def process_outbound(self, radius_output_bits):
"""Placeholder method extracted from Chewie.send_radius_messages()"""
eap_message = radius_output_bits.message
src_mac = radius_output_bits.src_mac
username = radius_output_bits.identity
state = radius_output_bits.state
port_id = radius_output_bits.port_mac
self.logger.info(
"got eap to send to radius.. mac: %s %s, username: %s",
type(src_mac), src_mac, username)
state_dict = None
if state:
state_dict = state.__dict__
self.logger.info("Sending to RADIUS eap message %s with state %s",
eap_message.__dict__, state_dict)
radius_packet_id = self.get_next_radius_packet_id()
self.packet_id_to_mac[radius_packet_id] = {
'src_mac': src_mac,
'port_id': port_id
}
# message is eap. needs to be wrapped into a radius packet.
request_authenticator = self.generate_request_authenticator()
self.packet_id_to_request_authenticator[
radius_packet_id] = request_authenticator
return MessagePacker.radius_pack(eap_message, src_mac, username,
radius_packet_id,
request_authenticator, state,
self.radius_secret,
port_id_to_int(port_id),
self.extra_radius_request_attributes)
def test_radius_with_extra_attributes_packs(self): # pylint: disable=invalid-name
packed_message = bytes.fromhex("010a0073"
"be5df1f3b3366c69b977e56a7da47cba"
"010675736572"
"1f1330323a34323a61633a31373a30303a3666"
"1e1434342d34342d34342d34342d34342d34343a"
"3d060000000f"
"4f08027100061500"
"1812f51d90b0f76c85835ed4ac882e522748501201531ea8051d136941fece17473f6b4a") # pylint: disable=line-too-long
src_mac = MacAddress.from_string("02:42:ac:17:00:6f")
username = "******"
radius_packet_id = 10
request_authenticator = bytes.fromhex(
"be5df1f3b3366c69b977e56a7da47cba")
state = State.create(bytes.fromhex("f51d90b0f76c85835ed4ac882e522748"))
secret = "SECRET"
extra_attributes = []
extra_attributes.append(CalledStationId.create('44-44-44-44-44-44:'))
extra_attributes.append(NASPortType.create(15))
eap_message = TtlsMessage(src_mac, 113, Eap.RESPONSE, 0, b'')
packed_radius = MessagePacker.radius_pack(
eap_message,
src_mac,
username,
radius_packet_id,
request_authenticator,
state,
secret,
extra_attributes=extra_attributes)
self.assertEqual(packed_message, packed_radius)
def test_radius_packs_basic(self):
"""without extra_attributes or nas-port"""
packed_message = bytes.fromhex("01bf005b0123456789abcdeffedcba9876543210010a62656e62757274741f1361613a62623a63633a64643a65653a66664f18021500160410824788d693e2adac6ce15641418228cf5012caadc1c7a3be07fe63fdf83a59ed18c2") # pylint: disable=line-too-long
src_mac = MacAddress.from_string("aa:bb:cc:dd:ee:ff")
username = "******"
radius_packet_id = 191
request_authenticator = bytes.fromhex(
"0123456789abcdeffedcba9876543210")
state = None
secret = "SUPERSECRET"
challenge = bytes.fromhex("824788d693e2adac6ce15641418228cf")
eap_message = Md5ChallengeMessage(src_mac, 21, Eap.RESPONSE, challenge,
b'')
packed_radius = MessagePacker.radius_pack(eap_message, src_mac,
username, radius_packet_id,
request_authenticator, state,
secret)
self.assertEqual(packed_message, packed_radius)
def test_radius_packs_with_nas_port(self):
packed_message = bytes.fromhex("01bf00610123456789abcdeffedcba9876543210010a62656e62757274741f1361613a62623a63633a64643a65653a66660506000002a14f18021500160410824788d693e2adac6ce15641418228cf50121139bd192c46fe6d2a937d9573311b70") # pylint: disable=line-too-long
src_mac = MacAddress.from_string("aa:bb:cc:dd:ee:ff")
username = "******"
radius_packet_id = 191
request_authenticator = bytes.fromhex(
"0123456789abcdeffedcba9876543210")
state = None
secret = "SUPERSECRET"
challenge = bytes.fromhex("824788d693e2adac6ce15641418228cf")
eap_message = Md5ChallengeMessage(src_mac, 21, Eap.RESPONSE, challenge,
b'')
packed_radius = MessagePacker.radius_pack(eap_message,
src_mac,
username,
radius_packet_id,
request_authenticator,
state,
secret,
nas_port=0x02a1)
self.assertEqual(packed_message, packed_radius)
def process_outbound(self, radius_output_bits):
"""Placeholder method extracted from Chewie._send_radius_messages()"""
radius_payload = radius_output_bits.message
src_mac = radius_output_bits.src_mac
username = radius_output_bits.identity
state = radius_output_bits.state
port_id = radius_output_bits.port_mac
self.logger.info("Sending Radius Packet. Mac %s %s, Username: %s ",
type(src_mac), src_mac, username)
if isinstance(radius_payload,
MacAddress) and radius_payload == src_mac == username:
print("Enterting outbound mab request")
return self.process_outbound_mab_request(radius_output_bits)
state_dict = None
if state:
state_dict = state.__dict__
self.logger.info("Sending to RADIUS payload %s with state %s",
radius_payload.__dict__, state_dict)
radius_packet_id = self.get_next_radius_packet_id()
self.packet_id_to_mac[radius_packet_id] = {
'src_mac': src_mac,
'port_id': port_id
}
request_authenticator = self.generate_request_authenticator()
self.packet_id_to_request_authenticator[
radius_packet_id] = request_authenticator
return MessagePacker.radius_pack(radius_payload, src_mac, username,
radius_packet_id,
request_authenticator, state,
self.radius_secret,
port_id_to_int(port_id),
self.extra_radius_request_attributes)