bindir="@bindir@"
usage() {
- echo "Usage: radtest user passwd radius-server[:port] nas-port-id secret [ppphint] [nasname]" >&2
+ echo "Usage: radtest [OPTIONS] user passwd radius-server[:port] nas-port-number secret [ppphint] [nasname]" >&2
+ echo " -d RADIUS_DIR Set radius directory" >&2
+ echo " -t <type> Set authentication method" >&2
+ echo " type can be pap, chap, mschap, or eap-md5" >&2
+ echo " -x Enable debug output" >&2
exit 1
}
radclient=./radclient
fi
-if [ "$1" = "-d" ]
+# radeapclient is used for EAP-MD5.
+radeapclient=$bindir/radeapclient
+
+OPTIONS=
+PASSWORD="User-Password"
+
+# We need at LEAST these many options
+if [ $# -lt 5 ]
then
- DICTIONARY="-d $2"
- shift;shift
-else
- DICTIONARY=""
+ usage
fi
+# Parse new command-line options
+while [ `echo "$1" | cut -c 1` = "-" ]
+do
+ case "$1" in
+ -d)
+ OPTIONS="$OPTIONS -d $2"
+ shift;shift
+ ;;
+ -x)
+ OPTIONS="$OPTIONS -x"
+ shift
+ ;;
+
+ -t)
+ shift;
+ case "$1" in
+ pap)
+ PASSWORD="User-Password"
+ ;;
+ chap)
+ PASSWORD="CHAP-Password"
+ ;;
+ mschap)
+ PASSWORD="MS-CHAP-Password"
+ ;;
+ eap-md5)
+ PASSWORD="User-Password"
+ if [ ! -x "$radeapclient" ]
+ then
+ echo "radtest: No 'radeapclient' program was found. Cannot perform EAP-MD5." >&1
+ exit 1
+ fi
+ radclient="$radeapclient"
+ ;;
+ *)
+ usage
+ ;;
+ esac
+ shift
+ ;;
+
+ *)
+ usage
+ ;;
+ esac
+done
+
+# Check that there are enough options left over.
if [ $# -lt 5 ] || [ $# -gt 7 ]
then
usage
(
echo "User-Name = \"$1\""
- echo "User-Password = \"$2\""
+ echo "$PASSWORD = \"$2\""
echo "NAS-IP-Address = $nas"
- echo "NAS-Port-Id = $4"
+ echo "NAS-Port = $4"
+ if [ "$radclient" = "$radeapclient" ]
+ then
+ echo "EAP-Code = Response"
+ echo "EAP-Type-Identity = \"$1\""
+ echo "Message-Authenticator = 0x00"
+ fi
if [ "$6" ]
then
echo "Framed-Protocol = PPP"
fi
-) | $radclient $DICTIONARY -x $3 auth $5
+) | $radclient $OPTIONS -x $3 auth "$5"
+exit $?