private async static Task Authenticate(string[] args) { RadiusClient rc = new RadiusClient(args[0], args[1]); RadiusPacket authPacket = rc.Authenticate(args[2], args[3]); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); RadiusPacket receivedPacket = await rc.SendAndReceivePacket(authPacket); if (receivedPacket == null) { throw new Exception("Can't contact remote radius server !"); } switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: Console.WriteLine("Accepted"); foreach (var attr in receivedPacket.Attributes) { Console.WriteLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: Console.WriteLine("Challenged"); break; default: Console.WriteLine("Rejected"); break; } }
public void RadiusServer_Nas_HostRefresh() { // Verify that the server refreshes NAS host name to IP address mappings. // I'm going to do this by specifying a NAS host name that does not // exist, verify that an authentication fails, then add the host name // to the HOSTS file, wait a bit for the server to refresh the mappings // and then verify that this worked by making sure that an authentication // attempt succeeds. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Email; serverSettings.DnsRefreshInterval = TimeSpan.FromSeconds(10); serverSettings.BkTaskInterval = TimeSpan.FromSeconds(2); serverSettings.Devices.Add(new RadiusNasInfo("nas.test.lilltek.com", "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; clientSettings.RetryInterval = TimeSpan.FromSeconds(2); try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail(); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } EnhancedDns.AddHost("nas.test.lilltek.com", NetHelper.GetActiveAdapter()); Thread.Sleep(serverSettings.DnsRefreshInterval + serverSettings.BkTaskInterval); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } finally { EnhancedDns.RemoveHosts(); server.Stop(); client.Close(); } }
public void RadiusClient_MultiPort() { // Verify that a multiport enable client actually works by running a bunch // of authentications throught the client and then counting the number of // source UDP ports we received packets from and verifying that this equals // the number of client ports requested. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 5; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); for (int i = 0; i < 555; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } Dictionary <int, RadiusPacket> packetsByPort = new Dictionary <int, RadiusPacket>(); foreach (RadiusPacket packet in deelie.Packets) { if (!packetsByPort.ContainsKey(packet.SourceEP.Port)) { packetsByPort.Add(packet.SourceEP.Port, packet); } } Assert.AreEqual(5, packetsByPort.Count); } finally { server.Stop(); client.Close(); } }
static int Main() { var username = Environment.GetEnvironmentVariable("username"); var password = Environment.GetEnvironmentVariable("password"); if (String.IsNullOrEmpty(username) || String.IsNullOrEmpty(password)) { Console.WriteLine("environment variables username or password undefined"); return(1); } if (Config.Settings == null) { Console.WriteLine("Config is empty/unreadable"); return(1); } if (Config.Settings.Servers == null || Config.Settings.Servers.Count == 0) { Console.WriteLine("No servers found in config"); return(1); } var res = Parallel.ForEach(Config.Settings.Servers.Cast <ServerElement>(), (server, state) => { // Console.WriteLine("server.name = {0}, sharedsecret={1}, retries={2}, wait={3}, authport={4}", server.Name, server.sharedsecret, server.retries, server.wait, server.authport); var rc = new RadiusClient(server.Name, server.sharedsecret, server.wait * 1000, server.authport); try { var authPacket = rc.Authenticate(username, password); if (Config.Settings.NAS_IDENTIFIER != null) { authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_IDENTIFIER, Encoding.ASCII.GetBytes(Config.Settings.NAS_IDENTIFIER))); } authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_PORT_TYPE, BitConverter.GetBytes((int)NasPortType.ASYNC))); var receivedPacket = rc.SendAndReceivePacket(authPacket, server.retries).Result; if (receivedPacket != null && receivedPacket.PacketType == RadiusCode.ACCESS_ACCEPT) { state.Stop(); } }catch (Exception) {} }); if (res.IsCompleted) { Console.WriteLine("Auth failed for: '{0}'", username); return(1); } else { Console.WriteLine("Auth Ok"); return(0); } }
public void RadiusServer_Bad_NasDevice() { // Verify that the server detects an unknown NAS device. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail("TimeoutException expected"); } catch (TimeoutException) { // Expecting a timeout since the server should ignore this packet } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } Assert.IsTrue(deelie.Log.Count > 0); Assert.AreEqual(RadiusLogEntryType.UnknownNas, deelie.Log[0].EntryType); Assert.IsFalse(deelie.Log[0].Success); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Auth_Log() { // Verify that authentication events are logged RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.AreEqual(2, deelie.Log.Count); Assert.IsTrue(deelie.Log[0].Success); Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[0].EntryType); Assert.AreEqual("r1", deelie.Log[0].Realm); Assert.AreEqual("jeff", deelie.Log[0].Account); Assert.IsFalse(deelie.Log[1].Success); Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[1].EntryType); Assert.AreEqual("r1", deelie.Log[1].Realm); Assert.AreEqual("jeff", deelie.Log[1].Account); } finally { server.Stop(); client.Close(); } }
public void RadiusClient_ID_WrapAround() { // Verify that a single port client instance will wrap request IDs // properly after ID=255 RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); for (int i = 0; i < 555; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } // We should have 555 packets in the deelie with ordered IDs. Assert.AreEqual(555, deelie.Packets.Count); for (int i = 0; i < 555; i++) { Assert.AreEqual((byte)i, deelie.Packets[i].Identifier); } } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Auth_Parallel_Delay() { // Verify that we can perform multiple parallel authentications with // a brief delay. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); IAsyncResult[] ar = new IAsyncResult[255]; RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthShortDelay); for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { Assert.IsTrue(client.EndAuthenticate(ar[i])); } } finally { server.Stop(); client.Close(); } }
public void RadiusClient_Timeout() { // Verify that the client detects timeouts. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreAllPackets); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail("Expected a timeout"); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } } finally { server.Stop(); client.Close(); } }
public void RadiusClient_Interop_AD_IAS() { if (EnvironmentVars.Get("LT_TESTBIN") == null) { Assert.Inconclusive("[LT_TESTBIN] environment variable does not exist."); } if (EnvironmentVars.Get("LT_TEST_AD") == null) { Assert.Inconclusive("[LT_TEST_AD] environment variable does not exist."); } var ad = new ADTestSettings(); if (ad.NasSecret == string.Empty) { Assert.Inconclusive("AD/IAS Testing is disabled"); return; } // Verify that RADIUS client works against AD/IAS. This requires that // the LT_TEST_AD environment variable be set properly as described // in the LillTek DevInstall.doc document. The IAS server must also // be manually configured with the NAS shared secret for this client. RadiusClient client = new RadiusClient(); NetworkBinding serverEP = new NetworkBinding(EnhancedDns.GetHostByName(ad.Servers[0]).AddressList.IPv4Only()[0], NetworkPort.RADIUS); RadiusClientSettings clientSettings = new RadiusClientSettings(serverEP, ad.NasSecret); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; try { client.Open(clientSettings); Assert.IsTrue(client.Authenticate(ad.Domain, ad.Account, ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain + "x", ad.Account, ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain, ad.Account + "x", ad.Password)); Assert.IsFalse(client.Authenticate(ad.Domain, ad.Account, ad.Password + "x")); } finally { client.Close(); } }
public void RadiusServer_RealmFmt_Slash() { // Test the client against the server using RealmFormat.Slash. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_DefaultSecret() { // Verify that the default secret will be used if the NAS device // is not specified. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.DefaultSecret = "hello"; clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Nas_HostName() { // Verify that the server can handle NAS devices specified by DNS host name. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(Helper.MachineName, "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
private static void Main(string[] args) { if (args.Length != 4) { ShowUsage(); return; } try { RadiusClient rc = new RadiusClient(args[0], args[1]); RadiusPacket authPacket = rc.Authenticate(args[2], args[3]); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); RadiusPacket receivedPacket = rc.SendAndReceivePacket(authPacket).Result; if (receivedPacket == null) { throw new Exception("Can't contact remote radius server !"); } switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: Console.WriteLine("Accepted"); foreach (var attr in receivedPacket.Attributes) { Console.WriteLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: Console.WriteLine("Challenged"); break; default: Console.WriteLine("Rejected"); break; } } catch (Exception e) { Console.WriteLine("Error : " + e.Message); } Console.ReadLine(); }
public async Task AuthenticationFail_2_Test() { server = RadiusFactory.CreateTestServer(1812, "secret", "test", "12345", RadiusServerType.Accounting); server.Start(); client = RadiusFactory.CreateTestClient(1824); var packet = new RadiusPacket(PacketCode.AccessRequest, 0, "secret"); packet.AddAttribute("User-Name", "test"); packet.AddAttribute("User-Password", "1234"); packet.AddAttribute("NAS-IP-Address", IPAddress.Parse("192.168.0.100")); packet.AddAttribute("NAS-Port", 3); var response = await client.SendPacketAsync(packet, new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812)); Assert.AreEqual(PacketCode.AccessReject, response.Code); }
/// <summary> /// Called whenever the Authentication Provider is loaded into the /// AD FS pipeline /// </summary> /// <param name="configData"></param> public void OnAuthenticationPipelineLoad(IAuthenticationMethodConfigData configData) { appConfig = new AppConfigurationReg(); radiusClient = new RadiusClient(appConfig.Server, appConfig.SharedSecret, appConfig.TimeOut, appConfig.AuthenticationPort, appConfig.AccountingPort); debugLogging = appConfig.Debug; if (this.debugLogging) { Logging.LogMessage( "Currently using the following configuration:" + Environment.NewLine + "Server: " + appConfig.Server + Environment.NewLine + "Authentication port: " + appConfig.AuthenticationPort + Environment.NewLine + "Accounting port: " + appConfig.AccountingPort + Environment.NewLine + "Shared secret: " + appConfig.SharedSecret + Environment.NewLine + "Timeout: " + appConfig.TimeOut); } }
public void RadiusClient_Retry() { // Verify that the client actually retries sending request packets and // that it used the same ID for both. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 2; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreFirstPacket); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.AreEqual(2, deelie.Packets.Count); Assert.AreEqual(deelie.Packets[0].Identifier, deelie.Packets[1].Identifier); } finally { server.Stop(); client.Close(); } }
private static void Main(string[] args) { if (args.Length != 4) { System.Console.WriteLine("Usage: TestClient hostName sharedSecret userName password"); return; } String host = args[0]; String shared = args[1]; String user = args[2]; String pass = args[3]; var rc = new RadiusClient(IPAddress.Parse(host), shared); // 1. Send Access-Request var ar = new AccessRequest(user, pass); ar.AuthProtocol = AuthenticationType.pap; // or AUTH_CHAP ar.AddAttribute("NAS-Identifier", "this.is.my.nas-identifier.de"); ar.AddAttribute("NAS-IP-Address", "192.168.0.100"); ar.AddAttribute("Service-Type", "Login-User"); ar.AddAttribute("WISPr-Redirection-URL", "http://www.sourceforge.net/"); ar.AddAttribute("WISPr-Location-ID", "net.sourceforge.ap1"); System.Console.WriteLine("Packet before it is sent\n" + ar + "\n"); RadiusPacket response = rc.Authenticate(ar); System.Console.WriteLine("Packet after it was sent\n" + ar + "\n"); System.Console.WriteLine("Response\n" + response + "\n"); // 2. Send Accounting-Request var acc = new AccountingRequest("mw", AccountingRequest.ACCT_STATUS_TYPE_START); acc.AddAttribute("Acct-Session-Id", "1234567890"); acc.AddAttribute("NAS-Identifier", "this.is.my.nas-identifier.de"); acc.AddAttribute("NAS-Port", "0"); System.Console.WriteLine(acc + "\n"); response = rc.Account(acc); System.Console.WriteLine("Response: " + response); rc.Close(); }
public void RadiusClient_Interop() { if (EnvironmentVars.Get("LT_TESTBIN") == null) { Assert.Inconclusive("[LT_TESTBIN] environment variable does not exist."); } // Verify that my RADIUS client code can work against a server from // another vendor. RadiusTestServer server = new RadiusTestServer(); Dictionary <string, string> users; Dictionary <IPAddress, string> devices; RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_AAA, "secret"); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; users = new Dictionary <string, string>(); users.Add("jeff", "password1"); users.Add("joe", "password2"); devices = new Dictionary <IPAddress, string>(); devices.Add(IPAddress.Loopback, "secret"); devices.Add(NetHelper.GetActiveAdapter(), "secret"); try { server.Start(users, devices); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("", "jeff", "password1")); Assert.IsTrue(client.Authenticate("", "joe", "password2")); Assert.IsFalse(client.Authenticate("", "jeff", "passwordX")); Assert.IsFalse(client.Authenticate("", "billy", "x")); } finally { client.Close(); server.Stop(); } }
private static int AuthRadius(string server, string secret, string userid, string password) { RadiusClient client = new RadiusClient(); string realm; string account; int pos; pos = userid.IndexOfAny(new char[] { '/', '\\' }); if (pos == -1) { realm = string.Empty; account = userid; } else { realm = userid.Substring(0, pos); account = userid.Substring(pos + 1); } client.Open(new RadiusClientSettings(new NetworkBinding(server), secret)); try { Program.Output("Authenticating..."); if (client.Authenticate(realm, account, password)) { Program.Output("Success"); return(0); } else { Program.Output("Failure"); return(1); } } catch (Exception e) { Program.Error("Error[{0}]: {1}", e.GetType().Name, e.Message); return(1); } finally { client.Close(); } }
/// <summary> /// メインメソッド /// </summary> /// <param name="args"></param> /// <example>tanedius.exe User-Name User-Password NAS-IP-Address Server [secret]</example> static void Main(string[] args) { RadiusClient rc; switch (args.Length) { case 5: rc = new RadiusClient(args[0], args[1], args[2], RadiusClient.AUTH_TYPE.CHAP, args[3], args[4], ""); if (rc.Auth()) { System.Console.WriteLine("認証成功"); } else { System.Console.WriteLine("認証失敗"); } break; case 6: rc = new RadiusClient(args[0], args[1], args[2], RadiusClient.AUTH_TYPE.PAP, args[3], args[4], args[5]); if (rc.Auth()) { System.Console.WriteLine("認証成功"); } else { System.Console.WriteLine("認証失敗"); } break; default: break; } System.Console.ReadKey(); System.Environment.Exit(0); }
/// <summary> /// Entry point /// </summary> /// <returns></returns> public static int Main() { _defaultLogFolder = Settings.Default.LogFolder; if (string.IsNullOrEmpty(_defaultLogFolder)) { return(5); } InitLogger(); var username = Environment.GetEnvironmentVariable("username"); var password = Environment.GetEnvironmentVariable("password"); if (string.IsNullOrEmpty(username)) { Log.ErrorLog.WriteLine("environment variable 'username' is undefined undefined"); return(1); } if (string.IsNullOrEmpty(password)) { Log.ErrorLog.WriteLine("environment variable 'password' is undefined undefined"); return(1); } if (Config.Settings == null) { Log.ErrorLog.WriteLine("Config is empty/unreadable"); return(2); } if (Config.Settings.Servers == null || Config.Settings.Servers.Count == 0) { Log.ErrorLog.WriteLine("No servers found in config"); return(3); } var res = Parallel.ForEach(Config.Settings.Servers.Cast <ServerElement>(), (server, state) => { Log.InformationLog.WriteLine(string.Format("server name = {0} , retries = {1}, wait = {2}, autport = {3}", server.Name, server.retries, server.wait, server.authport)); var rc = new RadiusClient(server.Name, server.sharedsecret, server.wait * 1000, server.authport); Log.InformationLog.WriteLine("Radius client initializated"); try { var authPacket = rc.Authenticate(username, password); if (Config.Settings.NAS_IDENTIFIER != null) { authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_IDENTIFIER, Encoding.ASCII.GetBytes(Config.Settings.NAS_IDENTIFIER))); } authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.NAS_PORT_TYPE, BitConverter.GetBytes((int)NasPortType.ASYNC))); var receivedPacket = rc.SendAndReceivePacket(authPacket, server.retries).Result; if (receivedPacket != null && receivedPacket.PacketType == RadiusCode.ACCESS_ACCEPT) { state.Stop(); } } catch (Exception ex) { Log.ErrorLog.WriteLine(ex); } }); if (res.IsCompleted) { //On a parcouru tous les srveurs et on n'a rien trouvé Log.ErrorLog.WriteLine(string.Format("Authentication failed for: {0}", username)); return(4); } else { Log.SuccessLog.WriteLine(string.Format("Authentication success for user {0}", username)); return(0); } }
public void RadiusClient_ID_Exhaustion_MultiPort() { // Verify that the client throws an exception when it is asked to // manage more than 256 parallel authentication requests. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; IAsyncResult[] ar; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 2; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthLongDelay); ar = new IAsyncResult[clientSettings.PortCount * 256 + 1]; try { for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { if (ar[i] != null) { client.EndAuthenticate(ar[i]); } } Assert.Fail("Expected a RadiusException"); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(RadiusException)); } } finally { server.Stop(); client.Close(); } }
public void RadiusClient_LoadBalance_MultiPort() { // Verify that the client actually distributes packets across multiple // RADIUS servers with a multi port client. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 1; try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal); client.Open(clientSettings); for (int i = 0; i < 20; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } Assert.IsTrue(deelie1.Packets.Count > 0); Assert.IsTrue(deelie2.Packets.Count > 0); } finally { server1.Stop(); server2.Stop(); client.Close(); } }
public void RadiusClient_FailOver_MultiPort() { // Verify that the client actually fails over to alternate // RADIUS servers with a multi port client. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_AAA, NetworkBinding.Parse("192.168.255.1:1645") }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 10; clientSettings.RetryInterval = TimeSpan.FromSeconds(0.5); try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.IgnoreAlternatePackets); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.IgnoreAlternatePackets); client.Open(clientSettings); for (int i = 0; i < 10; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } } finally { server1.Stop(); server2.Stop(); client.Close(); } }
public void RadiusClient_Blast() { // Send a bunch of queries to multiple servers from multiple client ports. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; IAsyncResult[] ar; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 3; try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal); client.Open(clientSettings); ar = new IAsyncResult[clientSettings.PortCount * 256]; for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { Assert.IsTrue(client.EndAuthenticate(ar[i])); } Assert.IsTrue(deelie1.Packets.Count > 0); Assert.IsTrue(deelie2.Packets.Count > 0); } finally { server1.Stop(); server2.Stop(); client.Close(); } }
public static string AuthenticateRadius(string strHostName, uint nPort, string strSharedSecret, string strUserName, string strPassword, string strStateAttribut) { //strStateAttribut = "30-34-30-61-33-66-39-34-2D-65-39-39-36-2D-34-32-38-62-2D-38-32-65-63-2D-30-63-64-32-63-32-64-66-36-35-31-31"; //strStateAttribut = "040a3f94-e996-428b-82ec-0cd2c2df6511"; RadiusClient rc = new RadiusClient(strHostName, strSharedSecret, authPort: nPort); RadiusPacket authPacket = rc.Authenticate(strUserName, strPassword); if (strStateAttribut != "") { //string buffer = String.Join("", strStateAttribut.Split('-')); byte[] data = Encoding.UTF8.GetBytes(strStateAttribut); authPacket.SetAttribute(new RadiusAttribute(RadiusAttributeType.STATE, data)); } else { authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing"))); authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 })); } RadiusPacket receivedPacket = rc.SendAndReceivePacket(authPacket); if (receivedPacket == null) { throw new SmartException(9901, "Can't contact remote radius server !"); } StringBuilder sbDebug = new StringBuilder(); StringBuilder sbRetour = new StringBuilder(); switch (receivedPacket.PacketType) { case RadiusCode.ACCESS_ACCEPT: sbRetour.Append("2#"); sbDebug.AppendLine("Access-Accept"); foreach (var attr in receivedPacket.Attributes) { sbDebug.AppendLine(attr.Type.ToString() + " = " + attr.Value); } break; case RadiusCode.ACCESS_CHALLENGE: sbRetour.Append("11#"); sbDebug.AppendLine("Access-Challenge"); foreach (var attr in receivedPacket.Attributes) { sbDebug.AppendLine(attr.Type.ToString() + " = " + attr.Value); if (attr.Type == RadiusAttributeType.STATE) { sbRetour.Append(attr.Value); } } break; case RadiusCode.ACCESS_REJECT: sbRetour.Append("3#"); sbDebug.AppendLine("Access-Reject"); if (!rc.VerifyAuthenticator(authPacket, receivedPacket)) { sbDebug.AppendLine("Authenticator check failed: Check your secret"); } break; default: sbRetour.Append("0#"); sbDebug.AppendLine("Rejected"); break; } //return sbDebug.ToString(); return(sbRetour.ToString()); }