/**
* Proxies the given packet to the server given in the Proxy connection.
* Stores the Proxy connection object in the cache with a key that
* is added to the packet in the "Proxy-State" attribute.
* @param packet the packet to Proxy
* @param proxyCon the RadiusProxyConnection for this packet
* @throws IOException
*/
protected void proxyPacket(RadiusPacket packet, RadiusProxyConnection proxyConnection)
{
lock (typeof (RadiusProxy))
{
// add Proxy-State attribute
proxyIndex++;
String proxyIndexStr = proxyIndex.ToString();
packet.AddAttribute(new RadiusAttribute(33, Encoding.UTF8.GetBytes(proxyIndexStr)));
// store RadiusProxyConnection object
proxyConnections.Add(proxyIndexStr, proxyConnection);
}
// get server address
//IPAddress serverAddress = proxyConnection.getRadiusServer().EndpointAddress.Address;
//int serverPort = proxyConnection.getRadiusServer().EndpointAddress.Port;
String serverSecret = proxyConnection.RadiusServer.SharedSecret;
// save request authenticator (will be calculated new)
byte[] auth = packet.Authenticator;
// encode new packet (with new authenticator)
var bos = new MemoryStream();
packet.EncodeRequestPacket(bos, serverSecret);
byte[] data = bos.ToArray();
bos.Dispose();
//var datagram = new DatagramPacket(data, data.Length, serverAddress, serverPort);
// restore original authenticator
packet.Authenticator = auth;
// send packet
//Socket proxySocket = new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.IP);
proxySocket.Send(data, data.Length);
//proxySocket.send(datagram);
}
/// <summary>
/// Sets the address the server listens on.
/// Must be called before start().
/// Defaults to null, meaning listen on every
/// local address (wildcard address).
/// @param listenAddress listen address or null
/// </summary>
/// <summary>
/// Copies all Proxy-State attributes from the request
/// packet to the response packet.
/// @param request request packet
/// @param answer response packet
/// </summary>
protected void CopyProxyState(RadiusPacket request, RadiusPacket answer)
{
IList<RadiusAttribute> proxyStateAttrs = request.GetAttributes(33);
foreach (RadiusAttribute proxyStateAttr in proxyStateAttrs)
{
//RadiusAttribute proxyStateAttr = (RadiusAttribute)i.next();
answer.AddAttribute(proxyStateAttr);
}
}
/// <summary>
/// Reads a Radius packet from the given input stream and
/// creates an appropiate RadiusPacket descendant object.
/// Reads in all attributes and returns the object.
/// Decodes the encrypted fields and attributes of the packet.
/// @exception IOException if an IO error occurred
/// @exception RadiusException if the Radius packet is malformed
/// </summary>
/// <param name="dictionary">dictionary to use for attributes</param>
/// <param name="inputStream"></param>
/// <param name="request">Radius request packet if this is a response packet to be
/// decoded, null if this is a request packet to be decoded</param>
/// <param name="sharedSecret">shared secret to be used to decode this packet</param>
/// <returns>RadiusPacket object</returns>
protected static RadiusPacket DecodePacket(IWritableDictionary dictionary, Stream inputStream,
String sharedSecret,
RadiusPacket request)
{
// check shared secret
if (string.IsNullOrEmpty(sharedSecret))
{
throw new ArgumentNullException("sharedSecret", "no shared secret has been set");
}
// check request authenticator
if (request != null && request.Authenticator == null)
{
throw new ArgumentNullException("request", "request authenticator not set");
}
// read and check header
int type = inputStream.ReadByte() & 0x0ff;
int identifier = inputStream.ReadByte() & 0x0ff;
int length = (inputStream.ReadByte() & 0x0ff) << 8 | (inputStream.ReadByte() & 0x0ff);
if (request != null && request.Identifier != identifier)
{
throw new RadiusException("bad packet: invalid packet identifier (request: " +
request.Identifier + ", response: " + identifier);
}
if (length < RadiusHeaderLength)
{
throw new RadiusException("bad packet: packet too short (" + length + " bytes)");
}
if (length > MaxPacketLength)
{
throw new RadiusException("bad packet: packet too long (" + length + " bytes)");
}
// read rest of packet
var authenticator = new byte[16];
var attributeData = new byte[length - RadiusHeaderLength];
inputStream.Read(authenticator, 0, 16);
inputStream.Read(attributeData, 0, attributeData.Length);
// check and count attributes
int pos = 0;
while (pos < attributeData.Length)
{
if (pos + 1 >= attributeData.Length)
{
throw new RadiusException("bad packet: attribute Length mismatch");
}
int attributeLength = attributeData[pos + 1] & 0x0ff;
if (attributeLength < 2)
{
throw new RadiusException("bad packet: invalid attribute Length");
}
pos += attributeLength;
}
if (pos != attributeData.Length)
{
throw new RadiusException("bad packet: attribute Length mismatch");
}
// create RadiusPacket object; set properties
RadiusPacket rp = CreateRadiusPacket(type);
rp.Type = type;
rp.Identifier = identifier;
rp.Authenticator = authenticator;
// load attributes
pos = 0;
while (pos < attributeData.Length)
{
int attributeType = attributeData[pos] & 0x0ff;
int attributeLength = attributeData[pos + 1] & 0x0ff;
RadiusAttribute a = RadiusAttribute.CreateRadiusAttribute(dictionary, -1, attributeType);
a.ReadAttribute(attributeData, pos, attributeLength);
rp.AddAttribute(a);
pos += attributeLength;
}
// request packet?
if (request == null)
{
// decode attributes
rp.DecodeRequestAttributes(sharedSecret);
rp.CheckRequestAuthenticator(sharedSecret, length, attributeData);
}
else
{
// response packet: check authenticator
rp.CheckResponseAuthenticator(sharedSecret, length, attributeData, request.Authenticator);
}
return(rp);
}
