Hi,
Am developing a diameter server using go-diameter package that need to
perform EAP-AKA authentication.
In the DER/DEA process, the client will be sending multiple request to the
server,
that is first the client sends an identity request to the server, the
server respond with
RAND, MAC, etc to the client, the client then sends second request to the
server, in this case with
different parameters(RES, MAC, etc) to the server.
The server need to handle the second request using the same handle if am
right since in DER/DEA,
the server handle only DER. My question is how can i handle the second
request coming from the client
using the same handle(DER) at the diameter server side. That using the same
DER handle to response to
diameter client multiple request. Is it possible, if possible any help.
Currently i have at the server side this request handle
//First server response to cleint should containg this payload
func AKA_Challenge_Request(settings sm.Settings, w io.Writer, m
*diam.Message) (n int64, err error) {
PayloadSlice := []byte(`RAND, AUTHN, MAC, RESULT_ID`)
m.NewAVP(avp.EAPPayload, avp.Mbit, 0,
datatype.OctetString(PayloadSlice))
return m.WriteTo(w)
}
//Second server response to cleint should containg this payload
func AKA_Success_Notification(settings sm.Settings, w io.Writer, m
*diam.Message) (n int64, err error) {
EAPSlice := []byte(`EAP_Success`)
MSKSlice := []byte(`EAP-Master-Session-Key`)
m.NewAVP(avp.EAPPayload, avp.Mbit, 0, datatype.OctetString(EAPSlice))
m.NewAVP(avp.EAPMasterSessionKey, avp.Mbit, 0,
datatype.OctetString(MSKSlice))
return m.WriteTo(w)
}
// Handle funtion at the server side
func HandleDER(settings sm.Settings) diam.HandlerFunc {
type HandleDERRequest struct {
SessionID datatype.UTF8String `avp:"Session-Id"`
OriginHost datatype.DiameterIdentity `avp:"Origin-Host"`
OriginRealm datatype.DiameterIdentity `avp:"Origin-Realm"`
DestinationHost datatype.DiameterIdentity `avp:"Destination-Host"`
DestinationRealm datatype.DiameterIdentity
`avp:"Destination-Realm"`
UserName datatype.UTF8String `avp:"User-Name"`
AuthSessionState datatype.Enumerated
`avp:"Auth-Session-State"`
AuthApplicationID datatype.Unsigned32
`avp:"Auth-Application-Id"`
AuthRequestType datatype.Enumerated
`avp:"Auth-Request-Type"`
EAPPayload datatype.OctetString `avp:"EAP-Payload"`
RATType datatype.Enumerated `avp:"RAT-Type"`
ANID datatype.UTF8String `avp:"ANID"`
}
return func(c diam.Conn, m *diam.Message) {
var err error = nil
var req HandleDERRequest
var code uint32 = diam.Success
err = m.Unmarshal(&req)
if err != nil {
err = fmt.Errorf("Unmarshal failed: %s", err)
code = diam.UnableToComply
log.Printf("Invalid DER(%d): %s\n", code, err.Error())
} else {
code = diam.Success
}
fmt.Println(string(req.EAPPayload))
a := m.Answer(code)
a.NewAVP(avp.SessionID, avp.Mbit, 0, req.SessionID)
a.NewAVP(avp.OriginHost, avp.Mbit, 0, req.DestinationHost)
a.NewAVP(avp.OriginRealm, avp.Mbit, 0, req.DestinationRealm)
a.NewAVP(avp.OriginStateID, avp.Mbit, 0, settings.OriginStateID)
//Respond with first payload
_, err = AKA_Challenge_Request(settings, c, a)
if err != nil {
log.Printf("Failed to send AAA challenge request: %s",
err.Error())
}
}
}
Any help?
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/golang-nuts/e36ba859-85c9-4d03-aad4-2c7935d8a570%40googlegroups.com.
