📄 client_test_tls.cxx
字号:
/* BEGIN_COPYRIGHT *//* *//* Open Diameter: Open-source software for the Diameter and *//* Diameter related protocols *//* *//* Copyright (C) 2002-2004 Open Diameter Project *//* *//* This library is free software; you can redistribute it and/or modify *//* it under the terms of the GNU Lesser General Public License as *//* published by the Free Software Foundation; either version 2.1 of the *//* License, or (at your option) any later version. *//* *//* This library is distributed in the hope that it will be useful, *//* but WITHOUT ANY WARRANTY; without even the implied warranty of *//* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *//* Lesser General Public License for more details. *//* *//* You should have received a copy of the GNU Lesser General Public *//* License along with this library; if not, write to the Free Software *//* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 *//* USA. *//* *//* In addition, when you copy and redistribute some or the entire part of *//* the source code of this software with or without modification, you *//* MUST include this copyright notice in each copy. *//* *//* If you make any changes that are appeared to be useful, please send *//* sources that include the changed part to *//* diameter-developers@lists.sourceforge.net so that we can reflect your *//* changes to one unified version of this software. *//* *//* END_COPYRIGHT *//* $Id: *//* client_test.cxx Client test program for Diameter EAP Application Written by Yoshihiro Ohba Created December 5, 2003.*//* --------------------------------------------------------- Brief explanation on what is done in this sample program. --------------------------------------------------------- This program includes the test for Diameter EAP application where EAP Identity method is performed either between a peer and a NAS, and then EAP MD5-Challenge authenticator method is performed between the peer and the backend EAP server via the NAS. The peer session entity will prompt you to input a username. Once the username is input, it is carried in an Response/Identity message and sent to the Diameter server. The NAS will retransmit the Request/Identity message until you input the username or the number of retransmission reaches its maximum value (the maximum value is set to 3 in this program). For the latter case, the authenticator will stop its state machine and the peer will timeout and fail. Peer NAS EAP Server (= EAP PassThough (= Diameter Server) Authenticator + Diameter client) | Request/Identity | | |<-----------------------| | | | |(input userid) | | | | | | Response/Identity | | |----------------------->| Response/Identity | | |------------------------->| | | Request/MD5-Challenge | | Request/MD5-Challenge |<-------------------------| |<-----------------------| | | Response/MD5-Challenge| | |----------------------->| Response/MD5-Challenge | | |------------------------->| | | | | | Success | | Success |<-------------------------| |<-----------------------| */#include <iostream>#include <ace/Log_Msg.h>#include <ace/OS.h>#include <ace/Atomic_Op_T.h>#include "diameter_api.h"#include "diameter_eap_client_session.hxx"#include "eap.hxx"#include "eap_peerfsm.hxx"#include "eap_authfsm.hxx"#include "eap_identity.hxx"#include "eap_policy.hxx"#include "eap_method_registrar.hxx"#include "eap_fsm.hxx"#include "eap_log.hxx"#include "eap_tls.hxx"#include "eap_tls_fsm.hxx"// Modified by Santiago Zapata Hernandez for UMU// Newvoid print_cadena (ACE_Byte *cad, ACE_INT32 length){ EAP_LOG (LM_DEBUG, "LENGTH cad %d\n", length); for (int i = 0; i < length; i++) { EAP_LOG (LM_DEBUG, "%02x ", (ACE_Byte) (cad[i])); } EAP_LOG (LM_DEBUG, "\n");}// End NewACE_Atomic_Op<ACE_Thread_Mutex, int> TotalSuccess;typedef AAA_JobHandle<AAA_GroupedJob> MyJobHandle;class MyPeerSwitchStateMachine;class MyPassThroughAuthSwitchStateMachine;class PeerData;class PassThroughAuthApplication;/// Task class used in this sample program.class EapTask : public AAA_Task{ public: /// Constructor. EapTask() : AAA_Task(AAA_SCHED_FIFO, "EAP") {} /// Destructor. ~EapTask() {}};/// This class defines an EAP transport. When an EAP message is sent/// to a particular entity (e.g., an entity may be peer, standalone/// authenticator, backend authenticator or passthrough authenticator/// depending on the role of the sender, Transmit() method of the/// Channel object of the receiving entity is called. Transmit()/// method can have sub-channels which is used for distinguishing different/// types of messages.class Channel { public: Channel() {} virtual void Transmit(AAAMessageBlock *msg)=0; virtual void Transmit(AAAMessageBlock *msg, int subChannel)=0;};/******** Diameter EAP Client Session ********/class MyDiameterEapClientSession : public DiameterEapClientSession{ public: MyDiameterEapClientSession(AAAApplicationCore& appCore, MyJobHandle h) : DiameterEapClientSession(appCore, h) {} /// This virtual function is called when an EAP client session is /// aborted due to enqueue failure of a job or an event inside /// Diametger EAP client state machine. void Abort(); /// This virtual function is called when an EAP-Response message is /// passed to the EAP passthrough authenticator. void SignalContinue(std::string &eapMsg); /// Reimplemented from the parent class. void SignalSuccess(std::string &eapMsg); /// Reimplemented from the parent class. void SignalFailure(std::string &eapMsg); /// Reimplemented from the parent class. void SignalReauthentication(); /// Reimplemented from the parent class. void SignalDisconnect() {} /// Reimplemented from the parent class. void SetDestinationRealm (AAA_ScholarAttribute<diameter_utf8string_t> &realm); /// Reimplemented from parent class. void SetUserName(AAA_ScholarAttribute<diameter_utf8string_t> &username);};// Class definition for authenticator identity method for my application.class MyEapAuthIdentityStateMachine : public EapAuthIdentityStateMachine{ friend class EapMethodStateMachineCreator<MyEapAuthIdentityStateMachine>;public: MyEapAuthIdentityStateMachine(EapSwitchStateMachine &s) : EapAuthIdentityStateMachine(s) {} // Reimplemented from EapAuthIdentityStateMachine. ProcessIdentityResult ProcessIdentity(std::string& identity) { std::cout << "Identity received : " << identity << std::endl; return EapAuthIdentityStateMachine::Success; }private: ~MyEapAuthIdentityStateMachine() {} };// Class definitio for peer EAP-TLS method for my applicationclass MyEapPeerTlsStateMachine : public EapPeerTlsStateMachine{ friend class EapMethodStateMachineCreator<MyEapPeerTlsStateMachine>;public: MyEapPeerTlsStateMachine(EapSwitchStateMachine &s) : EapPeerTlsStateMachine(s) {} /// This pure virtual function is a callback used when an AuthID /// needs to be obtained. std::string& InputIdentity() { std::cout << "Received an Tls-Request "<< std::endl; static std::string identity; std::cout << "Input username (within 10sec.): " << std::endl; std::cin >> identity; std::cout << "username = " << identity << std::endl; return identity; } protected: std::string& InputConfigFile() { std::cout << "Received an Tls-Request "<< std::endl; // static std::string configFile;// std::cout << "Input config filename (within 10sec.): " << std::endl;// std::cin >> configFile;// std::cout << "Config file name = " << configFile << std::endl;static std::string configFile("./config/client.eap-tls.xml"); return configFile; }private: ~MyEapPeerTlsStateMachine() {}};class MyPeerSwitchStateMachine: public EapPeerSwitchStateMachine{ public: MyPeerSwitchStateMachine(ACE_Reactor &r, MyJobHandle& h) : EapPeerSwitchStateMachine(r, h) { AuthPeriod() = 60; } void Send(AAAMessageBlock *b); void Success(); void Failure(); void Notification(std::string &str); void Abort(); std::string& InputIdentity(); private: std::string identity;};class MyPassThroughAuthSwitchStateMachine : public EapPassThroughAuthSwitchStateMachine{ public: MyPassThroughAuthSwitchStateMachine(ACE_Reactor &r, MyJobHandle& h) : EapPassThroughAuthSwitchStateMachine(r, h) {} void Send(AAAMessageBlock *b); void Success(AAAMessageBlock *b); void Success(); void Failure(AAAMessageBlock *b); void Failure(); void Abort(); void ForwardResponse(AAAMessageBlock *b); private:};class PeerChannel : public Channel{ public: PeerChannel(MyPeerSwitchStateMachine &s) : eap(s) {} void Transmit(AAAMessageBlock *msg) { eap.Receive(msg); } void Transmit(AAAMessageBlock *msg, int) {} MyPeerSwitchStateMachine &eap;};class PassThroughAuthChannel : public Channel{ public: PassThroughAuthChannel(MyPassThroughAuthSwitchStateMachine& s) : eap(s) {} void Transmit(AAAMessageBlock *msg) { eap.Receive(msg); } void Transmit(AAAMessageBlock *msg, int subChannel) { switch(subChannel) { case 1: eap.AAA_Continue(msg); break; case 2: eap.AAA_Success(msg); break; case 3: eap.AAA_Failure(msg); break; } } MyPassThroughAuthSwitchStateMachine &eap;};class PeerApplication : public AAA_JobData{ public: PeerApplication(EapTask &task, ACE_Semaphore &sem) : handle(MyJobHandle (AAA_GroupedJob::Create(task.Job(), this, "peer"))), eap(boost::shared_ptr<MyPeerSwitchStateMachine> (new MyPeerSwitchStateMachine(*task.reactor(), handle))), semaphore(sem), rxChannel(PeerChannel(*eap)), txChannel(0), methodTls(EapContinuedPolicyElement(EapType(TLS_METHOD_TYPE))) { eap->Policy().InitialPolicyElement(&methodTls); semaphore.acquire(); } ~PeerApplication() {} void Start(Channel *c) { txChannel = c; eap->Start(); } PeerChannel* RxChannel() { return &rxChannel; } Channel& TxChannel() { return *txChannel; } MyPeerSwitchStateMachine& Eap() { return *eap; } ACE_Semaphore& Semaphore() { return semaphore; } private: MyJobHandle handle; boost::shared_ptr<MyPeerSwitchStateMachine> eap; ACE_Semaphore &semaphore; PeerChannel rxChannel; Channel *txChannel; EapContinuedPolicyElement methodTls;};// My application session (not used in this test program).⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -