Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2016-present Open Networking Laboratory |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
Jian Li | 5e505c6 | 2016-12-05 02:44:24 +0900 | [diff] [blame] | 16 | package org.onosproject.lisp.ctl.impl; |
Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 17 | |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 18 | import org.onlab.packet.IpAddress; |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 19 | import org.onosproject.lisp.msg.authentication.LispAuthenticationConfig; |
Jian Li | 5e505c6 | 2016-12-05 02:44:24 +0900 | [diff] [blame] | 20 | import org.onosproject.lisp.msg.protocols.DefaultLispInfoReply.DefaultInfoReplyBuilder; |
| 21 | import org.onosproject.lisp.msg.protocols.DefaultLispInfoRequest.DefaultInfoRequestBuilder; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 22 | import org.onosproject.lisp.msg.protocols.DefaultLispMapNotify.DefaultNotifyBuilder; |
| 23 | import org.onosproject.lisp.msg.protocols.DefaultLispMapRegister.DefaultRegisterBuilder; |
| 24 | import org.onosproject.lisp.msg.protocols.LispEidRecord; |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 25 | import org.onosproject.lisp.msg.protocols.LispInfoReply; |
| 26 | import org.onosproject.lisp.msg.protocols.LispInfoReply.InfoReplyBuilder; |
| 27 | import org.onosproject.lisp.msg.protocols.LispInfoRequest; |
| 28 | import org.onosproject.lisp.msg.protocols.LispInfoRequest.InfoRequestBuilder; |
Jian Li | afe2d3f | 2016-11-01 02:49:07 +0900 | [diff] [blame] | 29 | import org.onosproject.lisp.msg.protocols.LispMapNotify; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 30 | import org.onosproject.lisp.msg.protocols.LispMapNotify.NotifyBuilder; |
| 31 | import org.onosproject.lisp.msg.protocols.LispMapRegister; |
| 32 | import org.onosproject.lisp.msg.protocols.LispMapRegister.RegisterBuilder; |
Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 33 | import org.onosproject.lisp.msg.protocols.LispMessage; |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 34 | import org.onosproject.lisp.msg.types.LispAfiAddress; |
| 35 | import org.onosproject.lisp.msg.types.LispIpv4Address; |
| 36 | import org.onosproject.lisp.msg.types.LispIpv6Address; |
Jian Li | f31019a | 2017-02-05 07:57:46 +0900 | [diff] [blame] | 37 | import org.onosproject.lisp.msg.types.lcaf.LispNatLcafAddress.NatAddressBuilder; |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 38 | import org.onosproject.lisp.msg.types.LispNoAddress; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 39 | import org.slf4j.Logger; |
| 40 | import org.slf4j.LoggerFactory; |
| 41 | |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 42 | import java.net.InetAddress; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 43 | import java.net.InetSocketAddress; |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 44 | import java.net.UnknownHostException; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 45 | import java.util.Arrays; |
| 46 | |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 47 | import static org.onlab.packet.IpAddress.valueOf; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 48 | import static org.onosproject.lisp.msg.authentication.LispAuthenticationKeyEnum.valueOf; |
Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 49 | |
| 50 | /** |
| 51 | * LISP map server class. |
| 52 | * Handles map-register message and acknowledges with map-notify message. |
| 53 | */ |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 54 | public final class LispMapServer { |
Jian Li | 6322a36 | 2016-10-31 00:57:19 +0900 | [diff] [blame] | 55 | |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 56 | private static final Logger log = LoggerFactory.getLogger(LispMapServer.class); |
| 57 | |
Jian Li | d1a109e | 2016-11-12 09:00:42 +0900 | [diff] [blame] | 58 | private static final int MAP_NOTIFY_PORT = 4342; |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 59 | private static final int INFO_REPLY_PORT = 4342; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 60 | |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 61 | private static final String INVALID_AUTHENTICATION_DATA_MSG = |
| 62 | "Unmatched authentication data of {}."; |
| 63 | private static final String FAILED_TO_FORMULATE_NAT_MSG = |
| 64 | "Fails during formulate NAT address."; |
| 65 | |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 66 | |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 67 | private LispMappingDatabase mapDb = LispMappingDatabase.getInstance(); |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 68 | private LispAuthenticationConfig authConfig = LispAuthenticationConfig.getInstance(); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 69 | |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 70 | // non-instantiable (except for our Singleton) |
| 71 | private LispMapServer() { |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 72 | } |
| 73 | |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 74 | static LispMapServer getInstance() { |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 75 | return SingletonHelper.INSTANCE; |
| 76 | } |
| 77 | |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 78 | /** |
| 79 | * Handles map-register message and replies with map-notify message. |
| 80 | * |
| 81 | * @param message map-register message |
| 82 | * @return map-notify message |
| 83 | */ |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 84 | LispMapNotify processMapRegister(LispMessage message) { |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 85 | |
| 86 | LispMapRegister register = (LispMapRegister) message; |
| 87 | |
Jian Li | d1a109e | 2016-11-12 09:00:42 +0900 | [diff] [blame] | 88 | if (!checkMapRegisterAuthData(register)) { |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 89 | log.warn(INVALID_AUTHENTICATION_DATA_MSG, "Map-Register"); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 90 | return null; |
| 91 | } |
| 92 | |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 93 | register.getMapRecords().forEach(mapRecord -> { |
| 94 | LispEidRecord eidRecord = |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 95 | new LispEidRecord(mapRecord.getMaskLength(), |
| 96 | mapRecord.getEidPrefixAfi()); |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 97 | |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 98 | mapDb.putMapRecord(eidRecord, mapRecord, register.isProxyMapReply()); |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 99 | }); |
| 100 | |
Jian Li | 2c8a2a4 | 2016-11-24 02:51:03 +0900 | [diff] [blame] | 101 | // we only acknowledge back to ETR when want-map-notify bit is set to true |
| 102 | // otherwise, we do not acknowledge back to ETR |
| 103 | if (register.isWantMapNotify()) { |
| 104 | NotifyBuilder notifyBuilder = new DefaultNotifyBuilder(); |
| 105 | notifyBuilder.withKeyId(authConfig.lispAuthKeyId()); |
| 106 | notifyBuilder.withAuthDataLength(valueOf(authConfig.lispAuthKeyId()).getHashLength()); |
| 107 | notifyBuilder.withAuthKey(authConfig.lispAuthKey()); |
| 108 | notifyBuilder.withNonce(register.getNonce()); |
| 109 | notifyBuilder.withMapRecords(register.getMapRecords()); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 110 | |
Jian Li | 2c8a2a4 | 2016-11-24 02:51:03 +0900 | [diff] [blame] | 111 | LispMapNotify notify = notifyBuilder.build(); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 112 | |
Jian Li | 2c8a2a4 | 2016-11-24 02:51:03 +0900 | [diff] [blame] | 113 | InetSocketAddress address = |
| 114 | new InetSocketAddress(register.getSender().getAddress(), MAP_NOTIFY_PORT); |
| 115 | notify.configSender(address); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 116 | |
Jian Li | 2c8a2a4 | 2016-11-24 02:51:03 +0900 | [diff] [blame] | 117 | return notify; |
| 118 | } |
| 119 | |
| 120 | return null; |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 121 | } |
| 122 | |
| 123 | /** |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 124 | * Handles info-request message and replies with info-reply message. |
| 125 | * |
| 126 | * @param message info-request message |
| 127 | * @return info-reply message |
| 128 | */ |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 129 | LispInfoReply processInfoRequest(LispMessage message) { |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 130 | LispInfoRequest request = (LispInfoRequest) message; |
| 131 | |
| 132 | if (!checkInfoRequestAuthData(request)) { |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 133 | log.warn(INVALID_AUTHENTICATION_DATA_MSG, "Info-Request"); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 134 | return null; |
| 135 | } |
| 136 | |
| 137 | NatAddressBuilder natBuilder = new NatAddressBuilder(); |
| 138 | try { |
| 139 | LispAfiAddress msAddress = |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 140 | new LispIpv4Address(valueOf(InetAddress.getLocalHost())); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 141 | natBuilder.withMsRlocAddress(msAddress); |
| 142 | natBuilder.withMsUdpPortNumber((short) INFO_REPLY_PORT); |
| 143 | |
| 144 | // try to extract global ETR RLOC address from info-request |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 145 | IpAddress globalRlocIp = valueOf(request.getSender().getAddress()); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 146 | LispAfiAddress globalRlocAddress; |
| 147 | if (globalRlocIp.isIp4()) { |
| 148 | globalRlocAddress = new LispIpv4Address(globalRlocIp); |
| 149 | } else { |
| 150 | globalRlocAddress = new LispIpv6Address(globalRlocIp); |
| 151 | } |
| 152 | natBuilder.withGlobalEtrRlocAddress(globalRlocAddress); |
| 153 | natBuilder.withEtrUdpPortNumber((short) request.getSender().getPort()); |
| 154 | natBuilder.withPrivateEtrRlocAddress(new LispNoAddress()); |
| 155 | |
| 156 | // TODO: need to specify RTR addresses |
| 157 | |
| 158 | } catch (UnknownHostException e) { |
Jian Li | cdbc087 | 2016-12-05 17:23:53 +0900 | [diff] [blame] | 159 | log.warn(FAILED_TO_FORMULATE_NAT_MSG, e); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 160 | } |
| 161 | |
Jian Li | 5e505c6 | 2016-12-05 02:44:24 +0900 | [diff] [blame] | 162 | InfoReplyBuilder replyBuilder = new DefaultInfoReplyBuilder(); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 163 | replyBuilder.withKeyId(request.getKeyId()); |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 164 | replyBuilder.withAuthDataLength(valueOf(authConfig.lispAuthKeyId()).getHashLength()); |
| 165 | replyBuilder.withAuthKey(authConfig.lispAuthKey()); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 166 | replyBuilder.withNonce(request.getNonce()); |
| 167 | replyBuilder.withEidPrefix(request.getPrefix()); |
| 168 | replyBuilder.withMaskLength(request.getMaskLength()); |
| 169 | replyBuilder.withTtl(request.getTtl()); |
| 170 | replyBuilder.withNatLcafAddress(natBuilder.build()); |
| 171 | replyBuilder.withIsInfoReply(true); |
| 172 | |
| 173 | LispInfoReply reply = replyBuilder.build(); |
| 174 | reply.configSender(request.getSender()); |
| 175 | |
| 176 | return reply; |
| 177 | } |
| 178 | |
| 179 | /** |
Jian Li | 51aaca1 | 2016-11-11 01:56:15 +0900 | [diff] [blame] | 180 | * Checks the integrity of the received map-register message by calculating |
| 181 | * authentication data from received map-register message. |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 182 | * |
Jian Li | 51aaca1 | 2016-11-11 01:56:15 +0900 | [diff] [blame] | 183 | * @param register map-register message |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 184 | * @return evaluation result |
| 185 | */ |
Jian Li | d1a109e | 2016-11-12 09:00:42 +0900 | [diff] [blame] | 186 | private boolean checkMapRegisterAuthData(LispMapRegister register) { |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 187 | RegisterBuilder registerBuilder = new DefaultRegisterBuilder(); |
| 188 | registerBuilder.withKeyId(register.getKeyId()); |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 189 | registerBuilder.withAuthKey(authConfig.lispAuthKey()); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 190 | registerBuilder.withNonce(register.getNonce()); |
| 191 | registerBuilder.withIsProxyMapReply(register.isProxyMapReply()); |
| 192 | registerBuilder.withIsWantMapNotify(register.isWantMapNotify()); |
| 193 | registerBuilder.withMapRecords(register.getMapRecords()); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 194 | |
Jian Li | d1a109e | 2016-11-12 09:00:42 +0900 | [diff] [blame] | 195 | LispMapRegister authRegister = registerBuilder.build(); |
Jian Li | 24f6cc0 | 2016-11-01 16:38:40 +0900 | [diff] [blame] | 196 | |
Jian Li | d1a109e | 2016-11-12 09:00:42 +0900 | [diff] [blame] | 197 | return Arrays.equals(authRegister.getAuthData(), register.getAuthData()); |
Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 198 | } |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 199 | |
| 200 | /** |
| 201 | * Checks the integrity of the received info-request message by calculating |
| 202 | * authentication data from received info-request message. |
| 203 | * |
| 204 | * @param request info-request message |
| 205 | * @return evaluation result |
| 206 | */ |
| 207 | private boolean checkInfoRequestAuthData(LispInfoRequest request) { |
| 208 | InfoRequestBuilder requestBuilder = new DefaultInfoRequestBuilder(); |
| 209 | requestBuilder.withKeyId(request.getKeyId()); |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 210 | requestBuilder.withAuthKey(authConfig.lispAuthKey()); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 211 | requestBuilder.withNonce(request.getNonce()); |
| 212 | requestBuilder.withTtl(request.getTtl()); |
| 213 | requestBuilder.withEidPrefix(request.getPrefix()); |
| 214 | requestBuilder.withIsInfoReply(request.isInfoReply()); |
| 215 | requestBuilder.withMaskLength(request.getMaskLength()); |
| 216 | |
yoonseon | 980cd7c | 2016-11-18 14:18:46 -0800 | [diff] [blame] | 217 | LispInfoRequest authRequest = requestBuilder.build(); |
Jian Li | 6ef1b3f | 2016-11-12 18:16:06 +0900 | [diff] [blame] | 218 | |
| 219 | return Arrays.equals(authRequest.getAuthData(), request.getAuthData()); |
| 220 | } |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 221 | |
| 222 | /** |
| 223 | * Prevents object instantiation from external. |
| 224 | */ |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 225 | private static final class SingletonHelper { |
| 226 | private static final String ILLEGAL_ACCESS_MSG = "Should not instantiate this class."; |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 227 | private static final LispMapServer INSTANCE = new LispMapServer(); |
Jian Li | 29986d8 | 2016-12-01 03:25:12 +0900 | [diff] [blame] | 228 | |
| 229 | private SingletonHelper() { |
| 230 | throw new IllegalAccessError(ILLEGAL_ACCESS_MSG); |
| 231 | } |
Jian Li | 712ec05 | 2016-11-22 03:23:54 +0900 | [diff] [blame] | 232 | } |
Jian Li | 451cea3 | 2016-10-04 15:27:50 +0900 | [diff] [blame] | 233 | } |