📄 diameter_eap_parser.hxx
字号:
This Attribute is available to be sent by the server to the client in an Access-Challenge and MUST be sent unmodified from the client to the server in the new Access-Request reply to that challenge, if any. This Attribute is available to be sent by the server to the client in an Access-Accept that also includes a Termination-Action Attribute with the value of RADIUS-Request. If the NAS performs the Termination-Action by sending a new Access-Request upon termination of the current session, it MUST include the State attribute unchanged in that Access-Request. In either usage, the client MUST NOT interpret the attribute locally. A packet must have only zero or one State Attribute. Usage of the State Attribute is implementation dependent." */ AAA_ScholarAttribute<diameter_octetstring_t> State; AAA_ScholarAttribute<diameter_unsigned32_t> AuthorizationLifetime; AAA_ScholarAttribute<diameter_unsigned32_t> AuthGracePeriod; /* In Section 8 of RFC3588: "An access device that does not expect to send a re-authorization or a session termination request to the server MAY include the Auth- Session-State AVP with the value set to NO_STATE_MAINTAINED as a hint to the server. If the server accepts the hint, it agrees that since no session termination message will be received once service to the user is terminated, it cannot maintain state for the session. If the answer message from the server contains a different value in the Auth-Session-State AVP (or the default value if the AVP is absent), the access device MUST follow the server's directives. Note that the value NO_STATE_MAINTAINED MUST NOT be set in subsequent re- authorization requests and answers." In Section 8.1 of RFC3588: "There are four different authorization session state machines supported in the Diameter base protocol. The first two describe a session in which the server is maintaining session state, indicated by the value of the Auth-Session-State AVP (or its absence). One describes the session from a client perspective, the other from a server perspective. The second two state machines are used when the server does not maintain session state. Here again, one describes the session from a client perspective, the other from a server perspective." In Section 8.11 of RFC3588: "8.11. Auth-Session-State AVP The Auth-Session-State AVP (AVP Code 277) is of type Enumerated and specifies whether state is maintained for a particular session. The client MAY include this AVP in requests as a hint to the server, but the value in the server's answer message is binding. The following values are supported: STATE_MAINTAINED 0 This value is used to specify that session state is being maintained, and the access device MUST issue a session termination message when service to the user is terminated. This is the default value. NO_STATE_MAINTAINED 1 This value is used to specify that no session termination messages will be sent by the access device upon expiration of the Authorization-Lifetime." */ AAA_ScholarAttribute<diameter_enumerated_t> AuthSessionState; AAA_ScholarAttribute<diameter_unsigned32_t> SessionTimeout; /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.2. Callback-Number AVP The Callback-Number AVP (AVP Code 19) is of type UTF8String, and contains a dialing string to be used for callback. It MAY be used in an authentication and/or authorization request as a hint to the server that a Callback service is desired, but the server is not required to honor the hint in the corresponding response. The codification of the range of allowed usage of this field is outside the scope of this specification." */ AAA_ScholarAttribute<diameter_utf8string_t> CallbackNumber; AAA_ScholarAttribute<diameter_utf8string_t> CalledStationId; AAA_ScholarAttribute<diameter_utf8string_t> CallingStationId; /* RFC3588 8.20. Class AVP The Class AVP (AVP Code 25) is of type OctetString and is used to by Diameter servers to return state information to the access device. When one or more Class AVPs are present in application-specific authorization answer messages, they MUST be present in subsequent re-authorization, session termination and accounting messages. Class AVPs found in a re-authorization answer message override the ones found in any previous authorization answer message. Diameter server implementations SHOULD NOT return Class AVPs that require more than 4096 bytes of storage on the Diameter client. A Diameter client that receives Class AVPs whose size exceeds local available storage MUST terminate the session. */ AAA_VectorAttribute<diameter_octetstring_t> Class; AAA_ScholarAttribute<diameter_octetstring_t> OriginatingLineInfo; AAA_ScholarAttribute<diameter_utf8string_t> ConnectInfo; AAA_VectorAttribute<diameter_enumerated_t> FramedCompression; AAA_ScholarAttribute<diameter_unsigned64_t> FramedInterfaceId; AAA_ScholarAttribute<diameter_octetstring_t> FramedIpAddress; AAA_VectorAttribute<diameter_octetstring_t> FramedIpv6Prefix; AAA_ScholarAttribute<diameter_octetstring_t> FramedIpNetmask; /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.9.3. Framed-MTU AVP The Framed-MTU AVP (AVP Code 12) is of type Unsigned32 and contains the Maximum Transmission Unit to be configured for the user, when it is not negotiated by some other means (such as PPP). This AVP SHOULD only be present in authorization responses. The MTU value MUST be in the range of 64 and 65535." */ AAA_ScholarAttribute<diameter_unsigned32_t> FramedMtu; /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.9.1. Framed-Protocol AVP The Framed-Protocol AVP (AVP Code 7) is of type Enumerated and contains the framing to be used for framed access. This AVP MAY be present in both requests and responses. The supported values are listed in [RADIUSTypes]. The following list is informational: 1 PPP 2 SLIP 3 AppleTalk Remote Access Protocol (ARAP) 4 Gandalf proprietary SingleLink/MultiLink protocol 5 Xylogics proprietary IPX/SLIP 6 X.75 Synchronous" */ AAA_ScholarAttribute<diameter_enumerated_t> FramedProtocol; AAA_GroupedVectorAttribute<tunneling_t> Tunneling; AAA_GroupedVectorAttribute<proxyinfo_t> ProxyInfo; AAA_VectorAttribute<diameter_identity_t> RouteRecord; AAA_VectorAttribute<avp_t> Avp;};/// Definition for DEA message contents internal structure.class DEA_Data{ public: DEA_Data() {} void Clear() { UserName.Clear(); EapPayload.Clear(); EapReissuedPayload.Clear(); EapMasterSessionKey.Clear(); MultiRoundTimeOut.Clear(); AccountingEapAuthMethod.Clear(); OriginStateId.Clear(); PortLimit.Clear(); ServiceType.Clear(); IdleTimeout.Clear(); State.Clear(); Class.Clear(); AuthorizationLifetime.Clear(); AuthGracePeriod.Clear(); AuthSessionState.Clear(); SessionTimeout.Clear(); CallbackNumber.Clear(); FramedAppletalkLink.Clear(); FramedAppletalkNetwork.Clear(); FramedAppletalkZone.Clear(); FramedCompression.Clear(); FramedInterfaceId.Clear(); FramedIpAddress.Clear(); FramedIpv6Prefix.Clear(); FramedIpv6Pool.Clear(); FramedIpv6Route.Clear(); FramedIpNetmask.Clear(); FramedRoute.Clear(); FramedPool.Clear(); FramedIpxNetwork.Clear(); FramedMtu.Clear(); FramedProtocol.Clear(); FramedRouting.Clear(); NasFilterRule.Clear(); Tunneling.Clear(); RedirectHost.Clear(); RedirectHostUsage.Clear(); RedirectMaxCacheTime.Clear(); ProxyInfo.Clear(); Avp.Clear(); } /// DEA AVPs AAA_ScholarAttribute<diameter_utf8string_t> SessionId; AAA_ScholarAttribute<diameter_unsigned32_t> AuthApplicationId; AAA_ScholarAttribute<diameter_enumerated_t> AuthRequestType; AAA_ScholarAttribute<diameter_identity_t> OriginHost; AAA_ScholarAttribute<diameter_identity_t> OriginRealm; AAA_ScholarAttribute<diameter_utf8string_t> UserName; AAA_ScholarAttribute<diameter_octetstring_t> EapPayload; AAA_ScholarAttribute<diameter_octetstring_t> EapReissuedPayload; AAA_ScholarAttribute<diameter_octetstring_t> EapMasterSessionKey; AAA_VectorAttribute<diameter_unsigned64_t> AccountingEapAuthMethod; AAA_ScholarAttribute<diameter_unsigned32_t> OriginStateId; AAA_ScholarAttribute<diameter_unsigned32_t> PortLimit; AAA_ScholarAttribute<diameter_enumerated_t> ServiceType; AAA_ScholarAttribute<diameter_unsigned32_t> IdleTimeout; AAA_ScholarAttribute<diameter_octetstring_t> State; AAA_VectorAttribute<diameter_octetstring_t> Class; AAA_ScholarAttribute<diameter_unsigned32_t> AuthorizationLifetime; AAA_ScholarAttribute<diameter_unsigned32_t> AuthGracePeriod; AAA_ScholarAttribute<diameter_enumerated_t> AuthSessionState; AAA_ScholarAttribute<diameter_unsigned32_t> SessionTimeout; AAA_ScholarAttribute<diameter_utf8string_t> CallbackNumber; AAA_VectorAttribute<diameter_enumerated_t> FramedCompression; AAA_ScholarAttribute<diameter_unsigned64_t> FramedInterfaceId; AAA_ScholarAttribute<diameter_octetstring_t> FramedIpAddress; AAA_VectorAttribute<diameter_octetstring_t> FramedIpv6Prefix; AAA_ScholarAttribute<diameter_octetstring_t> FramedIpNetmask; AAA_ScholarAttribute<diameter_unsigned32_t> FramedMtu; AAA_ScholarAttribute<diameter_enumerated_t> FramedProtocol; AAA_VectorAttribute<diameter_ipfilter_rule_t> NasFilterRule; AAA_GroupedVectorAttribute<tunneling_t> Tunneling; AAA_GroupedVectorAttribute<proxyinfo_t> ProxyInfo; AAA_VectorAttribute<avp_t> Avp; AAA_ScholarAttribute<diameter_unsigned32_t> ResultCode; // ++ // -- std::vector<diameter_identity_t> DestinationRealm; // -- std::vector<diameter_unsigned32_t> NasPort; // -- std::vector<diameter_utf8string_t> NasPortId; // -- std::vector<diameter_identity_t> DestinationHost; // -- std::vector<diameter_utf8string_t> NasIdentifier; // -- std::vector<diameter_octetstring_t> NasIpAddress; // -- std::vector<diameter_octetstring_t> NasIpv6Address; // -- std::vector<diameter_enumerated_t> NasPortType; AAA_ScholarAttribute<diameter_unsigned32_t> MultiRoundTimeOut; // ++ /* RFC2869 5.12. Configuration-Token Description This attribute is for use in large distributed authentication networks based on proxy. It is sent from a RADIUS Proxy Server to a RADIUS Proxy Client in an Access-Accept to indicate a type of user profile to be used. It should not be sent to a NAS. */ AAA_VectorAttribute<diameter_octetstring_t> ConfigurationToken; // ++ AAA_ScholarAttribute<diameter_unsigned32_t> AcctInterimInterval; // ++ AAA_ScholarAttribute<diameter_utf8string_t> ErrorMessage; // ++ AAA_ScholarAttribute<diameter_identity_t> ErrorReportingHost; // ++ AAA_ScholarAttribute<diameter_enumerated_t> ReAuthRequestType; // ++ /* In draft-ietf-aaa-diameter-nasreq-13.txt: "4.9. Reply-Message AVP The Reply-Message AVP (AVP Code 18) is of type UTF8String, and contains text which MAY be displayed to the user. When used in an AA-Answer message with a successful Result-Code AVP it indicates a success message. When found in the same message with a Result-Code other than DIAMETER_SUCCESS it contains a failure message. The Reply-Message AVP MAY indicate a dialog message to prompt the user before another AA-Request attempt. When used in an AA-Answer, it MAY indicate a dialog message to prompt the user for a response. Multiple Reply-Message's MAY be included and if any are displayed, they MUST be displayed in the same order as they appear in the message." */ AAA_VectorAttribute<diameter_utf8string_t> ReplyMessage; // ++ /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.7. Filter-Id AVP The Filter-Id AVP (AVP Code 11) is of type UTF8String, and contains the name of the filter list for this user. Zero or more Filter-Id AVPs MAY be sent in an authorization answer. Identifying a filter list by name allows the filter to be used on different NASes without regard to filter-list implementation details. However, this AVP is not roaming friendly since filter naming differs from one service provider to another. In non-RADIUS environments, it is RECOMMENDED that the NAS-Filter- Rule AVP be used instead." */ AAA_VectorAttribute<diameter_utf8string_t> FilterId; // ++ /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.3. Callback-Id AVP The Callback-Id AVP (AVP Code 20) is of type UTF8String, and contains the name of a place to be called, to be interpreted by the NAS. This AVP MAY be present in an authentication and/or authorization response. This AVP is not roaming-friendly since it assumes that the Callback- Id is configured on the NAS. It is therefore preferable to use the Callback-Number AVP instead." */ AAA_ScholarAttribute<diameter_utf8string_t> CallbackId; // ++ AAA_ScholarAttribute<diameter_unsigned32_t> FramedAppletalkLink; // ++ AAA_VectorAttribute<diameter_unsigned32_t> FramedAppletalkNetwork; // ++ AAA_ScholarAttribute<diameter_octetstring_t> FramedAppletalkZone; // ++ AAA_VectorAttribute<diameter_utf8string_t> FramedIpv6Route; // ++ AAA_ScholarAttribute<diameter_octetstring_t> FramedIpv6Pool; // ++ AAA_ScholarAttribute<diameter_octetstring_t> FramedPool; // ++ AAA_ScholarAttribute<diameter_utf8string_t> FramedIpxNetwork; // ++ AAA_VectorAttribute<diameter_utf8string_t> FramedRoute; // ++ /* In draft-ietf-aaa-diameter-nasreq-13.txt: "6.9.2. Framed-Routing AVP The Framed-Routing AVP (AVP Code 10) is of type Enumerated and contains the routing method for the user, when the user is a router to a network. This AVP SHOULD only be present in authorization responses. The supported values are listed in [RADIUSTypes]. The following list is informational: 0 None 1 Send routing packets 2 Listen for routing packets 3 Send and Listen" */ AAA_ScholarAttribute<diameter_enumerated_t> FramedRouting; // ++ AAA_VectorAttribute<diameter_identity_t> RedirectHost; // ++ AAA_ScholarAttribute<diameter_enumerated_t> RedirectHostUsage; // ++ AAA_ScholarAttribute<diameter_unsigned32_t> RedirectMaxCacheTime; // ++ // -- std::vector<diameter_utf8string_t> CalledStationId; // -- std::vector<diameter_utf8string_t> CallingStationId; // -- std::vector<diameter_octetstring_t> OriginatingLineInfo; // -- std::vector<diameter_utf8string_t> ConnectInfo; // -- std::vector<diameter_identity_t> RouteRecord;};typedef AAAParser<AAAMessage*, DER_Data*> DER_Parser;typedef AAAParser<AAAMessage*, DEA_Data*> DEA_Parser;template<> void DER_Parser::parseRawToApp();template<> void DER_Parser::parseAppToRaw();template<> void DEA_Parser::parseRawToApp();template<> void DEA_Parser::parseAppToRaw();#endif //__EAP_CLIENT_DATA_H__⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -