public void RadiusServer_Nas_HostRefresh() { // Verify that the server refreshes NAS host name to IP address mappings. // I'm going to do this by specifying a NAS host name that does not // exist, verify that an authentication fails, then add the host name // to the HOSTS file, wait a bit for the server to refresh the mappings // and then verify that this worked by making sure that an authentication // attempt succeeds. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Email; serverSettings.DnsRefreshInterval = TimeSpan.FromSeconds(10); serverSettings.BkTaskInterval = TimeSpan.FromSeconds(2); serverSettings.Devices.Add(new RadiusNasInfo("nas.test.lilltek.com", "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; clientSettings.RetryInterval = TimeSpan.FromSeconds(2); try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail(); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } EnhancedDns.AddHost("nas.test.lilltek.com", NetHelper.GetActiveAdapter()); Thread.Sleep(serverSettings.DnsRefreshInterval + serverSettings.BkTaskInterval); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } finally { EnhancedDns.RemoveHosts(); server.Stop(); client.Close(); } }
private static void Main(string[] args) { try { var _server = new RadiusServer { //10.249.195.123 AcctPort = 1813, AuthPort = 1812, ListenAccountIp = IPAddress.Parse("10.249.195.123"), ListenAuthIp = IPAddress.Parse("10.249.195.123") }; _server.Start(true, false); while (true) { Console.WriteLine("press exit for exit"); string s = Console.ReadLine(); if (s.ToLower() == "exit") { break; } } } catch (Exception ex) { ILog log = LogManager.GetLogger(typeof(Program)); log.Debug("Failed in running.", ex); } }
/// <summary> /// Constructor. /// </summary> /// <param name="server">The RADIUS server.</param> public RadiusServerDeelie(RadiusServer server, Mode mode) { this.mode = mode; this.Packets = new List <RadiusPacket>(); this.Log = new List <RadiusLogEntry>(); server.LogEvent += new RadiusLogDelegate(OnLogEntry); server.DiagnosticHook = new RadiusDiagnosticDelegate(DiagnosticHook); switch (mode) { case Mode.AuthSuccess: case Mode.AuthFail: case Mode.AuthShortDelay: case Mode.AuthLongDelay: server.AuthenticateEvent += new RadiusAuthenticateDelegate(OnAuth); break; } // Set the long delay to a bit longer than the client retry interval and // the short delay to something less than this interval. RadiusClientSettings clientSettings = new RadiusClientSettings(NetworkBinding.Any, ""); shortDelay = TimeSpan.FromMilliseconds(100); longDelay = clientSettings.RetryInterval + TimeSpan.FromSeconds(clientSettings.BkTaskInterval.TotalSeconds / 2); }
public void RadiusClient_MultiPort() { // Verify that a multiport enable client actually works by running a bunch // of authentications throught the client and then counting the number of // source UDP ports we received packets from and verifying that this equals // the number of client ports requested. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 5; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); for (int i = 0; i < 555; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } Dictionary <int, RadiusPacket> packetsByPort = new Dictionary <int, RadiusPacket>(); foreach (RadiusPacket packet in deelie.Packets) { if (!packetsByPort.ContainsKey(packet.SourceEP.Port)) { packetsByPort.Add(packet.SourceEP.Port, packet); } } Assert.AreEqual(5, packetsByPort.Count); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Bad_NasDevice() { // Verify that the server detects an unknown NAS device. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail("TimeoutException expected"); } catch (TimeoutException) { // Expecting a timeout since the server should ignore this packet } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } Assert.IsTrue(deelie.Log.Count > 0); Assert.AreEqual(RadiusLogEntryType.UnknownNas, deelie.Log[0].EntryType); Assert.IsFalse(deelie.Log[0].Success); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Auth_Log() { // Verify that authentication events are logged RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.AreEqual(2, deelie.Log.Count); Assert.IsTrue(deelie.Log[0].Success); Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[0].EntryType); Assert.AreEqual("r1", deelie.Log[0].Realm); Assert.AreEqual("jeff", deelie.Log[0].Account); Assert.IsFalse(deelie.Log[1].Success); Assert.AreEqual(RadiusLogEntryType.Authentication, deelie.Log[1].EntryType); Assert.AreEqual("r1", deelie.Log[1].Realm); Assert.AreEqual("jeff", deelie.Log[1].Account); } finally { server.Stop(); client.Close(); } }
public void RadiusClient_ID_WrapAround() { // Verify that a single port client instance will wrap request IDs // properly after ID=255 RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.Normal); for (int i = 0; i < 555; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } // We should have 555 packets in the deelie with ordered IDs. Assert.AreEqual(555, deelie.Packets.Count); for (int i = 0; i < 555; i++) { Assert.AreEqual((byte)i, deelie.Packets[i].Identifier); } } finally { server.Stop(); client.Close(); } }
public void TestStatusServerAuthenticationResponsePacket() { var request = "0cda00268a54f4686fb394c52866e302185d062350125a665e2e1e8411f3e243822097c84fa3"; var expected = "02da0014ef0d552a4bf2d693ec2b6fe8b5411d66"; var secret = "xyzzy5461"; var dictionary = GetDictionary(); var rs = new RadiusServer(new UdpClientFactory(), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812), dictionary, RadiusServerType.Authentication); var response = rs.GetResponsePacket(new MockPacketHandler(), secret, Utils.StringToByteArray(request), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1813)); Assert.AreEqual(expected, response.GetBytes(dictionary).ToHexString()); }
public void TestStatusServerAccountingResponsePacket() { var request = "0cb30026925f6b66dd5fed571fcb1db7ad3882605012e8d6eabda910875cd91fdade26367858"; var expected = "05b300140f6f92145f107e2f504e860a4860669c"; // Note the error in the RFC. First byte should be 05 not 02 var secret = "xyzzy5461"; var dictionary = GetDictionary(); var rs = new RadiusServer(new UdpClientFactory(), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812), dictionary, RadiusServerType.Accounting); var response = rs.GetResponsePacket(new MockPacketHandler(), secret, Utils.StringToByteArray(request), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1813)); Assert.AreEqual(expected, response.GetBytes(dictionary).ToHexString()); }
public void TestResponsePacketWithProxyStateMiddle() { var request = "010000420f403f9473978057bd83d5cb98f4227a01066e656d6f02120dbe708d93d413ce3196e43f782a0aee0406c0a8011021053135342105323330050600000003"; var expected = "02000030acf049cee1a3ed134316e5b3348cdf3c0606000000010f06000000000e06c0a8010321053135342105323330"; var secret = "xyzzy5461"; var dictionary = GetDictionary(); var rs = new RadiusServer(new UdpClientFactory(), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812), dictionary, RadiusServerType.Authentication); var response = rs.GetResponsePacket(new MockPacketHandler(), secret, Utils.StringToByteArray(request), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1813)); Assert.AreEqual(expected, response.GetBytes(dictionary).ToHexString()); }
public void TestResponsePacket() { var request = "010000380f403f9473978057bd83d5cb98f4227a01066e656d6f02120dbe708d93d413ce3196e43f782a0aee0406c0a80110050600000003"; var expected = "0200002686fe220e7624ba2a1005f6bf9b55e0b20606000000010f06000000000e06c0a80103"; var secret = "xyzzy5461"; var dictionary = GetDictionary(); var rs = new RadiusServer(new UdpClientFactory(), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812), dictionary, RadiusServerType.Authentication); var response = rs.GetResponsePacket(new MockPacketHandler(), secret, Utils.StringToByteArray(request), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1813)); Assert.AreEqual(expected, response.GetBytes(dictionary).ToHexString()); }
public void RadiusServer_Auth_Parallel_Delay() { // Verify that we can perform multiple parallel authentications with // a brief delay. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); IAsyncResult[] ar = new IAsyncResult[255]; RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthShortDelay); for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { Assert.IsTrue(client.EndAuthenticate(ar[i])); } } finally { server.Stop(); client.Close(); } }
public void RadiusClient_Timeout() { // Verify that the client detects timeouts. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreAllPackets); try { client.Authenticate("r1", "jeff", "password123"); Assert.Fail("Expected a timeout"); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(TimeoutException)); } } finally { server.Stop(); client.Close(); } }
public void RadiusServer_RealmFmt_Slash() { // Test the client against the server using RealmFormat.Slash. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_DefaultSecret() { // Verify that the default secret will be used if the NAS device // is not specified. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Slash; serverSettings.DefaultSecret = "hello"; clientSettings.RealmFormat = RealmFormat.Slash; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
public void RadiusServer_Nas_HostName() { // Verify that the server can handle NAS devices specified by DNS host name. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(Helper.MachineName, "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.IsTrue(client.Authenticate("r2", "jeff", "passwordXXX")); Assert.IsTrue(client.Authenticate("r1", "jane", "bigfish")); Assert.IsFalse(client.Authenticate("r1", "jeff", "PASSWORD123")); Assert.IsFalse(client.Authenticate("", "jeff", "password123")); Assert.IsFalse(client.Authenticate(null, "jeff", "password123")); Assert.IsFalse(client.Authenticate("r3", "jeff", "password123")); } finally { server.Stop(); client.Close(); } }
public async Task AuthenticationFail_2_Test() { server = RadiusFactory.CreateTestServer(1812, "secret", "test", "12345", RadiusServerType.Accounting); server.Start(); client = RadiusFactory.CreateTestClient(1824); var packet = new RadiusPacket(PacketCode.AccessRequest, 0, "secret"); packet.AddAttribute("User-Name", "test"); packet.AddAttribute("User-Password", "1234"); packet.AddAttribute("NAS-IP-Address", IPAddress.Parse("192.168.0.100")); packet.AddAttribute("NAS-Port", 3); var response = await client.SendPacketAsync(packet, new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812)); Assert.AreEqual(PacketCode.AccessReject, response.Code); }
public void RadiusClient_Retry() { // Verify that the client actually retries sending request packets and // that it used the same ID for both. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 1; clientSettings.MaxTransmissions = 2; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.IgnoreFirstPacket); Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); Assert.AreEqual(2, deelie.Packets.Count); Assert.AreEqual(deelie.Packets[0].Identifier, deelie.Packets[1].Identifier); } finally { server.Stop(); client.Close(); } }
public async Task TestStatusServerAuthenticationResponsePacketUdpClient() { var request = "0cda00268a54f4686fb394c52866e302185d062350125a665e2e1e8411f3e243822097c84fa3"; var expected = "02da0014ef0d552a4bf2d693ec2b6fe8b5411d66"; var secret = "xyzzy5461"; var client = new UdpClientMock(); var factory = new UdpClientMockFactory(client); var dictionary = GetDictionary(); var rs = new RadiusServer(factory, new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1812), dictionary, RadiusServerType.Authentication); rs.AddPacketHandler(IPAddress.Parse("127.0.0.1"), secret, new MockPacketHandler()); rs.Start(); var response = await client.SendMock(new UdpReceiveResult(Utils.StringToByteArray(request), new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1813))); Assert.AreEqual(expected, response.Buffer.ToHexString()); }
public void RadiusServer_Interop() { Assert.Inconclusive("The trial period for the RADIUS client tool has expired."); // Verify that my RADIUS server code can work against a client from // another vendor. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r1", "password123")); Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r2", "passwordXXX")); Assert.IsTrue(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jane@r1", "bigfish")); Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r1", "PASSWORD123")); Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff", "password123")); Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "hello", "jeff@r3", "password123")); Assert.IsFalse(RadiusTestClient.Authenticate(server.EndPoint, "badsecret", "jeff@r1", "password123")); } finally { server.Stop(); } }
public void Cleanup() { if (this.DB != null) { this.DB.Dispose(); this.DB = null; } if (this.AuthFilePath != null) { Helper.DeleteFile(this.AuthFilePath); this.AuthFilePath = null; } if (this.RadiusServer != null) { this.RadiusServer.Stop(); this.RadiusServer = null; } Config.SetConfig(null); }
static void Main(string[] args) { var path = Path.GetDirectoryName(AppDomain.CurrentDomain.BaseDirectory) + "/Content/radius.dictionary"; var dictionary = new RadiusDictionary(path, NullLogger <RadiusDictionary> .Instance); var radiusPacketParser = new RadiusPacketParser(NullLogger <RadiusPacketParser> .Instance, dictionary); var packetHandler = new TestPacketHandler(); var repository = new PacketHandlerRepository(); repository.AddPacketHandler(IPAddress.Any, packetHandler, "secret"); var authenticationServer = new RadiusServer( new UdpClientFactory(), new IPEndPoint(IPAddress.Any, 1812), radiusPacketParser, RadiusServerType.Authentication, repository, NullLogger <RadiusServer> .Instance); authenticationServer.Start(); Console.WriteLine("Hello World!"); Console.ReadLine(); }
private bool DiagnosticHook(RadiusServer server, RadiusPacket packet) { bool ignore = false; lock (syncLock) { Packets.Add(packet); switch (mode) { case Mode.Normal: ignore = false; break; case Mode.IgnoreAllPackets: ignore = true; break; case Mode.IgnoreFirstPacket: ignore = Packets.Count == 1; break; case Mode.IgnoreAlternatePackets: // Ignore even packets ignore = (Packets.Count & 1) == 0; break; } } return(!ignore); }
public void AccountingServerLaunchTest() { server = RadiusFactory.CreateTestServer(1813, "secret", "test", "1234", RadiusServerType.Accounting); server.Start(); Assert.AreEqual(true, server.Running); }
public void RadiusClient_ID_Exhaustion_MultiPort() { // Verify that the client throws an exception when it is asked to // manage more than 256 parallel authentication requests. RadiusServer server = new RadiusServer(); RadiusServerSettings serverSettings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(Local_RADIUS, "hello"); RadiusServerDeelie deelie; IAsyncResult[] ar; serverSettings.RealmFormat = RealmFormat.Email; serverSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); serverSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 2; clientSettings.MaxTransmissions = 1; try { server.Start(serverSettings); server.LoadAccountsFromString(@" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "); client.Open(clientSettings); deelie = new RadiusServerDeelie(server, RadiusServerDeelie.Mode.AuthLongDelay); ar = new IAsyncResult[clientSettings.PortCount * 256 + 1]; try { for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { if (ar[i] != null) { client.EndAuthenticate(ar[i]); } } Assert.Fail("Expected a RadiusException"); } catch (Exception e) { Assert.IsInstanceOfType(e, typeof(RadiusException)); } } finally { server.Stop(); client.Close(); } }
public void RadiusClient_LoadBalance_MultiPort() { // Verify that the client actually distributes packets across multiple // RADIUS servers with a multi port client. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 1; try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal); client.Open(clientSettings); for (int i = 0; i < 20; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } Assert.IsTrue(deelie1.Packets.Count > 0); Assert.IsTrue(deelie2.Packets.Count > 0); } finally { server1.Stop(); server2.Stop(); client.Close(); } }
public void RadiusClient_FailOver_MultiPort() { // Verify that the client actually fails over to alternate // RADIUS servers with a multi port client. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_AAA, NetworkBinding.Parse("192.168.255.1:1645") }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 10; clientSettings.RetryInterval = TimeSpan.FromSeconds(0.5); try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.IgnoreAlternatePackets); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.IgnoreAlternatePackets); client.Open(clientSettings); for (int i = 0; i < 10; i++) { Assert.IsTrue(client.Authenticate("r1", "jeff", "password123")); } } finally { server1.Stop(); server2.Stop(); client.Close(); } }
public void RadiusClient_Blast() { // Send a bunch of queries to multiple servers from multiple client ports. RadiusServer server1 = new RadiusServer(); RadiusServer server2 = new RadiusServer(); RadiusServerSettings server1Settings = new RadiusServerSettings(); RadiusServerSettings server2Settings = new RadiusServerSettings(); RadiusClient client = new RadiusClient(); RadiusClientSettings clientSettings = new RadiusClientSettings(new NetworkBinding[] { Local_RADIUS, Local_AAA }, "hello"); RadiusServerDeelie deelie1; RadiusServerDeelie deelie2; IAsyncResult[] ar; server1Settings.RealmFormat = RealmFormat.Email; server1Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server1Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server1Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.RADIUS); server2Settings.RealmFormat = RealmFormat.Email; server2Settings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, "hello")); server2Settings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), "hello")); server2Settings.NetworkBinding = new IPEndPoint(IPAddress.Any, NetworkPort.AAA); clientSettings.RealmFormat = RealmFormat.Email; clientSettings.PortCount = 4; clientSettings.MaxTransmissions = 3; try { string accountInfo = @" // This is a comment line r1;jeff;password123 r2;jeff;passwordXXX r1;jane;bigfish "; server1.Start(server1Settings); server1.LoadAccountsFromString(accountInfo); deelie1 = new RadiusServerDeelie(server1, RadiusServerDeelie.Mode.Normal); server2.Start(server2Settings); server2.LoadAccountsFromString(accountInfo); deelie2 = new RadiusServerDeelie(server2, RadiusServerDeelie.Mode.Normal); client.Open(clientSettings); ar = new IAsyncResult[clientSettings.PortCount * 256]; for (int i = 0; i < ar.Length; i++) { ar[i] = client.BeginAuthenticate("r1", "jeff", "password123", null, null); } for (int i = 0; i < ar.Length; i++) { Assert.IsTrue(client.EndAuthenticate(ar[i])); } Assert.IsTrue(deelie1.Packets.Count > 0); Assert.IsTrue(deelie2.Packets.Count > 0); } finally { server1.Stop(); server2.Stop(); client.Close(); } }
internal static VpnServerConfigurationData DeserializeVpnServerConfigurationData(JsonElement element) { Optional <ETag> etag = default; Optional <ResourceIdentifier> id = default; Optional <string> name = default; Optional <ResourceType> type = default; Optional <AzureLocation> location = default; Optional <IDictionary <string, string> > tags = default; Optional <IList <VpnGatewayTunnelingProtocol> > vpnProtocols = default; Optional <IList <VpnAuthenticationType> > vpnAuthenticationTypes = default; Optional <IList <VpnServerConfigVpnClientRootCertificate> > vpnClientRootCertificates = default; Optional <IList <VpnServerConfigVpnClientRevokedCertificate> > vpnClientRevokedCertificates = default; Optional <IList <VpnServerConfigRadiusServerRootCertificate> > radiusServerRootCertificates = default; Optional <IList <VpnServerConfigRadiusClientRootCertificate> > radiusClientRootCertificates = default; Optional <IList <IPsecPolicy> > vpnClientIpsecPolicies = default; Optional <string> radiusServerAddress = default; Optional <string> radiusServerSecret = default; Optional <IList <RadiusServer> > radiusServers = default; Optional <AadAuthenticationParameters> aadAuthenticationParameters = default; Optional <string> provisioningState = default; Optional <IReadOnlyList <P2SVpnGatewayData> > p2SVpnGateways = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("etag")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } etag = new ETag(property.Value.GetString()); continue; } if (property.NameEquals("id")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } id = new ResourceIdentifier(property.Value.GetString()); continue; } if (property.NameEquals("name")) { name = property.Value.GetString(); continue; } if (property.NameEquals("type")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } type = new ResourceType(property.Value.GetString()); continue; } if (property.NameEquals("location")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } location = new AzureLocation(property.Value.GetString()); continue; } if (property.NameEquals("tags")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } Dictionary <string, string> dictionary = new Dictionary <string, string>(); foreach (var property0 in property.Value.EnumerateObject()) { dictionary.Add(property0.Name, property0.Value.GetString()); } tags = dictionary; continue; } if (property.NameEquals("properties")) { if (property.Value.ValueKind == JsonValueKind.Null) { property.ThrowNonNullablePropertyIsNull(); continue; } foreach (var property0 in property.Value.EnumerateObject()) { if (property0.NameEquals("vpnProtocols")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnGatewayTunnelingProtocol> array = new List <VpnGatewayTunnelingProtocol>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(new VpnGatewayTunnelingProtocol(item.GetString())); } vpnProtocols = array; continue; } if (property0.NameEquals("vpnAuthenticationTypes")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnAuthenticationType> array = new List <VpnAuthenticationType>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(new VpnAuthenticationType(item.GetString())); } vpnAuthenticationTypes = array; continue; } if (property0.NameEquals("vpnClientRootCertificates")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnServerConfigVpnClientRootCertificate> array = new List <VpnServerConfigVpnClientRootCertificate>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(VpnServerConfigVpnClientRootCertificate.DeserializeVpnServerConfigVpnClientRootCertificate(item)); } vpnClientRootCertificates = array; continue; } if (property0.NameEquals("vpnClientRevokedCertificates")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnServerConfigVpnClientRevokedCertificate> array = new List <VpnServerConfigVpnClientRevokedCertificate>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(VpnServerConfigVpnClientRevokedCertificate.DeserializeVpnServerConfigVpnClientRevokedCertificate(item)); } vpnClientRevokedCertificates = array; continue; } if (property0.NameEquals("radiusServerRootCertificates")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnServerConfigRadiusServerRootCertificate> array = new List <VpnServerConfigRadiusServerRootCertificate>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(VpnServerConfigRadiusServerRootCertificate.DeserializeVpnServerConfigRadiusServerRootCertificate(item)); } radiusServerRootCertificates = array; continue; } if (property0.NameEquals("radiusClientRootCertificates")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <VpnServerConfigRadiusClientRootCertificate> array = new List <VpnServerConfigRadiusClientRootCertificate>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(VpnServerConfigRadiusClientRootCertificate.DeserializeVpnServerConfigRadiusClientRootCertificate(item)); } radiusClientRootCertificates = array; continue; } if (property0.NameEquals("vpnClientIpsecPolicies")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <IPsecPolicy> array = new List <IPsecPolicy>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(IPsecPolicy.DeserializeIPsecPolicy(item)); } vpnClientIpsecPolicies = array; continue; } if (property0.NameEquals("radiusServerAddress")) { radiusServerAddress = property0.Value.GetString(); continue; } if (property0.NameEquals("radiusServerSecret")) { radiusServerSecret = property0.Value.GetString(); continue; } if (property0.NameEquals("radiusServers")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <RadiusServer> array = new List <RadiusServer>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(RadiusServer.DeserializeRadiusServer(item)); } radiusServers = array; continue; } if (property0.NameEquals("aadAuthenticationParameters")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } aadAuthenticationParameters = AadAuthenticationParameters.DeserializeAadAuthenticationParameters(property0.Value); continue; } if (property0.NameEquals("provisioningState")) { provisioningState = property0.Value.GetString(); continue; } if (property0.NameEquals("p2SVpnGateways")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } List <P2SVpnGatewayData> array = new List <P2SVpnGatewayData>(); foreach (var item in property0.Value.EnumerateArray()) { array.Add(P2SVpnGatewayData.DeserializeP2SVpnGatewayData(item)); } p2SVpnGateways = array; continue; } } continue; } } return(new VpnServerConfigurationData(id.Value, name.Value, Optional.ToNullable(type), Optional.ToNullable(location), Optional.ToDictionary(tags), Optional.ToNullable(etag), Optional.ToList(vpnProtocols), Optional.ToList(vpnAuthenticationTypes), Optional.ToList(vpnClientRootCertificates), Optional.ToList(vpnClientRevokedCertificates), Optional.ToList(radiusServerRootCertificates), Optional.ToList(radiusClientRootCertificates), Optional.ToList(vpnClientIpsecPolicies), radiusServerAddress.Value, radiusServerSecret.Value, Optional.ToList(radiusServers), aadAuthenticationParameters.Value, provisioningState.Value, Optional.ToList(p2SVpnGateways))); }
public void Initialize() { Helper.InitializeApp(Assembly.GetExecutingAssembly()); this.ADSettings = new ADTestSettings(); this.DB = SqlTestDatabase.Create(); this.AuthFilePath = Path.GetTempFileName(); //------------------------------------------------------------- // Initialize file authentication Helper.WriteToFile(this.AuthFilePath, @" file.com;file1;file-password1 file.com;file2;file-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file1", "file-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.File, "file.com", "file2", "file-password2")); //------------------------------------------------------------- // Initialize RADIUS authentication RadiusServerSettings radiusSettings = new RadiusServerSettings(); radiusSettings.NetworkBinding = NetworkBinding.Parse("ANY:52111"); radiusSettings.Devices.Add(new RadiusNasInfo(IPAddress.Loopback, this.RadiusSecret)); radiusSettings.Devices.Add(new RadiusNasInfo(NetHelper.GetActiveAdapter(), this.RadiusSecret)); this.RadiusServer = new RadiusServer(); this.RadiusServer.Start(radiusSettings); this.RadiusServer.LoadAccountsFromString(@" radius.com;radius1;radius-password1 radius.com;radius2;radius-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius1", "radius-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Radius, "radius.com", "radius2", "radius-password2")); //------------------------------------------------------------- // Initialize config authentication Config.SetConfig(@" Accounts[0] = config.com;config1;config-password1 Accounts[1] = config.com;config2;config-password2 "); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config1", "config-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Config, "config.com", "config2", "config-password2")); #if TEST_AD //------------------------------------------------------------- // Initialize active directory authentication #if !TEST_AD_LDAP if (ADSettings.NasSecret != string.Empty) // Disable the test if the NAS secret is blank #endif this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Ldap, ADSettings.Domain, ADSettings.Account, ADSettings.Password)); #endif //------------------------------------------------------------- // Initalize ODBC authentication SqlConnection sqlCon = null; SqlScriptRunner scriptRunner; MacroProcessor processor; string initScript = @" create table Accounts ( Realm varchar(64), Account varchar(64), Password varchar(64), MD5 varbinary(128), SHA1 varbinary(128), SHA256 varbinary(128), SHA512 varbinary(128) ) go insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512) values ('odbc.com','odbc1','odbc-password1',$(md5-1),$(sha1-1),$(sha256-1),$(sha512-1)) insert into Accounts(Realm,Account,Password,MD5,SHA1,SHA256,SHA512) values ('odbc.com','odbc2','odbc-password2',$(md5-2),$(sha1-2),$(sha256-2),$(sha512-2)) go "; try { processor = new MacroProcessor(); processor.Add("md5-1", SqlHelper.Literal(MD5Hasher.Compute("odbc-password1"))); processor.Add("sha1-1", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password1"))); processor.Add("sha256-1", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password1"))); processor.Add("sha512-1", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password1"))); processor.Add("md5-2", SqlHelper.Literal(MD5Hasher.Compute("odbc-password2"))); processor.Add("sha1-2", SqlHelper.Literal(SHA1Hasher.Compute("odbc-password2"))); processor.Add("sha256-2", SqlHelper.Literal(SHA256Hasher.Compute("odbc-password2"))); processor.Add("sha512-2", SqlHelper.Literal(SHA512Hasher.Compute("odbc-password2"))); initScript = processor.Expand(initScript); sqlCon = DB.OpenConnection(); scriptRunner = new SqlScriptRunner(initScript); scriptRunner.Run(sqlCon); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc1", "odbc-password1")); this.Accounts.Add(new AuthTestAccount(AuthTestExtensionType.Odbc, "odbc.com", "odbc2", "odbc-password2")); } finally { if (sqlCon != null) { sqlCon.Close(); } } }