📄 pana_client.cxx
字号:
// set aux variable AuxVariables().SeparateAuthentication() = false; } else { if (AuxVariables().SeparateAuthentication() && psr->flags().separate) { // set s-flag in psa msg->flags().separate = true; SecurityAssociation().Type() = PANA_SecurityAssociation::DOUBLE; } else { AuxVariables().SeparateAuthentication() = false; } // ISP selection IspSelection(psr); // add prefered isp information AAA_GroupedAvpWidget choosenIsp(PANA_AVPNAME_ISPINFO); PANA_ProviderInfoTool infoTool; infoTool.Add(choosenIsp.Get(), PreferedISP()); msg->avpList().add(choosenIsp()); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPSA: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); // add notification if any AddNotification(*msg); SendReqMsg(msg, (cookie) ? true : false);}void PANA_Client::TxPDI(){ /* 7.1 PANA-PAA-Discover (PDI) The PANA-PAA-Discover (PDI) message is used to discover the address of PAA(s). The sequence number in this message is always set to zero (0). PANA-PAA-Discover ::= < PANA-Header: 1 > [ Notification ] * [ AVP ] */ boost::shared_ptr<PANA_Message> msg(new PANA_Message); // Populate header msg->type() = PANA_MTYPE_PDI; msg->seq() = 0; ACE_DEBUG((LM_INFO, "(%P|%t) TxPDI: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); // add notification if any AddNotification(*msg); SendReqMsg(msg);}void PANA_Client::RxPAR(bool eapReAuth){ /* 7.4 PANA-Auth-Request (PAR) The PANA-Auth-Request (PAR) message is either sent by the PAA or the PaC. Its main task is to carry an EAP-Payload AVP. PANA-Auth-Request ::= < PANA-Header: 3, REQ [,SEP] [,NAP] > < Session-Id > < EAP-Payload > [ Nonce ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPAR: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); AuxVariables().NapAuthentication() = msg.flags().nap; AuxVariables().SecAssociationResumed() = false; if (eapReAuth) { AuxVariables().FirstEapResult() = 0; AuxVariables().SeparateAuthentication() = PANA_CFG_GENERAL().m_SeparateAuth; m_Timer.CancelSession(); } else { // RtxTimerStop() m_Timer.CancelTxRetry(); } // update paa nonce AAA_StringAvpContainerWidget nonceAvp(msg.avpList()); diameter_octetstring_t *nonce = nonceAvp.GetAvp(PANA_AVPNAME_NONCE); if (nonce && ! SecurityAssociation().PaaNonce().IsSet()) { SecurityAssociation().PaaNonce().Set(*nonce); } // PAR.exist_avp("EAP-Payload") AAA_StringAvpContainerWidget eapAvp(msg.avpList()); diameter_octetstring_t *payload = eapAvp.GetAvp(PANA_AVPNAME_EAP); if (payload) { NotifyEapRequest(*payload); // EAP response timeout should be less than retry m_Timer.ScheduleEapResponse(PANA_CFG_GENERAL().m_RT.m_IRT/2); } else { throw (PANA_Exception(PANA_Exception::FAILED, "No EAP-Payload AVP in PAR message")); } // EAP piggyback check if (! PANA_CFG_GENERAL().m_EapPiggyback) { TxPAN(false); } }void PANA_Client::RxPAN(){ /* 7.5 PANA-Auth-Answer (PAN) THe PANA-Auth-Answer (PAN) message is sent by either the PaC or the PAA in response to a PANA-Auth-Request message. It MAY carry an EAP- Payload AVP. PANA-Auth-Answer ::= < PANA-Header: 3 [,SEP] [,NAP] > < Session-Id > [ Nonce ] [ EAP-Payload ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPAN: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); // update current authentication mode AuxVariables().NapAuthentication() = msg.flags().nap; m_Timer.CancelTxRetry(); m_Timer.CancelSession();} void PANA_Client::TxPAR(){ /* 7.4 PANA-Auth-Request (PAR) The PANA-Auth-Request (PAR) message is either sent by the PAA or the PaC. Its main task is to carry an EAP-Payload AVP. PANA-Auth-Request ::= < PANA-Header: 3, REQ [,SEP] [,NAP] > < Session-Id > < EAP-Payload > [ Nonce ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ boost::shared_ptr<PANA_Message> msg(new PANA_Message); // Populate header msg->type() = PANA_MTYPE_PAR; msg->flags().request = true; // adjust serial num ++ LastTxSeqNum(); msg->seq() = LastTxSeqNum().Value(); msg->flags().separate = AuxVariables().SeparateAuthentication(); msg->flags().nap = AuxVariables().NapAuthentication(); // add session id AAA_Utf8AvpWidget sessionIdAvp(PANA_AVPNAME_SESSIONID); sessionIdAvp.Get() = SessionId(); msg->avpList().add(sessionIdAvp()); // stop eap response timer m_Timer.CancelEapResponse(); // eap payload PANA_MsgBlockGuard guard(AuxVariables().TxEapMessageQueue().Dequeue()); AAA_StringAvpWidget eapAvp(PANA_AVPNAME_EAP); eapAvp.Get().assign(guard()->base(), guard()->length()); msg->avpList().add(eapAvp()); // add notification if any AddNotification(*msg); // auth avp if any if (SecurityAssociation().IsSet()) { SecurityAssociation().AddAuthAvp(*msg); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPAR: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); SendReqMsg(msg);}void PANA_Client::TxPAN(bool eapPiggyBack){ /* 7.5 PANA-Auth-Answer (PAN) THe PANA-Auth-Answer (PAN) message is sent by either the PaC or the PAA in response to a PANA-Auth-Request message. It MAY carry an EAP- Payload AVP. PANA-Auth-Answer ::= < PANA-Header: 3 [,SEP] [,NAP] > < Session-Id > [ Nonce ] [ EAP-Payload ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ boost::shared_ptr<PANA_Message> msg(new PANA_Message); // Populate header msg->type() = PANA_MTYPE_PAN; msg->seq() = LastRxSeqNum().Value(); msg->flags().separate = AuxVariables().SeparateAuthentication(); msg->flags().nap = AuxVariables().NapAuthentication(); // add session id AAA_Utf8AvpWidget sessionIdAvp(PANA_AVPNAME_SESSIONID); sessionIdAvp.Get() = SessionId(); msg->avpList().add(sessionIdAvp()); // add pac nonce if (! SecurityAssociation().PacNonce().IsSet()) { // generate nouce SecurityAssociation().PacNonce().Generate(); diameter_octetstring_t &nonce = SecurityAssociation().PacNonce().Get(); AAA_StringAvpWidget nonceAvp(PANA_AVPNAME_NONCE); nonceAvp.Get().assign(nonce.data(), nonce.size()); msg->avpList().add(nonceAvp()); } if (eapPiggyBack) { // stop eap response timer m_Timer.CancelEapResponse(); // eap payload PANA_MsgBlockGuard guard(AuxVariables().TxEapMessageQueue().Dequeue()); AAA_StringAvpWidget eapAvp(PANA_AVPNAME_EAP); eapAvp.Get().assign(guard()->base(), guard()->length()); msg->avpList().add(eapAvp()); } // add notification if any AddNotification(*msg); // add SA if any if (SecurityAssociation().IsSet()) { SecurityAssociation().AddKeyIdAvp(*msg); SecurityAssociation().AddAuthAvp(*msg); } ACE_DEBUG((LM_INFO, "(%P|%t) TxPAN: S-flag %d, N-flag=%d, seq=%d\n", msg->flags().separate, msg->flags().nap, msg->seq())); SendAnsMsg(msg);}void PANA_Client::RxPFER(){ /* 7.16 PANA-FirstAuth-End-Request (PFER) The PANA-FirstAuth-End-Request (PFER) message is sent by the PAA to the PaC to signal the result of the first EAP authentication method when separate NAP and ISP authentication is performed. PANA-FirstAuth-End-Request ::= < PANA-Header: 9, REQ [,SEP] [,NAP] > < Session-Id > { Result-Code } [ EAP-Payload ] [ Key-Id ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPFER: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); // Reset flags m_Flags.p = 0; // sanity checks if (AuxVariables().FirstEapResult() != 0) { throw (PANA_Exception(PANA_Exception::FAILED, "PFER message received when 1st EAP result is already set")); } if (! AuxVariables().SeparateAuthentication()) { throw (PANA_Exception(PANA_Exception::FAILED, "PFER message received when separate auth is not supported")); } // update current authentication mode AuxVariables().NapAuthentication() = msg.flags().nap; // result code checks AAA_UInt32AvpContainerWidget rcodeAvp(msg.avpList()); diameter_unsigned32_t *rcode = rcodeAvp.GetAvp(PANA_AVPNAME_RESULTCODE); if (rcode == NULL) { throw (PANA_Exception(PANA_Exception::FAILED, "No Result-Code AVP in PFER message")); } AuxVariables().FirstEapResult() = ACE_NTOHL(*rcode); // eap paylaod checks AAA_StringAvpContainerWidget eapAvp(msg.avpList()); diameter_octetstring_t *payload = eapAvp.GetAvp(PANA_AVPNAME_EAP); if (payload) { NotifyEapRequest(*payload); } else { m_Event.EapAltReject(); Error(ACE_NTOHL(*rcode)); return; } // update key id AAA_UInt32AvpContainerWidget keyIdAvp(msg.avpList()); diameter_unsigned32_t *keyId = keyIdAvp.GetAvp(PANA_AVPNAME_KEYID); if (keyId) { SecurityAssociation().UpdateKeyId1(ACE_NTOHL(*keyId)); }}void PANA_Client::RxPBR(){ /* 7.8 PANA-Bind-Request (PBR) The PANA-Bind-Request (PBR) message is sent by the PAA to the PaC to deliver the result of PANA authentication. PANA-Bind-Request ::= < PANA-Header: 5, REQ [,SEP] [,NAP] > < Session-Id > { Result-Code } [ PPAC ] [ EAP-Payload ] [ Session-Lifetime ] [ Protection-Capability ] [ Key-Id ] * [ Device-Id ] [ Notification ] * [ AVP ] 0*1 < AUTH > */ std::auto_ptr<PANA_Message> cleanup(AuxVariables().RxMsgQueue().Dequeue()); PANA_Message &msg = *cleanup; ACE_DEBUG((LM_INFO, "(%P|%t) RxPBR: S-flag %d, N-flag=%d, seq=%d\n", msg.flags().separate, msg.flags().nap, msg.seq())); // process notification ProcessNotification(msg); // Reset flags m_Flags.p = 0; // lookup result code AAA_UInt32AvpContainerWidget rcodeAvp(msg.avpList()); diameter_unsigned32_t *pRcode = rcodeAvp.GetAvp(PANA_AVPNAME_RESULTCODE); if (pRcode == NULL) { throw (PANA_Exception(PANA_Exception::FAILED, "No Result-Code AVP in PBR message")); } diameter_unsigned32_t rcode = ACE_NTOHL(*pRcode); // update ep device id's bool epIdPresent = false; AAA_AddressAvpContainerWidget epIdAvp(msg.avpList());⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -