├── .gitignore ├── COPYING ├── ChangeLog ├── Makefile ├── README ├── README.md ├── bin ├── eapol_test └── eapol_test-v0.5.4 ├── doc └── rad_eap_test.1 ├── examples_internal ├── con1 ├── con2 ├── con3 ├── con4 ├── con5 ├── concurent_test ├── leap_spust_test ├── leap_spust_test_bad_pass ├── leap_spust_test_bad_radius ├── spust_test ├── spust_test_alldecoded ├── spust_test_anonymous ├── spust_test_bad_pass ├── spust_test_bad_radius ├── spust_test_bad_radius_long_timeout ├── spust_test_verbose └── tls_spust_test ├── patches ├── README ├── eapol_test.c.2006-04-11.diff ├── eapol_test.c.2006-05-05.diff └── wpa_supplicant_i.h.2006-04-11.diff └── rad_eap_test /.gitignore: -------------------------------------------------------------------------------- 1 | rad_eap_test.html 2 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc. 5 | 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Library General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License 307 | along with this program; if not, write to the Free Software 308 | Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 309 | 310 | 311 | Also add information on how to contact you by electronic and paper mail. 312 | 313 | If the program is interactive, make it output a short notice like this 314 | when it starts in an interactive mode: 315 | 316 | Gnomovision version 69, Copyright (C) year name of author 317 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 318 | This is free software, and you are welcome to redistribute it 319 | under certain conditions; type `show c' for details. 320 | 321 | The hypothetical commands `show w' and `show c' should show the appropriate 322 | parts of the General Public License. Of course, the commands you use may 323 | be called something other than `show w' and `show c'; they could even be 324 | mouse-clicks or menu items--whatever suits your program. 325 | 326 | You should also get your employer (if you work as a programmer) or your 327 | school, if any, to sign a "copyright disclaimer" for the program, if 328 | necessary. Here is a sample; alter the names: 329 | 330 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 331 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 332 | 333 | , 1 April 1989 334 | Ty Coon, President of Vice 335 | 336 | This General Public License does not permit incorporating your program into 337 | proprietary programs. If your program is a subroutine library, you may 338 | consider it more useful to permit linking proprietary applications with the 339 | library. If this is what you want to do, use the GNU Library General 340 | Public License instead of this License. 341 | -------------------------------------------------------------------------------- /ChangeLog: -------------------------------------------------------------------------------- 1 | 2019-28-05 Václav Mach 2 | * Version: 0.3 3 | * Added options: n, g, V, X 4 | * change option d (not usable any more in eapol_test), recycled for new feature 5 | * Added IPv6 support 6 | * Major rewrite of the whole code, hopefully for better maintanability 7 | * Changed /bin/sh to /bin/bash 8 | * More return states (mostly while handling certificates) 9 | 10 | 2016-02-12 Vladimir Mencl 11 | * Version: 0.26 12 | * Add options for passing OperatorName, NAS-IP-Address, and requesting Chargable-User-Identity 13 | 14 | 2011-09-14 Pavel Polacek 15 | * Version: 0.25 16 | * New option -x subject_match, feature request by Stefan Winter 17 | 18 | 2009-11-02 Pavel Polacek 19 | * Version: 0.24 20 | * Patch from David Worth, which improve help 21 | 22 | 2009-11-02 Pavel Polacek 23 | * Version: 0.23 24 | * Code from David Worth. 25 | * added a command-line option (-2 ) to change the phase-2 26 | authentication type so the user may specify PAP/CHAP/MSCHAPv2. 27 | I made sure that if this option is omitted the code still 28 | defaults to MSCHAPv2. 29 | * added a command-line option (-N) to not delete the generated 30 | configuration files and let the user know where they are. 31 | This is helpful in debugging or setting up permanent configuration 32 | files if you need them. I then changed the garbage function 33 | to check the -N option above. I also removed the explicit 34 | deletion of the temp files in several places and called 35 | the garbage function instead. 36 | 37 | 2009-08-03 Pavel Polacek 38 | * Version: 0.22 39 | * Support for EAP-TLS 40 | 41 | 2006-11-29 Pavel Polacek 42 | * Version: 0.21 43 | * Added man page. 44 | 45 | 2006-11-29 Pavel Polacek 46 | * Version: 0.20 47 | * rad_eap_test: 48 | - added -A switch for annymous = external identity 49 | * README: 50 | - added note on patches 51 | 52 | 2006-07-21 Jan Tomasek 53 | * Version: 0.19 54 | * rad_eap_test: 55 | - EAP is better to write in upcase, same with RADIUS. 56 | - Space after opening ( or before closing ) is UGLY! 57 | - Added support for TTLS, don't forget to recompile 58 | eapol_test with new config (see README). Bit more 59 | usefull message when "Probably configuration error" 60 | raise. 61 | - Fixed eapol_test program checks. Script is now able to 62 | work with exact path to program, program mentioned only by 63 | it's name (and being on $PATH) or with program in actual 64 | directory. 65 | - Removed debug message. 66 | * README: 67 | - Added TTLS to config example. 68 | - Added url to wpa_supplicant. 69 | * Makefile: 70 | - Fixed permisions in distribution package. 71 | 72 | 2006-07-21 Jan Tomasek 73 | * Version: 0.18 74 | * Makefile: Publish files into directory rad_eap_test- and 75 | publish also ChangeLog file. 76 | 77 | 2006-07-21 Jan Tomasek 78 | * Version: 0.17 79 | * rad_eap_test: Changed return code 5 and 10 to 3 to be nagios 80 | compatible. 81 | * README: Added URL to publish place. 82 | 83 | 2006-07-17 polish 84 | * Version: 0.16 85 | * rad_eap_test: Script test if certificate authority file 86 | exist. Solve bug of previous version, where tests if user 87 | certificate files exist was negated. 88 | * rad_eap_test: Scripts test existency of certificate files 89 | when tls eap method is used. 90 | * rad_eap_test: EAP TLS method is added. 91 | 92 | 2006-07-12 Jan Tomasek 93 | * Version: 0.15 94 | * patches/README: Added note about version which accept patches. 95 | * rad_eap_test: Housekeping in coments at begining of file. 96 | * rad_eap_test: Default EAPOL_PROG changed from ./eapol_test 97 | to eapol_test which should work for everybody who have it on 98 | PATH. 99 | * README: New README file based on mail to tf-mobility. 100 | 101 | 2006-05-05 Pavel Polacek 102 | * Version: 0.14 103 | * new parametr -d is added for status directory, where 104 | identifier of packet to particular destination is held 105 | 106 | 2006-xx-xx Pavel Polacek 107 | * Version: 0.13 108 | * patch for eapol_test.c was accepted, only compilation of cvs 109 | version of eapol_test (connect info parametr was changed from 110 | -i to -C in eapol_test) 111 | 112 | 2006-xx-xx Pavel Polacek 113 | * Version: 0.12 114 | * to eapol_test and rad_eap_test is added -i parametr for 115 | addition connection info 116 | 117 | 2006-04-11 Pavel Polacek 118 | * Version: 0.11 119 | * rad_eap_test now uses source from CVS 120 | * bug in verbose mode is got out 121 | * parametr -M was added, you can specify source MAC address 122 | 123 | 2006-xx-xx Pavel Polacek 124 | * Version: 0.09 125 | * return codes from awk was changed, because default awk return 126 | code is 0, which was SUCCESS too 127 | * LEAP EAP method is added (return strings from eapol_test is 128 | different) 129 | 130 | 2006-xx-xx Pavel Polacek 131 | * Version: 0.08 132 | * rad_eap_test checks existence of eapol_test program 133 | * temporary directory is renamed to rad_eap_test.XXXXXX, where 134 | X is something random 135 | * dig is used for name resolve instead of host 136 | 137 | 2006-xx-xx Pavel Polacek 138 | * Version: 0.07 139 | * Ctrl-C runs garbage procedure 140 | * mktemp command is used for creating temporary directory 141 | * script accepts TMPDIR variable 142 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make 2 | 3 | VERSION=$(shell cat ChangeLog |grep Version | sed "s/.*: *//" | head -1) 4 | DISTRIBUTION=/tmp/rad_eap_test-${VERSION}.tar.bz2 5 | FILES=rad_eap_test README ChangeLog COPYING doc/rad_eap_test.1 $(wildcard patches/*) 6 | PUB_TARGET=root@www.eduroam.cz:/var/www/rad_eap_test/ 7 | PUB_FILES=${DISTRIBUTION} README ChangeLog rad_eap_test.html 8 | 9 | rad_eap_test.html: doc/rad_eap_test.1 10 | man2html Return to Main Contents<\/A>//" | \ 12 | sed "s/\/cgi-bin\/man\/man2html/http:\/\/packages.debian.org\/unstable\/doc\/man2html.html/" >rad_eap_test.html 13 | 14 | ${DISTRIBUTION}: ${FILES} rad_eap_test.html 15 | (mkdir /tmp/rad_eap_test-${VERSION}; \ 16 | tar jcf ${DISTRIBUTION} ${FILES}; \ 17 | cd /tmp/rad_eap_test-${VERSION}; \ 18 | tar jxf ${DISTRIBUTION}; \ 19 | find -type f -exec chmod 644 {} \; ; \ 20 | chmod 755 rad_eap_test ; \ 21 | find -type d -exec chmod 755 {} \; ; \ 22 | cd ..; \ 23 | pwd ;\ 24 | tar -j -c --owner=root --group=staff -f ${DISTRIBUTION} rad_eap_test-${VERSION}) 25 | 26 | tar: ${DISTRIBUTION} 27 | 28 | publish: tar 29 | scp ${PUB_FILES} ${PUB_TARGET} 30 | 31 | all: tar publish 32 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | rad_eap_test is Nagios compatible shell script used for testing RADIUS 2 | servers by EAP. 3 | 4 | Usage is simple (for more info run rad_eap_test withou any argument): 5 | 6 | rad_eap_test -H \ 7 | -P 1812 -S -u \ 8 | -p -m WPA-EAP -e PEAP 9 | 10 | as output you might get: 11 | 12 | return code output 13 | 14 | 0 access-accept; 15 | 1 access-reject; 16 | 2 timeout; 17 | 3 sort of config problem 18 | 19 | 20 | **UPDATE** Patching is no longer needed. All you need is in upstream 21 | version. Following paragraph will be removed in near future. 22 | 23 | To run this script you need eapol_test binary from wpa_supplicant 24 | package. It's sugested to use at least 0.5.4. You will need CVS 25 | version 10040 to apply patches/*2006-04-11* which are necesary for 26 | this script. As alternative you can remove: 27 | -t$TIMEOUT -M$MAC -C"$CONN_INFO" 28 | from calling eapol_test but in this case you will have to wait 29 | 30seconds for timeout. 30 | 31 | eapol_test is needed compile with LEAP support. In .config should be : 32 | 33 | CONFIG_IEEE8021X_EAPOL=y 34 | CONFIG_EAP_MSCHAPV2=y 35 | CONFIG_EAP_TLS=y 36 | CONFIG_EAP_PEAP=y 37 | CONFIG_EAP_TTLS=y 38 | CONFIG_EAP_LEAP=y 39 | CONFIG_IEEE8021X=y 40 | 41 | you don't have to compile whole wpa_supplicant you need just 42 | eapol_test. So compile by typing `make eapol_test`. It is not build by 43 | default `make`. ;) 44 | 45 | wpa_supplicant home is http://hostap.epitest.fi/wpa_supplicant/ 46 | Latest version is available at http://www.eduroam.cz/rad_eap_test/ 47 | 48 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # rad_eap_test 2 | rad_eap_test is a Nagios compatible shell script used for testing RADIUS 3 | servers by EAP. It internally uses eapol_test to do the actual testing. 4 | 5 | Usage is simple (for more info run rad_eap_test without any arguments): 6 | 7 | ``` 8 | rad_eap_test -H \ 9 | -P 1812 -S -u \ 10 | -p -m WPA-EAP -e PEAP 11 | ``` 12 | 13 | as output you might get: 14 | 15 | - `access-accept; ` 16 | program exits with return code 0 17 | - `access-reject; ` 18 | program exits with return code 1 19 | - `timeout; ` 20 | program exits with return code 2 21 | - `sort of config problem` 22 | program exits with return code 3 23 | 24 | More speficic outputs are also possible based on options used. 25 | 26 | # dependencies 27 | 28 | rad_eap_test requires several programs to run: 29 | 30 | - eapol_test 31 | - dig 32 | - bc 33 | - sed 34 | - awk 35 | 36 | ## compiling eapol_test 37 | 38 | To compile eapol_test do the following: 39 | 40 | ``` 41 | apt-get install libnl-genl-3-dev libdbus-1-dev libssl-dev pkg-config gcc make 42 | wget http://w1.fi/releases/wpa_supplicant-2.8.tar.gz 43 | tar xvzf wpa_supplicant-2.8.tar.gz 44 | cd wpa_supplicant-2.8/wpa_supplicant 45 | cp defconfig .config 46 | sed -i 's/^#CONFIG_EAPOL_TEST=y/CONFIG_EAPOL_TEST=y/' .config 47 | echo -e "# IPv6 support for eapol test\nCONFIG_IPV6=y" >> .config 48 | make eapol_test 49 | cp eapol_test /usr/local/bin 50 | ``` 51 | 52 | # examples 53 | 54 | Try to authenticate on the radius server `radius1.example.com`: 55 | 56 | ``` 57 | 'rad_eap_test' -H 'radius1.example.com' -M '12:34:56:78:9a:bc' -P '1812' -S 'shared_secret' -e 'PEAP' -i 'example autehntication' -m 'WPA-EAP' -p 'testing_password' -t '50' -u 'user@example.com' 58 | ``` 59 | 60 | Additional options used set: 61 | - username is set to `user@example.com` 62 | - password is set to `testing_password` 63 | - timeout is set to 50 seconds 64 | - client's MAC address is set to `12:34:56:78:9a:bc` 65 | - shared secret is set to `shared_secret` 66 | - server port is set to `1812` 67 | - EAP method is set to `PEAP` 68 | - connection info is set to `example autehntication` 69 | - method is set to `WPA-EAP` 70 | 71 | # certificates 72 | 73 | When using rad_eap_test to verify server certificates against CA certificate or to save server certificates, be aware that 74 | rad_eap_test uses its own logic to extract server certificates. Using eapol_test to extract server certs directly seemed to be 75 | too buggy for production use (there may be some duplicit certificates, server cert may be mixed with CA cert or server cert may not be saved at all). 76 | If you encounter any problems with certificate extraction, please let us know. 77 | 78 | # contributing 79 | 80 | If you find that rad_eap_test is lacking some feature or has some bugs, simply create a pull request or an issue. 81 | 82 | # older code 83 | 84 | The original code (before major refactoring) is available in branch [old-code](https://github.com/CESNET/rad_eap_test/tree/old-code). 85 | 86 | -------------------------------------------------------------------------------- /bin/eapol_test: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CESNET/rad_eap_test/ed97cedfe7ba9ddcb22b8bf5e9ee3e638b5ab5fe/bin/eapol_test -------------------------------------------------------------------------------- /bin/eapol_test-v0.5.4: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CESNET/rad_eap_test/ed97cedfe7ba9ddcb22b8bf5e9ee3e638b5ab5fe/bin/eapol_test-v0.5.4 -------------------------------------------------------------------------------- /doc/rad_eap_test.1: -------------------------------------------------------------------------------- 1 | .TH "rad_eap_test" "1" "2006-11-29" "polish@pf.ujep.cz" "Shell script" 2 | .SH "NAME" 3 | .LP 4 | rad_eap_test \- Nagios compatible shell script used for testing radius EAP methods 5 | .SH "SYNTAX" 6 | .LP 7 | rad_eap_test \fI\-H
\fP \fI\-P \fP \fI\-S \fP \fI\-u \fP \fI\-p \fP [\fI\-t \fP] \fI\-m \fP [\fI\-v\fP] [\fI\-c\fP] \fI\-s \fP \fI\-e \fP [\fI\-M \fP] [\fI\-i \fP] [\fI\-d \fP] [\fI\-k \fP] [\fI\-j \fP] [\fI\-a \fP] [\fI\-A \fP] 8 | .SH "DESCRIPTION" 9 | .LP 10 | \fBrad_eap_test\fR is used to test availability of radius servers in monitoring solutions as nagios. \fBrad_eap_test\fR is only wrapper shell script around eapol_test from wpa_supplicant project. \fBrad_eap_test\fR generates configuration for eapol_test, runs it and after processing eapol_test messages returns status code. Status code is processed by monitoring tools as nagios. 11 | .SH "OPTIONS" 12 | .LP 13 | .TP 14 | \fB\-H\fR <\fIaddress\fP> 15 | Address of radius server 16 | .TP 17 | \fB\-P\fR <\fIport\fP> 18 | Port of radius server 19 | .TP 20 | \fB\-S\fR <\fIsecret\fP> 21 | Secret for radius server communication 22 | .TP 23 | \fB\-u\fR <\fIusername\fP> 24 | Username (user@realm) 25 | .TP 26 | \fB\-p\fR <\fIpassword\fP> 27 | Password 28 | .TP 29 | \fB\-t\fR <\fItimeout\fP> 30 | Timeout (default is 5 seconds) 31 | .TP 32 | \fB\-m\fR <\fImethod\fP> 33 | Method (IEEE8021X | WPA\-EAP) 34 | .TP 35 | \fB\-v\fR 36 | Verbose (prints decoded last Access\-accept packet) 37 | .TP 38 | \fB\-c\fR 39 | Prints all packets decoded 40 | .TP 41 | \fB\-s\fR <\fIssid\fP> 42 | SSID 43 | .TP 44 | \fB\-e\fR <\fImethod\fP> 45 | EAP method (PEAP | TLS | TTLS | LEAP) 46 | .TP 47 | \fB\-M\fR <\fImac_addr\fP> 48 | MAC address in xx:xx:xx:xx:xx:xx format 49 | .TP 50 | \fB\-i\fR <\fIconnect_info\fP> 51 | Connection info (in radius log : client from connect_info) 52 | .TP 53 | \fB\-d\fR <\fIdirectory\fP> 54 | status directory (unified identifier of packets) 55 | .TP 56 | \fB\-k\fR <\fIuser_key_file\fP> 57 | user certificate key file 58 | .TP 59 | \fB\-j\fR <\fIuser_cert_file\fP> 60 | user certificate file 61 | .TP 62 | \fB\-a\fR <\fIca_cert_file\fP> 63 | certificate of CA 64 | .TP 65 | \fB\-A\fR <\fIanonymous_identity\fP> 66 | anonymous identity (anonymous@realm) 67 | .TP 68 | \fB\-T\fR 69 | send a Called-Station-Id attribute in MAC:SSID format 70 | .SH "EXAMPLES" 71 | .LP 72 | .TP 73 | rad_eap_test \-H \-P 1812 \-S \-u \-p \-m WPA_EAP \-e PEAP 74 | PEAP test 75 | .TP 76 | rad_eap_test \-H \-P 1812 \-S \-u \-p \-m IEEE8021X \-e LEAP 77 | LEAP test 78 | .TP 79 | rad_eap_test \-H \-P 1812 \-S \-u \-k \-j \-a \-m IEEE8021X \-e TLS 80 | TLS test 81 | .SH "EXIT STATUS" 82 | .LP 83 | .TP 84 | \fB0\fR 85 | access\-accept; 86 | .TP 87 | \fB1\fR 88 | access\-recejt; 89 | .TP 90 | \fB2\fR 91 | timeout; 92 | .TP 93 | \fB3\fR 94 | sort of config problem 95 | .SH "OTHER" 96 | .LP 97 | \fBEapol_test compilation\fR 98 | 99 | 1) Download wpa_supplicant source from http://hostap.epitest.fi/wpa_supplicant/ (stable, development or snapshot version) (or you can download hostap, where wpa_supplicant is in the package) 100 | 101 | 2) Untar sources: tar xvzf wpa_supplicant.tar.gz 102 | 103 | 3) Create .config file in wpa_supplicant directory with content follows: 104 | .br 105 | CONFIG_IEEE8021X_EAPOL=y 106 | .br 107 | CONFIG_EAP_MSCHAPV2=y 108 | .br 109 | CONFIG_EAP_TLS=y 110 | .br 111 | CONFIG_EAP_PEAP=y 112 | .br 113 | CONFIG_EAP_LEAP=y 114 | .br 115 | CONFIG_EAP_TTLS=y 116 | .br 117 | CONFIG_IEEE8021X=y 118 | .br 119 | 120 | 4) Compile eapol_test: make eapol_test 121 | .br 122 | After compilation you have eapol_test binary, which you can use with rad_eap_test script. 123 | 124 | .SH "AUTHORS" 125 | .LP 126 | Pavel Polacek 127 | .br 128 | Jan Tomasek 129 | -------------------------------------------------------------------------------- /examples_internal/con1: -------------------------------------------------------------------------------- 1 | access-accept; 0 2 | polish : oteviram pro cteni i zapis 3 | Sending RADIUS message to authentication server 4 | RADIUS message: code=1 (Access-Request) identifier=60 length=112 5 | Attribute 1 (User-Name) length=9 6 | Value: 'account' 7 | Attribute 4 (NAS-IP-Address) length=6 8 | Value: 127.0.0.1 9 | Attribute 31 (Calling-Station-Id) length=19 10 | Value: 'AA-BB-12-34-56-90' 11 | Attribute 12 (Framed-MTU) length=6 12 | Value: 1400 13 | Attribute 61 (NAS-Port-Type) length=6 14 | Value: 19 15 | Attribute 77 (Connect-Info) length=14 16 | Value: 'Nazdar bazar' 17 | Attribute 79 (EAP-Message) length=14 18 | Value: 02 00 00 0c 01 61 63 63 6f 75 6e 74 19 | Attribute 80 (Message-Authenticator) length=18 20 | Value: df 9f 53 5c df 9d 20 75 56 fc 2c e8 7a 99 5b 64 21 | Received RADIUS message 22 | RADIUS message: code=11 (Access-Challenge) identifier=60 length=64 23 | Attribute 79 (EAP-Message) length=8 24 | Value: 01 01 00 06 19 20 25 | Attribute 80 (Message-Authenticator) length=18 26 | Value: 6e 11 b8 aa c9 fe 27 22 66 71 a9 cb cc 0b fa 1d 27 | Attribute 24 (State) length=18 28 | Value: d6 28 58 4b 23 6f 43 a9 40 cb 82 54 6c 46 9c f9 29 | polish : oteviram pro cteni i zapis 30 | Copied RADIUS State Attribute 31 | Sending RADIUS message to authentication server 32 | RADIUS message: code=1 (Access-Request) identifier=62 length=225 33 | Attribute 1 (User-Name) length=9 34 | Value: 'account' 35 | Attribute 4 (NAS-IP-Address) length=6 36 | Value: 127.0.0.1 37 | Attribute 31 (Calling-Station-Id) length=19 38 | Value: 'AA-BB-12-34-56-90' 39 | Attribute 12 (Framed-MTU) length=6 40 | Value: 1400 41 | Attribute 61 (NAS-Port-Type) length=6 42 | Value: 19 43 | Attribute 77 (Connect-Info) length=14 44 | Value: 'Nazdar bazar' 45 | Attribute 79 (EAP-Message) length=109 46 | Value: 02 01 00 6b 19 00 16 03 01 00 60 01 00 00 5c 03 01 44 5a 8a 4e c7 db 58 d9 c5 b1 6b a4 0b 53 ec e9 f7 33 47 47 e0 d9 a6 45 2b b0 f7 86 d0 a4 1d 94 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00 47 | Attribute 24 (State) length=18 48 | Value: d6 28 58 4b 23 6f 43 a9 40 cb 82 54 6c 46 9c f9 49 | Attribute 80 (Message-Authenticator) length=18 50 | Value: 47 56 06 14 99 50 a5 c2 00 f4 60 b8 c1 2b 05 e9 51 | Received RADIUS message 52 | RADIUS message: code=11 (Access-Challenge) identifier=62 length=1100 53 | Attribute 79 (EAP-Message) length=255 54 | Value: 01 02 04 0a 19 c0 00 00 04 e2 16 03 01 00 4a 02 00 00 46 03 01 44 5a 8a 4f b5 d0 1b 46 d6 a4 e9 67 22 5c 90 00 f6 f1 31 7a 86 ce f6 a6 a7 00 9f 98 45 fd 2c 55 20 35 be 4c f6 0f 2d c8 88 53 84 4a 91 50 19 55 65 b3 8d 79 a2 55 f1 b5 44 b9 d2 a9 2b ec 61 dc c6 00 35 00 16 03 01 04 85 0b 00 04 81 00 04 7e 00 04 7b 30 82 04 77 30 82 03 5f a0 03 02 01 02 02 04 42 b2 f2 d3 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 43 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 30 1e 17 0d 30 35 30 39 32 37 31 32 31 37 34 34 5a 17 0d 30 36 31 30 32 37 31 32 34 37 34 34 5a 30 76 31 12 30 10 06 0a 09 92 26 89 93 f2 55 | Attribute 79 (EAP-Message) length=255 56 | Value: 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 24 30 22 06 03 55 04 0a 13 1b 55 6e 69 76 65 72 73 69 74 79 20 6f 66 20 4a 2e 20 45 2e 20 50 75 72 6b 79 6e 65 31 1f 30 1d 06 03 55 04 03 13 16 70 61 72 61 6c 65 6e 2d 72 61 64 69 75 73 2e 75 6a 65 70 2e 63 7a 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 c3 b6 da f7 4d cd 2c 1b f8 d0 57 dd 2d c3 ed 1a 84 50 04 b4 e8 74 d7 c2 4f 06 60 9b 22 5e 2d 22 08 02 36 99 e1 ae 87 b9 be c1 05 84 85 72 7b 2a c4 b5 a4 47 89 dd 01 cd 01 61 16 64 f3 ae a8 b3 32 4c 0e 80 94 36 50 b3 aa 57 84 16 be 35 f1 66 8a 14 24 9d 4e 6a d3 f6 ad 22 36 ac e3 e0 a0 2c 07 f8 11 34 7e 60 6c 83 33 87 1c d0 87 67 67 f8 12 ec 52 f0 ca 8d 57 | Attribute 79 (EAP-Message) length=255 58 | Value: c6 82 9e 01 a3 a0 ca 54 58 a3 02 03 01 00 01 a3 82 01 c2 30 82 01 be 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 19 06 03 55 1d 20 04 12 30 10 30 0e 06 0c 2b 06 01 04 01 be 79 01 02 02 02 00 30 2d 06 03 55 1d 11 04 26 30 24 81 11 70 6f 6c 69 73 68 40 70 66 2e 75 6a 65 70 2e 63 7a 82 0f 70 61 72 61 6c 65 6e 2e 75 6a 65 70 2e 63 7a 30 82 01 0b 06 03 55 1d 1f 04 82 01 02 30 81 ff 30 5a a0 58 a0 56 a4 54 30 52 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 31 0d 30 0b 06 03 55 04 03 13 04 43 52 4c 31 30 81 a0 a0 81 9d a0 81 9a 86 42 59 | Attribute 79 (EAP-Message) length=255 60 | Value: 68 74 74 70 3a 2f 2f 77 77 77 2e 63 65 73 6e 65 74 2e 63 7a 2f 70 6b 69 2f 63 72 6c 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 2e 63 72 6c 86 54 6c 64 61 70 3a 2f 2f 6c 64 61 70 2e 63 65 73 6e 65 74 2d 63 61 2e 63 7a 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 3f 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 30 1f 06 03 55 1d 23 04 18 30 16 80 14 2f 6c 05 c3 51 26 ac af 39 9c 3e 38 35 dd 52 29 27 80 c5 f5 30 1d 06 03 55 1d 0e 04 16 04 14 41 0b c0 a4 47 4a 03 a5 37 01 ee bb cb cd 3f 58 7d d1 e0 77 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 2e 99 95 02 33 3d c6 26 48 82 ce db 38 78 3b e6 92 61 | Attribute 79 (EAP-Message) length=24 62 | Value: 41 1e 7c f8 a2 2c a6 83 0a 2f 28 72 01 ac a7 b9 84 32 9c 89 85 8b 63 | Attribute 80 (Message-Authenticator) length=18 64 | Value: 22 82 96 03 8b 5e 1c 6b df 6b 3d ef 50 da 4c a3 65 | Attribute 24 (State) length=18 66 | Value: ce 94 16 e4 10 85 b9 5b 46 f3 48 40 fa 3b fe b2 67 | polish : oteviram pro cteni i zapis 68 | Copied RADIUS State Attribute 69 | Sending RADIUS message to authentication server 70 | RADIUS message: code=1 (Access-Request) identifier=63 length=124 71 | Attribute 1 (User-Name) length=9 72 | Value: 'account' 73 | Attribute 4 (NAS-IP-Address) length=6 74 | Value: 127.0.0.1 75 | Attribute 31 (Calling-Station-Id) length=19 76 | Value: 'AA-BB-12-34-56-90' 77 | Attribute 12 (Framed-MTU) length=6 78 | Value: 1400 79 | Attribute 61 (NAS-Port-Type) length=6 80 | Value: 19 81 | Attribute 77 (Connect-Info) length=14 82 | Value: 'Nazdar bazar' 83 | Attribute 79 (EAP-Message) length=8 84 | Value: 02 02 00 06 19 00 85 | Attribute 24 (State) length=18 86 | Value: ce 94 16 e4 10 85 b9 5b 46 f3 48 40 fa 3b fe b2 87 | Attribute 80 (Message-Authenticator) length=18 88 | Value: 5a 47 da 41 b8 b1 5c d8 39 90 d5 1a 47 d7 68 3a 89 | Received RADIUS message 90 | RADIUS message: code=11 (Access-Challenge) identifier=63 length=290 91 | Attribute 79 (EAP-Message) length=234 92 | Value: 01 03 00 e8 19 00 38 c4 ae 80 90 36 ee 2a f8 87 4c 81 b8 62 ef 74 27 20 c8 ac 4b 19 3f 06 45 c9 88 cc 55 ba 0b b5 8e 9c 44 d5 f1 46 31 48 9b 07 51 b0 51 33 0d e8 b8 3f cc 8c 75 a7 18 e0 d3 ac 1a 23 fb ac 2f fe 4c 9a ba ff 8b df fc 05 d3 f9 29 99 a1 9d f3 9b 53 4a 5a b5 51 87 14 08 48 4e 97 21 3b 54 50 a3 92 60 2a 65 6b af b2 a9 68 0c c5 31 da 38 f7 82 53 5b 1f e9 8d 41 99 0d 6c ed 8f 8f c6 10 ef 26 f3 c4 70 26 e6 03 96 42 cf fd d3 8c 1b f7 b6 14 a8 44 58 8b 1e 54 f5 30 e0 21 22 62 4c e7 f1 83 fb f3 13 67 77 c8 dc a3 9c ea d4 aa 94 dd f8 38 46 74 c6 76 bf e9 05 69 03 bc 5c 36 06 09 b3 db 20 63 e5 c9 27 b7 8a 84 fe c4 24 43 0d 61 2c 47 2b 3f 9c 75 0a 98 d9 6a 83 16 03 01 00 04 0e 00 00 00 93 | Attribute 80 (Message-Authenticator) length=18 94 | Value: 73 1b 7a 41 80 77 73 1d f5 89 73 88 e8 bd d2 0b 95 | Attribute 24 (State) length=18 96 | Value: c5 3e 2d af 18 60 7b 27 f0 c0 b9 37 ea f2 8a 79 97 | polish : oteviram pro cteni i zapis 98 | Copied RADIUS State Attribute 99 | Sending RADIUS message to authentication server 100 | RADIUS message: code=1 (Access-Request) identifier=65 length=322 101 | Attribute 1 (User-Name) length=9 102 | Value: 'account' 103 | Attribute 4 (NAS-IP-Address) length=6 104 | Value: 127.0.0.1 105 | Attribute 31 (Calling-Station-Id) length=19 106 | Value: 'AA-BB-12-34-56-90' 107 | Attribute 12 (Framed-MTU) length=6 108 | Value: 1400 109 | Attribute 61 (NAS-Port-Type) length=6 110 | Value: 19 111 | Attribute 77 (Connect-Info) length=14 112 | Value: 'Nazdar bazar' 113 | Attribute 79 (EAP-Message) length=206 114 | Value: 02 03 00 cc 19 00 16 03 01 00 86 10 00 00 82 00 80 37 0b 72 44 40 87 28 3a 40 f5 22 b2 44 43 89 0e 8c 81 11 22 48 ef 49 d5 62 9c eb 3e 46 15 09 49 2d b3 ed b1 28 67 98 a0 d5 aa 0b b4 83 2d 2c 65 a6 38 d1 79 80 4a 87 f0 83 e3 af 94 c1 16 36 cc a9 30 06 f5 95 d2 51 8a fe d0 1d ae 73 99 43 0a 06 19 ef 96 c9 fa 0c 8d 57 67 49 0f 03 94 32 f3 54 a2 2f d6 de d3 e9 4d a8 82 69 e2 bb 0d b0 b8 f0 ee aa 7a 43 ec 98 d0 ea 87 b7 f8 2c 19 dc 75 14 03 01 00 01 01 16 03 01 00 30 75 1e 0d ca 1e 55 e2 6e 78 b9 00 86 05 41 8d b5 19 d0 4b 80 1c ab 5b f5 04 26 e2 ce 59 e3 8c ef cb 72 33 3d 92 9d 64 01 8e 01 71 40 dc 9c 4d ec 115 | Attribute 24 (State) length=18 116 | Value: c5 3e 2d af 18 60 7b 27 f0 c0 b9 37 ea f2 8a 79 117 | Attribute 80 (Message-Authenticator) length=18 118 | Value: f2 25 b9 e0 43 4e eb a2 40 85 59 df 2b ff 2d 79 119 | Received RADIUS message 120 | RADIUS message: code=11 (Access-Challenge) identifier=65 length=123 121 | Attribute 79 (EAP-Message) length=67 122 | Value: 01 04 00 41 19 00 14 03 01 00 01 01 16 03 01 00 30 8d 7e 07 e7 32 ce 21 ae ca 8d 94 19 3d 78 6f ac d6 eb 0b 3d 53 25 76 01 a2 40 95 57 b4 18 33 71 e4 d4 22 b0 aa ef bd 13 37 3d 8d 02 9d 51 53 8f 123 | Attribute 80 (Message-Authenticator) length=18 124 | Value: b5 cd d7 83 16 04 cf 8b a6 19 73 27 ff fd 76 7f 125 | Attribute 24 (State) length=18 126 | Value: 78 4c c9 45 62 3a b1 fc 5a 64 4d b1 d7 a2 26 4b 127 | polish : oteviram pro cteni i zapis 128 | Copied RADIUS State Attribute 129 | Sending RADIUS message to authentication server 130 | RADIUS message: code=1 (Access-Request) identifier=66 length=124 131 | Attribute 1 (User-Name) length=9 132 | Value: 'account' 133 | Attribute 4 (NAS-IP-Address) length=6 134 | Value: 127.0.0.1 135 | Attribute 31 (Calling-Station-Id) length=19 136 | Value: 'AA-BB-12-34-56-90' 137 | Attribute 12 (Framed-MTU) length=6 138 | Value: 1400 139 | Attribute 61 (NAS-Port-Type) length=6 140 | Value: 19 141 | Attribute 77 (Connect-Info) length=14 142 | Value: 'Nazdar bazar' 143 | Attribute 79 (EAP-Message) length=8 144 | Value: 02 04 00 06 19 00 145 | Attribute 24 (State) length=18 146 | Value: 78 4c c9 45 62 3a b1 fc 5a 64 4d b1 d7 a2 26 4b 147 | Attribute 80 (Message-Authenticator) length=18 148 | Value: 90 0e 2c 84 f5 4c 96 86 29 28 c9 33 3c 70 3a 04 149 | Received RADIUS message 150 | RADIUS message: code=11 (Access-Challenge) identifier=66 length=138 151 | Attribute 79 (EAP-Message) length=82 152 | Value: 01 05 00 50 19 00 17 03 01 00 20 a1 0b ca ff 41 1a 98 0c d8 49 61 2b b8 e7 95 84 f0 cf 5f fc f5 c0 65 7b d0 7f db c2 cc 0b 82 1c 17 03 01 00 20 3e 30 ae 79 85 ff 89 62 53 64 a5 b1 b2 95 64 3e ec b9 ae e5 2f 9c 45 33 22 47 8b 47 2e 66 5f 91 153 | Attribute 80 (Message-Authenticator) length=18 154 | Value: ca 5c 4e 6c 47 6a 09 f2 79 65 2a ce 4c 48 11 da 155 | Attribute 24 (State) length=18 156 | Value: c7 f9 a5 d3 59 17 53 10 fb 08 f9 d8 13 86 0e 01 157 | polish : oteviram pro cteni i zapis 158 | Copied RADIUS State Attribute 159 | Sending RADIUS message to authentication server 160 | RADIUS message: code=1 (Access-Request) identifier=67 length=198 161 | Attribute 1 (User-Name) length=9 162 | Value: 'account' 163 | Attribute 4 (NAS-IP-Address) length=6 164 | Value: 127.0.0.1 165 | Attribute 31 (Calling-Station-Id) length=19 166 | Value: 'AA-BB-12-34-56-90' 167 | Attribute 12 (Framed-MTU) length=6 168 | Value: 1400 169 | Attribute 61 (NAS-Port-Type) length=6 170 | Value: 19 171 | Attribute 77 (Connect-Info) length=14 172 | Value: 'Nazdar bazar' 173 | Attribute 79 (EAP-Message) length=82 174 | Value: 02 05 00 50 19 00 17 03 01 00 20 ea d0 fe 3b 81 1f c0 0b e5 09 90 c0 c2 56 0a b2 90 a5 c3 e2 e5 05 e1 04 e6 51 3d 20 b0 10 78 6c 17 03 01 00 20 41 e1 2f 32 e1 be 8c 0a 34 48 b1 53 53 07 07 36 54 69 e7 72 66 73 4b df a1 dc c0 e3 aa be 94 41 175 | Attribute 24 (State) length=18 176 | Value: c7 f9 a5 d3 59 17 53 10 fb 08 f9 d8 13 86 0e 01 177 | Attribute 80 (Message-Authenticator) length=18 178 | Value: 83 c9 43 b2 fa 69 1a d0 af 90 65 d3 d0 b7 1c 4e 179 | Received RADIUS message 180 | RADIUS message: code=11 (Access-Challenge) identifier=67 length=170 181 | Attribute 79 (EAP-Message) length=114 182 | Value: 01 06 00 70 19 00 17 03 01 00 20 12 04 36 ac 54 36 ed e4 44 31 99 dc c2 de 1a 1a 57 ba 61 ea 37 cd ce 2b 44 52 8a 5e 8a 2d 17 e4 17 03 01 00 40 0e 01 22 41 d5 ff 03 44 66 d5 c6 93 a2 73 e9 c0 e8 1f 85 fa 56 f1 09 65 f7 68 2e c1 5e 50 e5 e7 19 f4 32 94 0d ae 74 dd 5d e0 b5 ad 43 77 d2 1f 08 b2 12 f3 f5 b5 4e b1 67 36 03 7a 5c 3b e8 d5 183 | Attribute 80 (Message-Authenticator) length=18 184 | Value: bd 5f 62 b4 6a b7 60 56 22 af c3 b2 a0 b2 c9 b0 185 | Attribute 24 (State) length=18 186 | Value: c4 23 30 d2 a0 5d c7 05 78 a9 7b fc da cb 9f 58 187 | polish : oteviram pro cteni i zapis 188 | Copied RADIUS State Attribute 189 | Sending RADIUS message to authentication server 190 | RADIUS message: code=1 (Access-Request) identifier=68 length=262 191 | Attribute 1 (User-Name) length=9 192 | Value: 'account' 193 | Attribute 4 (NAS-IP-Address) length=6 194 | Value: 127.0.0.1 195 | Attribute 31 (Calling-Station-Id) length=19 196 | Value: 'AA-BB-12-34-56-90' 197 | Attribute 12 (Framed-MTU) length=6 198 | Value: 1400 199 | Attribute 61 (NAS-Port-Type) length=6 200 | Value: 19 201 | Attribute 77 (Connect-Info) length=14 202 | Value: 'Nazdar bazar' 203 | Attribute 79 (EAP-Message) length=146 204 | Value: 02 06 00 90 19 00 17 03 01 00 20 28 60 96 73 e6 1d ef c1 a3 f3 6f 46 45 cf 51 aa 69 d6 58 f5 18 38 f8 49 d0 8d 67 0e 93 97 47 68 17 03 01 00 60 44 d5 69 40 ec d4 00 a5 59 22 d9 5f d4 a1 50 7b 4e c3 7a ca 35 55 66 2f f8 df 5a ed e2 71 cd 62 66 72 30 6b a3 1e 52 01 2f 07 31 89 e3 55 08 ff 87 e4 77 74 cc ca 52 f3 60 c5 b7 e4 69 e9 04 d2 7b 0b 8b 7e c4 54 29 10 19 0e 4b 5c 5c 87 8c 2a e3 fb 53 0e 70 88 d3 21 7d 8c d3 65 ac 87 8a 85 205 | Attribute 24 (State) length=18 206 | Value: c4 23 30 d2 a0 5d c7 05 78 a9 7b fc da cb 9f 58 207 | Attribute 80 (Message-Authenticator) length=18 208 | Value: b8 6b 9a 5f b7 23 d3 19 e4 0d e0 4c b2 56 62 dd 209 | Received RADIUS message 210 | RADIUS message: code=11 (Access-Challenge) identifier=68 length=186 211 | Attribute 79 (EAP-Message) length=130 212 | Value: 01 07 00 80 19 00 17 03 01 00 20 7b 47 1b ac 03 85 a2 97 73 fa 6e a2 3a c5 75 66 da 0b 3a f7 71 39 92 9c 7a c2 be 89 84 cd b3 4b 17 03 01 00 50 60 7f f2 f9 21 a9 6f 81 05 46 14 94 f8 01 38 51 10 32 a1 44 3d 00 6c 90 5f fe 8e 07 7a 8f f9 d0 b4 9b af a1 c6 36 15 68 8c 12 b6 9b e0 bc 0d 66 a5 81 7c c6 3d b7 fb df aa 3b 85 c3 1c 06 6e ab 22 68 d2 c8 b6 4e 14 ac 58 a6 ce 7c c5 7d 4d f9 213 | Attribute 80 (Message-Authenticator) length=18 214 | Value: 40 cf fa 0f cf 95 10 b2 f1 97 07 33 63 6a 5f 9b 215 | Attribute 24 (State) length=18 216 | Value: 19 00 a7 26 44 12 fb 3e da 1d 1b 92 07 59 99 69 217 | polish : oteviram pro cteni i zapis 218 | Copied RADIUS State Attribute 219 | Sending RADIUS message to authentication server 220 | RADIUS message: code=1 (Access-Request) identifier=69 length=198 221 | Attribute 1 (User-Name) length=9 222 | Value: 'account' 223 | Attribute 4 (NAS-IP-Address) length=6 224 | Value: 127.0.0.1 225 | Attribute 31 (Calling-Station-Id) length=19 226 | Value: 'AA-BB-12-34-56-90' 227 | Attribute 12 (Framed-MTU) length=6 228 | Value: 1400 229 | Attribute 61 (NAS-Port-Type) length=6 230 | Value: 19 231 | Attribute 77 (Connect-Info) length=14 232 | Value: 'Nazdar bazar' 233 | Attribute 79 (EAP-Message) length=82 234 | Value: 02 07 00 50 19 00 17 03 01 00 20 7e 80 0a 6d 4d d9 db d1 4c d9 83 d6 f6 b7 be 6a dd 92 a0 c9 36 1a fa 5a 1e 43 71 5d a3 f1 46 89 17 03 01 00 20 6e 2d 16 e2 4d e6 c3 a4 80 fa 0e 22 f9 56 c5 b7 60 9a 5f 1b 65 14 55 0b 02 db f4 73 40 c1 54 7e 235 | Attribute 24 (State) length=18 236 | Value: 19 00 a7 26 44 12 fb 3e da 1d 1b 92 07 59 99 69 237 | Attribute 80 (Message-Authenticator) length=18 238 | Value: b9 e8 92 aa 45 d0 04 cd 8e 5c b8 7d ad 99 bd be 239 | Received RADIUS message 240 | RADIUS message: code=11 (Access-Challenge) identifier=69 length=138 241 | Attribute 79 (EAP-Message) length=82 242 | Value: 01 08 00 50 19 00 17 03 01 00 20 8e 50 34 42 cd ca 3a 05 2f ed 6a f0 05 36 7a f6 f5 8c 02 49 4f 4e 6c d9 3d 9c 4a e9 02 13 ff c8 17 03 01 00 20 ef 89 38 1a cd b2 28 0f 88 2e 5a ba 56 35 7f 70 16 97 d6 ac 6a 73 a0 8b 1f fb 98 b9 14 d1 15 ba 243 | Attribute 80 (Message-Authenticator) length=18 244 | Value: d6 c6 22 c4 f1 97 4d 66 d1 cb e5 a8 67 19 0b 4a 245 | Attribute 24 (State) length=18 246 | Value: d6 fc d6 46 c8 66 23 c5 c5 29 81 56 83 44 d4 20 247 | polish : oteviram pro cteni i zapis 248 | Copied RADIUS State Attribute 249 | Sending RADIUS message to authentication server 250 | RADIUS message: code=1 (Access-Request) identifier=70 length=198 251 | Attribute 1 (User-Name) length=9 252 | Value: 'account' 253 | Attribute 4 (NAS-IP-Address) length=6 254 | Value: 127.0.0.1 255 | Attribute 31 (Calling-Station-Id) length=19 256 | Value: 'AA-BB-12-34-56-90' 257 | Attribute 12 (Framed-MTU) length=6 258 | Value: 1400 259 | Attribute 61 (NAS-Port-Type) length=6 260 | Value: 19 261 | Attribute 77 (Connect-Info) length=14 262 | Value: 'Nazdar bazar' 263 | Attribute 79 (EAP-Message) length=82 264 | Value: 02 08 00 50 19 00 17 03 01 00 20 20 56 48 6e 20 0e 09 10 22 8f 6c a3 25 ba e8 ef 7f 94 8a a3 65 78 29 65 53 72 52 8a 54 40 f0 78 17 03 01 00 20 b0 58 5e e8 9f 8e 73 04 14 c2 27 1e 6b 6d b4 46 aa 6c 01 58 27 67 e5 32 dc 4a 51 16 6c bd a7 c4 265 | Attribute 24 (State) length=18 266 | Value: d6 fc d6 46 c8 66 23 c5 c5 29 81 56 83 44 d4 20 267 | Attribute 80 (Message-Authenticator) length=18 268 | Value: 0b bf e0 a1 71 fd 7b bb 36 21 ea 01 f8 de c4 9b 269 | Received RADIUS message 270 | RADIUS message: code=2 (Access-Accept) identifier=70 length=169 271 | Attribute 26 (Vendor-Specific) length=58 272 | Value: 00 00 01 37 11 34 a2 88 20 fd 5f 11 ef c2 bb 82 91 93 7e 2f cd ac 78 ea fc 81 a5 73 13 e9 81 fe f5 f7 0e 90 0b d1 53 86 5b 38 3a 5e 3a 82 45 03 60 3c be 58 e8 60 59 c5 273 | Attribute 26 (Vendor-Specific) length=58 274 | Value: 00 00 01 37 10 34 aa 2c 1d d0 b6 3c 40 2a 75 ce e4 3a 69 58 91 c5 ba e9 3d 2a ca e6 38 2d 86 69 c7 11 f4 1a a8 8d 92 da 31 5c ee d2 ac 84 b3 80 bd f0 a1 3d 80 f8 53 23 275 | Attribute 79 (EAP-Message) length=6 276 | Value: 03 08 00 04 277 | Attribute 80 (Message-Authenticator) length=18 278 | Value: ee d0 09 8c 58 f5 02 e8 00 33 51 e0 ec 7c 0f b0 279 | Attribute 1 (User-Name) length=9 280 | Value: 'account' 281 | -------------------------------------------------------------------------------- /examples_internal/con2: -------------------------------------------------------------------------------- 1 | access-accept; 0 2 | polish : oteviram pro cteni i zapis 3 | Sending RADIUS message to authentication server 4 | RADIUS message: code=1 (Access-Request) identifier=61 length=112 5 | Attribute 1 (User-Name) length=9 6 | Value: 'account' 7 | Attribute 4 (NAS-IP-Address) length=6 8 | Value: 127.0.0.1 9 | Attribute 31 (Calling-Station-Id) length=19 10 | Value: 'AA-BB-12-34-56-90' 11 | Attribute 12 (Framed-MTU) length=6 12 | Value: 1400 13 | Attribute 61 (NAS-Port-Type) length=6 14 | Value: 19 15 | Attribute 77 (Connect-Info) length=14 16 | Value: 'Nazdar bazar' 17 | Attribute 79 (EAP-Message) length=14 18 | Value: 02 00 00 0c 01 61 63 63 6f 75 6e 74 19 | Attribute 80 (Message-Authenticator) length=18 20 | Value: 3e 02 26 e5 db 37 c3 9a 48 25 5e 2d a3 e6 23 7c 21 | Received RADIUS message 22 | RADIUS message: code=11 (Access-Challenge) identifier=61 length=64 23 | Attribute 79 (EAP-Message) length=8 24 | Value: 01 01 00 06 19 20 25 | Attribute 80 (Message-Authenticator) length=18 26 | Value: 31 ac b1 5a 42 5f ee 95 f3 ee 95 7d 3b 38 d0 f2 27 | Attribute 24 (State) length=18 28 | Value: fd b1 e4 45 ad f3 25 1d 58 75 37 ee 10 d7 80 a6 29 | polish : oteviram pro cteni i zapis 30 | Copied RADIUS State Attribute 31 | Sending RADIUS message to authentication server 32 | RADIUS message: code=1 (Access-Request) identifier=64 length=225 33 | Attribute 1 (User-Name) length=9 34 | Value: 'account' 35 | Attribute 4 (NAS-IP-Address) length=6 36 | Value: 127.0.0.1 37 | Attribute 31 (Calling-Station-Id) length=19 38 | Value: 'AA-BB-12-34-56-90' 39 | Attribute 12 (Framed-MTU) length=6 40 | Value: 1400 41 | Attribute 61 (NAS-Port-Type) length=6 42 | Value: 19 43 | Attribute 77 (Connect-Info) length=14 44 | Value: 'Nazdar bazar' 45 | Attribute 79 (EAP-Message) length=109 46 | Value: 02 01 00 6b 19 00 16 03 01 00 60 01 00 00 5c 03 01 44 5a 8a 4e 7c c6 e3 57 aa 67 2c c1 32 93 cc 1e 7f d9 a7 51 25 0d ce 41 67 a1 fa 24 cf 45 98 af 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00 47 | Attribute 24 (State) length=18 48 | Value: fd b1 e4 45 ad f3 25 1d 58 75 37 ee 10 d7 80 a6 49 | Attribute 80 (Message-Authenticator) length=18 50 | Value: 34 63 63 c5 cf d7 5c ed e9 3c 82 f5 07 1b 6d 5e 51 | Received RADIUS message 52 | RADIUS message: code=11 (Access-Challenge) identifier=64 length=1100 53 | Attribute 79 (EAP-Message) length=255 54 | Value: 01 02 04 0a 19 c0 00 00 04 e2 16 03 01 00 4a 02 00 00 46 03 01 44 5a 8a 4f dc 63 90 71 ed 89 eb e3 f6 29 c7 34 ed e9 ac f8 e0 6e cc e2 fe 77 d7 c7 9b 6a ea c1 20 e7 55 e8 1f 7f af 7a 3a bd 01 8f 8b 0d 7d b3 71 de 2f 66 d8 c9 d1 d4 f6 89 c0 79 ee 73 8c 3d d9 00 35 00 16 03 01 04 85 0b 00 04 81 00 04 7e 00 04 7b 30 82 04 77 30 82 03 5f a0 03 02 01 02 02 04 42 b2 f2 d3 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 43 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 30 1e 17 0d 30 35 30 39 32 37 31 32 31 37 34 34 5a 17 0d 30 36 31 30 32 37 31 32 34 37 34 34 5a 30 76 31 12 30 10 06 0a 09 92 26 89 93 f2 55 | Attribute 79 (EAP-Message) length=255 56 | Value: 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 24 30 22 06 03 55 04 0a 13 1b 55 6e 69 76 65 72 73 69 74 79 20 6f 66 20 4a 2e 20 45 2e 20 50 75 72 6b 79 6e 65 31 1f 30 1d 06 03 55 04 03 13 16 70 61 72 61 6c 65 6e 2d 72 61 64 69 75 73 2e 75 6a 65 70 2e 63 7a 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 c3 b6 da f7 4d cd 2c 1b f8 d0 57 dd 2d c3 ed 1a 84 50 04 b4 e8 74 d7 c2 4f 06 60 9b 22 5e 2d 22 08 02 36 99 e1 ae 87 b9 be c1 05 84 85 72 7b 2a c4 b5 a4 47 89 dd 01 cd 01 61 16 64 f3 ae a8 b3 32 4c 0e 80 94 36 50 b3 aa 57 84 16 be 35 f1 66 8a 14 24 9d 4e 6a d3 f6 ad 22 36 ac e3 e0 a0 2c 07 f8 11 34 7e 60 6c 83 33 87 1c d0 87 67 67 f8 12 ec 52 f0 ca 8d 57 | Attribute 79 (EAP-Message) length=255 58 | Value: c6 82 9e 01 a3 a0 ca 54 58 a3 02 03 01 00 01 a3 82 01 c2 30 82 01 be 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 19 06 03 55 1d 20 04 12 30 10 30 0e 06 0c 2b 06 01 04 01 be 79 01 02 02 02 00 30 2d 06 03 55 1d 11 04 26 30 24 81 11 70 6f 6c 69 73 68 40 70 66 2e 75 6a 65 70 2e 63 7a 82 0f 70 61 72 61 6c 65 6e 2e 75 6a 65 70 2e 63 7a 30 82 01 0b 06 03 55 1d 1f 04 82 01 02 30 81 ff 30 5a a0 58 a0 56 a4 54 30 52 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 31 0d 30 0b 06 03 55 04 03 13 04 43 52 4c 31 30 81 a0 a0 81 9d a0 81 9a 86 42 59 | Attribute 79 (EAP-Message) length=255 60 | Value: 68 74 74 70 3a 2f 2f 77 77 77 2e 63 65 73 6e 65 74 2e 63 7a 2f 70 6b 69 2f 63 72 6c 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 2e 63 72 6c 86 54 6c 64 61 70 3a 2f 2f 6c 64 61 70 2e 63 65 73 6e 65 74 2d 63 61 2e 63 7a 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 3f 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 30 1f 06 03 55 1d 23 04 18 30 16 80 14 2f 6c 05 c3 51 26 ac af 39 9c 3e 38 35 dd 52 29 27 80 c5 f5 30 1d 06 03 55 1d 0e 04 16 04 14 41 0b c0 a4 47 4a 03 a5 37 01 ee bb cb cd 3f 58 7d d1 e0 77 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 2e 99 95 02 33 3d c6 26 48 82 ce db 38 78 3b e6 92 61 | Attribute 79 (EAP-Message) length=24 62 | Value: 41 1e 7c f8 a2 2c a6 83 0a 2f 28 72 01 ac a7 b9 84 32 9c 89 85 8b 63 | Attribute 80 (Message-Authenticator) length=18 64 | Value: cd 66 5b d7 c4 f4 a2 6d 51 e2 36 b2 95 a0 d9 eb 65 | Attribute 24 (State) length=18 66 | Value: 4e 20 a3 c7 65 23 72 c2 75 bd 25 08 bc 00 cf 6d 67 | polish : oteviram pro cteni i zapis 68 | Copied RADIUS State Attribute 69 | Sending RADIUS message to authentication server 70 | RADIUS message: code=1 (Access-Request) identifier=71 length=124 71 | Attribute 1 (User-Name) length=9 72 | Value: 'account' 73 | Attribute 4 (NAS-IP-Address) length=6 74 | Value: 127.0.0.1 75 | Attribute 31 (Calling-Station-Id) length=19 76 | Value: 'AA-BB-12-34-56-90' 77 | Attribute 12 (Framed-MTU) length=6 78 | Value: 1400 79 | Attribute 61 (NAS-Port-Type) length=6 80 | Value: 19 81 | Attribute 77 (Connect-Info) length=14 82 | Value: 'Nazdar bazar' 83 | Attribute 79 (EAP-Message) length=8 84 | Value: 02 02 00 06 19 00 85 | Attribute 24 (State) length=18 86 | Value: 4e 20 a3 c7 65 23 72 c2 75 bd 25 08 bc 00 cf 6d 87 | Attribute 80 (Message-Authenticator) length=18 88 | Value: 28 dd 20 58 9c 8b f6 fb 2f 14 9b da 8e 06 31 c0 89 | Received RADIUS message 90 | RADIUS message: code=11 (Access-Challenge) identifier=71 length=290 91 | Attribute 79 (EAP-Message) length=234 92 | Value: 01 03 00 e8 19 00 38 c4 ae 80 90 36 ee 2a f8 87 4c 81 b8 62 ef 74 27 20 c8 ac 4b 19 3f 06 45 c9 88 cc 55 ba 0b b5 8e 9c 44 d5 f1 46 31 48 9b 07 51 b0 51 33 0d e8 b8 3f cc 8c 75 a7 18 e0 d3 ac 1a 23 fb ac 2f fe 4c 9a ba ff 8b df fc 05 d3 f9 29 99 a1 9d f3 9b 53 4a 5a b5 51 87 14 08 48 4e 97 21 3b 54 50 a3 92 60 2a 65 6b af b2 a9 68 0c c5 31 da 38 f7 82 53 5b 1f e9 8d 41 99 0d 6c ed 8f 8f c6 10 ef 26 f3 c4 70 26 e6 03 96 42 cf fd d3 8c 1b f7 b6 14 a8 44 58 8b 1e 54 f5 30 e0 21 22 62 4c e7 f1 83 fb f3 13 67 77 c8 dc a3 9c ea d4 aa 94 dd f8 38 46 74 c6 76 bf e9 05 69 03 bc 5c 36 06 09 b3 db 20 63 e5 c9 27 b7 8a 84 fe c4 24 43 0d 61 2c 47 2b 3f 9c 75 0a 98 d9 6a 83 16 03 01 00 04 0e 00 00 00 93 | Attribute 80 (Message-Authenticator) length=18 94 | Value: 52 c8 93 1c 1e 08 6c c0 2a 44 89 c3 25 d4 7d 77 95 | Attribute 24 (State) length=18 96 | Value: ae e1 7d 58 63 07 c4 85 33 90 21 e9 16 ed ba b4 97 | polish : oteviram pro cteni i zapis 98 | Copied RADIUS State Attribute 99 | Sending RADIUS message to authentication server 100 | RADIUS message: code=1 (Access-Request) identifier=72 length=322 101 | Attribute 1 (User-Name) length=9 102 | Value: 'account' 103 | Attribute 4 (NAS-IP-Address) length=6 104 | Value: 127.0.0.1 105 | Attribute 31 (Calling-Station-Id) length=19 106 | Value: 'AA-BB-12-34-56-90' 107 | Attribute 12 (Framed-MTU) length=6 108 | Value: 1400 109 | Attribute 61 (NAS-Port-Type) length=6 110 | Value: 19 111 | Attribute 77 (Connect-Info) length=14 112 | Value: 'Nazdar bazar' 113 | Attribute 79 (EAP-Message) length=206 114 | Value: 02 03 00 cc 19 00 16 03 01 00 86 10 00 00 82 00 80 bb 8e 44 8c 05 0b fa bc 12 b1 45 ad a5 c4 5d 6f 72 9e b9 57 3c 76 c0 84 cd 76 82 9a 03 77 16 77 53 56 1f 98 41 5b fc 22 40 3d d5 b3 77 7f a8 90 b7 cb 4c 50 01 b3 b0 72 bb 23 cc d5 e3 b7 7d 48 69 1d a4 3a 39 75 38 1d 6a c3 9a 5c 70 b8 ed 64 b5 fd 29 c2 38 ac 43 02 65 24 c5 11 73 d2 31 ec 18 f8 77 94 1d c0 48 21 c7 93 6a 9c bb b4 bf c2 43 4f dc b5 d3 3b d5 02 40 dc d8 21 fe c9 e3 b3 14 03 01 00 01 01 16 03 01 00 30 74 09 1a 6d 26 dd 1c cf 56 69 43 6b 70 f6 ac b1 a7 28 1b e6 ef d9 89 45 76 47 e3 63 cf 40 a3 28 b7 0e f3 d7 3d 0f c4 8d 72 20 72 24 6f 11 74 69 115 | Attribute 24 (State) length=18 116 | Value: ae e1 7d 58 63 07 c4 85 33 90 21 e9 16 ed ba b4 117 | Attribute 80 (Message-Authenticator) length=18 118 | Value: 7e c4 17 57 38 c2 07 65 db b6 59 0d 87 ae 89 60 119 | Received RADIUS message 120 | RADIUS message: code=11 (Access-Challenge) identifier=72 length=123 121 | Attribute 79 (EAP-Message) length=67 122 | Value: 01 04 00 41 19 00 14 03 01 00 01 01 16 03 01 00 30 4a 91 5e 3e 97 99 d9 aa 23 72 09 6a e2 4a 49 b5 ee 76 04 2b 8f e2 ce 64 05 c8 2c f0 38 e5 4a 3d 7e 23 7b 66 4b 6c c5 8b cf aa 64 fa 52 19 28 59 123 | Attribute 80 (Message-Authenticator) length=18 124 | Value: bb 68 0d 6f 58 84 13 e9 83 41 84 5c e1 f7 29 60 125 | Attribute 24 (State) length=18 126 | Value: 98 b6 d4 cd f9 5f c9 82 31 a3 97 45 b9 0a 33 07 127 | polish : oteviram pro cteni i zapis 128 | Copied RADIUS State Attribute 129 | Sending RADIUS message to authentication server 130 | RADIUS message: code=1 (Access-Request) identifier=73 length=124 131 | Attribute 1 (User-Name) length=9 132 | Value: 'account' 133 | Attribute 4 (NAS-IP-Address) length=6 134 | Value: 127.0.0.1 135 | Attribute 31 (Calling-Station-Id) length=19 136 | Value: 'AA-BB-12-34-56-90' 137 | Attribute 12 (Framed-MTU) length=6 138 | Value: 1400 139 | Attribute 61 (NAS-Port-Type) length=6 140 | Value: 19 141 | Attribute 77 (Connect-Info) length=14 142 | Value: 'Nazdar bazar' 143 | Attribute 79 (EAP-Message) length=8 144 | Value: 02 04 00 06 19 00 145 | Attribute 24 (State) length=18 146 | Value: 98 b6 d4 cd f9 5f c9 82 31 a3 97 45 b9 0a 33 07 147 | Attribute 80 (Message-Authenticator) length=18 148 | Value: 9e 3d 81 74 b3 08 17 39 4e 63 ff 85 82 73 d3 7c 149 | Received RADIUS message 150 | RADIUS message: code=11 (Access-Challenge) identifier=73 length=138 151 | Attribute 79 (EAP-Message) length=82 152 | Value: 01 05 00 50 19 00 17 03 01 00 20 f2 c2 77 21 37 4b b7 00 d2 dc af 0a de ca 03 f3 77 e9 82 be 3b 10 85 9c b9 7e 38 b0 c8 9d a8 1b 17 03 01 00 20 73 e6 b2 19 65 1f 18 a3 29 12 d7 6c 5a c4 3e 67 5d a5 2a 45 5f 4f cd 58 3e f1 3e 08 33 36 05 a0 153 | Attribute 80 (Message-Authenticator) length=18 154 | Value: c5 66 b6 ab ea 8a 93 a3 42 09 a3 f4 4b 02 28 e7 155 | Attribute 24 (State) length=18 156 | Value: 02 a6 43 05 95 8b 48 c7 41 1b dd c1 41 3c 7b 3c 157 | polish : oteviram pro cteni i zapis 158 | Copied RADIUS State Attribute 159 | Sending RADIUS message to authentication server 160 | RADIUS message: code=1 (Access-Request) identifier=74 length=198 161 | Attribute 1 (User-Name) length=9 162 | Value: 'account' 163 | Attribute 4 (NAS-IP-Address) length=6 164 | Value: 127.0.0.1 165 | Attribute 31 (Calling-Station-Id) length=19 166 | Value: 'AA-BB-12-34-56-90' 167 | Attribute 12 (Framed-MTU) length=6 168 | Value: 1400 169 | Attribute 61 (NAS-Port-Type) length=6 170 | Value: 19 171 | Attribute 77 (Connect-Info) length=14 172 | Value: 'Nazdar bazar' 173 | Attribute 79 (EAP-Message) length=82 174 | Value: 02 05 00 50 19 00 17 03 01 00 20 1c 95 b0 e1 ad 9e ea ba d0 d5 90 cb ae 95 c8 a3 86 5f 0a 27 de b7 f6 b4 15 82 a6 4d 06 bb a0 1b 17 03 01 00 20 70 39 91 ab eb 14 24 7e eb af 51 e9 da f4 85 c0 1f 53 ee 92 27 dc ce 4e 02 a8 fa e1 02 52 45 d2 175 | Attribute 24 (State) length=18 176 | Value: 02 a6 43 05 95 8b 48 c7 41 1b dd c1 41 3c 7b 3c 177 | Attribute 80 (Message-Authenticator) length=18 178 | Value: ef 36 71 f9 22 91 18 4e a4 90 b5 15 04 3c 1a f7 179 | Received RADIUS message 180 | RADIUS message: code=11 (Access-Challenge) identifier=74 length=170 181 | Attribute 79 (EAP-Message) length=114 182 | Value: 01 06 00 70 19 00 17 03 01 00 20 9c 8e 37 cd ff d3 de 50 44 82 93 ef 67 16 31 14 a8 e4 f7 4f f4 a6 a2 3b 7c 13 48 af 79 78 87 74 17 03 01 00 40 c8 78 70 43 c7 23 94 24 a2 1d 13 29 7b 2a 16 79 2e 44 b0 0e da 74 5f 0e 2b 1f 51 dd 87 21 0f 2e f3 89 03 19 c4 89 dc c3 49 80 bd e5 ae 6a 3a 37 62 18 72 2d 0f b2 e3 7c 8d 2e 73 6d fb 46 47 ec 183 | Attribute 80 (Message-Authenticator) length=18 184 | Value: 95 36 08 d5 f2 77 f0 5b 2a a7 c1 c9 b0 22 0d 31 185 | Attribute 24 (State) length=18 186 | Value: f7 80 e9 b6 21 44 43 fe 65 8f 2f ec 26 07 86 25 187 | polish : oteviram pro cteni i zapis 188 | Copied RADIUS State Attribute 189 | Sending RADIUS message to authentication server 190 | RADIUS message: code=1 (Access-Request) identifier=75 length=262 191 | Attribute 1 (User-Name) length=9 192 | Value: 'account' 193 | Attribute 4 (NAS-IP-Address) length=6 194 | Value: 127.0.0.1 195 | Attribute 31 (Calling-Station-Id) length=19 196 | Value: 'AA-BB-12-34-56-90' 197 | Attribute 12 (Framed-MTU) length=6 198 | Value: 1400 199 | Attribute 61 (NAS-Port-Type) length=6 200 | Value: 19 201 | Attribute 77 (Connect-Info) length=14 202 | Value: 'Nazdar bazar' 203 | Attribute 79 (EAP-Message) length=146 204 | Value: 02 06 00 90 19 00 17 03 01 00 20 78 67 e1 b5 f5 86 3a 3d 24 4e a7 16 55 17 b1 f7 ee 82 e2 9a 41 ca 1e e3 45 d5 67 d6 ab 8c 83 6b 17 03 01 00 60 54 2e 20 0a 78 d3 70 6d bc 0b 79 45 3b e9 00 1e 57 42 89 9f 24 47 16 2d 74 af e4 5c 55 83 6d 24 76 f0 ea 50 57 0b 5d 67 a4 7f 32 53 bc 34 8b 11 51 43 9f d1 b4 16 87 7f ae 75 ea db 04 11 f4 91 b4 77 27 30 58 2f 19 e1 43 c9 10 a7 8f ac 95 f4 d4 91 3e 99 92 b9 19 ac f5 f1 b5 67 c2 78 58 4f 205 | Attribute 24 (State) length=18 206 | Value: f7 80 e9 b6 21 44 43 fe 65 8f 2f ec 26 07 86 25 207 | Attribute 80 (Message-Authenticator) length=18 208 | Value: 18 74 94 f3 69 3a 43 06 11 df ac 98 c4 85 4f 13 209 | Received RADIUS message 210 | RADIUS message: code=11 (Access-Challenge) identifier=75 length=186 211 | Attribute 79 (EAP-Message) length=130 212 | Value: 01 07 00 80 19 00 17 03 01 00 20 a0 2d c5 f8 80 b4 ea e6 7d fa 3c 8e c3 a9 f6 25 07 95 aa a1 30 65 f5 f4 4d 33 11 e6 b5 fd 78 f9 17 03 01 00 50 c8 ab 76 f1 5f 1b b7 35 b3 67 57 43 01 35 1c b4 8b d9 d2 0c 50 5a 01 2f 0b f5 a1 8a 8a 9e d5 06 34 cc 85 0e 36 64 42 41 11 d7 28 4f cf 49 12 82 86 b5 ec 85 8e 14 6a 32 d1 ba bd 04 bd 18 f3 1e 4b ab 92 94 25 d7 8f e9 3c df 4a 42 5d 74 0a 29 213 | Attribute 80 (Message-Authenticator) length=18 214 | Value: ed 33 62 e5 d4 22 03 a7 c9 ec 40 ff 2f db e5 09 215 | Attribute 24 (State) length=18 216 | Value: e3 a1 e2 2a 39 46 28 bb ed 3b db c5 43 cc cc 80 217 | polish : oteviram pro cteni i zapis 218 | Copied RADIUS State Attribute 219 | Sending RADIUS message to authentication server 220 | RADIUS message: code=1 (Access-Request) identifier=76 length=198 221 | Attribute 1 (User-Name) length=9 222 | Value: 'account' 223 | Attribute 4 (NAS-IP-Address) length=6 224 | Value: 127.0.0.1 225 | Attribute 31 (Calling-Station-Id) length=19 226 | Value: 'AA-BB-12-34-56-90' 227 | Attribute 12 (Framed-MTU) length=6 228 | Value: 1400 229 | Attribute 61 (NAS-Port-Type) length=6 230 | Value: 19 231 | Attribute 77 (Connect-Info) length=14 232 | Value: 'Nazdar bazar' 233 | Attribute 79 (EAP-Message) length=82 234 | Value: 02 07 00 50 19 00 17 03 01 00 20 4d cb 89 4c fd 21 d2 19 87 cb 9d 53 aa c7 88 86 de f8 58 d9 8e f9 82 7a e8 d7 cf 4f e9 25 9c 7a 17 03 01 00 20 d2 84 6a 97 78 9d 45 3a 58 35 7f 82 85 1a d2 f1 1f af 3e 7d 1b 6a 07 f6 23 8f cd 4c af 97 6f 0f 235 | Attribute 24 (State) length=18 236 | Value: e3 a1 e2 2a 39 46 28 bb ed 3b db c5 43 cc cc 80 237 | Attribute 80 (Message-Authenticator) length=18 238 | Value: 42 6d 18 7d 36 9a f3 dd d6 aa 51 c9 6f 58 8a 3d 239 | Received RADIUS message 240 | RADIUS message: code=11 (Access-Challenge) identifier=76 length=138 241 | Attribute 79 (EAP-Message) length=82 242 | Value: 01 08 00 50 19 00 17 03 01 00 20 71 56 c1 23 6e 5a be 89 af 6f 92 ab c3 37 d6 b9 81 e4 3c 4e 67 3b 5f ce d8 64 81 56 0f 06 80 1d 17 03 01 00 20 73 14 40 ca 7b c3 e3 b9 eb 9a a4 c5 3a 5c af 32 f4 d7 8f 6b 60 44 10 ae 6f 81 0f 59 87 b1 18 a4 243 | Attribute 80 (Message-Authenticator) length=18 244 | Value: 8d de 93 0a 5c 2e 13 f4 50 7d eb 01 2f 98 4a 74 245 | Attribute 24 (State) length=18 246 | Value: ff 38 a0 2f 85 9b a7 15 c6 c7 aa de 0d c2 62 ec 247 | polish : oteviram pro cteni i zapis 248 | Copied RADIUS State Attribute 249 | Sending RADIUS message to authentication server 250 | RADIUS message: code=1 (Access-Request) identifier=77 length=198 251 | Attribute 1 (User-Name) length=9 252 | Value: 'account' 253 | Attribute 4 (NAS-IP-Address) length=6 254 | Value: 127.0.0.1 255 | Attribute 31 (Calling-Station-Id) length=19 256 | Value: 'AA-BB-12-34-56-90' 257 | Attribute 12 (Framed-MTU) length=6 258 | Value: 1400 259 | Attribute 61 (NAS-Port-Type) length=6 260 | Value: 19 261 | Attribute 77 (Connect-Info) length=14 262 | Value: 'Nazdar bazar' 263 | Attribute 79 (EAP-Message) length=82 264 | Value: 02 08 00 50 19 00 17 03 01 00 20 ac 0b da 4a 0b 63 3d ba 7f 50 af 41 4e ad 0e 8d 65 46 4d d5 2f 77 5e 49 e9 1b 05 10 0e 0e f8 62 17 03 01 00 20 d5 3b 01 4c 82 8f 17 7c dc 10 07 fa cc 90 e5 91 e5 a9 9f a0 a7 a4 7d d2 b6 9c 53 0a 72 a5 84 47 265 | Attribute 24 (State) length=18 266 | Value: ff 38 a0 2f 85 9b a7 15 c6 c7 aa de 0d c2 62 ec 267 | Attribute 80 (Message-Authenticator) length=18 268 | Value: e1 ac bc 9e 8a fc 58 7f 19 05 c0 03 55 83 0f da 269 | Received RADIUS message 270 | RADIUS message: code=2 (Access-Accept) identifier=77 length=169 271 | Attribute 26 (Vendor-Specific) length=58 272 | Value: 00 00 01 37 11 34 b5 0d 09 5a 21 a2 c7 c4 d9 8e 51 d9 a9 5c 76 fe 2d 6a 20 e9 75 5f 73 a9 85 76 13 aa 00 53 fd d3 49 01 cc d1 ab 47 56 bb f5 9d d7 a2 4a 5c 5b 8a aa 83 273 | Attribute 26 (Vendor-Specific) length=58 274 | Value: 00 00 01 37 10 34 bb e7 4b b9 1e 17 64 47 b0 08 e4 b9 7f 53 de cd 57 76 18 5c 22 5a 8f 84 aa 38 fe 63 a2 9a 7b 86 b4 1c a1 43 99 36 8a 54 05 1d c7 06 ed f8 d7 ac f3 bd 275 | Attribute 79 (EAP-Message) length=6 276 | Value: 03 08 00 04 277 | Attribute 80 (Message-Authenticator) length=18 278 | Value: f8 b6 c1 75 33 f8 c0 34 c6 34 a5 04 14 cc 5f d9 279 | Attribute 1 (User-Name) length=9 280 | Value: 'account' 281 | -------------------------------------------------------------------------------- /examples_internal/con3: -------------------------------------------------------------------------------- 1 | access-accept; 0 2 | polish : oteviram pro cteni i zapis 3 | Sending RADIUS message to authentication server 4 | RADIUS message: code=1 (Access-Request) identifier=78 length=112 5 | Attribute 1 (User-Name) length=9 6 | Value: 'account' 7 | Attribute 4 (NAS-IP-Address) length=6 8 | Value: 127.0.0.1 9 | Attribute 31 (Calling-Station-Id) length=19 10 | Value: 'AA-BB-12-34-56-90' 11 | Attribute 12 (Framed-MTU) length=6 12 | Value: 1400 13 | Attribute 61 (NAS-Port-Type) length=6 14 | Value: 19 15 | Attribute 77 (Connect-Info) length=14 16 | Value: 'Nazdar bazar' 17 | Attribute 79 (EAP-Message) length=14 18 | Value: 02 00 00 0c 01 61 63 63 6f 75 6e 74 19 | Attribute 80 (Message-Authenticator) length=18 20 | Value: de 90 ac 49 de 16 2e a9 a2 99 21 43 8c dd db 91 21 | Received RADIUS message 22 | RADIUS message: code=11 (Access-Challenge) identifier=78 length=64 23 | Attribute 79 (EAP-Message) length=8 24 | Value: 01 01 00 06 19 20 25 | Attribute 80 (Message-Authenticator) length=18 26 | Value: 0b a8 8d e2 3e 86 ff 1f 62 1f 78 38 eb 08 b1 7a 27 | Attribute 24 (State) length=18 28 | Value: a4 bf b7 cd 3b a5 14 ab b8 a5 b3 54 c6 ef 4d 5f 29 | polish : oteviram pro cteni i zapis 30 | Copied RADIUS State Attribute 31 | Sending RADIUS message to authentication server 32 | RADIUS message: code=1 (Access-Request) identifier=79 length=225 33 | Attribute 1 (User-Name) length=9 34 | Value: 'account' 35 | Attribute 4 (NAS-IP-Address) length=6 36 | Value: 127.0.0.1 37 | Attribute 31 (Calling-Station-Id) length=19 38 | Value: 'AA-BB-12-34-56-90' 39 | Attribute 12 (Framed-MTU) length=6 40 | Value: 1400 41 | Attribute 61 (NAS-Port-Type) length=6 42 | Value: 19 43 | Attribute 77 (Connect-Info) length=14 44 | Value: 'Nazdar bazar' 45 | Attribute 79 (EAP-Message) length=109 46 | Value: 02 01 00 6b 19 00 16 03 01 00 60 01 00 00 5c 03 01 44 5a 8a 4e 9a 8e 3d df db bf c3 75 e6 72 72 78 6b ce cb 9d 3c 57 b8 b0 a9 df f7 47 ae 87 85 ef 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00 47 | Attribute 24 (State) length=18 48 | Value: a4 bf b7 cd 3b a5 14 ab b8 a5 b3 54 c6 ef 4d 5f 49 | Attribute 80 (Message-Authenticator) length=18 50 | Value: f4 c7 27 c0 fa 38 62 10 23 c1 b6 98 ae 75 80 71 51 | Received RADIUS message 52 | RADIUS message: code=11 (Access-Challenge) identifier=79 length=1100 53 | Attribute 79 (EAP-Message) length=255 54 | Value: 01 02 04 0a 19 c0 00 00 04 e2 16 03 01 00 4a 02 00 00 46 03 01 44 5a 8a 50 7a e9 b2 de fb 2c 88 4f 3a 7f d7 68 e0 f4 f3 3f 59 d8 d3 17 f1 17 7a bf f3 eb fc 27 20 18 62 83 28 82 0d 00 8d fe fc 9e f5 14 26 a0 5e b5 44 f8 b0 15 9e 4b 93 6e 84 25 f0 34 fa 22 82 00 35 00 16 03 01 04 85 0b 00 04 81 00 04 7e 00 04 7b 30 82 04 77 30 82 03 5f a0 03 02 01 02 02 04 42 b2 f2 d3 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 43 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 30 1e 17 0d 30 35 30 39 32 37 31 32 31 37 34 34 5a 17 0d 30 36 31 30 32 37 31 32 34 37 34 34 5a 30 76 31 12 30 10 06 0a 09 92 26 89 93 f2 55 | Attribute 79 (EAP-Message) length=255 56 | Value: 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 24 30 22 06 03 55 04 0a 13 1b 55 6e 69 76 65 72 73 69 74 79 20 6f 66 20 4a 2e 20 45 2e 20 50 75 72 6b 79 6e 65 31 1f 30 1d 06 03 55 04 03 13 16 70 61 72 61 6c 65 6e 2d 72 61 64 69 75 73 2e 75 6a 65 70 2e 63 7a 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 c3 b6 da f7 4d cd 2c 1b f8 d0 57 dd 2d c3 ed 1a 84 50 04 b4 e8 74 d7 c2 4f 06 60 9b 22 5e 2d 22 08 02 36 99 e1 ae 87 b9 be c1 05 84 85 72 7b 2a c4 b5 a4 47 89 dd 01 cd 01 61 16 64 f3 ae a8 b3 32 4c 0e 80 94 36 50 b3 aa 57 84 16 be 35 f1 66 8a 14 24 9d 4e 6a d3 f6 ad 22 36 ac e3 e0 a0 2c 07 f8 11 34 7e 60 6c 83 33 87 1c d0 87 67 67 f8 12 ec 52 f0 ca 8d 57 | Attribute 79 (EAP-Message) length=255 58 | Value: c6 82 9e 01 a3 a0 ca 54 58 a3 02 03 01 00 01 a3 82 01 c2 30 82 01 be 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 19 06 03 55 1d 20 04 12 30 10 30 0e 06 0c 2b 06 01 04 01 be 79 01 02 02 02 00 30 2d 06 03 55 1d 11 04 26 30 24 81 11 70 6f 6c 69 73 68 40 70 66 2e 75 6a 65 70 2e 63 7a 82 0f 70 61 72 61 6c 65 6e 2e 75 6a 65 70 2e 63 7a 30 82 01 0b 06 03 55 1d 1f 04 82 01 02 30 81 ff 30 5a a0 58 a0 56 a4 54 30 52 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 31 0d 30 0b 06 03 55 04 03 13 04 43 52 4c 31 30 81 a0 a0 81 9d a0 81 9a 86 42 59 | Attribute 79 (EAP-Message) length=255 60 | Value: 68 74 74 70 3a 2f 2f 77 77 77 2e 63 65 73 6e 65 74 2e 63 7a 2f 70 6b 69 2f 63 72 6c 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 2e 63 72 6c 86 54 6c 64 61 70 3a 2f 2f 6c 64 61 70 2e 63 65 73 6e 65 74 2d 63 61 2e 63 7a 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 3f 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 30 1f 06 03 55 1d 23 04 18 30 16 80 14 2f 6c 05 c3 51 26 ac af 39 9c 3e 38 35 dd 52 29 27 80 c5 f5 30 1d 06 03 55 1d 0e 04 16 04 14 41 0b c0 a4 47 4a 03 a5 37 01 ee bb cb cd 3f 58 7d d1 e0 77 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 2e 99 95 02 33 3d c6 26 48 82 ce db 38 78 3b e6 92 61 | Attribute 79 (EAP-Message) length=24 62 | Value: 41 1e 7c f8 a2 2c a6 83 0a 2f 28 72 01 ac a7 b9 84 32 9c 89 85 8b 63 | Attribute 80 (Message-Authenticator) length=18 64 | Value: 46 cc b8 53 78 f4 d6 3f 48 f3 96 eb 7c f6 cc b2 65 | Attribute 24 (State) length=18 66 | Value: c4 6a 41 68 65 b3 52 ee 7c b9 98 2e 69 1d c4 60 67 | polish : oteviram pro cteni i zapis 68 | Copied RADIUS State Attribute 69 | Sending RADIUS message to authentication server 70 | RADIUS message: code=1 (Access-Request) identifier=82 length=124 71 | Attribute 1 (User-Name) length=9 72 | Value: 'account' 73 | Attribute 4 (NAS-IP-Address) length=6 74 | Value: 127.0.0.1 75 | Attribute 31 (Calling-Station-Id) length=19 76 | Value: 'AA-BB-12-34-56-90' 77 | Attribute 12 (Framed-MTU) length=6 78 | Value: 1400 79 | Attribute 61 (NAS-Port-Type) length=6 80 | Value: 19 81 | Attribute 77 (Connect-Info) length=14 82 | Value: 'Nazdar bazar' 83 | Attribute 79 (EAP-Message) length=8 84 | Value: 02 02 00 06 19 00 85 | Attribute 24 (State) length=18 86 | Value: c4 6a 41 68 65 b3 52 ee 7c b9 98 2e 69 1d c4 60 87 | Attribute 80 (Message-Authenticator) length=18 88 | Value: 97 b2 c7 84 3c 87 28 1e 66 10 d9 e6 56 c9 6b 37 89 | Received RADIUS message 90 | RADIUS message: code=11 (Access-Challenge) identifier=82 length=290 91 | Attribute 79 (EAP-Message) length=234 92 | Value: 01 03 00 e8 19 00 38 c4 ae 80 90 36 ee 2a f8 87 4c 81 b8 62 ef 74 27 20 c8 ac 4b 19 3f 06 45 c9 88 cc 55 ba 0b b5 8e 9c 44 d5 f1 46 31 48 9b 07 51 b0 51 33 0d e8 b8 3f cc 8c 75 a7 18 e0 d3 ac 1a 23 fb ac 2f fe 4c 9a ba ff 8b df fc 05 d3 f9 29 99 a1 9d f3 9b 53 4a 5a b5 51 87 14 08 48 4e 97 21 3b 54 50 a3 92 60 2a 65 6b af b2 a9 68 0c c5 31 da 38 f7 82 53 5b 1f e9 8d 41 99 0d 6c ed 8f 8f c6 10 ef 26 f3 c4 70 26 e6 03 96 42 cf fd d3 8c 1b f7 b6 14 a8 44 58 8b 1e 54 f5 30 e0 21 22 62 4c e7 f1 83 fb f3 13 67 77 c8 dc a3 9c ea d4 aa 94 dd f8 38 46 74 c6 76 bf e9 05 69 03 bc 5c 36 06 09 b3 db 20 63 e5 c9 27 b7 8a 84 fe c4 24 43 0d 61 2c 47 2b 3f 9c 75 0a 98 d9 6a 83 16 03 01 00 04 0e 00 00 00 93 | Attribute 80 (Message-Authenticator) length=18 94 | Value: 89 81 6f 55 89 7f 33 3b 82 3d d4 27 21 ff 6b e0 95 | Attribute 24 (State) length=18 96 | Value: 12 3f d9 df fb 19 6f 12 9e 99 ec 7e a4 53 42 67 97 | polish : oteviram pro cteni i zapis 98 | Copied RADIUS State Attribute 99 | Sending RADIUS message to authentication server 100 | RADIUS message: code=1 (Access-Request) identifier=83 length=322 101 | Attribute 1 (User-Name) length=9 102 | Value: 'account' 103 | Attribute 4 (NAS-IP-Address) length=6 104 | Value: 127.0.0.1 105 | Attribute 31 (Calling-Station-Id) length=19 106 | Value: 'AA-BB-12-34-56-90' 107 | Attribute 12 (Framed-MTU) length=6 108 | Value: 1400 109 | Attribute 61 (NAS-Port-Type) length=6 110 | Value: 19 111 | Attribute 77 (Connect-Info) length=14 112 | Value: 'Nazdar bazar' 113 | Attribute 79 (EAP-Message) length=206 114 | Value: 02 03 00 cc 19 00 16 03 01 00 86 10 00 00 82 00 80 93 8d b2 ee 80 0d a4 76 aa 71 5a 61 8d fe 17 f4 c2 a7 8f bb 18 e5 99 f8 ad 12 b8 28 82 ce 87 1b 37 00 7b a2 92 00 a9 0f 1b e3 c4 5d b3 db 3a 09 83 d9 c2 b1 fc e9 d9 37 db a0 e3 a9 f1 7c 6f 49 da 08 ab e6 54 74 c4 e7 6c 68 7f 85 dc 09 d9 9f 6b 45 28 a1 af d6 86 70 b1 08 0e c9 ee 8b b1 c0 1b b3 ed 6b 43 3c 05 61 54 fa bd a3 f0 d2 de 61 d2 95 78 96 8c 25 ab e2 2b 7c eb 38 95 2b ca a1 14 03 01 00 01 01 16 03 01 00 30 59 34 92 ff 06 0f b9 dc c2 22 ec 34 3b cb 20 c3 52 fc 87 5d 8e 60 1a 85 8b 82 28 8e a6 dc 1c 6a 20 d4 41 45 f5 5b cf 2c 02 ea 89 50 1b 73 d8 97 115 | Attribute 24 (State) length=18 116 | Value: 12 3f d9 df fb 19 6f 12 9e 99 ec 7e a4 53 42 67 117 | Attribute 80 (Message-Authenticator) length=18 118 | Value: 68 de bc f6 67 80 bf 88 64 3c 5e 43 15 96 dd d7 119 | Received RADIUS message 120 | RADIUS message: code=11 (Access-Challenge) identifier=83 length=123 121 | Attribute 79 (EAP-Message) length=67 122 | Value: 01 04 00 41 19 00 14 03 01 00 01 01 16 03 01 00 30 2b a9 13 44 ba 95 91 6e 8d 28 ce 3d 9f 7c 59 cb ed ef c8 50 df cb cf 40 3b 59 12 46 f2 00 d6 96 78 a4 b5 29 34 a3 17 82 0c 95 3e 15 04 92 38 27 123 | Attribute 80 (Message-Authenticator) length=18 124 | Value: ca 93 f5 5c f3 63 2f 40 b2 96 79 28 d5 fa 1e a0 125 | Attribute 24 (State) length=18 126 | Value: 5b c9 88 4d f7 c1 84 00 cb fe 70 08 c6 9f 35 27 127 | polish : oteviram pro cteni i zapis 128 | Copied RADIUS State Attribute 129 | Sending RADIUS message to authentication server 130 | RADIUS message: code=1 (Access-Request) identifier=86 length=124 131 | Attribute 1 (User-Name) length=9 132 | Value: 'account' 133 | Attribute 4 (NAS-IP-Address) length=6 134 | Value: 127.0.0.1 135 | Attribute 31 (Calling-Station-Id) length=19 136 | Value: 'AA-BB-12-34-56-90' 137 | Attribute 12 (Framed-MTU) length=6 138 | Value: 1400 139 | Attribute 61 (NAS-Port-Type) length=6 140 | Value: 19 141 | Attribute 77 (Connect-Info) length=14 142 | Value: 'Nazdar bazar' 143 | Attribute 79 (EAP-Message) length=8 144 | Value: 02 04 00 06 19 00 145 | Attribute 24 (State) length=18 146 | Value: 5b c9 88 4d f7 c1 84 00 cb fe 70 08 c6 9f 35 27 147 | Attribute 80 (Message-Authenticator) length=18 148 | Value: 0f 6d 9a 05 2b 1f e1 f1 85 5f 0a f6 b9 a0 9f 24 149 | Received RADIUS message 150 | RADIUS message: code=11 (Access-Challenge) identifier=86 length=138 151 | Attribute 79 (EAP-Message) length=82 152 | Value: 01 05 00 50 19 00 17 03 01 00 20 dc c2 d6 57 92 6e 5d 10 36 c4 63 1e a9 a3 26 0c 6d a4 79 b4 cf 73 7a 9b e3 9b 0b a5 f9 5c 9e 81 17 03 01 00 20 0b ce 90 2c c5 51 1f b3 0c 8f a5 ff ad ba ad 65 29 dd a5 95 6e a2 30 bd 3e 95 69 c8 8a 9c d2 98 153 | Attribute 80 (Message-Authenticator) length=18 154 | Value: 1c 1c a9 2a 42 4e d5 f5 70 3a d1 16 90 66 1e fc 155 | Attribute 24 (State) length=18 156 | Value: d6 28 58 4b 23 6f 43 a9 21 0c 30 a6 75 ab e3 cc 157 | polish : oteviram pro cteni i zapis 158 | Copied RADIUS State Attribute 159 | Sending RADIUS message to authentication server 160 | RADIUS message: code=1 (Access-Request) identifier=87 length=198 161 | Attribute 1 (User-Name) length=9 162 | Value: 'account' 163 | Attribute 4 (NAS-IP-Address) length=6 164 | Value: 127.0.0.1 165 | Attribute 31 (Calling-Station-Id) length=19 166 | Value: 'AA-BB-12-34-56-90' 167 | Attribute 12 (Framed-MTU) length=6 168 | Value: 1400 169 | Attribute 61 (NAS-Port-Type) length=6 170 | Value: 19 171 | Attribute 77 (Connect-Info) length=14 172 | Value: 'Nazdar bazar' 173 | Attribute 79 (EAP-Message) length=82 174 | Value: 02 05 00 50 19 00 17 03 01 00 20 b7 ca 8a c0 9a c5 93 78 d3 c9 cb bb cd a7 65 32 fd 02 40 8b 91 8c de 23 31 3e 31 4b df 5a 9c e5 17 03 01 00 20 be 32 37 67 9a 76 5f ea 24 5e 2c ba c7 09 88 be 9d 3e b5 43 b3 5c c4 86 ef 5f 27 28 62 42 37 b9 175 | Attribute 24 (State) length=18 176 | Value: d6 28 58 4b 23 6f 43 a9 21 0c 30 a6 75 ab e3 cc 177 | Attribute 80 (Message-Authenticator) length=18 178 | Value: 50 9d 4e f8 4a 65 96 97 99 d2 58 dc a5 34 da 87 179 | Received RADIUS message 180 | RADIUS message: code=11 (Access-Challenge) identifier=87 length=170 181 | Attribute 79 (EAP-Message) length=114 182 | Value: 01 06 00 70 19 00 17 03 01 00 20 ec 19 07 69 4a a2 ed 8d ec 72 6c 8e 93 7a c2 3c 4e 6e dc 19 34 62 8e d4 47 f1 90 4e 35 6c 5c 62 17 03 01 00 40 3f c6 75 a2 9f 98 46 e7 1c 54 98 6c 33 c5 37 37 32 d7 27 6e c3 51 64 34 8a e8 95 f0 30 a4 59 96 7a 7c b4 3c 96 d4 c9 ab 30 09 49 60 1c b4 85 aa be 56 40 ae 4e d3 2f 67 ff ff 53 cc d9 e5 eb 33 183 | Attribute 80 (Message-Authenticator) length=18 184 | Value: c1 d5 68 5b 1d 43 ab 47 c7 60 68 49 88 ba 68 de 185 | Attribute 24 (State) length=18 186 | Value: 88 19 5c 23 33 98 28 5a 74 35 ea 4a 1b 4f 08 bf 187 | polish : oteviram pro cteni i zapis 188 | Copied RADIUS State Attribute 189 | Sending RADIUS message to authentication server 190 | RADIUS message: code=1 (Access-Request) identifier=88 length=262 191 | Attribute 1 (User-Name) length=9 192 | Value: 'account' 193 | Attribute 4 (NAS-IP-Address) length=6 194 | Value: 127.0.0.1 195 | Attribute 31 (Calling-Station-Id) length=19 196 | Value: 'AA-BB-12-34-56-90' 197 | Attribute 12 (Framed-MTU) length=6 198 | Value: 1400 199 | Attribute 61 (NAS-Port-Type) length=6 200 | Value: 19 201 | Attribute 77 (Connect-Info) length=14 202 | Value: 'Nazdar bazar' 203 | Attribute 79 (EAP-Message) length=146 204 | Value: 02 06 00 90 19 00 17 03 01 00 20 82 95 9c be c9 0d 91 01 20 87 fc 2c 60 2c 04 16 f5 31 2d c6 f0 f8 28 bf 6d 94 f2 99 15 46 d0 de 17 03 01 00 60 ca 6a d1 76 55 d8 00 94 6d a7 70 ff c6 aa df 62 b1 3a 6f 3f f9 62 39 c5 80 5a 09 01 ad 36 84 5f fe 26 6b 98 c1 33 b1 54 ea 48 c5 ab 44 d1 cf 34 98 d7 fe be c0 8f 2f 96 07 85 83 d7 f3 ee 8a 12 55 b0 9d af b2 29 5e 7f 6a c3 2b d1 f1 60 a5 12 47 a2 9a 66 16 b2 73 45 c6 42 4a 67 3b e3 73 29 205 | Attribute 24 (State) length=18 206 | Value: 88 19 5c 23 33 98 28 5a 74 35 ea 4a 1b 4f 08 bf 207 | Attribute 80 (Message-Authenticator) length=18 208 | Value: 29 3a ac 7f 1e 75 3c 35 99 3e b8 e6 03 59 a6 77 209 | Received RADIUS message 210 | RADIUS message: code=11 (Access-Challenge) identifier=88 length=186 211 | Attribute 79 (EAP-Message) length=130 212 | Value: 01 07 00 80 19 00 17 03 01 00 20 3c e2 78 df 7f 61 43 a3 7c 16 6a 78 ba dc ff 51 68 8a c8 a0 fb 2d e3 51 4d 20 93 6a bb 9f fd c1 17 03 01 00 50 0e 8d 20 e5 d8 a1 ad d4 eb 36 c7 77 4c 5c c7 f9 77 5d ef 0d ae 4d 98 9a d0 5c f1 5e 4e e8 43 62 95 d3 1d a0 29 1a 1d 1a 16 34 78 ea b5 cb f1 78 46 70 be 19 10 13 60 80 8d da bd b5 ea 0c f3 b2 3c 59 37 e8 c8 f3 82 f4 7f 43 15 28 c0 f5 fc b0 213 | Attribute 80 (Message-Authenticator) length=18 214 | Value: ba 96 96 5f 7c 3a 0c d4 c0 5d f0 91 aa 72 02 f6 215 | Attribute 24 (State) length=18 216 | Value: 5e cc 8c 8a be 39 ea 4a 68 d0 70 68 b4 d6 5b 7f 217 | polish : oteviram pro cteni i zapis 218 | Copied RADIUS State Attribute 219 | Sending RADIUS message to authentication server 220 | RADIUS message: code=1 (Access-Request) identifier=90 length=198 221 | Attribute 1 (User-Name) length=9 222 | Value: 'account' 223 | Attribute 4 (NAS-IP-Address) length=6 224 | Value: 127.0.0.1 225 | Attribute 31 (Calling-Station-Id) length=19 226 | Value: 'AA-BB-12-34-56-90' 227 | Attribute 12 (Framed-MTU) length=6 228 | Value: 1400 229 | Attribute 61 (NAS-Port-Type) length=6 230 | Value: 19 231 | Attribute 77 (Connect-Info) length=14 232 | Value: 'Nazdar bazar' 233 | Attribute 79 (EAP-Message) length=82 234 | Value: 02 07 00 50 19 00 17 03 01 00 20 9a 45 1b 2e fc 31 06 0f d8 bb 44 bf ff 76 de 5e b6 3a 1e b5 5f d3 d8 55 2e 98 06 a6 cf 36 f4 fc 17 03 01 00 20 54 99 12 3f c6 c4 7d 12 cf df e4 2c 95 f6 6f 4d e3 6a 97 13 89 ce 9e ca e8 b8 a9 a5 42 a2 b2 bd 235 | Attribute 24 (State) length=18 236 | Value: 5e cc 8c 8a be 39 ea 4a 68 d0 70 68 b4 d6 5b 7f 237 | Attribute 80 (Message-Authenticator) length=18 238 | Value: ef 5d 9f 93 2d ce a6 2e ba ce a2 20 d1 f4 5d e3 239 | Received RADIUS message 240 | RADIUS message: code=11 (Access-Challenge) identifier=90 length=138 241 | Attribute 79 (EAP-Message) length=82 242 | Value: 01 08 00 50 19 00 17 03 01 00 20 ed 96 fc dd 3f 3e 70 7c b7 a2 67 9a c3 64 48 f7 3d 87 fc e4 ba 32 72 f4 ec f3 11 af 26 86 95 28 17 03 01 00 20 54 55 8c 93 35 fb 16 57 17 4a 3d af 47 71 71 b2 96 2b 21 52 ad 30 e1 10 05 0d fe fe e7 e1 ab b5 243 | Attribute 80 (Message-Authenticator) length=18 244 | Value: 55 cf 25 9a 32 ea 79 a5 ab 54 cd ba 64 47 f3 3b 245 | Attribute 24 (State) length=18 246 | Value: 57 4d 90 4e 0a 2c c3 1a b8 68 2d bb 38 fa 87 87 247 | polish : oteviram pro cteni i zapis 248 | Copied RADIUS State Attribute 249 | Sending RADIUS message to authentication server 250 | RADIUS message: code=1 (Access-Request) identifier=91 length=198 251 | Attribute 1 (User-Name) length=9 252 | Value: 'account' 253 | Attribute 4 (NAS-IP-Address) length=6 254 | Value: 127.0.0.1 255 | Attribute 31 (Calling-Station-Id) length=19 256 | Value: 'AA-BB-12-34-56-90' 257 | Attribute 12 (Framed-MTU) length=6 258 | Value: 1400 259 | Attribute 61 (NAS-Port-Type) length=6 260 | Value: 19 261 | Attribute 77 (Connect-Info) length=14 262 | Value: 'Nazdar bazar' 263 | Attribute 79 (EAP-Message) length=82 264 | Value: 02 08 00 50 19 00 17 03 01 00 20 38 28 0e 0c e6 44 88 fe 75 4e 33 75 ab 54 b8 63 7c d3 df 19 36 3a e3 aa 10 8f 36 fe ae ba b1 5b 17 03 01 00 20 92 24 6e 2a 7c 13 79 b4 db 86 b9 2c b0 81 3b 8c 83 cd 5f c7 02 82 d5 7a d8 ad ef e2 35 df 24 77 265 | Attribute 24 (State) length=18 266 | Value: 57 4d 90 4e 0a 2c c3 1a b8 68 2d bb 38 fa 87 87 267 | Attribute 80 (Message-Authenticator) length=18 268 | Value: fd 98 03 cf 9a 87 c5 18 e9 b2 db 28 bb 4d fe 21 269 | Received RADIUS message 270 | RADIUS message: code=2 (Access-Accept) identifier=91 length=169 271 | Attribute 26 (Vendor-Specific) length=58 272 | Value: 00 00 01 37 11 34 c3 c3 d3 9f e7 28 b9 ef 04 36 90 5a c2 60 bd 45 4c d2 7b fb 23 78 55 ae d8 1c 4f e5 eb d6 f5 e3 e0 b4 fb 22 39 9d 33 e4 32 ea b9 9a b5 20 1b 41 05 89 273 | Attribute 26 (Vendor-Specific) length=58 274 | Value: 00 00 01 37 10 34 cd 63 4a 2d f2 d9 b1 72 3b 23 3d 0e 52 3f 0c 13 83 ae a0 57 b2 fc d3 d7 56 a6 36 c4 cb 29 7f 73 9c c4 61 6f 55 82 b8 af 37 54 c7 5a 7b 46 20 39 ee 8f 275 | Attribute 79 (EAP-Message) length=6 276 | Value: 03 08 00 04 277 | Attribute 80 (Message-Authenticator) length=18 278 | Value: 20 a8 18 1c 58 a8 90 70 0c c1 ef de b2 df df 4c 279 | Attribute 1 (User-Name) length=9 280 | Value: 'account' 281 | -------------------------------------------------------------------------------- /examples_internal/con4: -------------------------------------------------------------------------------- 1 | access-accept; 0 2 | polish : oteviram pro cteni i zapis 3 | Sending RADIUS message to authentication server 4 | RADIUS message: code=1 (Access-Request) identifier=80 length=112 5 | Attribute 1 (User-Name) length=9 6 | Value: 'account' 7 | Attribute 4 (NAS-IP-Address) length=6 8 | Value: 127.0.0.1 9 | Attribute 31 (Calling-Station-Id) length=19 10 | Value: 'AA-BB-12-34-56-90' 11 | Attribute 12 (Framed-MTU) length=6 12 | Value: 1400 13 | Attribute 61 (NAS-Port-Type) length=6 14 | Value: 19 15 | Attribute 77 (Connect-Info) length=14 16 | Value: 'Nazdar bazar' 17 | Attribute 79 (EAP-Message) length=14 18 | Value: 02 00 00 0c 01 61 63 63 6f 75 6e 74 19 | Attribute 80 (Message-Authenticator) length=18 20 | Value: 57 19 da bb fa cc 28 38 0c 3b 42 00 37 ef 75 45 21 | Received RADIUS message 22 | RADIUS message: code=11 (Access-Challenge) identifier=80 length=64 23 | Attribute 79 (EAP-Message) length=8 24 | Value: 01 01 00 06 19 20 25 | Attribute 80 (Message-Authenticator) length=18 26 | Value: cc 66 7d c6 c0 23 73 84 45 0a 63 3d 95 2c cc b2 27 | Attribute 24 (State) length=18 28 | Value: 27 af b9 15 bd 5f 76 19 ee 9e 1c b4 b9 b6 e7 4d 29 | polish : oteviram pro cteni i zapis 30 | Copied RADIUS State Attribute 31 | Sending RADIUS message to authentication server 32 | RADIUS message: code=1 (Access-Request) identifier=85 length=225 33 | Attribute 1 (User-Name) length=9 34 | Value: 'account' 35 | Attribute 4 (NAS-IP-Address) length=6 36 | Value: 127.0.0.1 37 | Attribute 31 (Calling-Station-Id) length=19 38 | Value: 'AA-BB-12-34-56-90' 39 | Attribute 12 (Framed-MTU) length=6 40 | Value: 1400 41 | Attribute 61 (NAS-Port-Type) length=6 42 | Value: 19 43 | Attribute 77 (Connect-Info) length=14 44 | Value: 'Nazdar bazar' 45 | Attribute 79 (EAP-Message) length=109 46 | Value: 02 01 00 6b 19 00 16 03 01 00 60 01 00 00 5c 03 01 44 5a 8a 4e af 76 a2 cd 7b fc 17 78 d7 e2 9c 2a 98 9b a1 97 d8 d6 97 b1 ad 12 c7 be c3 7e 4f 58 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00 47 | Attribute 24 (State) length=18 48 | Value: 27 af b9 15 bd 5f 76 19 ee 9e 1c b4 b9 b6 e7 4d 49 | Attribute 80 (Message-Authenticator) length=18 50 | Value: 8b 9b 2a 97 c3 ad 14 88 15 69 21 51 e4 df ce 0a 51 | Received RADIUS message 52 | RADIUS message: code=11 (Access-Challenge) identifier=85 length=1100 53 | Attribute 79 (EAP-Message) length=255 54 | Value: 01 02 04 0a 19 c0 00 00 04 e2 16 03 01 00 4a 02 00 00 46 03 01 44 5a 8a 50 9f 99 e1 11 81 a8 88 89 48 a9 04 82 be f0 f8 7f ab 69 ea c1 f0 42 78 69 e7 4f e8 67 20 cf 5b 13 84 1e 3a 98 09 4e c2 bd b8 f4 42 61 79 73 bb 8e 7e a5 a3 17 11 0b c9 0b e1 ea e2 3c 54 00 35 00 16 03 01 04 85 0b 00 04 81 00 04 7e 00 04 7b 30 82 04 77 30 82 03 5f a0 03 02 01 02 02 04 42 b2 f2 d3 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 43 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 30 1e 17 0d 30 35 30 39 32 37 31 32 31 37 34 34 5a 17 0d 30 36 31 30 32 37 31 32 34 37 34 34 5a 30 76 31 12 30 10 06 0a 09 92 26 89 93 f2 55 | Attribute 79 (EAP-Message) length=255 56 | Value: 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 24 30 22 06 03 55 04 0a 13 1b 55 6e 69 76 65 72 73 69 74 79 20 6f 66 20 4a 2e 20 45 2e 20 50 75 72 6b 79 6e 65 31 1f 30 1d 06 03 55 04 03 13 16 70 61 72 61 6c 65 6e 2d 72 61 64 69 75 73 2e 75 6a 65 70 2e 63 7a 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 c3 b6 da f7 4d cd 2c 1b f8 d0 57 dd 2d c3 ed 1a 84 50 04 b4 e8 74 d7 c2 4f 06 60 9b 22 5e 2d 22 08 02 36 99 e1 ae 87 b9 be c1 05 84 85 72 7b 2a c4 b5 a4 47 89 dd 01 cd 01 61 16 64 f3 ae a8 b3 32 4c 0e 80 94 36 50 b3 aa 57 84 16 be 35 f1 66 8a 14 24 9d 4e 6a d3 f6 ad 22 36 ac e3 e0 a0 2c 07 f8 11 34 7e 60 6c 83 33 87 1c d0 87 67 67 f8 12 ec 52 f0 ca 8d 57 | Attribute 79 (EAP-Message) length=255 58 | Value: c6 82 9e 01 a3 a0 ca 54 58 a3 02 03 01 00 01 a3 82 01 c2 30 82 01 be 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 19 06 03 55 1d 20 04 12 30 10 30 0e 06 0c 2b 06 01 04 01 be 79 01 02 02 02 00 30 2d 06 03 55 1d 11 04 26 30 24 81 11 70 6f 6c 69 73 68 40 70 66 2e 75 6a 65 70 2e 63 7a 82 0f 70 61 72 61 6c 65 6e 2e 75 6a 65 70 2e 63 7a 30 82 01 0b 06 03 55 1d 1f 04 82 01 02 30 81 ff 30 5a a0 58 a0 56 a4 54 30 52 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 31 0d 30 0b 06 03 55 04 03 13 04 43 52 4c 31 30 81 a0 a0 81 9d a0 81 9a 86 42 59 | Attribute 79 (EAP-Message) length=255 60 | Value: 68 74 74 70 3a 2f 2f 77 77 77 2e 63 65 73 6e 65 74 2e 63 7a 2f 70 6b 69 2f 63 72 6c 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 2e 63 72 6c 86 54 6c 64 61 70 3a 2f 2f 6c 64 61 70 2e 63 65 73 6e 65 74 2d 63 61 2e 63 7a 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 3f 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 30 1f 06 03 55 1d 23 04 18 30 16 80 14 2f 6c 05 c3 51 26 ac af 39 9c 3e 38 35 dd 52 29 27 80 c5 f5 30 1d 06 03 55 1d 0e 04 16 04 14 41 0b c0 a4 47 4a 03 a5 37 01 ee bb cb cd 3f 58 7d d1 e0 77 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 2e 99 95 02 33 3d c6 26 48 82 ce db 38 78 3b e6 92 61 | Attribute 79 (EAP-Message) length=24 62 | Value: 41 1e 7c f8 a2 2c a6 83 0a 2f 28 72 01 ac a7 b9 84 32 9c 89 85 8b 63 | Attribute 80 (Message-Authenticator) length=18 64 | Value: b3 6c 27 9d 5d 5d 22 16 2d a3 5c 41 ac 9d 28 6e 65 | Attribute 24 (State) length=18 66 | Value: fd b1 e4 45 ad f3 25 1d 27 08 38 38 63 d7 b3 41 67 | polish : oteviram pro cteni i zapis 68 | Copied RADIUS State Attribute 69 | Sending RADIUS message to authentication server 70 | RADIUS message: code=1 (Access-Request) identifier=92 length=124 71 | Attribute 1 (User-Name) length=9 72 | Value: 'account' 73 | Attribute 4 (NAS-IP-Address) length=6 74 | Value: 127.0.0.1 75 | Attribute 31 (Calling-Station-Id) length=19 76 | Value: 'AA-BB-12-34-56-90' 77 | Attribute 12 (Framed-MTU) length=6 78 | Value: 1400 79 | Attribute 61 (NAS-Port-Type) length=6 80 | Value: 19 81 | Attribute 77 (Connect-Info) length=14 82 | Value: 'Nazdar bazar' 83 | Attribute 79 (EAP-Message) length=8 84 | Value: 02 02 00 06 19 00 85 | Attribute 24 (State) length=18 86 | Value: fd b1 e4 45 ad f3 25 1d 27 08 38 38 63 d7 b3 41 87 | Attribute 80 (Message-Authenticator) length=18 88 | Value: f3 78 99 6a 39 a2 fe 90 8f 73 80 75 6d d2 04 71 89 | Received RADIUS message 90 | RADIUS message: code=11 (Access-Challenge) identifier=92 length=290 91 | Attribute 79 (EAP-Message) length=234 92 | Value: 01 03 00 e8 19 00 38 c4 ae 80 90 36 ee 2a f8 87 4c 81 b8 62 ef 74 27 20 c8 ac 4b 19 3f 06 45 c9 88 cc 55 ba 0b b5 8e 9c 44 d5 f1 46 31 48 9b 07 51 b0 51 33 0d e8 b8 3f cc 8c 75 a7 18 e0 d3 ac 1a 23 fb ac 2f fe 4c 9a ba ff 8b df fc 05 d3 f9 29 99 a1 9d f3 9b 53 4a 5a b5 51 87 14 08 48 4e 97 21 3b 54 50 a3 92 60 2a 65 6b af b2 a9 68 0c c5 31 da 38 f7 82 53 5b 1f e9 8d 41 99 0d 6c ed 8f 8f c6 10 ef 26 f3 c4 70 26 e6 03 96 42 cf fd d3 8c 1b f7 b6 14 a8 44 58 8b 1e 54 f5 30 e0 21 22 62 4c e7 f1 83 fb f3 13 67 77 c8 dc a3 9c ea d4 aa 94 dd f8 38 46 74 c6 76 bf e9 05 69 03 bc 5c 36 06 09 b3 db 20 63 e5 c9 27 b7 8a 84 fe c4 24 43 0d 61 2c 47 2b 3f 9c 75 0a 98 d9 6a 83 16 03 01 00 04 0e 00 00 00 93 | Attribute 80 (Message-Authenticator) length=18 94 | Value: 93 48 e0 eb fa 43 46 b1 1b 8c a2 02 3c b2 d8 46 95 | Attribute 24 (State) length=18 96 | Value: a0 5d c7 05 6a 84 6a ff 93 22 af 6f 67 ec 27 02 97 | polish : oteviram pro cteni i zapis 98 | Copied RADIUS State Attribute 99 | Sending RADIUS message to authentication server 100 | RADIUS message: code=1 (Access-Request) identifier=93 length=322 101 | Attribute 1 (User-Name) length=9 102 | Value: 'account' 103 | Attribute 4 (NAS-IP-Address) length=6 104 | Value: 127.0.0.1 105 | Attribute 31 (Calling-Station-Id) length=19 106 | Value: 'AA-BB-12-34-56-90' 107 | Attribute 12 (Framed-MTU) length=6 108 | Value: 1400 109 | Attribute 61 (NAS-Port-Type) length=6 110 | Value: 19 111 | Attribute 77 (Connect-Info) length=14 112 | Value: 'Nazdar bazar' 113 | Attribute 79 (EAP-Message) length=206 114 | Value: 02 03 00 cc 19 00 16 03 01 00 86 10 00 00 82 00 80 0d 9d 9c b6 b3 24 b8 f5 ca bd 80 cc f3 16 24 ce 94 ff 1d c6 2d 83 80 3f ed 08 61 ad 44 14 06 91 c4 43 fc 1d 4d 19 df e6 43 51 9a 54 db 89 40 f8 35 33 a6 81 0b 56 cc a8 54 87 2b a3 8a 66 2b 57 70 b6 98 1f ff d5 7f 61 06 43 77 91 e1 32 a4 f8 17 62 73 23 2c ca d2 87 df 3d 94 4e 6e 5d 8a 30 e6 11 96 98 f9 66 5e f3 7e 12 d5 96 28 dc ef 54 42 1b 83 84 59 8d e3 52 a9 1e b4 87 80 0a ee 21 14 03 01 00 01 01 16 03 01 00 30 be 0c 1c 5b 76 26 4d 94 b4 40 ba b2 fc e9 61 ba 4f 29 b0 73 6e a8 1b 69 e4 3d 1d 10 77 18 9d 52 a8 07 c9 5d 38 eb c2 f3 b8 d8 ff a6 bf 2b 02 7c 115 | Attribute 24 (State) length=18 116 | Value: a0 5d c7 05 6a 84 6a ff 93 22 af 6f 67 ec 27 02 117 | Attribute 80 (Message-Authenticator) length=18 118 | Value: e8 50 ee fd e4 df a1 e7 d1 13 76 64 28 77 b2 ed 119 | Received RADIUS message 120 | RADIUS message: code=11 (Access-Challenge) identifier=93 length=123 121 | Attribute 79 (EAP-Message) length=67 122 | Value: 01 04 00 41 19 00 14 03 01 00 01 01 16 03 01 00 30 4e ac 90 31 16 fb 63 9e 85 10 b8 3e 84 18 9c ae 26 41 17 ba ef b4 54 72 71 ef 43 e2 fb 12 d3 f5 44 bf c9 7d 6f 44 2d 5c 72 a3 aa ec 1a bf 46 ef 123 | Attribute 80 (Message-Authenticator) length=18 124 | Value: fc 1c c8 d1 68 94 ef 79 3c 54 99 57 09 8b a3 c7 125 | Attribute 24 (State) length=18 126 | Value: ad 22 7e 68 19 00 a7 26 03 69 bb 19 b7 35 40 a1 127 | polish : oteviram pro cteni i zapis 128 | Copied RADIUS State Attribute 129 | Sending RADIUS message to authentication server 130 | RADIUS message: code=1 (Access-Request) identifier=95 length=124 131 | Attribute 1 (User-Name) length=9 132 | Value: 'account' 133 | Attribute 4 (NAS-IP-Address) length=6 134 | Value: 127.0.0.1 135 | Attribute 31 (Calling-Station-Id) length=19 136 | Value: 'AA-BB-12-34-56-90' 137 | Attribute 12 (Framed-MTU) length=6 138 | Value: 1400 139 | Attribute 61 (NAS-Port-Type) length=6 140 | Value: 19 141 | Attribute 77 (Connect-Info) length=14 142 | Value: 'Nazdar bazar' 143 | Attribute 79 (EAP-Message) length=8 144 | Value: 02 04 00 06 19 00 145 | Attribute 24 (State) length=18 146 | Value: ad 22 7e 68 19 00 a7 26 03 69 bb 19 b7 35 40 a1 147 | Attribute 80 (Message-Authenticator) length=18 148 | Value: 5f 26 a6 43 9c 56 19 db 00 13 a5 e4 7e a3 a6 25 149 | Received RADIUS message 150 | RADIUS message: code=11 (Access-Challenge) identifier=95 length=138 151 | Attribute 79 (EAP-Message) length=82 152 | Value: 01 05 00 50 19 00 17 03 01 00 20 1a f2 11 77 52 61 ce 23 1e 1a 62 28 37 c9 36 30 a4 8f 43 e5 20 c4 2b 52 be c6 16 96 c7 e5 e9 9a 17 03 01 00 20 80 ed 24 fc 93 98 0e 33 57 f8 d3 10 01 62 ad 6f b2 bb 8c 19 60 f6 25 69 01 d5 40 ef f6 34 e2 de 153 | Attribute 80 (Message-Authenticator) length=18 154 | Value: 6f bb 31 fa 64 26 20 2c c2 3b da 3a 84 d1 48 4c 155 | Attribute 24 (State) length=18 156 | Value: 2f 8a 7c 16 de 5b d7 01 a8 c6 e5 59 b3 67 f7 77 157 | polish : oteviram pro cteni i zapis 158 | Copied RADIUS State Attribute 159 | Sending RADIUS message to authentication server 160 | RADIUS message: code=1 (Access-Request) identifier=96 length=198 161 | Attribute 1 (User-Name) length=9 162 | Value: 'account' 163 | Attribute 4 (NAS-IP-Address) length=6 164 | Value: 127.0.0.1 165 | Attribute 31 (Calling-Station-Id) length=19 166 | Value: 'AA-BB-12-34-56-90' 167 | Attribute 12 (Framed-MTU) length=6 168 | Value: 1400 169 | Attribute 61 (NAS-Port-Type) length=6 170 | Value: 19 171 | Attribute 77 (Connect-Info) length=14 172 | Value: 'Nazdar bazar' 173 | Attribute 79 (EAP-Message) length=82 174 | Value: 02 05 00 50 19 00 17 03 01 00 20 46 11 18 ba 37 82 fb 02 77 cb 78 03 e2 c1 c7 d9 b9 b6 50 e4 42 0d 43 af ef ec f7 18 ee 6e 40 ff 17 03 01 00 20 37 62 a1 55 1c 9b 31 44 90 07 3b 18 fb e5 6c 2f 64 cd 23 99 51 c2 f8 09 c0 e6 7b bd 39 e6 c5 50 175 | Attribute 24 (State) length=18 176 | Value: 2f 8a 7c 16 de 5b d7 01 a8 c6 e5 59 b3 67 f7 77 177 | Attribute 80 (Message-Authenticator) length=18 178 | Value: 1b a7 1d 5a 52 a7 39 eb 6d 24 2b 1c 0d 6b 6c 29 179 | Received RADIUS message 180 | RADIUS message: code=11 (Access-Challenge) identifier=96 length=170 181 | Attribute 79 (EAP-Message) length=114 182 | Value: 01 06 00 70 19 00 17 03 01 00 20 db 4c 28 80 c3 48 4b be d0 93 12 a2 f2 e1 0b 06 3d 6a 1c e1 70 d5 e0 5c 89 41 09 ec 81 c6 4e 23 17 03 01 00 40 5c 2a e2 71 26 77 bf 31 49 51 5a 66 05 2f 51 67 3f 61 e8 99 2b af a6 9e 1c be 7f aa 8f 1a 07 35 bd bc 3b 8b 59 0e f3 65 33 7c b8 01 ee 73 e6 22 94 cb b0 13 08 05 11 57 64 12 57 42 b4 7a 7d 2f 183 | Attribute 80 (Message-Authenticator) length=18 184 | Value: 48 40 57 28 bc 62 65 e3 85 03 b0 ae de 49 0f 43 185 | Attribute 24 (State) length=18 186 | Value: 30 5c f3 c3 59 da 4e 43 24 d7 e4 28 54 c1 42 79 187 | polish : oteviram pro cteni i zapis 188 | Copied RADIUS State Attribute 189 | Sending RADIUS message to authentication server 190 | RADIUS message: code=1 (Access-Request) identifier=98 length=262 191 | Attribute 1 (User-Name) length=9 192 | Value: 'account' 193 | Attribute 4 (NAS-IP-Address) length=6 194 | Value: 127.0.0.1 195 | Attribute 31 (Calling-Station-Id) length=19 196 | Value: 'AA-BB-12-34-56-90' 197 | Attribute 12 (Framed-MTU) length=6 198 | Value: 1400 199 | Attribute 61 (NAS-Port-Type) length=6 200 | Value: 19 201 | Attribute 77 (Connect-Info) length=14 202 | Value: 'Nazdar bazar' 203 | Attribute 79 (EAP-Message) length=146 204 | Value: 02 06 00 90 19 00 17 03 01 00 20 82 41 6d 68 b8 0e fb 0a d4 b0 ac 37 25 c0 f8 f7 e6 a1 67 ea 2e c1 be 02 4f 7a 68 ab 77 e3 3e 72 17 03 01 00 60 a7 d7 93 16 8b 2f a7 fd a0 a4 d0 51 98 c3 1a 49 9e db 56 7c 0d 1d 91 68 4d cd d9 05 6b 43 7c 77 45 8c 97 ef df 25 b2 3e 04 43 34 85 ed c8 35 d6 bf 78 5c dd b3 30 5b e1 ce 5f f0 91 74 57 ac 3f be 42 d8 71 30 27 4a d3 61 6f 8b d7 73 9a c0 18 11 e3 ba 83 15 7c 9b 88 33 91 ea 85 a3 eb da e0 205 | Attribute 24 (State) length=18 206 | Value: 30 5c f3 c3 59 da 4e 43 24 d7 e4 28 54 c1 42 79 207 | Attribute 80 (Message-Authenticator) length=18 208 | Value: 5f 6f 5c 99 d0 2e 3d 3b 0c b1 2b 5e 17 43 f9 b7 209 | Received RADIUS message 210 | RADIUS message: code=11 (Access-Challenge) identifier=98 length=186 211 | Attribute 79 (EAP-Message) length=130 212 | Value: 01 07 00 80 19 00 17 03 01 00 20 29 cf d2 0e 56 fc 04 2e 6b fc bd 97 13 3c e6 11 7a 66 a9 c3 25 08 1b ac 45 b8 93 f1 27 32 ea 06 17 03 01 00 50 51 66 90 d4 f2 eb d8 1b 2f 33 22 af 25 a5 a4 cf b9 83 5a 23 b7 1c 64 25 59 cf 90 dd b9 09 6e 1e a8 27 c6 cf a2 a2 05 3f 06 44 8c 13 f5 6e 74 4c 56 c4 82 74 15 12 cc ca bd f1 bf ba 1d 32 83 29 b0 a3 3e b7 a4 1f 82 b3 fb 09 35 bd 83 08 fd 37 213 | Attribute 80 (Message-Authenticator) length=18 214 | Value: c5 93 dd 23 47 ff 61 e7 2f 23 54 43 a1 5d 56 4c 215 | Attribute 24 (State) length=18 216 | Value: b6 03 1f 2c 41 90 44 de 41 bd 4d c9 3f 5a da 78 217 | polish : oteviram pro cteni i zapis 218 | Copied RADIUS State Attribute 219 | Sending RADIUS message to authentication server 220 | RADIUS message: code=1 (Access-Request) identifier=100 length=198 221 | Attribute 1 (User-Name) length=9 222 | Value: 'account' 223 | Attribute 4 (NAS-IP-Address) length=6 224 | Value: 127.0.0.1 225 | Attribute 31 (Calling-Station-Id) length=19 226 | Value: 'AA-BB-12-34-56-90' 227 | Attribute 12 (Framed-MTU) length=6 228 | Value: 1400 229 | Attribute 61 (NAS-Port-Type) length=6 230 | Value: 19 231 | Attribute 77 (Connect-Info) length=14 232 | Value: 'Nazdar bazar' 233 | Attribute 79 (EAP-Message) length=82 234 | Value: 02 07 00 50 19 00 17 03 01 00 20 0d 64 6b 37 0a 91 d8 88 c4 c9 16 56 e5 9c 70 7d 7e df 04 30 5a 11 e1 a8 63 5e b5 0e dd 90 f2 bd 17 03 01 00 20 64 5e 74 d0 7c 6d ae e0 62 5f c4 11 72 f4 55 fb cd c5 a6 72 6e 56 a5 f5 b4 53 a5 03 3b 32 65 ca 235 | Attribute 24 (State) length=18 236 | Value: b6 03 1f 2c 41 90 44 de 41 bd 4d c9 3f 5a da 78 237 | Attribute 80 (Message-Authenticator) length=18 238 | Value: 6a fd c0 8e 63 d9 cf 82 e7 24 86 98 f1 0b 15 53 239 | Received RADIUS message 240 | RADIUS message: code=11 (Access-Challenge) identifier=100 length=138 241 | Attribute 79 (EAP-Message) length=82 242 | Value: 01 08 00 50 19 00 17 03 01 00 20 bb 3a e6 7b 53 8e e6 24 e6 11 c5 fa 66 8f e7 2e 23 ed 9a 37 a2 38 b7 bb 62 60 b8 f7 2b 87 56 1d 17 03 01 00 20 70 03 42 39 3c 8a ba 16 63 4f f4 5d 97 87 38 3d 9d 0f ad 33 18 58 7c 51 00 71 af e6 17 f0 02 0e 243 | Attribute 80 (Message-Authenticator) length=18 244 | Value: 1b 97 cc 77 23 44 c3 7e 03 ba ff 12 07 40 4d 70 245 | Attribute 24 (State) length=18 246 | Value: b9 92 b6 e8 ff d1 ee a5 70 9a c8 6a f4 44 79 12 247 | polish : oteviram pro cteni i zapis 248 | Copied RADIUS State Attribute 249 | Sending RADIUS message to authentication server 250 | RADIUS message: code=1 (Access-Request) identifier=102 length=198 251 | Attribute 1 (User-Name) length=9 252 | Value: 'account' 253 | Attribute 4 (NAS-IP-Address) length=6 254 | Value: 127.0.0.1 255 | Attribute 31 (Calling-Station-Id) length=19 256 | Value: 'AA-BB-12-34-56-90' 257 | Attribute 12 (Framed-MTU) length=6 258 | Value: 1400 259 | Attribute 61 (NAS-Port-Type) length=6 260 | Value: 19 261 | Attribute 77 (Connect-Info) length=14 262 | Value: 'Nazdar bazar' 263 | Attribute 79 (EAP-Message) length=82 264 | Value: 02 08 00 50 19 00 17 03 01 00 20 ae e9 63 02 f1 6a ee 78 58 24 d8 80 18 22 fc fe bc 19 8d 0f a5 c3 f6 0d ea c9 ba 7f fd d3 87 da 17 03 01 00 20 7d f5 8e 93 f9 03 d4 c8 b9 53 eb ce 06 f2 3b c6 7a de 1c 22 f1 00 6b dd e3 cf 42 63 4f 71 66 8c 265 | Attribute 24 (State) length=18 266 | Value: b9 92 b6 e8 ff d1 ee a5 70 9a c8 6a f4 44 79 12 267 | Attribute 80 (Message-Authenticator) length=18 268 | Value: 62 63 92 4a f1 f4 19 3f e3 90 52 64 ce 5a 0b 2c 269 | Received RADIUS message 270 | RADIUS message: code=2 (Access-Accept) identifier=102 length=169 271 | Attribute 26 (Vendor-Specific) length=58 272 | Value: 00 00 01 37 11 34 d7 70 52 00 a7 7a 31 19 2a d8 5d 57 22 0a 51 3f 02 ec 9f 3c 69 bd 08 56 ff 3b 87 76 e2 f0 0c c9 76 b9 04 f6 e6 c8 04 d5 d9 f7 4e 29 a7 3b d6 8e e5 ac 273 | Attribute 26 (Vendor-Specific) length=58 274 | Value: 00 00 01 37 10 34 db 78 e2 b3 aa f6 22 a1 a0 25 cd 0e 3d 6f 14 f9 a8 6b 68 cd 85 2e b3 b7 05 57 1c 48 0c e2 6e ff 88 41 68 7c f0 84 1b 43 77 bf f1 ea ef 57 e0 93 f7 b5 275 | Attribute 79 (EAP-Message) length=6 276 | Value: 03 08 00 04 277 | Attribute 80 (Message-Authenticator) length=18 278 | Value: 73 d3 a5 58 2d 48 ce a2 bc e2 8b d8 c3 e0 52 9b 279 | Attribute 1 (User-Name) length=9 280 | Value: 'account' 281 | -------------------------------------------------------------------------------- /examples_internal/con5: -------------------------------------------------------------------------------- 1 | access-accept; 0 2 | polish : oteviram pro cteni i zapis 3 | Sending RADIUS message to authentication server 4 | RADIUS message: code=1 (Access-Request) identifier=81 length=112 5 | Attribute 1 (User-Name) length=9 6 | Value: 'account' 7 | Attribute 4 (NAS-IP-Address) length=6 8 | Value: 127.0.0.1 9 | Attribute 31 (Calling-Station-Id) length=19 10 | Value: 'AA-BB-12-34-56-90' 11 | Attribute 12 (Framed-MTU) length=6 12 | Value: 1400 13 | Attribute 61 (NAS-Port-Type) length=6 14 | Value: 19 15 | Attribute 77 (Connect-Info) length=14 16 | Value: 'Nazdar bazar' 17 | Attribute 79 (EAP-Message) length=14 18 | Value: 02 00 00 0c 01 61 63 63 6f 75 6e 74 19 | Attribute 80 (Message-Authenticator) length=18 20 | Value: af 67 be 2d dd 78 5a ed 1d de ff ff 86 bd 55 72 21 | Received RADIUS message 22 | RADIUS message: code=11 (Access-Challenge) identifier=81 length=64 23 | Attribute 79 (EAP-Message) length=8 24 | Value: 01 01 00 06 19 20 25 | Attribute 80 (Message-Authenticator) length=18 26 | Value: df 15 41 b6 5d 49 ca 71 e6 2f d1 ea d7 11 82 b0 27 | Attribute 24 (State) length=18 28 | Value: 90 5b c7 7e a3 ca b6 2a b5 ae 46 a5 14 42 82 e8 29 | polish : oteviram pro cteni i zapis 30 | Copied RADIUS State Attribute 31 | Sending RADIUS message to authentication server 32 | RADIUS message: code=1 (Access-Request) identifier=84 length=225 33 | Attribute 1 (User-Name) length=9 34 | Value: 'account' 35 | Attribute 4 (NAS-IP-Address) length=6 36 | Value: 127.0.0.1 37 | Attribute 31 (Calling-Station-Id) length=19 38 | Value: 'AA-BB-12-34-56-90' 39 | Attribute 12 (Framed-MTU) length=6 40 | Value: 1400 41 | Attribute 61 (NAS-Port-Type) length=6 42 | Value: 19 43 | Attribute 77 (Connect-Info) length=14 44 | Value: 'Nazdar bazar' 45 | Attribute 79 (EAP-Message) length=109 46 | Value: 02 01 00 6b 19 00 16 03 01 00 60 01 00 00 5c 03 01 44 5a 8a 4e bd d9 36 07 87 2f fe 63 b0 c8 13 f1 05 ec f9 c4 8f ff a6 f0 0d 93 c4 36 68 51 c9 3b 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00 47 | Attribute 24 (State) length=18 48 | Value: 90 5b c7 7e a3 ca b6 2a b5 ae 46 a5 14 42 82 e8 49 | Attribute 80 (Message-Authenticator) length=18 50 | Value: 32 a8 59 b6 e4 6c b8 5e ef 6f 71 6a 53 53 cf 2e 51 | Received RADIUS message 52 | RADIUS message: code=11 (Access-Challenge) identifier=84 length=1100 53 | Attribute 79 (EAP-Message) length=255 54 | Value: 01 02 04 0a 19 c0 00 00 04 e2 16 03 01 00 4a 02 00 00 46 03 01 44 5a 8a 50 47 f9 9d 22 19 e3 e2 04 1c d7 44 a4 aa 82 c7 f4 8b 4c 8c 0a 9d e5 ef 8f 96 0d de ef 20 cd 3a 47 fb 62 37 8d 46 97 a5 7c 24 ba 70 33 31 65 1f b7 57 50 f5 11 70 fa b1 d9 8c 7a 58 aa d5 00 35 00 16 03 01 04 85 0b 00 04 81 00 04 7e 00 04 7b 30 82 04 77 30 82 03 5f a0 03 02 01 02 02 04 42 b2 f2 d3 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 43 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 30 1e 17 0d 30 35 30 39 32 37 31 32 31 37 34 34 5a 17 0d 30 36 31 30 32 37 31 32 34 37 34 34 5a 30 76 31 12 30 10 06 0a 09 92 26 89 93 f2 55 | Attribute 79 (EAP-Message) length=255 56 | Value: 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 24 30 22 06 03 55 04 0a 13 1b 55 6e 69 76 65 72 73 69 74 79 20 6f 66 20 4a 2e 20 45 2e 20 50 75 72 6b 79 6e 65 31 1f 30 1d 06 03 55 04 03 13 16 70 61 72 61 6c 65 6e 2d 72 61 64 69 75 73 2e 75 6a 65 70 2e 63 7a 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 c3 b6 da f7 4d cd 2c 1b f8 d0 57 dd 2d c3 ed 1a 84 50 04 b4 e8 74 d7 c2 4f 06 60 9b 22 5e 2d 22 08 02 36 99 e1 ae 87 b9 be c1 05 84 85 72 7b 2a c4 b5 a4 47 89 dd 01 cd 01 61 16 64 f3 ae a8 b3 32 4c 0e 80 94 36 50 b3 aa 57 84 16 be 35 f1 66 8a 14 24 9d 4e 6a d3 f6 ad 22 36 ac e3 e0 a0 2c 07 f8 11 34 7e 60 6c 83 33 87 1c d0 87 67 67 f8 12 ec 52 f0 ca 8d 57 | Attribute 79 (EAP-Message) length=255 58 | Value: c6 82 9e 01 a3 a0 ca 54 58 a3 02 03 01 00 01 a3 82 01 c2 30 82 01 be 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 19 06 03 55 1d 20 04 12 30 10 30 0e 06 0c 2b 06 01 04 01 be 79 01 02 02 02 00 30 2d 06 03 55 1d 11 04 26 30 24 81 11 70 6f 6c 69 73 68 40 70 66 2e 75 6a 65 70 2e 63 7a 82 0f 70 61 72 61 6c 65 6e 2e 75 6a 65 70 2e 63 7a 30 82 01 0b 06 03 55 1d 1f 04 82 01 02 30 81 ff 30 5a a0 58 a0 56 a4 54 30 52 31 12 30 10 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 02 63 7a 31 19 30 17 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 09 63 65 73 6e 65 74 2d 63 61 31 12 30 10 06 03 55 04 03 13 09 43 45 53 4e 45 54 20 43 41 31 0d 30 0b 06 03 55 04 03 13 04 43 52 4c 31 30 81 a0 a0 81 9d a0 81 9a 86 42 59 | Attribute 79 (EAP-Message) length=255 60 | Value: 68 74 74 70 3a 2f 2f 77 77 77 2e 63 65 73 6e 65 74 2e 63 7a 2f 70 6b 69 2f 63 72 6c 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 2e 63 72 6c 86 54 6c 64 61 70 3a 2f 2f 6c 64 61 70 2e 63 65 73 6e 65 74 2d 63 61 2e 63 7a 2f 63 6e 3d 43 45 53 4e 45 54 25 32 30 43 41 2c 64 63 3d 63 65 73 6e 65 74 2d 63 61 2c 64 63 3d 63 7a 3f 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 30 1f 06 03 55 1d 23 04 18 30 16 80 14 2f 6c 05 c3 51 26 ac af 39 9c 3e 38 35 dd 52 29 27 80 c5 f5 30 1d 06 03 55 1d 0e 04 16 04 14 41 0b c0 a4 47 4a 03 a5 37 01 ee bb cb cd 3f 58 7d d1 e0 77 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 2e 99 95 02 33 3d c6 26 48 82 ce db 38 78 3b e6 92 61 | Attribute 79 (EAP-Message) length=24 62 | Value: 41 1e 7c f8 a2 2c a6 83 0a 2f 28 72 01 ac a7 b9 84 32 9c 89 85 8b 63 | Attribute 80 (Message-Authenticator) length=18 64 | Value: 15 95 b1 0e 4b 17 33 85 e6 3e e3 a6 4e 4b 81 2a 65 | Attribute 24 (State) length=18 66 | Value: 1f b0 80 b1 fe af 85 20 c4 00 79 fa 18 c1 5a 7d 67 | polish : oteviram pro cteni i zapis 68 | Copied RADIUS State Attribute 69 | Sending RADIUS message to authentication server 70 | RADIUS message: code=1 (Access-Request) identifier=89 length=124 71 | Attribute 1 (User-Name) length=9 72 | Value: 'account' 73 | Attribute 4 (NAS-IP-Address) length=6 74 | Value: 127.0.0.1 75 | Attribute 31 (Calling-Station-Id) length=19 76 | Value: 'AA-BB-12-34-56-90' 77 | Attribute 12 (Framed-MTU) length=6 78 | Value: 1400 79 | Attribute 61 (NAS-Port-Type) length=6 80 | Value: 19 81 | Attribute 77 (Connect-Info) length=14 82 | Value: 'Nazdar bazar' 83 | Attribute 79 (EAP-Message) length=8 84 | Value: 02 02 00 06 19 00 85 | Attribute 24 (State) length=18 86 | Value: 1f b0 80 b1 fe af 85 20 c4 00 79 fa 18 c1 5a 7d 87 | Attribute 80 (Message-Authenticator) length=18 88 | Value: 2e 32 1a cc e5 a7 86 8b 33 44 a3 67 0f 8c c2 ed 89 | Received RADIUS message 90 | RADIUS message: code=11 (Access-Challenge) identifier=89 length=290 91 | Attribute 79 (EAP-Message) length=234 92 | Value: 01 03 00 e8 19 00 38 c4 ae 80 90 36 ee 2a f8 87 4c 81 b8 62 ef 74 27 20 c8 ac 4b 19 3f 06 45 c9 88 cc 55 ba 0b b5 8e 9c 44 d5 f1 46 31 48 9b 07 51 b0 51 33 0d e8 b8 3f cc 8c 75 a7 18 e0 d3 ac 1a 23 fb ac 2f fe 4c 9a ba ff 8b df fc 05 d3 f9 29 99 a1 9d f3 9b 53 4a 5a b5 51 87 14 08 48 4e 97 21 3b 54 50 a3 92 60 2a 65 6b af b2 a9 68 0c c5 31 da 38 f7 82 53 5b 1f e9 8d 41 99 0d 6c ed 8f 8f c6 10 ef 26 f3 c4 70 26 e6 03 96 42 cf fd d3 8c 1b f7 b6 14 a8 44 58 8b 1e 54 f5 30 e0 21 22 62 4c e7 f1 83 fb f3 13 67 77 c8 dc a3 9c ea d4 aa 94 dd f8 38 46 74 c6 76 bf e9 05 69 03 bc 5c 36 06 09 b3 db 20 63 e5 c9 27 b7 8a 84 fe c4 24 43 0d 61 2c 47 2b 3f 9c 75 0a 98 d9 6a 83 16 03 01 00 04 0e 00 00 00 93 | Attribute 80 (Message-Authenticator) length=18 94 | Value: ba 21 00 d1 36 02 ef 8d e4 08 ec 74 08 0c f8 85 95 | Attribute 24 (State) length=18 96 | Value: 24 cb a3 7f df 8b d5 52 3d 1f c6 a7 49 a8 94 30 97 | polish : oteviram pro cteni i zapis 98 | Copied RADIUS State Attribute 99 | Sending RADIUS message to authentication server 100 | RADIUS message: code=1 (Access-Request) identifier=94 length=322 101 | Attribute 1 (User-Name) length=9 102 | Value: 'account' 103 | Attribute 4 (NAS-IP-Address) length=6 104 | Value: 127.0.0.1 105 | Attribute 31 (Calling-Station-Id) length=19 106 | Value: 'AA-BB-12-34-56-90' 107 | Attribute 12 (Framed-MTU) length=6 108 | Value: 1400 109 | Attribute 61 (NAS-Port-Type) length=6 110 | Value: 19 111 | Attribute 77 (Connect-Info) length=14 112 | Value: 'Nazdar bazar' 113 | Attribute 79 (EAP-Message) length=206 114 | Value: 02 03 00 cc 19 00 16 03 01 00 86 10 00 00 82 00 80 67 54 96 41 2a e7 75 49 bd d8 e9 35 a7 ea 47 50 d7 79 a6 ad 19 0d bb 48 45 9b 9b cf 38 3b e7 87 c0 30 17 16 cc 50 14 0d 42 28 5e c8 1e 40 15 2d 39 76 c7 4d f2 e6 8a 17 82 20 75 e9 cf 05 af 42 24 31 2c ee ea 43 f7 98 cd 0e cf 72 75 43 cc 90 e0 2d 0a da 63 4d ca 8c 90 e3 82 25 46 e5 e8 8a 16 aa 6a ff 63 90 0f 02 57 0b 24 64 cb b3 93 df ad 5f 7e e8 b9 61 bc 68 ac eb e5 6e 9f f6 22 3c 14 03 01 00 01 01 16 03 01 00 30 31 ee e5 fd 4f 62 9c c9 b9 b6 4d d0 5a 23 a1 0d 66 ec 65 3c f7 21 dc f7 b5 70 91 a5 ac 2b b9 d0 e1 69 3f 51 18 af 4d 50 70 39 72 51 9b 9b 35 d2 115 | Attribute 24 (State) length=18 116 | Value: 24 cb a3 7f df 8b d5 52 3d 1f c6 a7 49 a8 94 30 117 | Attribute 80 (Message-Authenticator) length=18 118 | Value: b9 ac 03 09 7c 66 fb c9 11 b5 72 55 4f a9 ad 90 119 | Received RADIUS message 120 | RADIUS message: code=11 (Access-Challenge) identifier=94 length=123 121 | Attribute 79 (EAP-Message) length=67 122 | Value: 01 04 00 41 19 00 14 03 01 00 01 01 16 03 01 00 30 9c f9 04 c7 e4 c0 19 00 c8 52 4a 45 6d 91 e3 44 37 a3 2f 2c 7d 71 ef be 80 80 c0 1d 92 c2 3a 2e 30 e4 29 89 af 41 38 63 bd 43 20 db 83 a4 1f f1 123 | Attribute 80 (Message-Authenticator) length=18 124 | Value: 3e ec 6d 6b 56 2c c7 d2 19 22 1f 2a 63 4b 5b c8 125 | Attribute 24 (State) length=18 126 | Value: 5c 3e 9e 0b d6 fc d6 46 be 88 c4 8f 3f f8 69 1b 127 | polish : oteviram pro cteni i zapis 128 | Copied RADIUS State Attribute 129 | Sending RADIUS message to authentication server 130 | RADIUS message: code=1 (Access-Request) identifier=97 length=124 131 | Attribute 1 (User-Name) length=9 132 | Value: 'account' 133 | Attribute 4 (NAS-IP-Address) length=6 134 | Value: 127.0.0.1 135 | Attribute 31 (Calling-Station-Id) length=19 136 | Value: 'AA-BB-12-34-56-90' 137 | Attribute 12 (Framed-MTU) length=6 138 | Value: 1400 139 | Attribute 61 (NAS-Port-Type) length=6 140 | Value: 19 141 | Attribute 77 (Connect-Info) length=14 142 | Value: 'Nazdar bazar' 143 | Attribute 79 (EAP-Message) length=8 144 | Value: 02 04 00 06 19 00 145 | Attribute 24 (State) length=18 146 | Value: 5c 3e 9e 0b d6 fc d6 46 be 88 c4 8f 3f f8 69 1b 147 | Attribute 80 (Message-Authenticator) length=18 148 | Value: 0f f7 13 07 c5 cd 44 58 db 2e db 8b 86 b5 4a 13 149 | Received RADIUS message 150 | RADIUS message: code=11 (Access-Challenge) identifier=97 length=138 151 | Attribute 79 (EAP-Message) length=82 152 | Value: 01 05 00 50 19 00 17 03 01 00 20 fd 0f 67 11 27 f0 92 a1 ad d5 4e 1e e8 1d cf b2 1f 5f af cf 6e f2 86 b7 bd 03 0a 24 43 2b d0 93 17 03 01 00 20 b7 ae 63 f8 88 0f e7 f4 af 11 b5 59 67 73 07 99 1a fd 0f 45 01 83 04 71 be ed ff a7 8c 49 e7 6b 153 | Attribute 80 (Message-Authenticator) length=18 154 | Value: 10 55 cb c8 12 46 4f 47 46 d8 7f 1c ea 49 ea ce 155 | Attribute 24 (State) length=18 156 | Value: da 3f 82 59 a4 e6 c4 4a 75 91 4f f7 00 1f 33 0b 157 | polish : oteviram pro cteni i zapis 158 | Copied RADIUS State Attribute 159 | Sending RADIUS message to authentication server 160 | RADIUS message: code=1 (Access-Request) identifier=99 length=198 161 | Attribute 1 (User-Name) length=9 162 | Value: 'account' 163 | Attribute 4 (NAS-IP-Address) length=6 164 | Value: 127.0.0.1 165 | Attribute 31 (Calling-Station-Id) length=19 166 | Value: 'AA-BB-12-34-56-90' 167 | Attribute 12 (Framed-MTU) length=6 168 | Value: 1400 169 | Attribute 61 (NAS-Port-Type) length=6 170 | Value: 19 171 | Attribute 77 (Connect-Info) length=14 172 | Value: 'Nazdar bazar' 173 | Attribute 79 (EAP-Message) length=82 174 | Value: 02 05 00 50 19 00 17 03 01 00 20 00 46 9e 28 61 c6 7e 7f 80 ed 9a 4d ff 9e 71 f4 37 96 03 61 7e c2 53 78 b4 8a 6e 35 99 8b bb 3b 17 03 01 00 20 b9 98 3e a2 a9 2d 0e b0 d6 e5 84 e2 a4 2d bb b6 1c ec d2 6b f6 97 76 f8 96 49 68 02 27 6a 02 28 175 | Attribute 24 (State) length=18 176 | Value: da 3f 82 59 a4 e6 c4 4a 75 91 4f f7 00 1f 33 0b 177 | Attribute 80 (Message-Authenticator) length=18 178 | Value: 4d 1f 1b ab 03 fa c0 e0 78 99 e8 e3 58 ef c8 f5 179 | Received RADIUS message 180 | RADIUS message: code=11 (Access-Challenge) identifier=99 length=170 181 | Attribute 79 (EAP-Message) length=114 182 | Value: 01 06 00 70 19 00 17 03 01 00 20 e4 eb c6 04 3e bd 9b 8a 37 91 3e a3 5f 6b b1 6a ec dd 17 ba 0f 91 1f 74 29 d3 bc 99 5a 67 0d a2 17 03 01 00 40 cf 5f 98 4b 21 ef 45 87 ee d2 f2 e2 cf e7 c3 d3 be 6b 34 bf 3c 8b ce 8d 22 3c 03 c8 d9 2a d4 91 ca 86 8b f9 96 46 2e 1b b5 b4 d6 ac 1e 77 ea 23 6b 9d 66 b6 14 35 9d c1 b8 a2 fe d6 03 98 fd c1 183 | Attribute 80 (Message-Authenticator) length=18 184 | Value: 0c b6 fe 1c 74 6e d5 71 7d 0d 29 e8 cb 03 f6 7c 185 | Attribute 24 (State) length=18 186 | Value: 83 2d f9 ef 9e f2 5f 63 20 40 12 38 ef ce 48 f9 187 | polish : oteviram pro cteni i zapis 188 | Copied RADIUS State Attribute 189 | Sending RADIUS message to authentication server 190 | RADIUS message: code=1 (Access-Request) identifier=101 length=262 191 | Attribute 1 (User-Name) length=9 192 | Value: 'account' 193 | Attribute 4 (NAS-IP-Address) length=6 194 | Value: 127.0.0.1 195 | Attribute 31 (Calling-Station-Id) length=19 196 | Value: 'AA-BB-12-34-56-90' 197 | Attribute 12 (Framed-MTU) length=6 198 | Value: 1400 199 | Attribute 61 (NAS-Port-Type) length=6 200 | Value: 19 201 | Attribute 77 (Connect-Info) length=14 202 | Value: 'Nazdar bazar' 203 | Attribute 79 (EAP-Message) length=146 204 | Value: 02 06 00 90 19 00 17 03 01 00 20 89 64 e7 af d5 1e 26 04 6b b3 55 ba e5 2d bb b4 6e 9b b6 d9 1a 85 ee f3 fc 60 54 7f 76 32 4f 00 17 03 01 00 60 cb 28 0b 16 37 8d 6d 6e 52 58 32 81 b6 58 9a d2 c0 d3 53 90 dc d9 04 36 90 f9 a8 e3 3d 65 ef 52 78 41 89 41 49 ef 39 ae c3 60 23 41 a6 ec b6 42 ed 9d fd 71 65 76 fa 59 7b 0b 24 97 71 0d 64 bb ed 1f dc cc 96 61 a2 3a 7b 77 27 d7 81 59 9e 5e e3 f9 60 69 1e 7e 8b ab ca 84 bb ae 0d ba 65 a9 205 | Attribute 24 (State) length=18 206 | Value: 83 2d f9 ef 9e f2 5f 63 20 40 12 38 ef ce 48 f9 207 | Attribute 80 (Message-Authenticator) length=18 208 | Value: 36 df f5 92 1b 5f 47 d5 82 40 bb 0c 84 fd ed 69 209 | Received RADIUS message 210 | RADIUS message: code=11 (Access-Challenge) identifier=101 length=186 211 | Attribute 79 (EAP-Message) length=130 212 | Value: 01 07 00 80 19 00 17 03 01 00 20 c0 15 f7 19 7a 82 f3 c8 fd f2 b8 fa f3 fe 8f 3f 35 5a 86 e7 79 ec 58 d2 1a f8 59 97 35 24 2c 5e 17 03 01 00 50 ad 3a 8c 0d 2a 94 91 fc f5 ee 26 10 e1 24 61 b0 c8 59 12 cb 87 c7 22 aa 57 19 9b 03 4a 2e 37 e7 84 b9 c3 60 b0 34 c3 27 23 14 ee 62 99 b9 23 7b 0f 5c 3b 8f a9 0e f6 2a bd c4 d4 d0 ed 50 6b 42 4e 42 6c be 0f 39 93 cb 07 05 f2 49 1c 25 bc 6d 213 | Attribute 80 (Message-Authenticator) length=18 214 | Value: 35 40 1e ce 65 83 59 33 27 11 d6 2c 06 a4 49 77 215 | Attribute 24 (State) length=18 216 | Value: 74 82 d5 39 90 5b c7 7e a4 20 ca 4d 46 ce 8c 8f 217 | polish : oteviram pro cteni i zapis 218 | Copied RADIUS State Attribute 219 | Sending RADIUS message to authentication server 220 | RADIUS message: code=1 (Access-Request) identifier=103 length=198 221 | Attribute 1 (User-Name) length=9 222 | Value: 'account' 223 | Attribute 4 (NAS-IP-Address) length=6 224 | Value: 127.0.0.1 225 | Attribute 31 (Calling-Station-Id) length=19 226 | Value: 'AA-BB-12-34-56-90' 227 | Attribute 12 (Framed-MTU) length=6 228 | Value: 1400 229 | Attribute 61 (NAS-Port-Type) length=6 230 | Value: 19 231 | Attribute 77 (Connect-Info) length=14 232 | Value: 'Nazdar bazar' 233 | Attribute 79 (EAP-Message) length=82 234 | Value: 02 07 00 50 19 00 17 03 01 00 20 80 3f 73 2a b0 7f af f5 d8 e8 b1 1d e5 5b 7b 70 12 62 9c ee 3a 77 b5 e8 16 1f bd 02 38 be f7 25 17 03 01 00 20 ec f4 c9 67 33 b3 b9 a7 e3 8d 33 e7 e2 2e f1 2e 12 45 61 c9 fc c1 0a b4 a5 8e 1b eb 24 b6 10 2c 235 | Attribute 24 (State) length=18 236 | Value: 74 82 d5 39 90 5b c7 7e a4 20 ca 4d 46 ce 8c 8f 237 | Attribute 80 (Message-Authenticator) length=18 238 | Value: 56 b1 c3 a2 8b 71 1c 0b 0c 07 91 30 56 50 63 26 239 | Received RADIUS message 240 | RADIUS message: code=11 (Access-Challenge) identifier=103 length=138 241 | Attribute 79 (EAP-Message) length=82 242 | Value: 01 08 00 50 19 00 17 03 01 00 20 59 62 cd 15 ab f5 bb 4b 07 8e 63 22 bb a5 a7 bc 33 75 8f 59 dd b6 83 e7 7f 6a c5 9b 54 67 2c 35 17 03 01 00 20 d2 63 e6 6c e1 82 f6 dc e9 9e f9 ec 90 21 8e fe 84 9f c2 3e dd dc c2 03 1a 02 10 3d 04 d1 ac 62 243 | Attribute 80 (Message-Authenticator) length=18 244 | Value: ca 8b 70 fd ec a4 f7 aa ed be 1a de ae 62 34 c9 245 | Attribute 24 (State) length=18 246 | Value: b7 b9 98 c3 77 55 b2 79 ca 3f 12 88 67 a8 30 4b 247 | polish : oteviram pro cteni i zapis 248 | Copied RADIUS State Attribute 249 | Sending RADIUS message to authentication server 250 | RADIUS message: code=1 (Access-Request) identifier=104 length=198 251 | Attribute 1 (User-Name) length=9 252 | Value: 'account' 253 | Attribute 4 (NAS-IP-Address) length=6 254 | Value: 127.0.0.1 255 | Attribute 31 (Calling-Station-Id) length=19 256 | Value: 'AA-BB-12-34-56-90' 257 | Attribute 12 (Framed-MTU) length=6 258 | Value: 1400 259 | Attribute 61 (NAS-Port-Type) length=6 260 | Value: 19 261 | Attribute 77 (Connect-Info) length=14 262 | Value: 'Nazdar bazar' 263 | Attribute 79 (EAP-Message) length=82 264 | Value: 02 08 00 50 19 00 17 03 01 00 20 64 7c f8 7f 01 9b 71 f5 dd fa 63 67 82 1c c6 ba de ad 4a 31 4a ba 24 64 f5 b7 02 de 09 e7 10 64 17 03 01 00 20 76 7b ff 17 4f ba 13 a8 b5 df bd 87 c8 c8 e1 80 54 9c 84 df 97 8c d8 53 16 e9 99 bb 85 d6 39 a5 265 | Attribute 24 (State) length=18 266 | Value: b7 b9 98 c3 77 55 b2 79 ca 3f 12 88 67 a8 30 4b 267 | Attribute 80 (Message-Authenticator) length=18 268 | Value: 7d 0f 28 dc f9 93 e9 0e 4d 44 81 12 21 cd 2d b8 269 | Received RADIUS message 270 | RADIUS message: code=2 (Access-Accept) identifier=104 length=169 271 | Attribute 26 (Vendor-Specific) length=58 272 | Value: 00 00 01 37 11 34 e6 2e bf 46 de ee f2 49 10 39 cc 1f 43 2d b8 ae 93 ca f6 2c ea e4 d3 04 d6 4c 29 48 88 05 76 5c d1 b4 5b 58 37 90 30 70 c8 03 fc 6f 88 62 cc 62 30 0d 273 | Attribute 26 (Vendor-Specific) length=58 274 | Value: 00 00 01 37 10 34 ef 61 d2 8f a6 16 cd 74 2f 08 11 29 22 39 0c 62 bd c4 bd 88 60 b2 5c 11 8d 5c 20 ba fe b2 49 6f dc c5 d0 52 28 5c 0b 7d 4f 80 36 1d 29 23 6e c3 f9 72 275 | Attribute 79 (EAP-Message) length=6 276 | Value: 03 08 00 04 277 | Attribute 80 (Message-Authenticator) length=18 278 | Value: 21 92 be 5b db fd 55 5f e0 f9 1f 77 5c d3 89 31 279 | Attribute 1 (User-Name) length=9 280 | Value: 'account' 281 | -------------------------------------------------------------------------------- /examples_internal/concurent_test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # exec more concurent test for sae destination 3 | ./spust_test_alldecoded > con1 & 4 | ./spust_test_alldecoded > con2 & 5 | ./spust_test_alldecoded > con3 & 6 | ./spust_test_alldecoded > con4 & 7 | ./spust_test_alldecoded > con5 & 8 | sleep 5 9 | cat con[1-5] | grep identifier | awk '{print $5}' | less 10 | #cat con[1-5] | grep identifier | awk '{print $5}' | sort | less 11 | -------------------------------------------------------------------------------- /examples_internal/leap_spust_test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H paralen -P 1812 -S trouba61 -u polish@cesnet.cz -p deloka -m IEEE8021X -e LEAP 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/leap_spust_test_bad_pass: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H paralen -P 1812 -S trouba61 -u polish@cesnet.cz -p bad_pass -m IEEE8021X -e LEAP -c 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/leap_spust_test_bad_radius: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H paralen2 -P 1812 -S trouba61 -u polish@cesnet.cz -p pass_iiii -m IEEE8021X -e LEAP 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/spust_test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H radius -P 1812 -S trouba61 -u account -p pass_iiii -m WPA-EAP -e PEAP 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/spust_test_alldecoded: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be ok with all decoded packets 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | # -M - MAC address in xx:xx:xx:xx:xx:xx format 15 | cd .. 16 | ./rad_eap_test -H paralen -P 1812 -S trouba61 -u account -p pass_iiii -m WPA-EAP -e PEAP -c -M aa:bb:12:34:56:90 -i"Nazdar bazar" -d/tmp/tmp 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/spust_test_anonymous: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H radius -P 1812 -S trouba61 -u account -p pass_iiii -m WPA-EAP -e PEAP -A account@cesnet.cz 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/spust_test_bad_pass: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # account with bad password 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H radius -P 1812 -S trouba61 -u account -p bad_pass -m WPA-EAP -e PEAP -c 17 | 18 | -------------------------------------------------------------------------------- /examples_internal/spust_test_bad_radius: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test tries to connect to non exist radius ( or downed radius ) 5 | 6 | # -H - radius server (example: radius.world.com) 7 | # -P - destination port 8 | # -S - password for communication between client (authenticatior) and radius 9 | # -u - account (example: doe@world.com) 10 | # -p - password 11 | # -m - authentication method 12 | # -e - EAP protocol 13 | 14 | cd .. 15 | ./rad_eap_test -H bad_radius -P 1812 -S trouba61 -u account -p iiiiii -m WPA-EAP -e PEAP -v 16 | 17 | -------------------------------------------------------------------------------- /examples_internal/spust_test_bad_radius_long_timeout: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test tries to connect to non exist radius ( or downed radius ) with non default long timeout 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | # -t - timeout in seconds 15 | 16 | cd .. 17 | ./rad_eap_test -H bad_radius -P 1812 -S trouba61 -u account -p iiiiii -m WPA-EAP -e PEAP -t 10 18 | 19 | -------------------------------------------------------------------------------- /examples_internal/spust_test_verbose: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be ok with verbose mode ( prints out last decoded packet) 5 | 6 | # -H - radius server (example: radius.world.com) 7 | # -P - destination port 8 | # -S - password for communication between client (authenticatior) and radius 9 | # -u - account (example: doe@world.com) 10 | # -p - password 11 | # -m - authentication method 12 | # -e - EAP protocol 13 | 14 | cd .. 15 | ./rad_eap_test -H radius -P 1812 -S trouba61 -u account -p pass_iiii -m WPA-EAP -e PEAP -v 16 | 17 | -------------------------------------------------------------------------------- /examples_internal/tls_spust_test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # test configuration for radius_test script 4 | # test should be succesfull without verbose mode 5 | # 6 | 7 | # -H - radius server (example: radius.world.com) 8 | # -P - destination port 9 | # -S - password for communication between client (authenticatior) and radius 10 | # -u - account (example: doe@world.com) 11 | # -p - password 12 | # -m - authentication method 13 | # -e - EAP protocol 14 | 15 | cd .. 16 | ./rad_eap_test -H radius -P 1812 -S trouba61 -u test@ics.muni.cz -k /mnt/klic2/certifikat/testovaci_muni_tls/test_tls.key -j /mnt/klic2/certifikat/testovaci_muni_tls/test_tls.crt -a /home/polish/cesnet-ca.cz.pem.crt -m IEEE8021X -e TLS -t 15 -c 17 | 18 | -------------------------------------------------------------------------------- /patches/README: -------------------------------------------------------------------------------- 1 | # NOTE: No need to patch upstream code anymore! Patches are here keept 2 | # just for record. 3 | 2006-05-04: 4 | * eapol_test.c.2006-05-05.diff 5 | * Patch implement storage of Identifier in local file. It 6 | prevents tested RADIUSes from trigering Duplicate packet 7 | detection. 8 | * Patch is being tested, it was not sent to upstream. 9 | 10 | 2006-04-11: 11 | * eapol_test.c.2006-04-11.diff 12 | * wpa_supplicant_i.h.2006-04-11.diff 13 | * Patches are against CVS 100406. They implements -t to set 14 | timeout, -M to set MAC address and -i to set connection info 15 | from command line of eapol_test. 16 | * They were accepted by upstream in 0.5.3 version! 17 | -------------------------------------------------------------------------------- /patches/eapol_test.c.2006-04-11.diff: -------------------------------------------------------------------------------- 1 | --- eapol_test.puv 2006-04-11 10:27:42.000000000 +0200 2 | +++ eapol_test.c 2006-04-11 23:29:10.000000000 +0200 3 | @@ -33,7 +33,6 @@ 4 | #include "ctrl_iface.h" 5 | #include "pcsc_funcs.h" 6 | 7 | - 8 | extern int wpa_debug_level; 9 | extern int wpa_debug_show_keys; 10 | 11 | @@ -129,7 +128,7 @@ 12 | const u8 *eap, size_t len) 13 | { 14 | struct radius_msg *msg; 15 | - char buf[128]; 16 | + char buf[SIZE_OF_BUF]; 17 | const struct eap_hdr *hdr; 18 | const u8 *pos; 19 | 20 | @@ -197,7 +196,7 @@ 21 | goto fail; 22 | } 23 | 24 | - snprintf(buf, sizeof(buf), "CONNECT 11Mbps 802.11b"); 25 | + snprintf(buf, sizeof(buf), e->wpa_s->conn_info); 26 | if (!radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO, 27 | (u8 *) buf, strlen(buf))) { 28 | printf("Could not add Connect-Info\n"); 29 | @@ -650,13 +649,13 @@ 30 | 31 | static void wpa_init_conf(struct eapol_test_data *e, 32 | struct wpa_supplicant *wpa_s, const char *authsrv, 33 | - int port, const char *secret) 34 | + int port, const char *secret ) 35 | { 36 | struct hostapd_radius_server *as; 37 | int res; 38 | 39 | wpa_s->bssid[5] = 1; 40 | - wpa_s->own_addr[5] = 2; 41 | + 42 | e->own_ip_addr.s_addr = htonl((127 << 24) | 1); 43 | strncpy(wpa_s->ifname, "test", sizeof(wpa_s->ifname)); 44 | 45 | @@ -875,6 +874,90 @@ 46 | eloop_terminate(); 47 | } 48 | 49 | +int arg_str_to_mac( char *str, unsigned char *result ) { 50 | + int n, high; 51 | + int m = 0; 52 | + int index = 0; 53 | + 54 | + printf("%s\n", str); 55 | + 56 | + high = 16; 57 | + 58 | + for( n=0; n<17; n++ ) { 59 | + switch( str[n] ) { 60 | + case ':': high=16; continue; break; 61 | + case '1': 62 | + m=1; 63 | + break; 64 | + case '2': 65 | + m=2; 66 | + break; 67 | + case '3': 68 | + m=3; 69 | + break; 70 | + case '4': 71 | + m=4; 72 | + break; 73 | + case '5': 74 | + m=5; 75 | + break; 76 | + case '6': 77 | + m=6; 78 | + break; 79 | + case '7': 80 | + m=7; 81 | + break; 82 | + case '8': 83 | + m=8; 84 | + break; 85 | + case '9': 86 | + m=9; 87 | + break; 88 | + case '0': 89 | + m=0; 90 | + break; 91 | + case 'A': 92 | + case 'a': 93 | + m=10; break; 94 | + case 'B': 95 | + case 'b': 96 | + m=11; 97 | + break; 98 | + case 'C': 99 | + case 'c': 100 | + m=12; 101 | + break; 102 | + case 'D': 103 | + case 'd': 104 | + m=13; 105 | + break; 106 | + case 'E': 107 | + case 'e': 108 | + m=14; 109 | + break; 110 | + case 'F': 111 | + case 'f': 112 | + m=15; 113 | + break; 114 | + 115 | + } 116 | + /* printf("high %d\n", high ); */ 117 | + 118 | + if( high == 16 ) { 119 | + result[index] = (unsigned char) m*16; 120 | + /* printf("%d\n", result[index] ); */ 121 | + } else { 122 | + result[index] += (unsigned char) m; 123 | + /* printf("%d\n", result[index] ); */ 124 | + index++; 125 | + } 126 | + high -= 15; 127 | + } 128 | + 129 | + 130 | + return 0; 131 | +} 132 | + 133 | 134 | static void usage(void) 135 | { 136 | @@ -897,7 +980,9 @@ 137 | " -W = wait for a control interface monitor before starting\n" 138 | " -S = save configuration after authentiation\n" 139 | " -n = no MPPE keys expected\n" 140 | - " -t = sets timeout in seconds (default: 30 s)\n"); 141 | + " -t = sets timeout in seconds (default: 30 s)\n" 142 | + " -M = sets our mac address\n" 143 | + " -i = description of type of connection\n"); 144 | } 145 | 146 | 147 | @@ -910,6 +995,10 @@ 148 | char *as_secret = "radius"; 149 | char *conf = NULL; 150 | int timeout = 30; 151 | + char *mac_addr_str = "70:6f:6c:69:73:68"; 152 | + unsigned char mac_addr[ETH_ALEN]; 153 | + int n; 154 | + char *conn_info = "CONNECT 11Mbps 802.11b"; 155 | 156 | if (os_program_init()) 157 | return -1; 158 | @@ -920,7 +1009,7 @@ 159 | wpa_debug_show_keys = 1; 160 | 161 | for (;;) { 162 | - c = getopt(argc, argv, "a:c:np:r:s:St:W"); 163 | + c = getopt(argc, argv, "a:c:np:r:s:St:M:i:W"); 164 | if (c < 0) 165 | break; 166 | switch (c) { 167 | @@ -951,6 +1040,13 @@ 168 | case 'W': 169 | wait_for_monitor++; 170 | break; 171 | + case 'M': 172 | + mac_addr_str = optarg; 173 | + break; 174 | + case 'i': 175 | + conn_info = optarg; 176 | + break; 177 | + 178 | default: 179 | usage(); 180 | return -1; 181 | @@ -981,7 +1077,7 @@ 182 | wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 183 | return -1; 184 | } 185 | - 186 | + 187 | memset(&wpa_s, 0, sizeof(wpa_s)); 188 | eapol_test.wpa_s = &wpa_s; 189 | wpa_s.conf = wpa_config_read(conf); 190 | @@ -994,6 +1090,12 @@ 191 | return -1; 192 | } 193 | 194 | + arg_str_to_mac( mac_addr_str, mac_addr ); 195 | + for( n=0; nradius_identifier = radius_client_get_id(e->radius); 61 | + e->radius_identifier = status_get_id( (u8 *) &e->radius_conf->auth_server->addr.u.v4 ); // radius_client_get_id(e->radius); 62 | msg = radius_msg_new(RADIUS_CODE_ACCESS_REQUEST, 63 | e->radius_identifier); 64 | if (msg == NULL) { 65 | @@ -906,7 +945,8 @@ 66 | "CONNECT 11Mbps 802.11b)\n" 67 | " -M = Set own MAC address " 68 | "(Calling-Station-Id,\n" 69 | - " default: 02:00:00:00:00:01)\n"); 70 | + " default: 02:00:00:00:00:01)\n" 71 | + " -d = status directory default: /tmp\n"); 72 | } 73 | 74 | 75 | @@ -931,7 +971,7 @@ 76 | wpa_debug_show_keys = 1; 77 | 78 | for (;;) { 79 | - c = getopt(argc, argv, "a:c:C:M:np:r:s:St:W"); 80 | + c = getopt(argc, argv, "a:c:C:M:np:r:s:St:d:W"); 81 | if (c < 0) 82 | break; 83 | switch (c) { 84 | @@ -971,6 +1011,9 @@ 85 | case 'W': 86 | wait_for_monitor++; 87 | break; 88 | + case 'd': 89 | + status_dir = optarg; 90 | + break; 91 | default: 92 | usage(); 93 | return -1; 94 | -------------------------------------------------------------------------------- /patches/wpa_supplicant_i.h.2006-04-11.diff: -------------------------------------------------------------------------------- 1 | --- wpa_supplicant_i.h.orig 2006-04-11 23:36:10.000000000 +0200 2 | +++ wpa_supplicant_i.h 2006-04-11 23:36:31.000000000 +0200 3 | @@ -17,6 +17,8 @@ 4 | 5 | #include "driver.h" 6 | 7 | +#define SIZE_OF_BUF 128 8 | + 9 | struct wpa_blacklist { 10 | struct wpa_blacklist *next; 11 | u8 bssid[ETH_ALEN]; 12 | @@ -178,6 +180,7 @@ 13 | struct l2_packet_data *l2; 14 | struct l2_packet_data *l2_br; 15 | unsigned char own_addr[ETH_ALEN]; 16 | + char conn_info[SIZE_OF_BUF]; 17 | char ifname[100]; 18 | char bridge_ifname[16]; 19 | 20 | -------------------------------------------------------------------------------- /rad_eap_test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # =========================================================================================== 4 | # rad_eapol_test nagios compatible wrapper around eapol_test 5 | # Copyright (c) 2005-2019 CESNET, z.s.p.o. 6 | # Authors: Pavel Poláček 7 | # Jan Tomášek 8 | # Václav Mach 9 | # and others 10 | # 11 | # This program is free software; you can redistribute it and/or modify 12 | # it under the terms of the GNU General Public License version 2 as 13 | # published by the Free Software Foundation. 14 | # 15 | # See README and COPYING for more details. 16 | # =========================================================================================== 17 | 18 | 19 | 20 | 21 | # =========================================================================================== 22 | # test certificate expiry based on user set number of days 23 | # =========================================================================================== 24 | function test_cert_expiry() 25 | { 26 | local not_after 27 | local expiry_now 28 | local expiry_warn 29 | local expiry_date 30 | 31 | # certicite expiry was set 32 | if [[ -n "$CERTIFICATE_EXPIRY" ]] 33 | then 34 | process_cert_expiry # get the cert info needed 35 | 36 | if [[ $? -ne 0 ]] # no cert available 37 | then 38 | return 39 | fi 40 | 41 | expiry_now=$(date +%s) # current date in seconds 42 | expiry_warn=$(($expiry_now + ($CERTIFICATE_EXPIRY * 86400))) # when to warn before expiry in seconds 43 | not_after=$(echo -e "$CERT" | openssl x509 -noout -dates | tail -1 | cut -d "=" -f 2) # get the "not after" date from cert 44 | expiry_date=$(date -d "$not_after" "+%s") # get the expiry date in seconds 45 | 46 | 47 | # do the actual expiry testing 48 | if [[ $expiry_date -lt $expiry_now ]] 49 | then 50 | PROG_OUT=$(printf "CRITICAL: certificate EXPIRED %s\n" $(date -d "@$expiry_date" -Idate)) 51 | EXIT_CODE=$EXIT_CRITICAL 52 | 53 | elif [[ $expiry_date -lt $expiry_warn ]] 54 | then 55 | PROG_OUT=$(printf "WARNING: cerificate expires soon (%s)\n" $(date -d "@$expiry_date" -Idate)) 56 | EXIT_CODE=$EXIT_WARNING 57 | fi 58 | fi 59 | } 60 | # =========================================================================================== 61 | # add verbose info based on user set level 62 | # =========================================================================================== 63 | verbose() 64 | { 65 | # further processing based on VERBOSE level 66 | case "$VERBOSE" in 67 | 0) ;; # nothing to do here, just an empty branch 68 | 69 | # Show received Chargeable-User-Identity and/or Operator-Name 70 | 1) 71 | echo "" 72 | echo "$OUT" | sed -n '/(Access-Accept)/,$p' | awk '/Attribute (89|126) / { a=$3 } /Value: / && a { print a " " $2; a="" }' # get Attribute 89 or 126 and print the value 73 | ;; 74 | 75 | # print the last packet decoded 76 | 2) 77 | echo "" 78 | echo "$OUT" | sed -n '/(Access-Accept)/,$p' # print from Access-Accept to the end 79 | ;; 80 | 81 | # print all the packets decoded 82 | 3) 83 | echo "" 84 | echo "$OUT" | awk '/RADIUS message/ {print} /Attribute/ {print} /Value/ {print}' 85 | ;; 86 | 87 | # print the raw output of eapol_test 88 | 4) 89 | echo "" 90 | echo "$OUT" 91 | ;; 92 | esac 93 | 94 | process_cert # also process certificates if wanted 95 | } 96 | # =========================================================================================== 97 | # extract the certificate directly from eapol_test output 98 | # params: 99 | # 1) file where to write the cert 100 | # 101 | # there are some cases, when certificate is not written to file by eapol_test, for example: 102 | # - when checking cert expiry there is a possibility that the server certificate already 103 | # expired and eapol_test failed to successfully authenticate based on some configuration options 104 | # When this happens eapol_test does not write the server cert (so it can be checked for expiry), 105 | # so we need to check eapol_test output directly 106 | # - when CA cert mismatch happens, no certificate is written to eapo_test output file 107 | # =========================================================================================== 108 | function extract_server_cert() 109 | { 110 | local hex 111 | local certs 112 | local cert_len 113 | local pos=0 114 | local header 115 | 116 | hex=$(echo "$OUT" | grep -A 1 '(handshake/certificate)' | head -2 | tail -1 | # get the server cert hexdump message 117 | cut -d ":" -f 3 | tr -d " " | # hex bytes 118 | tail -c +21) # all the certs that the server sent in hex. tail strips first 20 bytes (determined by experiment) which is probably some openssl header 119 | 120 | if [[ -z "$hex" ]] 121 | then 122 | return # no handshake/certificate string found in output 123 | fi 124 | 125 | while : 126 | do 127 | # there may be some EOC bytes after each processed cert 128 | # to overcome this, read 1 byte at a time and check if it matches cert header 129 | while [[ $pos -le ${#hex} ]] # reached end of hex string, end cert processing 130 | do 131 | header=${hex:$pos:4} # extract 2 byte cert header 132 | 133 | if [[ $header != "3082" ]] # header does not match hex bytes 3082 134 | then 135 | ((pos+=2)) # extract next byte 136 | continue 137 | else 138 | break # header found 139 | fi 140 | done 141 | 142 | if [[ $header != "3082" && $pos -gt ${#hex} ]] # header does not match hex bytes 3082 and pos is out of string 143 | then 144 | break # most likely some error 145 | fi 146 | 147 | ((pos+=4)) # set pos for extracting cert_len 148 | 149 | cert_len=${hex:$pos:4} # extract 2 byte cert length 150 | cert_len=$((0x$cert_len)) # convert to decimal 151 | 152 | ((pos-=4)) # set pos to beginning of the current cert 153 | 154 | if [[ -n "$certs" ]] 155 | then 156 | # cert len must be multiplied by 2 to get byte count, add header and cert len 157 | certs="$certs\n$(echo "${hex:$pos:$cert_len*2 + 8}" | xxd -r -p | openssl x509 -inform der)" # extract just the cert bytes and pass it to openssl 158 | else 159 | # cert len must be multiplied by 2 to get byte count, add header and cert len 160 | certs="$(echo "${hex:$pos:$cert_len*2 + 8}" | xxd -r -p | openssl x509 -inform der)" # extract just the cert bytes and pass it to openssl 161 | fi 162 | 163 | ((pos=$pos + $cert_len*2 + 8)) # set pos for processing next cert: header (2 bytes) + cert_len (2 bytes) + cert (*2 for bytes) + current pos 164 | done 165 | 166 | if [[ -n "$certs" ]] 167 | then 168 | echo -e "$certs" > "$1" 169 | fi 170 | } 171 | # =========================================================================================== 172 | # check if server certificate was requested and if it was retrieved 173 | # =========================================================================================== 174 | function save_server_cert() 175 | { 176 | if [[ -n "$CERT_LOCATION" ]] # cert file does not exist or is empty 177 | then 178 | extract_server_cert "$CERT_LOCATION" 179 | fi 180 | } 181 | # =========================================================================================== 182 | # process RADIUS certificate for expiry check 183 | # =========================================================================================== 184 | function process_cert_expiry() 185 | { 186 | if [[ -n "$CERT_LOCATION" ]] 187 | then 188 | 189 | if [[ ! -s "$CERT_LOCATION" ]] # cert file does not exist or is empty 190 | then 191 | PROG_OUT="CRITICAL: Certificate expiry check was requested, but the certificate was not retrieved." # probably timeout ? 192 | EXIT_CODE=$EXIT_CRITICAL 193 | return 1 # cert not retrieved 194 | else 195 | get_cert_info "$CERT_LOCATION" 196 | fi 197 | fi 198 | 199 | return 0 # no error 200 | } 201 | # =========================================================================================== 202 | # process RADIUS certificate 203 | # =========================================================================================== 204 | function process_cert() 205 | { 206 | if [[ -n "$GET_CERT" ]] # print cert only if it was requested (-X or -B does not imply -b) 207 | then 208 | if [[ ! -s "$CERT_LOCATION" ]] # cert file does not exist or is empty 209 | then 210 | echo "" 211 | echo "Certificate information was requested, but the certificate was not retrieved." # probably timeout ? 212 | else 213 | get_cert_info "$CERT_LOCATION" 214 | print_cert 215 | fi 216 | fi 217 | } 218 | # =========================================================================================== 219 | # print final output 220 | # =========================================================================================== 221 | function print_out() 222 | { 223 | echo "$PROG_OUT" # print the output 224 | 225 | if [[ $EXIT_CODE -eq $EXIT_UNKNOWN ]] 226 | then 227 | : # do not add extra verbose output when exiting with unknown status 228 | else 229 | verbose # add extra verbose output if the user wants it, also process certs if wanted 230 | fi 231 | 232 | cleanup # cleanup temp files 233 | } 234 | # =========================================================================================== 235 | # process results of the authentication and present them to the user 236 | # =========================================================================================== 237 | function process_auth_result() 238 | { 239 | EXIT_CODE=$EXIT_OK 240 | 241 | # preset output needed for most situations 242 | # 243 | # FIX: decimal separator in bc(1) is '.' regardless of the locale 244 | # rad_eap_test: Zeile 249: printf: .020428888: Ungültige Zahl. 245 | # rad_eap_test: Zeile 250: printf: 20.428888000: Ungültige Zahl. 246 | 247 | PROG_OUT=$( 248 | # fake numeric locale just for printf with format %f 249 | LC_ALL="C" printf "%s; %0.2f sec " "$STATUS_CODE" $TIME_SEC 250 | LC_ALL="C" printf "|rtt=%0.0fms;;;0;%d accept=1;0.5:;0:;0;1\n" $TIME_MSEC $((TIMEOUT * 1000)) 251 | ) 252 | 253 | # processing based on $RETURN_CODE 254 | case "$RETURN_CODE" in 255 | $RET_SUCC) # successful authentication 256 | ;; # nothing to do here, EXIT_CODE is preset to 0 257 | 258 | $RET_EAP_FAILED) # wrong username or password 259 | EXIT_CODE=$EXIT_WARNING;; 260 | 261 | $RET_RADIUS_NOT_AVAIL) # timeout 262 | EXIT_CODE=$EXIT_CRITICAL;; 263 | 264 | $RET_CERT_SUBJ_MISMATCH) # cert subject mismatch 265 | EXIT_CODE=$EXIT_CRITICAL;; 266 | 267 | $RET_CERT_CA_MISMATCH) # cert not matching specified CA 268 | PROG_OUT=$(echo "$PROG_OUT" ; echo ""; get_ca_cert_mismatch_details ) # add extra error info about mismatch here 269 | EXIT_CODE=$EXIT_CRITICAL;; 270 | 271 | $RET_CERT_CA_MISMATCH_INCOMPLETE) # cert not matching specified CA, incomplete CA chain 272 | EXIT_CODE=$EXIT_CRITICAL;; 273 | 274 | $RET_CERT_EXPIRED) # cert expired 275 | EXIT_CODE=$EXIT_CRITICAL;; 276 | 277 | $RET_CERT_IN_FUTURE) # cert issued in future 278 | EXIT_CODE=$EXIT_CRITICAL;; 279 | 280 | $RET_DOMAIN_MISMATCH) # domain mismatch 281 | EXIT_CODE=$EXIT_CRITICAL;; 282 | 283 | $RET_PASSWD_EXPIRED) # MSCHAPv2 password expired 284 | EXIT_CODE=$EXIT_WARNING;; 285 | 286 | $RET_EAPOL_TEST_FAILED) # eapol_test return code was nonzero 287 | PROG_OUT="eapol_test returned error: $OUT" 288 | EXIT_CODE=$EXIT_UNKNOWN;; 289 | 290 | *) # other case is probably error 291 | PROG_OUT=$(echo "Probably configuration error, examine config in \"$MYTMPDIR\". Return code: " $RETURN_CODE) 292 | EXIT_CODE=$EXIT_UNKNOWN;; 293 | esac 294 | 295 | test_cert_expiry # test cert expiry dates if requested, may override EXIT_CODE 296 | print_out # print output, add verbose output if requested and cleanup 297 | exit $EXIT_CODE # exit with $EXIT_CODE 298 | } 299 | # =========================================================================================== 300 | # run eapol_test and try to authenticate using the specified configuration 301 | # =========================================================================================== 302 | function run_eapol_test() 303 | { 304 | BEGIN=$(date +%s.%N) # start the "timer" 305 | 306 | # try to authenticate 307 | OUT=$($EAPOL_PROG -c "$CONF" -a "$IP" -p "$PORT" -s "$SECRET" -t "$TIMEOUT" -M "$MAC" -C "$CONN_INFO" $EXTRA_EAPOL_ARGS 2>&1) # save output as a variable 308 | EAPOL_PROG_RETCODE=$? # save the return code in case some error happened 309 | 310 | END=$(date +%s.%N) # end the "timer" 311 | } 312 | # =========================================================================================== 313 | # get details about domain name mismatch 314 | # =========================================================================================== 315 | function get_domain_mismatch_details() 316 | { 317 | # simple parsing of important info using awk 318 | echo "$OUT" | awk ' 319 | BEGIN { count = 0 } 320 | 321 | /TLS: Match domain against/,/TLS: Domain match/ { # everything between the two strings 322 | 323 | if(match($0, /^TLS: Match domain against.*/)) # ignore lines starting with "TLS: Match domain against." 324 | next 325 | 326 | if(match($0, /^TLS: None of the dNSName\(s\) matched.*/)) # ignore lines starting with "TLS: None of the dNSName(s) matched." 327 | next 328 | 329 | if(match($0, /^TLS: No CommonName match found*/)) # ignore lines starting with "TLS: No CommonName match found" 330 | next 331 | 332 | if((match($0, /^TLS: Certificate dNSName.*/) && count == 0) || (match($0, /^TLS: Certificate commonName.*/) && count == 0)) { # first occurrence of domain name or common name, ignore it 333 | count++ 334 | next 335 | } 336 | 337 | if(match($0, /^TLS: Certificate dNSName.*/) || match($0, /TLS: Certificate commonName.*/)) { # other dns names or common names, print comma after every domain name 338 | printf(", ") 339 | next 340 | } 341 | 342 | if(match($0, /^TLS: Domain match.*/)) { 343 | printf(" not matching %s", $4) # print the requested match 344 | exit(0) # end the program here 345 | } 346 | 347 | printf("%s", $NF) # print $NF 348 | } 349 | ' 350 | } 351 | # =========================================================================================== 352 | # get details about CA cert mismatch 353 | # use just CN from certs 354 | # =========================================================================================== 355 | function get_ca_cert_mismatch_details() 356 | { 357 | echo -n "'$(openssl x509 -nameopt utf8 -in "$CA_CRT" -noout -subject)'" 358 | 359 | if [[ -n "$CERT_LOCATION" && -s "$CERT_LOCATION" ]] 360 | then 361 | echo -n " is not matching '$(openssl x509 -nameopt utf8 -in "$CERT_LOCATION" -noout -issuer | tr -d "\n")'" 362 | fi 363 | } 364 | # =========================================================================================== 365 | # determine the return code of this program based on processing the eapol_test output 366 | # =========================================================================================== 367 | function determine_return_code() 368 | { 369 | # constants which define return codes based on eapol_test output 370 | local eap_fail1='CTRL-EVENT-EAP-FAILURE EAP authentication failed' 371 | local eap_fail2='EAP: Received EAP-Failure' 372 | local timeout='EAPOL test timed out' 373 | local succ1='SUCCESS' 374 | local succ2='CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully' 375 | local reject='Access-Reject' 376 | local cert_subj_mismatch="err='Subject mismatch'" 377 | local passwd_expired='EAP-MSCHAPV2: Password expired' 378 | 379 | # 2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate 380 | # the issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete. 381 | local ca_mismatch_incomplete_chain="err='unable to get issuer certificate'" # certificate not matching specified CA. Specified CA does not have full valid chain (missing root or intermediate certs). 382 | 383 | # from openssl man pages: 20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate 384 | # the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found. 385 | local ca_mismatch_cert_not_matching_ca="err='unable to get local issuer certificate'" # certificate not matching specified CA. Server cert does not match specified CA (different CA subject and issuer in server cert) 386 | 387 | local ca_mismatch_selfsign="err='self signed certificate in certificate chain'" # certificate not matching specified CA. Server is sending full chain with root which is self-signed 388 | 389 | local cert_expired="err='certificate has expired'" 390 | local cert_not_yet_valid="err='certificate is not yet valid'" 391 | local leaf_cert="depth=0" # Leaf certs are validated at depth 0. Intermediate certs (if any) and root are at numerically increasing depth. 392 | local domain_mismatch="err='Domain mismatch'" 393 | 394 | run_eapol_test 395 | 396 | # check if there was an error launching eapol_test 397 | if [[ $EAPOL_PROG_RETCODE -ne 0 ]] 398 | then 399 | RETURN_CODE=$RET_EAPOL_TEST_FAILED # eapol_test failed to execute 400 | STATUS_CODE="$OUT" 401 | fi 402 | 403 | # determine the RETURN_CODE based on specific constants used in eapol_test output 404 | if [[ "$OUT" =~ $succ1 || "$OUT" =~ $succ2 ]] 405 | then 406 | RETURN_CODE=$RET_SUCC # success 407 | STATUS_CODE="access-accept" 408 | 409 | elif [[ -n "$DOMAIN_MATCH" && "$OUT" =~ $domain_mismatch ]] # domain match was specified 410 | then 411 | RETURN_CODE=$RET_DOMAIN_MISMATCH # domain name mismatch 412 | STATUS_CODE="access-reject (domain mismatch [$(get_domain_mismatch_details)])" 413 | 414 | elif [[ -n "$SUBJ_MATCH" && "$OUT" =~ $cert_subj_mismatch ]] # certifitace subject was specified 415 | then 416 | RETURN_CODE=$RET_CERT_SUBJ_MISMATCH # certificate subject mismatch 417 | STATUS_CODE="access-reject (certificate subject mismatch [$(echo "$OUT" | grep 'did not match with' | sed 's/TLS: Subject //')])" 418 | 419 | elif [[ -n "$CA_CRT" && "$OUT" =~ $ca_mismatch_incomplete_chain ]] # CA was specified, but is incomplete 420 | then 421 | RETURN_CODE=$RET_CERT_CA_MISMATCH_INCOMPLETE # certificate not matching CA 422 | STATUS_CODE="access-reject (certificate not matching specified CA [used CA does not have a complete chain])" 423 | 424 | elif [[ -n "$CA_CRT" && "$OUT" =~ $ca_mismatch_cert_not_matching_ca ]] # CA was specified but does not match server cert 425 | then 426 | RETURN_CODE=$RET_CERT_CA_MISMATCH # certificate not matching CA 427 | STATUS_CODE="access-reject (certificate not matching specified CA)" 428 | 429 | elif [[ -n "$CA_CRT" && "$OUT" =~ $ca_mismatch_selfsign ]] # CA was specified but the server is sending a completely different chain 430 | then 431 | RETURN_CODE=$RET_CERT_CA_MISMATCH # certificate not matching CA 432 | STATUS_CODE="access-reject (certificate not matching specified CA)" 433 | 434 | elif [[ -n "$CA_CRT" && "$OUT" =~ $cert_expired && ! "(echo "$OUT" | grep "$cert_expired")" =~ $leaf_cert ]] # CA certificate expired (intermediate or root) 435 | then 436 | RETURN_CODE=$RET_CERT_EXPIRED # certificate expired 437 | STATUS_CODE="access-reject (CA certificate expired [$(echo "$OUT" | grep "$cert_expired" | sed 's/^.*subject/subject/; s/ err=.*//')])" 438 | 439 | # certificate expired (a more complex logic would be probably needed to distinguish end server and intermediate certs) 440 | elif [[ -n "$CA_CRT" && "$OUT" =~ $cert_expired && "(echo "$OUT" | grep "$cert_expired")" =~ $leaf_cert ]] 441 | then 442 | RETURN_CODE=$RET_CERT_EXPIRED # certificate expired 443 | STATUS_CODE="access-reject (certificate expired [$(echo "$OUT" | grep "$cert_expired" | sed 's/^.*subject/subject/; s/ err=.*//')])" 444 | 445 | # TODO - distinguish CA cert and server cert 446 | elif [[ -n "$CA_CRT" && "$OUT" =~ $cert_not_yet_valid ]] # certificate is not yet valid 447 | then 448 | RETURN_CODE=$RET_CERT_IN_FUTURE # certificate issued in future 449 | STATUS_CODE="access-reject (certificate is not yet valid [$(echo "$OUT" | grep "$cert_not_yet_valid" | sed 's/^.*subject/subject/; s/ err=.*//')])" 450 | 451 | elif [[ "$OUT" =~ $passwd_expired ]] # MSCHAPv2 password expiry 452 | then 453 | RETURN_CODE=$RET_PASSWD_EXPIRED 454 | STATUS_CODE="access-reject (password has expired)" 455 | elif [[ "$OUT" =~ $eap_fail1 || "$OUT" =~ $eap_fail2 || "$OUT" =~ $reject ]] 456 | then 457 | RETURN_CODE=$RET_EAP_FAILED # auth failed 458 | STATUS_CODE="access-reject" 459 | 460 | elif [[ "$OUT" =~ $timeout ]] 461 | then 462 | RETURN_CODE=$RET_RADIUS_NOT_AVAIL # timeout ? 463 | STATUS_CODE="timeout" 464 | fi 465 | 466 | save_server_cert # always save the server cert if the user requested it 467 | 468 | TIME_SEC=$(echo "$END - $BEGIN" | bc) # how long the authentication took in seconds 469 | TIME_MSEC=$(echo "$TIME_SEC * 1000" | bc) # how long the authentication took in milliseconds 470 | } 471 | # =========================================================================================== 472 | # cleanup temporary files 473 | # =========================================================================================== 474 | function cleanup() 475 | { 476 | if [[ $CLEANUP -eq 1 ]] 477 | then 478 | rm -r $MYTMPDIR # delete all temp files 479 | else 480 | echo "$OUT" > $OUTFILE # write raw eapol_test output to temp file 481 | 482 | echo "Leaving temporary files in $MYTMPDIR" 483 | echo -e "\tConfiguration: $CONF" 484 | echo -e "\tOutput: $OUTFILE" 485 | echo -e "\tRADIUS certificate: $CERT_LOCATION" 486 | fi 487 | } 488 | # =========================================================================================== 489 | # print certificate information 490 | # =========================================================================================== 491 | function print_cert() 492 | { 493 | printf "\n" 494 | printf "RADIUS server certificate information:\n" 495 | printf "%s\n" "$(echo -e "$CERT" | openssl x509 -nameopt utf8 -noout -issuer -subject -dates | # extract issuer, subject, dates 496 | sed 's/issuer=/Issuer: /; s/subject=/Subject: /; s/notBefore=/Validity\nNot Before: /; s/notAfter=/Not After: /')" # more readable output 497 | 498 | printf "%s\n" "$(echo "$cert_info" | grep 'DNS:' | sed 's/^[[:space:]]*//g')" # DNS names cannot be extracted directly by openssl 499 | } 500 | # =========================================================================================== 501 | # check that cert is end server cert - not root or intermediate cert 502 | # params: 503 | # 1) cert to check (as text) 504 | # =========================================================================================== 505 | function check_cert() 506 | { 507 | # we're only looking for cert that does not contain 'CA:TRUE' flag 508 | res=$(echo -e "$1" | openssl x509 -text -noout | grep 'CA:TRUE') 509 | 510 | if [[ -z "$res" ]] 511 | then 512 | return 0 # the cert is for end server 513 | else 514 | return 1 # intermediate or root 515 | fi 516 | } 517 | # =========================================================================================== 518 | # get RADIUS server certificate info 519 | # params: 520 | # 1) path to the cert 521 | # =========================================================================================== 522 | function get_cert_info() 523 | { 524 | in=false 525 | 526 | if [[ -n "$cert_info" && -n "$CERT" ]] # both $CERT and $cert_info already set, no need to process certs again 527 | then 528 | return 529 | fi 530 | 531 | # read cert file line by line 532 | while read line 533 | do 534 | if [[ "$in" = "true" ]] 535 | then 536 | CERT="$CERT\n$line" 537 | fi 538 | 539 | if [[ "$line" = "-----BEGIN CERTIFICATE-----" ]] 540 | then 541 | in=true 542 | CERT="$line" 543 | fi 544 | 545 | if [[ "$line" = "-----END CERTIFICATE-----" ]] 546 | then 547 | in=false 548 | check_cert "$CERT" 549 | 550 | if [[ $? -eq 0 ]] # correct cert 551 | then 552 | cert_info=$(echo -e "$CERT" | openssl x509 -nameopt utf8 -text -noout) 553 | break 554 | fi 555 | fi 556 | done < "$1" 557 | 558 | # no cert seemed correct as end server cert 559 | # take the last one processed 560 | if [[ -z "$cert_info" ]] 561 | then 562 | cert_info=$(echo -e "$CERT" | openssl x509 -nameopt utf8 -text -noout) 563 | fi 564 | } 565 | 566 | # =========================================================================================== 567 | # generate configuration for eapol_test 568 | # =========================================================================================== 569 | function generate_config() 570 | { 571 | echo "network={" > $CONF 572 | echo " ssid=\"$SSID\"" >> $CONF 573 | echo " key_mgmt=$METHOD" >> $CONF 574 | 575 | echo " eap=$EAP" >> $CONF 576 | 577 | if [[ "$EAP" = "PEAP" || "$EAP" = "TTLS" ]] 578 | then 579 | echo " pairwise=CCMP TKIP" >> $CONF 580 | echo " group=CCMP TKIP WEP104 WEP40" >> $CONF 581 | if [[ "$PHASE2" =~ ^EAP[_-] ]] ; then 582 | echo " phase2=\"autheap=${PHASE2#EAP[-_]}\"" >> $CONF 583 | else 584 | echo " phase2=\"auth=$PHASE2\"" >> $CONF 585 | fi 586 | fi 587 | 588 | if [[ -n "$PHASE1" ]] 589 | then 590 | echo " phase1=\"$PHASE1\"" >> $CONF 591 | fi 592 | 593 | if [[ ! -z "$CA_CRT" ]] 594 | then 595 | echo " ca_cert=\"$CA_CRT\"" >> $CONF 596 | fi 597 | 598 | echo " identity=\"$USERNAME\"" >> $CONF 599 | 600 | if [[ ! -z "$ANONYM_ID" ]] 601 | then 602 | echo " anonymous_identity=\"$ANONYM_ID\"" >> $CONF 603 | fi 604 | 605 | if [[ "$EAP" = "TLS" ]] 606 | then 607 | echo " client_cert=\"$USER_CRT\"" >> $CONF 608 | echo " private_key=\"$USER_KEY\"" >> $CONF 609 | 610 | if [[ ! -z "$KEY_PASS" ]] 611 | then 612 | echo " private_key_passwd=\"$KEY_PASS\"" >> $CONF 613 | fi 614 | else 615 | echo " password=\"$PASSWORD\"" >> $CONF 616 | fi 617 | 618 | if [[ -n "$SUBJ_MATCH" ]] 619 | then 620 | echo " subject_match=\"$SUBJ_MATCH\"" >> $CONF 621 | fi 622 | 623 | if [[ -n "$DOMAIN_MATCH" ]] 624 | then 625 | echo " domain_match=\"$DOMAIN_MATCH\"" >> $CONF 626 | fi 627 | 628 | echo "}" >> $CONF 629 | } 630 | # =========================================================================================== 631 | # print usage for the program 632 | # =========================================================================================== 633 | function usage() 634 | { 635 | echo "# this program is a wrapper for eapol_test from wpa_supplicant project 636 | # this script generates configuration for eapol_test and runs it 637 | # eapol_test is a program for testing RADIUS protocol and EAP authentication methods 638 | 639 | Parameters : 640 | -H
- Address of RADIUS server (DNS name or IP address). When using DNS name IPv4 address will be used unless -6 option is present. Both IPv4 or IPv6 addresses may be used. 641 | -P - Port of RADIUS server 642 | -S - Secret for RADIUS server communication 643 | -u - Username (user@realm.tld) 644 | -A - Anonymous identity (anonymous_user@realm.tld) 645 | -p - Password 646 | -t - Timeout (default is 5 seconds) 647 | -m - Method (WPA-EAP | IEEE8021X ) 648 | -v - Verbose (prints decoded last Access-accept packet) 649 | -c - Prints all packets decoded 650 | -s - SSID 651 | -e - EAP method (PEAP | TLS | TTLS | LEAP) 652 | -M - MAC address in xx:xx:xx:xx:xx:xx format 653 | -i - Connection info (in RADIUS log: connect from ) 654 | -d - Constraint for server domain name. FQDN is used as a full match requirement for the server certificate. Multiple values may be specified. Multiple values must be separated by semicollon. 655 | -k - user certificate key file 656 | -l - password for user certificate key file 657 | -j - user certificate file 658 | -a - certificate of CA 659 | -L - comma-separated list of TLS protocols to enable - select from: TLSv1,TLSv1.1,TLSv1.2,TLSv1.3 (translates to phase1 options, -1). 660 | -1 - set of options for phase1 (\"peapver=1 peaplabel=1\") 661 | -2 - Phase2 type (PAP,CHAP,MSCHAPV2,EAP-GTC) 662 | -x - Substring to be matched against the subject of the authentication server certificate. 663 | -N - Identify and do not delete temporary files 664 | -O - Operator-Name value in domain name format 665 | -I - explicitly specify NAS-IP-Address 666 | -C - request Chargeable-User-Identity 667 | -T - send Called-Station-Id in MAC:SSID format 668 | -f - send big access-request to cause fragmentation 669 | -b - print details about certificate of RADIUS server (whole certificate chain may be retrieved by eapol_test, there is a certain logic that tries to determine the end server cert and print it) 670 | -B - save certificate of RADIUS server to specified file 671 | -n - store temporary files in specified directory 672 | -g - print the entire unmodified output of eapol_test 673 | -V - Show received Chargeable-User-Identity and/or Operator-Name 674 | -X - check certificate expiry (whole certificate chain may be retrieved by eapol_test, there is a certain logic that tries to determine the end server cert which is checked for expiry) 675 | -6 - force use of IPv6 when using DNS name as RADIUS server address 676 | -4 - use IPv4 when using DNS name as RADIUS server address (this is the default, but the option exists for compatibility) 677 | -h - show this message 678 | " >&2 679 | exit 1 680 | } 681 | # =========================================================================================== 682 | # check configuration parameters, environment and various other things 683 | # =========================================================================================== 684 | function check_settings() 685 | { 686 | local tls10_disabled 687 | local tls11_disabled 688 | local tls12_disabled 689 | local tls13_disabled 690 | 691 | # check dependencies used in this script 692 | if [[ -z "$(which bc)" ]] 693 | then 694 | echo "bc is required by rad_eap_test, please install if first." 695 | return 1 696 | fi 697 | 698 | if [[ -z "$(which dig)" ]] 699 | then 700 | echo "dig is required by rad_eap_test, please install if first." 701 | return 1 702 | fi 703 | 704 | if [[ -z "$(which sed)" ]] 705 | then 706 | echo "sed is required by rad_eap_test, please install if first." 707 | return 1 708 | fi 709 | 710 | if [[ -z "$(which awk)" ]] 711 | then 712 | echo "awk is required by rad_eap_test, please install if first." 713 | return 1 714 | fi 715 | 716 | # check if eapol_test exists 717 | if [[ ! -e "$EAPOL_PROG" ]] 718 | then 719 | echo "eapol_test program \"$EAPOL_PROG\" not found" 720 | return 1 721 | fi 722 | 723 | # check if eapol_test is executable 724 | if [[ ! -x "$EAPOL_PROG" ]] 725 | then 726 | echo "eapol_test program \"$EAPOL_PROG\" is not executable" 727 | return 1 728 | fi 729 | 730 | if [[ -z "$ADDRESS" ]] 731 | then 732 | echo "Address of RADIUS server is not specified. (option -H)" 733 | return 1 734 | fi 735 | 736 | if [[ -z "$PORT" ]] 737 | then 738 | echo "Port of RADIUS server is not specified. (option -P)" 739 | return 1 740 | fi 741 | 742 | if [[ -z "$SECRET" ]] 743 | then 744 | echo "Secret for RADIUS server communication is not specified. (option -S)" 745 | return 1 746 | fi 747 | 748 | if [[ -z "$USERNAME" ]] 749 | then 750 | echo "Username is not specified. (option -u)" 751 | return 1 752 | fi 753 | 754 | if [[ -z "$EAP" ]] 755 | then 756 | echo "EAP method is not specified. (option -e)" 757 | return 1 758 | fi 759 | 760 | if [[ "$EAP" = "TLS" ]] 761 | then 762 | # we need certificate instead of password 763 | if [[ -z "$USER_CRT" ]] 764 | then 765 | echo "User certificate file is not specified (EAP TLS method is used). (option -j)" 766 | return 1 767 | fi 768 | 769 | if [[ ! -f "$USER_CRT" ]] 770 | then 771 | echo "User certificate file doesn't exist. (option -j)" 772 | return 1 773 | fi 774 | 775 | if [[ -z "$USER_KEY" ]] 776 | then 777 | echo "User key file is not specified (EAP TLS method is used). (option -k)" 778 | return 1 779 | fi 780 | 781 | if [[ ! -f "$USER_KEY" ]] 782 | then 783 | echo "User private key file doesn't exist. (option -k)" 784 | return 1 785 | fi 786 | 787 | else # $EAP != "TLS" 788 | if [[ -z "$PASSWORD" ]] 789 | then 790 | echo "Password is not specified. (option -p)" 791 | return 1 792 | fi 793 | fi 794 | 795 | if [[ -z "$METHOD" ]] 796 | then 797 | echo "Method is not specified. (option -m)" 798 | return 1 799 | fi 800 | 801 | if [[ -n "$CA_CRT" && ! -f "$CA_CRT" ]] 802 | then 803 | echo "Certificate authority file doesn't exist. (option -a)"; 804 | return 1 805 | fi 806 | 807 | if [[ -z "$SSID" ]] 808 | then 809 | SSID="eduroam"; 810 | fi 811 | 812 | if [[ -n "$TLS_PROTOCOLS" ]] 813 | then 814 | TLS_PROTOCOLS=",$TLS_PROTOCOLS," # for easier matching 815 | 816 | # For each TLS protocol, if included in the list, exit value will be 0 and the protocol will be enabled. 817 | [[ $TLS_PROTOCOLS =~ ,TLSv1, ]] ; tls10_disabled=$? 818 | [[ $TLS_PROTOCOLS =~ ,TLSv1\.1, ]] ; tls11_disabled=$? 819 | [[ $TLS_PROTOCOLS =~ ,TLSv1\.2, ]] ; tls12_disabled=$? 820 | [[ $TLS_PROTOCOLS =~ ,TLSv1\.3, ]] ; tls13_disabled=$? 821 | 822 | PHASE1="$PHASE1 tls_disable_tlsv1_0=$tls10_disabled tls_disable_tlsv1_1=$tls11_disabled tls_disable_tlsv1_2=$tls12_disabled tls_disable_tlsv1_3=$tls13_disabled" 823 | PHASE1="${PHASE1# }" # trim leading whitespace - introduced above if PHASE1 was initially empty 824 | fi 825 | 826 | if [[ -z "$PHASE2" ]] 827 | then 828 | PHASE2="MSCHAPV2" 829 | fi 830 | 831 | if [[ -n "$OPERATOR_NAME" ]] 832 | then 833 | # prefix the Operator_Name with NamespaceID value "1" (REALM) as per RFC5580 834 | EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -N126:s:1$OPERATOR_NAME" 835 | fi 836 | 837 | if [[ -n "$NAS_IP_ADDRESS" ]] 838 | then 839 | NAS_IP_ADDRESS_HEX=$(printf '%02x%02x%02x%02x' $(echo "$NAS_IP_ADDRESS" | tr '.' ' ' )) 840 | EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -N4:x:$NAS_IP_ADDRESS_HEX" 841 | fi 842 | 843 | if [[ -n "$REQUEST_CUI" ]] 844 | then 845 | EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -N89:x:00" 846 | fi 847 | 848 | if [[ -n "$FRAGMENT" ]] 849 | then 850 | for i in $(seq 1 6) 851 | do 852 | EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -N26:x:0000625A0BF961616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161" 853 | done 854 | fi 855 | 856 | if [[ -n "$CALLED_STATION_ID" ]] 857 | then 858 | DASHEDMAC=$(echo "$MAC" | tr ':a-z' '-A-Z') # replace ':' with '-' and convert all lowercase to uppercase 859 | EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -N30:s:$DASHEDMAC:$SSID" 860 | fi 861 | 862 | # address may be DNS name or an IPv4 address 863 | # IPv4 864 | IP=$(echo "$ADDRESS" | grep -P '^(\d{1,3}\.){3}\d{1,3}$') 865 | 866 | # IPv6 867 | if [[ -z "$IP" ]] # IPv6 regex taken from https://www.regextester.com/96774 868 | then 869 | IP=$(echo "$ADDRESS" | grep -P '^(?:(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){6})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:::(?:(?:(?:[0-9a-fA-F]{1,4})):){5})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){4})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,1}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){3})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,2}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){2})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,3}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:[0-9a-fA-F]{1,4})):)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,4}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,5}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,6}(?:(?:[0-9a-fA-F]{1,4})))?::))))$') 870 | fi 871 | 872 | if [[ -z "$IP" ]] 873 | then 874 | if [[ "$IPV6" == "YES" ]] 875 | then 876 | IP=$(dig +short "$ADDRESS" AAAA) 877 | else 878 | IP=$(dig +short "$ADDRESS") 879 | fi 880 | fi 881 | 882 | # Sanity check: did we get an IP address? 883 | if [[ -z "$IP" ]] 884 | then 885 | echo "Hostname $ADDRESS could not be resolved to an IP address." 886 | return 1 887 | fi 888 | 889 | # use specified directory for temp files if it was set 890 | if [[ -z "$TMPDIR" ]] 891 | then 892 | MYTMPDIR=$(mktemp -d /tmp/rad_eap_test.XXXXXX) 893 | else 894 | MYTMPDIR=$(mktemp -d $TMPDIR/rad_eap_test.XXXXXX) 895 | fi 896 | 897 | # configuration files 898 | CONF=$MYTMPDIR/tmp-$$.conf 899 | OUTFILE=$MYTMPDIR/tmp-$$.out 900 | 901 | # RADIUS server cert 902 | if [[ -n "$WRITE_CERT" ]] 903 | then 904 | #EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -o $WRITE_CERT" 905 | # eapol_test has some strange behavior (bugs?) which seriously affect it 906 | # when using output file for writing server certs. 907 | # This SHOULD be fixed in eapol_test code. 908 | # Instead of using eapol_test to extract server certs, 909 | # we rather implemented our own server certificate extraction directly from eapol_test output 910 | 911 | CERT_LOCATION="$WRITE_CERT" 912 | elif [[ -n "$GET_CERT" || -n "$CERTIFICATE_EXPIRY" ]] 913 | then 914 | #EXTRA_EAPOL_ARGS="$EXTRA_EAPOL_ARGS -o ${MYTMPDIR}/RADIUS_cert.pem" 915 | CERT_LOCATION="${MYTMPDIR}/RADIUS_cert.pem" 916 | fi 917 | 918 | return 0 919 | } 920 | # =========================================================================================== 921 | # process command line options and their arguments 922 | # =========================================================================================== 923 | function process_options() 924 | { 925 | while getopts "H:P:S:u:p:t:m:s:e:t:M:i:d:j:k:a:A:l:L:1:2:x:vcNO:I:CTfhbB:n:gVX:64" opt 926 | do 927 | case "$opt" in 928 | H) ADDRESS=$OPTARG;; 929 | P) PORT=$OPTARG;; 930 | S) SECRET=$OPTARG;; 931 | u) USERNAME=$OPTARG;; 932 | p) PASSWORD=$OPTARG;; 933 | t) TIMEOUT=$OPTARG;; 934 | m) METHOD=$OPTARG;; 935 | v) VERBOSE=2;; 936 | c) VERBOSE=3;; 937 | s) SSID=$OPTARG;; 938 | e) EAP=$OPTARG;; 939 | M) MAC=$OPTARG;; 940 | i) CONN_INFO=$OPTARG;; 941 | k) USER_KEY=$OPTARG;; 942 | j) USER_CRT=$OPTARG;; 943 | a) CA_CRT=$OPTARG;; 944 | A) ANONYM_ID=$OPTARG;; 945 | l) KEY_PASS=$OPTARG;; 946 | L) TLS_PROTOCOLS=$OPTARG;; 947 | 1) PHASE1="$OPTARG";; 948 | 2) PHASE2=$OPTARG;; 949 | N) CLEANUP=0;; 950 | x) SUBJ_MATCH=$OPTARG;; 951 | O) OPERATOR_NAME=$OPTARG;; 952 | I) NAS_IP_ADDRESS=$OPTARG;; 953 | C) REQUEST_CUI="YES";; 954 | T) CALLED_STATION_ID="YES";; 955 | f) FRAGMENT="YES";; 956 | b) GET_CERT="YES";; 957 | B) WRITE_CERT=$OPTARG;; 958 | n) TMPDIR=$OPTARG;; 959 | g) VERBOSE=4;; 960 | V) VERBOSE=1;; 961 | X) CERTIFICATE_EXPIRY=$OPTARG;; 962 | d) DOMAIN_MATCH="$OPTARG";; 963 | 6) IPV6="YES";; 964 | 4) IPV6="NO";; 965 | h) usage;; 966 | \?) usage;; 967 | esac 968 | done 969 | shift $((OPTIND-1)) 970 | } 971 | # =========================================================================================== 972 | # set the default configuration 973 | # =========================================================================================== 974 | function default_config() 975 | { 976 | # umask - make the files created readable only by the current user 977 | umask 0077 978 | 979 | # path to eapol_test 980 | # try to determine the path automatically first 981 | EAPOL_PROG=$(which eapol_test) 982 | 983 | if [[ -z "$EAPOL_PROG" ]] 984 | then 985 | # manually set the path if it wasn't determined automatically 986 | EAPOL_PROG=/usr/local/bin/eapol_test 987 | fi 988 | 989 | # default verbosity 990 | VERBOSE=0 991 | 992 | #default timeout 993 | TIMEOUT=5 994 | 995 | #default mac address 996 | MAC="70:6f:6c:69:73:68" 997 | 998 | # default connection info 999 | CONN_INFO="rad_eap_test + eapol_test" 1000 | 1001 | # return codes 1002 | RET_SUCC=3 1003 | RET_EAP_FAILED=4 1004 | RET_RADIUS_NOT_AVAIL=5 1005 | RET_CERT_SUBJ_MISMATCH=6 1006 | RET_CERT_CA_MISMATCH=7 1007 | RET_CERT_CA_MISMATCH_INCOMPLETE=8 1008 | RET_CERT_EXPIRED=9 1009 | RET_DOMAIN_MISMATCH=10 1010 | RET_EAPOL_TEST_FAILED=11 1011 | RET_CERT_IN_FUTURE=12 1012 | RET_PASSWD_EXPIRED=13 1013 | 1014 | # exit codes 1015 | EXIT_OK=0 1016 | EXIT_WARNING=1 1017 | EXIT_CRITICAL=2 1018 | EXIT_UNKNOWN=3 1019 | 1020 | # cleanup temporary files? 1021 | CLEANUP=1 1022 | } 1023 | # =========================================================================================== 1024 | # main function 1025 | # =========================================================================================== 1026 | function main() 1027 | { 1028 | default_config 1029 | process_options "$@" 1030 | check_settings 1031 | 1032 | if [[ $? -ne 0 ]] # print usage if some settings were incorrect 1033 | then 1034 | usage 1035 | fi 1036 | 1037 | generate_config 1038 | determine_return_code 1039 | process_auth_result 1040 | } 1041 | # =========================================================================================== 1042 | # set the handler for INT and TERM first 1043 | trap "cleanup ; exit 2" INT TERM 1044 | # =========================================================================================== 1045 | # run the main function 1046 | main "$@" 1047 | # =========================================================================================== 1048 | --------------------------------------------------------------------------------