testrad.c

Radius PNE 3.3 source code, running at more than vxworks6.x version.

/* testrad.c */

/* Test file to test RADIUS authentication and accounting requests 	*/

/* Copyright 1984 - 2006 Wind River Systems, Inc. */
#include "copyright_wrs.h"

/*
modification history
____________________
Date	Init	Comment
10jan06,snd Fix for SPR 113557, In radius_send_authentication_request() and
            radius_send_accounting_request(), we are calling a procedure
            radius_server_get_ip_address(), to display the IP address 
10jan06,snd Changed radius_MD_string() to cciHashBlock() from Network
            Security libraries->CCI Routines
20nov05,snd Changes for RWOS porting
24oct05,snd Fix for SPR 114349, change parameters in 
            radius_ipv6_server_create() and changed example for
            radius_find_ipv6_with_specified_parameters(), also
            fixed diab errors
18sep05,snd Changes for IPv6 support 
04mar05,snd Fix for SPR 104025, added comments for explaining test 
	    application in more detail
052401	tk	Add SERVER_DESTROY_TEST flag to test server deletion.
020801	tk	Add rad() and radany() functions.
013101	tk	add run_auth_mservers and run_acct_mservers functions to test retransmission
		multiple servers.  Add code in auth and acct request to display IP address
		of server to send to.
122100	md  	merged from visual source safe
*/

/************************************************************************/
/*	Copyright (C) 1993 - 1999 RouterWare, Inc.   						*/
/*	Unpublished - rights reserved under the Copyright Laws of the		*/
/*	United States.  Use, duplication, or disclosure by the 				*/
/*	Government is subject to restrictions as set forth in 				*/
/*	subparagraph (c)(1)(ii) of the Rights in Technical Data and 		*/
/*	Computer Software clause at 252.227-7013.							*/
/*	RouterWare, Inc., 3961 MacArthur Suite 212 Newport Beach, CA 92660	*/
/************************************************************************/

#if 0
#define SERVER_DESTROY_TEST	/* to test server deletion */
#endif


#if 0
#define INET6                   /* for IPv6 testing */
#endif

#include "testrad.h"
#include "wrn/cci/cci.h"
#include "netinet/in.h"
#include <logLib.h>
#include <sysLib.h>

static int test_count = 0;

/**********************************************************************************************************/
void radius_send_test_authentication_request (
	UINT test_request_counter, 
	bool any_server,
	RADIUS_SERVER_HANDLE	server_handle)
{
	ULONG nas_address = htonl(0xC0A88602);
	BYTE* bp_nas_address;
	unsigned char	nas_id = 1;
	BYTE* bp_nas_id = (BYTE*) (&nas_id);
	RADIUS_ATTRIBUTE_LIST_HANDLE attribute_list_handle;
	RADIUS_REQUEST_HANDLE request_handle;
	RADIUS_REQUEST_CALLBACKS *p_callbacks;
	BYTE* bp_username;
	BYTE* bp_user_password = test_password;
	char  *server;
	
			/* the user password should match the password configured for the user in the
			   RADIUS server */
#if defined (__RADIUS_TEST_APP_USE_PAP__)	/* PAP authentication */
#else		/* CHAP authentication */	
	int i;
	int challenge[4];	/* for storing the 16 octet random challenge */
	BYTE *bp_chap_challenge;						
	BYTE *bp_chap = (BYTE *)calloc (1, 17);
	cci_t md5_result_length = 17;
#endif
/* #ifdef INET6
 * server_handle = radius_find_ipv6_server_with_specified_parameters ("fe80::207:e9ff:fe0e:91ab%lnPci0", 1812, RADIUS_AUTHENTICATION_SERVER_TYPE);
 * #else
 * server_handle = radius_find_server_with_specified_parameters ("10.114.53.12", 1812, RADIUS_AUTHENTICATION_SERVER_TYPE);
 * #endif
 */

    /* The request handle is the handle of request, you are sending now. 
	 * This request handle is unique for each request and 
	 * returned to the user, when either error_callback or normal_callback 
	 * is invoked. This request handle is used to uniquely identify the 
	 * Request for which the response has been received, in the callback
	 * routine. Also, this unique Request Handle is used to save and 
	 * retrieve all relevant data structures/memory  related to this 
	 * request at a later point of time.
	 */

	/* Get a unique request handle for this request */
	request_handle = radiustest_get_entry();

	p_callbacks = (RADIUS_REQUEST_CALLBACKS*) malloc (sizeof (RADIUS_REQUEST_CALLBACKS));
	
	p_callbacks->fptr_radius_normal_callback = radius_fake_response;
	p_callbacks->fptr_radius_error_callback = radius_fake_error_callback;

	attribute_list_handle = radius_create_attribute_list ();
	
	bp_username = test_username_array [test_request_counter - 1];

	radius_add_attribute_to_list (attribute_list_handle, RADIUS_USER_NAME, strlen ((char *)bp_username), bp_username);
	
	radius_add_attribute_to_list (attribute_list_handle, RADIUS_NAS_IDENTIFIER, 10, (BYTE *)"vxWorksLAC");
		
#if defined (__RADIUS_TEST_APP_USE_PAP__)
	radius_add_attribute_to_list (attribute_list_handle, RADIUS_USER_PASSWORD, strlen (bp_user_password), bp_user_password);
#else /* CHAP */
	srand( (unsigned)time( NULL ) );
	for ( i = 0; i < 4; i ++)
		{
		challenge[i] = rand ();
		}

	bp_chap_challenge = (BYTE *) calloc (1, 1 + strlen ((char *)bp_user_password) + 16);

	if (bp_chap_challenge == NULL)
		{
		exit (1);
		}

	memcpy (bp_chap_challenge, bp_nas_id, 1);
	memcpy ((bp_chap_challenge + 1), bp_user_password, strlen ((char *)bp_user_password));
	memcpy ((bp_chap_challenge + 1 +  strlen ((char *)bp_user_password)), (BYTE *)&challenge, 16);
	
	radius_add_attribute_to_list (attribute_list_handle, RADIUS_CHAP_CHALLENGE, 16, (BYTE *)&challenge);
	
	memcpy (bp_chap, bp_nas_id, 1);
	
	cciHashBlock( CCI_DEF_PROVIDER_ID, CCI_HASH_MD5, (const cci_b*)bp_chap_challenge,(cci_t) 1 + strlen ((char *)bp_user_password) + 16, (cci_b*)bp_chap + 1, &md5_result_length);

	radius_add_attribute_to_list (attribute_list_handle, RADIUS_CHAP_PASSWORD, 17, bp_chap);

	free(bp_chap);

	free(bp_chap_challenge);
#endif

	bp_nas_address = (BYTE*)(&nas_address);
	radius_add_attribute_to_list (attribute_list_handle, RADIUS_NAS_IP_ADDRESS, 4, bp_nas_address);

	/* Save attribute handle for this request in the radius_request[]
	 * array using the unique id (request_handle)
	 */
	radius_request[request_handle] = attribute_list_handle;
	radius_printf(RADIUS_DATA_PRINTF, "Auth: request_handle = %x\n", request_handle);
	radius_printf(RADIUS_DATA_PRINTF, "Auth: attribute_handle = %x\n", attribute_list_handle);


	/* display the server IP address */	
	server = radius_server_get_ip_address (server_handle);
	radius_printf(RADIUS_DATA_PRINTF, "Sending authentication request to server %s\n", server);
	free ((void *)server);

	if (any_server == false)
	    radius_server_request (server_handle, request_handle, p_callbacks, RADIUS_ACCESS_REQUEST, attribute_list_handle);
	else
	    radius_any_server_request (server_handle, request_handle, p_callbacks, RADIUS_ACCESS_REQUEST, attribute_list_handle);

	/* Instructions on freeing data structures allocated to this request
	 *
	 * server_handle - Do not free this structure until the application
	 * receives a normal/error callback response. This server_handle could
	 * be reused for multiple requests and freed in the shutdown routine
	 * for this test application. 
	 *
	 * attribute_list_handle - Do not free this until the application
	 * receives a normal/error callback response. This handle could be 
	 * saved for further re-use, in case there is a error callback received.
	 * In case of normal callback, this attribute list handle is retrieved
	 * using the request_handle returned in the normal callback response
	 * and freed 
	 */ 
	free (p_callbacks);
}
		 
/************************************************************************
* This callback routine will be invoked by the RADIUS client, in cases
* where a normal response is received for the RADIUS requests sent. This
* routine returns the request_handle, to identify the request for which
* the response was sent
***********************************************************************/

void radius_fake_response (RADIUS_REQUEST_HANDLE request_handle, enum RADIUS_CODE code, RADIUS_ATTRIBUTE_LIST_HANDLE response_attr_handle)
{
	RADIUS_ATTRIBUTE_LIST_HANDLE	request_attr_handle;

	radius_printf (RADIUS_DATA_PRINTF, "Callback Normal Case.\n");

	radius_printf (RADIUS_DATA_PRINTF, "Request Handle: %d\t, RADIUS Code: %d\t, Attribute List handle: %x\n", request_handle, code, response_attr_handle);

	/* The request handle is a unique id, identifying the request
	 * for which response is received
	 */
	if ((request_attr_handle =  radiustest_get_attribute_handle(request_handle)) == (RADIUS_ATTRIBUTE_LIST_HANDLE) NULL)
	{
		printf("Error: Can't find request attribute list from request handle\n");
	}

	radiustest_free_attrib_lists (request_attr_handle, response_attr_handle);
	
	radius_request[request_handle] = (RADIUS_ATTRIBUTE_LIST_HANDLE)NULL;
	
	test_count++;

	logMsg("Reply received count = %d\n", test_count, 0,0,0,0,0);
}	
/************************************************************************
* Error callback routine for the RADIUS accounting and authentication
* requests. This routine is invoked by the RADIUS client application
* in cases where there are errors encountered
*************************************************************************/
void radius_fake_error_callback (RADIUS_REQUEST_HANDLE request_handle, enum RADIUS_ERROR_CALLBACK_CODE error_code)
{
	RADIUS_ATTRIBUTE_LIST_HANDLE	request_attr_handle;

	printf ("Callback Error Case.\n");

	printf ("Request Handle: %d\t, Error Code: %d\n", request_handle, error_code);

	/* The request handle is a unique id, identifying the request
	 * for which response is received
	 */
	if ((request_attr_handle = radiustest_get_attribute_handle(request_handle)) == (RADIUS_ATTRIBUTE_LIST_HANDLE)NULL)
	{
		printf("Error: Can't find request attribute list from request handle\n");
	}

	radiustest_free_attrib_lists ((RADIUS_ATTRIBUTE_LIST_HANDLE)request_attr_handle, (RADIUS_ATTRIBUTE_LIST_HANDLE)NULL);

	/* Free index in radius_request[] array */	
	radius_request[request_handle] = (RADIUS_ATTRIBUTE_LIST_HANDLE)NULL;
	
	test_count++;

	logMsg("Error reply received count!!!! = %d\n", test_count, 0,0,0,0,0);
}	
/*************************************************************************
* This following routine sends an accounting request to the RADIUS server.
*************************************************************************/  

/************************************************************************* 
*  Additional accounting request types can be specified here.  
*  Note when the ACCT_DELAY_TIME type is set, the RADIUS client will treat 
*  this as a special case in that it will update the packet identifier 
*  and create a new authenticator for each retransmitted packet (RFC 2139).
*  For other requests, the Client will assign the same identifier and 
*  authenticator to the retransmitted packets as the original request packet.  
*************************************************************************/
/* comment out the accounting request types you don't want to test */
#define	ACCT_DELAY_TIME
 
bool radius_send_test_accounting_request (
	enum RADIUS_ACCOUNTING_STATUS_TYPES type, 
	UINT test_request_counter, 
	bool any_server,
	RADIUS_SERVER_HANDLE	server_handle
)
{
	RADIUS_ATTRIBUTE_LIST_HANDLE attribute_list_handle;
	RADIUS_REQUEST_HANDLE request_handle;
	RADIUS_REQUEST_CALLBACKS *p_callbacks;
	BYTE bp_session_id[16];
	BYTE* bp_username;
	char  *server;
	ULONG value;


/* #ifdef INET6
 * server_handle = radius_find_ipv6_server_with_specified_parameters ("fe80::207:e9ff:fe0e:91ab%lnPci0", 1813, RADIUS_ACCOUNTING_SERVER_TYPE);
 * #else
 * server_handle = radius_find_server_with_specified_parameters ("10.114.53.12", 1813, RADIUS_ACCOUNTING_SERVER_TYPE);
 * #endif
 */
	
	sprintf ((char *)bp_session_id, "S-%d", test_request_counter);

        /* The request handle is the handle of request, you are sending now. 
	 * This request handle is unique for each request and 
	 * returned to the user, when either error_callback or normal_callback 
	 * is invoked. This request handle is used to uniquely identify the 
	 * Request for which the response has been received, in the callback
	 * routine. Also, this unique Request Handle is used to save and 
	 * retrieve all relevant data structures/memory  related to this 
	 * request at a later point of time.
	 */

	/* Get a unique request handle for this request */
	request_handle = radiustest_get_entry();

	attribute_list_handle = radius_create_attribute_list ();

	p_callbacks = (RADIUS_REQUEST_CALLBACKS*) malloc (sizeof (RADIUS_REQUEST_CALLBACKS));
	
	p_callbacks->fptr_radius_normal_callback = radius_fake_response;
	p_callbacks->fptr_radius_error_callback = radius_fake_error_callback;
	
	bp_username = test_username_array [test_request_counter - 1];
	radius_add_attribute_to_list (attribute_list_handle, RADIUS_USER_NAME, strlen ((char *)bp_username), bp_username);

	if (type == RADIUS_ACCOUNTING_START)
		{
		radius_util_serialize_ulong ((ULONG) RADIUS_ACCOUNTING_START, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_STATUS_TYPE, 4,  (BYTE*) &value);

#ifdef	ACCT_DELAY_TIME
		radius_util_serialize_ulong (0, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_DELAY_TIME, 4,  (BYTE*) &value);
#endif

		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_SESSION_ID, 10, bp_session_id);

		radius_util_serialize_ulong (0xCC1FBA62, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_NAS_IP_ADDRESS, 4, (BYTE*) &value);
		}
	else /* RADIUS_ACCOUNTING_STOP */
		{
		radius_util_serialize_ulong ((ULONG) RADIUS_ACCOUNTING_STOP, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_STATUS_TYPE, 4, (BYTE*) &value);

		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_SESSION_ID, 10, bp_session_id);
		
		radius_util_serialize_ulong (232, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_INPUT_OCTETS, 4, (BYTE*) &value);
		
		radius_util_serialize_ulong ((ULONG) RADIUS_ACCOUNTING_TERMINATION_USER_REQUEST, (BYTE*)&value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_ACCT_TERMINATE_CAUSE, 4, (BYTE*) &value);

		radius_util_serialize_ulong ((ULONG) 0xCC1FBA62,(BYTE*) &value);
		radius_add_attribute_to_list (attribute_list_handle, RADIUS_NAS_IP_ADDRESS, 4, (BYTE*) &value);
		}

	/* Save attribute handle for this request in the radius_request[]
	 * array using the unique id (request_handle)
	 */
	radius_request[request_handle] = attribute_list_handle;

	radius_printf(RADIUS_DATA_PRINTF, "Acct: request_handle = %x\n", request_handle);
	radius_printf(RADIUS_DATA_PRINTF, "Acct: attribute_handle = %x\n", attribute_list_handle);

	/* display the server IP address */	
	server = radius_server_get_ip_address (server_handle);
	radius_printf(RADIUS_DATA_PRINTF, "Sending accounting request to server %s\n", server);
	free ((void *)server);
		
	if (any_server == false)
	    radius_server_request (server_handle, request_handle, p_callbacks, RADIUS_ACCOUNTING_REQUEST, attribute_list_handle);
	else
	    radius_any_server_request (server_handle, request_handle, p_callbacks, RADIUS_ACCOUNTING_REQUEST, attribute_list_handle);

	/* Instructions on freeing data structures allocated to this request
	 *
	 * server_handle - Do not free this structure until the application
	 * receives a normal/error callback response. This server_handle could
	 * be reused for multiple requests and freed in the shutdown routine
	 * for this test application. 
	 *
	 * attribute_list_handle - Do not free this until the application
	 * receives a normal/error callback response. This handle could be 
	 * saved for further re-use, in case there is a error callback received.
	 * In case of normal callback, this attribute list handle is retrieved
	 * using the request_handle returned in the normal callback response
	 * and freed 
	 */ 
	free(p_callbacks);

	return (true);
}

/************************************************************************
* Routine to initialize radius test. The radius_request[] array is used
* to store attribute list handles for each RADIUS request. 
* This routine initializes all the elements of the radius_request array to 
* NULL.
************************************************************************/
void radiustest_initialize()
{
	int	i=0;

	while (i < RADIUS_MAX_REQUESTS)
		{
		radius_request[i++] = (RADIUS_ATTRIBUTE_LIST_HANDLE)NULL;
		}
}