-/* RADIUS client doing blocking i/o. */
+/* RADIUS/RadSec client using libradsec in blocking mode. */
+
+/* Copyright 2010,2011,2013 NORDUnet A/S. All rights reserved.
+ See LICENSE for licensing information. */
#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
#include <stdlib.h>
+#include <string.h>
#include <assert.h>
-#include <event2/event.h>
#include <radsec/radsec.h>
-#include <radsec/radsec-impl.h>
#include <radsec/request.h>
#include "err.h"
-#include "debug.h" /* For rs_dump_packet(). */
+#include "debug.h" /* For rs_dump_message(). */
#define SECRET "sikrit"
#define USER_NAME "molgan@PROJECT-MOONSHOT.ORG"
#define USER_PW "password"
struct rs_error *
-blocking_client (const char *config_fn, const char *configuration,
+blocking_client (const char *av1, const char *av2, const char *av3,
int use_request_object_flag)
{
struct rs_context *h = NULL;
struct rs_connection *conn = NULL;
struct rs_request *request = NULL;
- struct rs_packet *req = NULL, *resp = NULL;
+ struct rs_message *req = NULL, *resp = NULL;
struct rs_error *err = NULL;
+ int r;
+#if defined (USE_CONFIG_FILE)
+ const char *config_fn= av1;
+ const char *configuration = av2;
+#else
+ const char *host = av1;
+ const char *service = av2;
+ const char *proto = av3;
+ struct rs_peer *server;
+#endif
- if (rs_context_create (&h))
+ r = rs_context_create (&h);
+ if (r)
{
- err = err_create (RSE_INTERNAL, NULL, 0, "unable to create context");
- assert (err != NULL);
- return err;
+ assert(r == RSE_NOMEM);
+ assert (!"out of RAM -- unable to create libradsec context");
}
#if !defined (USE_CONFIG_FILE)
+ /* Do it without a configuration file by setting all stuff "by
+ hand". Doesn't work for TLS at the moment because we don't have an
+ API for setting the X509 cert file names and such. */
{
- struct rs_peer *server;
+ int conn_type = RS_CONN_TYPE_UDP;
if (rs_conn_create (h, &conn, NULL))
goto cleanup;
- rs_conn_set_type (conn, RS_CONN_TYPE_UDP);
- if (rs_peer_create (conn, &server))
+ if (proto)
+ {
+ if (!strncmp (proto, "udp", strlen ("udp")))
+ conn_type = RS_CONN_TYPE_UDP;
+ else if (!strncmp (proto, "tls", strlen ("tls")))
+ conn_type = RS_CONN_TYPE_TLS;
+ }
+ rs_conn_set_type (conn, conn_type);
+ if (rs_peer_create_for_conn (conn, &server))
goto cleanup;
- if (rs_peer_set_address (server, av1, av2))
+ if (rs_peer_set_address (server, host, service))
goto cleanup;
rs_peer_set_timeout (server, 1);
rs_peer_set_retries (server, 3);
if (use_request_object_flag)
{
- if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW))
+ if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW, SECRET))
goto cleanup;
if (rs_request_send (request, &resp))
goto cleanup;
}
else
{
- if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW))
+ if (rs_message_create_authn_request (conn, &req, USER_NAME, USER_PW))
goto cleanup;
- if (rs_packet_send (req, NULL))
+ if (rs_message_send (req))
goto cleanup;
- if (rs_conn_receive_packet (conn, req, &resp))
+ if (rs_conn_receive_message (conn, req, &resp))
goto cleanup;
}
if (resp)
{
- rs_dump_packet (resp);
- if (rs_packet_code (resp) == PW_ACCESS_ACCEPT)
+ rs_dump_message (resp);
+ if (rs_message_code (resp) == PW_ACCESS_ACCEPT)
printf ("Good auth.\n");
else
- printf ("Bad auth: %d\n", rs_packet_code (resp));
+ printf ("Bad auth: %d\n", rs_message_code (resp));
}
else
fprintf (stderr, "%s: no response\n", __func__);
err = rs_err_ctx_pop (h);
if (err == RSE_OK)
err = rs_err_conn_pop (conn);
+#if !defined (USE_CONFIG_FILE)
+ rs_peer_free_address (server);
+ rs_peer_free_secret (server);
+#endif
if (resp)
- rs_packet_destroy (resp);
+ rs_message_destroy (resp);
if (request)
rs_request_destroy (request);
if (conn)
}
if (argc < 3)
usage (argc, argv);
- err = blocking_client (argv[1], argv[2], use_request_object_flag);
+ err = blocking_client (argv[1], argv[2], argc >= 3 ? argv[3] : NULL,
+ use_request_object_flag);
if (err)
{
- fprintf (stderr, "%s\n", rs_err_msg (err));
+ fprintf (stderr, "error: %s: %d\n", rs_err_msg (err), rs_err_code (err, 0));
return rs_err_code (err, 1);
}
return 0;