1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/* RADIUS/RadSec client using libradsec in blocking mode. */
#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <radsec/radsec.h>
#include <radsec/request.h>
#include "err.h"
#include "debug.h" /* For rs_dump_packet(). */
#define SECRET "sikrit"
#define USER_NAME "molgan@PROJECT-MOONSHOT.ORG"
#define USER_PW "password"
struct rs_error *
blocking_client (const char *config_fn, const char *configuration,
int use_request_object_flag)
{
struct rs_context *h = NULL;
struct rs_connection *conn = NULL;
struct rs_request *request = NULL;
struct rs_packet *req = NULL, *resp = NULL;
struct rs_error *err = NULL;
int r;
r = rs_context_create (&h);
if (r)
{
assert(r == RSE_NOMEM);
assert (!"out of RAM -- unable to create libradsec context");
}
#if !defined (USE_CONFIG_FILE)
{
struct rs_peer *server;
if (rs_conn_create (h, &conn, NULL))
goto cleanup;
rs_conn_set_type (conn, RS_CONN_TYPE_UDP);
if (rs_peer_create (conn, &server))
goto cleanup;
if (rs_peer_set_address (server, av1, av2))
goto cleanup;
rs_peer_set_timeout (server, 1);
rs_peer_set_retries (server, 3);
if (rs_peer_set_secret (server, SECRET))
goto cleanup;
}
#else /* defined (USE_CONFIG_FILE) */
if (rs_context_read_config (h, config_fn))
goto cleanup;
if (rs_conn_create (h, &conn, configuration))
goto cleanup;
#endif /* defined (USE_CONFIG_FILE) */
if (use_request_object_flag)
{
if (rs_request_create_authn (conn, &request, USER_NAME, USER_PW, SECRET))
goto cleanup;
if (rs_request_send (request, &resp))
goto cleanup;
}
else
{
if (rs_packet_create_authn_request (conn, &req, USER_NAME, USER_PW, SECRET))
goto cleanup;
if (rs_packet_send (req, NULL))
goto cleanup;
if (rs_conn_receive_packet (conn, req, &resp))
goto cleanup;
}
if (resp)
{
rs_dump_packet (resp);
if (rs_packet_code (resp) == PW_ACCESS_ACCEPT)
printf ("Good auth.\n");
else
printf ("Bad auth: %d\n", rs_packet_code (resp));
}
else
fprintf (stderr, "%s: no response\n", __func__);
cleanup:
err = rs_err_ctx_pop (h);
if (err == RSE_OK)
err = rs_err_conn_pop (conn);
if (resp)
rs_packet_destroy (resp);
if (request)
rs_request_destroy (request);
if (conn)
rs_conn_destroy (conn);
if (h)
rs_context_destroy (h);
return err;
}
void
usage (int argc, char *argv[])
{
fprintf (stderr, "usage: %s: [-r] config-file config-name\n", argv[0]);
exit (1);
}
int
main (int argc, char *argv[])
{
int use_request_object_flag = 0;
struct rs_error *err;
if (argc > 1 && argv[1] && argv[1][0] == '-' && argv[1][1] == 'r')
{
use_request_object_flag = 1;
argc--;
argv++;
}
if (argc < 3)
usage (argc, argv);
err = blocking_client (argv[1], argv[2], use_request_object_flag);
if (err)
{
fprintf (stderr, "error: %s: %d\n", rs_err_msg (err), rs_err_code (err, 0));
return rs_err_code (err, 1);
}
return 0;
}
|