/// <summary> /// Send unsolicited packets commonly used for Disconnect and Change-of-Authorization messages.<br></br> /// https://www.ietf.org/rfc/rfc3576.txt /// </summary> /// <param name="packet"></param> /// <param name="retries"></param> /// <returns></returns> public async Task <RadiusPacket> SendUnsolicitedPacketAsync(RadiusPacket packet) { using (var udpClient = new UdpClient()) { try { udpClient.Connect(_HostName, _UnsolicitedPort); await udpClient.SendAsync(packet.RawData, packet.RawData.Length); var RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0); var result = await udpClient.ReceiveAsync(); var receivedPacket = new RadiusPacket(result.Buffer); if (receivedPacket.Valid) { return(receivedPacket); } } catch (Exception) { throw; } } return(null); }
public RadiusPacket Authenticate(string username, string password) { RadiusPacket packet = new RadiusPacket(RadiusCode.ACCESS_REQUEST); packet.SetAuthenticator(_SharedSecret); byte[] encryptedPass = Utils.EncodePapPassword(Encoding.ASCII.GetBytes(password), packet.Authenticator, _SharedSecret); packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_NAME, Encoding.ASCII.GetBytes(username))); packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_PASSWORD, encryptedPass)); return packet; }
public RadiusPacket Authenticate(string username, string password) { RadiusPacket packet = new RadiusPacket(RadiusCode.ACCESS_REQUEST); packet.SetAuthenticator(_SharedSecret); byte[] encryptedPass = Utils.EncodePapPassword(Encoding.ASCII.GetBytes(password), packet.Authenticator, _SharedSecret); packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_NAME, Encoding.ASCII.GetBytes(username))); packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_PASSWORD, encryptedPass)); return(packet); }
public async Task<RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES) { using (UdpClient udpClient = new UdpClient()) { udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout); try { IPAddress hostIP; if (IPAddress.TryParse(_HostName, out hostIP)) udpClient.Connect(hostIP, (int) _AuthPort); else udpClient.Connect(_HostName, (int) _AuthPort); } catch (SocketException e) { int hr = Marshal.GetHRForException(e); string hexValue = hr.ToString("X"); //The requested name is valid, but no data of the requested type was found if (hexValue == "80004005") return null; } var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint; int numberOfAttempts = 0; do { await udpClient.SendAsync(packet.RawData, packet.RawData.Length); try { // Using the synchronous method for the timeout features var result = udpClient.Receive(ref endPoint); RadiusPacket receivedPacket = new RadiusPacket(result); if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket)) return receivedPacket; } catch (SocketException) { //Server isn't responding } numberOfAttempts++; } while (numberOfAttempts < retries); } return null; }
public RadiusPacket DisconnectRequest(string sessionId, string username, string framedIpAddress) { var packet = new RadiusPacket(RadiusCode.DISCONNECT_REQUEST); packet.SetAttribute(RadiusAttribute.CreateString(RadiusAttributeType.ACCT_SESSION_ID, sessionId)); packet.SetAttribute(RadiusAttribute.CreateString(RadiusAttributeType.USER_NAME, username)); packet.SetAttribute(RadiusAttribute.CreateAddress(RadiusAttributeType.FRAMED_IP_ADDRESS, framedIpAddress)); packet.SetAuthenticator(_SharedSecret); return(packet); }
/// <summary> /// Sends a Server-Status packet using the shared secret of the client /// </summary> /// <returns></returns> public async Task <RadiusPacket> Ping() { // Create a new RADIUS packet with the Server-Status code RadiusPacket authPacket = new RadiusPacket(RadiusCode.SERVER_STATUS); // Populate the Request-Authenticator authPacket.SetAuthenticator(_SharedSecret); // Add the Message-Authenticator as a last step. Note: Server-Status packets don't require any other attributes authPacket.SetMessageAuthenticator(_SharedSecret); // We MUST NOT retransmit Server-Status packets according to https://tools.ietf.org/html/rfc5997 return(await SendAndReceivePacket(authPacket, 0)); }
public async static Task Authentication(string[] args) { try { RadiusClient rc = new RadiusClient(args[0], args[1]); RadiusPacket authPacket = rc.Authenticate(args[2], args[3]); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); RadiusPacket receivedPacket = await rc.SendAndReceivePacket(authPacket); if (receivedPacket == null) { throw new Exception("Can't contact remote radius server !"); } switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: Console.WriteLine("Access-Accept"); foreach (var attr in receivedPacket.Attributes) { Console.WriteLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: Console.WriteLine("Access-Challenge"); break; case RadiusCode.ACCESS_REJECT: Console.WriteLine("Access-Reject"); if (!rc.VerifyAuthenticator(authPacket, receivedPacket)) { Console.WriteLine("Authenticator check failed: Check your secret"); } break; default: Console.WriteLine("Rejected"); break; } } catch (Exception ex) { throw ex; } }
private bool VerifyAuthenticator(RadiusPacket requestedPacket, RadiusPacket receivedPacket) { return requestedPacket.Identifier == receivedPacket.Identifier && receivedPacket.Authenticator.SequenceEqual(Utils.ResponseAuthenticator(receivedPacket.RawData, requestedPacket.Authenticator, _SharedSecret)); }
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES) { using (UdpClient udpClient = new UdpClient()) { udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout); try { // Starting with Vista, we are able to bind to a local endpoint to guarantee the packet // will be sent out a particular interface // This is explained in the following blog // http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx if (_LocalEndPoint != null) { udpClient.Client.Bind(_LocalEndPoint); } IPAddress hostIP; if (IPAddress.TryParse(_HostName, out hostIP)) { udpClient.Connect(hostIP, (int)_AuthPort); } else { udpClient.Connect(_HostName, (int)_AuthPort); } } catch (SocketException e) { int hr = Marshal.GetHRForException(e); string hexValue = hr.ToString("X"); //The requested name is valid, but no data of the requested type was found if (hexValue == "80004005") { return(null); } } var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint; int numberOfAttempts = 0; do { await udpClient.SendAsync(packet.RawData, packet.RawData.Length); try { // Using the synchronous method for the timeout features var result = udpClient.Receive(ref endPoint); RadiusPacket receivedPacket = new RadiusPacket(result); if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket)) { return(receivedPacket); } } catch (SocketException) { //Server isn't responding } numberOfAttempts++; } while (numberOfAttempts < retries); } return(null); }
private bool VerifyAuthenticator(RadiusPacket requestedPacket, RadiusPacket receivedPacket) { return(requestedPacket.Identifier == receivedPacket.Identifier && receivedPacket.Authenticator.SequenceEqual(Utils.ResponseAuthenticator(receivedPacket.RawData, requestedPacket.Authenticator, _SharedSecret))); }
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES) { using (UdpClient udpClient = new UdpClient()) { udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout); IPAddress hostIP = null; try { // Starting with Vista, we are able to bind to a local endpoint to guarantee the packet // will be sent out a particular interface // This is explained in the following blog // http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx if (_LocalEndPoint != null) { udpClient.Client.Bind(_LocalEndPoint); } if (!IPAddress.TryParse(_HostName, out hostIP)) { //Try performing a DNS lookup var host = Dns.GetHostEntry(_HostName); hostIP = host.AddressList.FirstOrDefault(a => a.AddressFamily == AddressFamily.InterNetwork); if (hostIP == null) { throw new Exception("Resolving " + _HostName + " returned no hits in DNS"); } } } catch (SocketException e) { int hr = Marshal.GetHRForException(e); string hexValue = hr.ToString("X"); //The requested name is valid, but no data of the requested type was found if (hexValue == "80004005") { return(null); } } var endPoint = new IPEndPoint(hostIP, (int)_AuthPort); int numberOfAttempts = 0; do { try { var res = udpClient.SendAsync(packet.RawData, packet.RawData.Length, endPoint); // Using the synchronous method for the timeout features var result = udpClient.Receive(ref endPoint); RadiusPacket receivedPacket = new RadiusPacket(result); if (receivedPacket.Valid) { return(receivedPacket); } } catch (SocketException) { //Server isn't responding } numberOfAttempts++; } while (numberOfAttempts < retries); } return(null); }
public async Task<RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES) { using (UdpClient udpClient = new UdpClient()) { udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout); IPAddress hostIP = null; try { // Starting with Vista, we are able to bind to a local endpoint to guarantee the packet // will be sent out a particular interface // This is explained in the following blog // http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx if(_LocalEndPoint != null) udpClient.Client.Bind(_LocalEndPoint); if(!IPAddress.TryParse(_HostName, out hostIP)) { //Try performing a DNS lookup var host = Dns.GetHostEntry(_HostName); hostIP = host.AddressList.FirstOrDefault(a => a.AddressFamily == AddressFamily.InterNetwork); if (hostIP == null) throw new Exception("Resolving " + _HostName + " returned no hits in DNS"); } } catch (SocketException e) { int hr = Marshal.GetHRForException(e); string hexValue = hr.ToString("X"); //The requested name is valid, but no data of the requested type was found if (hexValue == "80004005") return null; } var endPoint = new IPEndPoint(hostIP, (int)_AuthPort); int numberOfAttempts = 0; do { await udpClient.SendAsync(packet.RawData, packet.RawData.Length, endPoint); try { // Using the synchronous method for the timeout features var result = udpClient.Receive(ref endPoint); RadiusPacket receivedPacket = new RadiusPacket(result); if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket)) return receivedPacket; } catch (SocketException) { //Server isn't responding } numberOfAttempts++; } while (numberOfAttempts < retries); } return null; }
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES) { using (UdpClient udpClient = new UdpClient()) { udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout); try { IPAddress hostIP; if (IPAddress.TryParse(_HostName, out hostIP)) { udpClient.Connect(hostIP, (int)_AuthPort); } else { udpClient.Connect(_HostName, (int)_AuthPort); } } catch (SocketException e) { int hr = Marshal.GetHRForException(e); string hexValue = hr.ToString("X"); //The requested name is valid, but no data of the requested type was found if (hexValue == "80004005") { return(null); } } var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint; int numberOfAttempts = 0; do { await udpClient.SendAsync(packet.RawData, packet.RawData.Length).ConfigureAwait(false); try { // Using the synchronous method for the timeout features var result = udpClient.Receive(ref endPoint); RadiusPacket receivedPacket = new RadiusPacket(result); if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket)) { return(receivedPacket); } } catch (SocketException) { //Server isn't responding } numberOfAttempts++; } while (numberOfAttempts < retries); } return(null); }