public void RadiusServer_Nas_HostRefresh()
{
// Verify that the server refreshes NAS host name to IP address mappings.
// I'm going to do this by specifying a NAS host name that does not
// exist, verify that an authentication fails, then add the host name
// to the HOSTS file, wait a bit for the server to refresh the mappings
// and then verify that this worked by making sure that an authentication
// attempt succeeds.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.DnsRefreshInterval = TimeSpan.FromSeconds(10);
serverSettings.BkTaskInterval = TimeSpan.FromSeconds(2);
serverSettings.Devices.Add(new RadiusNasInfo("nas.test.lilltek.com", "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
clientSettings.RetryInterval = TimeSpan.FromSeconds(2);
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
try
{
client.Authenticate("r1", "jeff", "password123");
Assert.Fail();
}
catch (Exception e)
{
Assert.IsInstanceOfType(e, typeof(TimeoutException));
}
EnhancedDns.AddHost("nas.test.lilltek.com", NetHelper.GetActiveAdapter());
Thread.Sleep(serverSettings.DnsRefreshInterval + serverSettings.BkTaskInterval);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
}
finally
{
EnhancedDns.RemoveHosts();
server.Stop();
client.Close();
}
}
public void RadiusClient_MultiPort()
{
// Verify that a multiport enable client actually works by running a bunch
// of authentications throught the client and then counting the number of
// source UDP ports we received packets from and verifying that this equals
// the number of client ports requested.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 5;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal);
for (int i = 0; i < 555; i++)
{
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
}
Dictionary <int, RadiusPacket> packetsByPort = new Dictionary <int, RadiusPacket>();
foreach (RadiusPacket packet in deelie.Packets)
{
if (!packetsByPort.ContainsKey(packet.SourceEP.Port))
{
packetsByPort.Add(packet.SourceEP.Port, packet);
}
}
Assert.AreEqual(5, packetsByPort.Count);
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_Bad_NasDevice()
{
// Verify that the server detects an unknown NAS device.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Slash;
clientSettings.RealmFormat = RealmFormat.Slash;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal);
try
{
client.Authenticate("r1", "jeff", "password123");
Assert.Fail("TimeoutException expected");
}
catch (TimeoutException)
{
// Expecting a timeout since the server should ignore this packet
}
catch (Exception e)
{
Assert.IsInstanceOfType(e, typeof(TimeoutException));
}
Assert.IsTrue(deelie.Log.Count > 0);
Assert.AreEqual(RadiusLogEntryType.UnknownNas, deelie.Log[0].EntryType);
Assert.IsFalse(deelie.Log[0].Success);
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_Auth_Log()
{
// Verify that authentication events are logged
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Slash;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Slash;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123"));
Assert.AreEqual(2, deelie.Log.Count);
Assert.IsTrue(deelie.Log[0].Success);
Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[0].EntryType);
Assert.AreEqual("r1", deelie.Log[0].Realm);
Assert.AreEqual("jeff", deelie.Log[0].Account);
Assert.IsFalse(deelie.Log[1].Success);
Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[1].EntryType);
Assert.AreEqual("r1", deelie.Log[1].Realm);
Assert.AreEqual("jeff", deelie.Log[1].Account);
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_LoadConfig()
{
RadiusServerSettings settings;
try
{
// Verify the defaults
Config.SetConfig(null);
settings = RadiusServerSettings.LoadConfig("xxx");
Assert.AreEqual(new NetworkBinding(IPAddress.Any, 1812), settings.NetworkBinding);
Assert.AreEqual(131072, settings.SocketBuffer);
Assert.AreEqual(TimeSpan.FromMinutes(1), settings.BkTaskInterval);
Assert.AreEqual(TimeSpan.FromMinutes(15), settings.DnsRefreshInterval);
Assert.AreEqual(0, settings.Devices.Count);
Assert.AreEqual(RealmFormat.Email, settings.RealmFormat);
// Now try some actual settings
Config.SetConfig(@"
Prefix.NetworkBinding = 127.0.0.1:1645
Prefix.SocketBuffer = 10000
Prefix.BkTaskInterval = 5s
Prefix.DnsRefreshInterval = 2m
Prefix.RealmFormat = slash
Prefix.Devices[0] = 127.0.0.1;secret1
Prefix.Devices[1] = localhost;secret2
");
settings = RadiusServerSettings.LoadConfig("Prefix");
Assert.AreEqual(new NetworkBinding(IPAddress.Loopback, 1645), settings.NetworkBinding);
Assert.AreEqual(10000, settings.SocketBuffer);
Assert.AreEqual(TimeSpan.FromSeconds(5), settings.BkTaskInterval);
Assert.AreEqual(TimeSpan.FromMinutes(2), settings.DnsRefreshInterval);
Assert.AreEqual(2, settings.Devices.Count);
Assert.AreEqual(IPAddress.Loopback, settings.Devices[0].Address);
Assert.IsNull(settings.Devices[0].Host);
Assert.AreEqual("secret1", settings.Devices[0].Secret);
Assert.AreEqual(IPAddress.Any, settings.Devices[1].Address);
Assert.AreEqual("localhost", settings.Devices[1].Host);
Assert.AreEqual("secret2", settings.Devices[1].Secret);
Assert.AreEqual(RealmFormat.Slash, settings.RealmFormat);
}
finally
{
Config.SetConfig(null);
}
}
public void RadiusClient_ID_WrapAround()
{
// Verify that a single port client instance will wrap request IDs
// properly after ID=255
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal);
for (int i = 0; i < 555; i++)
{
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
}
// We should have 555 packets in the deelie with ordered IDs.
Assert.AreEqual(555, deelie.Packets.Count);
for (int i = 0; i < 555; i++)
{
Assert.AreEqual((byte)i, deelie.Packets[i].Identifier);
}
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_Auth_Parallel_Delay()
{
// Verify that we can perform multiple parallel authentications with
// a brief delay.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
IAsyncResult[] ar = new IAsyncResult[255];
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Slash;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Slash;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthShortDelay);
for (int i = 0; i < ar.Length; i++)
{
ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null);
}
for (int i = 0; i < ar.Length; i++)
{
Assert.IsTrue(client.EndAuthenticate(ar[i]));
}
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusClient_Timeout()
{
// Verify that the client detects timeouts.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreAllPackets);
try
{
client.Authenticate("r1", "jeff", "password123");
Assert.Fail("Expected a timeout");
}
catch (Exception e)
{
Assert.IsInstanceOfType(e, typeof(TimeoutException));
}
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_DefaultSecret()
{
// Verify that the default secret will be used if the NAS device
// is not specified.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
serverSettings.RealmFormat = RealmFormat.Slash;
serverSettings.DefaultSecret = "hello";
clientSettings.RealmFormat = RealmFormat.Slash;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX"));
Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish"));
Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123"));
Assert.IsFalse(client.Authenticate("", "jeff", "password123"));
Assert.IsFalse(client.Authenticate(null, "jeff", "password123"));
Assert.IsFalse(client.Authenticate("r3", "jeff", "password123"));
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_RealmFmt_Slash()
{
// Test the client against the server using RealmFormat.Slash.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
serverSettings.RealmFormat = RealmFormat.Slash;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Slash;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX"));
Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish"));
Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123"));
Assert.IsFalse(client.Authenticate("", "jeff", "password123"));
Assert.IsFalse(client.Authenticate(null, "jeff", "password123"));
Assert.IsFalse(client.Authenticate("r3", "jeff", "password123"));
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_Nas_HostName()
{
// Verify that the server can handle NAS devices specified by DNS host name.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(Helper.MachineName, "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX"));
Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish"));
Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123"));
Assert.IsFalse(client.Authenticate("", "jeff", "password123"));
Assert.IsFalse(client.Authenticate(null, "jeff", "password123"));
Assert.IsFalse(client.Authenticate("r3", "jeff", "password123"));
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusClient_Retry()
{
// Verify that the client actually retries sending request packets and
// that it used the same ID for both.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 1;
clientSettings.MaxTransmissions = 2;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreFirstPacket);
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
Assert.AreEqual(2, deelie.Packets.Count);
Assert.AreEqual(deelie.Packets[0].Identifier, deelie.Packets[1].Identifier);
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusServer_Interop()
{
Assert.Inconclusive("The trial period for the RADIUS client tool has expired.");
// Verify that my RADIUS server code can work against a client from
// another vendor.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r1", "password123"));
Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r2", "passwordXXX"));
Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jane@r1", "bigfish"));
Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r1", "PASSWORD123"));
Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff", "password123"));
Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r3", "password123"));
Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "badsecret", "jeff@r1", "password123"));
}
finally
{
server.Stop();
}
}
public void RadiusClient_ID_Exhaustion_MultiPort()
{
// Verify that the client throws an exception when it is asked to
// manage more than 256 parallel authentication requests.
RadiusServer server = new RadiusServer();
RadiusServerSettings serverSettings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello");
RadiusServerDeelie deelie;
IAsyncResult[] ar;
serverSettings.RealmFormat = RealmFormat.Email;
serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 2;
clientSettings.MaxTransmissions = 1;
try
{
server.Start(serverSettings);
server.LoadAccountsFromString(@"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
");
client.Open(clientSettings);
deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthLongDelay);
ar = new IAsyncResult[clientSettings.PortCount * 256 + 1];
try
{
for (int i = 0; i < ar.Length; i++)
{
ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null);
}
for (int i = 0; i < ar.Length; i++)
{
if (ar[i] != null)
{
client.EndAuthenticate(ar[i]);
}
}
Assert.Fail("Expected a RadiusException");
}
catch (Exception e)
{
Assert.IsInstanceOfType(e, typeof(RadiusException));
}
}
finally
{
server.Stop();
client.Close();
}
}
public void RadiusClient_LoadBalance_MultiPort()
{
// Verify that the client actually distributes packets across multiple
// RADIUS servers with a multi port client.
RadiusServer server1 = new RadiusServer();
RadiusServer server2 = new RadiusServer();
RadiusServerSettings server1Settings = new RadiusServerSettings();
RadiusServerSettings server2Settings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello");
RadiusServerDeelie deelie1;
RadiusServerDeelie deelie2;
server1Settings.RealmFormat = RealmFormat.Email;
server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS);
server2Settings.RealmFormat = RealmFormat.Email;
server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA);
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 4;
clientSettings.MaxTransmissions = 1;
try
{
string accountInfo = @"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
";
server1.Start(server1Settings);
server1.LoadAccountsFromString(accountInfo);
deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal);
server2.Start(server2Settings);
server2.LoadAccountsFromString(accountInfo);
deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal);
client.Open(clientSettings);
for (int i = 0; i < 20; i++)
{
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
}
Assert.IsTrue(deelie1.Packets.Count > 0);
Assert.IsTrue(deelie2.Packets.Count > 0);
}
finally
{
server1.Stop();
server2.Stop();
client.Close();
}
}
public void RadiusClient_Blast()
{
// Send a bunch of queries to multiple servers from multiple client ports.
RadiusServer server1 = new RadiusServer();
RadiusServer server2 = new RadiusServer();
RadiusServerSettings server1Settings = new RadiusServerSettings();
RadiusServerSettings server2Settings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello");
RadiusServerDeelie deelie1;
RadiusServerDeelie deelie2;
IAsyncResult[] ar;
server1Settings.RealmFormat = RealmFormat.Email;
server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS);
server2Settings.RealmFormat = RealmFormat.Email;
server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA);
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 4;
clientSettings.MaxTransmissions = 3;
try
{
string accountInfo = @"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
";
server1.Start(server1Settings);
server1.LoadAccountsFromString(accountInfo);
deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal);
server2.Start(server2Settings);
server2.LoadAccountsFromString(accountInfo);
deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal);
client.Open(clientSettings);
ar = new IAsyncResult[clientSettings.PortCount * 256];
for (int i = 0; i < ar.Length; i++)
{
ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null);
}
for (int i = 0; i < ar.Length; i++)
{
Assert.IsTrue(client.EndAuthenticate(ar[i]));
}
Assert.IsTrue(deelie1.Packets.Count > 0);
Assert.IsTrue(deelie2.Packets.Count > 0);
}
finally
{
server1.Stop();
server2.Stop();
client.Close();
}
}
public void RadiusClient_FailOver_MultiPort()
{
// Verify that the client actually fails over to alternate
// RADIUS servers with a multi port client.
RadiusServer server1 = new RadiusServer();
RadiusServer server2 = new RadiusServer();
RadiusServerSettings server1Settings = new RadiusServerSettings();
RadiusServerSettings server2Settings = new RadiusServerSettings();
RadiusClient client = new RadiusClient();
RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_AAA, NetworkBinding.Parse("192.168.255.1:1645") }, "hello");
RadiusServerDeelie deelie1;
RadiusServerDeelie deelie2;
server1Settings.RealmFormat = RealmFormat.Email;
server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS);
server2Settings.RealmFormat = RealmFormat.Email;
server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello"));
server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello"));
server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA);
clientSettings.RealmFormat = RealmFormat.Email;
clientSettings.PortCount = 4;
clientSettings.MaxTransmissions = 10;
clientSettings.RetryInterval = TimeSpan.FromSeconds(0.5);
try
{
string accountInfo = @"
// This is a comment line
r1;jeff;password123
r2;jeff;passwordXXX
r1;jane;bigfish
";
server1.Start(server1Settings);
server1.LoadAccountsFromString(accountInfo);
deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.IgnoreAlternatePackets);
server2.Start(server2Settings);
server2.LoadAccountsFromString(accountInfo);
deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.IgnoreAlternatePackets);
client.Open(clientSettings);
for (int i = 0; i < 10; i++)
{
Assert.IsTrue(client.Authenticate("r1", "jeff", "password123"));
}
}
finally
{
server1.Stop();
server2.Stop();
client.Close();
}
}
public void Initialize()
{
Helper.InitializeApp(Assembly.GetExecutingAssembly());
this.ADSettings = new ADTestSettings();
this.DB = SqlTestDatabase.Create();
this.AuthFilePath = Path.GetTempFileName();
//-------------------------------------------------------------
// Initialize file authentication
Helper.WriteToFile(this.AuthFilePath, @"
file.com;file1;file-password1
file.com;file2;file-password2
");
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file1", "file-password1"));
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file2", "file-password2"));
//-------------------------------------------------------------
// Initialize RADIUS authentication
RadiusServerSettings radiusSettings = new RadiusServerSettings();
radiusSettings.NetworkBinding = NetworkBinding.Parse("ANY:52111");
radiusSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, this.RadiusSecret));
radiusSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), this.RadiusSecret));
this.RadiusServer = new RadiusServer();
this.RadiusServer.Start(radiusSettings);
this.RadiusServer.LoadAccountsFromString(@"
radius.com;radius1;radius-password1
radius.com;radius2;radius-password2
");
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius1", "radius-password1"));
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius2", "radius-password2"));
//-------------------------------------------------------------
// Initialize config authentication
Config.SetConfig(@"
Accounts[0] = config.com;config1;config-password1
Accounts[1] = config.com;config2;config-password2
");
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config1", "config-password1"));
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config2", "config-password2"));
#if TEST_AD
//-------------------------------------------------------------
// Initialize active directory authentication
#if !TEST_AD_LDAP
if (ADSettings.NasSecret != string.Empty) // Disable the test if the NAS secret is blank
#endif
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Ldap, ADSettings.Domain, ADSettings.Account, ADSettings.Password));
#endif
//-------------------------------------------------------------
// Initalize ODBC authentication
SqlConnection sqlCon = null;
SqlScriptRunner scriptRunner;
MacroProcessor processor;
string initScript =
@"
create table Accounts (
Realm varchar(64),
Account varchar(64),
Password varchar(64),
MD5 varbinary(128),
SHA1 varbinary(128),
SHA256 varbinary(128),
SHA512 varbinary(128)
)
go
insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512)
values ('odbc.com','odbc1','odbc-password1',$(md5-1),$(sha1-1),$(sha256-1),$(sha512-1))
insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512)
values ('odbc.com','odbc2','odbc-password2',$(md5-2),$(sha1-2),$(sha256-2),$(sha512-2))
go
";
try
{
processor = new MacroProcessor();
processor.Add("md5-1", SqlHelper.Literal(MD5Hasher.Compute("odbc-password1")));
processor.Add("sha1-1", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password1")));
processor.Add("sha256-1", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password1")));
processor.Add("sha512-1", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password1")));
processor.Add("md5-2", SqlHelper.Literal(MD5Hasher.Compute("odbc-password2")));
processor.Add("sha1-2", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password2")));
processor.Add("sha256-2", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password2")));
processor.Add("sha512-2", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password2")));
initScript = processor.Expand(initScript);
sqlCon = DB.OpenConnection();
scriptRunner = new SqlScriptRunner(initScript);
scriptRunner.Run(sqlCon);
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc1", "odbc-password1"));
this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc2", "odbc-password2"));
}
finally
{
if (sqlCon != null)
{
sqlCon.Close();
}
}
}
