📄 pana_paa.cxx
字号:
diameter_octetstring_t newKey; if (m_Event.IsKeyAvailable(newKey)) { if (! AuxVariables().AlgorithmIsSet()) { // add algorithm // TBD: need to make sure algo value is ok AAA_UInt32AvpWidget algoAvp(PANA_AVPNAME_ALGORITHM); algoAvp.Get() = ACE_HTONL(PANA_AUTH_ALGORITHM()); msg->avpList().add(algoAvp()); AuxVariables().AlgorithmIsSet() = true; } SecurityAssociation().UpdateAAAKey1(newKey); SecurityAssociation().AddKeyIdAvp(*msg); SecurityAssociation().GenerateAuthKey(SessionId()); } msg->flags().separate = true; } else if (ev == EAP_FAILURE) { if (! AuxVariables().AbortOnFirstEapFailure()) { msg->flags().separate = true; } } else if (ev == EAP_TIMEOUT) { if (AuxVariables().AbortOnFirstEapFailure()) { AuxVariables().SeparateAuthentication() = false; } else { msg->flags().separate = true; } } // add notification if any AddNotification(*msg); // auth avp if any if (SecurityAssociation().IsSet()) { SecurityAssociation().AddAuthAvp(*msg); } } else { throw (PANA_Exception(PANA_Exception::FAILED, "Sending PFER with 1st EAP result already set")); } } else { throw (PANA_Exception(PANA_Exception::FAILED, "Sending PFER with separate auth disabled")); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPFER: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); SendReqMsg(msg);}void PANA_Paa::RxPBA(bool success){ /* 7.9 PANA-Bind-Answer (PBA) The PANA-Bind-Answer (PBA) message is sent by the PaC to the PAA in response to a PANA-Bind-Request message. PANA-Bind-Answer ::= < PANA-Header: 5 [,SEP] [,NAP] > < Session-Id > [ PPAC ] [ Device-Id ] [ Key-Id ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPBA: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); if (success) { m_Timer.CancelTxRetry(); // check dhcp if (PPAC().DhcpV6() && DhcpBootstrap().Enable()) { DhcpBootstrap().CheckPBA(msg); } // save the device id AAA_AddressAvpContainerWidget pacIdAvp(msg.avpList()); diameter_address_t *pacId = pacIdAvp.GetAvp(PANA_AVPNAME_DEVICEID); if (pacId) { PacDeviceId() = *pacId; } NotifyScheduleLifetime(PANA_CFG_PAA().m_GracePeriod); NotifyAuthorization(); } else { Disconnect(); }}void PANA_Paa::RxPFEA(bool success){ /* 7.17 PANA-FirstAuth-End-Answer (PFEA) The PANA-FirstAuth-End-Answer (PFEA) message is sent by the PaC to the PAA in response to a PANA-FirstAuth-End-Request message. PANA-FirstAuth-End-Answer ::= < PANA-Header: 9, REQ [,SEP] [,NAP] > < Session-Id > [ Key-Id ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPFEA: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); if (success && msg.flags().separate) { m_Timer.CancelTxRetry(); bool napAuth = AuxVariables().NapAuthentication(); m_Event.EapStart(napAuth); AuxVariables().NapAuthentication() = !AuxVariables().NapAuthentication(); } else { Disconnect(); }}void PANA_Paa::TxPAN(){ /* 7.5 PANA-Auth-Answer (PAN) THe PANA-Auth-Answer (PAN) message is sent by either the PaC or the PAA in response to a PANA-Auth-Request message. It MAY carry an EAP- Payload AVP. PANA-Auth-Answer ::= < PANA-Header: 3 [,SEP] [,NAP] > < Session-Id > [ Nonce ] [ EAP-Payload ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ boost::shared_ptr<PANA_Message> msg(new PANA_Message); // Populate header msg->type() = PANA_MTYPE_PAN; msg->seq() = LastRxSeqNum().Value(); msg->flags().separate = AuxVariables().SeparateAuthentication(); if (AuxVariables().SeparateAuthentication()) { msg->flags().nap = AuxVariables().NapAuthentication(); } // add session id AAA_Utf8AvpWidget sessionIdAvp(PANA_AVPNAME_SESSIONID); sessionIdAvp.Get() = SessionId(); msg->avpList().add(sessionIdAvp()); // add notification if any AddNotification(*msg); // add SA if any if (SecurityAssociation().IsSet()) { SecurityAssociation().AddAuthAvp(*msg); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPAN: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); SendAnsMsg(msg);}void PANA_Paa::RxPAR(){ /* 7.4 PANA-Auth-Request (PAR) The PANA-Auth-Request (PAR) message is either sent by the PAA or the PaC. Its main task is to carry an EAP-Payload AVP. PANA-Auth-Request ::= < PANA-Header: 3, REQ [,SEP] [,NAP] > < Session-Id > < EAP-Payload > [ Nonce ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables(). RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPAR: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); AAA_StringAvpContainerWidget eapAvp(msg.avpList()); diameter_octetstring_t *payload = eapAvp.GetAvp(PANA_AVPNAME_EAP); if (payload) { NotifyEapResponse(*payload); } m_Timer.CancelTxRetry(); TxPAN();}void PANA_Paa::RxPAN(){ /* 7.5 PANA-Auth-Answer (PAN) THe PANA-Auth-Answer (PAN) message is sent by either the PaC or the PAA in response to a PANA-Auth-Request message. It MAY carry an EAP- Payload AVP. PANA-Auth-Answer ::= < PANA-Header: 3 [,SEP] [,NAP] > < Session-Id > [ Nonce ] [ EAP-Payload ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables(). RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPAN: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); m_Timer.CancelTxRetry(); // update pac nonce AAA_StringAvpContainerWidget nonceAvp(msg.avpList()); diameter_octetstring_t *nonce = nonceAvp.GetAvp(PANA_AVPNAME_NONCE); if (nonce && ! SecurityAssociation().PacNonce().IsSet()) { SecurityAssociation().PacNonce().Set(*nonce); } AAA_StringAvpContainerWidget eapAvp(msg.avpList()); diameter_octetstring_t *payload = eapAvp.GetAvp(PANA_AVPNAME_EAP); if (payload) { NotifyEapResponse(*payload); }}void PANA_Paa::RxPRAR(){ /* 7.6 PANA-Reauth-Request (PRAR) The PANA-Reauth-Request (PRAR) message is sent by the PaC to the PAA to re-initiate EAP authentication. PANA-Reauth-Request ::= < PANA-Header: 4, REQ > < Session-Id > [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables(). RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPRAR: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); NotifyEapReAuth(); TxPRAA();}void PANA_Paa::TxPRAA(){ /* 7.7 PANA-Reauth-Answer (PRAA) The PANA-Reauth-Answer (PRAA) message is sent by the PAA to the PaC in response to a PANA-Reauth-Request message. PANA-Reauth-Answer ::= < PANA-Header: 4 > < Session-Id > [ Notification ] * [ AVP ] 0*1 < AUTH > */ boost::shared_ptr<PANA_Message> msg(new PANA_Message); // Populate header msg->type() = PANA_MTYPE_PRAA; msg->seq() = LastRxSeqNum().Value(); // add session id AAA_Utf8AvpWidget sessionIdAvp(PANA_AVPNAME_SESSIONID); sessionIdAvp.Get() = SessionId(); msg->avpList().add(sessionIdAvp()); // add notification if any AddNotification(*msg); // auth avp if (SecurityAssociation().IsSet()) { SecurityAssociation().AddAuthAvp(*msg); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPRAA: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); SendAnsMsg(msg);} void PANA_Paa::TxFormatAddress(PANA_Message &msg){ msg.srcPort() = PacIpAddress().get_port_number(); PANA_DeviceId *ipId = PANA_DeviceIdConverter::CreateFromAddr (PacIpAddress()); if (ipId == NULL) { throw (PANA_Exception(PANA_Exception::NO_MEMORY, "Failed to allocate IP device id")); } msg.srcDevices().push_back(ipId);}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -