protected byte[] SendAndRecieveLdapAp(LdapServer ldapServer, byte[] gssApiToken, KerberosConstValue.GSSToken gssToken) { SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.RemoteIpAddress = System.Net.IPAddress.Parse(ldapServer.IPAddress); transportConfig.RemoteIpPort = ldapServer.LdapPort; transportConfig.BufferSize = 8192; transportConfig.Type = StackTransportType.Tcp; transportConfig.Role = Role.Client; AdtsLdapClient ldapClient = new AdtsLdapClient(AdtsLdapVersion.V3, transportConfig); ldapClient.Connect(); string gss = (gssToken == KerberosConstValue.GSSToken.GSSSPNG) ? "GSS-SPNEGO" : "GSSAPI"; AdtsBindRequestPacket bindRequest = ldapClient.CreateSaslBindRequest(gss, gssApiToken); ldapClient.SendPacket(bindRequest); AdtsLdapPacket response = ldapClient.ExpectPacket(KerberosConstValue.TIMEOUT_DEFAULT); BaseTestSite.Assert.IsNotNull(response, "Ldap response should not be null"); BaseTestSite.Assert.IsInstanceOfType(response, typeof(AdtsBindResponsePacket), "Ldap response should be a bind response."); AdtsBindResponsePacket bindResponse = (AdtsBindResponsePacket)response; //Response code is 14, Sasl Bind In Progress, need future investigate byte[] repToken = ((BindResponse)bindResponse.GetInnerRequestOrResponse()).serverSaslCreds.ByteArrayValue; return(repToken); }
/// <summary> /// Set up the TCP/UDP transport connection with KDC. /// </summary> /// <param name="localPort">The server port</param> /// <param name="transportType">Whether the transport is TCP or UDP transport.</param> /// <param name="ipType">Ip Version</param> /// <param name="transportSize">The buffer size of transport stack. </param> /// <exception cref="System.ArgumentException">Thrown when the transportType is neither TCP nor UDP.</exception> public void Start(ushort localPort, KileConnectionType transportType, KileIpType ipType, int transportSize) { SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.Role = Role.Server; transportConfig.MaxConnections = ConstValue.MAX_CONNECTIONS; transportConfig.BufferSize = transportSize; if (ipType == KileIpType.Ipv4) { transportConfig.LocalIpAddress = IPAddress.Any; } else { transportConfig.LocalIpAddress = IPAddress.IPv6Any; } transportConfig.LocalIpPort = localPort; if (transportType == KileConnectionType.TCP) { transportConfig.Type = StackTransportType.Tcp; } else if (transportType == KileConnectionType.UDP) { transportConfig.Type = StackTransportType.Udp; } else { throw new ArgumentException("ConnectionType can only be TCP or UDP."); } decoder = new KileDecoder(contextList, transportType); transport = new TransportStack(transportConfig, decoder.DecodePacketCallback); transport.Start(); }
/// <summary> /// Starts the server to listen on specified port. /// </summary> public void Start() { if (transportStack == null) { SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.LocalIpAddress = IPAddress.Any; transportConfig.LocalIpPort = this.listenPort; transportConfig.Role = Role.Server; transportConfig.BufferSize = DefaultBufferSize; transportConfig.MaxConnections = int.MaxValue; transportConfig.Type = isTcp ? StackTransportType.Tcp : StackTransportType.Udp; this.transportStack = new TransportStack(transportConfig, decoder.DecodeLdapPacketCallBack); } this.transportStack.Start(); }
/// <summary> /// Set up the TCP/UDP transport connection with KDC. /// </summary> /// <param name="kdcAddress">The IP address of the KDC.</param> /// <param name="kdcPort">The port of the KDC.</param> /// <param name="transportType">Whether the transport is TCP or UDP transport.</param> /// <exception cref="System.ArgumentException">Thrown when the connection type is neither TCP nor UDP</exception> public void Connect(string kdcAddress, int kdcPort, KileConnectionType transportType) { SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.Role = Role.Client; transportConfig.MaxConnections = 1; transportConfig.BufferSize = transportBufferSize; transportConfig.RemoteIpPort = kdcPort; transportConfig.RemoteIpAddress = IPAddress.Parse(kdcAddress); // For UDP bind if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork) { transportConfig.LocalIpAddress = IPAddress.Any; } else if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6) { transportConfig.LocalIpAddress = IPAddress.IPv6Any; } if (transportType == KileConnectionType.TCP) { transportConfig.Type = StackTransportType.Tcp; } else if (transportType == KileConnectionType.UDP) { transportConfig.Type = StackTransportType.Udp; } else { throw new ArgumentException("ConnectionType can only be TCP or UDP."); } kdcTransport = new TransportStack(transportConfig, decoder.DecodePacketCallback); if (transportType == KileConnectionType.TCP) { kdcTransport.Connect(); } else { kdcTransport.Start(); } context.TransportType = transportType; }
/// <summary> /// Set up the TCP/UDP transport connection with KDC. /// </summary> /// <exception cref="System.ArgumentException">Thrown when the connection type is neither TCP nor UDP</exception> public virtual void Connect() { SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.Role = Role.Client; transportConfig.MaxConnections = 1; transportConfig.BufferSize = KerberosConstValue.TRANSPORT_BUFFER_SIZE; transportConfig.RemoteIpPort = kdcPort; transportConfig.RemoteIpAddress = IPAddress.Parse(kdcAddress); // For UDP bind if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork) { transportConfig.LocalIpAddress = IPAddress.Any; } else if (transportConfig.RemoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6) { transportConfig.LocalIpAddress = IPAddress.IPv6Any; } if (transportType == TransportType.TCP) { transportConfig.Type = StackTransportType.Tcp; } else if (transportType == TransportType.UDP) { transportConfig.Type = StackTransportType.Udp; } else { throw new ArgumentException("ConnectionType can only be TCP or UDP."); } kdcTransport = new TransportStack(transportConfig, DecodePacketCallback); if (transportType == TransportType.TCP) { kdcTransport.Connect(); } else { kdcTransport.Start(); } }
public void LDAP_AD_DS_Add_Constraints_ComputerObject() { BaseTestSite.Assume.IsTrue(EnvironmentConfig.ServerVer >= ServerVersion.Win2012, "Server OS version should be not less than Windows Server 2012"); #region Connect and bind to server SocketTransportConfig transportConfig = new SocketTransportConfig(); transportConfig.RemoteIpAddress = IPAddress.Parse(AD_LDAPModelAdapter.Instance(Site).PDCIPAddress); transportConfig.RemoteIpPort = int.Parse(AD_LDAPModelAdapter.Instance(Site).ADDSPortNum, CultureInfo.InvariantCulture); transportConfig.BufferSize = AD_LDAPModelAdapter.Instance(Site).transportBufferSize; transportConfig.Type = StackTransportType.Tcp; transportConfig.Role = Role.Client; AdtsLdapClient ldapClientStack = new AdtsLdapClient(AdtsLdapVersion.V3, transportConfig); ldapClientStack.Connect(); //The user do not have RIGHT_DS_CREATE_CHILD access rights String userName = AD_LDAPModelAdapter.Instance(Site).testUser7Name; String password = AD_LDAPModelAdapter.Instance(Site).testUser7Pwd; String netbiosDomain = AD_LDAPModelAdapter.Instance(Site).PrimaryDomainNetBiosName; TimeSpan timeout = AD_LDAPModelAdapter.Instance(Site).timeout; //Using SSL binding //Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.AccountCredential transportCredential = new Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.AccountCredential( // Site.Properties["FullDomainName"], userName, password); //Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.ClientSecurityContextAttribute contextAttributes = Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.ClientSecurityContextAttribute.Connection; //Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SspiClientSecurityContext securityContext = new Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SspiClientSecurityContext( // Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SecurityPackageType.Kerberos, // transportCredential, // "LDAP/" + Site.Properties["ServerComputerName"], // contextAttributes, // Microsoft.Protocols.TestTools.StackSdk.Security.Sspi.SecurityTargetDataRepresentation.SecurityNetworkDrep); //securityContext.Initialize(null); //AdtsBindRequestPacket bindRequest = ldapClientStack.CreateSaslBindRequest(securityContext, false); AdtsBindRequestPacket bindRequest = ldapClientStack.CreateSimpleBindRequest(userName, password, netbiosDomain); //send bind request ldapClientStack.SendPacket(bindRequest); AdtsLdapPacket response = ldapClientStack.ExpectPacket(timeout); AdtsBindResponsePacket bindResponse = (AdtsBindResponsePacket)response; //check the connectiong between client and server Site.Assert.AreEqual <long>( LDAPResult_resultCode.success, (long)((BindResponse)bindResponse.GetInnerRequestOrResponse()).resultCode.Value, "Bind response result should be LDAPResult_resultCode.success."); #endregion #region Add a Computer Object string computerName = "testAddConstraints"; string computerObjectDN = "CN=" + computerName + ",CN=Computers," + AD_LDAPModelAdapter.Instance(Site).rootDomainNC; KeyValuePair <string, string[]>[] attrs = new KeyValuePair <string, string[]> [5]; attrs[0] = new KeyValuePair <string, string[]>("objectClass", new string[] { "computer" }); attrs[1] = new KeyValuePair <string, string[]>("dNSHostName", new string[] { computerName + "." + AD_LDAPModelAdapter.Instance(Site).PrimaryDomainDnsName }); attrs[2] = new KeyValuePair <string, string[]>("servicePrincipalName", new string[] { "host/" + computerName + "." + AD_LDAPModelAdapter.Instance(Site).PrimaryDomainDnsName, "host/" + computerName }); attrs[3] = new KeyValuePair <string, string[]>("sAMAccountName", new string[] { computerName + "$" }); //attrs[4] = new KeyValuePair<string, string[]>("userAccountControl", new string[]{ "4098" }); //If the account is created with UF_ACCOUNTDISABLE set in userAccountControl, unicodePwd is not required. //attrs[5] = new KeyValuePair<string, string[]>("unicodePwd", new string[] { "Password01!" }); AdtsAddRequestPacket addRequest = ldapClientStack.CreateAddRequest(computerObjectDN, attrs); ldapClientStack.SendPacket(addRequest); response = ldapClientStack.ExpectPacket(timeout); AdtsAddResponsePacket addResponse = (AdtsAddResponsePacket)response; string ldapErrorCode = Enum.GetName(typeof(ResultCode), ((Microsoft.Protocols.TestTools.StackSdk.ActiveDirectory.Adts.Asn1CodecV3.AddResponse) addResponse.GetInnerRequestOrResponse()).resultCode.Value).ToString(); //BaseTestSite.Assert.AreEqual<string>( // "some error code", // ldapErrorCode, // @""); #endregion #region Unbind and Disconnect AdtsUnbindRequestPacket unbindRequest = ldapClientStack.CreateUnbindRequest(); ldapClientStack.SendPacket(unbindRequest); ldapClientStack.Disconnect(); ldapClientStack = null; #endregion }
/// <summary> /// Connects to server. /// </summary> /// <param name="config">Transport configurations.</param> /// <exception cref="InvalidOperationException"> /// thrown when TransportConifg is null! /// </exception> /// <exception cref="NotSupportedException"> /// thrown when TransportConfig is not SocketTransportConfig, /// ADTS-LDAP supports socket transport only! /// </exception> /// <exception cref="NotSupportedException"> /// thrown when Type of TransportConfig is not TCP/UDP. /// Only TCP and UDP are supported for StackTransportType /// </exception> public virtual void Connect() { if (this.config == null) { throw new InvalidOperationException("TransportConfig is null!"); } SocketTransportConfig socketConfig = this.config as SocketTransportConfig; if (socketConfig == null) { throw new NotSupportedException("ADTS-LDAP supports socket transport only!"); } // initialize IsTcp. if (socketConfig.Type == StackTransportType.Tcp) { this.isTcp = true; } else if (socketConfig.Type == StackTransportType.Udp) { this.isTcp = false; } else { throw new NotSupportedException("Only TCP and UDP are supported for StackTransportType"); } // initialize context. if (this.context == null) { IPEndPoint remoteAddress = new IPEndPoint(socketConfig.RemoteIpAddress, socketConfig.RemoteIpPort); this.context = new AdtsLdapContext(ldapVersion, remoteAddress); } // initialize decorder. if (this.decoder == null) { this.decoder = new AdtsLdapClientDecoder(this); } // initialize transport stack. if (this.transportStack == null) { this.transportStack = new TransportStack(config, this.decoder.DecodeLdapPacketCallBack); } #region Transport Connect // TCP and UDP differs here. Connect method cannot be used for UDP connections. if (this.isTcp) { this.transportStack.Connect(); } else { this.transportStack.Start(); } #endregion }