Chg: update image tag in helm values to v2.7.1

https://telecominfraproject.atlassian.net/browse/WIFI-11226

CMakeLists.txt

@@ -1,5 +1,5 @@
 cmake_minimum_required(VERSION 3.13)
-project(owgw VERSION 2.7.0)
+project(owgw VERSION 2.7.1)
 
 set(CMAKE_CXX_STANDARD 17)
 

Dockerfile

@@ -1,4 +1,4 @@
-ARG DEBIAN_VERSION=11.4-slim
+ARG DEBIAN_VERSION=11.5-slim
 ARG POCO_VERSION=poco-tip-v1
 ARG FMTLIB_VERSION=9.0.0
 ARG CPPKAFKA_VERSION=tip-v1

README.md

@@ -119,54 +119,61 @@ cmake ..
 make
 
 ```
- 
-### OSX Build
-The following instructions have proven to work on OSX Big Sur. You need to install [Homebrew](https://brew.sh/). You must also have installed [XCode for OS X](https://www.freecodecamp.org/news/how-to-download-and-install-xcode/).
+
+### macOS Build
+The following instructions have proven to work on macOS Big Sur. You need to install [Homebrew](https://brew.sh/). You must also have installed [XCode for OS X](https://www.freecodecamp.org/news/how-to-download-and-install-xcode/).
 ```
-brew install openssl
-brew install cmake
-brew install libpq
-brew install mysql-client
-brew install apr
-brew install apr-util
-brew install boost
-brew install yaml-cpp
-brew install postgresql
-brew install librdkafka
-brew install nlohmann-json
+brew install openssl \
+	cmake \
+	libpq \
+	mysql-client \
+	apr \
+	apr-util \
+	boost \
+	yaml-cpp \
+	postgresql \
+	librdkafka \
+	nlohmann-json \
+	fmt
 
 git clone https://github.com/AriliaWireless/poco --branch poco-tip-v1
-cd poco
+pushd poco
 mkdir cmake-build
-cd cmake-build
-cmake ..
+push cmake-build
+cmake -DOPENSSL_ROOT_DIR=</path/to/openssl> -DENABLE_NETSSL=1 -DENABLE_JWT=1 -DENABLE_CRYPTO=1 ..
 cmake --build . --config Release
 sudo cmake --build . --target install
+popd
+popd
 
 git clone https://github.com/AriliaWireless/cppkafka --branch tip-v1
-cd cppkafka
+pushd cppkafka
 mkdir cmake-build
-cd cmake-build
+pushd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
+popd
+popd
 
-cd ~
 git clone https://github.com/pboettch/json-schema-validator.git --branch 2.1.0
-cd json-schema-validator
+pushd json-schema-validator
 mkdir cmake-build
-cd cmake-build
+pushd cmake-build
 cmake ..
 make -j
 sudo make install
+popd
+popd
 
-cd ~
 git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralgw
-cd wlan-cloud-ucentralgw
+pushd wlan-cloud-ucentralgw
 mkdir cmake-build
-cd cmake-build
+pushd cmake-build
 cmake ..
 make -j
+popd
+popd
 ```
 
 ### Raspberry

build

@@ -1 +1 @@
-148
+6

cmake-build-debug/rdkafka_version_test.cpp

@@ -1,4 +0,0 @@
-#include <librdkafka/rdkafka.h>
- #if RD_KAFKA_VERSION >= 0x00090400
- int main() { }
- #endif

config.yaml

@@ -1,26 +0,0 @@
-tip:
-  port: 6051
-  server: ssc.wlan.local
-  username: support@example.com
-  password: support
-
-certificates:
-  keyfile: keyfile.pem
-  certfile: certfile.pem
-  password: mypassword
-
-ucentral:
-  port: 1991
-  listeners: 100
-
-logger:
-  size: 10
-  days: 31
-
-ui:
-  port: 9771
-  username: support@example.com
-  password: support
-
-
-

docker_build.sh

@@ -1,14 +0,0 @@
-USERNAME=arilia
-HUBNAME=tip-tip-wlan-cloud-ucentral.jfrog.io
-IMAGE_NAME=ucentralgw
-
-echo "Removing docker images before build..."
-docker rmi -f $(docker images -a -q)
-echo "Building $IMAGE_NAME image..."
-docker build --no-cache --tag $IMAGE_NAME .
-IMAGE_ID=`docker images -q $IMAGE_NAME`
-docker login --username=$USERNAME $HUBNAME
-docker tag $IMAGE_ID $HUBNAME/$IMAGE_NAME:latest
-echo "Updating $HUBNAME with the latest $IMAGE_NAME image..."
-docker push $HUBNAME/$IMAGE_NAME
-docker logout $HUBNAME

docker_clean.sh

@@ -1,5 +0,0 @@
-#!/bin/sh
-
-# Removes all local images. This is dangerous but good when debugging
-docker rmi -f $(docker images -a -q)
-

docker_run.sh

@@ -1,43 +0,0 @@
-#!/bin/sh
-
-HUBNAME=tip-tip-wlan-cloud-ucentral.jfrog.io
-IMAGE_NAME=ucentralgw
-DOCKER_NAME=$HUBNAME/$IMAGE_NAME:master
-
-CONTAINER_NAME=ucentralgw
-
-#stop previously running images
-docker container stop $CONTAINER_NAME
-docker container rm $CONTAINER_NAME --force
-
-if [[ ! -d logs ]]
-then
-    mkdir logs
-fi
-
-if [[ ! -d uploads ]]
-then
-    mkdir uploads
-fi
-
-if [[ ! -d certs ]]
-then
-  echo "certs directory does not exist. Please create and add the proper certificates."
-  exit 1
-fi
-
-if [[ ! -f owgw.properties ]]
-then
-  echo "Configuration file ucentral.properties is missing in the current directory"
-  exit 2
-fi
-
-docker run -d -p 15002:15002 \
-              -p 16001:16001 \
-              -p 16003:16003 \
-              --init \
-              --volume="$PWD:/ucentral-data" \
-              -e UCENTRALGW_ROOT="/ucentral-data" \
-              -e UCENTRALGW_CONFIG="/ucentral-data" \
-              --name="ucentralgw" $DOCKER_NAME
-

helm/values.yaml

@@ -9,7 +9,7 @@ fullnameOverride: ""
 images:
   owgw:
     repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
-    tag: v2.7.0
+    tag: v2.7.1
     pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -296,7 +296,7 @@ configProperties:
   # Logging
   logging.type: console
   logging.path: $OWGW_ROOT/logs
-  logging.level: information
+  logging.level: debug
   # Archiving
   archiver.enabled: "true"
   archiver.schedule: 03:00

pcap/radius

@@ -1,41 +0,0 @@
-/* Frame (255 bytes) */
-static const unsigned char pkt41[255] = {
-0x14, 0x98, 0x77, 0x71, 0xc6, 0xe7, 0x34, 0xef, /* ..wq..4. */
-0xb6, 0xaf, 0x4a, 0x5c, 0x08, 0x00, 0x45, 0x00, /* ..J\..E. */
-0x00, 0xf1, 0x87, 0x50, 0x00, 0x00, 0x40, 0x11, /* ...P..@. */
-0x0c, 0xdf, 0xc0, 0xa8, 0xb2, 0x1b, 0xc0, 0xa8, /* ........ */
-0xb2, 0x60, 0xc3, 0xfe, 0x07, 0x14, 0x00, 0xdd, /* .`...... */
-0x26, 0x63, 0x01, 0x04, 0x00, 0xd5, 0xcc, 0x29, /* &c.....) */
-0x82, 0x36, 0xd6, 0x57, 0x3d, 0xa7, 0xd5, 0x62, /* .6.W=..b */
-0x70, 0x12, 0x00, 0xc0, 0xf2, 0x19, 0x01, 0x03, /* p....... */
-0x61, 0x1e, 0x1c, 0x33, 0x34, 0x2d, 0x45, 0x46, /* a..34-EF */
-0x2d, 0x42, 0x36, 0x2d, 0x41, 0x46, 0x2d, 0x34, /* -B6-AF-4 */
-0x41, 0x2d, 0x36, 0x30, 0x3a, 0x4f, 0x70, 0x65, /* A-60:Ope */
-0x6e, 0x57, 0x69, 0x66, 0x69, 0x3d, 0x06, 0x00, /* nWifi=.. */
-0x00, 0x00, 0x13, 0x06, 0x06, 0x00, 0x00, 0x00, /* ........ */
-0x02, 0x05, 0x06, 0x00, 0x00, 0x00, 0x01, 0x1f, /* ........ */
-0x13, 0x42, 0x36, 0x2d, 0x43, 0x34, 0x2d, 0x30, /* .B6-C4-0 */
-0x36, 0x2d, 0x30, 0x39, 0x2d, 0x31, 0x35, 0x2d, /* 6-09-15- */
-0x42, 0x37, 0x4d, 0x18, 0x43, 0x4f, 0x4e, 0x4e, /* B7M.CONN */
-0x45, 0x43, 0x54, 0x20, 0x35, 0x34, 0x4d, 0x62, /* ECT 54Mb */
-0x70, 0x73, 0x20, 0x38, 0x30, 0x32, 0x2e, 0x31, /* ps 802.1 */
-0x31, 0x61, 0x2c, 0x12, 0x33, 0x42, 0x45, 0x44, /* 1a,.3BED */
-0x37, 0x32, 0x39, 0x30, 0x44, 0x30, 0x43, 0x38, /* 7290D0C8 */
-0x35, 0x36, 0x44, 0x33, 0xba, 0x06, 0x00, 0x0f, /* 56D3.... */
-0xac, 0x04, 0xbb, 0x06, 0x00, 0x0f, 0xac, 0x04, /* ........ */
-0xbc, 0x06, 0x00, 0x0f, 0xac, 0x05, 0xbd, 0x06, /* ........ */
-0x00, 0x0f, 0xac, 0x06, 0x1a, 0x1b, 0x00, 0x00, /* ........ */
-0xe6, 0x08, 0x47, 0x15, 0x01, 0x13, 0x33, 0x34, /* ..G...34 */
-0x2d, 0x65, 0x66, 0x2d, 0x62, 0x36, 0x2d, 0x61, /* -ef-b6-a */
-0x66, 0x2d, 0x34, 0x61, 0x2d, 0x35, 0x63, 0x0c, /* f-4a-5c. */
-0x06, 0x00, 0x00, 0x05, 0x78, 0x4f, 0x08, 0x02, /* ....xO.. */
-0x01, 0x00, 0x06, 0x01, 0x61, 0x50, 0x12, 0x20, /* ....aP.  */
-0x9c, 0xae, 0xe5, 0xe3, 0x77, 0xaf, 0x0b, 0x1b, /* ....w... */
-0xaf, 0x0e, 0xb5, 0x08, 0x82, 0x9e, 0xeb        /* ....... */
-};
-
-/* Reassembled EAP (6 bytes) */
-static const unsigned char pkt41_1[6] = {
-0x02, 0x01, 0x00, 0x06, 0x01, 0x61              /* .....a */
-};
-

pcap/radius.blob.bin

@@ -1 +0,0 @@
-192.168.178.1

run.sh

@@ -1,24 +0,0 @@
-#!/bin/bash
-
-daemon=ucentralgw
-
-if [[ "$1" == "aws" ]]
-then
-	cp ${daemon}.properties.aws ${daemon}.properties
-	. ./set_env.sh
-	cd cmake-build
-	./${daemon} --daemon
-	echo "Running AWS version as daemon..."
-fi
-
-if [[ "$1" == "priv" ]]
-then
-  cp ${daemon}.properties.priv ${daemon}.properties
-  . ./set_env.sh
-  cd cmake-build
-  ./${daemon} --daemon
-  echo "Running private version as daemon..."
-fi
-
-
-

src/AP_WS_Connection.cpp

@@ -209,7 +209,6 @@ namespace OpenWifi {
 	}
 
 	AP_WS_Connection::~AP_WS_Connection() {
-		std::cout << "Deleting session=" << State_.sessionId << std::endl;
 		Valid_=false;
 		EndConnection();
 	}

src/AP_WS_Process_connect.cpp

@@ -52,10 +52,16 @@ void AP_WS_Connection::Process_connect(Poco::JSON::Object::Ptr ParamsObj, const
 			StorageService()->UpdateDeviceCapabilities(SerialNumber_, CapabilitiesString,
 													   Compatible_);
 			bool Updated = false;
-			if(!Firmware.empty() && Firmware!=DeviceInfo.Firmware) {
-				DeviceInfo.Firmware = Firmware;
-				Updated = true;
-				WebSocketClientNotificationDeviceFirmwareUpdated(SerialNumber_, Firmware);
+			if(!Firmware.empty()) {
+				if(Firmware!=DeviceInfo.Firmware) {
+					DeviceInfo.Firmware = Firmware;
+					DeviceInfo.LastFWUpdate = OpenWifi::Now();
+					Updated = true;
+					WebSocketClientNotificationDeviceFirmwareUpdated(SerialNumber_, Firmware);
+				} else if(DeviceInfo.LastFWUpdate==0) {
+					DeviceInfo.LastFWUpdate = OpenWifi::Now();
+					Updated = true;
+				}
 			}
 
 			if(DeviceInfo.locale != State_.locale) {

src/RADIUS_proxy_server.cpp

@@ -146,7 +146,7 @@ namespace OpenWifi {
 		auto CallingStationID = P.ExtractCallingStationID();
 		auto CalledStationID = P.ExtractCalledStationID();
 
-		poco_information(Logger(), fmt::format("Accounting Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
+		poco_debug(Logger(), fmt::format("Accounting Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
 		AP_WS_Server()->SendRadiusAccountingData(SerialNumber,P.Buffer(),P.Size());
 	}
 
@@ -168,7 +168,7 @@ namespace OpenWifi {
 		auto CallingStationID = P.ExtractCallingStationID();
 		auto CalledStationID = P.ExtractCalledStationID();
 
-		poco_information(Logger(), fmt::format("Authentication Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
+		poco_debug(Logger(), fmt::format("Authentication Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
 		AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber,P.Buffer(),P.Size());
 	}
 
@@ -190,42 +190,61 @@ namespace OpenWifi {
 		auto CallingStationID = P.ExtractCallingStationID();
 		auto CalledStationID = P.ExtractCalledStationID();
 
-		poco_information(Logger(), fmt::format("CoA Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
+		poco_debug(Logger(), fmt::format("CoA Packet received for {}, CalledStationID: {}, CallingStationID:{}",SerialNumber, CalledStationID, CallingStationID));
 		AP_WS_Server()->SendRadiusCoAData(SerialNumber,P.Buffer(),P.Size());
 	}
 
 	void RADIUS_proxy_server::SendAccountingData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty())
+		if(Pools_.empty() || !enabled_)
 			return;
 
-		RADIUS::RadiusPacket	P((unsigned char *)buffer,size);
-		auto Destination = P.ExtractProxyStateDestination();
-		auto CallingStationID = P.ExtractCallingStationID();
-		auto CalledStationID = P.ExtractCalledStationID();
-		Poco::Net::SocketAddress	Dst(Destination);
+		try {
+			RADIUS::RadiusPacket P((unsigned char *)buffer, size);
+			auto Destination = P.ExtractProxyStateDestination();
+			auto CallingStationID = P.ExtractCallingStationID();
+			auto CalledStationID = P.ExtractCalledStationID();
+			Poco::Net::SocketAddress Dst(Destination);
 
-		std::lock_guard	G(Mutex_);
-		bool UseRADSEC = false;
-		auto FinalDestination = Route(radius_type::acct, Dst, P, UseRADSEC);
-		if(UseRADSEC) {
-			Poco::Net::SocketAddress	RSP(FinalDestination.host(),0);
-			auto DestinationServer = RADSECservers_.find(RSP);
-			if(DestinationServer!=end(RADSECservers_)) {
-				DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer, size);
-			}
-		} else {
-			auto AllSent =
-				SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *AccountingSocketV4_
-																		: *AccountingSocketV6_,
-						 (const unsigned char *)buffer, size, FinalDestination);
-			if (!AllSent)
-				poco_error(Logger(),fmt::format("{}: Could not send Accounting packet packet to {}.",
+			std::lock_guard G(Mutex_);
+			bool UseRADSEC = false;
+			auto FinalDestination = Route(radius_type::acct, Dst, P, UseRADSEC);
+			if (UseRADSEC) {
+				Poco::Net::SocketAddress RSP(FinalDestination.host(), 0);
+				auto DestinationServer = RADSECservers_.find(RSP);
+				if (DestinationServer != end(RADSECservers_)) {
+					DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer,
+														size);
+				}
+			} else {
+				if ((Dst.family() == Poco::Net::SocketAddress::IPv4 &&
+					 AccountingSocketV4_ == nullptr) ||
+					(Dst.family() == Poco::Net::SocketAddress::IPv6 &&
+					 AccountingSocketV6_ == nullptr)) {
+					poco_debug(
+						Logger(),
+						fmt::format(
+							"ACCT: Trying to use RADIUS GW PROXY but not configured. Device={}",
+							serialNumber));
+					return;
+				}
+				auto AllSent =
+					SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *AccountingSocketV4_
+																			: *AccountingSocketV6_,
+							 (const unsigned char *)buffer, size, FinalDestination);
+				if (!AllSent)
+					poco_error(Logger(),
+							   fmt::format("{}: Could not send Accounting packet packet to {}.",
 										   serialNumber, Destination));
-			else
-				poco_information(Logger(), fmt::format(
-					"{}: Sending Accounting Packet to {}, CalledStationID: {}, CallingStationID:{}",
-					serialNumber, FinalDestination.toString(), CalledStationID, CallingStationID));
+				else
+					poco_debug(Logger(), fmt::format("{}: Sending Accounting Packet to {}, CalledStationID: {}, CallingStationID:{}",
+													 serialNumber, FinalDestination.toString(),
+													 CalledStationID, CallingStationID));
+			}
+		} catch (const Poco::Exception &E) {
+			Logger().log(E);
+		} catch (...) {
+			poco_warning(Logger(),fmt::format("Bad RADIUS ACCT Packet from {}. Dropped.",serialNumber));
 		}
 	}
 
@@ -235,71 +254,100 @@ namespace OpenWifi {
 
 	void RADIUS_proxy_server::SendAuthenticationData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty())
+		if(Pools_.empty() || !enabled_)
 			return;
 
-		RADIUS::RadiusPacket	P((unsigned char *)buffer,size);
-		auto Destination = P.ExtractProxyStateDestination();
-		auto CallingStationID = P.ExtractCallingStationID();
-		auto CalledStationID = P.ExtractCalledStationID();
-		Poco::Net::SocketAddress	Dst(Destination);
+		try {
+			RADIUS::RadiusPacket	P((unsigned char *)buffer,size);
+			auto Destination = P.ExtractProxyStateDestination();
+			auto CallingStationID = P.ExtractCallingStationID();
+			auto CalledStationID = P.ExtractCalledStationID();
+			Poco::Net::SocketAddress	Dst(Destination);
 
-		std::lock_guard	G(Mutex_);
-		bool UseRADSEC = false;
-		auto FinalDestination = Route(radius_type::auth, Dst, P, UseRADSEC);
-		if(UseRADSEC) {
-			Poco::Net::SocketAddress	RSP(FinalDestination.host(),0);
-			auto DestinationServer = RADSECservers_.find(RSP);
-			if(DestinationServer!=end(RADSECservers_)) {
-				DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer, size);
-			}
-		} else {
-			auto AllSent =
-				SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *AuthenticationSocketV4_
-																		: *AuthenticationSocketV6_,
-						 (const unsigned char *)buffer, size, FinalDestination);
-			if (!AllSent)
-				poco_error(Logger(),fmt::format("{}: Could not send Authentication packet packet to {}.",
+			std::lock_guard	G(Mutex_);
+			bool UseRADSEC = false;
+			auto FinalDestination = Route(radius_type::auth, Dst, P, UseRADSEC);
+			if(UseRADSEC) {
+				Poco::Net::SocketAddress	RSP(FinalDestination.host(),0);
+				auto DestinationServer = RADSECservers_.find(RSP);
+				if(DestinationServer!=end(RADSECservers_)) {
+					DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer, size);
+				}
+			} else {
+				if ((Dst.family() == Poco::Net::SocketAddress::IPv4 &&
+					 AuthenticationSocketV4_ == nullptr) ||
+					(Dst.family() == Poco::Net::SocketAddress::IPv6 &&
+					 AuthenticationSocketV6_ == nullptr)) {
+					poco_debug(
+						Logger(),
+						fmt::format("AUTH: Trying to use RADIUS GW PROXY but not configured. Device={}",
+									serialNumber));
+					return;
+				}
+				auto AllSent =
+					SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *AuthenticationSocketV4_
+																			: *AuthenticationSocketV6_,
+							 (const unsigned char *)buffer, size, FinalDestination);
+				if (!AllSent)
+					poco_error(Logger(),
+							   fmt::format("{}: Could not send Authentication packet packet to {}.",
 										   serialNumber, Destination));
-			else
-				poco_information(Logger(), fmt::format("{}: Sending Authentication Packet to {}, CalledStationID: {}, CallingStationID:{}",
-												 serialNumber, FinalDestination.toString(),
-												 CalledStationID, CallingStationID));
+				else
+					poco_debug(Logger(), fmt::format("{}: Sending Authentication Packet to {}, CalledStationID: {}, CallingStationID:{}",
+													 serialNumber, FinalDestination.toString(),
+													 CalledStationID, CallingStationID));
+			}
+		} catch (const Poco::Exception &E) {
+			Logger().log(E);
+		} catch (...) {
+			poco_warning(Logger(),fmt::format("Bad RADIUS AUTH Packet from {}. Dropped.",serialNumber));
 		}
+
 	}
 
 	void RADIUS_proxy_server::SendCoAData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty())
+		if(Pools_.empty() || !enabled_)
 			return;
 
-		RADIUS::RadiusPacket	P((unsigned char *)buffer,size);
-		auto Destination = P.ExtractProxyStateDestination();
+		try {
+			RADIUS::RadiusPacket	P((unsigned char *)buffer,size);
+			auto Destination = P.ExtractProxyStateDestination();
 
-		if(Destination.empty()) {
-			Destination = "0.0.0.0:0";
-		}
-
-		Poco::Net::SocketAddress	Dst(Destination);
-		std::lock_guard	G(Mutex_);
-		bool UseRADSEC = false;
-		auto FinalDestination = Route(radius_type::coa, Dst, P, UseRADSEC);
-		if(UseRADSEC) {
-			Poco::Net::SocketAddress	RSP(FinalDestination.host(),0);
-			auto DestinationServer = RADSECservers_.find(RSP);
-			if(DestinationServer!=end(RADSECservers_)) {
-				DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer, size);
+			if(Destination.empty()) {
+				Destination = "0.0.0.0:0";
 			}
-		} else {
-			auto AllSent = SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *CoASocketV4_
-																				   : *CoASocketV6_,
-									(const unsigned char *)buffer, size, FinalDestination);
-			if (!AllSent)
-				poco_error(Logger(),fmt::format("{}: Could not send CoA packet packet to {}.",
-										   serialNumber, Destination));
-			else
-				poco_information(Logger(), fmt::format("{}: Sending CoA Packet to {}", serialNumber,
-												 FinalDestination.toString()));
+
+			Poco::Net::SocketAddress	Dst(Destination);
+			std::lock_guard	G(Mutex_);
+			bool UseRADSEC = false;
+			auto FinalDestination = Route(radius_type::coa, Dst, P, UseRADSEC);
+			if(UseRADSEC) {
+				Poco::Net::SocketAddress	RSP(FinalDestination.host(),0);
+				auto DestinationServer = RADSECservers_.find(RSP);
+				if(DestinationServer!=end(RADSECservers_)) {
+					DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer, size);
+				}
+			} else {
+				if( (Dst.family() == Poco::Net::SocketAddress::IPv4 && CoASocketV4_== nullptr) ||
+					(Dst.family() == Poco::Net::SocketAddress::IPv6 && CoASocketV6_== nullptr)) {
+					poco_debug(Logger(),fmt::format("CoA: Trying to use RADIUS GW PROXY but not configured. Device={}",serialNumber));
+					return;
+				}
+				auto AllSent = SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *CoASocketV4_
+																					   : *CoASocketV6_,
+										(const unsigned char *)buffer, size, FinalDestination);
+				if (!AllSent)
+					poco_error(Logger(),fmt::format("{}: Could not send CoA packet packet to {}.",
+											   serialNumber, Destination));
+				else
+					poco_debug(Logger(), fmt::format("{}: Sending CoA Packet to {}", serialNumber,
+													 FinalDestination.toString()));
+			}
+		} catch (const Poco::Exception &E) {
+			Logger().log(E);
+		} catch (...) {
+			poco_warning(Logger(),fmt::format("Bad RADIUS CoA/DM Packet from {}. Dropped.",serialNumber));
 		}
 	}
 
@@ -492,7 +540,9 @@ namespace OpenWifi {
 			} break;
 			}
 		}
-		return DefaultRoute(rtype, RequestedAddress, P, UseRADSEC);
+
+		UseRADSEC = false;
+		return RequestedAddress;
 	}
 
 	Poco::Net::SocketAddress RADIUS_proxy_server::ChooseAddress(std::vector<Destination> &Pool, const Poco::Net::SocketAddress & OriginalAddress) {

src/RADSECserver.h

@@ -53,11 +53,11 @@ namespace OpenWifi {
 					// std::cout << serial_number << "    Sending " << P.PacketType() << "  "  << length << " bytes" << std::endl;
 					int sent_bytes;
 					if (P.VerifyMessageAuthenticator(Server_.radsecSecret)) {
-						Logger_.debug(fmt::format("{}: {} Sending {} bytes", serial_number,
+						poco_debug(Logger_,fmt::format("{}: {} Sending {} bytes", serial_number,
 												  P.PacketType(), length));
 						sent_bytes = Socket_->sendBytes(buffer, length);
 					} else {
-						Logger_.debug(fmt::format("{}: {} Sending {} bytes", serial_number,
+						poco_debug(Logger_,fmt::format("{}: {} Sending {} bytes", serial_number,
 												  P.PacketType(), length));
 						P.ComputeMessageAuthenticator(Server_.radsecSecret);
 						sent_bytes = Socket_->sendBytes(P.Buffer(), length);
@@ -77,20 +77,32 @@ namespace OpenWifi {
 				auto NumberOfReceivedBytes = Socket_->receiveBytes(Buffer,sizeof(Buffer));
 				if(NumberOfReceivedBytes>40) {
 					RADIUS::RadiusPacket P(Buffer,NumberOfReceivedBytes);
-					// P.Log(std::cout);
-					// std::cout << "RADSEC: " << P.PacketType() << "  "  << (int) P.PacketTypeInt() << "   Received " << NumberOfReceivedBytes << " bytes" << std::endl;
 					if (P.IsAuthentication()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
-						Logger_.debug(fmt::format("{}: {} Received {} bytes.", SerialNumber, P.PacketType(), NumberOfReceivedBytes));
-						AP_WS_Server()->SendRadiusAuthenticationData(
-							SerialNumber, Buffer,
-							NumberOfReceivedBytes);
+						if(!SerialNumber.empty()) {
+							poco_debug(Logger_,
+									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
+												   P.PacketType(), NumberOfReceivedBytes));
+							AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, Buffer,
+																		 NumberOfReceivedBytes);
+						} else {
+							poco_debug(Logger_,
+									   fmt::format("Invalid AUTH packet received in proxy dropped. No serial number Source={}",
+									Socket_->address().toString()));
+						}
 					} else if (P.IsAccounting()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
-						Logger_.debug(fmt::format("{}: {} Received {} bytes.", SerialNumber, P.PacketType(), NumberOfReceivedBytes));
-						AP_WS_Server()->SendRadiusAccountingData(
-							SerialNumber, Buffer,
-							NumberOfReceivedBytes);
+						if(!SerialNumber.empty()) {
+							poco_debug(Logger_,
+									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
+												   P.PacketType(), NumberOfReceivedBytes));
+							AP_WS_Server()->SendRadiusAccountingData(SerialNumber, Buffer,
+																	 NumberOfReceivedBytes);
+						} else {
+							poco_debug(Logger_,
+									   fmt::format("Invalid ACCT packet received in proxy dropped. No serial number Source={}",
+												   Socket_->address().toString()));
+						}
 					} else if (P.IsAuthority()) {
 					}
 				} else {

src/RESTAPI/RESTAPI_radiusProxyConfig_handler.cpp

@@ -41,6 +41,8 @@ namespace OpenWifi {
 				return BadRequest(RESTAPI::Errors::PoolNameInvalid);
 			}
 			for(const auto &config:{pool.acctConfig,pool.authConfig,pool.coaConfig}) {
+				if(config.servers.empty())
+					continue;
 				if(config.strategy!="random" && config.strategy!="round_robin" && config.strategy!="weighted") {
 					return BadRequest(RESTAPI::Errors::InvalidRadiusProxyStrategy);
 				}

src/rttys/RTTYS_device.cpp

@@ -39,6 +39,7 @@ namespace OpenWifi {
 	{
 //		std::thread T([=]() { CompleteConnection(); });
 //		T.detach();
+		inBuf_ = std::make_unique<Poco::FIFOBuffer>(RTTY_DEVICE_BUFSIZE);
 		CompleteConnection();
 	}
 
@@ -61,6 +62,7 @@ namespace OpenWifi {
 			socket_.setBlocking(false);
 			socket_.setKeepAlive(true);
 			socket_.setNoDelay(true);
+			socket_.setReceiveTimeout(Poco::Timespan(60*60,0));
 
 			registered_=true;
 			reactor_.addEventHandler(
@@ -124,22 +126,22 @@ namespace OpenWifi {
 
 		std::unique_lock G(M_);
 		try {
-			auto received_bytes = socket_.receiveBytes(inBuf_);
+			auto received_bytes = socket_.receiveBytes(*inBuf_);
 			if (received_bytes == 0) {
 				poco_information(Logger(), fmt::format("{}: Device Closing connection - 0 bytes received.",id_));
 				return EndConnection();
 			}
 
-			while (inBuf_.isReadable() && good) {
+			while (inBuf_->isReadable() && good) {
 				uint32_t msg_len = 0;
 				if (waiting_for_bytes_ != 0) {
 
 				} else {
-					if (inBuf_.used() >= RTTY_HDR_SIZE) {
-						auto *head = (unsigned char *)inBuf_.begin();
+					if (inBuf_->used() >= RTTY_HDR_SIZE) {
+						auto *head = (unsigned char *)inBuf_->begin();
 						last_command_ = head[0];
 						msg_len = head[1] * 256 + head[2];
-						inBuf_.drain(RTTY_HDR_SIZE);
+						inBuf_->drain(RTTY_HDR_SIZE);
 					} else {
 						good = false;
 						continue;
@@ -190,10 +192,9 @@ namespace OpenWifi {
 			}
 		} catch (const Poco::Exception &E) {
 			good = false;
-			Logger().log(E,__FILE__,__LINE__);
-			poco_warning(Logger(),fmt::format("{}: Exception. GW closing connection.", id_));
+			poco_warning(Logger(),fmt::format("{}: Exception: {} GW closing connection.", id_, E.what()));
 		} catch (const std::exception &E) {
-			poco_warning(Logger(),fmt::format("{}: Exception. GW closing connection.", id_));
+			poco_warning(Logger(),fmt::format("{}: std::exception: {}. GW closing connection.", id_, E.what()));
 			good = false;
 		}
 
@@ -326,9 +327,9 @@ namespace OpenWifi {
 	std::string RTTYS_Device_ConnectionHandler::ReadString() {
 		std::string Res;
 
-		while(inBuf_.used()) {
+		while(inBuf_->used()) {
 			char C;
-			inBuf_.read(&C,1);
+			inBuf_->read(&C,1);
 			if(C==0) {
 				break;
 			}
@@ -342,11 +343,11 @@ namespace OpenWifi {
 		bool good = true;
 		try {
 			//	establish if this is an old rtty or a new one.
-			old_rtty_ = (inBuf_[0] != 0x03);		//	rtty_proto_ver for full session ID inclusion
+			old_rtty_ = ((*inBuf_)[0] != 0x03);		//	rtty_proto_ver for full session ID inclusion
 			if(old_rtty_) {
 				session_length_ = 1;
 			} else {
-				inBuf_.drain(1); //	remove protocol if used.
+				inBuf_->drain(1); //	remove protocol if used.
 				session_length_ = RTTY_SESSION_ID_LENGTH;
 			}
 
@@ -382,12 +383,12 @@ namespace OpenWifi {
 		nlohmann::json doc;
 		char Error;
 		if(old_rtty_) {
-			inBuf_.read(&Error, 1);
-			inBuf_.read(&session_id_[0], session_length_);
+			inBuf_->read(&Error, 1);
+			inBuf_->read(&session_id_[0], session_length_);
 		} else {
 			char session[RTTY_SESSION_ID_LENGTH+1]{0};
-			inBuf_.read(&session[0], session_length_);
-			inBuf_.read(&Error, 1);
+			inBuf_->read(&session[0], session_length_);
+			inBuf_->read(&Error, 1);
 		}
 		doc["type"] = "login";
 		doc["err"] = Error;
@@ -398,9 +399,9 @@ namespace OpenWifi {
 	bool RTTYS_Device_ConnectionHandler::do_msgTypeLogout([[maybe_unused]] std::size_t msg_len) {
 		char session[RTTY_SESSION_ID_LENGTH];
 		if(old_rtty_) {
-			inBuf_.read(&session[0],1);
+			inBuf_->read(&session[0],1);
 		} else {
-			inBuf_.read(&session[0],RTTY_SESSION_ID_LENGTH);
+			inBuf_->read(&session[0],RTTY_SESSION_ID_LENGTH);
 		}
 		poco_information(Logger(),fmt::format("{}: Logout", id_));
 		return false;
@@ -409,31 +410,31 @@ namespace OpenWifi {
 	bool RTTYS_Device_ConnectionHandler::do_msgTypeTermData(std::size_t msg_len) {
 		bool good;
 		if(waiting_for_bytes_>0) {
-			if(inBuf_.used()<waiting_for_bytes_) {
-				waiting_for_bytes_ = waiting_for_bytes_ - inBuf_.used();
-				good = SendToClient((unsigned char *)inBuf_.begin(), (int) inBuf_.used());
-				inBuf_.drain();
+			if(inBuf_->used()<waiting_for_bytes_) {
+				waiting_for_bytes_ = waiting_for_bytes_ - inBuf_->used();
+				good = SendToClient((unsigned char *)inBuf_->begin(), (int) inBuf_->used());
+				inBuf_->drain();
 			} else {
-				good = SendToClient((unsigned char *)inBuf_.begin(), waiting_for_bytes_);
-				inBuf_.drain(waiting_for_bytes_);
+				good = SendToClient((unsigned char *)inBuf_->begin(), waiting_for_bytes_);
+				inBuf_->drain(waiting_for_bytes_);
 				waiting_for_bytes_ = 0 ;
 			}
 		} else {
 			if(old_rtty_) {
-				inBuf_.drain(1);
+				inBuf_->drain(1);
 				msg_len -= 1;
 			} else {
-				inBuf_.drain(RTTY_SESSION_ID_LENGTH);
+				inBuf_->drain(RTTY_SESSION_ID_LENGTH);
 				msg_len -= RTTY_SESSION_ID_LENGTH;
 			}
-			if(inBuf_.used()<msg_len) {
-				good = SendToClient((unsigned char *)inBuf_.begin(), inBuf_.used());
-				waiting_for_bytes_ = msg_len - inBuf_.used();
-				inBuf_.drain();
+			if(inBuf_->used()<msg_len) {
+				good = SendToClient((unsigned char *)inBuf_->begin(), inBuf_->used());
+				waiting_for_bytes_ = msg_len - inBuf_->used();
+				inBuf_->drain();
 			} else {
 				waiting_for_bytes_ = 0 ;
-				good = SendToClient((unsigned char *)inBuf_.begin(), msg_len);
-				inBuf_.drain(msg_len);
+				good = SendToClient((unsigned char *)inBuf_->begin(), msg_len);
+				inBuf_->drain(msg_len);
 			}
 		}
 		return good;
@@ -452,7 +453,7 @@ namespace OpenWifi {
 	bool RTTYS_Device_ConnectionHandler::do_msgTypeHeartbeat([[maybe_unused]] std::size_t msg_len) {
 		u_char MsgBuf[RTTY_HDR_SIZE + 16]{0};
 		if(msg_len)
-			inBuf_.drain(msg_len);
+			inBuf_->drain(msg_len);
 		MsgBuf[0] = msgTypeHeartbeat;
 		MsgBuf[1] = 0;
 		MsgBuf[2] = 0;

src/rttys/RTTYS_device.h

@@ -51,9 +51,9 @@ namespace OpenWifi {
 		inline bool Valid() { return valid_; }
 
 	  private:
-		Poco::Net::StreamSocket   		socket_;
-		Poco::Net::SocketReactor		&reactor_;
-		Poco::FIFOBuffer 				inBuf_{RTTY_DEVICE_BUFSIZE};
+		Poco::Net::StreamSocket   			socket_;
+		Poco::Net::SocketReactor			&reactor_;
+		std::unique_ptr<Poco::FIFOBuffer> 	inBuf_;
 		Poco::Logger					&Logger_;
 
 		std::atomic_bool				valid_=false;

src/storage/storage_device.cpp

@@ -769,7 +769,6 @@ namespace OpenWifi {
 						UpdateCountedMap(Dashboard.associations, "2G", Associations_2G);
 						UpdateCountedMap(Dashboard.associations, "5G", Associations_5G);
 					}
-					UpdateCountedMap(Dashboard.status, ConnState.Connected ? "connected" : "not connected");
 				} else {
 					UpdateCountedMap(Dashboard.status, "not connected");
 				}

stop.sh

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-pidfilename="${UCENTRALGW_ROOT}/data/pidfile"
-
-if [[ -f "${pidfilename}" ]]
-then
-  kill -9 $(cat ${pidfilename})
-fi

ucentralgw.properties.aws

@@ -1,193 +0,0 @@
-#
-# uCentral protocol server for devices. This is where you point
-# all your devices. You can replace the * for address by the specific
-# address of one of your interfaces
-#
-ucentral.websocket.host.0.backlog = 500
-ucentral.websocket.host.0.rootca = $UCENTRALGW_ROOT/certs/root.pem
-ucentral.websocket.host.0.issuer = $UCENTRALGW_ROOT/certs/issuer.pem
-ucentral.websocket.host.0.cert = $UCENTRALGW_ROOT/certs/websocket-cert.pem
-ucentral.websocket.host.0.key = $UCENTRALGW_ROOT/certs/websocket-key.pem
-ucentral.websocket.host.0.clientcas = $UCENTRALGW_ROOT/certs/clientcas.pem
-ucentral.websocket.host.0.cas = $UCENTRALGW_ROOT/certs/cas
-ucentral.websocket.host.0.address = *
-ucentral.websocket.host.0.port = 15002
-ucentral.websocket.host.0.security = strict
-ucentral.websocket.host.0.key.password = mypassword
-ucentral.websocket.maxreactors = 20
-
-#
-# REST API access
-#
-ucentral.restapi.host.0.backlog = 100
-ucentral.restapi.host.0.security = relaxed
-ucentral.restapi.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
-ucentral.restapi.host.0.address = *
-ucentral.restapi.host.0.port = 16002
-ucentral.restapi.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
-ucentral.restapi.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
-ucentral.restapi.host.0.key.password = mypassword
-
-ucentral.internal.restapi.host.0.backlog = 100
-ucentral.internal.restapi.host.0.security = relaxed
-ucentral.internal.restapi.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
-ucentral.internal.restapi.host.0.address = *
-ucentral.internal.restapi.host.0.port = 17002
-ucentral.internal.restapi.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
-ucentral.internal.restapi.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
-ucentral.internal.restapi.host.0.key.password = mypassword
-
-#
-# Used to upload files to the service.
-# You should replace the 'name' vaalue with the IP address of your gateway or an FQDN
-# that your devices can reach
-#
-ucentral.fileuploader.host.0.backlog = 100
-ucentral.fileuploader.host.0.rootca = $UCENTRALGW_ROOT/certs/restapi-ca.pem
-ucentral.fileuploader.host.0.security = relaxed
-ucentral.fileuploader.host.0.address = *
-ucentral.fileuploader.host.0.name = ucentral.dpaas.arilia.com
-ucentral.fileuploader.host.0.port = 16003
-ucentral.fileuploader.host.0.cert = $UCENTRALGW_ROOT/certs/restapi-cert.pem
-ucentral.fileuploader.host.0.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
-ucentral.fileuploader.host.0.key.password = mypassword
-ucentral.fileuploader.path = $UCENTRALGW_ROOT/uploads
-ucentral.fileuploader.maxsize = 10000
-
-#
-# Generic section that all microservices must have
-#
-ucentral.service.key = $UCENTRALGW_ROOT/certs/restapi-key.pem
-ucentral.service.key.password = mypassword
-ucentral.system.data = $UCENTRALGW_ROOT/data
-ucentral.system.debug = true
-ucentral.system.uri.private = https://localhost:17002
-ucentral.system.uri.public = https://ucentral.dpaas.arilia.com:16002
-ucentral.system.uri.ui = https://ucentral-ui.arilia.com
-ucentral.system.commandchannel = /tmp/app.ucentralgw
-
-#
-# Gateway Microservice Specific Section
-#
-ucentral.autoprovisioning = true
-ucentral.devicetypes.0 = AP:linksys_ea8300,edgecore_eap101,linksys_e8450-ubi
-ucentral.devicetypes.1 = SWITCH:edgecore_ecs4100-12ph
-ucentral.devicetypes.2 = IOT:esp32
-oui.download.uri = https://standards-oui.ieee.org/oui/oui.txt
-firmware.autoupdate.policy.default = auto
-
-#
-# rtty
-#
-rtty.enabled = true
-rtty.server = rtty-tip.arilia.com
-rtty.port = 5912
-rtty.token = 96181c567b4d0d98c50f127230068fa8
-rtty.timeout = 60
-rtty.viewport = 5913
-
-#############################
-# Generic information for all micro services
-#############################
-#
-# NLB Support
-#
-alb.enable = true
-alb.port = 16102
-
-#
-# Kafka
-#
-ucentral.kafka.group.id = gateway
-ucentral.kafka.client.id = gateway1
-ucentral.kafka.enable = true
-ucentral.kafka.brokerlist = a1.arilia.com:9092
-# ucentral.kafka.brokerlist = debfarm1-node-c.arilia.com:9092
-ucentral.kafka.auto.commit = false
-ucentral.kafka.queue.buffering.max.ms = 50
-
-#
-# This section select which form of persistence you need
-# Only one selected at a time. If you select multiple, this service will die if a horrible
-# death and might make your beer flat.
-#
-storage.type = sqlite
-#storage.type = postgresql
-#storage.type = mysql
-#storage.type = odbc
-
-storage.type.sqlite.db = devices.db
-storage.type.sqlite.idletime = 120
-storage.type.sqlite.maxsessions = 128
-
-storage.type.postgresql.maxsessions = 64
-storage.type.postgresql.idletime = 60
-storage.type.postgresql.host = localhost
-storage.type.postgresql.username = stephb
-storage.type.postgresql.password = snoopy99
-storage.type.postgresql.database = ucentral
-storage.type.postgresql.port = 5432
-storage.type.postgresql.connectiontimeout = 60
-
-storage.type.mysql.maxsessions = 64
-storage.type.mysql.idletime = 60
-storage.type.mysql.host = localhost
-storage.type.mysql.username = stephb
-storage.type.mysql.password = snoopy99
-storage.type.mysql.database = ucentral
-storage.type.mysql.port = 3306
-storage.type.mysql.connectiontimeout = 60
-
-archiver.enabled = true
-archiver.schedule = 03:00
-archiver.db.0.name = healthchecks
-archiver.db.0.keep = 7
-archiver.db.1.name = statistics
-archiver.db.1.keep = 7
-archiver.db.2.name = devicelogs
-archiver.db.2.keep = 7
-archiver.db.3.name = commandlist
-archiver.db.3.keep = 7
-
-
-########################################################################
-########################################################################
-#
-# Logging: please leave as is for now.
-#
-########################################################################
-
-logging.formatters.f1.class = PatternFormatter
-logging.formatters.f1.pattern = %s: [%p] %t
-logging.formatters.f1.times = UTC
-logging.channels.c1.class = ConsoleChannel
-logging.channels.c1.formatter = f1
-
-# This is where the logs will be written. This path MUST exist
-logging.channels.c2.class = FileChannel
-logging.channels.c2.path = $UCENTRALGW_ROOT/logs/log
-logging.channels.c2.formatter.class = PatternFormatter
-logging.channels.c2.formatter.pattern = %Y-%m-%d %H:%M:%S %s: [%p] %t
-logging.channels.c2.rotation = 20 M
-logging.channels.c2.archive = timestamp
-logging.channels.c2.purgeCount = 20
-logging.channels.c3.class = ConsoleChannel
-logging.channels.c3.pattern = %s: [%p] %t
-
-# External Channel
-logging.loggers.root.channel = c2
-logging.loggers.root.level = debug
-
-# Inline Channel with PatternFormatter
-# logging.loggers.l1.name = logger1
-# logging.loggers.l1.channel.class = ConsoleChannel
-# logging.loggers.l1.channel.pattern = %s: [%p] %t
-# logging.loggers.l1.level = information
-# SplitterChannel
-# logging.channels.splitter.class = SplitterChannel
-# logging.channels.splitter.channels = l1,l2
-# logging.loggers.l2.name = logger2
-# logging.loggers.l2.channel = splitter
-
-
-