summaryrefslogtreecommitdiffstats
path: root/plugins/check_radius.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_radius.c')
-rw-r--r--plugins/check_radius.c451
1 files changed, 221 insertions, 230 deletions
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index d9ff8fa7..646ffcbe 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -1,32 +1,32 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_radius plugin 3 * Monitoring check_radius plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 1999-2024 Monitoring Plugins Development Team 6 * Copyright (c) 1999-2024 Monitoring Plugins Development Team
7* 7 *
8* Description: 8 * Description:
9* 9 *
10* This file contains the check_radius plugin 10 * This file contains the check_radius plugin
11* 11 *
12* Tests to see if a radius server is accepting connections. 12 * Tests to see if a radius server is accepting connections.
13* 13 *
14* 14 *
15* This program is free software: you can redistribute it and/or modify 15 * This program is free software: you can redistribute it and/or modify
16* it under the terms of the GNU General Public License as published by 16 * it under the terms of the GNU General Public License as published by
17* the Free Software Foundation, either version 3 of the License, or 17 * the Free Software Foundation, either version 3 of the License, or
18* (at your option) any later version. 18 * (at your option) any later version.
19* 19 *
20* This program is distributed in the hope that it will be useful, 20 * This program is distributed in the hope that it will be useful,
21* but WITHOUT ANY WARRANTY; without even the implied warranty of 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23* GNU General Public License for more details. 23 * GNU General Public License for more details.
24* 24 *
25* You should have received a copy of the GNU General Public License 25 * You should have received a copy of the GNU General Public License
26* along with this program. If not, see <http://www.gnu.org/licenses/>. 26 * along with this program. If not, see <http://www.gnu.org/licenses/>.
27* 27 *
28* 28 *
29*****************************************************************************/ 29 *****************************************************************************/
30 30
31const char *progname = "check_radius"; 31const char *progname = "check_radius";
32const char *copyright = "2000-2024"; 32const char *copyright = "2000-2024";
@@ -37,45 +37,45 @@ const char *email = "devel@monitoring-plugins.org";
37#include "netutils.h" 37#include "netutils.h"
38 38
39#if defined(HAVE_LIBRADCLI) 39#if defined(HAVE_LIBRADCLI)
40#include <radcli/radcli.h> 40# include <radcli/radcli.h>
41#elif defined(HAVE_LIBFREERADIUS_CLIENT) 41#elif defined(HAVE_LIBFREERADIUS_CLIENT)
42#include <freeradius-client.h> 42# include <freeradius-client.h>
43#elif defined(HAVE_LIBRADIUSCLIENT_NG) 43#elif defined(HAVE_LIBRADIUSCLIENT_NG)
44#include <radiusclient-ng.h> 44# include <radiusclient-ng.h>
45#else 45#else
46#include <radiusclient.h> 46# include <radiusclient.h>
47#endif 47#endif
48 48
49static int process_arguments (int /*argc*/, char ** /*argv*/); 49static int process_arguments(int /*argc*/, char ** /*argv*/);
50static void print_help (void); 50static void print_help(void);
51void print_usage (void); 51void print_usage(void);
52 52
53#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI) 53#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI)
54#define my_rc_conf_str(a) rc_conf_str(rch,a) 54# define my_rc_conf_str(a) rc_conf_str(rch, a)
55#if defined(HAVE_LIBRADCLI) 55# if defined(HAVE_LIBRADCLI)
56#define my_rc_send_server(a,b) rc_send_server(rch,a,b,AUTH) 56# define my_rc_send_server(a, b) rc_send_server(rch, a, b, AUTH)
57#else 57# else
58#define my_rc_send_server(a,b) rc_send_server(rch,a,b) 58# define my_rc_send_server(a, b) rc_send_server(rch, a, b)
59#endif 59# endif
60#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADCLI) 60# if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADCLI)
61#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,(a)->secret,e,f) 61# define my_rc_buildreq(a, b, c, d, e, f) rc_buildreq(rch, a, b, c, d, (a)->secret, e, f)
62#else 62# else
63#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f) 63# define my_rc_buildreq(a, b, c, d, e, f) rc_buildreq(rch, a, b, c, d, e, f)
64#endif 64# endif
65#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d) 65# define my_rc_avpair_add(a, b, c, d) rc_avpair_add(rch, a, b, c, -1, d)
66#define my_rc_read_dictionary(a) rc_read_dictionary(rch, a) 66# define my_rc_read_dictionary(a) rc_read_dictionary(rch, a)
67#else 67#else
68#define my_rc_conf_str(a) rc_conf_str(a) 68# define my_rc_conf_str(a) rc_conf_str(a)
69#define my_rc_send_server(a,b) rc_send_server(a, b) 69# define my_rc_send_server(a, b) rc_send_server(a, b)
70#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(a,b,c,d,e,f) 70# define my_rc_buildreq(a, b, c, d, e, f) rc_buildreq(a, b, c, d, e, f)
71#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(a, b, c, d) 71# define my_rc_avpair_add(a, b, c, d) rc_avpair_add(a, b, c, d)
72#define my_rc_read_dictionary(a) rc_read_dictionary(a) 72# define my_rc_read_dictionary(a) rc_read_dictionary(a)
73#endif 73#endif
74 74
75/* REJECT_RC is only defined in some version of radiusclient. It has 75/* REJECT_RC is only defined in some version of radiusclient. It has
76 * been reported from radiusclient-ng 0.5.6 on FreeBSD 7.2-RELEASE */ 76 * been reported from radiusclient-ng 0.5.6 on FreeBSD 7.2-RELEASE */
77#ifndef REJECT_RC 77#ifndef REJECT_RC
78#define REJECT_RC BADRESP_RC 78# define REJECT_RC BADRESP_RC
79#endif 79#endif
80 80
81static int my_rc_read_config(char * /*a*/); 81static int my_rc_read_config(char * /*a*/);
@@ -148,11 +148,7 @@ Please note that all tags must be lowercase to use the DocBook XML DTD.
148-@@ 148-@@
149******************************************************************************/ 149******************************************************************************/
150 150
151 151int main(int argc, char **argv) {
152
153int
154main (int argc, char **argv)
155{
156 struct sockaddr_storage ss; 152 struct sockaddr_storage ss;
157 char name[HOST_NAME_MAX]; 153 char name[HOST_NAME_MAX];
158#ifdef RC_BUFFER_LEN 154#ifdef RC_BUFFER_LEN
@@ -165,131 +161,130 @@ main (int argc, char **argv)
165 uint32_t client_id, service; 161 uint32_t client_id, service;
166 char *str; 162 char *str;
167 163
168 setlocale (LC_ALL, ""); 164 setlocale(LC_ALL, "");
169 bindtextdomain (PACKAGE, LOCALEDIR); 165 bindtextdomain(PACKAGE, LOCALEDIR);
170 textdomain (PACKAGE); 166 textdomain(PACKAGE);
171 167
172 /* Parse extra opts if any */ 168 /* Parse extra opts if any */
173 argv=np_extra_opts (&argc, argv, progname); 169 argv = np_extra_opts(&argc, argv, progname);
174 170
175 if (process_arguments (argc, argv) == ERROR) 171 if (process_arguments(argc, argv) == ERROR) {
176 usage4 (_("Could not parse arguments")); 172 usage4(_("Could not parse arguments"));
173 }
177 174
178 str = strdup ("dictionary"); 175 str = strdup("dictionary");
179 if ((config_file && my_rc_read_config (config_file)) || 176 if ((config_file && my_rc_read_config(config_file)) || my_rc_read_dictionary(my_rc_conf_str(str))) {
180 my_rc_read_dictionary (my_rc_conf_str (str))) 177 die(STATE_UNKNOWN, _("Config file error\n"));
181 die (STATE_UNKNOWN, _("Config file error\n")); 178 }
182 179
183 service = PW_AUTHENTICATE_ONLY; 180 service = PW_AUTHENTICATE_ONLY;
184 181
185 memset (&data, 0, sizeof(data)); 182 memset(&data, 0, sizeof(data));
186 if (!(my_rc_avpair_add (&data.send_pairs, PW_SERVICE_TYPE, &service, 0) && 183 if (!(my_rc_avpair_add(&data.send_pairs, PW_SERVICE_TYPE, &service, 0) &&
187 my_rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) && 184 my_rc_avpair_add(&data.send_pairs, PW_USER_NAME, username, 0) &&
188 my_rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0) 185 my_rc_avpair_add(&data.send_pairs, PW_USER_PASSWORD, password, 0))) {
189 )) 186 die(STATE_UNKNOWN, _("Out of Memory?\n"));
190 die (STATE_UNKNOWN, _("Out of Memory?\n")); 187 }
191 188
192 if (nasid != NULL) { 189 if (nasid != NULL) {
193 if (!(my_rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))) 190 if (!(my_rc_avpair_add(&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))) {
194 die (STATE_UNKNOWN, _("Invalid NAS-Identifier\n")); 191 die(STATE_UNKNOWN, _("Invalid NAS-Identifier\n"));
192 }
195 } 193 }
196 194
197 if (nasipaddress == NULL) { 195 if (nasipaddress == NULL) {
198 if (gethostname (name, sizeof(name)) != 0) 196 if (gethostname(name, sizeof(name)) != 0) {
199 die (STATE_UNKNOWN, _("gethostname() failed!\n")); 197 die(STATE_UNKNOWN, _("gethostname() failed!\n"));
198 }
200 nasipaddress = name; 199 nasipaddress = name;
201 } 200 }
202 if (!dns_lookup (nasipaddress, &ss, AF_INET)) /* TODO: Support IPv6. */ 201 if (!dns_lookup(nasipaddress, &ss, AF_INET)) { /* TODO: Support IPv6. */
203 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 202 die(STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
204 client_id = ntohl (((struct sockaddr_in *)&ss)->sin_addr.s_addr); 203 }
205 if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) 204 client_id = ntohl(((struct sockaddr_in *)&ss)->sin_addr.s_addr);
206 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 205 if (my_rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) {
207 206 die(STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
208 my_rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval, 207 }
209 retries); 208
210 209 my_rc_buildreq(&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval, retries);
211 result = my_rc_send_server (&data, msg);
212 rc_avpair_free (data.send_pairs);
213 if (data.receive_pairs)
214 rc_avpair_free (data.receive_pairs);
215
216 if (result == TIMEOUT_RC)
217 die (STATE_CRITICAL, _("Timeout\n"));
218 if (result == ERROR_RC)
219 die (STATE_CRITICAL, _("Auth Error\n"));
220 if (result == REJECT_RC)
221 die (STATE_WARNING, _("Auth Failed\n"));
222 if (result == BADRESP_RC)
223 die (STATE_WARNING, _("Bad Response\n"));
224 if (expect && !strstr (msg, expect))
225 die (STATE_WARNING, "%s\n", msg);
226 if (result == OK_RC)
227 die (STATE_OK, _("Auth OK\n"));
228 (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result);
229 die (STATE_UNKNOWN, "%s\n", msg);
230}
231 210
211 result = my_rc_send_server(&data, msg);
212 rc_avpair_free(data.send_pairs);
213 if (data.receive_pairs) {
214 rc_avpair_free(data.receive_pairs);
215 }
232 216
217 if (result == TIMEOUT_RC) {
218 die(STATE_CRITICAL, _("Timeout\n"));
219 }
220 if (result == ERROR_RC) {
221 die(STATE_CRITICAL, _("Auth Error\n"));
222 }
223 if (result == REJECT_RC) {
224 die(STATE_WARNING, _("Auth Failed\n"));
225 }
226 if (result == BADRESP_RC) {
227 die(STATE_WARNING, _("Bad Response\n"));
228 }
229 if (expect && !strstr(msg, expect)) {
230 die(STATE_WARNING, "%s\n", msg);
231 }
232 if (result == OK_RC) {
233 die(STATE_OK, _("Auth OK\n"));
234 }
235 (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result);
236 die(STATE_UNKNOWN, "%s\n", msg);
237}
233 238
234/* process command-line arguments */ 239/* process command-line arguments */
235int 240int process_arguments(int argc, char **argv) {
236process_arguments (int argc, char **argv)
237{
238 int c; 241 int c;
239 242
240 int option = 0; 243 int option = 0;
241 static struct option longopts[] = { 244 static struct option longopts[] = {{"hostname", required_argument, 0, 'H'}, {"port", required_argument, 0, 'P'},
242 {"hostname", required_argument, 0, 'H'}, 245 {"username", required_argument, 0, 'u'}, {"password", required_argument, 0, 'p'},
243 {"port", required_argument, 0, 'P'}, 246 {"nas-id", required_argument, 0, 'n'}, {"nas-ip-address", required_argument, 0, 'N'},
244 {"username", required_argument, 0, 'u'}, 247 {"filename", required_argument, 0, 'F'}, {"expect", required_argument, 0, 'e'},
245 {"password", required_argument, 0, 'p'}, 248 {"retries", required_argument, 0, 'r'}, {"timeout", required_argument, 0, 't'},
246 {"nas-id", required_argument, 0, 'n'}, 249 {"verbose", no_argument, 0, 'v'}, {"version", no_argument, 0, 'V'},
247 {"nas-ip-address", required_argument, 0, 'N'}, 250 {"help", no_argument, 0, 'h'}, {0, 0, 0, 0}};
248 {"filename", required_argument, 0, 'F'},
249 {"expect", required_argument, 0, 'e'},
250 {"retries", required_argument, 0, 'r'},
251 {"timeout", required_argument, 0, 't'},
252 {"verbose", no_argument, 0, 'v'},
253 {"version", no_argument, 0, 'V'},
254 {"help", no_argument, 0, 'h'},
255 {0, 0, 0, 0}
256 };
257 251
258 while (1) { 252 while (1) {
259 c = getopt_long (argc, argv, "+hVvH:P:F:u:p:n:N:t:r:e:", longopts, 253 c = getopt_long(argc, argv, "+hVvH:P:F:u:p:n:N:t:r:e:", longopts, &option);
260 &option);
261 254
262 if (c == -1 || c == EOF || c == 1) 255 if (c == -1 || c == EOF || c == 1) {
263 break; 256 break;
257 }
264 258
265 switch (c) { 259 switch (c) {
266 case '?': /* print short usage statement if args not parsable */ 260 case '?': /* print short usage statement if args not parsable */
267 usage5 (); 261 usage5();
268 case 'h': /* help */ 262 case 'h': /* help */
269 print_help (); 263 print_help();
270 exit (STATE_UNKNOWN); 264 exit(STATE_UNKNOWN);
271 case 'V': /* version */ 265 case 'V': /* version */
272 print_revision (progname, NP_VERSION); 266 print_revision(progname, NP_VERSION);
273 exit (STATE_UNKNOWN); 267 exit(STATE_UNKNOWN);
274 case 'v': /* verbose mode */ 268 case 'v': /* verbose mode */
275 verbose = true; 269 verbose = true;
276 break; 270 break;
277 case 'H': /* hostname */ 271 case 'H': /* hostname */
278 if (!is_host (optarg)) { 272 if (!is_host(optarg)) {
279 usage2 (_("Invalid hostname/address"), optarg); 273 usage2(_("Invalid hostname/address"), optarg);
280 } 274 }
281 server = optarg; 275 server = optarg;
282 break; 276 break;
283 case 'P': /* port */ 277 case 'P': /* port */
284 if (is_intnonneg (optarg)) 278 if (is_intnonneg(optarg)) {
285 port = (unsigned short)atoi (optarg); 279 port = (unsigned short)atoi(optarg);
286 else 280 } else {
287 usage4 (_("Port must be a positive integer")); 281 usage4(_("Port must be a positive integer"));
282 }
288 break; 283 break;
289 case 'u': /* username */ 284 case 'u': /* username */
290 username = optarg; 285 username = optarg;
291 break; 286 break;
292 case 'p': /* password */ 287 case 'p': /* password */
293 password = strdup(optarg); 288 password = strdup(optarg);
294 289
295 /* Delete the password from process list */ 290 /* Delete the password from process list */
@@ -298,115 +293,111 @@ process_arguments (int argc, char **argv)
298 optarg++; 293 optarg++;
299 } 294 }
300 break; 295 break;
301 case 'n': /* nas id */ 296 case 'n': /* nas id */
302 nasid = optarg; 297 nasid = optarg;
303 break; 298 break;
304 case 'N': /* nas ip address */ 299 case 'N': /* nas ip address */
305 nasipaddress = optarg; 300 nasipaddress = optarg;
306 break; 301 break;
307 case 'F': /* configuration file */ 302 case 'F': /* configuration file */
308 config_file = optarg; 303 config_file = optarg;
309 break; 304 break;
310 case 'e': /* expect */ 305 case 'e': /* expect */
311 expect = optarg; 306 expect = optarg;
312 break; 307 break;
313 case 'r': /* retries */ 308 case 'r': /* retries */
314 if (is_intpos (optarg)) 309 if (is_intpos(optarg)) {
315 retries = atoi (optarg); 310 retries = atoi(optarg);
316 else 311 } else {
317 usage4 (_("Number of retries must be a positive integer")); 312 usage4(_("Number of retries must be a positive integer"));
313 }
318 break; 314 break;
319 case 't': /* timeout */ 315 case 't': /* timeout */
320 if (is_intpos (optarg)) 316 if (is_intpos(optarg)) {
321 timeout_interval = (unsigned)atoi (optarg); 317 timeout_interval = (unsigned)atoi(optarg);
322 else 318 } else {
323 usage2 (_("Timeout interval must be a positive integer"), optarg); 319 usage2(_("Timeout interval must be a positive integer"), optarg);
320 }
324 break; 321 break;
325 } 322 }
326 } 323 }
327 324
328 if (server == NULL) 325 if (server == NULL) {
329 usage4 (_("Hostname was not supplied")); 326 usage4(_("Hostname was not supplied"));
330 if (username == NULL) 327 }
331 usage4 (_("User not specified")); 328 if (username == NULL) {
332 if (password == NULL) 329 usage4(_("User not specified"));
333 usage4 (_("Password not specified")); 330 }
334 if (config_file == NULL) 331 if (password == NULL) {
335 usage4 (_("Configuration file not specified")); 332 usage4(_("Password not specified"));
333 }
334 if (config_file == NULL) {
335 usage4(_("Configuration file not specified"));
336 }
336 337
337 return OK; 338 return OK;
338} 339}
339 340
340 341void print_help(void) {
341
342void
343print_help (void)
344{
345 char *myport; 342 char *myport;
346 xasprintf (&myport, "%d", PW_AUTH_UDP_PORT); 343 xasprintf(&myport, "%d", PW_AUTH_UDP_PORT);
347 344
348 print_revision (progname, NP_VERSION); 345 print_revision(progname, NP_VERSION);
349 346
350 printf ("Copyright (c) 1999 Robert August Vincent II\n"); 347 printf("Copyright (c) 1999 Robert August Vincent II\n");
351 printf (COPYRIGHT, copyright, email); 348 printf(COPYRIGHT, copyright, email);
352 349
353 printf("%s\n", _("Tests to see if a RADIUS server is accepting connections.")); 350 printf("%s\n", _("Tests to see if a RADIUS server is accepting connections."));
354 351
355 printf ("\n\n"); 352 printf("\n\n");
356 353
357 print_usage (); 354 print_usage();
358 355
359 printf (UT_HELP_VRSN); 356 printf(UT_HELP_VRSN);
360 printf (UT_EXTRA_OPTS); 357 printf(UT_EXTRA_OPTS);
361 358
362 printf (UT_HOST_PORT, 'P', myport); 359 printf(UT_HOST_PORT, 'P', myport);
363 360
364 printf (" %s\n", "-u, --username=STRING"); 361 printf(" %s\n", "-u, --username=STRING");
365 printf (" %s\n", _("The user to authenticate")); 362 printf(" %s\n", _("The user to authenticate"));
366 printf (" %s\n", "-p, --password=STRING"); 363 printf(" %s\n", "-p, --password=STRING");
367 printf (" %s\n", _("Password for authentication (SECURITY RISK)")); 364 printf(" %s\n", _("Password for authentication (SECURITY RISK)"));
368 printf (" %s\n", "-n, --nas-id=STRING"); 365 printf(" %s\n", "-n, --nas-id=STRING");
369 printf (" %s\n", _("NAS identifier")); 366 printf(" %s\n", _("NAS identifier"));
370 printf (" %s\n", "-N, --nas-ip-address=STRING"); 367 printf(" %s\n", "-N, --nas-ip-address=STRING");
371 printf (" %s\n", _("NAS IP Address")); 368 printf(" %s\n", _("NAS IP Address"));
372 printf (" %s\n", "-F, --filename=STRING"); 369 printf(" %s\n", "-F, --filename=STRING");
373 printf (" %s\n", _("Configuration file")); 370 printf(" %s\n", _("Configuration file"));
374 printf (" %s\n", "-e, --expect=STRING"); 371 printf(" %s\n", "-e, --expect=STRING");
375 printf (" %s\n", _("Response string to expect from the server")); 372 printf(" %s\n", _("Response string to expect from the server"));
376 printf (" %s\n", "-r, --retries=INTEGER"); 373 printf(" %s\n", "-r, --retries=INTEGER");
377 printf (" %s\n", _("Number of times to retry a failed connection")); 374 printf(" %s\n", _("Number of times to retry a failed connection"));
378 375
379 printf (UT_CONN_TIMEOUT, timeout_interval); 376 printf(UT_CONN_TIMEOUT, timeout_interval);
380 377
381 printf ("\n"); 378 printf("\n");
382 printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections.")); 379 printf("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections."));
383 printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user")); 380 printf("%s\n", _("The server to test must be specified in the invocation, as well as a user"));
384 printf ("%s\n", _("name and password. A configuration file must be present. The format of")); 381 printf("%s\n", _("name and password. A configuration file must be present. The format of"));
385 printf ("%s\n", _("the configuration file is described in the radiusclient library sources.")); 382 printf("%s\n", _("the configuration file is described in the radiusclient library sources."));
386 printf ("%s\n", _("The password option presents a substantial security issue because the")); 383 printf("%s\n", _("The password option presents a substantial security issue because the"));
387 printf ("%s\n", _("password can possibly be determined by careful watching of the command line")); 384 printf("%s\n", _("password can possibly be determined by careful watching of the command line"));
388 printf ("%s\n", _("in a process listing. This risk is exacerbated because the plugin will")); 385 printf("%s\n", _("in a process listing. This risk is exacerbated because the plugin will"));
389 printf ("%s\n", _("typically be executed at regular predictable intervals. Please be sure that")); 386 printf("%s\n", _("typically be executed at regular predictable intervals. Please be sure that"));
390 printf ("%s\n", _("the password used does not allow access to sensitive system resources.")); 387 printf("%s\n", _("the password used does not allow access to sensitive system resources."));
391 388
392 printf (UT_SUPPORT); 389 printf(UT_SUPPORT);
393} 390}
394 391
395 392void print_usage(void) {
396 393 printf("%s\n", _("Usage:"));
397void 394 printf("%s -H host -F config_file -u username -p password\n\
398print_usage (void)
399{
400 printf ("%s\n", _("Usage:"));
401 printf ("%s -H host -F config_file -u username -p password\n\
402 [-P port] [-t timeout] [-r retries] [-e expect]\n\ 395 [-P port] [-t timeout] [-r retries] [-e expect]\n\
403 [-n nas-id] [-N nas-ip-addr]\n", progname); 396 [-n nas-id] [-N nas-ip-addr]\n",
397 progname);
404} 398}
405 399
406 400int my_rc_read_config(char *a) {
407
408int my_rc_read_config(char * a)
409{
410#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI) 401#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI)
411 rch = rc_read_config(a); 402 rch = rc_read_config(a);
412 return (rch == NULL) ? 1 : 0; 403 return (rch == NULL) ? 1 : 0;