int main (int argc,
char *argv[])
{
TIDC_INSTANCE *tidc;
int conn = 0;
int rc;
gss_ctx_id_t gssctx;
struct cmdline_args opts;
/* parse the command line*/
/* set defaults */
opts.server=NULL;
opts.rp_realm=NULL;
opts.target_realm=NULL;
opts.community=NULL;
opts.port=TID_PORT;
argp_parse(&argp, argc, argv, 0, 0, &opts);
/* TBD -- validity checking, dealing with quotes, etc. */
print_version_info();
/* Use standalone logging */
tr_log_open();
/* set logging levels */
talloc_set_log_stderr();
tr_log_threshold(LOG_CRIT);
tr_console_threshold(LOG_DEBUG);
printf("TIDC Client:\nServer = %s, rp_realm = %s, target_realm = %s, community = %s, port = %i\n", opts.server, opts.rp_realm, opts.target_realm, opts.community, opts.port);
/* Create a TID client instance & the client DH */
tidc = tidc_create();
if (NULL == (tidc->client_dh = tr_create_dh_params(NULL, 0))) {
printf("Error creating client DH params.\n");
return 1;
}
/* Set-up TID connection */
if (-1 == (conn = tidc_open_connection(tidc, opts.server, opts.port, &gssctx))) {
/* Handle error */
printf("Error in tidc_open_connection.\n");
return 1;
};
/* Send a TID request */
if (0 > (rc = tidc_send_request(tidc, conn, gssctx, opts.rp_realm, opts.target_realm, opts.community,
&tidc_resp_handler, NULL))) {
/* Handle error */
printf("Error in tidc_send_request, rc = %d.\n", rc);
return 1;
}
/* Clean-up the TID client instance, and exit */
tidc_destroy(tidc);
return 0;
}
int main (int argc,
char *argv[])
{
TALLOC_CTX *main_ctx=talloc_new(NULL);
TRPC_INSTANCE *trpc=NULL;
TRP_CONNECTION *conn=NULL;
struct cmdline_args opts;
/* parse the command line*/
/* set defaults */
opts.msg=NULL;
opts.server=NULL;
opts.port=TRP_PORT;
opts.repeat=1;
argp_parse(&argp, argc, argv, 0, 0, &opts);
/* Use standalone logging */
tr_log_open();
/* set logging levels */
talloc_set_log_stderr();
tr_log_threshold(LOG_CRIT);
tr_console_threshold(LOG_DEBUG);
printf("TRPC Client:\nServer = %s, port = %i\n", opts.server, opts.port);
conn=trp_connection_new(trpc);
if (conn==NULL) {
printf("Could not allocate TRP_CONNECTION.\n");
return 1;
}
trpc = trpc_new(main_ctx);
trpc_set_server(trpc, opts.server);
trpc_set_port(trpc, opts.port);
trpc_set_conn(trpc, conn);
/* Set-up TRP connection */
if (TRP_SUCCESS != trpc_connect(trpc)) {
/* Handle error */
printf("Error in trpc_connect.\n");
return 1;
}
/* Send a TRP message */
while ((opts.repeat==-1) || (opts.repeat-->0)) {
if (TRP_SUCCESS != trpc_send_msg(trpc, opts.msg)) {
/* Handle error */
printf("Error in trpc_send_request.");
return 1;
}
usleep(1000000);
}
/* Clean-up the TRP client instance, and exit */
trpc_free(trpc);
return 0;
}
int main(int argc, char **argv)
{
int c;
char const *radius_dir = RADDBDIR;
char const *dict_dir = DICTDIR;
char filesecret[256];
FILE *fp;
int do_summary = false;
int persec = 0;
int parallel = 1;
rc_request_t *this;
int force_af = AF_UNSPEC;
/*
* It's easier having two sets of flags to set the
* verbosity of library calls and the verbosity of
* radclient.
*/
fr_debug_lvl = 0;
fr_log_fp = stdout;
#ifndef NDEBUG
if (fr_fault_setup(getenv("PANIC_ACTION"), argv[0]) < 0) {
fr_perror("radclient");
exit(EXIT_FAILURE);
}
#endif
talloc_set_log_stderr();
filename_tree = rbtree_create(NULL, filename_cmp, NULL, 0);
if (!filename_tree) {
oom:
ERROR("Out of memory");
exit(1);
}
while ((c = getopt(argc, argv, "46c:d:D:f:Fhi:n:p:qr:sS:t:vx"
#ifdef WITH_TCP
"P:"
#endif
)) != EOF) switch (c) {
case '4':
force_af = AF_INET;
break;
case '6':
force_af = AF_INET6;
break;
case 'c':
if (!isdigit((int) *optarg))
usage();
resend_count = atoi(optarg);
break;
case 'D':
dict_dir = optarg;
break;
case 'd':
radius_dir = optarg;
break;
case 'f':
{
char const *p;
rc_file_pair_t *files;
files = talloc(talloc_autofree_context(), rc_file_pair_t);
if (!files) goto oom;
p = strchr(optarg, ':');
if (p) {
files->packets = talloc_strndup(files, optarg, p - optarg);
if (!files->packets) goto oom;
files->filters = p + 1;
} else {
files->packets = optarg;
files->filters = NULL;
}
rbtree_insert(filename_tree, (void *) files);
}
break;
case 'F':
print_filename = true;
break;
case 'i': /* currently broken */
if (!isdigit((int) *optarg))
usage();
last_used_id = atoi(optarg);
if ((last_used_id < 0) || (last_used_id > 255)) {
usage();
}
break;
case 'n':
persec = atoi(optarg);
if (persec <= 0) usage();
break;
/*
* Note that sending MANY requests in
* parallel can over-run the kernel
* queues, and Linux will happily discard
* packets. So even if the server responds,
* the client may not see the reply.
*/
case 'p':
parallel = atoi(optarg);
if (parallel <= 0) usage();
break;
#ifdef WITH_TCP
case 'P':
proto = optarg;
if (strcmp(proto, "tcp") != 0) {
if (strcmp(proto, "udp") == 0) {
proto = NULL;
} else {
usage();
}
} else {
ipproto = IPPROTO_TCP;
}
break;
#endif
case 'q':
do_output = false;
fr_log_fp = NULL; /* no output from you, either! */
break;
case 'r':
if (!isdigit((int) *optarg)) usage();
retries = atoi(optarg);
if ((retries == 0) || (retries > 1000)) usage();
break;
case 's':
do_summary = true;
break;
case 'S':
{
char *p;
fp = fopen(optarg, "r");
if (!fp) {
ERROR("Error opening %s: %s", optarg, fr_syserror(errno));
exit(1);
}
if (fgets(filesecret, sizeof(filesecret), fp) == NULL) {
ERROR("Error reading %s: %s", optarg, fr_syserror(errno));
exit(1);
}
fclose(fp);
/* truncate newline */
p = filesecret + strlen(filesecret) - 1;
while ((p >= filesecret) &&
(*p < ' ')) {
*p = '\0';
--p;
}
if (strlen(filesecret) < 2) {
ERROR("Secret in %s is too short", optarg);
exit(1);
}
secret = filesecret;
}
break;
case 't':
if (!isdigit((int) *optarg))
usage();
timeout = atof(optarg);
break;
case 'v':
fr_debug_lvl = 1;
DEBUG("%s", radclient_version);
exit(0);
case 'x':
fr_debug_lvl++;
break;
case 'h':
default:
usage();
}
argc -= (optind - 1);
argv += (optind - 1);
if ((argc < 3) || ((secret == NULL) && (argc < 4))) {
ERROR("Insufficient arguments");
usage();
}
/*
* Mismatch between the binary and the libraries it depends on
*/
if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
fr_perror("radclient");
return 1;
}
if (dict_init(dict_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radclient");
return 1;
}
if (dict_read(radius_dir, RADIUS_DICTIONARY) == -1) {
fr_perror("radclient");
return 1;
}
fr_strerror(); /* Clear the error buffer */
/*
* Get the request type
*/
if (!isdigit((int) argv[2][0])) {
packet_code = fr_str2int(request_types, argv[2], -2);
if (packet_code == -2) {
ERROR("Unrecognised request type \"%s\"", argv[2]);
usage();
}
} else {
packet_code = atoi(argv[2]);
}
/*
* Resolve hostname.
*/
if (strcmp(argv[1], "-") != 0) {
if (fr_pton_port(&server_ipaddr, &server_port, argv[1], -1, force_af, true) < 0) {
ERROR("%s", fr_strerror());
exit(1);
}
/*
* Work backwards from the port to determine the packet type
*/
if (packet_code == PW_CODE_UNDEFINED) packet_code = radclient_get_code(server_port);
}
radclient_get_port(packet_code, &server_port);
/*
* Add the secret.
*/
if (argv[3]) secret = argv[3];
/*
* If no '-f' is specified, we're reading from stdin.
*/
if (rbtree_num_elements(filename_tree) == 0) {
rc_file_pair_t *files;
files = talloc_zero(talloc_autofree_context(), rc_file_pair_t);
files->packets = "-";
if (!radclient_init(files, files)) {
exit(1);
}
}
/*
* Walk over the list of filenames, creating the requests.
*/
if (rbtree_walk(filename_tree, RBTREE_IN_ORDER, filename_walk, NULL) != 0) {
ERROR("Failed parsing input files");
exit(1);
}
/*
* No packets read. Die.
*/
if (!request_head) {
ERROR("Nothing to send");
exit(1);
}
/*
* Bind to the first specified IP address and port.
* This means we ignore later ones.
*/
if (request_head->packet->src_ipaddr.af == AF_UNSPEC) {
memset(&client_ipaddr, 0, sizeof(client_ipaddr));
client_ipaddr.af = server_ipaddr.af;
} else {
client_ipaddr = request_head->packet->src_ipaddr;
}
client_port = request_head->packet->src_port;
#ifdef WITH_TCP
if (proto) {
sockfd = fr_socket_client_tcp(NULL, &server_ipaddr, server_port, false);
} else
#endif
sockfd = fr_socket(&client_ipaddr, client_port);
if (sockfd < 0) {
ERROR("Error opening socket");
exit(1);
}
pl = fr_packet_list_create(1);
if (!pl) {
ERROR("Out of memory");
exit(1);
}
if (!fr_packet_list_socket_add(pl, sockfd, ipproto, &server_ipaddr,
server_port, NULL)) {
ERROR("Out of memory");
exit(1);
}
/*
* Walk over the list of packets, sanity checking
* everything.
*/
for (this = request_head; this != NULL; this = this->next) {
this->packet->src_ipaddr = client_ipaddr;
this->packet->src_port = client_port;
if (radclient_sane(this) != 0) {
exit(1);
}
}
/*
* Walk over the packets to send, until
* we're all done.
*
* FIXME: This currently busy-loops until it receives
* all of the packets. It should really have some sort of
* send packet, get time to wait, select for time, etc.
* loop.
*/
do {
int n = parallel;
rc_request_t *next;
char const *filename = NULL;
done = true;
sleep_time = -1;
/*
* Walk over the packets, sending them.
*/
for (this = request_head; this != NULL; this = next) {
next = this->next;
/*
* If there's a packet to receive,
* receive it, but don't wait for a
* packet.
*/
recv_one_packet(0);
/*
* This packet is done. Delete it.
*/
if (this->done) {
talloc_free(this);
continue;
}
/*
* Packets from multiple '-f' are sent
* in parallel.
*
* Packets from one file are sent in
* series, unless '-p' is specified, in
* which case N packets from each file
* are sent in parallel.
*/
if (this->files->packets != filename) {
filename = this->files->packets;
n = parallel;
}
if (n > 0) {
n--;
/*
* Send the current packet.
*/
if (send_one_packet(this) < 0) {
talloc_free(this);
break;
}
/*
* Wait a little before sending
* the next packet, if told to.
*/
if (persec) {
struct timeval tv;
/*
* Don't sleep elsewhere.
*/
sleep_time = 0;
if (persec == 1) {
tv.tv_sec = 1;
tv.tv_usec = 0;
} else {
tv.tv_sec = 0;
tv.tv_usec = 1000000/persec;
}
/*
* Sleep for milliseconds,
* portably.
*
* If we get an error or
* a signal, treat it like
* a normal timeout.
*/
select(0, NULL, NULL, NULL, &tv);
}
/*
* If we haven't sent this packet
* often enough, we're not done,
* and we shouldn't sleep.
*/
if (this->resend < resend_count) {
done = false;
sleep_time = 0;
}
} else { /* haven't sent this packet, we're not done */
assert(this->done == false);
assert(this->reply == NULL);
done = false;
}
}
/*
* Still have outstanding requests.
*/
if (fr_packet_list_num_elements(pl) > 0) {
done = false;
} else {
sleep_time = 0;
}
/*
* Nothing to do until we receive a request, so
* sleep until then. Once we receive one packet,
* we go back, and walk through the whole list again,
* sending more packets (if necessary), and updating
* the sleep time.
*/
if (!done && (sleep_time > 0)) {
recv_one_packet(sleep_time);
}
} while (!done);
rbtree_free(filename_tree);
fr_packet_list_free(pl);
while (request_head) TALLOC_FREE(request_head);
dict_free();
if (do_summary) {
DEBUG("Packet summary:\n"
"\tAccepted : %" PRIu64 "\n"
"\tRejected : %" PRIu64 "\n"
"\tLost : %" PRIu64 "\n"
"\tPassed filter : %" PRIu64 "\n"
"\tFailed filter : %" PRIu64,
stats.accepted,
stats.rejected,
stats.lost,
stats.passed,
stats.failed
);
}
if ((stats.lost > 0) || (stats.failed > 0)) {
exit(1);
}
exit(0);
}
/*
* Main program
*/
int main(int argc, char **argv)
{
CONF_SECTION *maincs, *cs;
FILE *fp;
struct radutmp rt;
char othername[256];
char nasname[1024];
char session_id[sizeof(rt.session_id)+1];
int hideshell = 0;
int showsid = 0;
int rawoutput = 0;
int radiusoutput = 0; /* Radius attributes */
char const *portind;
int c;
unsigned int portno;
char buffer[2048];
char const *user = NULL;
int user_cmp = 0;
time_t now = 0;
uint32_t nas_port = ~0;
uint32_t nas_ip_address = INADDR_NONE;
int zap = 0;
raddb_dir = RADIUS_DIR;
#ifndef NDEBUG
if (fr_fault_setup(getenv("PANIC_ACTION"), argv[0]) < 0) {
fr_perror("radwho");
exit(EXIT_FAILURE);
}
#endif
talloc_set_log_stderr();
while((c = getopt(argc, argv, "d:fF:nN:sSipP:crRu:U:Z")) != EOF) switch(c) {
case 'd':
raddb_dir = optarg;
break;
case 'F':
radutmp_file = optarg;
break;
case 'h':
usage(0);
break;
case 'S':
hideshell = 1;
break;
case 'n':
showname = 0;
break;
case 'N':
if (inet_pton(AF_INET, optarg, &nas_ip_address) < 0) {
usage(1);
}
break;
case 's':
showname = 1;
break;
case 'i':
showsid = 1;
break;
case 'p':
showptype = 1;
break;
case 'P':
nas_port = atoi(optarg);
break;
case 'c':
showcid = 1;
showname = 1;
break;
case 'r':
rawoutput = 1;
break;
case 'R':
radiusoutput = 1;
now = time(NULL);
break;
case 'u':
user = optarg;
user_cmp = 0;
break;
case 'U':
user = optarg;
user_cmp = 1;
break;
case 'Z':
zap = 1;
break;
default:
usage(1);
break;
}
/*
* Mismatch between the binary and the libraries it depends on
*/
if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
fr_perror("radwho");
return 1;
}
/*
* Be safe.
*/
if (zap && !radiusoutput) zap = 0;
/*
* zap EVERYONE, but only on this nas
*/
if (zap && !user && (~nas_port == 0)) {
/*
* We need to know which NAS to zap users in.
*/
if (nas_ip_address == INADDR_NONE) usage(1);
printf("Acct-Status-Type = Accounting-Off\n");
printf("NAS-IP-Address = %s\n",
hostname(buffer, sizeof(buffer), nas_ip_address));
printf("Acct-Delay-Time = 0\n");
exit(0); /* don't bother printing anything else */
}
if (radutmp_file) goto have_radutmp;
/*
* Initialize main_config
*/
memset(&main_config, 0, sizeof(main_config));
/* Read radiusd.conf */
snprintf(buffer, sizeof(buffer), "%.200s/radiusd.conf", raddb_dir);
maincs = cf_file_read(buffer);
if (!maincs) {
fprintf(stderr, "%s: Error reading or parsing radiusd.conf\n", argv[0]);
exit(1);
}
cs = cf_section_sub_find(maincs, "modules");
if (!cs) {
fprintf(stderr, "%s: No modules section found in radiusd.conf\n", argv[0]);
exit(1);
}
/* Read the radutmp section of radiusd.conf */
cs = cf_section_sub_find_name2(cs, "radutmp", NULL);
if (!cs) {
fprintf(stderr, "%s: No configuration information in radutmp section of radiusd.conf\n", argv[0]);
exit(1);
}
cf_section_parse(cs, NULL, module_config);
/* Assign the correct path for the radutmp file */
radutmp_file = radutmpconfig.radutmp_fn;
have_radutmp:
if (showname < 0) showname = 1;
/*
* Show the users logged in on the terminal server(s).
*/
if ((fp = fopen(radutmp_file, "r")) == NULL) {
fprintf(stderr, "%s: Error reading %s: %s\n",
progname, radutmp_file, fr_syserror(errno));
return 0;
}
/*
* Don't print the headers if raw or RADIUS
*/
if (!rawoutput && !radiusoutput) {
fputs(showname ? hdr1 : hdr2, stdout);
fputs(eol, stdout);
}
/*
* Read the file, printing out active entries.
*/
while (fread(&rt, sizeof(rt), 1, fp) == 1) {
char name[sizeof(rt.login) + 1];
if (rt.type != P_LOGIN) continue; /* hide logout sessions */
/*
* We don't show shell users if we are
* fingerd, as we have done that above.
*/
if (hideshell && !strchr("PCS", rt.proto))
continue;
/*
* Print out sessions only for the given user.
*/
if (user) { /* only for a particular user */
if (((user_cmp == 0) &&
(strncasecmp(rt.login, user, strlen(user)) != 0)) ||
((user_cmp == 1) &&
(strncmp(rt.login, user, strlen(user)) != 0))) {
continue;
}
}
/*
* Print out only for the given NAS port.
*/
if (~nas_port != 0) {
if (rt.nas_port != nas_port) continue;
}
/*
* Print out only for the given NAS IP address
*/
if (nas_ip_address != INADDR_NONE) {
if (rt.nas_address != nas_ip_address) continue;
}
memcpy(session_id, rt.session_id, sizeof(rt.session_id));
session_id[sizeof(rt.session_id)] = 0;
if (!rawoutput && rt.nas_port > (showname ? 999 : 99999)) {
portind = ">";
portno = (showname ? 999 : 99999);
} else {
portind = "S";
portno = rt.nas_port;
}
/*
* Print output as RADIUS attributes
*/
if (radiusoutput) {
memcpy(nasname, rt.login, sizeof(rt.login));
nasname[sizeof(rt.login)] = '\0';
fr_print_string(nasname, 0, buffer,
sizeof(buffer));
printf("User-Name = \"%s\"\n", buffer);
fr_print_string(session_id, 0, buffer,
sizeof(buffer));
printf("Acct-Session-Id = \"%s\"\n", buffer);
if (zap) printf("Acct-Status-Type = Stop\n");
printf("NAS-IP-Address = %s\n",
hostname(buffer, sizeof(buffer),
rt.nas_address));
printf("NAS-Port = %u\n", rt.nas_port);
switch (rt.proto) {
case 'S':
printf("Service-Type = Framed-User\n");
printf("Framed-Protocol = SLIP\n");
break;
case 'P':
printf("Service-Type = Framed-User\n");
printf("Framed-Protocol = PPP\n");
break;
default:
printf("Service-type = Login-User\n");
break;
}
if (rt.framed_address != INADDR_NONE) {
printf("Framed-IP-Address = %s\n",
hostname(buffer, sizeof(buffer),
rt.framed_address));
}
/*
* Some sanity checks on the time
*/
if ((rt.time <= now) &&
(now - rt.time) <= (86400 * 365)) {
printf("Acct-Session-Time = %" PRId64 "\n", (int64_t) (now - rt.time));
}
if (rt.caller_id[0] != '\0') {
memcpy(nasname, rt.caller_id,
sizeof(rt.caller_id));
nasname[sizeof(rt.caller_id)] = '\0';
fr_print_string(nasname, 0, buffer,
sizeof(buffer));
printf("Calling-Station-Id = \"%s\"\n", buffer);
}
printf("\n"); /* separate entries with a blank line */
continue;
}
/*
* Show the fill name, or not.
*/
memcpy(name, rt.login, sizeof(rt.login));
name[sizeof(rt.login)] = '\0';
if (showname) {
if (rawoutput == 0) {
printf("%-10.10s %-17.17s %-5.5s %s%-3u %-9.9s %-15.15s %-.19s%s",
name,
showcid ? rt.caller_id :
(showsid? session_id : fullname(rt.login)),
proto(rt.proto, rt.porttype),
portind, portno,
dotime(rt.time),
hostname(nasname, sizeof(nasname), rt.nas_address),
hostname(othername, sizeof(othername), rt.framed_address), eol);
} else {
printf("%s,%s,%s,%s%u,%s,%s,%s%s",
name,
showcid ? rt.caller_id :
(showsid? session_id : fullname(rt.login)),
proto(rt.proto, rt.porttype),
portind, portno,
dotime(rt.time),
hostname(nasname, sizeof(nasname), rt.nas_address),
hostname(othername, sizeof(othername), rt.framed_address), eol);
}
} else {
if (rawoutput == 0) {
printf("%-10.10s %s%-5u %-6.6s %-13.13s %-15.15s %-.28s%s",
name,
portind, portno,
proto(rt.proto, rt.porttype),
dotime(rt.time),
hostname(nasname, sizeof(nasname), rt.nas_address),
hostname(othername, sizeof(othername), rt.framed_address),
eol);
} else {
printf("%s,%s%u,%s,%s,%s,%s%s",
name,
portind, portno,
proto(rt.proto, rt.porttype),
dotime(rt.time),
hostname(nasname, sizeof(nasname), rt.nas_address),
hostname(othername, sizeof(othername), rt.framed_address),
eol);
}
}
}
fclose(fp);
return 0;
}
int main(int argc, char **argv)
{
int argval;
bool quiet = false;
int sockfd = -1;
char *line = NULL;
ssize_t len;
char const *file = NULL;
char const *name = "radiusd";
char *p, buffer[65536];
char const *input_file = NULL;
FILE *inputfp = stdin;
char const *output_file = NULL;
char const *server = NULL;
char const *radius_dir = RADIUS_DIR;
char const *dict_dir = DICTDIR;
char *commands[MAX_COMMANDS];
int num_commands = -1;
#ifndef NDEBUG
if (fr_fault_setup(getenv("PANIC_ACTION"), argv[0]) < 0) {
fr_perror("radmin");
exit(EXIT_FAILURE);
}
#endif
talloc_set_log_stderr();
outputfp = stdout; /* stdout is not a constant value... */
if ((progname = strrchr(argv[0], FR_DIR_SEP)) == NULL) {
progname = argv[0];
} else {
progname++;
}
while ((argval = getopt(argc, argv, "d:D:hi:e:Ef:n:o:qs:S")) != EOF) {
switch (argval) {
case 'd':
if (file) {
fprintf(stderr, "%s: -d and -f cannot be used together.\n", progname);
exit(1);
}
if (server) {
fprintf(stderr, "%s: -d and -s cannot be used together.\n", progname);
exit(1);
}
radius_dir = optarg;
break;
case 'D':
dict_dir = optarg;
break;
case 'e':
num_commands++; /* starts at -1 */
if (num_commands >= MAX_COMMANDS) {
fprintf(stderr, "%s: Too many '-e'\n",
progname);
exit(1);
}
commands[num_commands] = optarg;
break;
case 'E':
echo = true;
break;
case 'f':
radius_dir = NULL;
file = optarg;
break;
default:
case 'h':
usage(0);
break;
case 'i':
if (strcmp(optarg, "-") != 0) {
input_file = optarg;
}
quiet = true;
break;
case 'n':
name = optarg;
break;
case 'o':
if (strcmp(optarg, "-") != 0) {
output_file = optarg;
}
quiet = true;
break;
case 'q':
quiet = true;
break;
case 's':
if (file) {
fprintf(stderr, "%s: -s and -f cannot be used together.\n", progname);
usage(1);
}
radius_dir = NULL;
server = optarg;
break;
case 'S':
secret = NULL;
break;
}
}
/*
* Mismatch between the binary and the libraries it depends on
*/
if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
fr_perror("radmin");
exit(1);
}
if (radius_dir) {
int rcode;
CONF_SECTION *cs, *subcs;
file = NULL; /* MUST read it from the conffile now */
snprintf(buffer, sizeof(buffer), "%s/%s.conf", radius_dir, name);
/*
* Need to read in the dictionaries, else we may get
* validation errors when we try and parse the config.
*/
if (dict_init(dict_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radmin");
exit(64);
}
if (dict_read(radius_dir, RADIUS_DICTIONARY) == -1) {
fr_perror("radmin");
exit(64);
}
cs = cf_file_read(buffer);
if (!cs) {
fprintf(stderr, "%s: Errors reading or parsing %s\n", progname, buffer);
usage(1);
}
subcs = NULL;
while ((subcs = cf_subsection_find_next(cs, subcs, "listen")) != NULL) {
char const *value;
CONF_PAIR *cp = cf_pair_find(subcs, "type");
if (!cp) continue;
value = cf_pair_value(cp);
if (!value) continue;
if (strcmp(value, "control") != 0) continue;
/*
* Now find the socket name (sigh)
*/
rcode = cf_item_parse(subcs, "socket", FR_ITEM_POINTER(PW_TYPE_STRING, &file), NULL);
if (rcode < 0) {
fprintf(stderr, "%s: Failed parsing listen section\n", progname);
exit(1);
}
if (!file) {
fprintf(stderr, "%s: No path given for socket\n", progname);
usage(1);
}
break;
}
if (!file) {
fprintf(stderr, "%s: Could not find control socket in %s\n", progname, buffer);
exit(1);
}
}
if (input_file) {
inputfp = fopen(input_file, "r");
if (!inputfp) {
fprintf(stderr, "%s: Failed opening %s: %s\n", progname, input_file, fr_syserror(errno));
exit(1);
}
}
if (output_file) {
outputfp = fopen(output_file, "w");
if (!outputfp) {
fprintf(stderr, "%s: Failed creating %s: %s\n", progname, output_file, fr_syserror(errno));
exit(1);
}
}
if (!file && !server) {
fprintf(stderr, "%s: Must use one of '-d' or '-f' or '-s'\n",
progname);
exit(1);
}
/*
* Check if stdin is a TTY only if input is from stdin
*/
if (input_file && !quiet && !isatty(STDIN_FILENO)) quiet = true;
#ifdef USE_READLINE
if (!quiet) {
#ifdef USE_READLINE_HISTORY
using_history();
#endif
rl_bind_key('\t', rl_insert);
}
#endif
/*
* Prevent SIGPIPEs from terminating the process
*/
signal(SIGPIPE, SIG_IGN);
if (do_connect(&sockfd, file, server) < 0) exit(1);
/*
* Run one command.
*/
if (num_commands >= 0) {
int i;
for (i = 0; i <= num_commands; i++) {
len = run_command(sockfd, commands[i], buffer, sizeof(buffer));
if (len < 0) exit(1);
if (buffer[0]) {
fputs(buffer, outputfp);
fprintf(outputfp, "\n");
fflush(outputfp);
}
}
exit(0);
}
if (!quiet) {
printf("%s - FreeRADIUS Server administration tool.\n", radmin_version);
printf("Copyright (C) 2008-2014 The FreeRADIUS server project and contributors.\n");
printf("There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\n");
printf("PARTICULAR PURPOSE.\n");
printf("You may redistribute copies of FreeRADIUS under the terms of the\n");
printf("GNU General Public License v2.\n");
}
/*
* FIXME: Do login?
*/
while (1) {
#ifndef USE_READLINE
if (!quiet) {
printf("radmin> ");
fflush(stdout);
}
#else
if (!quiet) {
line = readline("radmin> ");
if (!line) break;
if (!*line) {
free(line);
continue;
}
#ifdef USE_READLINE_HISTORY
add_history(line);
#endif
} else /* quiet, or no readline */
#endif
{
line = fgets(buffer, sizeof(buffer), inputfp);
if (!line) break;
p = strchr(buffer, '\n');
if (!p) {
fprintf(stderr, "%s: Input line too long\n",
progname);
exit(1);
}
*p = '\0';
/*
* Strip off leading spaces.
*/
for (p = line; *p != '\0'; p++) {
if ((p[0] == ' ') ||
(p[0] == '\t')) {
line = p + 1;
continue;
}
if (p[0] == '#') {
line = NULL;
break;
}
break;
}
/*
* Comments: keep going.
*/
if (!line) continue;
/*
* Strip off CR / LF
*/
for (p = line; *p != '\0'; p++) {
if ((p[0] == '\r') ||
(p[0] == '\n')) {
p[0] = '\0';
break;
}
}
}
if (strcmp(line, "reconnect") == 0) {
if (do_connect(&sockfd, file, server) < 0) exit(1);
line = NULL;
continue;
}
if (memcmp(line, "secret ", 7) == 0) {
if (!secret) {
secret = line + 7;
do_challenge(sockfd);
}
line = NULL;
continue;
}
/*
* Exit, done, etc.
*/
if ((strcmp(line, "exit") == 0) ||
(strcmp(line, "quit") == 0)) {
break;
}
if (server && !secret) {
fprintf(stderr, "ERROR: You must enter 'secret <SECRET>' before running any commands\n");
line = NULL;
continue;
}
len = run_command(sockfd, line, buffer, sizeof(buffer));
if ((len < 0) && (do_connect(&sockfd, file, server) < 0)) {
fprintf(stderr, "Reconnecting...");
exit(1);
} else if (len == 0) break;
else if (len == 1) continue; /* no output. */
fputs(buffer, outputfp);
fflush(outputfp);
fprintf(outputfp, "\n");
}
fprintf(outputfp, "\n");
return 0;
}
int main(int argc, char *argv[])
{
rs_t *conf;
fr_pcap_t *in = NULL, *in_p;
fr_pcap_t **in_head = ∈
fr_pcap_t *out = NULL;
int ret = 1; /* Exit status */
int limit = -1; /* How many packets to sniff */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error buffer */
int port = 1812;
char buffer[1024];
int opt;
FR_TOKEN parsecode;
char const *radius_dir = RADIUS_DIR;
rs_stats_t stats;
fr_debug_flag = 2;
log_dst = stdout;
talloc_set_log_stderr();
conf = talloc_zero(NULL, rs_t);
if (!fr_assert(conf)) {
exit (1);
}
/*
* We don't really want probes taking down machines
*/
#ifdef HAVE_TALLOC_SET_MEMLIMIT
talloc_set_memlimit(conf, 52428800); /* 50 MB */
#endif
/*
* Get options
*/
while ((opt = getopt(argc, argv, "c:d:DFf:hi:I:p:qr:s:Svw:xXW:P:O:")) != EOF) {
switch (opt) {
case 'c':
limit = atoi(optarg);
if (limit <= 0) {
fprintf(stderr, "radsniff: Invalid number of packets \"%s\"", optarg);
exit(1);
}
break;
case 'd':
radius_dir = optarg;
break;
case 'D':
{
pcap_if_t *all_devices = NULL;
pcap_if_t *dev_p;
if (pcap_findalldevs(&all_devices, errbuf) < 0) {
ERROR("Error getting available capture devices: %s", errbuf);
goto finish;
}
int i = 1;
for (dev_p = all_devices;
dev_p;
dev_p = dev_p->next) {
INFO("%i.%s", i++, dev_p->name);
}
ret = 0;
goto finish;
}
case 'F':
conf->from_stdin = true;
conf->to_stdout = true;
break;
case 'f':
conf->pcap_filter = optarg;
break;
case 'h':
usage(0);
break;
case 'i':
*in_head = fr_pcap_init(conf, optarg, PCAP_INTERFACE_IN);
if (!*in_head) {
goto finish;
}
in_head = &(*in_head)->next;
conf->from_dev = true;
break;
case 'I':
*in_head = fr_pcap_init(conf, optarg, PCAP_FILE_IN);
if (!*in_head) {
goto finish;
}
in_head = &(*in_head)->next;
conf->from_file = true;
break;
case 'p':
port = atoi(optarg);
break;
case 'q':
if (fr_debug_flag > 0) {
fr_debug_flag--;
}
break;
case 'r':
conf->radius_filter = optarg;
break;
case 's':
conf->radius_secret = optarg;
break;
case 'S':
conf->do_sort = true;
break;
case 'v':
#ifdef HAVE_COLLECTDC_H
INFO("%s, %s, collectdclient version %s", radsniff_version, pcap_lib_version(),
lcc_version_string());
#else
INFO("%s %s", radsniff_version, pcap_lib_version());
#endif
exit(0);
break;
case 'w':
out = fr_pcap_init(conf, optarg, PCAP_FILE_OUT);
conf->to_file = true;
break;
case 'x':
case 'X':
fr_debug_flag++;
break;
case 'W':
conf->stats.interval = atoi(optarg);
if (conf->stats.interval <= 0) {
ERROR("Stats interval must be > 0");
usage(64);
}
break;
case 'T':
conf->stats.timeout = atoi(optarg);
if (conf->stats.timeout <= 0) {
ERROR("Timeout value must be > 0");
usage(64);
}
break;
#ifdef HAVE_COLLECTDC_H
case 'P':
conf->stats.prefix = optarg;
break;
case 'O':
conf->stats.collectd = optarg;
conf->stats.out = RS_STATS_OUT_COLLECTD;
break;
#endif
default:
usage(64);
}
}
/* What's the point in specifying -F ?! */
if (conf->from_stdin && conf->from_file && conf->to_file) {
usage(64);
}
/* Can't read from both... */
if (conf->from_file && conf->from_dev) {
usage(64);
}
/* Reading from file overrides stdin */
if (conf->from_stdin && (conf->from_file || conf->from_dev)) {
conf->from_stdin = false;
}
/* Writing to file overrides stdout */
if (conf->to_file && conf->to_stdout) {
conf->to_stdout = false;
}
if (conf->to_stdout) {
out = fr_pcap_init(conf, "stdout", PCAP_STDIO_OUT);
if (!out) {
goto finish;
}
}
if (conf->from_stdin) {
*in_head = fr_pcap_init(conf, "stdin", PCAP_STDIO_IN);
if (!*in_head) {
goto finish;
}
in_head = &(*in_head)->next;
}
if (!conf->radius_secret) {
conf->radius_secret = RS_DEFAULT_SECRET;
}
if (conf->stats.interval && !conf->stats.out) {
conf->stats.out = RS_STATS_OUT_STDIO;
}
if (conf->stats.timeout == 0) {
conf->stats.timeout = RS_DEFAULT_TIMEOUT;
}
/*
* If were writing pcap data stdout we *really* don't want to send
* logging there as well.
*/
log_dst = conf->to_stdout ? stderr : stdout;
#if !defined(HAVE_PCAP_FOPEN_OFFLINE) || !defined(HAVE_PCAP_DUMP_FOPEN)
if (conf->from_stdin || conf->to_stdout) {
ERROR("PCAP streams not supported");
goto finish;
}
#endif
if (!conf->pcap_filter) {
snprintf(buffer, sizeof(buffer), "udp port %d or %d or %d",
port, port + 1, 3799);
conf->pcap_filter = buffer;
}
if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radsniff");
ret = 64;
goto finish;
}
fr_strerror(); /* Clear out any non-fatal errors */
if (conf->radius_filter) {
parsecode = userparse(NULL, conf->radius_filter, &filter_vps);
if (parsecode == T_OP_INVALID) {
ERROR("Invalid RADIUS filter \"%s\" (%s)", conf->radius_filter, fr_strerror());
ret = 64;
goto finish;
}
if (!filter_vps) {
ERROR("Empty RADIUS filter \"%s\"", conf->radius_filter);
ret = 64;
goto finish;
}
filter_tree = rbtree_create((rbcmp) fr_packet_cmp, _rb_rad_free, 0);
if (!filter_tree) {
ERROR("Failed creating filter tree");
ret = 64;
goto finish;
}
}
/*
* Setup the request tree
*/
request_tree = rbtree_create((rbcmp) fr_packet_cmp, _rb_rad_free, 0);
if (!request_tree) {
ERROR("Failed creating request tree");
goto finish;
}
/*
* Allocate a null packet for decrypting attributes in CoA requests
*/
nullpacket = rad_alloc(conf, 0);
if (!nullpacket) {
ERROR("Out of memory");
goto finish;
}
/*
* Get the default capture device
*/
if (!conf->from_stdin && !conf->from_file && !conf->from_dev) {
pcap_if_t *all_devices; /* List of all devices libpcap can listen on */
pcap_if_t *dev_p;
if (pcap_findalldevs(&all_devices, errbuf) < 0) {
ERROR("Error getting available capture devices: %s", errbuf);
goto finish;
}
if (!all_devices) {
ERROR("No capture files specified and no live interfaces available");
ret = 64;
goto finish;
}
for (dev_p = all_devices;
dev_p;
dev_p = dev_p->next) {
/* Don't use the any devices, it's horribly broken */
if (!strcmp(dev_p->name, "any")) continue;
*in_head = fr_pcap_init(conf, dev_p->name, PCAP_INTERFACE_IN);
in_head = &(*in_head)->next;
}
conf->from_auto = true;
conf->from_dev = true;
INFO("Defaulting to capture on all interfaces");
}
/*
* Print captures values which will be used
*/
if (fr_debug_flag > 2) {
DEBUG1("Sniffing with options:");
if (conf->from_dev) {
char *buff = fr_pcap_device_names(conf, in, ' ');
DEBUG1(" Device(s) : [%s]", buff);
talloc_free(buff);
}
if (conf->to_file || conf->to_stdout) {
DEBUG1(" Writing to : [%s]", out->name);
}
if (limit > 0) {
DEBUG1(" Capture limit (packets) : [%d]", limit);
}
DEBUG1(" PCAP filter : [%s]", conf->pcap_filter);
DEBUG1(" RADIUS secret : [%s]", conf->radius_secret);
if (filter_vps){
DEBUG1(" RADIUS filter :");
vp_printlist(log_dst, filter_vps);
}
}
/*
* Open our interface to collectd
*/
#ifdef HAVE_COLLECTDC_H
if (conf->stats.out == RS_STATS_OUT_COLLECTD) {
size_t i;
rs_stats_tmpl_t *tmpl, **next;
if (rs_stats_collectd_open(conf) < 0) {
exit(1);
}
next = &conf->stats.tmpl;
for (i = 0; i < (sizeof(rs_useful_codes) / sizeof(*rs_useful_codes)); i++) {
tmpl = rs_stats_collectd_init_latency(conf, next, conf, "radius_pkt_ex",
&stats.exchange[rs_useful_codes[i]],
rs_useful_codes[i]);
if (!tmpl) {
goto tmpl_error;
}
next = &(tmpl->next);
tmpl = rs_stats_collectd_init_counter(conf, next, conf, "radius_pkt",
&stats.gauge.type[rs_useful_codes[i]],
rs_useful_codes[i]);
if (!tmpl) {
tmpl_error:
ERROR("Error allocating memory for stats template");
goto finish;
}
next = &(tmpl->next);
}
}
#endif
/*
* This actually opens the capture interfaces/files (we just allocated the memory earlier)
*/
{
fr_pcap_t *prev = NULL;
for (in_p = in;
in_p;
in_p = in_p->next) {
if (fr_pcap_open(in_p) < 0) {
if (!conf->from_auto) {
ERROR("Failed opening pcap handle for %s", in_p->name);
goto finish;
}
DEBUG("Failed opening pcap handle: %s", fr_strerror());
/* Unlink it from the list */
if (prev) {
prev->next = in_p->next;
talloc_free(in_p);
in_p = prev;
} else {
in = in_p->next;
talloc_free(in_p);
in_p = in;
}
goto next;
}
if (conf->pcap_filter) {
if (fr_pcap_apply_filter(in_p, conf->pcap_filter) < 0) {
ERROR("Failed applying filter");
goto finish;
}
}
next:
prev = in_p;
}
}
/*
* Open our output interface (if we have one);
*/
if (out) {
if (fr_pcap_open(out) < 0) {
ERROR("Failed opening pcap output");
goto finish;
}
}
/*
* Setup and enter the main event loop. Who needs libev when you can roll your own...
*/
{
struct timeval now;
fr_event_list_t *events;
rs_update_t update;
char *buff;
memset(&stats, 0, sizeof(stats));
memset(&update, 0, sizeof(update));
events = fr_event_list_create(conf, _rs_event_status);
if (!events) {
ERROR();
goto finish;
}
for (in_p = in;
in_p;
in_p = in_p->next) {
rs_event_t *event;
event = talloc_zero(events, rs_event_t);
event->conf = conf;
event->in = in_p;
event->out = out;
event->stats = &stats;
if (!fr_event_fd_insert(events, 0, in_p->fd, rs_got_packet, event)) {
ERROR("Failed inserting file descriptor");
goto finish;
}
}
buff = fr_pcap_device_names(conf, in, ' ');
INFO("Sniffing on (%s)", buff);
talloc_free(buff);
gettimeofday(&now, NULL);
start_pcap = now;
/*
* Insert our stats processor
*/
if (conf->stats.interval) {
update.list = events;
update.conf = conf;
update.stats = &stats;
update.in = in;
now.tv_sec += conf->stats.interval;
now.tv_usec = 0;
fr_event_insert(events, rs_stats_process, (void *) &update, &now, NULL);
}
ret = fr_event_loop(events); /* Enter the main event loop */
}
INFO("Done sniffing");
finish:
if (filter_tree) {
rbtree_free(filter_tree);
}
INFO("Exiting...");
/*
* Free all the things! This also closes all the sockets and file descriptors
*/
talloc_free(conf);
return ret;
}
int main(int argc, char **argv)
{
int argval, quiet = 0;
int done_license = 0;
int sockfd;
uint32_t magic, needed;
char *line = NULL;
ssize_t len, size;
char const *file = NULL;
char const *name = "radiusd";
char *p, buffer[65536];
char const *input_file = NULL;
FILE *inputfp = stdin;
char const *output_file = NULL;
char const *server = NULL;
char *commands[MAX_COMMANDS];
int num_commands = -1;
#ifndef NDEBUG
fr_fault_setup(getenv("PANIC_ACTION"), argv[0]);
#endif
talloc_set_log_stderr();
outputfp = stdout; /* stdout is not a constant value... */
if ((progname = strrchr(argv[0], FR_DIR_SEP)) == NULL)
progname = argv[0];
else
progname++;
while ((argval = getopt(argc, argv, "d:hi:e:Ef:n:o:qs:S")) != EOF) {
switch(argval) {
case 'd':
if (file) {
fprintf(stderr, "%s: -d and -f cannot be used together.\n", progname);
exit(1);
}
if (server) {
fprintf(stderr, "%s: -d and -s cannot be used together.\n", progname);
exit(1);
}
radius_dir = optarg;
break;
case 'e':
num_commands++; /* starts at -1 */
if (num_commands >= MAX_COMMANDS) {
fprintf(stderr, "%s: Too many '-e'\n",
progname);
exit(1);
}
commands[num_commands] = optarg;
break;
case 'E':
echo = true;
break;
case 'f':
radius_dir = NULL;
file = optarg;
break;
default:
case 'h':
usage(0);
break;
case 'i':
if (strcmp(optarg, "-") != 0) {
input_file = optarg;
}
quiet = 1;
break;
case 'n':
name = optarg;
break;
case 'o':
if (strcmp(optarg, "-") != 0) {
output_file = optarg;
}
quiet = 1;
break;
case 'q':
quiet = 1;
break;
case 's':
if (file) {
fprintf(stderr, "%s: -s and -f cannot be used together.\n", progname);
usage(1);
}
radius_dir = NULL;
server = optarg;
break;
case 'S':
secret = NULL;
break;
}
}
/*
* Mismatch between the binary and the libraries it depends on
*/
if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
fr_perror("radmin");
exit(1);
}
if (radius_dir) {
int rcode;
CONF_SECTION *cs, *subcs;
file = NULL; /* MUST read it from the conffile now */
snprintf(buffer, sizeof(buffer), "%s/%s.conf",
radius_dir, name);
cs = cf_file_read(buffer);
if (!cs) {
fprintf(stderr, "%s: Errors reading or parsing %s\n", progname, buffer);
usage(1);
}
subcs = NULL;
while ((subcs = cf_subsection_find_next(cs, subcs, "listen")) != NULL) {
char const *value;
CONF_PAIR *cp = cf_pair_find(subcs, "type");
if (!cp) continue;
value = cf_pair_value(cp);
if (!value) continue;
if (strcmp(value, "control") != 0) continue;
/*
* Now find the socket name (sigh)
*/
rcode = cf_item_parse(subcs, "socket",
PW_TYPE_STRING_PTR,
&file, NULL);
if (rcode < 0) {
fprintf(stderr, "%s: Failed parsing listen section\n", progname);
exit(1);
}
if (!file) {
fprintf(stderr, "%s: No path given for socket\n", progname);
usage(1);
}
break;
}
if (!file) {
fprintf(stderr, "%s: Could not find control socket in %s\n", progname, buffer);
exit(1);
}
}
if (input_file) {
inputfp = fopen(input_file, "r");
if (!inputfp) {
fprintf(stderr, "%s: Failed opening %s: %s\n", progname, input_file, strerror(errno));
exit(1);
}
}
if (output_file) {
outputfp = fopen(output_file, "w");
if (!outputfp) {
fprintf(stderr, "%s: Failed creating %s: %s\n", progname, output_file, strerror(errno));
exit(1);
}
}
/*
* Check if stdin is a TTY only if input is from stdin
*/
if (input_file && !quiet && !isatty(STDIN_FILENO)) quiet = 1;
#ifdef USE_READLINE
if (!quiet) {
#ifdef USE_READLINE_HISTORY
using_history();
#endif
rl_bind_key('\t', rl_insert);
}
#endif
reconnect:
if (file) {
/*
* FIXME: Get destination from command line, if possible?
*/
sockfd = fr_domain_socket(file);
if (sockfd < 0) {
exit(1);
}
} else {
sockfd = client_socket(server);
}
/*
* Read initial magic && version information.
*/
for (size = 0; size < 8; size += len) {
len = read(sockfd, buffer + size, 8 - size);
if (len < 0) {
fprintf(stderr, "%s: Error reading initial data from socket: %s\n",
progname, strerror(errno));
exit(1);
}
}
memcpy(&magic, buffer, 4);
magic = ntohl(magic);
if (magic != 0xf7eead15) {
fprintf(stderr, "%s: Socket %s is not FreeRADIUS administration socket\n", progname, file);
exit(1);
}
memcpy(&magic, buffer + 4, 4);
magic = ntohl(magic);
if (!server) {
needed = 1;
} else {
needed = 2;
}
if (magic != needed) {
fprintf(stderr, "%s: Socket version mismatch: Need %d, got %d\n",
progname, needed, magic);
exit(1);
}
if (server && secret) do_challenge(sockfd);
/*
* Run one command.
*/
if (num_commands >= 0) {
int i;
for (i = 0; i <= num_commands; i++) {
size = run_command(sockfd, commands[i],
buffer, sizeof(buffer));
if (size < 0) exit(1);
if (buffer[0]) {
fputs(buffer, outputfp);
fprintf(outputfp, "\n");
fflush(outputfp);
}
}
exit(0);
}
if (!done_license && !quiet) {
printf("%s - FreeRADIUS Server administration tool.\n", radmin_version);
printf("Copyright (C) 2008-2014 The FreeRADIUS server project and contributors.\n");
printf("There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\n");
printf("PARTICULAR PURPOSE.\n");
printf("You may redistribute copies of FreeRADIUS under the terms of the\n");
printf("GNU General Public License v2.\n");
done_license = 1;
}
/*
* FIXME: Do login?
*/
while (1) {
#ifndef USE_READLINE
if (!quiet) {
printf("radmin> ");
fflush(stdout);
}
#else
if (!quiet) {
line = readline("radmin> ");
if (!line) break;
if (!*line) {
free(line);
continue;
}
#ifdef USE_READLINE_HISTORY
add_history(line);
#endif
} else /* quiet, or no readline */
#endif
{
line = fgets(buffer, sizeof(buffer), inputfp);
if (!line) break;
p = strchr(buffer, '\n');
if (!p) {
fprintf(stderr, "%s: Input line too long\n",
progname);
exit(1);
}
*p = '\0';
/*
* Strip off leading spaces.
*/
for (p = line; *p != '\0'; p++) {
if ((p[0] == ' ') ||
(p[0] == '\t')) {
line = p + 1;
continue;
}
if (p[0] == '#') {
line = NULL;
break;
}
break;
}
/*
* Comments: keep going.
*/
if (!line) continue;
/*
* Strip off CR / LF
*/
for (p = line; *p != '\0'; p++) {
if ((p[0] == '\r') ||
(p[0] == '\n')) {
p[0] = '\0';
break;
}
}
}
if (strcmp(line, "reconnect") == 0) {
close(sockfd);
line = NULL;
goto reconnect;
}
if (memcmp(line, "secret ", 7) == 0) {
if (!secret) {
secret = line + 7;
do_challenge(sockfd);
}
line = NULL;
continue;
}
/*
* Exit, done, etc.
*/
if ((strcmp(line, "exit") == 0) ||
(strcmp(line, "quit") == 0)) {
break;
}
if (server && !secret) {
fprintf(stderr, "ERROR: You must enter 'secret <SECRET>' before running any commands\n");
line = NULL;
continue;
}
size = run_command(sockfd, line, buffer, sizeof(buffer));
if (size <= 0) break; /* error, or clean exit */
if (size == 1) continue; /* no output. */
fputs(buffer, outputfp);
fflush(outputfp);
fprintf(outputfp, "\n");
}
fprintf(outputfp, "\n");
return 0;
}
int main(int argc, char **argv)
{
int c;
char filesecret[256];
FILE *fp;
int force_af = AF_UNSPEC;
radsnmp_conf_t *conf;
int ret;
int sockfd;
TALLOC_CTX *autofree = talloc_autofree_context();
fr_log_fp = stderr;
conf = talloc_zero(autofree, radsnmp_conf_t);
conf->proto = IPPROTO_UDP;
conf->dict_dir = DICTDIR;
conf->raddb_dir = RADDBDIR;
conf->secret = talloc_strdup(conf, "testing123");
conf->timeout.tv_sec = 3;
conf->retries = 5;
#ifndef NDEBUG
if (fr_fault_setup(autofree, getenv("PANIC_ACTION"), argv[0]) < 0) {
fr_perror("radsnmp");
exit(EXIT_FAILURE);
}
#endif
talloc_set_log_stderr();
while ((c = getopt(argc, argv, "46c:d:D:f:Fhi:l:n:p:P:qr:sS:t:vx")) != -1) switch (c) {
case '4':
force_af = AF_INET;
break;
case '6':
force_af = AF_INET6;
break;
case 'D':
conf->dict_dir = optarg;
break;
case 'd':
conf->raddb_dir = optarg;
break;
case 'l':
{
int log_fd;
if (strcmp(optarg, "stderr") == 0) {
fr_log_fp = stderr; /* stdout goes to netsnmp */
break;
}
log_fd = open(optarg, O_WRONLY | O_APPEND | O_CREAT, 0640);
if (log_fd < 0) {
fprintf(stderr, "radsnmp: Failed to open log file %s: %s\n",
optarg, fr_syserror(errno));
exit(EXIT_FAILURE);
}
fr_log_fp = fdopen(log_fd, "a");
}
break;
case 'P':
conf->proto_str = optarg;
if (strcmp(conf->proto_str, "tcp") != 0) {
if (strcmp(conf->proto_str, "udp") != 0) usage();
} else {
conf->proto = IPPROTO_TCP;
}
break;
case 'r':
if (!isdigit((int) *optarg)) usage();
conf->retries = atoi(optarg);
if ((conf->retries == 0) || (conf->retries > 1000)) usage();
break;
case 'S':
{
char *p;
fp = fopen(optarg, "r");
if (!fp) {
ERROR("Error opening %s: %s", optarg, fr_syserror(errno));
exit(EXIT_FAILURE);
}
if (fgets(filesecret, sizeof(filesecret), fp) == NULL) {
ERROR("Error reading %s: %s", optarg, fr_syserror(errno));
exit(EXIT_FAILURE);
}
fclose(fp);
/* truncate newline */
p = filesecret + strlen(filesecret) - 1;
while ((p >= filesecret) &&
(*p < ' ')) {
*p = '\0';
--p;
}
if (strlen(filesecret) < 2) {
ERROR("Secret in %s is too short", optarg);
exit(EXIT_FAILURE);
}
talloc_free(conf->secret);
conf->secret = talloc_strdup(conf, filesecret);
}
break;
case 't':
if (fr_timeval_from_str(&conf->timeout, optarg) < 0) {
ERROR("Failed parsing timeout value %s", fr_strerror());
exit(EXIT_FAILURE);
}
break;
case 'v':
DEBUG("%s", radsnmp_version);
exit(0);
case 'x':
fr_debug_lvl++;
break;
case 'h':
default:
usage();
}
argc -= (optind - 1);
argv += (optind - 1);
if ((argc < 2) || ((conf->secret == NULL) && (argc < 3))) {
ERROR("Insufficient arguments");
usage();
}
/*
* Mismatch between the binary and the libraries it depends on
*/
if (fr_check_lib_magic(RADIUSD_MAGIC_NUMBER) < 0) {
fr_perror("radsnmp");
return EXIT_FAILURE;
}
if (fr_dict_autoload(radsnmp_dict) < 0) {
fr_perror("radsnmp");
exit(EXIT_FAILURE);
}
if (fr_dict_attr_autoload(radsnmp_dict_attr) < 0) {
fr_perror("radsnmp");
exit(EXIT_FAILURE);
}
if (fr_dict_read(dict_freeradius, conf->raddb_dir, FR_DICTIONARY_FILE) == -1) {
fr_perror("radsnmp");
exit(EXIT_FAILURE);
}
fr_strerror(); /* Clear the error buffer */
if (fr_log_fp) setvbuf(fr_log_fp, NULL, _IONBF, 0);
/*
* Get the request type
*/
if (!isdigit((int) argv[2][0])) {
int code;
code = fr_str2int(fr_request_types, argv[2], -1);
if (code < 0) {
ERROR("Unrecognised request type \"%s\"", argv[2]);
usage();
}
conf->code = (unsigned int)code;
} else {
conf->code = atoi(argv[2]);
}
/*
* Resolve hostname.
*/
if (fr_inet_pton_port(&conf->server_ipaddr, &conf->server_port, argv[1], -1, force_af, true, true) < 0) {
ERROR("%s", fr_strerror());
exit(EXIT_FAILURE);
}
/*
* Add the secret
*/
if (argv[3]) {
talloc_free(conf->secret);
conf->secret = talloc_strdup(conf, argv[3]);
}
conf->snmp_root = fr_dict_attr_child_by_num(attr_vendor_specific, VENDORPEC_FREERADIUS);
if (!conf->snmp_root) {
ERROR("Incomplete dictionary: Missing definition for Extended-Attribute-1(%i)."
"Vendor-Specific(%i).FreeRADIUS(%i)",
attr_extended_attribute_1->attr,
attr_vendor_specific->attr,
VENDORPEC_FREERADIUS);
dict_error:
talloc_free(conf);
exit(EXIT_FAILURE);
}
conf->snmp_oid_root = fr_dict_attr_child_by_num(conf->snmp_root, 1);
if (!conf->snmp_oid_root) {
ERROR("Incomplete dictionary: Missing definition for 1.Extended-Attribute-1(%i)."
"Vendor-Specific(%i).FreeRADIUS(%i).FreeRADIUS-Iso(%i)",
attr_extended_attribute_1->attr,
attr_vendor_specific->attr,
VENDORPEC_FREERADIUS, 1);
goto dict_error;
}
switch (conf->proto) {
case IPPROTO_TCP:
sockfd = fr_socket_client_tcp(NULL, &conf->server_ipaddr, conf->server_port, true);
break;
default:
case IPPROTO_UDP:
sockfd = fr_socket_client_udp(NULL, NULL, &conf->server_ipaddr, conf->server_port, true);
break;
}
if (sockfd < 0) {
ERROR("Failed connecting to server %s:%hu", "foo", conf->server_port);
ret = 1;
goto finish;
}
fr_set_signal(SIGPIPE, rs_signal_stop);
fr_set_signal(SIGINT, rs_signal_stop);
fr_set_signal(SIGTERM, rs_signal_stop);
#ifdef SIGQUIT
fr_set_signal(SIGQUIT, rs_signal_stop);
#endif
DEBUG("%s - Starting pass_persist read loop", radsnmp_version);
ret = radsnmp_send_recv(conf, sockfd);
DEBUG("Read loop done");
finish:
if (fr_log_fp) fflush(fr_log_fp);
/*
* Everything should be parented from conf
*/
talloc_free(conf);
/*
* ...except the dictionaries
*/
fr_dict_autofree(radsnmp_dict);
return ret;
}
int main(int argc, char *argv[])
{
char const *from_dev = NULL; /* Capture from device */
char const *from_file = NULL; /* Read from pcap file */
int from_stdin = 0; /* Read from stdin */
pcap_t *in = NULL; /* PCAP input handle */
int limit = -1; /* How many packets to sniff */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error buffer */
char *to_file = NULL; /* PCAP output file */
char *pcap_filter = NULL; /* PCAP filter string */
char *radius_filter = NULL;
int port = 1812;
struct bpf_program fp; /* Holds compiled filter */
bpf_u_int32 ip_mask = PCAP_NETMASK_UNKNOWN; /* Device Subnet mask */
bpf_u_int32 ip_addr = 0; /* Device IP */
char buffer[1024];
int opt;
FR_TOKEN parsecode;
char const *radius_dir = RADIUS_DIR;
fr_debug_flag = 2;
log_dst = stdout;
talloc_set_log_stderr();
/*
* Get options
*/
while ((opt = getopt(argc, argv, "c:d:Ff:hi:I:p:qr:s:Svw:xX")) != EOF) {
switch (opt) {
case 'c':
limit = atoi(optarg);
if (limit <= 0) {
fprintf(stderr, "radsniff: Invalid number of packets \"%s\"\n", optarg);
exit(1);
}
break;
case 'd':
radius_dir = optarg;
break;
case 'F':
from_stdin = 1;
to_stdout = 1;
break;
case 'f':
pcap_filter = optarg;
break;
case 'h':
usage(0);
break;
case 'i':
from_dev = optarg;
break;
case 'I':
from_file = optarg;
break;
case 'p':
port = atoi(optarg);
break;
case 'q':
if (fr_debug_flag > 0) {
fr_debug_flag--;
}
break;
case 'r':
radius_filter = optarg;
break;
case 's':
radius_secret = optarg;
break;
case 'S':
do_sort = 1;
break;
case 'v':
INFO("%s %s\n", radsniff_version, pcap_lib_version());
exit(0);
break;
case 'w':
to_file = optarg;
break;
case 'x':
case 'X':
fr_debug_flag++;
break;
default:
usage(64);
}
}
/* What's the point in specifying -F ?! */
if (from_stdin && from_file && to_file) {
usage(64);
}
/* Can't read from both... */
if (from_file && from_dev) {
usage(64);
}
/* Reading from file overrides stdin */
if (from_stdin && (from_file || from_dev)) {
from_stdin = 0;
}
/* Writing to file overrides stdout */
if (to_file && to_stdout) {
to_stdout = 0;
}
/*
* If were writing pcap data stdout we *really* don't want to send
* logging there as well.
*/
log_dst = to_stdout ? stderr : stdout;
#if !defined(HAVE_PCAP_FOPEN_OFFLINE) || !defined(HAVE_PCAP_DUMP_FOPEN)
if (from_stdin || to_stdout) {
ERROR("PCAP streams not supported.\n");
exit(64);
}
#endif
if (!pcap_filter) {
pcap_filter = buffer;
snprintf(buffer, sizeof(buffer), "udp port %d or %d or %d",
port, port + 1, 3799);
}
/*
* There are times when we don't need the dictionaries.
*/
if (!to_stdout) {
if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radsniff");
exit(64);
}
}
if (radius_filter) {
parsecode = userparse(NULL, radius_filter, &filter_vps);
if (parsecode == T_OP_INVALID) {
ERROR("Invalid RADIUS filter \"%s\" (%s)\n", radius_filter, fr_strerror());
exit(64);
}
if (!filter_vps) {
ERROR("Empty RADIUS filter \"%s\"\n", radius_filter);
exit(64);
}
filter_tree = rbtree_create((rbcmp) fr_packet_cmp, free, 0);
if (!filter_tree) {
ERROR("Failed creating filter tree\n");
exit(1);
}
}
/*
* Setup the request tree
*/
request_tree = rbtree_create((rbcmp) fr_packet_cmp, free, 0);
if (!request_tree) {
ERROR("Failed creating request tree\n");
exit(1);
}
/*
* Allocate a null packet for decrypting attributes in CoA requests
*/
nullpacket = rad_alloc(NULL, 0);
if (!nullpacket) {
ERROR("Out of memory\n");
exit(1);
}
/*
* Get the default capture device
*/
if (!from_stdin && !from_file && !from_dev) {
from_dev = pcap_lookupdev(errbuf);
if (!from_dev) {
fprintf(stderr, "radsniff: Failed discovering default interface (%s)\n", errbuf);
exit(1);
}
INFO("Capturing from interface \"%s\"\n", from_dev);
}
/*
* Print captures values which will be used
*/
if (fr_debug_flag > 2) {
DEBUG1("Sniffing with options:\n");
if (from_dev) DEBUG1(" Device : [%s]\n", from_dev);
if (limit > 0) DEBUG1(" Capture limit (packets) : [%d]\n", limit);
DEBUG1(" PCAP filter : [%s]\n", pcap_filter);
DEBUG1(" RADIUS secret : [%s]\n", radius_secret);
if (filter_vps){DEBUG1(" RADIUS filter :\n");
vp_printlist(log_dst, filter_vps);
}
}
/*
* Figure out whether were doing a reading from a file, doing a live
* capture or reading from stdin.
*/
if (from_file) {
in = pcap_open_offline(from_file, errbuf);
#ifdef HAVE_PCAP_FOPEN_OFFLINE
} else if (from_stdin) {
in = pcap_fopen_offline(stdin, errbuf);
#endif
} else if (from_dev) {
pcap_lookupnet(from_dev, &ip_addr, &ip_mask, errbuf);
in = pcap_open_live(from_dev, 65536, 1, 1, errbuf);
} else {
ERROR("No capture devices available\n");
}
if (!in) {
ERROR("Failed opening input (%s)\n", errbuf);
exit(1);
}
if (to_file) {
out = pcap_dump_open(in, to_file);
if (!out) {
ERROR("Failed opening output file (%s)\n", pcap_geterr(in));
exit(1);
}
#ifdef HAVE_PCAP_DUMP_FOPEN
} else if (to_stdout) {
out = pcap_dump_fopen(in, stdout);
if (!out) {
ERROR("Failed opening stdout (%s)\n", pcap_geterr(in));
exit(1);
}
#endif
}
/*
* Apply the rules
*/
if (pcap_compile(in, &fp, pcap_filter, 0, ip_mask) < 0) {
ERROR("Failed compiling PCAP filter (%s)\n", pcap_geterr(in));
exit(1);
}
if (pcap_setfilter(in, &fp) < 0) {
ERROR("Failed applying PCAP filter (%s)\n", pcap_geterr(in));
exit(1);
}
/*
* Enter the main capture loop...
*/
pcap_loop(in, limit, got_packet, NULL);
/*
* ...were done capturing.
*/
pcap_close(in);
if (out) {
pcap_dump_close(out);
}
if (filter_tree) {
rbtree_free(filter_tree);
}
INFO("Done sniffing\n");
return 0;
}
int main(int argc, char * const *argv)
{
int i;
_global_argc = argc;
_global_argv = argv;
/* talloc initialization, needs to come before any talloc calls */
talloc_enable_leak_report();
talloc_set_log_stderr();
/* Generates a root context, which is used to track all the memory
* allocated by talloc. */
root_context = talloc_init("main(): root_context");
o = clopts_new(root_context, argc, argv);
/* clopts are NULL when a short print is triggered -- this just
* cleans up so there isn't a talloc error message. */
if (o == NULL) {
TALLOC_FREE(root_context);
return 0;
}
/* Start without having found the binary or the source. */
found_binary = false;
mf = makefile_new(o);
if (mf == NULL) {
#ifndef DEBUG
fprintf(stderr, "Internal error allocating makefile\n");
#endif
TALLOC_FREE(o);
return 2;
}
ll = languagelist_new(o);
if (ll == NULL) {
#ifndef DEBUG
fprintf(stderr, "Internal error allocating languagelist\n");
#endif
TALLOC_FREE(o);
return 3;
}
s = contextstack_new(o, mf, ll);
if (s == NULL) {
#ifndef DEBUG
fprintf(stderr, "Internal error allocating contextstack\n");
#endif
TALLOC_FREE(o);
return 3;
}
/* Reads every input file in order */
for (i = 0; i < o->infile_count; i++) {
if (parse_file(o->infiles[i]) != 0) {
break;
}
}
/* If there's anything left on the stack, then clear everything out */
while (!contextstack_isempty(s)) {
void *context;
context = talloc_new(NULL);
/* We already know that there is an element on the stack, so there
* is no need to check for errors. */
contextstack_pop(s, context);
/* That's all we need to do, as free()ing the context will cause it to
* be cleaned up and pushed over to */
TALLOC_FREE(context);
}
TALLOC_FREE(o);
/* Remove this and you'll end up with a leak report. */
TALLOC_FREE(root_context);
return 0;
}
int main(int argc, char **argv)
{
char *p;
int c;
char const *radius_dir = RADDBDIR;
char filesecret[256];
FILE *fp;
int do_summary = 0;
int persec = 0;
int parallel = 1;
radclient_t *this;
int force_af = AF_UNSPEC;
fr_debug_flag = 0;
talloc_set_log_stderr();
filename_tree = rbtree_create(filename_cmp, NULL, 0);
if (!filename_tree) {
fprintf(stderr, "radclient: Out of memory\n");
exit(1);
}
while ((c = getopt(argc, argv, "46c:d:f:Fhi:n:p:qr:sS:t:vx"
#ifdef WITH_TCP
"P:"
#endif
)) != EOF) switch(c) {
case '4':
force_af = AF_INET;
break;
case '6':
force_af = AF_INET6;
break;
case 'c':
if (!isdigit((int) *optarg))
usage();
resend_count = atoi(optarg);
break;
case 'd':
radius_dir = optarg;
break;
case 'f':
rbtree_insert(filename_tree, optarg);
break;
case 'F':
print_filename = 1;
break;
case 'i': /* currently broken */
if (!isdigit((int) *optarg))
usage();
last_used_id = atoi(optarg);
if ((last_used_id < 0) || (last_used_id > 255)) {
usage();
}
break;
case 'n':
persec = atoi(optarg);
if (persec <= 0) usage();
break;
/*
* Note that sending MANY requests in
* parallel can over-run the kernel
* queues, and Linux will happily discard
* packets. So even if the server responds,
* the client may not see the response.
*/
case 'p':
parallel = atoi(optarg);
if (parallel <= 0) usage();
break;
#ifdef WITH_TCP
case 'P':
proto = optarg;
if (strcmp(proto, "tcp") != 0) {
if (strcmp(proto, "udp") == 0) {
proto = NULL;
} else {
usage();
}
} else {
ipproto = IPPROTO_TCP;
}
break;
#endif
case 'q':
do_output = 0;
fr_log_fp = NULL; /* no output from you, either! */
break;
case 'r':
if (!isdigit((int) *optarg))
usage();
retries = atoi(optarg);
if ((retries == 0) || (retries > 1000)) usage();
break;
case 's':
do_summary = 1;
break;
case 'S':
fp = fopen(optarg, "r");
if (!fp) {
fprintf(stderr, "radclient: Error opening %s: %s\n",
optarg, strerror(errno));
exit(1);
}
if (fgets(filesecret, sizeof(filesecret), fp) == NULL) {
fprintf(stderr, "radclient: Error reading %s: %s\n",
optarg, strerror(errno));
exit(1);
}
fclose(fp);
/* truncate newline */
p = filesecret + strlen(filesecret) - 1;
while ((p >= filesecret) &&
(*p < ' ')) {
*p = '\0';
--p;
}
if (strlen(filesecret) < 2) {
fprintf(stderr, "radclient: Secret in %s is too short\n", optarg);
exit(1);
}
secret = filesecret;
break;
case 't':
if (!isdigit((int) *optarg))
usage();
timeout = atof(optarg);
break;
case 'v':
printf("%s\n", radclient_version);
exit(0);
break;
case 'x':
fr_debug_flag++;
fr_log_fp = stdout;
break;
case 'h':
default:
usage();
break;
}
argc -= (optind - 1);
argv += (optind - 1);
if ((argc < 3) ||
((secret == NULL) && (argc < 4))) {
usage();
}
if (dict_init(radius_dir, RADIUS_DICTIONARY) < 0) {
fr_perror("radclient");
return 1;
}
/*
* Resolve hostname.
*/
if (force_af == AF_UNSPEC) force_af = AF_INET;
server_ipaddr.af = force_af;
if (strcmp(argv[1], "-") != 0) {
char const *hostname = argv[1];
char const *portname = argv[1];
char buffer[256];
if (*argv[1] == '[') { /* IPv6 URL encoded */
p = strchr(argv[1], ']');
if ((size_t) (p - argv[1]) >= sizeof(buffer)) {
usage();
}
memcpy(buffer, argv[1] + 1, p - argv[1] - 1);
buffer[p - argv[1] - 1] = '\0';
hostname = buffer;
portname = p + 1;
}
p = strchr(portname, ':');
if (p && (strchr(p + 1, ':') == NULL)) {
*p = '\0';
portname = p + 1;
} else {
portname = NULL;
}
if (ip_hton(hostname, force_af, &server_ipaddr) < 0) {
fprintf(stderr, "radclient: Failed to find IP address for host %s: %s\n", hostname, strerror(errno));
exit(1);
}
/*
* Strip port from hostname if needed.
*/
if (portname) server_port = atoi(portname);
}
/*
* See what kind of request we want to send.
*/
if (strcmp(argv[2], "auth") == 0) {
if (server_port == 0) server_port = getport("radius");
if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
packet_code = PW_CODE_AUTHENTICATION_REQUEST;
} else if (strcmp(argv[2], "challenge") == 0) {
if (server_port == 0) server_port = getport("radius");
if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
packet_code = PW_CODE_ACCESS_CHALLENGE;
} else if (strcmp(argv[2], "acct") == 0) {
if (server_port == 0) server_port = getport("radacct");
if (server_port == 0) server_port = PW_ACCT_UDP_PORT;
packet_code = PW_CODE_ACCOUNTING_REQUEST;
do_summary = 0;
} else if (strcmp(argv[2], "status") == 0) {
if (server_port == 0) server_port = getport("radius");
if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
packet_code = PW_CODE_STATUS_SERVER;
} else if (strcmp(argv[2], "disconnect") == 0) {
if (server_port == 0) server_port = PW_COA_UDP_PORT;
packet_code = PW_CODE_DISCONNECT_REQUEST;
} else if (strcmp(argv[2], "coa") == 0) {
if (server_port == 0) server_port = PW_COA_UDP_PORT;
packet_code = PW_CODE_COA_REQUEST;
} else if (strcmp(argv[2], "auto") == 0) {
packet_code = -1;
} else if (isdigit((int) argv[2][0])) {
if (server_port == 0) server_port = getport("radius");
if (server_port == 0) server_port = PW_AUTH_UDP_PORT;
packet_code = atoi(argv[2]);
} else {
usage();
}
/*
* Add the secret.
*/
if (argv[3]) secret = argv[3];
/*
* If no '-f' is specified, we're reading from stdin.
*/
if (rbtree_num_elements(filename_tree) == 0) {
if (!radclient_init("-")) exit(1);
}
/*
* Walk over the list of filenames, creating the requests.
*/
if (rbtree_walk(filename_tree, InOrder, filename_walk, NULL) != 0) {
fprintf(stderr, "Failed walking over filenames\n");
exit(1);
}
/*
* No packets read. Die.
*/
if (!radclient_head) {
fprintf(stderr, "radclient: Nothing to send.\n");
exit(1);
}
/*
* Bind to the first specified IP address and port.
* This means we ignore later ones.
*/
if (radclient_head->request->src_ipaddr.af == AF_UNSPEC) {
memset(&client_ipaddr, 0, sizeof(client_ipaddr));
client_ipaddr.af = server_ipaddr.af;
client_port = 0;
} else {
client_ipaddr = radclient_head->request->src_ipaddr;
client_port = radclient_head->request->src_port;
}
#ifdef WITH_TCP
if (proto) {
sockfd = fr_tcp_client_socket(NULL, &server_ipaddr, server_port);
} else
#endif
sockfd = fr_socket(&client_ipaddr, client_port);
if (sockfd < 0) {
fprintf(stderr, "radclient: socket: %s\n", fr_strerror());
exit(1);
}
pl = fr_packet_list_create(1);
if (!pl) {
fprintf(stderr, "radclient: Out of memory\n");
exit(1);
}
if (!fr_packet_list_socket_add(pl, sockfd, ipproto, &server_ipaddr,
server_port, NULL)) {
fprintf(stderr, "radclient: Out of memory\n");
exit(1);
}
/*
* Walk over the list of packets, sanity checking
* everything.
*/
for (this = radclient_head; this != NULL; this = this->next) {
this->request->src_ipaddr = client_ipaddr;
this->request->src_port = client_port;
if (radclient_sane(this) != 0) {
exit(1);
}
}
/*
* Walk over the packets to send, until
* we're all done.
*
* FIXME: This currently busy-loops until it receives
* all of the packets. It should really have some sort of
* send packet, get time to wait, select for time, etc.
* loop.
*/
do {
int n = parallel;
radclient_t *next;
char const *filename = NULL;
done = 1;
sleep_time = -1;
/*
* Walk over the packets, sending them.
*/
for (this = radclient_head; this != NULL; this = next) {
next = this->next;
/*
* If there's a packet to receive,
* receive it, but don't wait for a
* packet.
*/
recv_one_packet(0);
/*
* This packet is done. Delete it.
*/
if (this->done) {
radclient_free(this);
continue;
}
/*
* Packets from multiple '-f' are sent
* in parallel.
*
* Packets from one file are sent in
* series, unless '-p' is specified, in
* which case N packets from each file
* are sent in parallel.
*/
if (this->filename != filename) {
filename = this->filename;
n = parallel;
}
if (n > 0) {
n--;
/*
* Send the current packet.
*/
send_one_packet(this);
/*
* Wait a little before sending
* the next packet, if told to.
*/
if (persec) {
struct timeval tv;
/*
* Don't sleep elsewhere.
*/
sleep_time = 0;
if (persec == 1) {
tv.tv_sec = 1;
tv.tv_usec = 0;
} else {
tv.tv_sec = 0;
tv.tv_usec = 1000000/persec;
}
/*
* Sleep for milliseconds,
* portably.
*
* If we get an error or
* a signal, treat it like
* a normal timeout.
*/
select(0, NULL, NULL, NULL, &tv);
}
/*
* If we haven't sent this packet
* often enough, we're not done,
* and we shouldn't sleep.
*/
if (this->resend < resend_count) {
done = 0;
sleep_time = 0;
}
} else { /* haven't sent this packet, we're not done */
assert(this->done == 0);
assert(this->reply == NULL);
done = 0;
}
}
/*
* Still have outstanding requests.
*/
if (fr_packet_list_num_elements(pl) > 0) {
done = 0;
} else {
sleep_time = 0;
}
/*
* Nothing to do until we receive a request, so
* sleep until then. Once we receive one packet,
* we go back, and walk through the whole list again,
* sending more packets (if necessary), and updating
* the sleep time.
*/
if (!done && (sleep_time > 0)) {
recv_one_packet(sleep_time);
}
} while (!done);
rbtree_free(filename_tree);
fr_packet_list_free(pl);
while (radclient_head) radclient_free(radclient_head);
dict_free();
if (do_summary) {
printf("\n\t Total approved auths: %d\n", totalapp);
printf("\t Total denied auths: %d\n", totaldeny);
printf("\t Total lost auths: %d\n", totallost);
}
if (success) return 0;
return 1;
}