Fix bugs for AaaManger and RADIUS
Change-Id: I112a3207ccd9b580e59e8ec328cb6db1e32ca38a
Showing
2 changed files
with
24 additions
and
7 deletions
apps/aaa/src/main/java/org/onosproject/aaa/AaaManager.java
100644 → 100755
| ... | @@ -349,6 +349,16 @@ public class AaaManager { | ... | @@ -349,6 +349,16 @@ public class AaaManager { |
| 349 | sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint()); | 349 | sendPacketToSupplicant(eth, stateMachine.supplicantConnectpoint()); |
| 350 | 350 | ||
| 351 | break; | 351 | break; |
| 352 | + case EAPOL.EAPOL_LOGOFF: | ||
| 353 | + if (stateMachine.state() == stateMachine.STATE_AUTHORIZED) { | ||
| 354 | + try { | ||
| 355 | + stateMachine.logoff(); | ||
| 356 | + } catch (StateMachineException e) { | ||
| 357 | + e.printStackTrace(); | ||
| 358 | + } | ||
| 359 | + } | ||
| 360 | + | ||
| 361 | + break; | ||
| 352 | case EAPOL.EAPOL_PACKET: | 362 | case EAPOL.EAPOL_PACKET: |
| 353 | RADIUS radiusPayload; | 363 | RADIUS radiusPayload; |
| 354 | // check if this is a Response/Identify or a Response/TLS | 364 | // check if this is a Response/Identify or a Response/TLS |
| ... | @@ -380,8 +390,10 @@ public class AaaManager { | ... | @@ -380,8 +390,10 @@ public class AaaManager { |
| 380 | stateMachine.identifier(), | 390 | stateMachine.identifier(), |
| 381 | eapPacket); | 391 | eapPacket); |
| 382 | 392 | ||
| 383 | - radiusPayload.setAttribute(RADIUSAttribute.RADIUS_ATTR_STATE, | 393 | + if (stateMachine.challengeState() != null) { |
| 384 | - stateMachine.challengeState()); | 394 | + radiusPayload.setAttribute(RADIUSAttribute.RADIUS_ATTR_STATE, |
| 395 | + stateMachine.challengeState()); | ||
| 396 | + } | ||
| 385 | radiusPayload.addMessageAuthenticator(AaaManager.this.radiusSecret); | 397 | radiusPayload.addMessageAuthenticator(AaaManager.this.radiusSecret); |
| 386 | sendRadiusPacket(radiusPayload); | 398 | sendRadiusPacket(radiusPayload); |
| 387 | } | 399 | } |
| ... | @@ -390,8 +402,10 @@ public class AaaManager { | ... | @@ -390,8 +402,10 @@ public class AaaManager { |
| 390 | // request id access to RADIUS | 402 | // request id access to RADIUS |
| 391 | radiusPayload = getRadiusPayload(stateMachine, stateMachine.identifier(), eapPacket); | 403 | radiusPayload = getRadiusPayload(stateMachine, stateMachine.identifier(), eapPacket); |
| 392 | 404 | ||
| 393 | - radiusPayload.setAttribute(RADIUSAttribute.RADIUS_ATTR_STATE, | 405 | + if (stateMachine.challengeState() != null) { |
| 394 | - stateMachine.challengeState()); | 406 | + radiusPayload.setAttribute(RADIUSAttribute.RADIUS_ATTR_STATE, |
| 407 | + stateMachine.challengeState()); | ||
| 408 | + } | ||
| 395 | stateMachine.setRequestAuthenticator(radiusPayload.generateAuthCode()); | 409 | stateMachine.setRequestAuthenticator(radiusPayload.generateAuthCode()); |
| 396 | 410 | ||
| 397 | radiusPayload.addMessageAuthenticator(AaaManager.this.radiusSecret); | 411 | radiusPayload.addMessageAuthenticator(AaaManager.this.radiusSecret); |
| ... | @@ -432,8 +446,11 @@ public class AaaManager { | ... | @@ -432,8 +446,11 @@ public class AaaManager { |
| 432 | Ethernet eth; | 446 | Ethernet eth; |
| 433 | switch (radiusPacket.getCode()) { | 447 | switch (radiusPacket.getCode()) { |
| 434 | case RADIUS.RADIUS_CODE_ACCESS_CHALLENGE: | 448 | case RADIUS.RADIUS_CODE_ACCESS_CHALLENGE: |
| 435 | - byte[] challengeState = | 449 | + RADIUSAttribute radiusAttrState = radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_STATE); |
| 436 | - radiusPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_STATE).getValue(); | 450 | + byte[] challengeState = null; |
| 451 | + if (radiusAttrState != null) { | ||
| 452 | + challengeState = radiusAttrState.getValue(); | ||
| 453 | + } | ||
| 437 | eapPayload = radiusPacket.decapsulateMessage(); | 454 | eapPayload = radiusPacket.decapsulateMessage(); |
| 438 | stateMachine.setChallengeInfo(eapPayload.getIdentifier(), challengeState); | 455 | stateMachine.setChallengeInfo(eapPayload.getIdentifier(), challengeState); |
| 439 | eth = buildEapolResponse(stateMachine.supplicantAddress(), | 456 | eth = buildEapolResponse(stateMachine.supplicantAddress(), | ... | ... |
| ... | @@ -373,7 +373,7 @@ public class RADIUS extends BasePacket { | ... | @@ -373,7 +373,7 @@ public class RADIUS extends BasePacket { |
| 373 | attr.value = new byte[attrLength - 2]; | 373 | attr.value = new byte[attrLength - 2]; |
| 374 | bb.get(attr.value, 0, attrLength - 2); | 374 | bb.get(attr.value, 0, attrLength - 2); |
| 375 | radius.attributes.add(attr); | 375 | radius.attributes.add(attr); |
| 376 | - remainingLength -= attr.length; | 376 | + remainingLength -= attrLength; |
| 377 | } | 377 | } |
| 378 | return radius; | 378 | return radius; |
| 379 | }; | 379 | }; | ... | ... |
-
Please register or login to post a comment