static int totalapp = 0;
static int totaldeny = 0;
static char filesecret[256];
-const char *radius_dir = RADDBDIR;
+char *radius_dir = NULL;
const char *progname = "radeapclient";
/* fr_randctx randctx; */
+#ifdef WITH_TLS
+#include <freeradius-devel/tls.h>
+#endif
radlog_dest_t radlog_dest = RADLOG_STDERR;
const char *radlog_dir = NULL;
fprintf(stderr, " -f file Read packets from file, not stdin.\n");
fprintf(stderr, " -r retries If timeout, retry sending the packet 'retries' times.\n");
fprintf(stderr, " -t timeout Wait 'timeout' seconds before retrying (may be a floating point number).\n");
+ fprintf(stderr, " -h Print usage help information.\n");
fprintf(stderr, " -i id Set request id to 'id'. Values may be 0..255\n");
fprintf(stderr, " -S file read secret from file, not command line.\n");
fprintf(stderr, " -q Do not print anything out.\n");
return ntohs(svp->s_port);
}
+#define R_RECV (0)
+#define R_SENT (1)
+static void debug_packet(RADIUS_PACKET *packet, int direction)
+{
+ VALUE_PAIR *vp;
+ char buffer[1024];
+ const char *received, *from;
+ const fr_ipaddr_t *ip;
+ int port;
+
+ if (!packet) return;
+
+ if (direction == 0) {
+ received = "Received";
+ from = "from"; /* what else? */
+ ip = &packet->src_ipaddr;
+ port = packet->src_port;
+
+ } else {
+ received = "Sending";
+ from = "to"; /* hah! */
+ ip = &packet->dst_ipaddr;
+ port = packet->dst_port;
+ }
+
+ /*
+ * Client-specific debugging re-prints the input
+ * packet into the client log.
+ *
+ * This really belongs in a utility library
+ */
+ if ((packet->code > 0) && (packet->code < FR_MAX_PACKET_CODE)) {
+ printf("%s %s packet %s host %s port %d, id=%d, length=%d\n",
+ received, fr_packet_codes[packet->code], from,
+ inet_ntop(ip->af, &ip->ipaddr, buffer, sizeof(buffer)),
+ port, packet->id, (int) packet->data_len);
+ } else {
+ printf("%s packet %s host %s port %d code=%d, id=%d, length=%d\n",
+ received, from,
+ inet_ntop(ip->af, &ip->ipaddr, buffer, sizeof(buffer)),
+ port,
+ packet->code, packet->id, (int) packet->data_len);
+ }
+
+ for (vp = packet->vps; vp != NULL; vp = vp->next) {
+ vp_prints(buffer, sizeof(buffer), vp);
+ printf("\t%s\n", buffer);
+ }
+ fflush(stdout);
+}
+
+
static int send_packet(RADIUS_PACKET *req, RADIUS_PACKET **rep)
{
int i;
for (i = 0; i < retries; i++) {
fd_set rdfdesc;
+ debug_packet(req, R_SENT);
+
rad_send(req, NULL, secret);
/* And wait for reply, timing out as necessary */
/* libradius debug already prints out the value pairs for us */
if (!fr_debug_flag && do_output) {
- printf("Received response ID %d, code %d, length = %d\n",
- (*rep)->id, (*rep)->code, (int) (*rep)->data_len);
- vp_printlist(stdout, (*rep)->vps);
+ debug_packet(*rep, R_RECV);
}
if((*rep)->code == PW_AUTHENTICATION_ACK) {
totalapp++;
- } else {
+ } else if ((*rep)->code == PW_AUTHENTICATION_REJECT) {
totaldeny++;
}
*/
unmap_eapsim_types(req);
- printf("<+++ EAP-sim decoded packet:\n");
- vp_printlist(stdout, req->vps);
-
if((vp = pairfind(req->vps, ATTRIBUTE_EAP_SIM_SUBTYPE, 0)) == NULL)
{
return 0;
again:
rep->id++;
- printf("\n+++> About to send encoded packet:\n");
- vp_printlist(stdout, rep->vps);
-
/*
* if there are EAP types, encode them into an EAP-Message
*
/* okay got back the packet, go and decode the EAP-Message. */
unmap_eap_types(req);
- printf("<+++ EAP decoded packet:\n");
- vp_printlist(stdout, req->vps);
+ debug_packet(req, R_RECV);
/* now look for the code type. */
for (vp = req->vps; vp != NULL; vp = vpnext) {
count = atoi(optarg);
break;
case 'd':
- radius_dir = optarg;
+ radius_dir = strdup(optarg);
break;
case 'f':
filename = optarg;
usage();
}
+ if (!radius_dir) radius_dir = strdup(RADDBDIR);
+
if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radclient");
return 1;
sendrecv_eap(req);
}
+ free(radius_dir);
if(do_summary) {
printf("\n\t Total approved auths: %d\n", totalapp);
printf("\t Total denied auths: %d\n", totaldeny);
break;
}
- printf("\nRead:\n");
- vp_printlist(stdout, req->vps);
+ if (fr_debug_flag > 1) {
+ printf("\nRead:\n");
+ vp_printlist(stdout, req->vps);
+ }
map_eapsim_types(req);
map_eap_types(req);
- printf("Mapped to:\n");
- vp_printlist(stdout, req->vps);
+
+ if (fr_debug_flag > 1) {
+ printf("Mapped to:\n");
+ vp_printlist(stdout, req->vps);
+ }
/* find the EAP-Message, copy it to req2 */
vp = paircopy2(req->vps, PW_EAP_MESSAGE);
unmap_eap_types(req2);
unmap_eapsim_types(req2);
- printf("Unmapped to:\n");
- vp_printlist(stdout, req2->vps);
+ if (fr_debug_flag > 1) {
+ printf("Unmapped to:\n");
+ vp_printlist(stdout, req2->vps);
+ }
vp = pairfind(req2->vps,
- ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC);
- vpkey = pairfind(req->vps, ATTRIBUTE_EAP_SIM_KEY);
- vpextra = pairfind(req->vps, ATTRIBUTE_EAP_SIM_EXTRA);
+ ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC, 0);
+ vpkey = pairfind(req->vps, ATTRIBUTE_EAP_SIM_KEY, 0);
+ vpextra = pairfind(req->vps, ATTRIBUTE_EAP_SIM_EXTRA, 0);
if(vp != NULL && vpkey != NULL && vpextra!=NULL) {
uint8_t calcmac[16];