diameter_eap_client_fsm.cxx

Diameter协议栈

	  der.PortLimit = dea.PortLimit();
	  sm.EnforcePortLimit(dea.PortLimit());
	}

      if (dea.CallbackId.IsSet())
	sm.EnforceCallbackId(dea.CallbackId());

      if (dea.CallbackNumber.IsSet())
	sm.EnforceCallbackNumber(dea.CallbackNumber());

      if (dea.FramedAppletalkLink.IsSet())
	sm.EnforceFramedAppletalkLink(dea.FramedAppletalkLink());

      if (dea.FramedAppletalkZone.IsSet())
	sm.EnforceFramedAppletalkZone(dea.FramedAppletalkZone());

      if (dea.FramedAppletalkNetwork.IsSet())
	sm.EnforceFramedAppletalkNetwork(dea.FramedAppletalkNetwork);

      if (dea.FramedCompression.IsSet())
	{
	  der.FramedCompression = dea.FramedCompression;
	  sm.EnforceFramedCompression(dea.FramedCompression);
	}

      if (dea.FramedIpAddress.IsSet())
	{
	  der.FramedIpAddress = dea.FramedIpAddress();
	  sm.EnforceFramedIpAddress(dea.FramedIpAddress());
	}

      if (dea.FramedIpv6Prefix.IsSet())
	{
	  der.FramedIpv6Prefix = dea.FramedIpv6Prefix;
	  sm.EnforceFramedIpv6Prefix(dea.FramedIpv6Prefix);
	}
      
      if (dea.FramedPool.IsSet())
	sm.EnforceFramedPool(dea.FramedPool());

      if (dea.FramedIpv6Pool.IsSet())
	sm.EnforceFramedIpv6Pool(dea.FramedIpv6Pool());

      if (dea.FramedIpv6Route.IsSet())
	sm.EnforceFramedIpv6Route(dea.FramedIpv6Route);

      if (dea.FramedIpNetmask.IsSet())
	{
	  der.FramedIpNetmask = dea.FramedIpNetmask();
	  sm.EnforceFramedIpNetmask(dea.FramedIpNetmask());
	}

      if (dea.FramedIpxNetwork.IsSet())
	sm.EnforceFramedIpxNetwork(dea.FramedIpxNetwork());

      if (dea.FramedMtu.IsSet())
	{
	  der.FramedMtu = dea.FramedMtu();
	  sm.EnforceFramedMtu(dea.FramedMtu());
	}

      if (dea.FramedProtocol.IsSet())
	{
	  der.FramedProtocol = dea.FramedProtocol();
	  sm.EnforceFramedProtocol(dea.FramedProtocol());
	}

      if (dea.FramedRouting.IsSet())
	sm.EnforceFramedRouting(dea.FramedRouting());

      if (dea.NasFilterRule.IsSet())
	sm.EnforceNasFilterRule(dea.NasFilterRule);

      der.Tunneling = dea.Tunneling;
      if (dea.Tunneling.size()>0)
	sm.EnforceTunneling(dea.Tunneling);

      if (dea.EapMasterSessionKey.IsSet())
	sm.EnforceEapMasterSessionKey(dea.EapMasterSessionKey());

      if (dea.AccountingEapAuthMethod.IsSet())
	sm.EnforceAccountingEapAuthMethod(dea.AccountingEapAuthMethod);
    }
  };

  class AcAccessReject : public DiameterEapClientAction 
  {
    void operator()(DiameterEapClientStateMachine& sm)
    {
      DiameterEapClientSession& session = sm.Session();
      std::string str;
      if (sm.DEA().EapPayload.IsSet())
	str = sm.DEA().EapPayload();
      sm.SignalFailure(str);
      session.Update(AAASession::EVENT_AUTH_FAILED);  
    }
  };

  class AcSendAA_Request : public DiameterEapClientAction 
  {
    void operator()(DiameterEapClientStateMachine& sm)
    {
      AAA_LOG(LM_DEBUG, "[%N] Unsupported feature.\n");
      sm.SendAA_Request();
    }
  };

  class AcReauthenticate : public DiameterEapClientAction 
  {
    void operator()(DiameterEapClientStateMachine& sm)
    {
      AAA_LOG(LM_DEBUG, "[%N] Reauthentication issued.\n");
      sm.SignalReauthentication();
    }
  };

  class AcDisconnect : public DiameterEapClientAction 
  {
    void operator()(DiameterEapClientStateMachine& sm)
    {
      AAA_LOG(LM_DEBUG, "[%N] Disconnect issued.\n");
      sm.SignalDisconnect();
    }
  };

  enum state {
    StInitialize,
    StWaitDEA,
    StCheckResultCode,
    StAccepted,
    StRejected,
    StWaitEapResponse,
    StWaitAA_Answer,
    StTerminated
  };

  enum {
    EvSgSuccess,
    EvSgLimitedSuccess,
    EvSgFailure,
    EvSgContinue
  };

  AcSendDER acSendDER;
  AcSendEapRequest acSendEapRequest;
  AcCheckDEA_ResultCode acCheckDEA_ResultCode;
  AcCheckAA_AnswerResultCode acCheckAA_AnswerResultCode;
  AcAccessAccept acAccessAccept;
  AcAccessReject acAccessReject;
  AcSendAA_Request acSendAA_Request;
  AcReauthenticate acReauthenticate;
  AcDisconnect acDisconnect;

  // Defined as a leaf class
  DiameterEapClientStateTable_S() 
  {
    AddStateTableEntry(StInitialize, 
		       DiameterEapClientStateMachine::EvRxEapResponse,
		       StWaitDEA, acSendDER);
    AddStateTableEntry(StInitialize, 
		       DiameterEapClientStateMachine::EvSgDisconnect,
		       StTerminated);
    AddWildcardStateTableEntry(StInitialize, StInitialize);

    AddStateTableEntry(StWaitDEA,
		       DiameterEapClientStateMachine::EvRxDEA,
		       StCheckResultCode, acCheckDEA_ResultCode);
    AddStateTableEntry(StWaitDEA,
		       DiameterEapClientStateMachine::EvSgDisconnect,
		       StTerminated);
    AddWildcardStateTableEntry(StWaitDEA, StTerminated);

    AddStateTableEntry(StCheckResultCode, EvSgSuccess,
		       StAccepted, acAccessAccept);
    AddStateTableEntry(StCheckResultCode, EvSgLimitedSuccess, 
		       StWaitAA_Answer, acSendAA_Request); 
    AddStateTableEntry(StCheckResultCode, EvSgFailure,
		       StRejected, acAccessReject);
    AddStateTableEntry(StCheckResultCode, EvSgContinue,
		       StWaitEapResponse, acSendEapRequest);

    AddStateTableEntry(StAccepted, 
		       DiameterEapClientStateMachine::EvSgDisconnect,
		       StTerminated, acDisconnect);
    AddStateTableEntry
      (StAccepted, 
       DiameterEapClientStateMachine::EvSgSessionTimeout,
       StTerminated, acDisconnect);
    AddStateTableEntry
      (StAccepted, 
       DiameterEapClientStateMachine::EvSgAuthGracePeriodTimeout,
       StTerminated, acDisconnect);
    AddStateTableEntry(StAccepted, 
		       DiameterEapClientStateMachine::EvSgAuthLifetimeTimeout,
		       StInitialize, acReauthenticate);
    AddWildcardStateTableEntry(StAccepted, StAccepted);
			
    AddWildcardStateTableEntry(StRejected, StTerminated);

    AddStateTableEntry(StWaitAA_Answer, 
		       DiameterEapClientStateMachine::EvRxAA_Answer,
		       StCheckResultCode, acCheckAA_AnswerResultCode);

    AddStateTableEntry(StWaitEapResponse,
		       DiameterEapClientStateMachine::EvRxEapResponse,
		       StWaitDEA, acSendDER);
    AddStateTableEntry(StWaitEapResponse,
		       DiameterEapClientStateMachine::EvSgDisconnect,
		       StTerminated);
    AddWildcardStateTableEntry(StWaitEapResponse, StTerminated);

    AddWildcardStateTableEntry(StTerminated, StTerminated);

    InitialState(StInitialize);
  }
  ~DiameterEapClientStateTable_S() {}
};

typedef 
ACE_Singleton<DiameterEapClientStateTable_S, ACE_Recursive_Thread_Mutex> 
DiameterEapClientStateTable;

DiameterEapClientStateMachine::DiameterEapClientStateMachine
(DiameterEapClientSession& s, DiameterJobHandle &h)
  : AAA_StateMachine<DiameterEapClientStateMachine>
  (*this, *DiameterEapClientStateTable::instance(), "AAA_EAP_CLIENT"),
    session(s),
    handle(h)
{}

void 
DiameterEapClientStateMachine::SendDER()
{
  DiameterEapClientSession& session = Session();
  AAAMessage msg;

  DER_Parser parser;
  parser.setAppData(&derData);
  parser.setRawData(&msg);

  derData.AuthApplicationId = EapApplicationId;

  try {
    parser.parseAppToRaw();
  }
  catch (DiameterParserError) {
    AAA_LOG(LM_ERROR, "[%N] Parsing error.\n");
    return;
  }

  AAAMessageControl msgControl(session.Self());
  if (msgControl.Send(msg) != AAA_ERR_SUCCESS) {
    AAA_LOG(LM_ERROR, "Failed sending message.\n");
  }
  else {
    AAA_LOG(LM_DEBUG, "Sent DER Message.\n");
  }
}

void 
DiameterEapClientStateMachine::ForwardResponse(std::string &eapMsg)
{ 
  AAA_LOG(LM_ERROR, "[%N] EAP-Response received from passthrough.\n");
  derData.EapPayload = eapMsg;
  Notify(EvRxEapResponse);
}