diff --git a/apps/sdlan/include/sdlan_pb.hrl b/apps/sdlan/include/sdlan_pb.hrl index b2a75bd..ed5ce64 100644 --- a/apps/sdlan/include/sdlan_pb.hrl +++ b/apps/sdlan/include/sdlan_pb.hrl @@ -225,10 +225,13 @@ -ifndef('SDL_POLICY_REQUEST_PB_H'). -define('SDL_POLICY_REQUEST_PB_H', true). -record(sdl_policy_request, - {network_id = 0 :: non_neg_integer() | undefined, % = 1, optional, 32 bits - src_identity_id = 0 :: non_neg_integer() | undefined, % = 2, optional, 32 bits - dst_identity_id = 0 :: non_neg_integer() | undefined, % = 3, optional, 32 bits - session_token = <<>> :: iodata() | undefined % = 4, optional + {client_id = <<>> :: unicode:chardata() | undefined, % = 1, optional + network_id = 0 :: non_neg_integer() | undefined, % = 2, optional, 32 bits + mac = <<>> :: iodata() | undefined, % = 3, optional + src_identity_id = 0 :: non_neg_integer() | undefined, % = 4, optional, 32 bits + dst_identity_id = 0 :: non_neg_integer() | undefined, % = 5, optional, 32 bits + version = 0 :: non_neg_integer() | undefined, % = 6, optional, 32 bits + session_token = <<>> :: iodata() | undefined % = 7, optional }). -endif. diff --git a/apps/sdlan/src/sdlan_network.erl b/apps/sdlan/src/sdlan_network.erl index 556b2f3..51e5173 100644 --- a/apps/sdlan/src/sdlan_network.erl +++ b/apps/sdlan/src/sdlan_network.erl @@ -25,7 +25,7 @@ %% API -export([start_link/2]). -export([get_name/1, get_pid/1, lookup_pid/1, attach/6, peer_info/4, unregister/3, debug_info/1, get_network_id/1, arp_query/2]). --export([forward/5, stun_request/4, disable_client/2, dropout_client/2]). +-export([forward/5, stun_request/4, policy_request/4, disable_client/2, dropout_client/2]). -export([test_event/1]). %% gen_server callbacks @@ -120,6 +120,10 @@ forward(Pid, Sock, SrcMac, DstMac, Packet) when is_pid(Pid), is_binary(SrcMac), stun_request(Pid, Sock, ClientPeer, StunRequest) when is_pid(Pid) -> gen_server:cast(Pid, {stun_request, Sock, ClientPeer, StunRequest}). +-spec policy_request(Pid :: pid(), Sock :: inet:socket(), ClientPeer :: {inet:ip4_address(), integer()}, PolicyRequest :: #sdl_policy_request{}) -> no_return(). +policy_request(Pid, Sock, ClientPeer, PolicyRequest) when is_pid(Pid) -> + gen_server:cast(Pid, {policy_request, Sock, ClientPeer, PolicyRequest}). + -spec disable_client(Pid :: pid(), ClientId :: binary()) -> ok. disable_client(Pid, ClientId) when is_pid(Pid), is_binary(ClientId) -> gen_server:call(Pid, {disable_client, ClientId}). @@ -385,7 +389,29 @@ handle_cast({stun_request, Sock, Peer = {ClientIp, ClientPort}, #sdl_stun_reques gen_udp:send(Sock, ClientIp, ClientPort, EventPacket), {noreply, State} - end. + end; + +%% 处理权限逻辑 +handle_cast({policy_request, Sock, {ClientIp, ClientPort}, #sdl_policy_request{client_id = ClientId, version = Version, mac = Mac, src_identity_id = SrcIdentityId, dst_identity_id = DstIdentityId, session_token = ST}}, + State = #state{network_id = NetworkId, endpoints = Endpoints}) -> + + maybe + {ok, #endpoint{client_id = ClientId, session_token = ST}} ?= maps:find(Mac, Endpoints), + PolicyResponse = sdlan_pb:encode_msg(#sdl_policy_response { + network_id = NetworkId, + src_identity_id = SrcIdentityId, + dst_identity_id = DstIdentityId, + version = Version, + total_num = 1, + index = 1, + rules = <<1, 80:16, 2, 9090:16>> + }), + + PolicyResponsePkt = <>, + gen_udp:send(Sock, ClientIp, ClientPort, PolicyResponsePkt) + end, + + {noreply, State}. %% @private %% @doc Handling all non call/cast messages diff --git a/apps/sdlan/src/sdlan_pb.erl b/apps/sdlan/src/sdlan_pb.erl index 0117adc..9f03f4d 100644 --- a/apps/sdlan/src/sdlan_pb.erl +++ b/apps/sdlan/src/sdlan_pb.erl @@ -1020,13 +1020,14 @@ encode_msg_sdl_arp_response(#sdl_arp_response{network_id = F1, target_ip = F2, t encode_msg_sdl_policy_request(Msg, TrUserData) -> encode_msg_sdl_policy_request(Msg, <<>>, TrUserData). -encode_msg_sdl_policy_request(#sdl_policy_request{network_id = F1, src_identity_id = F2, dst_identity_id = F3, session_token = F4}, Bin, TrUserData) -> +encode_msg_sdl_policy_request(#sdl_policy_request{client_id = F1, network_id = F2, mac = F3, src_identity_id = F4, dst_identity_id = F5, version = F6, session_token = F7}, Bin, TrUserData) -> B1 = if F1 == undefined -> Bin; true -> begin TrF1 = id(F1, TrUserData), - if TrF1 =:= 0 -> Bin; - true -> e_varint(TrF1, <>, TrUserData) + case is_empty_string(TrF1) of + true -> Bin; + false -> e_type_string(TrF1, <>, TrUserData) end end end, @@ -1043,18 +1044,46 @@ encode_msg_sdl_policy_request(#sdl_policy_request{network_id = F1, src_identity_ true -> begin TrF3 = id(F3, TrUserData), - if TrF3 =:= 0 -> B2; - true -> e_varint(TrF3, <>, TrUserData) + case iolist_size(TrF3) of + 0 -> B2; + _ -> e_type_bytes(TrF3, <>, TrUserData) end end end, - if F4 == undefined -> B3; + B4 = if F4 == undefined -> B3; + true -> + begin + TrF4 = id(F4, TrUserData), + if TrF4 =:= 0 -> B3; + true -> e_varint(TrF4, <>, TrUserData) + end + end + end, + B5 = if F5 == undefined -> B4; + true -> + begin + TrF5 = id(F5, TrUserData), + if TrF5 =:= 0 -> B4; + true -> e_varint(TrF5, <>, TrUserData) + end + end + end, + B6 = if F6 == undefined -> B5; + true -> + begin + TrF6 = id(F6, TrUserData), + if TrF6 =:= 0 -> B5; + true -> e_varint(TrF6, <>, TrUserData) + end + end + end, + if F7 == undefined -> B6; true -> begin - TrF4 = id(F4, TrUserData), - case iolist_size(TrF4) of - 0 -> B3; - _ -> e_type_bytes(TrF4, <>, TrUserData) + TrF7 = id(F7, TrUserData), + case iolist_size(TrF7) of + 0 -> B6; + _ -> e_type_bytes(TrF7, <>, TrUserData) end end end. @@ -2806,70 +2835,103 @@ skip_32_sdl_arp_response(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrU skip_64_sdl_arp_response(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_sdl_arp_response(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). -decode_msg_sdl_policy_request(Bin, TrUserData) -> dfp_read_field_def_sdl_policy_request(Bin, 0, 0, 0, id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(<<>>, TrUserData), TrUserData). +decode_msg_sdl_policy_request(Bin, TrUserData) -> + dfp_read_field_def_sdl_policy_request(Bin, 0, 0, 0, id(<<>>, TrUserData), id(0, TrUserData), id(<<>>, TrUserData), id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(<<>>, TrUserData), TrUserData). -dfp_read_field_def_sdl_policy_request(<<8, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_sdl_policy_request_network_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -dfp_read_field_def_sdl_policy_request(<<16, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_sdl_policy_request_src_identity_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -dfp_read_field_def_sdl_policy_request(<<24, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_sdl_policy_request_dst_identity_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -dfp_read_field_def_sdl_policy_request(<<34, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_sdl_policy_request_session_token(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -dfp_read_field_def_sdl_policy_request(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, _) -> #sdl_policy_request{network_id = F@_1, src_identity_id = F@_2, dst_identity_id = F@_3, session_token = F@_4}; -dfp_read_field_def_sdl_policy_request(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dg_read_field_def_sdl_policy_request(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). +dfp_read_field_def_sdl_policy_request(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_client_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<16, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_network_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_mac(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_src_identity_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<40, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_dst_identity_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<48, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_version(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<58, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_sdl_policy_request_session_token(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_sdl_policy_request(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, _) -> + #sdl_policy_request{client_id = F@_1, network_id = F@_2, mac = F@_3, src_identity_id = F@_4, dst_identity_id = F@_5, version = F@_6, session_token = F@_7}; +dfp_read_field_def_sdl_policy_request(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dg_read_field_def_sdl_policy_request(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -dg_read_field_def_sdl_policy_request(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 32 - 7 -> dg_read_field_def_sdl_policy_request(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -dg_read_field_def_sdl_policy_request(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, TrUserData) -> +dg_read_field_def_sdl_policy_request(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 32 - 7 -> + dg_read_field_def_sdl_policy_request(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dg_read_field_def_sdl_policy_request(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> Key = X bsl N + Acc, case Key of - 8 -> d_field_sdl_policy_request_network_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); - 16 -> d_field_sdl_policy_request_src_identity_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); - 24 -> d_field_sdl_policy_request_dst_identity_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); - 34 -> d_field_sdl_policy_request_session_token(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 10 -> d_field_sdl_policy_request_client_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 16 -> d_field_sdl_policy_request_network_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 26 -> d_field_sdl_policy_request_mac(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 32 -> d_field_sdl_policy_request_src_identity_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 40 -> d_field_sdl_policy_request_dst_identity_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 48 -> d_field_sdl_policy_request_version(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 58 -> d_field_sdl_policy_request_session_token(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); - 1 -> skip_64_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); - 2 -> skip_length_delimited_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); - 3 -> skip_group_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); - 5 -> skip_32_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData) + 0 -> skip_varint_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 1 -> skip_64_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 2 -> skip_length_delimited_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 3 -> skip_group_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 5 -> skip_32_sdl_policy_request(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) end end; -dg_read_field_def_sdl_policy_request(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, _) -> #sdl_policy_request{network_id = F@_1, src_identity_id = F@_2, dst_identity_id = F@_3, session_token = F@_4}. +dg_read_field_def_sdl_policy_request(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, _) -> + #sdl_policy_request{client_id = F@_1, network_id = F@_2, mac = F@_3, src_identity_id = F@_4, dst_identity_id = F@_5, version = F@_6, session_token = F@_7}. -d_field_sdl_policy_request_network_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_sdl_policy_request_network_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -d_field_sdl_policy_request_network_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, TrUserData) -> - {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, - dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, TrUserData). - -d_field_sdl_policy_request_src_identity_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_sdl_policy_request_src_identity_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -d_field_sdl_policy_request_src_identity_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, TrUserData) -> - {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, - dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, TrUserData). - -d_field_sdl_policy_request_dst_identity_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_sdl_policy_request_dst_identity_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -d_field_sdl_policy_request_dst_identity_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, TrUserData) -> - {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, - dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, TrUserData). - -d_field_sdl_policy_request_session_token(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_sdl_policy_request_session_token(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -d_field_sdl_policy_request_session_token(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, TrUserData) -> +d_field_sdl_policy_request_client_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_client_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_client_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, TrUserData). + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_varint_sdl_policy_request(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> skip_varint_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -skip_varint_sdl_policy_request(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). +d_field_sdl_policy_request_network_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_network_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_network_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_length_delimited_sdl_policy_request(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> skip_length_delimited_sdl_policy_request(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); -skip_length_delimited_sdl_policy_request(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> +d_field_sdl_policy_request_mac(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_mac(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_mac(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, F@_7, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, F@_7, TrUserData). + +d_field_sdl_policy_request_src_identity_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_src_identity_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_src_identity_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, F@_7, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, F@_7, TrUserData). + +d_field_sdl_policy_request_dst_identity_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_dst_identity_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_dst_identity_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, NewFValue, F@_6, F@_7, TrUserData). + +d_field_sdl_policy_request_version(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_version(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_version(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, F@_7, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, F@_7, TrUserData). + +d_field_sdl_policy_request_session_token(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_sdl_policy_request_session_token(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_sdl_policy_request_session_token(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, _, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_sdl_policy_request(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, NewFValue, TrUserData). + +skip_varint_sdl_policy_request(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> skip_varint_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +skip_varint_sdl_policy_request(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). + +skip_length_delimited_sdl_policy_request(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + skip_length_delimited_sdl_policy_request(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +skip_length_delimited_sdl_policy_request(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_sdl_policy_request(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, TrUserData). + dfp_read_field_def_sdl_policy_request(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_group_sdl_policy_request(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData) -> +skip_group_sdl_policy_request(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_sdl_policy_request(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData). + dfp_read_field_def_sdl_policy_request(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_32_sdl_policy_request(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). +skip_32_sdl_policy_request(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_64_sdl_policy_request(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). +skip_64_sdl_policy_request(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_sdl_policy_request(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). decode_msg_sdl_policy_response(Bin, TrUserData) -> dfp_read_field_def_sdl_policy_response(Bin, 0, 0, 0, id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(0, TrUserData), id(<<>>, TrUserData), TrUserData). @@ -3467,12 +3529,20 @@ merge_msg_sdl_arp_response(#sdl_arp_response{network_id = PFnetwork_id, target_i end}. -compile({nowarn_unused_function,merge_msg_sdl_policy_request/3}). -merge_msg_sdl_policy_request(#sdl_policy_request{network_id = PFnetwork_id, src_identity_id = PFsrc_identity_id, dst_identity_id = PFdst_identity_id, session_token = PFsession_token}, - #sdl_policy_request{network_id = NFnetwork_id, src_identity_id = NFsrc_identity_id, dst_identity_id = NFdst_identity_id, session_token = NFsession_token}, _) -> - #sdl_policy_request{network_id = +merge_msg_sdl_policy_request(#sdl_policy_request{client_id = PFclient_id, network_id = PFnetwork_id, mac = PFmac, src_identity_id = PFsrc_identity_id, dst_identity_id = PFdst_identity_id, version = PFversion, session_token = PFsession_token}, + #sdl_policy_request{client_id = NFclient_id, network_id = NFnetwork_id, mac = NFmac, src_identity_id = NFsrc_identity_id, dst_identity_id = NFdst_identity_id, version = NFversion, session_token = NFsession_token}, _) -> + #sdl_policy_request{client_id = + if NFclient_id =:= undefined -> PFclient_id; + true -> NFclient_id + end, + network_id = if NFnetwork_id =:= undefined -> PFnetwork_id; true -> NFnetwork_id end, + mac = + if NFmac =:= undefined -> PFmac; + true -> NFmac + end, src_identity_id = if NFsrc_identity_id =:= undefined -> PFsrc_identity_id; true -> NFsrc_identity_id @@ -3481,6 +3551,10 @@ merge_msg_sdl_policy_request(#sdl_policy_request{network_id = PFnetwork_id, src_ if NFdst_identity_id =:= undefined -> PFdst_identity_id; true -> NFdst_identity_id end, + version = + if NFversion =:= undefined -> PFversion; + true -> NFversion + end, session_token = if NFsession_token =:= undefined -> PFsession_token; true -> NFsession_token @@ -3947,18 +4021,27 @@ v_msg_sdl_arp_response(X, Path, _TrUserData) -> mk_type_error({expected_msg, sdl -compile({nowarn_unused_function,v_msg_sdl_policy_request/3}). -dialyzer({nowarn_function,v_msg_sdl_policy_request/3}). -v_msg_sdl_policy_request(#sdl_policy_request{network_id = F1, src_identity_id = F2, dst_identity_id = F3, session_token = F4}, Path, TrUserData) -> +v_msg_sdl_policy_request(#sdl_policy_request{client_id = F1, network_id = F2, mac = F3, src_identity_id = F4, dst_identity_id = F5, version = F6, session_token = F7}, Path, TrUserData) -> if F1 == undefined -> ok; - true -> v_type_uint32(F1, [network_id | Path], TrUserData) + true -> v_type_string(F1, [client_id | Path], TrUserData) end, if F2 == undefined -> ok; - true -> v_type_uint32(F2, [src_identity_id | Path], TrUserData) + true -> v_type_uint32(F2, [network_id | Path], TrUserData) end, if F3 == undefined -> ok; - true -> v_type_uint32(F3, [dst_identity_id | Path], TrUserData) + true -> v_type_bytes(F3, [mac | Path], TrUserData) end, if F4 == undefined -> ok; - true -> v_type_bytes(F4, [session_token | Path], TrUserData) + true -> v_type_uint32(F4, [src_identity_id | Path], TrUserData) + end, + if F5 == undefined -> ok; + true -> v_type_uint32(F5, [dst_identity_id | Path], TrUserData) + end, + if F6 == undefined -> ok; + true -> v_type_uint32(F6, [version | Path], TrUserData) + end, + if F7 == undefined -> ok; + true -> v_type_bytes(F7, [session_token | Path], TrUserData) end, ok; v_msg_sdl_policy_request(X, Path, _TrUserData) -> mk_type_error({expected_msg, sdl_policy_request}, X, Path). @@ -4156,10 +4239,13 @@ get_msg_defs() -> #field{name = target_ip, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, #field{name = target_mac, fnum = 3, rnum = 4, type = bytes, occurrence = defaulty, opts = []}]}, {{msg, sdl_policy_request}, - [#field{name = network_id, fnum = 1, rnum = 2, type = uint32, occurrence = defaulty, opts = []}, - #field{name = src_identity_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, - #field{name = dst_identity_id, fnum = 3, rnum = 4, type = uint32, occurrence = defaulty, opts = []}, - #field{name = session_token, fnum = 4, rnum = 5, type = bytes, occurrence = defaulty, opts = []}]}, + [#field{name = client_id, fnum = 1, rnum = 2, type = string, occurrence = defaulty, opts = []}, + #field{name = network_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, + #field{name = mac, fnum = 3, rnum = 4, type = bytes, occurrence = defaulty, opts = []}, + #field{name = src_identity_id, fnum = 4, rnum = 5, type = uint32, occurrence = defaulty, opts = []}, + #field{name = dst_identity_id, fnum = 5, rnum = 6, type = uint32, occurrence = defaulty, opts = []}, + #field{name = version, fnum = 6, rnum = 7, type = uint32, occurrence = defaulty, opts = []}, + #field{name = session_token, fnum = 7, rnum = 8, type = bytes, occurrence = defaulty, opts = []}]}, {{msg, sdl_policy_response}, [#field{name = network_id, fnum = 1, rnum = 2, type = uint32, occurrence = defaulty, opts = []}, #field{name = src_identity_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, @@ -4338,10 +4424,13 @@ find_msg_def(sdl_arp_response) -> #field{name = target_ip, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, #field{name = target_mac, fnum = 3, rnum = 4, type = bytes, occurrence = defaulty, opts = []}]; find_msg_def(sdl_policy_request) -> - [#field{name = network_id, fnum = 1, rnum = 2, type = uint32, occurrence = defaulty, opts = []}, - #field{name = src_identity_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, - #field{name = dst_identity_id, fnum = 3, rnum = 4, type = uint32, occurrence = defaulty, opts = []}, - #field{name = session_token, fnum = 4, rnum = 5, type = bytes, occurrence = defaulty, opts = []}]; + [#field{name = client_id, fnum = 1, rnum = 2, type = string, occurrence = defaulty, opts = []}, + #field{name = network_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, + #field{name = mac, fnum = 3, rnum = 4, type = bytes, occurrence = defaulty, opts = []}, + #field{name = src_identity_id, fnum = 4, rnum = 5, type = uint32, occurrence = defaulty, opts = []}, + #field{name = dst_identity_id, fnum = 5, rnum = 6, type = uint32, occurrence = defaulty, opts = []}, + #field{name = version, fnum = 6, rnum = 7, type = uint32, occurrence = defaulty, opts = []}, + #field{name = session_token, fnum = 7, rnum = 8, type = bytes, occurrence = defaulty, opts = []}]; find_msg_def(sdl_policy_response) -> [#field{name = network_id, fnum = 1, rnum = 2, type = uint32, occurrence = defaulty, opts = []}, #field{name = src_identity_id, fnum = 2, rnum = 3, type = uint32, occurrence = defaulty, opts = []}, diff --git a/apps/sdlan/src/sdlan_stun.erl b/apps/sdlan/src/sdlan_stun.erl index f53bfb8..cf779a4 100644 --- a/apps/sdlan/src/sdlan_stun.erl +++ b/apps/sdlan/src/sdlan_stun.erl @@ -161,6 +161,15 @@ handle_packet(Sock, ClientIp, ClientPort, < sdlan_network:stun_request(NetworkPid, Sock, {ClientIp, ClientPort}, StunRequest) end; +%% 处理网络的权限请求 +handle_packet(Sock, ClientIp, ClientPort, <>) -> + maybe + PolicyRequest = catch sdlan_pb:decode_msg(Body, sdl_policy_request), + #sdl_stun_request{network_id = NetworkId} ?= PolicyRequest, + {ok, NetworkPid} ?= sdlan_network:lookup_pid(NetworkId), + sdlan_network:policy_request(NetworkPid, Sock, {ClientIp, ClientPort}, PolicyRequest) + end; + %% 网络nat类型的探测机制, 需要借助其他服务一起才能实现 %% 辅助节点没有assist的配置,不支持attr = 2的探测 handle_packet(Sock, Ip, Port, <>) -> diff --git a/message.proto b/message.proto index 450780f..1e7f82d 100644 --- a/message.proto +++ b/message.proto @@ -185,10 +185,13 @@ message SDLArpResponse { // 权限请求查询相关 message SDLPolicyRequest { - uint32 network_id = 1; - uint32 src_identity_id = 2; - uint32 dst_identity_id = 3; - bytes session_token = 4; + string client_id = 1; + uint32 network_id = 2; + bytes mac = 3; + uint32 src_identity_id = 4; + uint32 dst_identity_id = 5; + uint32 version = 6; + bytes session_token = 7; } message SDLPolicyResponse {