blob: 6b7103214f283fd0fd8ac61eda852a92c2008d33 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
#! /bin/sh
#
# radtest Emulate the user interface of the old
# radtest that used to be part of FreeRADIUS.
#
# Version: $Id$
#
prefix="@prefix@"
exec_prefix="@exec_prefix@"
bindir="@bindir@"
usage() {
echo "Usage: radtest [OPTIONS] user passwd radius-server[:port] nas-port-number secret [ppphint] [nasname]" >&2
echo " -d RADIUS_DIR Set radius directory" >&2
echo " -t <type> Set authentication method" >&2
echo " type can be pap, chap, mschap, or eap-md5" >&2
echo " -P protocol Select udp (default) or tcp" >&2
echo " -x Enable debug output" >&2
echo " -4 Use IPv4 for the NAS address (default)" >&2
echo " -6 Use IPv6 for the NAS address" >&2
exit 1
}
radclient=$bindir/radclient
if [ ! -x "$radclient" ] && [ -x ./radclient ]
then
radclient=./radclient
fi
# radeapclient is used for EAP-MD5.
radeapclient=$bindir/radeapclient
OPTIONS=
PASSWORD="User-Password"
NAS_ADDR_ATTR="NAS-IP-Address"
# We need at LEAST these many options
if [ $# -lt 5 ]
then
usage
fi
# Parse new command-line options
while [ `echo "$1" | cut -c 1` = "-" ]
do
case "$1" in
-4)
OPTIONS="$OPTIONS -4"
NAS_ADDR_ATTR="NAS-IP-Address"
shift
;;
-6)
OPTIONS="$OPTIONS -6"
NAS_ADDR_ATTR="NAS-IPv6-Address"
shift
;;
-d)
OPTIONS="$OPTIONS -d $2"
shift;shift
;;
-P)
OPTIONS="$OPTIONS -P $2"
shift;shift
;;
-x)
OPTIONS="$OPTIONS -x"
shift
;;
-t)
shift;
case "$1" in
pap)
PASSWORD="User-Password"
;;
chap)
PASSWORD="CHAP-Password"
;;
mschap)
PASSWORD="MS-CHAP-Password"
;;
eap-md5)
PASSWORD="Cleartext-Password"
if [ ! -x "$radeapclient" ]
then
echo "radtest: No 'radeapclient' program was found. Cannot perform EAP-MD5." >&1
exit 1
fi
radclient="$radeapclient"
;;
*)
usage
;;
esac
shift
;;
*)
usage
;;
esac
done
# Check that there are enough options left over.
if [ $# -lt 5 ] || [ $# -gt 7 ]
then
usage
fi
if [ "$7" ]
then
nas=$7
else
nas=`(hostname || uname -n) 2>/dev/null | sed 1q`
fi
(
echo "User-Name = \"$1\""
echo "$PASSWORD = \"$2\""
echo "$NAS_ADDR_ATTR = $nas"
echo "NAS-Port = $4"
echo "Message-Authenticator = 0x00"
if [ "$radclient" = "$radeapclient" ]
then
echo "EAP-Code = Response"
echo "EAP-Type-Identity = \"$1\""
fi
if [ "$6" != "" -a "$6" != "0" ]
then
echo "Framed-Protocol = PPP"
fi
) | $radclient $OPTIONS -x $3 auth "$5"
exit $?
|
