md5((const uint8_t *) secret, strlen(secret),
232 challenge, sizeof(challenge), challenge);
234 write(sockfd, challenge, sizeof(challenge));
238 static int usage(void)
240 printf("Usage: %s [ args ]\n", progname);
241 printf(" -d raddb_dir Configuration files are in \"raddbdir/*\".\n");
242 printf(" -e command Execute 'command' and then exit.\n");
243 printf(" -E Echo commands as they are being executed.\n");
244 printf(" -f socket_file Open socket_file directly, without reading radius.conf\n");
245 printf(" -h Print usage help information.\n");
246 printf(" -i input_file Read commands from 'input_file'.\n");
247 printf(" -n name Read raddb/name.conf instead of raddb/radiusd.conf\n");
248 printf(" -o output_file Write commands to 'output_file'.\n");
249 printf(" -q Quiet mode.\n");
254 static ssize_t run_command(int sockfd, const char *command,
255 char *buffer, size_t bufsize)
261 fprintf(outputfp, "%s\n", command);
265 * Write the text to the socket.
267 if (write(sockfd, command, strlen(command)) < 0) return -1;
268 if (write(sockfd, "\r\n", 2) < 0) return -1;
276 memset(buffer, 0, bufsize);
283 FD_SET(sockfd, &readfds);
285 rcode = select(sockfd + 1, &readfds, NULL, NULL, NULL);
287 if (errno == EINTR) continue;
289 fprintf(stderr, "%s: Failed selecting: %s\n",
290 progname, strerror(errno));
295 fprintf(stderr, "%s: Server closed the connection.\n",
301 len = recv(sockfd, buffer + size,
302 bufsize - size - 1, MSG_DONTWAIT);
305 * Read one byte at a time (ugh)
307 len = recv(sockfd, buffer + size, 1, 0);
311 * No data: keep looping
313 if ((errno == EAGAIN) || (errno == EINTR)) {
317 fprintf(stderr, "%s: Error reading socket: %s\n",
318 progname, strerror(errno));
321 if (len == 0) return 0; /* clean exit */
327 * There really is a better way of doing this.
329 p = strstr(buffer, "radmin> ");
336 if (p[-1] == '\n') p[-1] = '\0';
342 * Blank prompt. Go get another command.
344 if (!buffer[0]) return 1;
346 buffer[size] = '\0'; /* this is at least right */
351 #define MAX_COMMANDS (4)
353 int main(int argc, char **argv)
355 int argval, quiet = 0;
356 int done_license = 0;
358 uint32_t magic, needed;
361 const char *file = NULL;
362 const char *name = "radiusd";
363 char *p, buffer[65536];
364 const char *input_file = NULL;
365 FILE *inputfp = stdin;
366 const char *output_file = NULL;
367 const char *server = NULL;
369 char *commands[MAX_COMMANDS];
370 int num_commands = -1;
372 outputfp = stdout; /* stdout is not a constant value... */
374 if ((progname = strrchr(argv[0], FR_DIR_SEP)) == NULL)
379 while ((argval = getopt(argc, argv, "d:hi:e:Ef:n:o:qs:S")) != EOF) {
383 fprintf(stderr, "%s: -d and -f cannot be used together.\n", progname);
387 fprintf(stderr, "%s: -d and -s cannot be used together.\n", progname);
394 num_commands++; /* starts at -1 */
395 if (num_commands >= MAX_COMMANDS) {
396 fprintf(stderr, "%s: Too many '-e'\n",
400 commands[num_commands] = optarg;
418 if (strcmp(optarg, "-") != 0) {
429 if (strcmp(optarg, "-") != 0) {
430 output_file = optarg;
441 fprintf(stderr, "%s: -s and -f cannot be used together.\n", progname);
456 CONF_SECTION *cs, *subcs;
458 file = NULL; /* MUST read it from the conffile now */
460 snprintf(buffer, sizeof(buffer), "%s/%s.conf",
463 cs = cf_file_read(buffer);
465 fprintf(stderr, "%s: Errors reading or parsing %s\n",
471 while ((subcs = cf_subsection_find_next(cs, subcs, "listen")) != NULL) {
473 CONF_PAIR *cp = cf_pair_find(subcs, "type");
477 value = cf_pair_value(cp);
478 if (!value) continue;
480 if (strcmp(value, "control") != 0) continue;
483 * Now find the socket name (sigh)
485 rcode = cf_item_parse(subcs, "socket",
489 fprintf(stderr, "%s: Failed parsing listen section\n", progname);
494 fprintf(stderr, "%s: No path given for socket\n",
502 fprintf(stderr, "%s: Could not find control socket in %s\n",
509 inputfp = fopen(input_file, "r");
511 fprintf(stderr, "%s: Failed opening %s: %s\n",
512 progname, input_file, strerror(errno));
518 outputfp = fopen(output_file, "w");
520 fprintf(stderr, "%s: Failed creating %s: %s\n",
521 progname, output_file, strerror(errno));
527 * Check if stdin is a TTY only if input is from stdin
529 if (input_file && !quiet && !isatty(STDIN_FILENO)) quiet = 1;
533 #ifdef USE_READLINE_HISTORY
536 rl_bind_key('\t', rl_insert);
543 * FIXME: Get destination from command line, if possible?
545 sockfd = fr_domain_socket(file);
550 sockfd = client_socket(server);
554 * Read initial magic && version information.
556 for (size = 0; size < 8; size += len) {
557 len = read(sockfd, buffer + size, 8 - size);
559 fprintf(stderr, "%s: Error reading initial data from socket: %s\n",
560 progname, strerror(errno));
565 memcpy(&magic, buffer, 4);
566 magic = ntohl(magic);
567 if (magic != 0xf7eead15) {
568 fprintf(stderr, "%s: Socket %s is not FreeRADIUS administration socket\n", progname, file);
572 memcpy(&magic, buffer + 4, 4);
573 magic = ntohl(magic);
581 if (magic != needed) {
582 fprintf(stderr, "%s: Socket version mismatch: Need %d, got %d\n",
583 progname, needed, magic);
587 if (server && secret) do_challenge(sockfd);
592 if (num_commands >= 0) {
595 for (i = 0; i <= num_commands; i++) {
596 size = run_command(sockfd, commands[i],
597 buffer, sizeof(buffer));
598 if (size < 0) exit(1);
601 fputs(buffer, outputfp);
602 fprintf(outputfp, "\n");
609 if (!done_license && !quiet) {
610 printf("radmin " RADIUSD_VERSION " - FreeRADIUS Server administration tool.\n");
611 printf("Copyright (C) 2008-2012 The FreeRADIUS server project and contributors.\n");
612 printf("There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\n");
613 printf("PARTICULAR PURPOSE.\n");
614 printf("You may redistribute copies of FreeRADIUS under the terms of the\n");
615 printf("GNU General Public License v2.\n");
632 line = readline("radmin> ");
641 #ifdef USE_READLINE_HISTORY
644 } else /* quiet, or no readline */
647 line = fgets(buffer, sizeof(buffer), inputfp);
650 p = strchr(buffer, '\n');
652 fprintf(stderr, "%s: Input line too long\n",
660 * Strip off leading spaces.
662 for (p = line; *p != '\0'; p++) {
678 * Comments: keep going.
685 for (p = line; *p != '\0'; p++) {
686 if ((p[0] == '\r') ||
694 if (strcmp(line, "reconnect") == 0) {
700 if (memcmp(line, "secret ", 7) == 0) {
703 do_challenge(sockfd);
712 if ((strcmp(line, "exit") == 0) ||
713 (strcmp(line, "quit") == 0)) {
717 if (server && !secret) {
718 fprintf(stderr, "ERROR: You must enter 'secret <SECRET>' before running any commands\n");
723 size = run_command(sockfd, line, buffer, sizeof(buffer));
724 if (size <= 0) break; /* error, or clean exit */
726 if (size == 1) continue; /* no output. */
728 fputs(buffer, outputfp);
730 fprintf(outputfp, "\n");
733 fprintf(outputfp, "\n");