/// <summary>
/// Send unsolicited packets commonly used for Disconnect and Change-of-Authorization messages.<br></br>
/// https://www.ietf.org/rfc/rfc3576.txt
/// </summary>
/// <param name="packet"></param>
/// <param name="retries"></param>
/// <returns></returns>
public async Task <RadiusPacket> SendUnsolicitedPacketAsync(RadiusPacket packet)
{
using (var udpClient = new UdpClient())
{
try
{
udpClient.Connect(_HostName, _UnsolicitedPort);
await udpClient.SendAsync(packet.RawData, packet.RawData.Length);
var RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);
var result = await udpClient.ReceiveAsync();
var receivedPacket = new RadiusPacket(result.Buffer);
if (receivedPacket.Valid)
{
return(receivedPacket);
}
}
catch (Exception)
{
throw;
}
}
return(null);
}
public RadiusPacket Authenticate(string username, string password)
{
RadiusPacket packet = new RadiusPacket(RadiusCode.ACCESS_REQUEST);
packet.SetAuthenticator(_SharedSecret);
byte[] encryptedPass = Utils.EncodePapPassword(Encoding.ASCII.GetBytes(password), packet.Authenticator, _SharedSecret);
packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_NAME, Encoding.ASCII.GetBytes(username)));
packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_PASSWORD, encryptedPass));
return packet;
}
public RadiusPacket Authenticate(string username, string password)
{
RadiusPacket packet = new RadiusPacket(RadiusCode.ACCESS_REQUEST);
packet.SetAuthenticator(_SharedSecret);
byte[] encryptedPass = Utils.EncodePapPassword(Encoding.ASCII.GetBytes(password), packet.Authenticator, _SharedSecret);
packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_NAME, Encoding.ASCII.GetBytes(username)));
packet.SetAttribute(new RadiusAttribute(RadiusAttributeType.USER_PASSWORD, encryptedPass));
return(packet);
}
public async Task<RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES)
{
using (UdpClient udpClient = new UdpClient())
{
udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout);
try
{
IPAddress hostIP;
if (IPAddress.TryParse(_HostName, out hostIP))
udpClient.Connect(hostIP, (int) _AuthPort);
else
udpClient.Connect(_HostName, (int) _AuthPort);
}
catch (SocketException e)
{
int hr = Marshal.GetHRForException(e);
string hexValue = hr.ToString("X");
//The requested name is valid, but no data of the requested type was found
if (hexValue == "80004005")
return null;
}
var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint;
int numberOfAttempts = 0;
do
{
await udpClient.SendAsync(packet.RawData, packet.RawData.Length);
try
{
// Using the synchronous method for the timeout features
var result = udpClient.Receive(ref endPoint);
RadiusPacket receivedPacket = new RadiusPacket(result);
if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket))
return receivedPacket;
}
catch (SocketException)
{
//Server isn't responding
}
numberOfAttempts++;
} while (numberOfAttempts < retries);
}
return null;
}
public RadiusPacket DisconnectRequest(string sessionId, string username, string framedIpAddress)
{
var packet = new RadiusPacket(RadiusCode.DISCONNECT_REQUEST);
packet.SetAttribute(RadiusAttribute.CreateString(RadiusAttributeType.ACCT_SESSION_ID, sessionId));
packet.SetAttribute(RadiusAttribute.CreateString(RadiusAttributeType.USER_NAME, username));
packet.SetAttribute(RadiusAttribute.CreateAddress(RadiusAttributeType.FRAMED_IP_ADDRESS, framedIpAddress));
packet.SetAuthenticator(_SharedSecret);
return(packet);
}
/// <summary>
/// Sends a Server-Status packet using the shared secret of the client
/// </summary>
/// <returns></returns>
public async Task <RadiusPacket> Ping()
{
// Create a new RADIUS packet with the Server-Status code
RadiusPacket authPacket = new RadiusPacket(RadiusCode.SERVER_STATUS);
// Populate the Request-Authenticator
authPacket.SetAuthenticator(_SharedSecret);
// Add the Message-Authenticator as a last step. Note: Server-Status packets don't require any other attributes
authPacket.SetMessageAuthenticator(_SharedSecret);
// We MUST NOT retransmit Server-Status packets according to https://tools.ietf.org/html/rfc5997
return(await SendAndReceivePacket(authPacket, 0));
}
public async static Task Authentication(string[] args)
{
try
{
RadiusClient rc = new RadiusClient(args[0], args[1]);
RadiusPacket authPacket = rc.Authenticate(args[2], args[3]);
authPacket.SetAttribute(new VendorSpecificAttribute(10135, 1, UTF8Encoding.UTF8.GetBytes("Testing")));
authPacket.SetAttribute(new VendorSpecificAttribute(10135, 2, new[] { (byte)7 }));
RadiusPacket receivedPacket = await rc.SendAndReceivePacket(authPacket);
if (receivedPacket == null)
{
throw new Exception("Can't contact remote radius server !");
}
switch (receivedPacket.PacketType)
{
case RadiusCode.ACCESS_ACCEPT:
Console.WriteLine("Access-Accept");
foreach (var attr in receivedPacket.Attributes)
{
Console.WriteLine(attr.Type.ToString() + " = " + attr.Value);
}
break;
case RadiusCode.ACCESS_CHALLENGE:
Console.WriteLine("Access-Challenge");
break;
case RadiusCode.ACCESS_REJECT:
Console.WriteLine("Access-Reject");
if (!rc.VerifyAuthenticator(authPacket, receivedPacket))
{
Console.WriteLine("Authenticator check failed: Check your secret");
}
break;
default:
Console.WriteLine("Rejected");
break;
}
}
catch (Exception ex)
{
throw ex;
}
}
private bool VerifyAuthenticator(RadiusPacket requestedPacket, RadiusPacket receivedPacket)
{
return requestedPacket.Identifier == receivedPacket.Identifier
&& receivedPacket.Authenticator.SequenceEqual(Utils.ResponseAuthenticator(receivedPacket.RawData, requestedPacket.Authenticator, _SharedSecret));
}
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES)
{
using (UdpClient udpClient = new UdpClient())
{
udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout);
try
{
// Starting with Vista, we are able to bind to a local endpoint to guarantee the packet
// will be sent out a particular interface
// This is explained in the following blog
// http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx
if (_LocalEndPoint != null)
{
udpClient.Client.Bind(_LocalEndPoint);
}
IPAddress hostIP;
if (IPAddress.TryParse(_HostName, out hostIP))
{
udpClient.Connect(hostIP, (int)_AuthPort);
}
else
{
udpClient.Connect(_HostName, (int)_AuthPort);
}
}
catch (SocketException e)
{
int hr = Marshal.GetHRForException(e);
string hexValue = hr.ToString("X");
//The requested name is valid, but no data of the requested type was found
if (hexValue == "80004005")
{
return(null);
}
}
var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint;
int numberOfAttempts = 0;
do
{
await udpClient.SendAsync(packet.RawData, packet.RawData.Length);
try
{
// Using the synchronous method for the timeout features
var result = udpClient.Receive(ref endPoint);
RadiusPacket receivedPacket = new RadiusPacket(result);
if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket))
{
return(receivedPacket);
}
}
catch (SocketException)
{
//Server isn't responding
}
numberOfAttempts++;
} while (numberOfAttempts < retries);
}
return(null);
}
private bool VerifyAuthenticator(RadiusPacket requestedPacket, RadiusPacket receivedPacket)
{
return(requestedPacket.Identifier == receivedPacket.Identifier &&
receivedPacket.Authenticator.SequenceEqual(Utils.ResponseAuthenticator(receivedPacket.RawData, requestedPacket.Authenticator, _SharedSecret)));
}
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES)
{
using (UdpClient udpClient = new UdpClient())
{
udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout);
IPAddress hostIP = null;
try
{
// Starting with Vista, we are able to bind to a local endpoint to guarantee the packet
// will be sent out a particular interface
// This is explained in the following blog
// http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx
if (_LocalEndPoint != null)
{
udpClient.Client.Bind(_LocalEndPoint);
}
if (!IPAddress.TryParse(_HostName, out hostIP))
{
//Try performing a DNS lookup
var host = Dns.GetHostEntry(_HostName);
hostIP = host.AddressList.FirstOrDefault(a => a.AddressFamily == AddressFamily.InterNetwork);
if (hostIP == null)
{
throw new Exception("Resolving " + _HostName + " returned no hits in DNS");
}
}
}
catch (SocketException e)
{
int hr = Marshal.GetHRForException(e);
string hexValue = hr.ToString("X");
//The requested name is valid, but no data of the requested type was found
if (hexValue == "80004005")
{
return(null);
}
}
var endPoint = new IPEndPoint(hostIP, (int)_AuthPort);
int numberOfAttempts = 0;
do
{
try
{
var res = udpClient.SendAsync(packet.RawData, packet.RawData.Length, endPoint);
// Using the synchronous method for the timeout features
var result = udpClient.Receive(ref endPoint);
RadiusPacket receivedPacket = new RadiusPacket(result);
if (receivedPacket.Valid)
{
return(receivedPacket);
}
}
catch (SocketException)
{
//Server isn't responding
}
numberOfAttempts++;
} while (numberOfAttempts < retries);
}
return(null);
}
public async Task<RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES)
{
using (UdpClient udpClient = new UdpClient())
{
udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout);
IPAddress hostIP = null;
try
{
// Starting with Vista, we are able to bind to a local endpoint to guarantee the packet
// will be sent out a particular interface
// This is explained in the following blog
// http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx
if(_LocalEndPoint != null)
udpClient.Client.Bind(_LocalEndPoint);
if(!IPAddress.TryParse(_HostName, out hostIP))
{
//Try performing a DNS lookup
var host = Dns.GetHostEntry(_HostName);
hostIP = host.AddressList.FirstOrDefault(a => a.AddressFamily == AddressFamily.InterNetwork);
if (hostIP == null)
throw new Exception("Resolving " + _HostName + " returned no hits in DNS");
}
}
catch (SocketException e)
{
int hr = Marshal.GetHRForException(e);
string hexValue = hr.ToString("X");
//The requested name is valid, but no data of the requested type was found
if (hexValue == "80004005")
return null;
}
var endPoint = new IPEndPoint(hostIP, (int)_AuthPort);
int numberOfAttempts = 0;
do
{
await udpClient.SendAsync(packet.RawData, packet.RawData.Length, endPoint);
try
{
// Using the synchronous method for the timeout features
var result = udpClient.Receive(ref endPoint);
RadiusPacket receivedPacket = new RadiusPacket(result);
if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket))
return receivedPacket;
}
catch (SocketException)
{
//Server isn't responding
}
numberOfAttempts++;
} while (numberOfAttempts < retries);
}
return null;
}
public async Task <RadiusPacket> SendAndReceivePacket(RadiusPacket packet, int retries = DEFAULT_RETRIES)
{
using (UdpClient udpClient = new UdpClient())
{
udpClient.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, _SocketTimeout);
try
{
IPAddress hostIP;
if (IPAddress.TryParse(_HostName, out hostIP))
{
udpClient.Connect(hostIP, (int)_AuthPort);
}
else
{
udpClient.Connect(_HostName, (int)_AuthPort);
}
}
catch (SocketException e)
{
int hr = Marshal.GetHRForException(e);
string hexValue = hr.ToString("X");
//The requested name is valid, but no data of the requested type was found
if (hexValue == "80004005")
{
return(null);
}
}
var endPoint = (IPEndPoint)udpClient.Client.RemoteEndPoint;
int numberOfAttempts = 0;
do
{
await udpClient.SendAsync(packet.RawData, packet.RawData.Length).ConfigureAwait(false);
try
{
// Using the synchronous method for the timeout features
var result = udpClient.Receive(ref endPoint);
RadiusPacket receivedPacket = new RadiusPacket(result);
if (receivedPacket.Valid && VerifyAuthenticator(packet, receivedPacket))
{
return(receivedPacket);
}
}
catch (SocketException)
{
//Server isn't responding
}
numberOfAttempts++;
} while (numberOfAttempts < retries);
}
return(null);
}
