radius.c revision 58032 
143313Sbrian/*
243313Sbrian * Copyright 1999 Internet Business Solutions Ltd., Switzerland
343313Sbrian * All rights reserved.
443313Sbrian *
543313Sbrian * Redistribution and use in source and binary forms, with or without
643313Sbrian * modification, are permitted provided that the following conditions
743313Sbrian * are met:
843313Sbrian * 1. Redistributions of source code must retain the above copyright
943313Sbrian *    notice, this list of conditions and the following disclaimer.
1043313Sbrian * 2. Redistributions in binary form must reproduce the above copyright
1143313Sbrian *    notice, this list of conditions and the following disclaimer in the
1243313Sbrian *    documentation and/or other materials provided with the distribution.
1343313Sbrian *
1443313Sbrian * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1543313Sbrian * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1643313Sbrian * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1743313Sbrian * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1843313Sbrian * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1943313Sbrian * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2043313Sbrian * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2143313Sbrian * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2243313Sbrian * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2343313Sbrian * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2443313Sbrian * SUCH DAMAGE.
2543313Sbrian *
2650479Speter * $FreeBSD: head/usr.sbin/ppp/radius.c 58032 2000-03-14 01:46:44Z brian $
2743313Sbrian *
2843313Sbrian */
2943313Sbrian
3043313Sbrian#include <sys/param.h>
3158032Sbrian#include <sys/socket.h>
3243313Sbrian#include <netinet/in_systm.h>
3343313Sbrian#include <netinet/in.h>
3443313Sbrian#include <netinet/ip.h>
3543313Sbrian#include <arpa/inet.h>
3643313Sbrian#include <sys/un.h>
3758032Sbrian#include <net/route.h>
3843313Sbrian
3943313Sbrian#include <errno.h>
4043313Sbrian#include <radlib.h>
4143313Sbrian#include <stdio.h>
4243313Sbrian#include <stdlib.h>
4343313Sbrian#include <string.h>
4443693Sbrian#include <sys/time.h>
4543313Sbrian#include <termios.h>
4650840Sbrian#include <ttyent.h>
4750840Sbrian#include <unistd.h>
4850840Sbrian#include <netdb.h>
4943313Sbrian
5046686Sbrian#include "layer.h"
5143313Sbrian#include "defs.h"
5243313Sbrian#include "log.h"
5343313Sbrian#include "descriptor.h"
5443313Sbrian#include "prompt.h"
5543313Sbrian#include "timer.h"
5643313Sbrian#include "fsm.h"
5743313Sbrian#include "iplist.h"
5843313Sbrian#include "slcompress.h"
5943313Sbrian#include "throughput.h"
6043313Sbrian#include "lqr.h"
6143313Sbrian#include "hdlc.h"
6243313Sbrian#include "mbuf.h"
6343313Sbrian#include "ipcp.h"
6443313Sbrian#include "route.h"
6543313Sbrian#include "command.h"
6643313Sbrian#include "filter.h"
6743313Sbrian#include "lcp.h"
6843313Sbrian#include "ccp.h"
6943313Sbrian#include "link.h"
7043313Sbrian#include "mp.h"
7143313Sbrian#include "radius.h"
7243693Sbrian#include "auth.h"
7343693Sbrian#include "async.h"
7443693Sbrian#include "physical.h"
7543693Sbrian#include "chat.h"
7643693Sbrian#include "cbcp.h"
7743693Sbrian#include "chap.h"
7843693Sbrian#include "datalink.h"
7943313Sbrian#include "bundle.h"
8043313Sbrian
8143693Sbrian/*
8243693Sbrian * rad_continue_send_request() has given us `got' (non-zero).  Deal with it.
8343693Sbrian */
8443693Sbrianstatic void
8543693Sbrianradius_Process(struct radius *r, int got)
8643313Sbrian{
8743313Sbrian  char *argv[MAXARGS], *nuke;
8843693Sbrian  struct bundle *bundle;
8945910Sbrian  int argc, addrs;
9045910Sbrian  size_t len;
9143313Sbrian  struct in_range dest;
9243313Sbrian  struct in_addr gw;
9343693Sbrian  const void *data;
9443313Sbrian
9543693Sbrian  r->cx.fd = -1;		/* Stop select()ing */
9643313Sbrian
9743313Sbrian  switch (got) {
9843313Sbrian    case RAD_ACCESS_ACCEPT:
9943693Sbrian      log_Printf(LogPHASE, "Radius: ACCEPT received\n");
10043313Sbrian      break;
10143313Sbrian
10243693Sbrian    case RAD_ACCESS_REJECT:
10343693Sbrian      log_Printf(LogPHASE, "Radius: REJECT received\n");
10443693Sbrian      auth_Failure(r->cx.auth);
10543693Sbrian      rad_close(r->cx.rad);
10643693Sbrian      return;
10743693Sbrian
10843313Sbrian    case RAD_ACCESS_CHALLENGE:
10943313Sbrian      /* we can't deal with this (for now) ! */
11043693Sbrian      log_Printf(LogPHASE, "Radius: CHALLENGE received (can't handle yet)\n");
11143693Sbrian      auth_Failure(r->cx.auth);
11243693Sbrian      rad_close(r->cx.rad);
11343693Sbrian      return;
11443313Sbrian
11543313Sbrian    case -1:
11643693Sbrian      log_Printf(LogPHASE, "radius: %s\n", rad_strerror(r->cx.rad));
11743693Sbrian      auth_Failure(r->cx.auth);
11843693Sbrian      rad_close(r->cx.rad);
11943693Sbrian      return;
12043313Sbrian
12143313Sbrian    default:
12243313Sbrian      log_Printf(LogERROR, "rad_send_request: Failed %d: %s\n",
12343693Sbrian                 got, rad_strerror(r->cx.rad));
12443693Sbrian      auth_Failure(r->cx.auth);
12543693Sbrian      rad_close(r->cx.rad);
12643693Sbrian      return;
12743313Sbrian  }
12843313Sbrian
12943313Sbrian  /* So we've been accepted !  Let's see what we've got in our reply :-I */
13043313Sbrian  r->ip.s_addr = r->mask.s_addr = INADDR_NONE;
13143313Sbrian  r->mtu = 0;
13243313Sbrian  r->vj = 0;
13343693Sbrian  while ((got = rad_get_attr(r->cx.rad, &data, &len)) > 0) {
13443313Sbrian    switch (got) {
13543313Sbrian      case RAD_FRAMED_IP_ADDRESS:
13643313Sbrian        r->ip = rad_cvt_addr(data);
13743693Sbrian        log_Printf(LogPHASE, "        IP %s\n", inet_ntoa(r->ip));
13843313Sbrian        break;
13943313Sbrian
14043313Sbrian      case RAD_FRAMED_IP_NETMASK:
14143313Sbrian        r->mask = rad_cvt_addr(data);
14243693Sbrian        log_Printf(LogPHASE, "        Netmask %s\n", inet_ntoa(r->mask));
14343313Sbrian        break;
14443313Sbrian
14543313Sbrian      case RAD_FRAMED_MTU:
14643313Sbrian        r->mtu = rad_cvt_int(data);
14743693Sbrian        log_Printf(LogPHASE, "        MTU %lu\n", r->mtu);
14843313Sbrian        break;
14943313Sbrian
15043313Sbrian      case RAD_FRAMED_ROUTING:
15143313Sbrian        /* Disabled for now - should we automatically set up some filters ? */
15243313Sbrian        /* rad_cvt_int(data); */
15343313Sbrian        /* bit 1 = Send routing packets */
15443313Sbrian        /* bit 2 = Receive routing packets */
15543313Sbrian        break;
15643313Sbrian
15743313Sbrian      case RAD_FRAMED_COMPRESSION:
15843313Sbrian        r->vj = rad_cvt_int(data) == 1 ? 1 : 0;
15943693Sbrian        log_Printf(LogPHASE, "        VJ %sabled\n", r->vj ? "en" : "dis");
16043313Sbrian        break;
16143313Sbrian
16243313Sbrian      case RAD_FRAMED_ROUTE:
16343313Sbrian        /*
16443313Sbrian         * We expect a string of the format ``dest[/bits] gw [metrics]''
16543313Sbrian         * Any specified metrics are ignored.  MYADDR and HISADDR are
16643313Sbrian         * understood for ``dest'' and ``gw'' and ``0.0.0.0'' is the same
16743313Sbrian         * as ``HISADDR''.
16843313Sbrian         */
16943313Sbrian
17043313Sbrian        if ((nuke = rad_cvt_string(data, len)) == NULL) {
17143693Sbrian          log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad));
17243693Sbrian          rad_close(r->cx.rad);
17343693Sbrian          return;
17443313Sbrian        }
17543313Sbrian
17643693Sbrian        log_Printf(LogPHASE, "        Route: %s\n", nuke);
17743693Sbrian        bundle = r->cx.auth->physical->dl->bundle;
17843313Sbrian        dest.ipaddr.s_addr = dest.mask.s_addr = INADDR_ANY;
17943313Sbrian        dest.width = 0;
18043313Sbrian        argc = command_Interpret(nuke, strlen(nuke), argv);
18154914Sbrian        if (argc < 0)
18254914Sbrian          log_Printf(LogWARN, "radius: %s: Syntax error\n",
18354914Sbrian                     argc == 1 ? argv[0] : "\"\"");
18454914Sbrian        else if (argc < 2)
18543313Sbrian          log_Printf(LogWARN, "radius: %s: Invalid route\n",
18643313Sbrian                     argc == 1 ? argv[0] : "\"\"");
18743313Sbrian        else if ((strcasecmp(argv[0], "default") != 0 &&
18843313Sbrian                  !ParseAddr(&bundle->ncp.ipcp, argv[0], &dest.ipaddr,
18943313Sbrian                             &dest.mask, &dest.width)) ||
19043313Sbrian                 !ParseAddr(&bundle->ncp.ipcp, argv[1], &gw, NULL, NULL))
19143313Sbrian          log_Printf(LogWARN, "radius: %s %s: Invalid route\n",
19243313Sbrian                     argv[0], argv[1]);
19343313Sbrian        else {
19443313Sbrian          if (dest.width == 32 && strchr(argv[0], '/') == NULL)
19543313Sbrian            /* No mask specified - use the natural mask */
19644455Sbrian            dest.mask = addr2mask(dest.ipaddr);
19743313Sbrian          addrs = 0;
19843313Sbrian
19943313Sbrian          if (!strncasecmp(argv[0], "HISADDR", 7))
20043313Sbrian            addrs = ROUTE_DSTHISADDR;
20143313Sbrian          else if (!strncasecmp(argv[0], "MYADDR", 6))
20243313Sbrian            addrs = ROUTE_DSTMYADDR;
20343313Sbrian
20443313Sbrian          if (gw.s_addr == INADDR_ANY) {
20543313Sbrian            addrs |= ROUTE_GWHISADDR;
20643313Sbrian            gw = bundle->ncp.ipcp.peer_ip;
20743313Sbrian          } else if (strcasecmp(argv[1], "HISADDR") == 0)
20843313Sbrian            addrs |= ROUTE_GWHISADDR;
20943313Sbrian
21043313Sbrian          route_Add(&r->routes, addrs, dest.ipaddr, dest.mask, gw);
21143313Sbrian        }
21243313Sbrian        free(nuke);
21343313Sbrian        break;
21443313Sbrian    }
21543313Sbrian  }
21643313Sbrian
21743313Sbrian  if (got == -1) {
21843693Sbrian    log_Printf(LogERROR, "rad_get_attr: %s (failing!)\n",
21943693Sbrian               rad_strerror(r->cx.rad));
22043693Sbrian    auth_Failure(r->cx.auth);
22143693Sbrian    rad_close(r->cx.rad);
22243693Sbrian  } else {
22343693Sbrian    r->valid = 1;
22443693Sbrian    auth_Success(r->cx.auth);
22543693Sbrian    rad_close(r->cx.rad);
22643313Sbrian  }
22743693Sbrian}
22843313Sbrian
22943693Sbrian/*
23058028Sbrian * We've either timed out or select()ed on the read fdescriptor
23143693Sbrian */
23243693Sbrianstatic void
23343693Sbrianradius_Continue(struct radius *r, int sel)
23443693Sbrian{
23543693Sbrian  struct timeval tv;
23643693Sbrian  int got;
23743313Sbrian
23843693Sbrian  timer_Stop(&r->cx.timer);
23943693Sbrian  if ((got = rad_continue_send_request(r->cx.rad, sel, &r->cx.fd, &tv)) == 0) {
24043693Sbrian    log_Printf(LogPHASE, "Radius: Request re-sent\n");
24143693Sbrian    r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS;
24243693Sbrian    timer_Start(&r->cx.timer);
24343693Sbrian    return;
24443693Sbrian  }
24543693Sbrian
24643693Sbrian  radius_Process(r, got);
24743313Sbrian}
24843313Sbrian
24943693Sbrian/*
25043693Sbrian * Time to call rad_continue_send_request() - timed out.
25143693Sbrian */
25243693Sbrianstatic void
25343693Sbrianradius_Timeout(void *v)
25443693Sbrian{
25543693Sbrian  radius_Continue((struct radius *)v, 0);
25643693Sbrian}
25743693Sbrian
25843693Sbrian/*
25943693Sbrian * Time to call rad_continue_send_request() - something to read.
26043693Sbrian */
26143693Sbrianstatic void
26258028Sbrianradius_Read(struct fdescriptor *d, struct bundle *bundle, const fd_set *fdset)
26343693Sbrian{
26443693Sbrian  radius_Continue(descriptor2radius(d), 1);
26543693Sbrian}
26643693Sbrian
26743693Sbrian/*
26858028Sbrian * Behave as a struct fdescriptor (fdescriptor.h)
26943693Sbrian */
27043693Sbrianstatic int
27158028Sbrianradius_UpdateSet(struct fdescriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n)
27243693Sbrian{
27343693Sbrian  struct radius *rad = descriptor2radius(d);
27443693Sbrian
27543693Sbrian  if (r && rad->cx.fd != -1) {
27643693Sbrian    FD_SET(rad->cx.fd, r);
27743693Sbrian    if (*n < rad->cx.fd + 1)
27843693Sbrian      *n = rad->cx.fd + 1;
27943693Sbrian    log_Printf(LogTIMER, "Radius: fdset(r) %d\n", rad->cx.fd);
28043693Sbrian    return 1;
28143693Sbrian  }
28243693Sbrian
28343693Sbrian  return 0;
28443693Sbrian}
28543693Sbrian
28643693Sbrian/*
28758028Sbrian * Behave as a struct fdescriptor (fdescriptor.h)
28843693Sbrian */
28943693Sbrianstatic int
29058028Sbrianradius_IsSet(struct fdescriptor *d, const fd_set *fdset)
29143693Sbrian{
29243693Sbrian  struct radius *r = descriptor2radius(d);
29343693Sbrian
29443693Sbrian  return r && r->cx.fd != -1 && FD_ISSET(r->cx.fd, fdset);
29543693Sbrian}
29643693Sbrian
29743693Sbrian/*
29858028Sbrian * Behave as a struct fdescriptor (fdescriptor.h)
29943693Sbrian */
30043693Sbrianstatic int
30158028Sbrianradius_Write(struct fdescriptor *d, struct bundle *bundle, const fd_set *fdset)
30243693Sbrian{
30343693Sbrian  /* We never want to write here ! */
30443693Sbrian  log_Printf(LogALERT, "radius_Write: Internal error: Bad call !\n");
30543693Sbrian  return 0;
30643693Sbrian}
30743693Sbrian
30843693Sbrian/*
30943693Sbrian * Initialise ourselves
31043693Sbrian */
31143313Sbrianvoid
31243693Sbrianradius_Init(struct radius *r)
31343693Sbrian{
31443693Sbrian  r->valid = 0;
31543693Sbrian  r->cx.fd = -1;
31643693Sbrian  *r->cfg.file = '\0';;
31743693Sbrian  r->desc.type = RADIUS_DESCRIPTOR;
31843693Sbrian  r->desc.UpdateSet = radius_UpdateSet;
31943693Sbrian  r->desc.IsSet = radius_IsSet;
32043693Sbrian  r->desc.Read = radius_Read;
32143693Sbrian  r->desc.Write = radius_Write;
32243693Sbrian  memset(&r->cx.timer, '\0', sizeof r->cx.timer);
32343693Sbrian}
32443693Sbrian
32543693Sbrian/*
32643693Sbrian * Forget everything and go back to initialised state.
32743693Sbrian */
32843693Sbrianvoid
32943693Sbrianradius_Destroy(struct radius *r)
33043693Sbrian{
33143693Sbrian  r->valid = 0;
33243693Sbrian  timer_Stop(&r->cx.timer);
33343693Sbrian  route_DeleteAll(&r->routes);
33443693Sbrian  if (r->cx.fd != -1) {
33543693Sbrian    r->cx.fd = -1;
33643693Sbrian    rad_close(r->cx.rad);
33743693Sbrian  }
33843693Sbrian}
33943693Sbrian
34043693Sbrian/*
34143693Sbrian * Start an authentication request to the RADIUS server.
34243693Sbrian */
34343693Sbrianvoid
34443693Sbrianradius_Authenticate(struct radius *r, struct authinfo *authp, const char *name,
34543693Sbrian                    const char *key, const char *challenge)
34643693Sbrian{
34750840Sbrian  struct ttyent *ttyp;
34843693Sbrian  struct timeval tv;
34950840Sbrian  int got, slot;
35050840Sbrian  char hostname[MAXHOSTNAMELEN];
35150840Sbrian  struct hostent *hp;
35250840Sbrian  struct in_addr hostaddr;
35343693Sbrian
35443693Sbrian  if (!*r->cfg.file)
35543693Sbrian    return;
35643693Sbrian
35743693Sbrian  if (r->cx.fd != -1)
35843693Sbrian    /*
35943693Sbrian     * We assume that our name/key/challenge is the same as last time,
36043693Sbrian     * and just continue to wait for the RADIUS server(s).
36143693Sbrian     */
36243693Sbrian    return;
36343693Sbrian
36443693Sbrian  radius_Destroy(r);
36543693Sbrian
36643693Sbrian  if ((r->cx.rad = rad_open()) == NULL) {
36743693Sbrian    log_Printf(LogERROR, "rad_open: %s\n", strerror(errno));
36843693Sbrian    return;
36943693Sbrian  }
37043693Sbrian
37143693Sbrian  if (rad_config(r->cx.rad, r->cfg.file) != 0) {
37243693Sbrian    log_Printf(LogERROR, "rad_config: %s\n", rad_strerror(r->cx.rad));
37343693Sbrian    rad_close(r->cx.rad);
37443693Sbrian    return;
37543693Sbrian  }
37643693Sbrian
37743693Sbrian  if (rad_create_request(r->cx.rad, RAD_ACCESS_REQUEST) != 0) {
37843693Sbrian    log_Printf(LogERROR, "rad_create_request: %s\n", rad_strerror(r->cx.rad));
37943693Sbrian    rad_close(r->cx.rad);
38043693Sbrian    return;
38143693Sbrian  }
38243693Sbrian
38343693Sbrian  if (rad_put_string(r->cx.rad, RAD_USER_NAME, name) != 0 ||
38443693Sbrian      rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 ||
38543693Sbrian      rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0) {
38643693Sbrian    log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad));
38743693Sbrian    rad_close(r->cx.rad);
38843693Sbrian    return;
38943693Sbrian  }
39043693Sbrian
39143693Sbrian  if (challenge != NULL) {
39243693Sbrian    /* We're talking CHAP */
39343693Sbrian    if (rad_put_string(r->cx.rad, RAD_CHAP_PASSWORD, key) != 0 ||
39443693Sbrian        rad_put_string(r->cx.rad, RAD_CHAP_CHALLENGE, challenge) != 0) {
39543693Sbrian      log_Printf(LogERROR, "CHAP: rad_put_string: %s\n",
39643693Sbrian                 rad_strerror(r->cx.rad));
39743693Sbrian      rad_close(r->cx.rad);
39843693Sbrian      return;
39943693Sbrian    }
40043693Sbrian  } else if (rad_put_string(r->cx.rad, RAD_USER_PASSWORD, key) != 0) {
40143693Sbrian    /* We're talking PAP */
40243693Sbrian    log_Printf(LogERROR, "PAP: rad_put_string: %s\n", rad_strerror(r->cx.rad));
40343693Sbrian    rad_close(r->cx.rad);
40443693Sbrian    return;
40543693Sbrian  }
40643693Sbrian
40750840Sbrian  if (gethostname(hostname, sizeof hostname) != 0)
40850840Sbrian    log_Printf(LogERROR, "rad_put: gethostname(): %s\n", strerror(errno));
40950840Sbrian  else {
41050840Sbrian    if ((hp = gethostbyname(hostname)) != NULL) {
41150840Sbrian      hostaddr.s_addr = *(u_long *)hp->h_addr;
41250840Sbrian      if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) {
41350840Sbrian        log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
41450840Sbrian                   rad_strerror(r->cx.rad));
41550840Sbrian        rad_close(r->cx.rad);
41650840Sbrian        return;
41750840Sbrian      }
41850840Sbrian    }
41950840Sbrian    if (rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) {
42050840Sbrian      log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
42150840Sbrian                 rad_strerror(r->cx.rad));
42250840Sbrian      rad_close(r->cx.rad);
42350840Sbrian      return;
42450840Sbrian    }
42550840Sbrian  }
42650840Sbrian
42750840Sbrian  if (authp->physical->handler &&
42850840Sbrian      authp->physical->handler->type == TTY_DEVICE) {
42950840Sbrian    setttyent();
43050840Sbrian    for (slot = 1; (ttyp = getttyent()); ++slot)
43150840Sbrian      if (!strcmp(ttyp->ty_name, authp->physical->name.base)) {
43250840Sbrian        if(rad_put_int(r->cx.rad, RAD_NAS_PORT, slot) != 0) {
43350840Sbrian          log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
43450840Sbrian                      rad_strerror(r->cx.rad));
43550840Sbrian          rad_close(r->cx.rad);
43650840Sbrian          endttyent();
43750840Sbrian          return;
43850840Sbrian        }
43950840Sbrian        break;
44050840Sbrian      }
44150840Sbrian    endttyent();
44250840Sbrian  }
44350840Sbrian
44450840Sbrian
44543693Sbrian  if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv)))
44643693Sbrian    radius_Process(r, got);
44743693Sbrian  else {
44843693Sbrian    log_Printf(LogPHASE, "Radius: Request sent\n");
44943693Sbrian    log_Printf(LogDEBUG, "Using radius_Timeout [%p]\n", radius_Timeout);
45043693Sbrian    r->cx.timer.load = tv.tv_usec / TICKUNIT + tv.tv_sec * SECTICKS;
45143693Sbrian    r->cx.timer.func = radius_Timeout;
45243693Sbrian    r->cx.timer.name = "radius";
45343693Sbrian    r->cx.timer.arg = r;
45443693Sbrian    r->cx.auth = authp;
45543693Sbrian    timer_Start(&r->cx.timer);
45643693Sbrian  }
45743693Sbrian}
45843693Sbrian
45943693Sbrian/*
46043693Sbrian * How do things look at the moment ?
46143693Sbrian */
46243693Sbrianvoid
46343313Sbrianradius_Show(struct radius *r, struct prompt *p)
46443313Sbrian{
46543313Sbrian  prompt_Printf(p, " Radius config: %s", *r->cfg.file ? r->cfg.file : "none");
46643313Sbrian  if (r->valid) {
46743313Sbrian    prompt_Printf(p, "\n            IP: %s\n", inet_ntoa(r->ip));
46843313Sbrian    prompt_Printf(p, "       Netmask: %s\n", inet_ntoa(r->mask));
46943313Sbrian    prompt_Printf(p, "           MTU: %lu\n", r->mtu);
47043313Sbrian    prompt_Printf(p, "            VJ: %sabled\n", r->vj ? "en" : "dis");
47143313Sbrian    if (r->routes)
47243313Sbrian      route_ShowSticky(p, r->routes, "        Routes", 16);
47343313Sbrian  } else
47443313Sbrian    prompt_Printf(p, " (not authenticated)\n");
47543313Sbrian}
476