2 * radclient.c General radius packet debug tool.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2000,2006 The FreeRADIUS server project
21 * Copyright 2000 Miquel van Smoorenburg <miquels@cistron.nl>
22 * Copyright 2000 Alan DeKok <aland@ox.org>
25 #include <freeradius-devel/ident.h>
28 #include <freeradius-devel/libradius.h>
29 #include <freeradius-devel/conf.h>
30 #include <freeradius-devel/radpaths.h>
43 static int success = 0;
44 static int retries = 3;
45 static float timeout = 5;
46 static const char *secret = NULL;
47 static int do_output = 1;
48 static int totalapp = 0;
49 static int totaldeny = 0;
50 static int totallost = 0;
52 static int server_port = 0;
53 static int packet_code = 0;
54 static fr_ipaddr_t server_ipaddr;
55 static int resend_count = 1;
57 static int print_filename = 0;
59 static fr_ipaddr_t client_ipaddr;
60 static int client_port = 0;
63 static int last_used_id = -1;
66 const char *proto = NULL;
68 static int ipproto = IPPROTO_UDP;
70 static rbtree_t *filename_tree = NULL;
71 static fr_packet_list_t *pl = NULL;
73 static int sleep_time = -1;
75 typedef struct radclient_t {
76 struct radclient_t *prev;
77 struct radclient_t *next;
80 int packet_number; /* in the file */
83 RADIUS_PACKET *request;
90 static radclient_t *radclient_head = NULL;
91 static radclient_t *radclient_tail = NULL;
94 static void NEVER_RETURNS usage(void)
96 fprintf(stderr, "Usage: radclient [options] server[:port] <command> [<secret>]\n");
98 fprintf(stderr, " <command> One of auth, acct, status, coa, or disconnect.\n");
99 fprintf(stderr, " -c count Send each packet 'count' times.\n");
100 fprintf(stderr, " -d raddb Set dictionary directory.\n");
101 fprintf(stderr, " -f file Read packets from file, not stdin.\n");
102 fprintf(stderr, " -i id Set request id to 'id'. Values may be 0..255\n");
103 fprintf(stderr, " -n num Send N requests/s\n");
104 fprintf(stderr, " -p num Send 'num' packets from a file in parallel.\n");
105 fprintf(stderr, " -q Do not print anything out.\n");
106 fprintf(stderr, " -r retries If timeout, retry sending the packet 'retries' times.\n");
107 fprintf(stderr, " -s Print out summary information of auth results.\n");
108 fprintf(stderr, " -S file read secret from file, not command line.\n");
109 fprintf(stderr, " -t timeout Wait 'timeout' seconds before retrying (may be a floating point number).\n");
110 fprintf(stderr, " -v Show program version information.\n");
111 fprintf(stderr, " -x Debugging mode.\n");
112 fprintf(stderr, " -4 Use IPv4 address of server\n");
113 fprintf(stderr, " -6 Use IPv6 address of server.\n");
115 fprintf(stderr, " -P proto Use proto (tcp or udp) for transport.\n");
122 * Free a radclient struct, which may (or may not)
123 * already be in the list.
125 static void radclient_free(radclient_t *radclient)
127 radclient_t *prev, *next;
129 if (radclient->request) rad_free(&radclient->request);
130 if (radclient->reply) rad_free(&radclient->reply);
132 prev = radclient->prev;
133 next = radclient->next;
136 assert(radclient_head != radclient);
138 } else if (radclient_head) {
139 assert(radclient_head == radclient);
140 radclient_head = next;
144 assert(radclient_tail != radclient);
146 } else if (radclient_tail) {
147 assert(radclient_tail == radclient);
148 radclient_tail = prev;
154 static int mschapv1_encode(VALUE_PAIR **request, const char *password)
157 VALUE_PAIR *challenge, *response;
160 challenge = paircreate(PW_MSCHAP_CHALLENGE, VENDORPEC_MICROSOFT, PW_TYPE_OCTETS);
162 fprintf(stderr, "GOT IT %d!\n", __LINE__);
166 pairadd(request, challenge);
167 challenge->length = 8;
168 for (i = 0; i < challenge->length; i++) {
169 challenge->vp_octets[i] = fr_rand();
172 response = paircreate(PW_MSCHAP_RESPONSE, VENDORPEC_MICROSOFT, PW_TYPE_OCTETS);
174 fprintf(stderr, "GOT IT %d!\n", __LINE__);
178 pairadd(request, response);
179 response->length = 50;
180 memset(response->vp_octets, 0, response->length);
182 response->vp_octets[1] = 0x01; /* NT hash */
184 mschap_ntpwdhash(nthash, password);
186 smbdes_mschap(nthash, challenge->vp_octets,
187 response->vp_octets + 26);
193 * Initialize a radclient data structure and add it to
194 * the global linked list.
196 static int radclient_init(const char *filename)
200 radclient_t *radclient;
202 int packet_number = 1;
204 assert(filename != NULL);
207 * Determine where to read the VP's from.
209 if (strcmp(filename, "-") != 0) {
210 fp = fopen(filename, "r");
212 fprintf(stderr, "radclient: Error opening %s: %s\n",
213 filename, strerror(errno));
221 * Loop until the file is done.
227 radclient = malloc(sizeof(*radclient));
229 perror("radclient: X");
230 if (fp != stdin) fclose(fp);
233 memset(radclient, 0, sizeof(*radclient));
235 radclient->request = rad_alloc(1);
236 if (!radclient->request) {
237 fr_perror("radclient: Y");
239 if (fp != stdin) fclose(fp);
244 radclient->request->src_ipaddr = client_ipaddr;
245 radclient->request->src_port = client_port;
246 radclient->request->dst_ipaddr = server_ipaddr;
247 radclient->request->dst_port = server_port;
250 radclient->filename = filename;
251 radclient->request->id = -1; /* allocate when sending */
252 radclient->packet_number = packet_number++;
257 radclient->request->vps = readvp2(fp, &filedone, "radclient:");
258 if (!radclient->request->vps) {
259 rad_free(&radclient->request);
261 if (fp != stdin) fclose(fp);
266 * Keep a copy of the the User-Password attribute.
268 if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0)) != NULL) {
269 strlcpy(radclient->password, vp->vp_strvalue,
270 sizeof(radclient->password));
272 * Otherwise keep a copy of the CHAP-Password attribute.
274 } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0)) != NULL) {
275 strlcpy(radclient->password, vp->vp_strvalue,
276 sizeof(radclient->password));
278 } else if ((vp = pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0)) != NULL) {
279 strlcpy(radclient->password, vp->vp_strvalue,
280 sizeof(radclient->password));
282 radclient->password[0] = '\0';
286 * Fix up Digest-Attributes issues
288 for (vp = radclient->request->vps; vp != NULL; vp = vp->next) {
289 switch (vp->attribute) {
294 * Allow it to set the packet type in
295 * the attributes read from the file.
298 radclient->request->code = vp->vp_integer;
301 case PW_PACKET_DST_PORT:
302 radclient->request->dst_port = (vp->vp_integer & 0xffff);
305 case PW_PACKET_DST_IP_ADDRESS:
306 radclient->request->dst_ipaddr.af = AF_INET;
307 radclient->request->dst_ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
310 case PW_PACKET_DST_IPV6_ADDRESS:
311 radclient->request->dst_ipaddr.af = AF_INET6;
312 radclient->request->dst_ipaddr.ipaddr.ip6addr = vp->vp_ipv6addr;
315 case PW_PACKET_SRC_PORT:
316 radclient->request->src_port = (vp->vp_integer & 0xffff);
319 case PW_PACKET_SRC_IP_ADDRESS:
320 radclient->request->src_ipaddr.af = AF_INET;
321 radclient->request->src_ipaddr.ipaddr.ip4addr.s_addr = vp->vp_ipaddr;
324 case PW_PACKET_SRC_IPV6_ADDRESS:
325 radclient->request->src_ipaddr.af = AF_INET6;
326 radclient->request->src_ipaddr.ipaddr.ip6addr = vp->vp_ipv6addr;
329 case PW_DIGEST_REALM:
330 case PW_DIGEST_NONCE:
331 case PW_DIGEST_METHOD:
334 case PW_DIGEST_ALGORITHM:
335 case PW_DIGEST_BODY_DIGEST:
336 case PW_DIGEST_CNONCE:
337 case PW_DIGEST_NONCE_COUNT:
338 case PW_DIGEST_USER_NAME:
340 memmove(&vp->vp_octets[2], &vp->vp_octets[0],
342 vp->vp_octets[0] = vp->attribute - PW_DIGEST_REALM + 1;
344 vp->vp_octets[1] = vp->length;
345 vp->attribute = PW_DIGEST_ATTRIBUTES;
348 } /* loop over the VP's we read in */
351 * Add it to the tail of the list.
353 if (!radclient_head) {
354 assert(radclient_tail == NULL);
355 radclient_head = radclient;
356 radclient->prev = NULL;
358 assert(radclient_tail->next == NULL);
359 radclient_tail->next = radclient;
360 radclient->prev = radclient_tail;
362 radclient_tail = radclient;
363 radclient->next = NULL;
365 } while (!filedone); /* loop until the file is done. */
367 if (fp != stdin) fclose(fp);
377 * Sanity check each argument.
379 static int radclient_sane(radclient_t *radclient)
381 if (radclient->request->dst_port == 0) {
382 radclient->request->dst_port = server_port;
384 if (radclient->request->dst_ipaddr.af == AF_UNSPEC) {
385 if (server_ipaddr.af == AF_UNSPEC) {
386 fprintf(stderr, "radclient: No server was given, but request %d in file %s did not contain Packet-Dst-IP-Address\n",
387 radclient->packet_number, radclient->filename);
390 radclient->request->dst_ipaddr = server_ipaddr;
392 if (radclient->request->code == 0) {
393 if (packet_code == -1) {
394 fprintf(stderr, "radclient: Request was \"auto\", but request %d in file %s did not contain Packet-Type\n",
395 radclient->packet_number, radclient->filename);
399 radclient->request->code = packet_code;
401 radclient->request->sockfd = -1;
408 * For request handline.
410 static int filename_cmp(const void *one, const void *two)
412 return strcmp((const char *) one, (const char *) two);
415 static int filename_walk(void *context, void *data)
417 const char *filename = data;
419 context = context; /* -Wunused */
422 * Read request(s) from the file.
424 if (!radclient_init(filename)) {
425 return 1; /* stop walking */
433 * Deallocate packet ID, etc.
435 static void deallocate_id(radclient_t *radclient)
437 if (!radclient || !radclient->request ||
438 (radclient->request->id < 0)) {
443 * One more unused RADIUS ID.
445 fr_packet_list_id_free(pl, radclient->request);
446 radclient->request->id = -1;
449 * If we've already sent a packet, free up the old one,
450 * and ensure that the next packet has a unique
451 * authentication vector.
453 if (radclient->request->data) {
454 free(radclient->request->data);
455 radclient->request->data = NULL;
458 if (radclient->reply) rad_free(&radclient->reply);
462 static void print_hex(RADIUS_PACKET *packet)
466 if (!packet->data) return;
468 printf(" Code:\t\t%u\n", packet->data[0]);
469 printf(" Id:\t\t%u\n", packet->data[1]);
470 printf(" Length:\t%u\n", ((packet->data[2] << 8) |
472 printf(" Vector:\t");
473 for (i = 4; i < 20; i++) {
474 printf("%02x", packet->data[i]);
478 if (packet->data_len > 20) {
483 total = packet->data_len - 20;
484 ptr = packet->data + 20;
490 if (total < 2) { /* too short */
491 printf("%02x\n", *ptr);
495 if (ptr[1] > total) { /* too long */
496 for (i = 0; i < total; i++) {
497 printf("%02x ", ptr[i]);
502 printf("%02x %02x ", ptr[0], ptr[1]);
503 attrlen = ptr[1] - 2;
507 for (i = 0; i < attrlen; i++) {
508 if ((i > 0) && ((i & 0x0f) == 0x00))
510 printf("%02x ", ptr[i]);
511 if ((i & 0x0f) == 0x0f) printf("\n");
514 if ((attrlen & 0x0f) != 0x00) printf("\n");
526 static int send_one_packet(radclient_t *radclient)
528 assert(radclient->done == 0);
531 * Remember when we have to wake up, to re-send the
532 * request, of we didn't receive a response.
534 if ((sleep_time == -1) ||
535 (sleep_time > (int) timeout)) {
536 sleep_time = (int) timeout;
540 * Haven't sent the packet yet. Initialize it.
542 if (radclient->request->id == -1) {
545 assert(radclient->reply == NULL);
548 * Didn't find a free packet ID, we're not done,
549 * we don't sleep, and we stop trying to process
553 radclient->request->src_ipaddr.af = server_ipaddr.af;
554 rcode = fr_packet_list_id_alloc(pl, ipproto,
555 radclient->request, NULL);
561 mysockfd = fr_tcp_client_socket(NULL,
566 mysockfd = fr_socket(&client_ipaddr, 0);
568 fprintf(stderr, "radclient: Can't open new socket\n");
571 if (!fr_packet_list_socket_add(pl, mysockfd, ipproto,
573 server_port, NULL)) {
574 fprintf(stderr, "radclient: Can't add new socket\n");
586 assert(radclient->request->id != -1);
587 assert(radclient->request->data == NULL);
589 for (i = 0; i < 4; i++) {
590 ((uint32_t *) radclient->request->vector)[i] = fr_rand();
594 * Update the password, so it can be encrypted with the
595 * new authentication vector.
597 if (radclient->password[0] != '\0') {
600 if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0)) != NULL) {
601 strlcpy(vp->vp_strvalue, radclient->password,
602 sizeof(vp->vp_strvalue));
603 vp->length = strlen(vp->vp_strvalue);
605 } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0)) != NULL) {
607 * FIXME: AND there's no CHAP-Challenge,
608 * AND vp->length != 17
609 * AND rad_chap_encode() != vp->vp_octets
611 strlcpy(vp->vp_strvalue, radclient->password,
612 sizeof(vp->vp_strvalue));
613 vp->length = strlen(vp->vp_strvalue);
615 rad_chap_encode(radclient->request,
617 radclient->request->id, vp);
620 } else if ((vp = pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0)) != NULL) {
621 mschapv1_encode(&radclient->request->vps,
622 radclient->password);
623 } else if (fr_debug_flag) {
624 printf("WARNING: No password in the request\n");
628 radclient->timestamp = time(NULL);
629 radclient->tries = 1;
633 * Duplicate found. Serious error!
635 if (!fr_packet_list_insert(pl, &radclient->request)) {
643 if (client_port == 0) {
644 client_ipaddr = radclient->request->src_ipaddr;
645 client_port = radclient->request->src_port;
649 } else { /* radclient->request->id >= 0 */
650 time_t now = time(NULL);
653 * FIXME: Accounting packets are never retried!
654 * The Acct-Delay-Time attribute is updated to
655 * reflect the delay, and the packet is re-sent
660 * Not time for a retry, do so.
662 if ((now - radclient->timestamp) < timeout) {
664 * When we walk over the tree sending
665 * packets, we update the minimum time
668 if ((sleep_time == -1) ||
669 (sleep_time > (now - radclient->timestamp))) {
670 sleep_time = now - radclient->timestamp;
676 * We're not trying later, maybe the packet is done.
678 if (radclient->tries == retries) {
679 assert(radclient->request->id >= 0);
682 * Delete the request from the tree of
683 * outstanding requests.
685 fr_packet_list_yank(pl, radclient->request);
687 fprintf(stderr, "radclient: no response from server for ID %d socket %d\n", radclient->request->id, radclient->request->sockfd);
688 deallocate_id(radclient);
691 * Normally we mark it "done" when we've received
692 * the response, but this is a special case.
694 if (radclient->resend == resend_count) {
702 * We are trying later.
704 radclient->timestamp = now;
712 if (rad_send(radclient->request, NULL, secret) < 0) {
713 fprintf(stderr, "radclient: Failed to send packet for ID %d: %s\n",
714 radclient->request->id, fr_strerror());
717 if (fr_debug_flag > 2) print_hex(radclient->request);
723 * Receive one packet, maybe.
725 static int recv_one_packet(int wait_time)
729 radclient_t *radclient;
730 RADIUS_PACKET *reply, **request_p;
733 /* And wait for reply, timing out as necessary */
736 max_fd = fr_packet_list_fd_set(pl, &set);
737 if (max_fd < 0) exit(1); /* no sockets to listen on! */
739 if (wait_time <= 0) {
742 tv.tv_sec = wait_time;
747 * No packet was received.
749 if (select(max_fd, &set, NULL, NULL, &tv) <= 0) {
754 * Look for the packet.
757 reply = fr_packet_list_recv(pl, &set);
759 fprintf(stderr, "radclient: received bad packet: %s\n",
763 * If the packet is bad, we close the socket.
764 * I'm not sure how to do that now, so we just
769 return -1; /* bad packet */
773 * udpfromto issues. We may have bound to "*",
774 * and we want to find the replies that are sent to
777 reply->dst_ipaddr = client_ipaddr;
778 reply->dst_port = client_port;
780 reply->src_ipaddr = server_ipaddr;
781 reply->src_port = server_port;
784 if (fr_debug_flag > 2) print_hex(reply);
786 request_p = fr_packet_list_find_byreply(pl, reply);
788 fprintf(stderr, "radclient: received response to request we did not send. (id=%d socket %d)\n", reply->id, reply->sockfd);
790 return -1; /* got reply to packet we didn't send */
792 radclient = fr_packet2myptr(radclient_t, request, request_p);
795 * Fails the signature validation: not a real reply.
796 * FIXME: Silently drop it and listen for another packet.
798 if (rad_verify(reply, radclient->request, secret) < 0) {
799 fr_perror("rad_verify");
801 goto packet_done; /* shared secret is incorrect */
804 fr_packet_list_yank(pl, radclient->request);
805 if (print_filename) printf("%s:%d %d\n",
807 radclient->packet_number,
809 deallocate_id(radclient);
810 radclient->reply = reply;
814 * If this fails, we're out of memory.
816 if (rad_decode(radclient->reply, radclient->request, secret) != 0) {
817 fr_perror("rad_decode");
822 /* libradius debug already prints out the value pairs for us */
823 if (!fr_debug_flag && do_output) {
824 printf("Received response ID %d, code %d, length = %ld\n",
825 radclient->reply->id, radclient->reply->code,
826 radclient->reply->data_len);
827 vp_printlist(stdout, radclient->reply->vps);
830 if ((radclient->reply->code == PW_AUTHENTICATION_ACK) ||
831 (radclient->reply->code == PW_ACCOUNTING_RESPONSE) ||
832 (radclient->reply->code == PW_COA_ACK) ||
833 (radclient->reply->code == PW_DISCONNECT_ACK)) {
834 success = 1; /* have a good response */
840 if (radclient->resend == resend_count) {
845 rad_free(&radclient->reply);
846 rad_free(&reply); /* may be NULL */
852 static int getport(const char *name)
856 svp = getservbyname (name, "udp");
861 return ntohs(svp->s_port);
864 int main(int argc, char **argv)
868 const char *radius_dir = RADDBDIR;
869 char filesecret[256];
875 int force_af = AF_UNSPEC;
879 filename_tree = rbtree_create(filename_cmp, NULL, 0);
880 if (!filename_tree) {
881 fprintf(stderr, "radclient: Out of memory\n");
885 while ((c = getopt(argc, argv, "46c:d:f:Fhi:n:p:qr:sS:t:vx"
889 )) != EOF) switch(c) {
897 if (!isdigit((int) *optarg))
899 resend_count = atoi(optarg);
905 rbtree_insert(filename_tree, optarg);
910 case 'i': /* currently broken */
911 if (!isdigit((int) *optarg))
913 last_used_id = atoi(optarg);
914 if ((last_used_id < 0) || (last_used_id > 255)) {
920 persec = atoi(optarg);
921 if (persec <= 0) usage();
925 * Note that sending MANY requests in
926 * parallel can over-run the kernel
927 * queues, and Linux will happily discard
928 * packets. So even if the server responds,
929 * the client may not see the response.
932 parallel = atoi(optarg);
933 if (parallel <= 0) usage();
939 if (strcmp(proto, "tcp") != 0) {
940 if (strcmp(proto, "udp") == 0) {
946 ipproto = IPPROTO_TCP;
954 fr_log_fp = NULL; /* no output from you, either! */
957 if (!isdigit((int) *optarg))
959 retries = atoi(optarg);
960 if ((retries == 0) || (retries > 1000)) usage();
966 fp = fopen(optarg, "r");
968 fprintf(stderr, "radclient: Error opening %s: %s\n",
969 optarg, strerror(errno));
972 if (fgets(filesecret, sizeof(filesecret), fp) == NULL) {
973 fprintf(stderr, "radclient: Error reading %s: %s\n",
974 optarg, strerror(errno));
979 /* truncate newline */
980 p = filesecret + strlen(filesecret) - 1;
981 while ((p >= filesecret) &&
987 if (strlen(filesecret) < 2) {
988 fprintf(stderr, "radclient: Secret in %s is too short\n", optarg);
994 if (!isdigit((int) *optarg))
996 timeout = atof(optarg);
999 printf("radclient: " RADIUSD_VERSION " built on " __DATE__ " at " __TIME__ "\n");
1011 argc -= (optind - 1);
1012 argv += (optind - 1);
1015 ((secret == NULL) && (argc < 4))) {
1019 if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
1020 fr_perror("radclient");
1027 if (force_af == AF_UNSPEC) force_af = AF_INET;
1028 server_ipaddr.af = force_af;
1029 if (strcmp(argv[1], "-") != 0) {
1030 const char *hostname = argv[1];
1031 const char *portname = argv[1];
1034 if (*argv[1] == '[') { /* IPv6 URL encoded */
1035 p = strchr(argv[1], ']');
1036 if ((size_t) (p - argv[1]) >= sizeof(buffer)) {
1040 memcpy(buffer, argv[1] + 1, p - argv[1] - 1);
1041 buffer[p - argv[1] - 1] = '\0';
1047 p = strchr(portname, ':');
1048 if (p && (strchr(p + 1, ':') == NULL)) {
1055 if (ip_hton(hostname, force_af, &server_ipaddr) < 0) {
1056 fprintf(stderr, "radclient: Failed to find IP address for host %s: %s\n", hostname, strerror(errno));
1061 * Strip port from hostname if needed.
1063 if (portname) server_port = atoi(portname);
1067 * See what kind of request we want to send.
1069 if (strcmp(argv[2], "auth") == 0) {
1070 if (server_port == 0) server_port = getport("radius");
1071 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1072 packet_code = PW_AUTHENTICATION_REQUEST;
1074 } else if (strcmp(argv[2], "challenge") == 0) {
1075 if (server_port == 0) server_port = getport("radius");
1076 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1077 packet_code = PW_ACCESS_CHALLENGE;
1079 } else if (strcmp(argv[2], "acct") == 0) {
1080 if (server_port == 0) server_port = getport("radacct");
1081 if (server_port == 0) server_port = PW_ACCT_UDP_PORT;
1082 packet_code = PW_ACCOUNTING_REQUEST;
1085 } else if (strcmp(argv[2], "status") == 0) {
1086 if (server_port == 0) server_port = getport("radius");
1087 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1088 packet_code = PW_STATUS_SERVER;
1090 } else if (strcmp(argv[2], "disconnect") == 0) {
1091 if (server_port == 0) server_port = PW_COA_UDP_PORT;
1092 packet_code = PW_DISCONNECT_REQUEST;
1094 } else if (strcmp(argv[2], "coa") == 0) {
1095 if (server_port == 0) server_port = PW_COA_UDP_PORT;
1096 packet_code = PW_COA_REQUEST;
1098 } else if (strcmp(argv[2], "auto") == 0) {
1101 } else if (isdigit((int) argv[2][0])) {
1102 if (server_port == 0) server_port = getport("radius");
1103 if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
1104 packet_code = atoi(argv[2]);
1112 if (argv[3]) secret = argv[3];
1115 * If no '-f' is specified, we're reading from stdin.
1117 if (rbtree_num_elements(filename_tree) == 0) {
1118 rbtree_insert(filename_tree, "-");
1122 * Walk over the list of filenames, creating the requests.
1124 if (rbtree_walk(filename_tree, InOrder, filename_walk, NULL) != 0) {
1129 * No packets read. Die.
1131 if (!radclient_head) {
1132 fprintf(stderr, "radclient: Nothing to send.\n");
1137 * Bind to the first specified IP address and port.
1138 * This means we ignore later ones.
1140 if (radclient_head->request->src_ipaddr.af == AF_UNSPEC) {
1141 memset(&client_ipaddr, 0, sizeof(client_ipaddr));
1142 client_ipaddr.af = server_ipaddr.af;
1145 client_ipaddr = radclient_head->request->src_ipaddr;
1146 client_port = radclient_head->request->src_port;
1150 sockfd = fr_tcp_client_socket(NULL, &server_ipaddr, server_port);
1153 sockfd = fr_socket(&client_ipaddr, client_port);
1155 fprintf(stderr, "radclient: socket: %s\n", fr_strerror());
1159 pl = fr_packet_list_create(1);
1161 fprintf(stderr, "radclient: Out of memory\n");
1165 if (!fr_packet_list_socket_add(pl, sockfd, ipproto, &server_ipaddr,
1166 server_port, NULL)) {
1167 fprintf(stderr, "radclient: Out of memory\n");
1172 * Walk over the list of packets, sanity checking
1175 for (this = radclient_head; this != NULL; this = this->next) {
1176 this->request->src_ipaddr = client_ipaddr;
1177 this->request->src_port = client_port;
1178 if (radclient_sane(this) != 0) {
1184 * Walk over the packets to send, until
1187 * FIXME: This currently busy-loops until it receives
1188 * all of the packets. It should really have some sort of
1189 * send packet, get time to wait, select for time, etc.
1195 const char *filename = NULL;
1201 * Walk over the packets, sending them.
1204 for (this = radclient_head; this != NULL; this = next) {
1208 * If there's a packet to receive,
1209 * receive it, but don't wait for a
1215 * This packet is done. Delete it.
1218 radclient_free(this);
1223 * Packets from multiple '-f' are sent
1226 * Packets from one file are sent in
1227 * series, unless '-p' is specified, in
1228 * which case N packets from each file
1229 * are sent in parallel.
1231 if (this->filename != filename) {
1232 filename = this->filename;
1240 * Send the current packet.
1242 send_one_packet(this);
1245 * Wait a little before sending
1246 * the next packet, if told to.
1252 * Don't sleep elsewhere.
1261 tv.tv_usec = 1000000/persec;
1265 * Sleep for milliseconds,
1268 * If we get an error or
1269 * a signal, treat it like
1272 select(0, NULL, NULL, NULL, &tv);
1276 * If we haven't sent this packet
1277 * often enough, we're not done,
1278 * and we shouldn't sleep.
1280 if (this->resend < resend_count) {
1284 } else { /* haven't sent this packet, we're not done */
1285 assert(this->done == 0);
1286 assert(this->reply == NULL);
1292 * Still have outstanding requests.
1294 if (fr_packet_list_num_elements(pl) > 0) {
1301 * Nothing to do until we receive a request, so
1302 * sleep until then. Once we receive one packet,
1303 * we go back, and walk through the whole list again,
1304 * sending more packets (if necessary), and updating
1307 if (!done && (sleep_time > 0)) {
1308 recv_one_packet(sleep_time);
1312 rbtree_free(filename_tree);
1313 fr_packet_list_free(pl);
1314 while (radclient_head) radclient_free(radclient_head);
1318 printf("\n\t Total approved auths: %d\n", totalapp);
1319 printf("\t Total denied auths: %d\n", totaldeny);
1320 printf("\t Total lost auths: %d\n", totallost);
1323 if (success) return 0;