From 7928dceefb47ac47ab13bee77c3f570fd7df99dc Mon Sep 17 00:00:00 2001 From: Mike Hansen Date: Wed, 10 Mar 2021 17:49:24 -0500 Subject: [PATCH] WIFI-453: CloudSDK : Support for APC / Radius Proxy (Back End) WIFI-1695: Gateway: SSID configuration populate radsecproxy when using APC WIFI-1693: Gateway: Update EquipmentProtocolStatusData for APC/RadSEC WIFI-1717: Gateway: Handle table state changes for APC_State --- .../OpensyncExternalIntegrationCloud.java | 152 +++++++++++++----- .../opensync/ovsdb/TipWlanOvsdbClient.java | 38 ++++- .../wlan/opensync/ovsdb/dao/OvsdbDao.java | 10 ++ .../wlan/opensync/ovsdb/dao/OvsdbMonitor.java | 10 +- .../opensync/ovsdb/dao/OvsdbRadSecConfig.java | 72 ++++++--- .../opensync/ovsdb/dao/OvsdbSsidConfig.java | 80 ++++++--- .../wlan/opensync/ovsdb/dao/OvsdbDaoTest.java | 4 +- .../opensync/ovsdb/dao/OvsdbNodeTest.java | 4 +- .../ovsdb/dao/OvsdbSsidConfigTest.java | 5 +- 9 files changed, 279 insertions(+), 96 deletions(-) diff --git a/opensync-ext-cloud/src/main/java/com/telecominfraproject/wlan/opensync/external/integration/OpensyncExternalIntegrationCloud.java b/opensync-ext-cloud/src/main/java/com/telecominfraproject/wlan/opensync/external/integration/OpensyncExternalIntegrationCloud.java index d1d31a9..e5659cb 100644 --- a/opensync-ext-cloud/src/main/java/com/telecominfraproject/wlan/opensync/external/integration/OpensyncExternalIntegrationCloud.java +++ b/opensync-ext-cloud/src/main/java/com/telecominfraproject/wlan/opensync/external/integration/OpensyncExternalIntegrationCloud.java @@ -646,7 +646,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra networkAdminStatusRec.setDetails(netAdminStatusData); networkAdminStatusRec = statusServiceInterface.update(networkAdminStatusRec); - + } catch (Exception e) { LOG.error("Exception in updateApStatus", e); throw e; @@ -1057,7 +1057,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra if (apNode == null) { LOG.debug("wifiVIFStateDbTableUpdate::Cannot get EquipmentId for AP {}", apId); return; // we don't have the required info to get the - // radio type yet + // radio type yet } ApElementConfiguration apElementConfig = (ApElementConfiguration) apNode.getDetails(); @@ -1208,11 +1208,11 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra boolean configStateMismatch = false; Status protocolStatus = null; - + Status channelStatus = statusServiceInterface.getOrNull(customerId, equipmentId, StatusDataType.RADIO_CHANNEL); Status channelStatusClone = null; if (channelStatus != null) { - channelStatusClone = channelStatus.clone(); + channelStatusClone = channelStatus.clone(); } for (OpensyncAPRadioState radioState : radioStateTables) { @@ -1222,22 +1222,21 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra LOG.debug("Could not get radio configuration for AP {}", apId); continue; } - configStateMismatch = updateEquipmentConfigFromState(apId, apElementConfiguration, - radioState); + configStateMismatch = updateEquipmentConfigFromState(apId, apElementConfiguration, radioState); protocolStatus = updateProtocolStatus(customerId, equipmentId, radioState); - + channelStatus = updateChannelStatus(customerId, equipmentId, channelStatus, radioState); } if (protocolStatus != null) { statusServiceInterface.update(protocolStatus); } - + if (channelStatus != null && !Objects.equals(channelStatus, channelStatusClone)) { - LOG.debug("wifiRadioStatusDbTableUpdate update Channel Status before {} after {}", - channelStatusClone, channelStatus); - statusServiceInterface.update(channelStatus); + LOG.debug("wifiRadioStatusDbTableUpdate update Channel Status before {} after {}", channelStatusClone, + channelStatus); + statusServiceInterface.update(channelStatus); } if (configStateMismatch) { @@ -1253,16 +1252,16 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra } - private boolean updateEquipmentConfigFromState(String apId, ApElementConfiguration apElementConfiguration,OpensyncAPRadioState radioState) { + private boolean updateEquipmentConfigFromState(String apId, ApElementConfiguration apElementConfiguration, + OpensyncAPRadioState radioState) { if (apElementConfiguration.getRadioMap().containsKey(radioState.getFreqBand()) && apElementConfiguration.getRadioMap().get(radioState.getFreqBand()) != null) { if (radioState.getChannels() != null) { - return updateChannelPowerLevels(apId, apElementConfiguration, - radioState); + return updateChannelPowerLevels(apId, apElementConfiguration, radioState); } } - + return false; } @@ -1276,8 +1275,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails(); if (!protocolStatusData.getReportedCC().equals(CountryCode.getByName((radioState.getCountry())))) { - LOG.debug( - "Protocol Status reportedCC {} radioStatus.getCountry {} radioStatus CountryCode fromName {}", + LOG.debug("Protocol Status reportedCC {} radioStatus.getCountry {} radioStatus CountryCode fromName {}", protocolStatusData.getReportedCC(), radioState.getCountry(), CountryCode.getByName((radioState.getCountry()))); protocolStatusData.setReportedCC(CountryCode.getByName((radioState.getCountry()))); @@ -1290,25 +1288,26 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra } return protocolStatus; } - - private Status updateChannelStatus(int customerId, long equipmentId, Status channelStatus, OpensyncAPRadioState radioState) { - if (channelStatus == null) { - channelStatus = new Status(); - channelStatus.setCustomerId(customerId); - channelStatus.setEquipmentId(equipmentId); - channelStatus.setStatusDataType(StatusDataType.RADIO_CHANNEL); - EquipmentChannelStatusData channelStatusData = new EquipmentChannelStatusData(); - channelStatus.setDetails(channelStatusData); + + private Status updateChannelStatus(int customerId, long equipmentId, Status channelStatus, + OpensyncAPRadioState radioState) { + if (channelStatus == null) { + channelStatus = new Status(); + channelStatus.setCustomerId(customerId); + channelStatus.setEquipmentId(equipmentId); + channelStatus.setStatusDataType(StatusDataType.RADIO_CHANNEL); + EquipmentChannelStatusData channelStatusData = new EquipmentChannelStatusData(); + channelStatus.setDetails(channelStatusData); } - ((EquipmentChannelStatusData) channelStatus.getDetails()).getChannelNumberStatusDataMap().put( - radioState.getFreqBand(), radioState.getChannel()); - return channelStatus; + ((EquipmentChannelStatusData) channelStatus.getDetails()).getChannelNumberStatusDataMap() + .put(radioState.getFreqBand(), radioState.getChannel()); + return channelStatus; } private boolean updateChannelPowerLevels(String apId, ApElementConfiguration apElementConfiguration, OpensyncAPRadioState radioState) { - - boolean configStateMismatch=false; + + boolean configStateMismatch = false; Set channelPowerLevels = new HashSet<>(); radioState.getChannels().entrySet().stream().forEach(k -> { @@ -1320,8 +1319,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra ChannelPowerLevel cpl = new ChannelPowerLevel(); cpl.setChannelNumber(Integer.parseInt(channel)); cpl.setDfs(k.getKey().equals("radar_detection")); - if (radioState.getChannelMode() != null - && radioState.getChannelMode().equals("auto")) { + if (radioState.getChannelMode() != null && radioState.getChannelMode().equals("auto")) { cpl.setChannelWidth(-1); } else { switch (radioState.getHtMode()) { @@ -1351,8 +1349,9 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra } }); - if (!Objects.deepEquals(apElementConfiguration.getRadioMap().get(radioState.getFreqBand()) - .getAllowedChannelsPowerLevels(), channelPowerLevels)) { + if (!Objects.deepEquals( + apElementConfiguration.getRadioMap().get(radioState.getFreqBand()).getAllowedChannelsPowerLevels(), + channelPowerLevels)) { configStateMismatch = true; apElementConfiguration.getRadioMap().get(radioState.getFreqBand()) .setAllowedChannelsPowerLevels(channelPowerLevels); @@ -2393,11 +2392,84 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra @Override public void apcStateDbTableUpdate(Map apcStateAttributes, String apId, RowUpdateOperation rowUpdateOperation) { - if (rowUpdateOperation.equals(RowUpdateOperation.DELETE)) { - // TODO: clear protocol Status apcProxy info, send event - } else { - // TODO: Update protocol status for apcProxy, send event + + LOG.info("apcStateDbTableUpdate {} operations on AP {} with values {} ", rowUpdateOperation, apId, apcStateAttributes); + + OvsdbSession ovsdbSession = ovsdbSessionMapInterface.getSession(apId); + + if (ovsdbSession == null) { + LOG.info("apcStateDbTableUpdate::Cannot get Session for AP {}", apId); + return; + } + + int customerId = ovsdbSession.getCustomerId(); + long equipmentId = ovsdbSession.getEquipmentId(); + + if ((customerId < 0) || (equipmentId < 0)) { + LOG.info("apcStateDbTableUpdate::Cannot get valid CustomerId {} or EquipmentId {} for AP {}", customerId, + equipmentId, apId); + return; + } + + Equipment ce = equipmentServiceInterface.getByInventoryIdOrNull(apId); + + if (ce == null) { + LOG.info("apcStateDbTableUpdate::Cannot get Equipment for AP {}", apId); + return; + } + + if (rowUpdateOperation.equals(RowUpdateOperation.DELETE)) { + Status protocolStatus; + EquipmentProtocolStatusData protocolStatusData; + protocolStatus = statusServiceInterface.getOrNull(customerId, equipmentId, StatusDataType.PROTOCOL); + if (protocolStatus != null) { + protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails(); + protocolStatusData.setLastApcUpdate(System.currentTimeMillis()); + protocolStatusData.setIsApcConnected(false); + protocolStatusData.setReportedApcAddress(null); + protocolStatusData.setRadiusProxyAddress(null); + + protocolStatus.setDetails(protocolStatusData); + protocolStatus = statusServiceInterface.update(protocolStatus); + + LOG.info("apcStateDbTableUpdate for {} protocolStatus {}", rowUpdateOperation, protocolStatus); + } + } else { + try { + Status protocolStatus; + EquipmentProtocolStatusData protocolStatusData; + protocolStatus = statusServiceInterface.getOrNull(customerId, equipmentId, StatusDataType.PROTOCOL); + if (protocolStatus != null) { + protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails(); + protocolStatusData.setLastApcUpdate(System.currentTimeMillis()); + + if (apcStateAttributes.containsKey("mode")) { + String mode = apcStateAttributes.get("mode"); + if (mode.equals("DR")) { + String drAddr = apcStateAttributes.get("designatedRouterIp"); + protocolStatusData.setReportedApcAddress(InetAddress.getByName(drAddr)); + protocolStatusData.setRadiusProxyAddress(InetAddress.getByName(drAddr)); + protocolStatusData + .setIsApcConnected((drAddr == null || drAddr.equals("0.0.0.0")) ? false : true); + } else if (mode.equals("BDR")) { + String bdrAddr = apcStateAttributes.get("backupDesignatedRouterIp"); + protocolStatusData.setReportedApcAddress(InetAddress.getByName(bdrAddr)); + protocolStatusData.setRadiusProxyAddress(InetAddress.getByName(bdrAddr)); + protocolStatusData + .setIsApcConnected((bdrAddr == null || bdrAddr.equals("0.0.0.0")) ? false : true); + } else if (mode.equals("SR")) { + // TODO: do we set for this scenario? + } else if (mode.equals("NC")) { + protocolStatusData.setIsApcConnected(false); + } + } + protocolStatus.setDetails(protocolStatusData); + protocolStatus = statusServiceInterface.update(protocolStatus); + LOG.info("apcStateDbTableUpdate for {} protocolStatus {}", rowUpdateOperation, protocolStatus); + } + } catch (UnknownHostException e) { + LOG.error("Unknown host for radius proxy.", e); + } } - } } diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/TipWlanOvsdbClient.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/TipWlanOvsdbClient.java index 502be46..56e66e3 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/TipWlanOvsdbClient.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/TipWlanOvsdbClient.java @@ -39,6 +39,7 @@ import javax.annotation.PostConstruct; import java.security.cert.X509Certificate; import java.util.*; import java.util.concurrent.CompletableFuture; +import java.util.concurrent.ExecutionException; @Profile("ovsdb_manager") @Component @@ -239,6 +240,7 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface { ovsdbDao.removeAllSsids(ovsdbClient); // always ovsdbDao.removeAllInetConfigs(ovsdbClient); ovsdbDao.removeWifiRrm(ovsdbClient); + ovsdbDao.removeRadsecRadiusAndRealmConfigs(ovsdbClient); ovsdbDao.removeAllStatsConfigs(ovsdbClient); // always extIntegrationInterface.clearEquipmentStatus(apId); @@ -250,6 +252,7 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface { ovsdbDao.configureWifiRrm(ovsdbClient, opensyncAPConfig); ovsdbDao.configureGreTunnels(ovsdbClient, opensyncAPConfig); ovsdbDao.createVlanNetworkInterfaces(ovsdbClient, opensyncAPConfig); + ovsdbDao.configureRadsecRadiusAndRealm(ovsdbClient, opensyncAPConfig); ovsdbDao.configureSsids(ovsdbClient, opensyncAPConfig); if (opensyncAPConfig.getHotspotConfig() != null) { ovsdbDao.configureHotspots(ovsdbClient, opensyncAPConfig); @@ -312,13 +315,15 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface { ovsdbDao.removeAllSsids(ovsdbClient); // always ovsdbDao.removeAllInetConfigs(ovsdbClient); ovsdbDao.removeWifiRrm(ovsdbClient); + ovsdbDao.removeRadsecRadiusAndRealmConfigs(ovsdbClient); extIntegrationInterface.clearEquipmentStatus(apId); + ovsdbDao.configureNtpServer(ovsdbClient, opensyncAPConfig); ovsdbDao.configureWifiRrm(ovsdbClient, opensyncAPConfig); ovsdbDao.configureGreTunnels(ovsdbClient, opensyncAPConfig); ovsdbDao.createVlanNetworkInterfaces(ovsdbClient, opensyncAPConfig); - + ovsdbDao.configureRadsecRadiusAndRealm(ovsdbClient, opensyncAPConfig); ovsdbDao.configureSsids(ovsdbClient, opensyncAPConfig); if (opensyncAPConfig.getHotspotConfig() != null) { ovsdbDao.configureHotspots(ovsdbClient, opensyncAPConfig); @@ -407,6 +412,14 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface { } catch (OvsdbClientException e) { LOG.debug("Could not enable monitor for Node_State table. {}", e.getMessage()); } + + try { + if (ovsdbClient.getSchema(OvsdbDao.ovsdbName).get().getTables().containsKey("APC_State")) { + monitorAPCStateTable(ovsdbClient, key); + } + } catch (InterruptedException | ExecutionException | OvsdbClientException e) { + LOG.debug("Could not enable monitor for APC_State table. {}", e); + } LOG.debug("Finished (re)setting monitors for AP {}", key); } @@ -780,7 +793,28 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface { }); }); - nsCf.join(); + + + nsCf.join().getTableUpdates().forEach((key1, value) -> { + LOG.info("TableUpdate for {}", key1); + value.getRowUpdates().values().forEach(r -> { + + Map apcStateAttributes = ovsdbDao.getAPCState(r, key); + if (apcStateAttributes.isEmpty()) { + extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key, + RowUpdateOperation.DELETE); + } else if (r.getOld() == null) { + extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key, + RowUpdateOperation.INSERT); + } else { + extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key, + RowUpdateOperation.MODIFY); + } + + }); + + }); + } @Override diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java index d608228..7f3d59a 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java @@ -46,6 +46,8 @@ public class OvsdbDao extends OvsdbDaoBase { OvsdbCommandConfig ovsdbCommand; @Autowired OvsdbNodeConfig ovsdbNodeConfig; + @Autowired + OvsdbRadSecConfig ovsdbRadSecConfig; public String changeRedirectorAddress(OvsdbClient ovsdbClient, String apId, String newRedirectorAddress) { return ovsdbNode.changeRedirectorAddress(ovsdbClient, apId, newRedirectorAddress); @@ -86,6 +88,10 @@ public class OvsdbDao extends OvsdbDaoBase { ovsdbNodeConfig.configureNtpServer(ovsdbClient, opensyncAPConfig); } + public void configureRadsecRadiusAndRealm(OvsdbClient ovsdbClient, OpensyncAPConfig opensyncAPConfig) { + ovsdbRadSecConfig.configureRadiusAndRealm(ovsdbClient, opensyncAPConfig); + } + public void configureSsids(OvsdbClient ovsdbClient, OpensyncAPConfig opensyncAPConfig) { ovsdbSsid.configureSsids(ovsdbClient, opensyncAPConfig); } @@ -194,6 +200,10 @@ public class OvsdbDao extends OvsdbDaoBase { public void removeAllStatsConfigs(OvsdbClient ovsdbClient) { ovsdbStats.removeAllStatsConfigs(ovsdbClient); } + + public void removeRadsecRadiusAndRealmConfigs(OvsdbClient ovsdbClient) { + ovsdbRadSecConfig.removeRadiusAndRealmConfigurations(ovsdbClient); + } public void removeWifiRrm(OvsdbClient ovsdbClient) { ovsdbRrm.removeWifiRrm(ovsdbClient); diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbMonitor.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbMonitor.java index f829866..f05ac16 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbMonitor.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbMonitor.java @@ -170,15 +170,15 @@ public class OvsdbMonitor extends OvsdbDaoBase { } else { return List.of(); } - } - + } + Map getAPCState(RowUpdate rowUpdate, String apId) { Map ret = new HashMap<>(); if (rowUpdate.getNew() != null) { Row row = rowUpdate.getNew(); - ret.put("baseRouterIp", getSingleValueFromSet(row, "base_addr")); - ret.put("deputyRouterIp", getSingleValueFromSet(row, "dbr_addr")); - ret.put("enabled", getSingleValueFromSet(row, "enabled")); + ret.put("designatedRouterIp", getSingleValueFromSet(row, "dr_addr")); + ret.put("backupDesignatedRouterIp", getSingleValueFromSet(row, "bdr_addr")); + ret.put("enabled", getSingleValueFromSet(row, "enabled").toString()); ret.put("mode", getSingleValueFromSet(row, "mode")); } return ret; diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbRadSecConfig.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbRadSecConfig.java index 3233ada..41f71a7 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbRadSecConfig.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbRadSecConfig.java @@ -20,6 +20,7 @@ import com.vmware.ovsdb.exception.OvsdbClientException; import com.vmware.ovsdb.protocol.operation.Delete; import com.vmware.ovsdb.protocol.operation.Insert; import com.vmware.ovsdb.protocol.operation.Operation; +import com.vmware.ovsdb.protocol.operation.Update; import com.vmware.ovsdb.protocol.operation.notation.Atom; import com.vmware.ovsdb.protocol.operation.notation.Row; import com.vmware.ovsdb.protocol.operation.notation.Value; @@ -34,11 +35,32 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase { @Autowired OvsdbGet getProvisionedData; + void configureApc(OvsdbClient ovsdbClient, Boolean enable, List operations) { + try { + if (ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(apcConfigDbTable)) { + Map updateColumns = new HashMap<>(); + updateColumns.put("enabled", new Atom<>(enable)); + Row row = new Row(updateColumns); + Update update = new Update(apcConfigDbTable, row); + if (!operations.contains(update)) { + // only need to do 1 update of this kind + operations.add(new Update(apcConfigDbTable, row)); + } + } + } catch (InterruptedException | ExecutionException | OvsdbClientException e) { + LOG.error("Exception getting schema for ovsdb.", e); + throw new RuntimeException(e); + } + } + void configureRadiusAndRealm(OvsdbClient ovsdbClient, OpensyncAPConfig apConfig) { List operations = new ArrayList<>(); try { - configureRadiusServers(ovsdbClient, apConfig, operations); - configureRealmForRadiusServers(ovsdbClient, apConfig); + if ((ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(realmConfigDbTable) + && ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(radiusConfigDbTable))) { + configureRadiusServers(ovsdbClient, apConfig, operations); + configureRealmForRadiusServers(ovsdbClient, apConfig); + } } catch (OvsdbClientException | InterruptedException | ExecutionException | TimeoutException e) { LOG.error("Exception provisioning RadSecConfiguraitons.", e); throw new RuntimeException(e); @@ -51,13 +73,11 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase { .getRadSecConfigurations()) { Map updateColumns = new HashMap<>(); updateColumns.put("server", new Atom<>(rsc.getServer().getHostAddress())); - updateColumns.put("client_cert", - new Atom<>(externalFileStoreURL + rsc.getClientCert().getApExportUrl())); - updateColumns.put("radius_config_name", - new Atom<>(apConfig.getApProfile().getName() + "-" + rsc.getName())); + updateColumns.put("client_cert", new Atom<>(externalFileStoreURL + rsc.getClientCert().getApExportUrl())); + updateColumns.put("radius_config_name", new Atom<>(rsc.getName())); updateColumns.put("client_key", new Atom<>(externalFileStoreURL + rsc.getClientKey().getApExportUrl())); updateColumns.put("ca_cert", new Atom<>(externalFileStoreURL + rsc.getCaCert().getApExportUrl())); - updateColumns.put("passphrase", new Atom<>(rsc.getPassphrase())); + updateColumns.put("passpharase", new Atom<>(rsc.getPassphrase())); Row row = new Row(updateColumns); operations.add(new Insert(radiusConfigDbTable, row)); } @@ -84,11 +104,9 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase { for (RadSecConfiguration rsc : ((ApNetworkConfiguration) apConfig.getApProfile().getDetails()) .getRadSecConfigurations()) { Map updateColumns = new HashMap<>(); - updateColumns.put("server", - new Atom<>(radiusConfigs.get(apConfig.getApProfile().getName() + "-" + rsc.getName()).uuid)); + updateColumns.put("server", new Atom<>(radiusConfigs.get(rsc.getName()).uuid)); updateColumns.put("realm", new Atom<>(rsc.getRealm())); - updateColumns.put("realm_config_name", - new Atom<>(apConfig.getApProfile().getName() + "-" + rsc.getRealm())); + updateColumns.put("realm_config_name", new Atom<>(rsc.getName() + "_" + rsc.getRealm())); Row row = new Row(updateColumns); operations.add(new Insert(realmConfigDbTable, row)); } @@ -106,25 +124,29 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase { void removeRadiusAndRealmConfigurations(OvsdbClient ovsdbClient) { LOG.info("removeRadiusAndRealmConfigurations from {} {}", radiusConfigDbTable, realmConfigDbTable); try { - List operations = new ArrayList<>(); - operations.add(new Delete(realmConfigDbTable)); - operations.add(new Delete(radiusConfigDbTable)); - CompletableFuture fResult = ovsdbClient.transact(ovsdbName, operations); - OperationResult[] result = fResult.get(ovsdbTimeoutSec, TimeUnit.SECONDS); - for (OperationResult res : result) { - LOG.info("Op Result {}", res); - if (res instanceof UpdateResult) { - LOG.info("removeRadiusAndRealmConfigurations {}", res.toString()); - } else if (res instanceof ErrorResult) { - LOG.error("removeRadiusAndRealmConfigurations error {}", (res)); - throw new RuntimeException("removeRadiusAndRealmConfigurations " + ((ErrorResult) res).getError() - + " " + ((ErrorResult) res).getDetails()); + if ((ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(realmConfigDbTable) + && ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(radiusConfigDbTable))) { + List operations = new ArrayList<>(); + operations.add(new Delete(realmConfigDbTable)); + operations.add(new Delete(radiusConfigDbTable)); + CompletableFuture fResult = ovsdbClient.transact(ovsdbName, operations); + OperationResult[] result = fResult.get(ovsdbTimeoutSec, TimeUnit.SECONDS); + for (OperationResult res : result) { + LOG.info("Op Result {}", res); + if (res instanceof UpdateResult) { + LOG.info("removeRadiusAndRealmConfigurations {}", res.toString()); + } else if (res instanceof ErrorResult) { + LOG.error("removeRadiusAndRealmConfigurations error {}", (res)); + throw new RuntimeException("removeRadiusAndRealmConfigurations " + + ((ErrorResult) res).getError() + " " + ((ErrorResult) res).getDetails()); + } } + LOG.info("Removed all radius and realm configurations"); } - LOG.info("Removed all radius and realm configurations"); } catch (OvsdbClientException | TimeoutException | ExecutionException | InterruptedException e) { LOG.error("Error in removeRadiusAndRealmConfigurations", e); throw new RuntimeException(e); } } + } diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfig.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfig.java index 89d4a4f..8e7f5d5 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfig.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfig.java @@ -58,6 +58,8 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { OvsdbNetworkConfig networkConfig; @Autowired OvsdbNode ovsdbNode; + @Autowired + OvsdbRadSecConfig radsecConfig; protected void getEnabledRadios(OvsdbClient ovsdbClient, List radios) { try { @@ -217,6 +219,10 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { customOptions.put("client_ul_limit", String.valueOf(clientUlLimit * 1000)); customOptions.put("rts_threshold", String.valueOf(rtsCtsThreshold)); } + + void configureCustomOptionsForUseRadSecProxy(boolean useradsec, Map customOptions) { + customOptions.put("radsecproxy", useradsec ? "1" : "0"); + } /** * Populate the various fields in the custom_options column of the @@ -236,12 +242,16 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { * @param radiusOperatorName * @param updateColumns * @param dynamicVlan + * @param radsecproxy TODO */ void configureCustomOptionsForSsid(OvsdbClient ovsdbClient, boolean enable80211k, boolean rateLimitEnable, int ssidDlLimit, int ssidUlLimit, int clientDlLimit, int clientUlLimit, int rtsCtsThreshold, int dtimPeriod, String radiusNasId, String radiusNasIp, String radiusOperatorName, Map updateColumns, - int dynamicVlan) { + int dynamicVlan, Boolean radsecproxy) { Map customOptions = new HashMap<>(); + + configureCustomOptionsForUseRadSecProxy(radsecproxy, customOptions); + configureCustomOptionsForRatesAndLimits(rateLimitEnable, ssidDlLimit, ssidUlLimit, clientDlLimit, clientUlLimit, rtsCtsThreshold, customOptions); @@ -264,7 +274,7 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { List macBlockList, boolean rateLimitEnable, int ssidDlLimit, int ssidUlLimit, int clientDlLimit, int clientUlLimit, int rtsCtsThreshold, int dtimPeriod, Map captiveMap, List walledGardenAllowlist, String radiusNasId, String radiusNasIp, String radiusOperatorName, - String greTunnelName, int dynamicVlan, List operations) { + String greTunnelName, int dynamicVlan, Boolean useradsec, Boolean useRadiusProxy, List operations) { Map updateColumns = new HashMap<>(); // If we are doing a NAT SSID, no bridge, else yes @@ -325,7 +335,7 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { updateColumns.put("security", securityMap); configureCustomOptionsForSsid(ovsdbClient, enable80211k, rateLimitEnable, ssidDlLimit, ssidUlLimit, clientDlLimit, clientUlLimit, rtsCtsThreshold, dtimPeriod, radiusNasId, radiusNasIp, radiusOperatorName, - updateColumns, dynamicVlan); + updateColumns, dynamicVlan, useRadiusProxy); updateBlockList(updateColumns, macBlockList); Row row = new Row(updateColumns); operations.add(new Insert(wifiVifConfigDbTable, row)); @@ -546,16 +556,30 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { interfacesPerFreqBand.put(freqBand, 1); } + boolean useradsec = false; + if (ssidConfig.getUseRadSec() != null) { + useradsec = ssidConfig.getUseRadSec(); + } + boolean useRadiusProxy = false; + if (ssidConfig.getUseRadiusProxy() != null) { + useRadiusProxy = ssidConfig.getUseRadiusProxy(); + } try { configureSingleSsid(ovsdbClient, ifName, ssidConfig.getSsid(), ssidBroadcast, security, vlanId, rrmEnabled, enable80211r, mobilityDomain, enable80211v, enable80211k, minHwMode, enabled, keyRefresh, uapsdEnabled, apBridge, ssidConfig.getForwardMode(), macBlockList, rateLimitEnable, ssidDlLimit, ssidUlLimit, clientDlLimit, clientUlLimit, rtsCtsThreshold, dtimPeriod, captiveMap, walledGardenAllowlist, radiusNasId, radiusNasIp, radiusOperName, - greTunnelName, dynamicVlan, operations); + greTunnelName, dynamicVlan, useradsec, useRadiusProxy, operations); networkConfig.configureInetVifInterface(ovsdbClient, ifName, enabled, ssidConfig.getForwardMode(), operations); + + if (useRadiusProxy) { + // make sure it's enabled if we are going to use it + radsecConfig.configureApc(ovsdbClient, useRadiusProxy,operations); + } + } catch (IllegalStateException e) { // could not provision this SSID, but still can go on LOG.warn("could not provision SSID {} on {}", ssidConfig.getSsid(), freqBand); @@ -676,21 +700,22 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { captiveMap.put("authentication", getCaptiveAuthentication(captiveProfileDetails.getAuthenticationType())); if (!externalFileStoreURL.endsWith("/filestore/")) { - externalFileStoreURL = externalFileStoreURL + "/filestore/"; + externalFileStoreURL = externalFileStoreURL + "/filestore/"; } - if (captiveProfileDetails.getAuthenticationType().equals(CaptivePortalAuthenticationType.username)) { + if (captiveProfileDetails.getAuthenticationType() + .equals(CaptivePortalAuthenticationType.username)) { // create a user/password file for the AP to pull - Path userFilepath = createCaptivePortalUserFile(captiveProfileDetails.getUserList(),profileCaptive.getId()); + Path userFilepath = createCaptivePortalUserFile(captiveProfileDetails.getUserList(), + profileCaptive.getId()); ManagedFileInfo mfi = new ManagedFileInfo(); mfi.setFileCategory(FileCategory.UsernamePasswordList); mfi.setFileType(FileType.TEXT); mfi.setApExportUrl(userFilepath.getFileName().toString()); - captiveMap - .put("username_password_file", externalFileStoreURL + mfi.getApExportUrl()); + captiveMap.put("username_password_file", externalFileStoreURL + mfi.getApExportUrl()); } if (captiveProfileDetails.getLogoFile() != null) { - captiveMap.put("splash_page_logo", externalFileStoreURL + - captiveProfileDetails.getLogoFile().getApExportUrl()); + captiveMap.put("splash_page_logo", + externalFileStoreURL + captiveProfileDetails.getLogoFile().getApExportUrl()); } if (captiveProfileDetails.getBackgroundFile() != null) { captiveMap.put("splash_page_background_logo", @@ -787,10 +812,17 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails()); RadiusServer rServer = profileDetails.getPrimaryRadiusAccountingServer(); if (rServer != null) { - security.put("radius_acct_ip", - rServer.getIpAddress() != null ? rServer.getIpAddress().getHostAddress() : null); - security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null); - security.put("radius_acct_secret", rServer.getSecret()); + if (ssidConfig.getUseRadSec()) { + security.put("radius_acct_ip", + "127.0.0.1"); + security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null); + security.put("radius_acct_secret", "secret"); + } else { + security.put("radius_acct_ip", + rServer.getIpAddress() != null ? rServer.getIpAddress().getHostAddress() : null); + security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null); + security.put("radius_acct_secret", rServer.getSecret()); + } if (ssidConfig.getRadiusAcountingServiceInterval() != null) { // if the value is present, use the // radius_acct_interval @@ -831,11 +863,19 @@ public class OvsdbSsidConfig extends OvsdbDaoBase { Profile profileRadius = radiusProfileList.get(0); RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails()); RadiusServer radiusServer = profileDetails.getPrimaryRadiusAuthServer(); - security.put("radius_server_ip", - radiusServer.getIpAddress() != null ? radiusServer.getIpAddress().getHostAddress() : null); - security.put("radius_server_port", - radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null); - security.put("radius_server_secret", radiusServer.getSecret()); + if (ssidConfig.getUseRadSec()) { + security.put("radius_server_ip", + "127.0.0.1"); + security.put("radius_server_port", + radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null); + security.put("radius_server_secret", "secret"); + } else { + security.put("radius_server_ip", + radiusServer.getIpAddress() != null ? radiusServer.getIpAddress().getHostAddress() : null); + security.put("radius_server_port", + radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null); + security.put("radius_server_secret", radiusServer.getSecret()); + } LOG.info("set Radius server attributes radius_server_ip {} radius_server_port {} radius_server_secret {}", security.get("radius_server_ip"), security.get("radius_server_port"), security.get("radius_server_secret")); diff --git a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java index defc4e2..63f00b9 100644 --- a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java +++ b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java @@ -67,7 +67,7 @@ import com.vmware.ovsdb.service.OvsdbClient; @Import(value = { OvsdbDao.class, OvsdbDaoTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class, OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class, OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class, - OvsdbNodeConfig.class + OvsdbNodeConfig.class,OvsdbRadSecConfig.class }) public class OvsdbDaoTest { @@ -147,6 +147,8 @@ public class OvsdbDaoTest { OvsdbCommandConfig ovsdbCommand; @Autowired OvsdbNodeConfig ovsdbNodeConfig; + @Autowired + OvsdbRadSecConfig ovsdbRadSecConfig; @MockBean(answer = Answers.RETURNS_MOCKS) OvsdbGet ovsdbGet; diff --git a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbNodeTest.java b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbNodeTest.java index b6a26d9..fb05e94 100644 --- a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbNodeTest.java +++ b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbNodeTest.java @@ -36,7 +36,7 @@ import com.vmware.ovsdb.service.OvsdbClient; @Import(value = { OvsdbDao.class, OvsdbNodeTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class, OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class, OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class, - OvsdbNodeConfig.class + OvsdbNodeConfig.class,OvsdbRadSecConfig.class }) public class OvsdbNodeTest { @@ -77,6 +77,8 @@ public class OvsdbNodeTest { OvsdbCommandConfig ovsdbCommand; @Autowired OvsdbNodeConfig ovsdbNodeConfig; + @Autowired + OvsdbRadSecConfig ovsdbRadSecConfig; @MockBean(answer = Answers.RETURNS_MOCKS) OvsdbGet ovsdbGet; diff --git a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfigTest.java b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfigTest.java index ed85a4b..75835da 100644 --- a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfigTest.java +++ b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfigTest.java @@ -41,7 +41,7 @@ import com.vmware.ovsdb.service.OvsdbClient; @Import(value = { OvsdbDao.class, OvsdbSsidConfigTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class, OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class, OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class, - OvsdbNodeConfig.class + OvsdbNodeConfig.class,OvsdbRadSecConfig.class }) public class OvsdbSsidConfigTest { @@ -82,7 +82,8 @@ public class OvsdbSsidConfigTest { OvsdbCommandConfig ovsdbCommand; @Autowired OvsdbNodeConfig ovsdbNodeConfig; - + @Autowired + OvsdbRadSecConfig ovsdbRadSecConfig; @MockBean(answer = Answers.RETURNS_MOCKS) OvsdbGet ovsdbGet;