📄 eap_passthrough_authfsm.cxx
字号:
class AcAaaRequest : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { sm.Event(EvUCT); } }; class AcDoIntegrityCheck2 : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg=sm.GetRxMessage(); // If msg is empty, the system has been just started. So call // ForwardResponse with null argument and let the application do // an appropriate action (e.g, send AAA message to the EAP // server). Otherwise, there is another method that has been // completed immediately before entering passthrough mode, with // receiving the first Response from the peer. In this case, just // pick up the Response and forward to the backend. EAP_LOG(LM_DEBUG, "Passthough: Integrity check.\n"); // Call the callback to forward the response. sm.ForwardResponse(msg); // stay in this state (wait external event). } }; class AcAaaContinue : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg; EapMessageQueue &q = sm.AAARxQueue(); if (q.is_empty()) { sm.DeleteTxMessage(); EAP_LOG(LM_ERROR, "Passthrough: AAA message does not contain EAP-Request.\n"); sm.Abort(); return; } q.dequeue_head((ACE_Message_Block*&)msg); // Parse the message and determine the event to be passed. msg->rd_ptr(msg->base()); // Parse the message EapHeaderParser hp; EapHeader header; hp.setAppData(&header); hp.setRawData(msg); hp.parseRawToApp(); unsigned code = header.code; // Check code if (code != Request) { sm.Event(EvSgDiscard); return; } // Set the received identifier as the current identifier. sm.CurrentIdentifier() = header.identifier; // Set the pass-through transmission message. sm.SetTxMessage(msg); if (code != Request) { EAP_LOG(LM_ERROR, "Passthrough: AAA message does not contain EAP-Request.\n"); sm.Abort(); return; } // XXX: If we need to modify Identifier field, this is the place // to do it. sm.Event(EvRxAaaEapReq); } }; class AcAaaSuccess : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg; EapMessageQueue &q = sm.AAARxQueue(); if (q.is_empty()) { sm.DeleteTxMessage(); sm.Event(EvSgAaaSuccess); return; } q.dequeue_head((ACE_Message_Block*&)msg); // Parse the message and determine the event to be passed. msg->rd_ptr(msg->base()); // Parse the message EapHeaderParser hp; EapHeader header; hp.setAppData(&header); hp.setRawData(msg); hp.parseRawToApp(); unsigned code = header.code; // Check code if (code != Success) { sm.Event(EvSgDiscard); return; } // Set the received identifier as the current identifier. sm.CurrentIdentifier() = header.identifier; // Set the pass-through transmission message. sm.SetTxMessage(msg); sm.Event(EvSgAaaSuccess); } }; class AcAaaFailure : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg; EapMessageQueue &q = sm.AAARxQueue(); if (q.is_empty()) { sm.DeleteTxMessage(); sm.Event(EvSgAaaFailure); return; } q.dequeue_head((ACE_Message_Block*&)msg); // Parse the message and determine the event to be passed. msg->rd_ptr(msg->base()); // Parse the message EapHeaderParser hp; EapHeader header; hp.setAppData(&header); hp.setRawData(msg); hp.parseRawToApp(); unsigned code = header.code; // Check code if (code != Failure) { sm.Event(EvSgDiscard); return; } // Set the received identifier as the current identifier. sm.CurrentIdentifier() = header.identifier; // Set the pass-through transmission message. sm.SetTxMessage(msg); sm.Event(EvSgAaaFailure); } }; class AcPrepareRequest : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { sm.Event(EvUCT); } }; class AcCompletePassThroughWithFailure : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg = sm.GetTxMessage(); EAP_LOG(LM_DEBUG, "Passthrough: EAP authentication failed.\n"); // Stop retransmission timer and reset retransmission counter. sm.CancelTimer(); sm.RetransmissionCount()=0; // Call Failure callback function. if (msg) { sm.Failure(msg); // release the outstanding request. sm.DeleteTxMessage(); } else sm.Failure(); } }; class AcCompletePassThroughWithSuccess : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { AAAMessageBlock *msg = sm.GetTxMessage(); EAP_LOG(LM_DEBUG, "Passthrough: EAP authentication succeeded.\n"); // Stop retransmission timer and reset retransmission counter. sm.CancelTimer(); sm.RetransmissionCount()=0; // Make the key available. (not specified in the state machine document.) if (sm.KeyData().size()>0) sm.KeyAvailable() = true; // Call Failure callback function. if (msg) { sm.Success(msg); // release the outstanding request. sm.DeleteTxMessage(); } else sm.Success(); } }; class AcReturnToSwitch : public EapPassThroughAuthSwitchAction { void operator()(EapPassThroughAuthSwitchStateMachine &sm) { sm.Event(EapAuthSwitchStateMachine::EvSgValidResp); } }; AcDisable acDisable; AcInitialize acInitialize; AcProposeMethod acProposeMethod; AcBuildRequest acBuildRequest; AcMethodResponse acMethodResponse; AcSendSuccess acSendSuccess; AcSendFailure acSendFailure; AcSendRequest acSendRequest; AcDoIntegrityCheck acDoIntegrityCheck; AcDoPolicyCheck acDoPolicyCheck; AcDiscard acDiscard; AcDiscard2 acDiscard2; AcResetMethod acResetMethod; AcRetransmit acRetransmit; AcReceiveMsg acReceiveMsg; AcPickUpInitCheck acPickUpInitCheck; AcAaaRequest acAaaRequest; AcDoIntegrityCheck2 acDoIntegrityCheck2; AcCompletePassThroughWithSuccess acCompletePassThroughWithSuccess; AcCompletePassThroughWithFailure acCompletePassThroughWithFailure; AcPrepareRequest acPrepareRequest; AcAaaContinue acAaaContinue; AcAaaSuccess acAaaSuccess; AcAaaFailure acAaaFailure; AcReturnToSwitch acReturnToSwitch; AcDiscard3 acDiscard3; AcReceiveMsg2 acReceiveMsg2; enum event { EvUCT, EvSgPolicySat, EvSgPolicyNotSat_EndSess, EvSgPolicyNotSat_ContSess, EvRxMethodResp, EvRxNak, EvTo, EvSgMaxRetransmission, EvElse, EvSgPassThrough, EvSgPickUpInit, EvSgNoPickUpInit, EvRxAaaEapReq, EvSgAaaSuccess, EvSgAaaFailure, EvSgDiscard, }; enum state { StBegin, StDisabled, StInitialize, StSelectAction, StProposeMethod, StIdle, StIntegrityCheck, StMethodRequest, StMethodResponse, StSendRequest, StNak, StRetransmit, StDiscard, StSuccess, StFailure, StTimeoutFailure, StReceived, StInitializePassThrough, StAaaRequest, StAaaIdle, StAaaResponse, StIdle2, StReceived2, StSuccess2, StFailure2, StSendRequest2, StDiscard2, StRetransmit2, StTimeoutFailure2, }; EapPassThroughAuthSwitchStateTable_S() { AddStateTableEntry(StBegin, EapAuthSwitchStateMachine::EvSgRestart, StDisabled, acDisable); AddStateTableEntry(StDisabled, EapAuthSwitchStateMachine::EvSgPortEnabled, StInitialize, acInitialize); AddStateTableEntry(StInitialize, EvUCT, StSelectAction, acDoPolicyCheck); AddStateTableEntry(StSelectAction, EvSgPolicySat, StSuccess, acSendSuccess); AddStateTableEntry(StSelectAction, EvSgPolicyNotSat_EndSess, StFailure, acSendFailure); AddStateTableEntry(StSelectAction, EvElse, StProposeMethod, acProposeMethod); AddStateTableEntry(StSelectAction, EvSgPassThrough, StInitializePassThrough, acPickUpInitCheck); AddStateTableEntry(StProposeMethod, EapAuthSwitchStateMachine::EvSgValidResp, StMethodRequest, acBuildRequest); AddStateTableEntry(StMethodRequest, EvUCT, StSendRequest, acSendRequest); AddStateTableEntry(StIntegrityCheck, EapAuthSwitchStateMachine::EvSgValidResp, StMethodResponse, acMethodResponse); AddStateTableEntry(StIntegrityCheck, EapAuthSwitchStateMachine::EvSgInvalidResp, StDiscard, acDiscard); // This state table entry is needed for queueing incoming requests. AddStateTableEntry(StIntegrityCheck, EapAuthSwitchStateMachine::EvRxMsg, StIntegrityCheck, acDiscard2); AddStateTableEntry(StMethodResponse, EapAuthSwitchStateMachine::EvSgEndMethod, StSelectAction, acDoPolicyCheck); AddStateTableEntry(StMethodResponse, EvElse, StMethodRequest, acBuildRequest); AddStateTableEntry(StSendRequest, EvUCT, StIdle); AddStateTableEntry(StIdle, EvTo, StRetransmit, acRetransmit); AddStateTableEntry(StIdle, EapAuthSwitchStateMachine::EvRxMsg, StReceived, acReceiveMsg); AddStateTableEntry(StReceived, EvRxMethodResp, StIntegrityCheck, acDoIntegrityCheck); AddStateTableEntry(StReceived, EvRxNak, StNak, acResetMethod); AddStateTableEntry(StReceived, EvElse, StDiscard, acDiscard); AddStateTableEntry(StRetransmit, EvSgMaxRetransmission, StTimeoutFailure); AddStateTableEntry(StRetransmit, EvElse, StIdle); AddStateTableEntry(StNak, EvUCT, StSelectAction, acDoPolicyCheck); AddStateTableEntry(StDiscard, EvUCT, StIdle); AddStateTableEntry(StSuccess, EapAuthSwitchStateMachine::EvRxMsg, StSuccess, acDiscard2); AddWildcardStateTableEntry(StSuccess, StSuccess); AddStateTableEntry(StFailure, EapAuthSwitchStateMachine::EvRxMsg, StFailure, acDiscard2); AddWildcardStateTableEntry(StFailure, StFailure); // Passthrough diagram AddStateTableEntry(StInitializePassThrough, EvSgPickUpInit, StAaaRequest, acAaaRequest); AddStateTableEntry(StInitializePassThrough, EvSgNoPickUpInit, StAaaIdle, acDoIntegrityCheck2); AddStateTableEntry(StAaaRequest, EvUCT, StAaaIdle, acDoIntegrityCheck2); AddStateTableEntry(StAaaIdle, EvRxAaaEapReq, StAaaResponse, acPrepareRequest); AddStateTableEntry(StAaaIdle, EvSgAaaSuccess, StSuccess2, acCompletePassThroughWithSuccess); AddStateTableEntry(StAaaIdle, EvSgAaaFailure, StFailure2, acCompletePassThroughWithFailure); AddStateTableEntry(StAaaIdle, EapAuthSwitchStateMachine::EvSgAaaContinue, StAaaIdle, acAaaContinue); AddStateTableEntry(StAaaIdle, EapAuthSwitchStateMachine::EvSgAaaSuccess, StAaaIdle, acAaaSuccess); AddStateTableEntry(StAaaIdle, EapAuthSwitchStateMachine::EvSgAaaFailure, StAaaIdle, acAaaFailure); AddStateTableEntry(StAaaIdle, EvSgDiscard, StDiscard2, acDiscard3); AddWildcardStateTableEntry(StAaaIdle, StAaaIdle); AddStateTableEntry(StDiscard2, EvUCT, StIdle2); AddStateTableEntry(StReceived2, EvRxMethodResp, StAaaRequest, acAaaRequest); AddStateTableEntry(StReceived2, EvElse, StDiscard2, acDiscard); AddStateTableEntry(StIdle2, EapAuthSwitchStateMachine::EvRxMsg, StReceived2, acReceiveMsg2); AddStateTableEntry(StIdle2, EapAuthSwitchStateMachine::EvSgAaaContinue, StIdle2, acDiscard3); AddStateTableEntry(StIdle2, EvTo, StRetransmit2, acRetransmit); AddWildcardStateTableEntry(StIdle2, StIdle2); AddStateTableEntry(StAaaResponse, EvUCT, StSendRequest2, acSendRequest); AddStateTableEntry(StSendRequest2, EvUCT, StIdle2); AddStateTableEntry(StSuccess2, EapAuthSwitchStateMachine::EvSgAaaContinue, StSuccess2, acDiscard3); AddWildcardStateTableEntry(StSuccess2, StSuccess2); AddStateTableEntry(StFailure2, EapAuthSwitchStateMachine::EvSgAaaContinue, StFailure2, acDiscard3); AddWildcardStateTableEntry(StFailure2, StFailure2); AddStateTableEntry(StRetransmit2, EvSgMaxRetransmission, StTimeoutFailure2); AddStateTableEntry(StRetransmit2, EvElse, StIdle2); InitialState(StBegin); } ~EapPassThroughAuthSwitchStateTable_S() {}};typedef ACE_Singleton<EapPassThroughAuthSwitchStateTable_S, ACE_Recursive_Thread_Mutex> EapPassThroughAuthSwitchStateTable;EapPassThroughAuthSwitchStateMachine::EapPassThroughAuthSwitchStateMachine(ACE_Reactor &r, EapJobHandle &h) : EapAuthSwitchStateMachine(r, h), EapStateMachine<EapPassThroughAuthSwitchStateMachine> (*this, *EapPassThroughAuthSwitchStateTable::instance(), r, *this, "passthrough"){}EapPassThroughAuthSwitchStateMachine::~EapPassThroughAuthSwitchStateMachine() {}EapAuthSwitchStateMachine::EapAuthDecisionEapPassThroughAuthSwitchStateMachine::Decision(){ EapType type; try { type = policy.CurrentMethod(); } catch (EapPolicy::PolicyError e) { // No method to try. if (e == EapPolicy::NoCurrentMethod) return DecisionPassthrough; } return DecisionContinue;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -