|
0
|
1 /********************************************************************************************************* |
|
|
2 * Software License Agreement (BSD License) * |
|
|
3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> * |
|
|
4 * * |
|
|
5 * Copyright (c) 2009, WIDE Project and NICT * |
|
|
6 * All rights reserved. * |
|
|
7 * * |
|
|
8 * Redistribution and use of this software in source and binary forms, with or without modification, are * |
|
|
9 * permitted provided that the following conditions are met: * |
|
|
10 * * |
|
|
11 * * Redistributions of source code must retain the above * |
|
|
12 * copyright notice, this list of conditions and the * |
|
|
13 * following disclaimer. * |
|
|
14 * * |
|
|
15 * * Redistributions in binary form must reproduce the above * |
|
|
16 * copyright notice, this list of conditions and the * |
|
|
17 * following disclaimer in the documentation and/or other * |
|
|
18 * materials provided with the distribution. * |
|
|
19 * * |
|
|
20 * * Neither the name of the WIDE Project or NICT nor the * |
|
|
21 * names of its contributors may be used to endorse or * |
|
|
22 * promote products derived from this software without * |
|
|
23 * specific prior written permission of WIDE Project and * |
|
|
24 * NICT. * |
|
|
25 * * |
|
|
26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
|
|
27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
|
|
28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
|
|
29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
|
|
30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
|
|
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
|
|
32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
|
|
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
|
|
34 *********************************************************************************************************/ |
|
|
35 |
|
|
36 /* Diameter Base protocol definitions. |
|
|
37 */ |
|
|
38 |
|
|
39 #include "fd.h" |
|
|
40 |
|
|
41 #include <netinet/in.h> |
|
|
42 #include <sys/socket.h> |
|
|
43 |
|
|
44 /* The pointer for the global dictionary (initialized from main) */ |
|
|
45 struct dictionary * fd_g_dict = NULL; |
|
|
46 |
|
|
47 /* The functions to encode and interpret the derived types defined in the base protocol */ |
|
|
48 |
|
|
49 /* Address AVP <-> struct sockaddr_storage */ |
|
|
50 static int Address_encode(void * data, union avp_value * avp_value) |
|
|
51 { |
|
|
52 sSS * ss = (sSS *) data; |
|
|
53 uint16_t AddressType = 0; |
|
|
54 size_t size = 0; |
|
|
55 unsigned char * buf = NULL; |
|
|
56 |
|
|
57 TRACE_ENTRY("%p %p", data, avp_value); |
|
|
58 CHECK_PARAMS( data && avp_value ); |
|
|
59 |
|
|
60 switch (ss->ss_family) { |
|
|
61 case AF_INET: |
|
|
62 { |
|
|
63 /* We are encoding an IP address */ |
|
|
64 sSA4 * sin = (sSA4 *)ss; |
|
|
65 |
|
|
66 AddressType = 1;/* see http://www.iana.org/assignments/address-family-numbers/ */ |
|
|
67 size = 6; /* 2 for AddressType + 4 for data */ |
|
|
68 |
|
|
69 CHECK_MALLOC( buf = malloc(size) ); |
|
|
70 |
|
|
71 /* may not work because of alignment: *(uint32_t *)(buf+2) = htonl(sin->sin_addr.s_addr); */ |
|
|
72 memcpy(buf + 2, &sin->sin_addr.s_addr, 4); |
|
|
73 } |
|
|
74 break; |
|
|
75 |
|
|
76 case AF_INET6: |
|
|
77 { |
|
|
78 /* We are encoding an IPv6 address */ |
|
|
79 sSA6 * sin6 = (sSA6 *)ss; |
|
|
80 |
|
|
81 AddressType = 2;/* see http://www.iana.org/assignments/address-family-numbers/ */ |
|
|
82 size = 18; /* 2 for AddressType + 16 for data */ |
|
|
83 |
|
|
84 CHECK_MALLOC( buf = malloc(size) ); |
|
|
85 |
|
|
86 /* The order is already good here */ |
|
|
87 memcpy(buf + 2, &sin6->sin6_addr.s6_addr, 16); |
|
|
88 } |
|
|
89 break; |
|
|
90 |
|
|
91 default: |
|
|
92 CHECK_PARAMS( AddressType = 0 ); |
|
|
93 } |
|
|
94 |
|
|
95 *(uint16_t *)buf = htons(AddressType); |
|
|
96 |
|
|
97 avp_value->os.len = size; |
|
|
98 avp_value->os.data = buf; |
|
|
99 |
|
|
100 return 0; |
|
|
101 } |
|
|
102 |
|
|
103 static int Address_interpret(union avp_value * avp_value, void * interpreted) |
|
|
104 { |
|
|
105 uint16_t AddressType = 0; |
|
|
106 unsigned char * buf; |
|
|
107 |
|
|
108 TRACE_ENTRY("%p %p", avp_value, interpreted); |
|
|
109 |
|
|
110 CHECK_PARAMS( avp_value && interpreted && (avp_value->os.len >= 2) ); |
|
|
111 |
|
|
112 AddressType = ntohs(*(uint16_t *)avp_value->os.data); |
|
|
113 buf = &avp_value->os.data[2]; |
|
|
114 |
|
|
115 switch (AddressType) { |
|
|
116 case 1 /* IP */: |
|
|
117 { |
|
|
118 sSA4 * sin = (sSA4 *)interpreted; |
|
|
119 |
|
|
120 CHECK_PARAMS( avp_value->os.len == 6 ); |
|
|
121 |
|
|
122 sin->sin_family = AF_INET; |
|
|
123 /* sin->sin_addr.s_addr = ntohl( * (uint32_t *) buf); -- may not work because of bad alignment */ |
|
|
124 memcpy(&sin->sin_addr.s_addr, buf, 4); |
|
|
125 } |
|
|
126 break; |
|
|
127 |
|
|
128 case 2 /* IP6 */: |
|
|
129 { |
|
|
130 sSA6 * sin6 = (sSA6 *)interpreted; |
|
|
131 |
|
|
132 CHECK_PARAMS( avp_value->os.len == 18 ); |
|
|
133 |
|
|
134 sin6->sin6_family = AF_INET6; |
|
|
135 memcpy(&sin6->sin6_addr.s6_addr, buf, 16); |
|
|
136 } |
|
|
137 break; |
|
|
138 |
|
|
139 default: |
|
|
140 CHECK_PARAMS( AddressType = 0 ); |
|
|
141 } |
|
|
142 |
|
|
143 return 0; |
|
|
144 } |
|
|
145 |
|
|
146 |
|
|
147 |
|
|
148 #define CHECK_dict_new( _type, _data, _parent, _ref ) \ |
|
|
149 CHECK_FCT( fd_dict_new( dict, (_type), (_data), (_parent), (_ref)) ); |
|
|
150 |
|
|
151 #define CHECK_dict_search( _type, _criteria, _what, _result ) \ |
|
|
152 CHECK_FCT( fd_dict_search( dict, (_type), (_criteria), (_what), (_result), ENOENT) ); |
|
|
153 |
|
|
154 struct local_rules_definition { |
|
|
155 char *avp_name; |
|
|
156 enum rule_position position; |
|
|
157 int min; |
|
|
158 int max; |
|
|
159 }; |
|
|
160 |
|
|
161 #define RULE_ORDER( _position ) ((((_position) == RULE_FIXED_HEAD) || ((_position) == RULE_FIXED_TAIL)) ? 1 : 0 ) |
|
|
162 |
|
|
163 #define PARSE_loc_rules( _rulearray, _parent) { \ |
|
|
164 int __ar; \ |
|
|
165 for (__ar=0; __ar < sizeof(_rulearray) / sizeof((_rulearray)[0]); __ar++) { \ |
|
|
166 struct dict_rule_data __data = { NULL, \ |
|
|
167 (_rulearray)[__ar].position, \ |
|
|
168 0, \ |
|
|
169 (_rulearray)[__ar].min, \ |
|
|
170 (_rulearray)[__ar].max}; \ |
|
|
171 __data.rule_order = RULE_ORDER(__data.rule_position); \ |
|
|
172 CHECK_FCT( fd_dict_search( \ |
|
|
173 dict, \ |
|
|
174 DICT_AVP, \ |
|
|
175 AVP_BY_NAME, \ |
|
|
176 (_rulearray)[__ar].avp_name, \ |
|
|
177 &__data.rule_avp, 0 ) ); \ |
|
|
178 if ( !__data.rule_avp ) { \ |
|
|
179 TRACE_DEBUG(INFO, "AVP Not found: '%s'", (_rulearray)[__ar].avp_name ); \ |
|
|
180 return ENOENT; \ |
|
|
181 } \ |
|
|
182 CHECK_FCT_DO( fd_dict_new( dict, DICT_RULE, &__data, _parent, NULL), \ |
|
|
183 { \ |
|
|
184 TRACE_DEBUG(INFO, "Error on rule with AVP '%s'", \ |
|
|
185 (_rulearray)[__ar].avp_name ); \ |
|
|
186 return EINVAL; \ |
|
|
187 } ); \ |
|
|
188 } \ |
|
|
189 } |
|
|
190 |
|
|
191 int fd_dict_base_protocol(struct dictionary * dict) |
|
|
192 { |
|
|
193 TRACE_ENTRY("%p", dict); |
|
|
194 CHECK_PARAMS(dict); |
|
|
195 |
|
|
196 /* Vendors section */ |
|
|
197 { |
|
|
198 /* The base RFC has no vendor information */ |
|
|
199 ; |
|
|
200 } |
|
|
201 |
|
|
202 /* Applications section */ |
|
|
203 { |
|
|
204 /* base accounting application */ |
|
|
205 { |
|
|
206 struct dict_application_data data = { 3, "Diameter Base Accounting" }; |
|
|
207 CHECK_dict_new( DICT_APPLICATION, &data, NULL, NULL); |
|
|
208 } |
|
|
209 |
|
|
210 /* relay application */ |
|
|
211 { |
|
|
212 struct dict_application_data data = { 0xffffffff, "Relay" }; |
|
|
213 CHECK_dict_new( DICT_APPLICATION, &data , NULL, NULL); |
|
|
214 } |
|
|
215 } |
|
|
216 |
|
|
217 /* Derived AVP types section */ |
|
|
218 { |
|
|
219 /* Address */ |
|
|
220 { |
|
|
221 /* |
|
|
222 The Address format is derived from the OctetString AVP Base |
|
|
223 Format. It is a discriminated union, representing, for example a |
|
|
224 32-bit (IPv4) [RFC791] or 128-bit (IPv6) [RFC4291] address, most |
|
|
225 significant octet first. The first two octets of the Address AVP |
|
|
226 represents the AddressType, which contains an Address Family |
|
|
227 defined in [IANAADFAM]. The AddressType is used to discriminate |
|
|
228 the content and format of the remaining octets. |
|
|
229 */ |
|
|
230 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "Address" , Address_interpret , Address_encode }; |
|
|
231 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
232 } |
|
|
233 |
|
|
234 /* Time */ |
|
|
235 { |
|
|
236 /* |
|
|
237 The Time format is derived from the OctetString AVP Base Format. |
|
|
238 The string MUST contain four octets, in the same format as the |
|
|
239 first four bytes are in the NTP timestamp format. The NTP |
|
|
240 Timestamp format is defined in chapter 3 of [RFC4330]. |
|
|
241 |
|
|
242 This represents the number of seconds since 0h on 1 January 1900 |
|
|
243 with respect to the Coordinated Universal Time (UTC). |
|
|
244 |
|
|
245 On 6h 28m 16s UTC, 7 February 2036 the time value will overflow. |
|
|
246 SNTP [RFC4330] describes a procedure to extend the time to 2104. |
|
|
247 This procedure MUST be supported by all DIAMETER nodes. |
|
|
248 */ |
|
|
249 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "Time" , NULL , NULL }; |
|
|
250 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
251 } |
|
|
252 |
|
|
253 /* UTF8String */ |
|
|
254 { |
|
|
255 /* |
|
|
256 The UTF8String format is derived from the OctetString AVP Base |
|
|
257 Format. This is a human readable string represented using the |
|
|
258 ISO/IEC IS 10646-1 character set, encoded as an OctetString using |
|
|
259 the UTF-8 [RFC3629] transformation format described in RFC 3629. |
|
|
260 |
|
|
261 Since additional code points are added by amendments to the 10646 |
|
|
262 standard from time to time, implementations MUST be prepared to |
|
|
263 encounter any code point from 0x00000001 to 0x7fffffff. Byte |
|
|
264 sequences that do not correspond to the valid encoding of a code |
|
|
265 point into UTF-8 charset or are outside this range are prohibited. |
|
|
266 |
|
|
267 The use of control codes SHOULD be avoided. When it is necessary |
|
|
268 to represent a new line, the control code sequence CR LF SHOULD be |
|
|
269 used. |
|
|
270 |
|
|
271 The use of leading or trailing white space SHOULD be avoided. |
|
|
272 |
|
|
273 For code points not directly supported by user interface hardware |
|
|
274 or software, an alternative means of entry and display, such as |
|
|
275 hexadecimal, MAY be provided. |
|
|
276 |
|
|
277 For information encoded in 7-bit US-ASCII, the UTF-8 charset is |
|
|
278 identical to the US-ASCII charset. |
|
|
279 |
|
|
280 UTF-8 may require multiple bytes to represent a single character / |
|
|
281 code point; thus the length of an UTF8String in octets may be |
|
|
282 different from the number of characters encoded. |
|
|
283 |
|
|
284 Note that the AVP Length field of an UTF8String is measured in |
|
|
285 octets, not characters. |
|
|
286 */ |
|
|
287 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "UTF8String" , NULL , NULL }; |
|
|
288 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
289 } |
|
|
290 |
|
|
291 /* DiameterIdentity */ |
|
|
292 { |
|
|
293 /* |
|
|
294 The DiameterIdentity format is derived from the OctetString AVP |
|
|
295 Base Format. |
|
|
296 |
|
|
297 DiameterIdentity = FQDN |
|
|
298 |
|
|
299 |
|
|
300 DiameterIdentity value is used to uniquely identify a Diameter |
|
|
301 node for purposes of duplicate connection and routing loop |
|
|
302 detection. |
|
|
303 |
|
|
304 The contents of the string MUST be the FQDN of the Diameter node. |
|
|
305 If multiple Diameter nodes run on the same host, each Diameter |
|
|
306 node MUST be assigned a unique DiameterIdentity. If a Diameter |
|
|
307 |
|
|
308 node can be identified by several FQDNs, a single FQDN should be |
|
|
309 picked at startup, and used as the only DiameterIdentity for that |
|
|
310 node, whatever the connection it is sent on. Note that in this |
|
|
311 document, DiameterIdentity is in ASCII form in order to be |
|
|
312 compatible with existing DNS infrastructure. See Appendix D for |
|
|
313 interactions between the Diameter protocol and Internationalized |
|
|
314 Domain Name (IDNs). |
|
|
315 */ |
|
|
316 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "DiameterIdentity" , NULL , NULL }; |
|
|
317 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
318 } |
|
|
319 |
|
|
320 /* DiameterURI */ |
|
|
321 { |
|
|
322 /* |
|
|
323 The DiameterURI MUST follow the Uniform Resource Identifiers (URI) |
|
|
324 syntax [RFC3986] rules specified below: |
|
|
325 |
|
|
326 "aaa://" FQDN [ port ] [ transport ] [ protocol ] |
|
|
327 |
|
|
328 ; No transport security |
|
|
329 |
|
|
330 "aaas://" FQDN [ port ] [ transport ] [ protocol ] |
|
|
331 |
|
|
332 ; Transport security used |
|
|
333 |
|
|
334 FQDN = Fully Qualified Host Name |
|
|
335 |
|
|
336 port = ":" 1*DIGIT |
|
|
337 |
|
|
338 ; One of the ports used to listen for |
|
|
339 ; incoming connections. |
|
|
340 ; If absent, |
|
|
341 ; the default Diameter port (3868) is |
|
|
342 ; assumed. |
|
|
343 |
|
|
344 transport = ";transport=" transport-protocol |
|
|
345 |
|
|
346 ; One of the transports used to listen |
|
|
347 ; for incoming connections. If absent, |
|
|
348 ; the default SCTP [RFC2960] protocol is |
|
|
349 ; assumed. UDP MUST NOT be used when |
|
|
350 ; the aaa-protocol field is set to |
|
|
351 ; diameter. |
|
|
352 |
|
|
353 transport-protocol = ( "tcp" / "sctp" / "udp" ) |
|
|
354 |
|
|
355 protocol = ";protocol=" aaa-protocol |
|
|
356 |
|
|
357 ; If absent, the default AAA protocol |
|
|
358 ; is diameter. |
|
|
359 |
|
|
360 aaa-protocol = ( "diameter" / "radius" / "tacacs+" ) |
|
|
361 |
|
|
362 The following are examples of valid Diameter host identities: |
|
|
363 |
|
|
364 aaa://host.example.com;transport=tcp |
|
|
365 aaa://host.example.com:6666;transport=tcp |
|
|
366 aaa://host.example.com;protocol=diameter |
|
|
367 aaa://host.example.com:6666;protocol=diameter |
|
|
368 aaa://host.example.com:6666;transport=tcp;protocol=diameter |
|
|
369 aaa://host.example.com:1813;transport=udp;protocol=radius |
|
|
370 */ |
|
|
371 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "DiameterURI" , NULL , NULL }; |
|
|
372 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
373 } |
|
|
374 |
|
|
375 /* Enumerated */ |
|
|
376 { |
|
|
377 /* |
|
|
378 Enumerated is derived from the Integer32 AVP Base Format. The |
|
|
379 definition contains a list of valid values and their |
|
|
380 interpretation and is described in the Diameter application |
|
|
381 introducing the AVP. |
|
|
382 */ |
|
|
383 |
|
|
384 /* We don't use a generic "Enumerated" type in waaad. Instead, we define |
|
|
385 * types of the form "Enumerated(<avpname>)" where <avpname> is replaced |
|
|
386 * by the name of the AVP to which the type applies. |
|
|
387 * Example: Enumerated(Disconnect-Cause) |
|
|
388 */ |
|
|
389 ; |
|
|
390 } |
|
|
391 |
|
|
392 /* IPFilterRule */ |
|
|
393 { |
|
|
394 /* |
|
|
395 The IPFilterRule format is derived from the OctetString AVP Base |
|
|
396 Format and uses the ASCII charset. The rule syntax is a modified |
|
|
397 subset of ipfw(8) from FreeBSD. Packets may be filtered based on |
|
|
398 the following information that is associated with it: |
|
|
399 |
|
|
400 Direction (in or out) |
|
|
401 Source and destination IP address (possibly masked) |
|
|
402 Protocol |
|
|
403 Source and destination port (lists or ranges) |
|
|
404 TCP flags |
|
|
405 IP fragment flag |
|
|
406 IP options |
|
|
407 ICMP types |
|
|
408 |
|
|
409 Rules for the appropriate direction are evaluated in order, with |
|
|
410 the first matched rule terminating the evaluation. Each packet is |
|
|
411 evaluated once. If no rule matches, the packet is dropped if the |
|
|
412 last rule evaluated was a permit, and passed if the last rule was |
|
|
413 a deny. |
|
|
414 |
|
|
415 IPFilterRule filters MUST follow the format: |
|
|
416 |
|
|
417 action dir proto from src to dst [options] |
|
|
418 |
|
|
419 (...skipped loooong explanation...) |
|
|
420 |
|
|
421 There is one kind of packet that the access device MUST always |
|
|
422 discard, that is an IP fragment with a fragment offset of one. |
|
|
423 This is a valid packet, but it only has one use, to try to |
|
|
424 circumvent firewalls. |
|
|
425 |
|
|
426 An access device that is unable to interpret or apply a deny rule |
|
|
427 MUST terminate the session. An access device that is unable to |
|
|
428 interpret or apply a permit rule MAY apply a more restrictive |
|
|
429 rule. An access device MAY apply deny rules of its own before the |
|
|
430 supplied rules, for example to protect the access device owner's |
|
|
431 infrastructure. |
|
|
432 */ |
|
|
433 struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "IPFilterRule" , NULL , NULL }; |
|
|
434 CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
|
|
435 } |
|
|
436 } |
|
|
437 |
|
|
438 /* AVP section */ |
|
|
439 { |
|
|
440 struct dict_object * Address_type; |
|
|
441 struct dict_object * UTF8String_type; |
|
|
442 struct dict_object * DiameterIdentity_type; |
|
|
443 struct dict_object * DiameterURI_type; |
|
|
444 struct dict_object * Time_type; |
|
|
445 |
|
|
446 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Address", &Address_type); |
|
|
447 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "UTF8String", &UTF8String_type); |
|
|
448 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterIdentity", &DiameterIdentity_type); |
|
|
449 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterURI", &DiameterURI_type); |
|
|
450 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Time", &Time_type); |
|
|
451 |
|
|
452 /* Vendor-Id */ |
|
|
453 { |
|
|
454 /* |
|
|
455 The Vendor-Id AVP (AVP Code 266) is of type Unsigned32 and contains |
|
|
456 the IANA "SMI Network Management Private Enterprise Codes" [RFC3232] |
|
|
457 value assigned to the vendor of the Diameter device. It is |
|
|
458 envisioned that the combination of the Vendor-Id, Product-Name |
|
|
459 (Section 5.3.7) and the Firmware-Revision (Section 5.3.4) AVPs may |
|
|
460 provide useful debugging information. |
|
|
461 |
|
|
462 A Vendor-Id value of zero in the CER or CEA messages is reserved and |
|
|
463 indicates that this field is ignored. |
|
|
464 */ |
|
|
465 struct dict_avp_data data = { |
|
|
466 266, /* Code */ |
|
|
467 #if AC_VENDOR_ID != 266 |
|
|
468 #error "AC_VENDOR_ID definition mismatch" |
|
|
469 #endif |
|
|
470 0, /* Vendor */ |
|
|
471 "Vendor-Id", /* Name */ |
|
|
472 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
473 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
474 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
475 }; |
|
|
476 CHECK_dict_new( DICT_AVP, &data, NULL, NULL); |
|
|
477 } |
|
|
478 |
|
|
479 /* Firmware-Revision */ |
|
|
480 { |
|
|
481 /* |
|
|
482 The Firmware-Revision AVP (AVP Code 267) is of type Unsigned32 and is |
|
|
483 used to inform a Diameter peer of the firmware revision of the |
|
|
484 issuing device. |
|
|
485 |
|
|
486 For devices that do not have a firmware revision (general purpose |
|
|
487 computers running Diameter software modules, for instance), the |
|
|
488 revision of the Diameter software module may be reported instead. |
|
|
489 */ |
|
|
490 struct dict_avp_data data = { |
|
|
491 267, /* Code */ |
|
|
492 #if AC_FIRMWARE_REVISION != 267 |
|
|
493 #error "AC_FIRMWARE_REVISION definition mismatch" |
|
|
494 #endif |
|
|
495 0, /* Vendor */ |
|
|
496 "Firmware-Revision", /* Name */ |
|
|
497 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
498 0, /* Fixed flag values */ |
|
|
499 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
500 }; |
|
|
501 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
502 } |
|
|
503 |
|
|
504 /* Host-IP-Address */ |
|
|
505 { |
|
|
506 /* |
|
|
507 The Host-IP-Address AVP (AVP Code 257) is of type Address and is used |
|
|
508 to inform a Diameter peer of the sender's IP address. All source |
|
|
509 addresses that a Diameter node expects to use with SCTP [RFC2960] |
|
|
510 MUST be advertised in the CER and CEA messages by including a |
|
|
511 Host-IP- Address AVP for each address. This AVP MUST ONLY be used in |
|
|
512 the CER and CEA messages. |
|
|
513 */ |
|
|
514 struct dict_avp_data data = { |
|
|
515 257, /* Code */ |
|
|
516 #if AC_HOST_IP_ADDRESS != 257 |
|
|
517 #error "AC_HOST_IP_ADDRESS definition mismatch" |
|
|
518 #endif |
|
|
519 0, /* Vendor */ |
|
|
520 "Host-IP-Address", /* Name */ |
|
|
521 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
522 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
523 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
524 }; |
|
|
525 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL); |
|
|
526 } |
|
|
527 |
|
|
528 /* Supported-Vendor-Id */ |
|
|
529 { |
|
|
530 /* |
|
|
531 The Supported-Vendor-Id AVP (AVP Code 265) is of type Unsigned32 and |
|
|
532 contains the IANA "SMI Network Management Private Enterprise Codes" |
|
|
533 [RFC3232] value assigned to a vendor other than the device vendor but |
|
|
534 including the application vendor. This is used in the CER and CEA |
|
|
535 messages in order to inform the peer that the sender supports (a |
|
|
536 subset of) the vendor-specific AVPs defined by the vendor identified |
|
|
537 in this AVP. The value of this AVP SHOULD NOT be set to zero. |
|
|
538 Multiple instances of this AVP containing the same value SHOULD NOT |
|
|
539 be sent. |
|
|
540 */ |
|
|
541 struct dict_avp_data data = { |
|
|
542 265, /* Code */ |
|
|
543 #if AC_SUPPORTED_VENDOR_ID != 265 |
|
|
544 #error "AC_SUPPORTED_VENDOR_ID definition mismatch" |
|
|
545 #endif |
|
|
546 0, /* Vendor */ |
|
|
547 "Supported-Vendor-Id", /* Name */ |
|
|
548 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
549 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
550 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
551 }; |
|
|
552 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
553 } |
|
|
554 |
|
|
555 /* Product-Name */ |
|
|
556 { |
|
|
557 /* |
|
|
558 The Product-Name AVP (AVP Code 269) is of type UTF8String, and |
|
|
559 contains the vendor assigned name for the product. The Product-Name |
|
|
560 AVP SHOULD remain constant across firmware revisions for the same |
|
|
561 product. |
|
|
562 */ |
|
|
563 struct dict_avp_data data = { |
|
|
564 269, /* Code */ |
|
|
565 #if AC_PRODUCT_NAME != 269 |
|
|
566 #error "AC_PRODUCT_NAME definition mismatch" |
|
|
567 #endif |
|
|
568 0, /* Vendor */ |
|
|
569 "Product-Name", /* Name */ |
|
|
570 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
571 0, /* Fixed flag values */ |
|
|
572 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
573 }; |
|
|
574 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
|
|
575 } |
|
|
576 |
|
|
577 /* Disconnect-Cause */ |
|
|
578 { |
|
|
579 /* |
|
|
580 The Disconnect-Cause AVP (AVP Code 273) is of type Enumerated. A |
|
|
581 Diameter node MUST include this AVP in the Disconnect-Peer-Request |
|
|
582 message to inform the peer of the reason for its intention to |
|
|
583 shutdown the transport connection. The following values are |
|
|
584 supported: |
|
|
585 |
|
|
586 REBOOTING 0 |
|
|
587 A scheduled reboot is imminent. Receiver of DPR with above result |
|
|
588 code MAY attempt reconnection. |
|
|
589 |
|
|
590 BUSY 1 |
|
|
591 The peer's internal resources are constrained, and it has |
|
|
592 determined that the transport connection needs to be closed. |
|
|
593 Receiver of DPR with above result code SHOULD NOT attempt |
|
|
594 reconnection. |
|
|
595 |
|
|
596 DO_NOT_WANT_TO_TALK_TO_YOU 2 |
|
|
597 The peer has determined that it does not see a need for the |
|
|
598 transport connection to exist, since it does not expect any |
|
|
599 messages to be exchanged in the near future. Receiver of DPR |
|
|
600 with above result code SHOULD NOT attempt reconnection. |
|
|
601 */ |
|
|
602 struct dict_object * type; |
|
|
603 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Disconnect-Cause)" , NULL, NULL}; |
|
|
604 struct dict_enumval_data t_0 = { "REBOOTING", { .i32 = 0 }}; |
|
|
605 struct dict_enumval_data t_1 = { "BUSY", { .i32 = 1 }}; |
|
|
606 struct dict_enumval_data t_2 = { "DO_NOT_WANT_TO_TALK_TO_YOU", { .i32 = 2 }}; |
|
|
607 struct dict_avp_data data = { |
|
|
608 273, /* Code */ |
|
|
609 #if AC_DISCONNECT_CAUSE != 273 |
|
|
610 #error "AC_DISCONNECT_CAUSE definition mismatch" |
|
|
611 #endif |
|
|
612 0, /* Vendor */ |
|
|
613 "Disconnect-Cause", /* Name */ |
|
|
614 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
615 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
616 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
617 }; |
|
|
618 /* Create the Enumerated type, and then the AVP */ |
|
|
619 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
620 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
621 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
622 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
623 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
624 } |
|
|
625 |
|
|
626 /* Origin-Host */ |
|
|
627 { |
|
|
628 /* |
|
|
629 The Origin-Host AVP (AVP Code 264) is of type DiameterIdentity, and |
|
|
630 MUST be present in all Diameter messages. This AVP identifies the |
|
|
631 endpoint that originated the Diameter message. Relay agents MUST NOT |
|
|
632 modify this AVP. |
|
|
633 |
|
|
634 The value of the Origin-Host AVP is guaranteed to be unique within a |
|
|
635 single host. |
|
|
636 |
|
|
637 Note that the Origin-Host AVP may resolve to more than one address as |
|
|
638 the Diameter peer may support more than one address. |
|
|
639 |
|
|
640 This AVP SHOULD be placed as close to the Diameter header as |
|
|
641 possible. |
|
|
642 */ |
|
|
643 struct dict_avp_data data = { |
|
|
644 264, /* Code */ |
|
|
645 #if AC_ORIGIN_HOST != 264 |
|
|
646 #error "AC_ORIGIN_HOST definition mismatch" |
|
|
647 #endif |
|
|
648 0, /* Vendor */ |
|
|
649 "Origin-Host", /* Name */ |
|
|
650 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
651 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
652 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
653 }; |
|
|
654 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
655 } |
|
|
656 |
|
|
657 /* Origin-Realm */ |
|
|
658 { |
|
|
659 /* |
|
|
660 The Origin-Realm AVP (AVP Code 296) is of type DiameterIdentity. |
|
|
661 This AVP contains the Realm of the originator of any Diameter message |
|
|
662 and MUST be present in all messages. |
|
|
663 |
|
|
664 This AVP SHOULD be placed as close to the Diameter header as |
|
|
665 possible. |
|
|
666 */ |
|
|
667 struct dict_avp_data data = { |
|
|
668 296, /* Code */ |
|
|
669 #if AC_ORIGIN_REALM != 296 |
|
|
670 #error "AC_ORIGIN_REALM definition mismatch" |
|
|
671 #endif |
|
|
672 0, /* Vendor */ |
|
|
673 "Origin-Realm", /* Name */ |
|
|
674 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
675 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
676 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
677 }; |
|
|
678 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
679 } |
|
|
680 |
|
|
681 /* Destination-Host */ |
|
|
682 { |
|
|
683 /* |
|
|
684 The Destination-Host AVP (AVP Code 293) is of type DiameterIdentity. |
|
|
685 This AVP MUST be present in all unsolicited agent initiated messages, |
|
|
686 MAY be present in request messages, and MUST NOT be present in Answer |
|
|
687 messages. |
|
|
688 |
|
|
689 The absence of the Destination-Host AVP will cause a message to be |
|
|
690 sent to any Diameter server supporting the application within the |
|
|
691 realm specified in Destination-Realm AVP. |
|
|
692 |
|
|
693 This AVP SHOULD be placed as close to the Diameter header as |
|
|
694 possible. |
|
|
695 */ |
|
|
696 struct dict_avp_data data = { |
|
|
697 293, /* Code */ |
|
|
698 #if AC_DESTINATION_HOST != 293 |
|
|
699 #error "AC_DESTINATION_HOST definition mismatch" |
|
|
700 #endif |
|
|
701 0, /* Vendor */ |
|
|
702 "Destination-Host", /* Name */ |
|
|
703 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
704 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
705 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
706 }; |
|
|
707 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
708 } |
|
|
709 |
|
|
710 /* Destination-Realm */ |
|
|
711 { |
|
|
712 /* |
|
|
713 The Destination-Realm AVP (AVP Code 283) is of type DiameterIdentity, |
|
|
714 and contains the realm the message is to be routed to. The |
|
|
715 Destination-Realm AVP MUST NOT be present in Answer messages. |
|
|
716 Diameter Clients insert the realm portion of the User-Name AVP. |
|
|
717 Diameter servers initiating a request message use the value of the |
|
|
718 Origin-Realm AVP from a previous message received from the intended |
|
|
719 target host (unless it is known a priori). When present, the |
|
|
720 Destination-Realm AVP is used to perform message routing decisions. |
|
|
721 |
|
|
722 Request messages whose ABNF does not list the Destination-Realm AVP |
|
|
723 as a mandatory AVP are inherently non-routable messages. |
|
|
724 |
|
|
725 This AVP SHOULD be placed as close to the Diameter header as |
|
|
726 possible. |
|
|
727 */ |
|
|
728 struct dict_avp_data data = { |
|
|
729 283, /* Code */ |
|
|
730 #if AC_DESTINATION_REALM != 283 |
|
|
731 #error "AC_DESTINATION_REALM definition mismatch" |
|
|
732 #endif |
|
|
733 0, /* Vendor */ |
|
|
734 "Destination-Realm", /* Name */ |
|
|
735 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
736 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
737 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
738 }; |
|
|
739 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
740 } |
|
|
741 |
|
|
742 /* Route-Record */ |
|
|
743 { |
|
|
744 /* |
|
|
745 The Route-Record AVP (AVP Code 282) is of type DiameterIdentity. The |
|
|
746 identity added in this AVP MUST be the same as the one received in |
|
|
747 the Origin-Host of the Capabilities Exchange message. |
|
|
748 */ |
|
|
749 struct dict_avp_data data = { |
|
|
750 282, /* Code */ |
|
|
751 #if AC_ROUTE_RECORD != 282 |
|
|
752 #error "AC_ROUTE_RECORD definition mismatch" |
|
|
753 #endif |
|
|
754 0, /* Vendor */ |
|
|
755 "Route-Record", /* Name */ |
|
|
756 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
757 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
758 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
759 }; |
|
|
760 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
761 } |
|
|
762 |
|
|
763 /* Proxy-Host */ |
|
|
764 { |
|
|
765 /* |
|
|
766 The Proxy-Host AVP (AVP Code 280) is of type DiameterIdentity. This |
|
|
767 AVP contains the identity of the host that added the Proxy-Info AVP. |
|
|
768 */ |
|
|
769 struct dict_avp_data adata = { |
|
|
770 280, /* Code */ |
|
|
771 #if AC_PROXY_HOST != 280 |
|
|
772 #error "AC_PROXY_HOST definition mismatch" |
|
|
773 #endif |
|
|
774 0, /* Vendor */ |
|
|
775 "Proxy-Host", /* Name */ |
|
|
776 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
777 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
778 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
779 }; |
|
|
780 CHECK_dict_new( DICT_AVP, &adata , DiameterIdentity_type, NULL); |
|
|
781 } |
|
|
782 |
|
|
783 /* Proxy-State */ |
|
|
784 { |
|
|
785 /* |
|
|
786 The Proxy-State AVP (AVP Code 33) is of type OctetString, and |
|
|
787 contains state local information, and MUST be treated as opaque data. |
|
|
788 */ |
|
|
789 struct dict_avp_data adata = { |
|
|
790 33, /* Code */ |
|
|
791 #if AC_PROXY_STATE != 33 |
|
|
792 #error "AC_PROXY_STATE definition mismatch" |
|
|
793 #endif |
|
|
794 0, /* Vendor */ |
|
|
795 "Proxy-State", /* Name */ |
|
|
796 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
797 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
798 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
799 }; |
|
|
800 CHECK_dict_new( DICT_AVP, &adata , NULL, NULL); |
|
|
801 } |
|
|
802 |
|
|
803 /* Proxy-Info */ |
|
|
804 { |
|
|
805 /* |
|
|
806 The Proxy-Info AVP (AVP Code 284) is of type Grouped. The Grouped |
|
|
807 Data field has the following ABNF grammar: |
|
|
808 |
|
|
809 Proxy-Info ::= < AVP Header: 284 > |
|
|
810 { Proxy-Host } |
|
|
811 { Proxy-State } |
|
|
812 * [ AVP ] |
|
|
813 */ |
|
|
814 struct dict_object * avp; |
|
|
815 struct dict_avp_data data = { |
|
|
816 284, /* Code */ |
|
|
817 #if AC_PROXY_INFO != 284 |
|
|
818 #error "AC_PROXY_INFO definition mismatch" |
|
|
819 #endif |
|
|
820 0, /* Vendor */ |
|
|
821 "Proxy-Info", /* Name */ |
|
|
822 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
823 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
824 AVP_TYPE_GROUPED /* base type of data */ |
|
|
825 }; |
|
|
826 struct local_rules_definition rules[] = |
|
|
827 { { "Proxy-Host", RULE_REQUIRED, -1, 1 } |
|
|
828 ,{ "Proxy-State", RULE_REQUIRED, -1, 1 } |
|
|
829 }; |
|
|
830 |
|
|
831 CHECK_dict_new( DICT_AVP, &data , NULL, &avp); |
|
|
832 PARSE_loc_rules( rules, avp ); |
|
|
833 } |
|
|
834 |
|
|
835 /* Auth-Application-Id */ |
|
|
836 { |
|
|
837 /* |
|
|
838 The Auth-Application-Id AVP (AVP Code 258) is of type Unsigned32 and |
|
|
839 is used in order to advertise support of the Authentication and |
|
|
840 Authorization portion of an application (see Section 2.4). If |
|
|
841 present in a message other than CER and CEA, the value of the Auth- |
|
|
842 Application-Id AVP MUST match the Application Id present in the |
|
|
843 Diameter message header. |
|
|
844 */ |
|
|
845 struct dict_avp_data data = { |
|
|
846 258, /* Code */ |
|
|
847 #if AC_AUTH_APPLICATION_ID != 258 |
|
|
848 #error "AC_AUTH_APPLICATION_ID definition mismatch" |
|
|
849 #endif |
|
|
850 0, /* Vendor */ |
|
|
851 "Auth-Application-Id", /* Name */ |
|
|
852 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
853 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
854 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
855 }; |
|
|
856 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
857 } |
|
|
858 |
|
|
859 /* Acct-Application-Id */ |
|
|
860 { |
|
|
861 /* |
|
|
862 The Acct-Application-Id AVP (AVP Code 259) is of type Unsigned32 and |
|
|
863 is used in order to advertise support of the Accounting portion of an |
|
|
864 application (see Section 2.4). If present in a message other than |
|
|
865 CER and CEA, the value of the Acct-Application-Id AVP MUST match the |
|
|
866 Application Id present in the Diameter message header. |
|
|
867 */ |
|
|
868 struct dict_avp_data data = { |
|
|
869 259, /* Code */ |
|
|
870 #if AC_ACCT_APPLICATION_ID != 259 |
|
|
871 #error "AC_ACCT_APPLICATION_ID definition mismatch" |
|
|
872 #endif |
|
|
873 0, /* Vendor */ |
|
|
874 "Acct-Application-Id", /* Name */ |
|
|
875 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
876 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
877 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
878 }; |
|
|
879 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
880 } |
|
|
881 |
|
|
882 /* Inband-Security-Id */ |
|
|
883 { |
|
|
884 /* |
|
|
885 The Inband-Security-Id AVP (AVP Code 299) is of type Unsigned32 and |
|
|
886 is used in order to advertise support of the Security portion of the |
|
|
887 application. |
|
|
888 |
|
|
889 Currently, the following values are supported, but there is ample |
|
|
890 room to add new security Ids. |
|
|
891 |
|
|
892 |
|
|
893 NO_INBAND_SECURITY 0 |
|
|
894 |
|
|
895 This peer does not support TLS. This is the default value, if the |
|
|
896 AVP is omitted. |
|
|
897 |
|
|
898 TLS 1 |
|
|
899 |
|
|
900 This node supports TLS security, as defined by [RFC4346]. |
|
|
901 */ |
|
|
902 |
|
|
903 /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
|
|
904 * This is the reason for the "*" in the type name |
|
|
905 */ |
|
|
906 |
|
|
907 struct dict_object * type; |
|
|
908 struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated*(Inband-Security-Id)" , NULL, NULL}; |
|
|
909 struct dict_enumval_data t_0 = { "NO_INBAND_SECURITY", { .u32 = 0 }}; |
|
|
910 struct dict_enumval_data t_1 = { "TLS", { .u32 = 1 }}; |
|
|
911 struct dict_avp_data data = { |
|
|
912 299, /* Code */ |
|
|
913 #if AC_INBAND_SECURITY_ID != 299 |
|
|
914 #error "AC_INBAND_SECURITY_ID definition mismatch" |
|
|
915 #endif |
|
|
916 0, /* Vendor */ |
|
|
917 "Inband-Security-Id", /* Name */ |
|
|
918 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
919 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
920 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
921 }; |
|
|
922 /* Create the Enumerated type, and then the AVP */ |
|
|
923 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
924 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
925 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
926 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
927 } |
|
|
928 |
|
|
929 /* Vendor-Specific-Application-Id */ |
|
|
930 { |
|
|
931 /* |
|
|
932 The Vendor-Specific-Application-Id AVP (AVP Code 260) is of type |
|
|
933 Grouped and is used to advertise support of a vendor-specific |
|
|
934 Diameter Application. Exactly one instance of either Auth- |
|
|
935 Application-Id or Acct-Application-Id AVP MUST be present. The |
|
|
936 Application Id carried by either Auth-Application-Id or Acct- |
|
|
937 Application-Id AVP MUST comply with vendor specific Application Id |
|
|
938 assignment described in Sec 11.3. It MUST also match the Application |
|
|
939 Id present in the diameter header except when used in a CER or CEA |
|
|
940 messages. |
|
|
941 |
|
|
942 The Vendor-Id AVP is an informational AVP pertaining to the vendor |
|
|
943 who may have authorship of the vendor-specific Diameter application. |
|
|
944 It MUST NOT be used as a means of defining a completely separate |
|
|
945 vendor-specific Application Id space. |
|
|
946 |
|
|
947 This AVP MUST also be present as the first AVP in all experimental |
|
|
948 commands defined in the vendor-specific application. |
|
|
949 |
|
|
950 This AVP SHOULD be placed as close to the Diameter header as |
|
|
951 possible. |
|
|
952 |
|
|
953 AVP Format |
|
|
954 |
|
|
955 <Vendor-Specific-Application-Id> ::= < AVP Header: 260 > |
|
|
956 { Vendor-Id } |
|
|
957 [ Auth-Application-Id ] |
|
|
958 [ Acct-Application-Id ] |
|
|
959 |
|
|
960 A Vendor-Specific-Application-Id AVP MUST contain exactly one of |
|
|
961 either Auth-Application-Id or Acct-Application-Id. If a Vendor- |
|
|
962 Specific-Application-Id is received without any of these two AVPs, |
|
|
963 then the recipient SHOULD issue an answer with a Result-Code set to |
|
|
964 DIAMETER_MISSING_AVP. The answer SHOULD also include a Failed-AVP |
|
|
965 which MUST contain an example of an Auth-Application-Id AVP and an |
|
|
966 Acct-Application-Id AVP. |
|
|
967 |
|
|
968 If a Vendor-Specific-Application-Id is received that contains both |
|
|
969 Auth-Application-Id and Acct-Application-Id, then the recipient |
|
|
970 SHOULD issue an answer with Result-Code set to |
|
|
971 DIAMETER_AVP_OCCURS_TOO_MANY_TIMES. The answer SHOULD also include a |
|
|
972 Failed-AVP which MUST contain the received Auth-Application-Id AVP |
|
|
973 and Acct-Application-Id AVP. |
|
|
974 */ |
|
|
975 struct dict_object * avp; |
|
|
976 struct dict_avp_data data = { |
|
|
977 260, /* Code */ |
|
|
978 #if AC_VENDOR_SPECIFIC_APPLICATION_ID != 260 |
|
|
979 #error "AC_VENDOR_SPECIFIC_APPLICATION_ID definition mismatch" |
|
|
980 #endif |
|
|
981 0, /* Vendor */ |
|
|
982 "Vendor-Specific-Application-Id", /* Name */ |
|
|
983 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
984 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
985 AVP_TYPE_GROUPED /* base type of data */ |
|
|
986 }; |
|
|
987 |
|
|
988 struct local_rules_definition rules[] = |
|
|
989 { { "Vendor-Id", RULE_REQUIRED, -1, 1 } |
|
|
990 ,{ "Auth-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
991 ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
992 }; |
|
|
993 |
|
|
994 /* Create the grouped AVP */ |
|
|
995 CHECK_dict_new( DICT_AVP, &data , NULL, &avp); |
|
|
996 PARSE_loc_rules( rules, avp ); |
|
|
997 |
|
|
998 } |
|
|
999 |
|
|
1000 /* Redirect-Host */ |
|
|
1001 { |
|
|
1002 /* |
|
|
1003 One or more of instances of this AVP MUST be present if the answer |
|
|
1004 message's 'E' bit is set and the Result-Code AVP is set to |
|
|
1005 DIAMETER_REDIRECT_INDICATION. |
|
|
1006 |
|
|
1007 Upon receiving the above, the receiving Diameter node SHOULD forward |
|
|
1008 the request directly to one of the hosts identified in these AVPs. |
|
|
1009 The server contained in the selected Redirect-Host AVP SHOULD be used |
|
|
1010 for all messages pertaining to this session. |
|
|
1011 */ |
|
|
1012 struct dict_avp_data data = { |
|
|
1013 292, /* Code */ |
|
|
1014 #if AC_REDIRECT_HOST != 292 |
|
|
1015 #error "AC_REDIRECT_HOST definition mismatch" |
|
|
1016 #endif |
|
|
1017 0, /* Vendor */ |
|
|
1018 "Redirect-Host", /* Name */ |
|
|
1019 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1020 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1021 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
1022 }; |
|
|
1023 CHECK_dict_new( DICT_AVP, &data , DiameterURI_type, NULL); |
|
|
1024 } |
|
|
1025 |
|
|
1026 /* Redirect-Host-Usage */ |
|
|
1027 { |
|
|
1028 /* |
|
|
1029 The Redirect-Host-Usage AVP (AVP Code 261) is of type Enumerated. |
|
|
1030 This AVP MAY be present in answer messages whose 'E' bit is set and |
|
|
1031 the Result-Code AVP is set to DIAMETER_REDIRECT_INDICATION. |
|
|
1032 |
|
|
1033 When present, this AVP dictates how the routing entry resulting from |
|
|
1034 the Redirect-Host is to be used. The following values are supported: |
|
|
1035 |
|
|
1036 |
|
|
1037 DONT_CACHE 0 |
|
|
1038 |
|
|
1039 The host specified in the Redirect-Host AVP should not be cached. |
|
|
1040 This is the default value. |
|
|
1041 |
|
|
1042 |
|
|
1043 ALL_SESSION 1 |
|
|
1044 |
|
|
1045 All messages within the same session, as defined by the same value |
|
|
1046 of the Session-ID AVP MAY be sent to the host specified in the |
|
|
1047 Redirect-Host AVP. |
|
|
1048 |
|
|
1049 |
|
|
1050 ALL_REALM 2 |
|
|
1051 |
|
|
1052 All messages destined for the realm requested MAY be sent to the |
|
|
1053 host specified in the Redirect-Host AVP. |
|
|
1054 |
|
|
1055 |
|
|
1056 REALM_AND_APPLICATION 3 |
|
|
1057 |
|
|
1058 All messages for the application requested to the realm specified |
|
|
1059 MAY be sent to the host specified in the Redirect-Host AVP. |
|
|
1060 |
|
|
1061 ALL_APPLICATION 4 |
|
|
1062 |
|
|
1063 All messages for the application requested MAY be sent to the host |
|
|
1064 specified in the Redirect-Host AVP. |
|
|
1065 |
|
|
1066 |
|
|
1067 ALL_HOST 5 |
|
|
1068 |
|
|
1069 All messages that would be sent to the host that generated the |
|
|
1070 Redirect-Host MAY be sent to the host specified in the Redirect- |
|
|
1071 Host AVP. |
|
|
1072 |
|
|
1073 |
|
|
1074 ALL_USER 6 |
|
|
1075 |
|
|
1076 All messages for the user requested MAY be sent to the host |
|
|
1077 specified in the Redirect-Host AVP. |
|
|
1078 |
|
|
1079 |
|
|
1080 When multiple cached routes are created by redirect indications and |
|
|
1081 they differ only in redirect usage and peers to forward requests to |
|
|
1082 (see Section 6.1.8), a precedence rule MUST be applied to the |
|
|
1083 redirect usage values of the cached routes during normal routing to |
|
|
1084 resolve contentions that may occur. The precedence rule is the order |
|
|
1085 that dictate which redirect usage should be considered before any |
|
|
1086 other as they appear. The order is as follows: |
|
|
1087 |
|
|
1088 |
|
|
1089 1. ALL_SESSION |
|
|
1090 |
|
|
1091 2. ALL_USER |
|
|
1092 |
|
|
1093 3. REALM_AND_APPLICATION |
|
|
1094 |
|
|
1095 4. ALL_REALM |
|
|
1096 |
|
|
1097 5. ALL_APPLICATION |
|
|
1098 |
|
|
1099 6. ALL_HOST |
|
|
1100 */ |
|
|
1101 struct dict_object * type; |
|
|
1102 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Redirect-Host-Usage)" , NULL, NULL}; |
|
|
1103 struct dict_enumval_data t_0 = { "DONT_CACHE", { .i32 = 0 }}; |
|
|
1104 struct dict_enumval_data t_1 = { "ALL_SESSION", { .i32 = 1 }}; |
|
|
1105 struct dict_enumval_data t_2 = { "ALL_REALM", { .i32 = 2 }}; |
|
|
1106 struct dict_enumval_data t_3 = { "REALM_AND_APPLICATION", { .i32 = 3 }}; |
|
|
1107 struct dict_enumval_data t_4 = { "ALL_APPLICATION", { .i32 = 4 }}; |
|
|
1108 struct dict_enumval_data t_5 = { "ALL_HOST", { .i32 = 5 }}; |
|
|
1109 struct dict_enumval_data t_6 = { "ALL_USER", { .i32 = 6 }}; |
|
|
1110 struct dict_avp_data data = { |
|
|
1111 261, /* Code */ |
|
|
1112 #if AC_REDIRECT_HOST_USAGE != 261 |
|
|
1113 #error "AC_REDIRECT_HOST_USAGE definition mismatch" |
|
|
1114 #endif |
|
|
1115 0, /* Vendor */ |
|
|
1116 "Redirect-Host-Usage", /* Name */ |
|
|
1117 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1118 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1119 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
1120 }; |
|
|
1121 /* Create the Enumerated type, and then the AVP */ |
|
|
1122 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1123 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
1124 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
1125 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
1126 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
1127 CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
|
|
1128 CHECK_dict_new( DICT_ENUMVAL, &t_5 , type, NULL); |
|
|
1129 CHECK_dict_new( DICT_ENUMVAL, &t_6 , type, NULL); |
|
|
1130 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1131 } |
|
|
1132 |
|
|
1133 /* Redirect-Max-Cache-Time */ |
|
|
1134 { |
|
|
1135 /* |
|
|
1136 The Redirect-Max-Cache-Time AVP (AVP Code 262) is of type Unsigned32. |
|
|
1137 This AVP MUST be present in answer messages whose 'E' bit is set, the |
|
|
1138 Result-Code AVP is set to DIAMETER_REDIRECT_INDICATION and the |
|
|
1139 Redirect-Host-Usage AVP set to a non-zero value. |
|
|
1140 |
|
|
1141 This AVP contains the maximum number of seconds the peer and route |
|
|
1142 table entries, created as a result of the Redirect-Host, will be |
|
|
1143 cached. Note that once a host created due to a redirect indication |
|
|
1144 is no longer reachable, any associated peer and routing table entries |
|
|
1145 MUST be deleted. |
|
|
1146 */ |
|
|
1147 struct dict_avp_data data = { |
|
|
1148 262, /* Code */ |
|
|
1149 #if AC_REDIRECT_MAX_CACHE_TIME != 262 |
|
|
1150 #error "AC_REDIRECT_MAX_CACHE_TIME definition mismatch" |
|
|
1151 #endif |
|
|
1152 0, /* Vendor */ |
|
|
1153 "Redirect-Max-Cache-Time", /* Name */ |
|
|
1154 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1155 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1156 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
1157 }; |
|
|
1158 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
1159 } |
|
|
1160 |
|
|
1161 /* Result-Code */ |
|
|
1162 { |
|
|
1163 /* |
|
|
1164 The Result-Code AVP (AVP Code 268) is of type Unsigned32 and |
|
|
1165 indicates whether a particular request was completed successfully or |
|
|
1166 whether an error occurred. All Diameter answer messages defined in |
|
|
1167 IETF applications MUST include one Result-Code AVP. A non-successful |
|
|
1168 Result-Code AVP (one containing a non 2xxx value other than |
|
|
1169 DIAMETER_REDIRECT_INDICATION) MUST include the Error-Reporting-Host |
|
|
1170 AVP if the host setting the Result-Code AVP is different from the |
|
|
1171 identity encoded in the Origin-Host AVP. |
|
|
1172 |
|
|
1173 The Result-Code data field contains an IANA-managed 32-bit address |
|
|
1174 space representing errors (see Section 11.4). Diameter provides the |
|
|
1175 following classes of errors, all identified by the thousands digit in |
|
|
1176 the decimal notation: |
|
|
1177 |
|
|
1178 o 1xxx (Informational) |
|
|
1179 |
|
|
1180 o 2xxx (Success) |
|
|
1181 |
|
|
1182 o 3xxx (Protocol Errors) |
|
|
1183 |
|
|
1184 o 4xxx (Transient Failures) |
|
|
1185 |
|
|
1186 o 5xxx (Permanent Failure) |
|
|
1187 |
|
|
1188 A non-recognized class (one whose first digit is not defined in this |
|
|
1189 section) MUST be handled as a permanent failure. |
|
|
1190 */ |
|
|
1191 |
|
|
1192 /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
|
|
1193 * This is the reason for the "*" in the type name |
|
|
1194 */ |
|
|
1195 struct dict_object * type; |
|
|
1196 struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated*(Result-Code)" , NULL, NULL}; |
|
|
1197 struct dict_avp_data data = { |
|
|
1198 268, /* Code */ |
|
|
1199 #if AC_RESULT_CODE != 268 |
|
|
1200 #error "AC_RESULT_CODE definition mismatch" |
|
|
1201 #endif |
|
|
1202 0, /* Vendor */ |
|
|
1203 "Result-Code", /* Name */ |
|
|
1204 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1205 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1206 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
1207 }; |
|
|
1208 /* Create the Enumerated type, and then the AVP */ |
|
|
1209 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1210 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1211 |
|
|
1212 /* Informational */ |
|
|
1213 { |
|
|
1214 /* 1001 */ |
|
|
1215 { |
|
|
1216 /* |
|
|
1217 This informational error is returned by a Diameter server to |
|
|
1218 inform the access device that the authentication mechanism being |
|
|
1219 used requires multiple round trips, and a subsequent request needs |
|
|
1220 to be issued in order for access to be granted. |
|
|
1221 */ |
|
|
1222 struct dict_enumval_data error_code = { "DIAMETER_MULTI_ROUND_AUTH", { .u32 = 1001 }}; |
|
|
1223 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1224 } |
|
|
1225 } |
|
|
1226 /* Success */ |
|
|
1227 { |
|
|
1228 /* 2001 */ |
|
|
1229 { |
|
|
1230 /* |
|
|
1231 The Request was successfully completed. |
|
|
1232 */ |
|
|
1233 struct dict_enumval_data error_code = { "DIAMETER_SUCCESS", { .u32 = 2001 }}; |
|
|
1234 #if ER_DIAMETER_SUCCESS != 2001 |
|
|
1235 #error "ER_DIAMETER_SUCCESS definition mismatch" |
|
|
1236 #endif |
|
|
1237 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1238 } |
|
|
1239 /* 2002 */ |
|
|
1240 { |
|
|
1241 /* |
|
|
1242 When returned, the request was successfully completed, but |
|
|
1243 additional processing is required by the application in order to |
|
|
1244 provide service to the user. |
|
|
1245 */ |
|
|
1246 struct dict_enumval_data error_code = { "DIAMETER_LIMITED_SUCCESS", { .u32 = 2002 }}; |
|
|
1247 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1248 } |
|
|
1249 } |
|
|
1250 /* Protocol Errors */ |
|
|
1251 { |
|
|
1252 /* 3002 */ |
|
|
1253 { |
|
|
1254 /* |
|
|
1255 This error is given when Diameter can not deliver the message to |
|
|
1256 the destination, either because no host within the realm |
|
|
1257 supporting the required application was available to process the |
|
|
1258 request, or because Destination-Host AVP was given without the |
|
|
1259 associated Destination-Realm AVP. |
|
|
1260 */ |
|
|
1261 struct dict_enumval_data error_code = { "DIAMETER_UNABLE_TO_DELIVER", { .u32 = 3002 }}; |
|
|
1262 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1263 } |
|
|
1264 /* 3003 */ |
|
|
1265 { |
|
|
1266 /* |
|
|
1267 The intended realm of the request is not recognized. |
|
|
1268 */ |
|
|
1269 struct dict_enumval_data error_code = { "DIAMETER_REALM_NOT_SERVED", { .u32 = 3003 }}; |
|
|
1270 #if ER_DIAMETER_REALM_NOT_SERVED != 3003 |
|
|
1271 #error "ER_DIAMETER_REALM_NOT_SERVED definition mismatch" |
|
|
1272 #endif |
|
|
1273 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1274 } |
|
|
1275 /* 3004 */ |
|
|
1276 { |
|
|
1277 /* |
|
|
1278 When returned, a Diameter node SHOULD attempt to send the message |
|
|
1279 to an alternate peer. This error MUST only be used when a |
|
|
1280 specific server is requested, and it cannot provide the requested |
|
|
1281 service. |
|
|
1282 */ |
|
|
1283 struct dict_enumval_data error_code = { "DIAMETER_TOO_BUSY", { .u32 = 3004 }}; |
|
|
1284 #if ER_DIAMETER_TOO_BUSY != 3004 |
|
|
1285 #error "ER_DIAMETER_TOO_BUSY definition mismatch" |
|
|
1286 #endif |
|
|
1287 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1288 } |
|
|
1289 /* 3005 */ |
|
|
1290 { |
|
|
1291 /* |
|
|
1292 An agent detected a loop while trying to get the message to the |
|
|
1293 intended recipient. The message MAY be sent to an alternate peer, |
|
|
1294 if one is available, but the peer reporting the error has |
|
|
1295 identified a configuration problem. |
|
|
1296 */ |
|
|
1297 struct dict_enumval_data error_code = { "DIAMETER_LOOP_DETECTED", { .u32 = 3005 }}; |
|
|
1298 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1299 } |
|
|
1300 /* 3006 */ |
|
|
1301 { |
|
|
1302 /* |
|
|
1303 A redirect agent has determined that the request could not be |
|
|
1304 satisfied locally and the initiator of the request should direct |
|
|
1305 the request directly to the server, whose contact information has |
|
|
1306 been added to the response. When set, the Redirect-Host AVP MUST |
|
|
1307 be present. |
|
|
1308 */ |
|
|
1309 struct dict_enumval_data error_code = { "DIAMETER_REDIRECT_INDICATION", { .u32 = 3006 }}; |
|
|
1310 #if ER_DIAMETER_REDIRECT_INDICATION != 3006 |
|
|
1311 #error "ER_DIAMETER_REDIRECT_INDICATION definition mismatch" |
|
|
1312 #endif |
|
|
1313 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1314 } |
|
|
1315 /* 3007 */ |
|
|
1316 { |
|
|
1317 /* |
|
|
1318 A request was sent for an application that is not supported. |
|
|
1319 */ |
|
|
1320 struct dict_enumval_data error_code = { "DIAMETER_APPLICATION_UNSUPPORTED", { .u32 = 3007 }}; |
|
|
1321 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1322 } |
|
|
1323 /* 3011 */ |
|
|
1324 { |
|
|
1325 /* |
|
|
1326 This error is returned when a reserved bit in the Diameter header |
|
|
1327 is set to one (1) or the bits in the Diameter header defined in |
|
|
1328 Sec 3 are set incorrectly. |
|
|
1329 */ |
|
|
1330 struct dict_enumval_data error_code = { "DIAMETER_INVALID_BIT_IN_HEADER", { .u32 = 3011 }}; |
|
|
1331 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1332 } |
|
|
1333 /* 3012 */ |
|
|
1334 { |
|
|
1335 /* |
|
|
1336 This error is returned when a request is received with an invalid |
|
|
1337 message length. |
|
|
1338 */ |
|
|
1339 struct dict_enumval_data error_code = { "DIAMETER_INVALID_MESSAGE_LENGTH", { .u32 = 3012 }}; |
|
|
1340 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1341 } |
|
|
1342 } |
|
|
1343 /* Transient Failures */ |
|
|
1344 { |
|
|
1345 /* 4001 */ |
|
|
1346 { |
|
|
1347 /* |
|
|
1348 The authentication process for the user failed, most likely due to |
|
|
1349 an invalid password used by the user. Further attempts MUST only |
|
|
1350 be tried after prompting the user for a new password. |
|
|
1351 */ |
|
|
1352 struct dict_enumval_data error_code = { "DIAMETER_AUTHENTICATION_REJECTED", { .u32 = 4001 }}; |
|
|
1353 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1354 } |
|
|
1355 /* 4002 */ |
|
|
1356 { |
|
|
1357 /* |
|
|
1358 A Diameter node received the accounting request but was unable to |
|
|
1359 commit it to stable storage due to a temporary lack of space. |
|
|
1360 */ |
|
|
1361 struct dict_enumval_data error_code = { "DIAMETER_OUT_OF_SPACE", { .u32 = 4002 }}; |
|
|
1362 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1363 } |
|
|
1364 /* 4003 */ |
|
|
1365 { |
|
|
1366 /* |
|
|
1367 The peer has determined that it has lost the election process and |
|
|
1368 has therefore disconnected the transport connection. |
|
|
1369 */ |
|
|
1370 struct dict_enumval_data error_code = { "ELECTION_LOST", { .u32 = 4003 }}; |
|
|
1371 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1372 } |
|
|
1373 } |
|
|
1374 /* Permanent Failures */ |
|
|
1375 { |
|
|
1376 /* 5001 */ |
|
|
1377 { |
|
|
1378 /* |
|
|
1379 The peer received a message that contained an AVP that is not |
|
|
1380 recognized or supported and was marked with the Mandatory bit. A |
|
|
1381 Diameter message with this error MUST contain one or more Failed- |
|
|
1382 AVP AVP containing the AVPs that caused the failure. |
|
|
1383 */ |
|
|
1384 struct dict_enumval_data error_code = { "DIAMETER_AVP_UNSUPPORTED", { .u32 = 5001 }}; |
|
|
1385 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1386 } |
|
|
1387 /* 5002 */ |
|
|
1388 { |
|
|
1389 /* |
|
|
1390 The request contained an unknown Session-Id. |
|
|
1391 */ |
|
|
1392 struct dict_enumval_data error_code = { "DIAMETER_UNKNOWN_SESSION_ID", { .u32 = 5002 }}; |
|
|
1393 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1394 } |
|
|
1395 /* 5003 */ |
|
|
1396 { |
|
|
1397 /* |
|
|
1398 A request was received for which the user could not be authorized. |
|
|
1399 This error could occur if the service requested is not permitted |
|
|
1400 to the user. |
|
|
1401 */ |
|
|
1402 struct dict_enumval_data error_code = { "DIAMETER_AUTHORIZATION_REJECTED",{ .u32 = 5003 }}; |
|
|
1403 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1404 } |
|
|
1405 /* 5004 */ |
|
|
1406 { |
|
|
1407 /* |
|
|
1408 The request contained an AVP with an invalid value in its data |
|
|
1409 portion. A Diameter message indicating this error MUST include |
|
|
1410 the offending AVPs within a Failed-AVP AVP. |
|
|
1411 */ |
|
|
1412 struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_VALUE", { .u32 = 5004 }}; |
|
|
1413 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1414 } |
|
|
1415 /* 5005 */ |
|
|
1416 { |
|
|
1417 /* |
|
|
1418 The request did not contain an AVP that is required by the Command |
|
|
1419 Code definition. If this value is sent in the Result-Code AVP, a |
|
|
1420 Failed-AVP AVP SHOULD be included in the message. The Failed-AVP |
|
|
1421 AVP MUST contain an example of the missing AVP complete with the |
|
|
1422 Vendor-Id if applicable. The value field of the missing AVP |
|
|
1423 should be of correct minimum length and contain zeroes. |
|
|
1424 */ |
|
|
1425 struct dict_enumval_data error_code = { "DIAMETER_MISSING_AVP", { .u32 = 5005 }}; |
|
|
1426 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1427 } |
|
|
1428 /* 5006 */ |
|
|
1429 { |
|
|
1430 /* |
|
|
1431 A request was received that cannot be authorized because the user |
|
|
1432 has already expended allowed resources. An example of this error |
|
|
1433 condition is a user that is restricted to one dial-up PPP port, |
|
|
1434 attempts to establish a second PPP connection. |
|
|
1435 */ |
|
|
1436 struct dict_enumval_data error_code = { "DIAMETER_RESOURCES_EXCEEDED", { .u32 = 5006 }}; |
|
|
1437 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1438 } |
|
|
1439 /* 5007 */ |
|
|
1440 { |
|
|
1441 /* |
|
|
1442 The Home Diameter server has detected AVPs in the request that |
|
|
1443 contradicted each other, and is not willing to provide service to |
|
|
1444 the user. The Failed-AVP AVPs MUST be present which contains the |
|
|
1445 AVPs that contradicted each other. |
|
|
1446 */ |
|
|
1447 struct dict_enumval_data error_code = { "DIAMETER_CONTRADICTING_AVPS", { .u32 = 5007 }}; |
|
|
1448 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1449 } |
|
|
1450 /* 5008 */ |
|
|
1451 { |
|
|
1452 /* |
|
|
1453 A message was received with an AVP that MUST NOT be present. The |
|
|
1454 Failed-AVP AVP MUST be included and contain a copy of the |
|
|
1455 offending AVP. |
|
|
1456 */ |
|
|
1457 struct dict_enumval_data error_code = { "DIAMETER_AVP_NOT_ALLOWED", { .u32 = 5008 }}; |
|
|
1458 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1459 } |
|
|
1460 /* 5009 */ |
|
|
1461 { |
|
|
1462 /* |
|
|
1463 A message was received that included an AVP that appeared more |
|
|
1464 often than permitted in the message definition. The Failed-AVP |
|
|
1465 AVP MUST be included and contain a copy of the first instance of |
|
|
1466 the offending AVP that exceeded the maximum number of occurrences |
|
|
1467 */ |
|
|
1468 struct dict_enumval_data error_code = { "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES",{ .u32 = 5009 }}; |
|
|
1469 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1470 } |
|
|
1471 /* 5010 */ |
|
|
1472 { |
|
|
1473 /* |
|
|
1474 This error is returned by a Diameter node that is not acting as a |
|
|
1475 relay when it receives a CER which advertises a set of |
|
|
1476 applications that it does not support. |
|
|
1477 */ |
|
|
1478 struct dict_enumval_data error_code = { "DIAMETER_NO_COMMON_APPLICATION",{ .u32 = 5010 }}; |
|
|
1479 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1480 } |
|
|
1481 /* 5011 */ |
|
|
1482 { |
|
|
1483 /* |
|
|
1484 This error is returned when a request was received, whose version |
|
|
1485 number is unsupported. |
|
|
1486 */ |
|
|
1487 struct dict_enumval_data error_code = { "DIAMETER_UNSUPPORTED_VERSION", { .u32 = 5011 }}; |
|
|
1488 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1489 } |
|
|
1490 /* 5012 */ |
|
|
1491 { |
|
|
1492 /* |
|
|
1493 This error is returned when a request is rejected for unspecified |
|
|
1494 reasons. |
|
|
1495 */ |
|
|
1496 struct dict_enumval_data error_code = { "DIAMETER_UNABLE_TO_COMPLY", { .u32 = 5012 }}; |
|
|
1497 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1498 } |
|
|
1499 /* 5014 */ |
|
|
1500 { |
|
|
1501 /* |
|
|
1502 The request contained an AVP with an invalid length. A Diameter |
|
|
1503 message indicating this error MUST include the offending AVPs |
|
|
1504 within a Failed-AVP AVP. In cases where the erroneous avp length |
|
|
1505 value exceeds the message length or is less than the minimum AVP |
|
|
1506 header length, it is sufficient to include the offending AVP |
|
|
1507 header and a zero filled payload of the minimum required length |
|
|
1508 for the payloads data type. If the AVP is a grouped AVP, the |
|
|
1509 grouped AVP header with an empty payload would be sufficient to |
|
|
1510 indicate the offending AVP. In the case where the offending AVP |
|
|
1511 header cannot be fully decoded when avp length is less than the |
|
|
1512 minimum AVP header length, it is sufficient to include an |
|
|
1513 offending AVP header that is formulated by padding the incomplete |
|
|
1514 AVP header with zero up to the minimum AVP header length. |
|
|
1515 */ |
|
|
1516 struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_LENGTH", { .u32 = 5014 }}; |
|
|
1517 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1518 } |
|
|
1519 /* 5017 */ |
|
|
1520 { |
|
|
1521 /* |
|
|
1522 This error is returned when a CER message is received, and there |
|
|
1523 are no common security mechanisms supported between the peers. A |
|
|
1524 Capabilities-Exchange-Answer (CEA) MUST be returned with the |
|
|
1525 Result-Code AVP set to DIAMETER_NO_COMMON_SECURITY. |
|
|
1526 */ |
|
|
1527 struct dict_enumval_data error_code = { "DIAMETER_NO_COMMON_SECURITY", { .u32 = 5017 }}; |
|
|
1528 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1529 } |
|
|
1530 /* 5018 */ |
|
|
1531 { |
|
|
1532 /* |
|
|
1533 A CER was received from an unknown peer. |
|
|
1534 */ |
|
|
1535 struct dict_enumval_data error_code = { "DIAMETER_UNKNOWN_PEER", { .u32 = 5018 }}; |
|
|
1536 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1537 } |
|
|
1538 /* 5019 */ |
|
|
1539 { |
|
|
1540 /* |
|
|
1541 The Request contained a Command-Code that the receiver did not |
|
|
1542 recognize or support. This MUST be used when a Diameter node |
|
|
1543 receives an experimental command that it does not understand. |
|
|
1544 */ |
|
|
1545 struct dict_enumval_data error_code = { "DIAMETER_COMMAND_UNSUPPORTED", { .u32 = 5019 }}; |
|
|
1546 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1547 } |
|
|
1548 /* 5020 */ |
|
|
1549 { |
|
|
1550 /* |
|
|
1551 A request was received whose bits in the Diameter header were |
|
|
1552 either set to an invalid combination, or to a value that is |
|
|
1553 inconsistent with the command code's definition. |
|
|
1554 */ |
|
|
1555 struct dict_enumval_data error_code = { "DIAMETER_INVALID_HDR_BITS", { .u32 = 5020 }}; |
|
|
1556 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1557 } |
|
|
1558 /* 5021 */ |
|
|
1559 { |
|
|
1560 /* |
|
|
1561 A request was received that included an AVP whose flag bits are |
|
|
1562 set to an unrecognized value, or that is inconsistent with the |
|
|
1563 AVP's definition. |
|
|
1564 */ |
|
|
1565 struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_BITS", { .u32 = 5021 }}; |
|
|
1566 CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
|
|
1567 } |
|
|
1568 } |
|
|
1569 } |
|
|
1570 |
|
|
1571 /* Error-Message */ |
|
|
1572 { |
|
|
1573 /* |
|
|
1574 The Error-Message AVP (AVP Code 281) is of type UTF8String. It MAY |
|
|
1575 accompany a Result-Code AVP as a human readable error message. The |
|
|
1576 Error-Message AVP is not intended to be useful in real-time, and |
|
|
1577 SHOULD NOT be expected to be parsed by network entities. |
|
|
1578 */ |
|
|
1579 struct dict_avp_data data = { |
|
|
1580 281, /* Code */ |
|
|
1581 #if AC_ERROR_MESSAGE != 281 |
|
|
1582 #error "AC_ERROR_MESSAGE definition mismatch" |
|
|
1583 #endif |
|
|
1584 0, /* Vendor */ |
|
|
1585 "Error-Message", /* Name */ |
|
|
1586 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1587 0, /* Fixed flag values */ |
|
|
1588 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
1589 }; |
|
|
1590 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
|
|
1591 } |
|
|
1592 |
|
|
1593 /* Error-Reporting-Host */ |
|
|
1594 { |
|
|
1595 /* |
|
|
1596 The Error-Reporting-Host AVP (AVP Code 294) is of type |
|
|
1597 DiameterIdentity. This AVP contains the identity of the Diameter |
|
|
1598 host that sent the Result-Code AVP to a value other than 2001 |
|
|
1599 (Success), only if the host setting the Result-Code is different from |
|
|
1600 the one encoded in the Origin-Host AVP. This AVP is intended to be |
|
|
1601 used for troubleshooting purposes, and MUST be set when the Result- |
|
|
1602 Code AVP indicates a failure. |
|
|
1603 */ |
|
|
1604 struct dict_avp_data data = { |
|
|
1605 294, /* Code */ |
|
|
1606 #if AC_ERROR_REPORTING_HOST != 294 |
|
|
1607 #error "AC_ERROR_REPORTING_HOST definition mismatch" |
|
|
1608 #endif |
|
|
1609 0, /* Vendor */ |
|
|
1610 "Error-Reporting-Host", /* Name */ |
|
|
1611 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1612 0, /* Fixed flag values */ |
|
|
1613 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
1614 }; |
|
|
1615 CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
|
|
1616 } |
|
|
1617 |
|
|
1618 /* Failed-AVP */ |
|
|
1619 { |
|
|
1620 /* |
|
|
1621 The Failed-AVP AVP (AVP Code 279) is of type Grouped and provides |
|
|
1622 debugging information in cases where a request is rejected or not |
|
|
1623 fully processed due to erroneous information in a specific AVP. The |
|
|
1624 value of the Result-Code AVP will provide information on the reason |
|
|
1625 for the Failed-AVP AVP. A Diameter message SHOULD contain only one |
|
|
1626 Failed-AVP that corresponds to the error indicated by the Result-Code |
|
|
1627 AVP. For practical purposes, this Failed-AVP would typically refer |
|
|
1628 to the first AVP processing error that a Diameter node encounters. |
|
|
1629 |
|
|
1630 The possible reasons for this AVP are the presence of an improperly |
|
|
1631 constructed AVP, an unsupported or unrecognized AVP, an invalid AVP |
|
|
1632 value, the omission of a required AVP, the presence of an explicitly |
|
|
1633 excluded AVP (see tables in Section 10), or the presence of two or |
|
|
1634 more occurrences of an AVP which is restricted to 0, 1, or 0-1 |
|
|
1635 occurrences. |
|
|
1636 |
|
|
1637 A Diameter message SHOULD contain one Failed-AVP AVP, containing the |
|
|
1638 entire AVP that could not be processed successfully. If the failure |
|
|
1639 reason is omission of a required AVP, an AVP with the missing AVP |
|
|
1640 code, the missing vendor id, and a zero filled payload of the minimum |
|
|
1641 required length for the omitted AVP will be added. If the failure |
|
|
1642 reason is an invalid AVP length where the reported length is less |
|
|
1643 than the minimum AVP header length or greater than the reported |
|
|
1644 message length, a copy of the offending AVP header and a zero filled |
|
|
1645 payload of the minimum required length SHOULD be added. |
|
|
1646 |
|
|
1647 In the case where the offending AVP is embedded within a grouped AVP, |
|
|
1648 the Failed-AVP MAY contain the grouped AVP which in turn contains the |
|
|
1649 single offending AVP. The same method MAY be employed if the grouped |
|
|
1650 AVP itself is embedded in yet another grouped AVP and so on. In this |
|
|
1651 case, the Failed-AVP MAY contain the grouped AVP heirarchy up to the |
|
|
1652 single offending AVP. This enables the recipient to detect the |
|
|
1653 location of the offending AVP when embedded in a group. |
|
|
1654 |
|
|
1655 AVP Format |
|
|
1656 |
|
|
1657 <Failed-AVP> ::= < AVP Header: 279 > |
|
|
1658 1* {AVP} |
|
|
1659 */ |
|
|
1660 struct dict_avp_data data = { |
|
|
1661 279, /* Code */ |
|
|
1662 #if AC_FAILED_AVP != 279 |
|
|
1663 #error "AC_FAILED_AVP definition mismatch" |
|
|
1664 #endif |
|
|
1665 0, /* Vendor */ |
|
|
1666 "Failed-AVP", /* Name */ |
|
|
1667 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1668 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1669 AVP_TYPE_GROUPED /* base type of data */ |
|
|
1670 }; |
|
|
1671 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
1672 } |
|
|
1673 |
|
|
1674 /* Experimental-Result */ |
|
|
1675 { |
|
|
1676 /* |
|
|
1677 The Experimental-Result AVP (AVP Code 297) is of type Grouped, and |
|
|
1678 indicates whether a particular vendor-specific request was completed |
|
|
1679 successfully or whether an error occurred. Its Data field has the |
|
|
1680 following ABNF grammar: |
|
|
1681 |
|
|
1682 AVP Format |
|
|
1683 |
|
|
1684 Experimental-Result ::= < AVP Header: 297 > |
|
|
1685 { Vendor-Id } |
|
|
1686 { Experimental-Result-Code } |
|
|
1687 |
|
|
1688 The Vendor-Id AVP (see Section 5.3.3) in this grouped AVP identifies |
|
|
1689 the vendor responsible for the assignment of the result code which |
|
|
1690 follows. All Diameter answer messages defined in vendor-specific |
|
|
1691 applications MUST include either one Result-Code AVP or one |
|
|
1692 Experimental-Result AVP. |
|
|
1693 */ |
|
|
1694 struct dict_avp_data data = { |
|
|
1695 297, /* Code */ |
|
|
1696 0, /* Vendor */ |
|
|
1697 "Experimental-Result", /* Name */ |
|
|
1698 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1699 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1700 AVP_TYPE_GROUPED /* base type of data */ |
|
|
1701 }; |
|
|
1702 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
1703 } |
|
|
1704 |
|
|
1705 /* Experimental-Result-Code */ |
|
|
1706 { |
|
|
1707 /* |
|
|
1708 The Experimental-Result-Code AVP (AVP Code 298) is of type Unsigned32 |
|
|
1709 and contains a vendor-assigned value representing the result of |
|
|
1710 processing the request. |
|
|
1711 |
|
|
1712 It is recommended that vendor-specific result codes follow the same |
|
|
1713 conventions given for the Result-Code AVP regarding the different |
|
|
1714 types of result codes and the handling of errors (for non 2xxx |
|
|
1715 values). |
|
|
1716 */ |
|
|
1717 /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
|
|
1718 * This is the reason for the "*" in the type name. Vendors will have to define their values. |
|
|
1719 */ |
|
|
1720 struct dict_object * type; |
|
|
1721 struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated*(Experimental-Result-Code)" , NULL, NULL}; |
|
|
1722 struct dict_avp_data data = { |
|
|
1723 298, /* Code */ |
|
|
1724 0, /* Vendor */ |
|
|
1725 "Experimental-Result-Code", /* Name */ |
|
|
1726 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1727 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1728 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
1729 }; |
|
|
1730 |
|
|
1731 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1732 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1733 } |
|
|
1734 |
|
|
1735 /* Auth-Request-Type */ |
|
|
1736 { |
|
|
1737 /* |
|
|
1738 The Auth-Request-Type AVP (AVP Code 274) is of type Enumerated and is |
|
|
1739 included in application-specific auth requests to inform the peers |
|
|
1740 whether a user is to be authenticated only, authorized only or both. |
|
|
1741 Note any value other than both MAY cause RADIUS interoperability |
|
|
1742 issues. The following values are defined: |
|
|
1743 |
|
|
1744 |
|
|
1745 AUTHENTICATE_ONLY 1 |
|
|
1746 |
|
|
1747 The request being sent is for authentication only, and MUST |
|
|
1748 contain the relevant application specific authentication AVPs that |
|
|
1749 are needed by the Diameter server to authenticate the user. |
|
|
1750 |
|
|
1751 |
|
|
1752 AUTHORIZE_ONLY 2 |
|
|
1753 |
|
|
1754 The request being sent is for authorization only, and MUST contain |
|
|
1755 the application specific authorization AVPs that are necessary to |
|
|
1756 identify the service being requested/offered. |
|
|
1757 |
|
|
1758 |
|
|
1759 AUTHORIZE_AUTHENTICATE 3 |
|
|
1760 |
|
|
1761 The request contains a request for both authentication and |
|
|
1762 authorization. The request MUST include both the relevant |
|
|
1763 application specific authentication information, and authorization |
|
|
1764 information necessary to identify the service being requested/ |
|
|
1765 offered. |
|
|
1766 */ |
|
|
1767 struct dict_object * type; |
|
|
1768 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Auth-Request-Type)" , NULL, NULL}; |
|
|
1769 struct dict_enumval_data t_1 = { "AUTHENTICATE_ONLY", { .i32 = 1 }}; |
|
|
1770 struct dict_enumval_data t_2 = { "AUTHORIZE_ONLY", { .i32 = 2 }}; |
|
|
1771 struct dict_enumval_data t_3 = { "AUTHORIZE_AUTHENTICATE", { .i32 = 3 }}; |
|
|
1772 struct dict_avp_data data = { |
|
|
1773 274, /* Code */ |
|
|
1774 0, /* Vendor */ |
|
|
1775 "Auth-Request-Type", /* Name */ |
|
|
1776 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1777 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1778 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
1779 }; |
|
|
1780 /* Create the Enumerated type, and then the AVP */ |
|
|
1781 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1782 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
1783 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
1784 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
1785 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1786 } |
|
|
1787 |
|
|
1788 /* Session-Id */ |
|
|
1789 { |
|
|
1790 /* |
|
|
1791 The Session-Id AVP (AVP Code 263) is of type UTF8String and is used |
|
|
1792 to identify a specific session (see Section 8). All messages |
|
|
1793 pertaining to a specific session MUST include only one Session-Id AVP |
|
|
1794 and the same value MUST be used throughout the life of a session. |
|
|
1795 When present, the Session-Id SHOULD appear immediately following the |
|
|
1796 Diameter Header (see Section 3). |
|
|
1797 |
|
|
1798 The Session-Id MUST be globally and eternally unique, as it is meant |
|
|
1799 to uniquely identify a user session without reference to any other |
|
|
1800 information, and may be needed to correlate historical authentication |
|
|
1801 information with accounting information. The Session-Id includes a |
|
|
1802 mandatory portion and an implementation-defined portion; a |
|
|
1803 recommended format for the implementation-defined portion is outlined |
|
|
1804 below. |
|
|
1805 |
|
|
1806 (skipped, see RFC for detail) |
|
|
1807 */ |
|
|
1808 struct dict_avp_data data = { |
|
|
1809 263, /* Code */ |
|
|
1810 #if AC_SESSION_ID != 263 |
|
|
1811 #error "AC_SESSION_ID definition mismatch" |
|
|
1812 #endif |
|
|
1813 0, /* Vendor */ |
|
|
1814 "Session-Id", /* Name */ |
|
|
1815 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1816 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1817 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
1818 }; |
|
|
1819 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
|
|
1820 } |
|
|
1821 |
|
|
1822 /* Authorization-Lifetime */ |
|
|
1823 { |
|
|
1824 /* |
|
|
1825 The Authorization-Lifetime AVP (AVP Code 291) is of type Unsigned32 |
|
|
1826 and contains the maximum number of seconds of service to be provided |
|
|
1827 to the user before the user is to be re-authenticated and/or re- |
|
|
1828 authorized. Great care should be taken when the Authorization- |
|
|
1829 Lifetime value is determined, since a low, non-zero, value could |
|
|
1830 create significant Diameter traffic, which could congest both the |
|
|
1831 network and the agents. |
|
|
1832 |
|
|
1833 A value of zero (0) means that immediate re-auth is necessary by the |
|
|
1834 access device. This is typically used in cases where multiple |
|
|
1835 authentication methods are used, and a successful auth response with |
|
|
1836 this AVP set to zero is used to signal that the next authentication |
|
|
1837 method is to be immediately initiated. The absence of this AVP, or a |
|
|
1838 value of all ones (meaning all bits in the 32 bit field are set to |
|
|
1839 one) means no re-auth is expected. |
|
|
1840 |
|
|
1841 If both this AVP and the Session-Timeout AVP are present in a |
|
|
1842 message, the value of the latter MUST NOT be smaller than the |
|
|
1843 Authorization-Lifetime AVP. |
|
|
1844 |
|
|
1845 An Authorization-Lifetime AVP MAY be present in re-authorization |
|
|
1846 messages, and contains the number of seconds the user is authorized |
|
|
1847 to receive service from the time the re-auth answer message is |
|
|
1848 received by the access device. |
|
|
1849 |
|
|
1850 This AVP MAY be provided by the client as a hint of the maximum |
|
|
1851 lifetime that it is willing to accept. However, the server MAY |
|
|
1852 return a value that is equal to, or smaller, than the one provided by |
|
|
1853 the client. |
|
|
1854 */ |
|
|
1855 struct dict_avp_data data = { |
|
|
1856 291, /* Code */ |
|
|
1857 0, /* Vendor */ |
|
|
1858 "Authorization-Lifetime", /* Name */ |
|
|
1859 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1860 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1861 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
1862 }; |
|
|
1863 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
1864 } |
|
|
1865 |
|
|
1866 /* Auth-Grace-Period */ |
|
|
1867 { |
|
|
1868 /* |
|
|
1869 The Auth-Grace-Period AVP (AVP Code 276) is of type Unsigned32 and |
|
|
1870 contains the number of seconds the Diameter server will wait |
|
|
1871 following the expiration of the Authorization-Lifetime AVP before |
|
|
1872 cleaning up resources for the session. |
|
|
1873 */ |
|
|
1874 struct dict_avp_data data = { |
|
|
1875 276, /* Code */ |
|
|
1876 0, /* Vendor */ |
|
|
1877 "Auth-Grace-Period", /* Name */ |
|
|
1878 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1879 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1880 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
1881 }; |
|
|
1882 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
1883 } |
|
|
1884 |
|
|
1885 /* Auth-Session-State */ |
|
|
1886 { |
|
|
1887 /* |
|
|
1888 The Auth-Session-State AVP (AVP Code 277) is of type Enumerated and |
|
|
1889 specifies whether state is maintained for a particular session. The |
|
|
1890 client MAY include this AVP in requests as a hint to the server, but |
|
|
1891 the value in the server's answer message is binding. The following |
|
|
1892 values are supported: |
|
|
1893 |
|
|
1894 |
|
|
1895 STATE_MAINTAINED 0 |
|
|
1896 |
|
|
1897 This value is used to specify that session state is being |
|
|
1898 maintained, and the access device MUST issue a session termination |
|
|
1899 message when service to the user is terminated. This is the |
|
|
1900 default value. |
|
|
1901 |
|
|
1902 |
|
|
1903 NO_STATE_MAINTAINED 1 |
|
|
1904 |
|
|
1905 This value is used to specify that no session termination messages |
|
|
1906 will be sent by the access device upon expiration of the |
|
|
1907 Authorization-Lifetime. |
|
|
1908 */ |
|
|
1909 struct dict_object * type; |
|
|
1910 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Auth-Session-State)" , NULL, NULL}; |
|
|
1911 struct dict_enumval_data t_0 = { "STATE_MAINTAINED", { .i32 = 0 }}; |
|
|
1912 struct dict_enumval_data t_1 = { "NO_STATE_MAINTAINED", { .i32 = 1 }}; |
|
|
1913 struct dict_avp_data data = { |
|
|
1914 277, /* Code */ |
|
|
1915 0, /* Vendor */ |
|
|
1916 "Auth-Session-State", /* Name */ |
|
|
1917 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1918 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1919 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
1920 }; |
|
|
1921 /* Create the Enumerated type, and then the AVP */ |
|
|
1922 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1923 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
1924 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
1925 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1926 } |
|
|
1927 |
|
|
1928 /* Re-Auth-Request-Type */ |
|
|
1929 { |
|
|
1930 /* |
|
|
1931 The Re-Auth-Request-Type AVP (AVP Code 285) is of type Enumerated and |
|
|
1932 is included in application-specific auth answers to inform the client |
|
|
1933 of the action expected upon expiration of the Authorization-Lifetime. |
|
|
1934 If the answer message contains an Authorization-Lifetime AVP with a |
|
|
1935 positive value, the Re-Auth-Request-Type AVP MUST be present in an |
|
|
1936 answer message. The following values are defined: |
|
|
1937 |
|
|
1938 |
|
|
1939 AUTHORIZE_ONLY 0 |
|
|
1940 |
|
|
1941 An authorization only re-auth is expected upon expiration of the |
|
|
1942 Authorization-Lifetime. This is the default value if the AVP is |
|
|
1943 not present in answer messages that include the Authorization- |
|
|
1944 Lifetime. |
|
|
1945 |
|
|
1946 |
|
|
1947 AUTHORIZE_AUTHENTICATE 1 |
|
|
1948 |
|
|
1949 An authentication and authorization re-auth is expected upon |
|
|
1950 expiration of the Authorization-Lifetime. |
|
|
1951 */ |
|
|
1952 struct dict_object * type; |
|
|
1953 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Re-Auth-Request-Type)" , NULL, NULL}; |
|
|
1954 struct dict_enumval_data t_0 = { "AUTHORIZE_ONLY", { .i32 = 0 }}; |
|
|
1955 struct dict_enumval_data t_1 = { "AUTHORIZE_AUTHENTICATE", { .i32 = 1 }}; |
|
|
1956 struct dict_avp_data data = { |
|
|
1957 285, /* Code */ |
|
|
1958 0, /* Vendor */ |
|
|
1959 "Re-Auth-Request-Type", /* Name */ |
|
|
1960 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
1961 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
1962 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
1963 }; |
|
|
1964 /* Create the Enumerated type, and then the AVP */ |
|
|
1965 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
1966 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
1967 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
1968 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
1969 } |
|
|
1970 |
|
|
1971 /* Session-Timeout */ |
|
|
1972 { |
|
|
1973 /* |
|
|
1974 The Session-Timeout AVP (AVP Code 27) [RFC2865] is of type Unsigned32 |
|
|
1975 and contains the maximum number of seconds of service to be provided |
|
|
1976 to the user before termination of the session. When both the |
|
|
1977 Session-Timeout and the Authorization-Lifetime AVPs are present in an |
|
|
1978 answer message, the former MUST be equal to or greater than the value |
|
|
1979 of the latter. |
|
|
1980 |
|
|
1981 A session that terminates on an access device due to the expiration |
|
|
1982 of the Session-Timeout MUST cause an STR to be issued, unless both |
|
|
1983 the access device and the home server had previously agreed that no |
|
|
1984 session termination messages would be sent (see Section 8.11). |
|
|
1985 |
|
|
1986 A Session-Timeout AVP MAY be present in a re-authorization answer |
|
|
1987 message, and contains the remaining number of seconds from the |
|
|
1988 beginning of the re-auth. |
|
|
1989 |
|
|
1990 A value of zero, or the absence of this AVP, means that this session |
|
|
1991 has an unlimited number of seconds before termination. |
|
|
1992 |
|
|
1993 This AVP MAY be provided by the client as a hint of the maximum |
|
|
1994 timeout that it is willing to accept. However, the server MAY return |
|
|
1995 a value that is equal to, or smaller, than the one provided by the |
|
|
1996 client. |
|
|
1997 */ |
|
|
1998 struct dict_avp_data data = { |
|
|
1999 27, /* Code */ |
|
|
2000 0, /* Vendor */ |
|
|
2001 "Session-Timeout", /* Name */ |
|
|
2002 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2003 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2004 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2005 }; |
|
|
2006 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2007 } |
|
|
2008 |
|
|
2009 /* User-Name */ |
|
|
2010 { |
|
|
2011 /* |
|
|
2012 The User-Name AVP (AVP Code 1) [RFC2865] is of type UTF8String, which |
|
|
2013 contains the User-Name, in a format consistent with the NAI |
|
|
2014 specification [RFC4282]. |
|
|
2015 */ |
|
|
2016 struct dict_avp_data data = { |
|
|
2017 1, /* Code */ |
|
|
2018 0, /* Vendor */ |
|
|
2019 "User-Name", /* Name */ |
|
|
2020 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2021 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2022 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
2023 }; |
|
|
2024 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
|
|
2025 } |
|
|
2026 |
|
|
2027 /* Termination-Cause */ |
|
|
2028 { |
|
|
2029 /* |
|
|
2030 The Termination-Cause AVP (AVP Code 295) is of type Enumerated, and |
|
|
2031 is used to indicate the reason why a session was terminated on the |
|
|
2032 access device. The following values are defined: |
|
|
2033 |
|
|
2034 |
|
|
2035 DIAMETER_LOGOUT 1 |
|
|
2036 |
|
|
2037 The user initiated a disconnect |
|
|
2038 |
|
|
2039 |
|
|
2040 DIAMETER_SERVICE_NOT_PROVIDED 2 |
|
|
2041 |
|
|
2042 This value is used when the user disconnected prior to the receipt |
|
|
2043 of the authorization answer message. |
|
|
2044 |
|
|
2045 |
|
|
2046 DIAMETER_BAD_ANSWER 3 |
|
|
2047 |
|
|
2048 This value indicates that the authorization answer received by the |
|
|
2049 access device was not processed successfully. |
|
|
2050 |
|
|
2051 |
|
|
2052 DIAMETER_ADMINISTRATIVE 4 |
|
|
2053 |
|
|
2054 The user was not granted access, or was disconnected, due to |
|
|
2055 administrative reasons, such as the receipt of a Abort-Session- |
|
|
2056 Request message. |
|
|
2057 |
|
|
2058 |
|
|
2059 DIAMETER_LINK_BROKEN 5 |
|
|
2060 |
|
|
2061 The communication to the user was abruptly disconnected. |
|
|
2062 |
|
|
2063 |
|
|
2064 DIAMETER_AUTH_EXPIRED 6 |
|
|
2065 |
|
|
2066 The user's access was terminated since its authorized session time |
|
|
2067 has expired. |
|
|
2068 |
|
|
2069 |
|
|
2070 DIAMETER_USER_MOVED 7 |
|
|
2071 |
|
|
2072 The user is receiving services from another access device. |
|
|
2073 |
|
|
2074 |
|
|
2075 DIAMETER_SESSION_TIMEOUT 8 |
|
|
2076 |
|
|
2077 The user's session has timed out, and service has been terminated. |
|
|
2078 */ |
|
|
2079 struct dict_object * type; |
|
|
2080 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Termination-Cause)" , NULL, NULL}; |
|
|
2081 struct dict_enumval_data t_1 = { "DIAMETER_LOGOUT", { .i32 = 1 }}; |
|
|
2082 struct dict_enumval_data t_2 = { "DIAMETER_SERVICE_NOT_PROVIDED", { .i32 = 2 }}; |
|
|
2083 struct dict_enumval_data t_3 = { "DIAMETER_BAD_ANSWER", { .i32 = 3 }}; |
|
|
2084 struct dict_enumval_data t_4 = { "DIAMETER_ADMINISTRATIVE", { .i32 = 4 }}; |
|
|
2085 struct dict_enumval_data t_5 = { "DIAMETER_LINK_BROKEN", { .i32 = 5 }}; |
|
|
2086 struct dict_enumval_data t_6 = { "DIAMETER_AUTH_EXPIRED", { .i32 = 6 }}; |
|
|
2087 struct dict_enumval_data t_7 = { "DIAMETER_USER_MOVED", { .i32 = 7 }}; |
|
|
2088 struct dict_enumval_data t_8 = { "DIAMETER_SESSION_TIMEOUT", { .i32 = 8 }}; |
|
|
2089 struct dict_avp_data data = { |
|
|
2090 295, /* Code */ |
|
|
2091 0, /* Vendor */ |
|
|
2092 "Termination-Cause", /* Name */ |
|
|
2093 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2094 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2095 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
2096 }; |
|
|
2097 /* Create the Enumerated type, and then the AVP */ |
|
|
2098 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
2099 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
2100 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
2101 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
2102 CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
|
|
2103 CHECK_dict_new( DICT_ENUMVAL, &t_5 , type, NULL); |
|
|
2104 CHECK_dict_new( DICT_ENUMVAL, &t_6 , type, NULL); |
|
|
2105 CHECK_dict_new( DICT_ENUMVAL, &t_7 , type, NULL); |
|
|
2106 CHECK_dict_new( DICT_ENUMVAL, &t_8 , type, NULL); |
|
|
2107 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
2108 } |
|
|
2109 |
|
|
2110 /* Origin-State-Id */ |
|
|
2111 { |
|
|
2112 /* |
|
|
2113 The Origin-State-Id AVP (AVP Code 278), of type Unsigned32, is a |
|
|
2114 monotonically increasing value that is advanced whenever a Diameter |
|
|
2115 entity restarts with loss of previous state, for example upon reboot. |
|
|
2116 Origin-State-Id MAY be included in any Diameter message, including |
|
|
2117 CER. |
|
|
2118 |
|
|
2119 A Diameter entity issuing this AVP MUST create a higher value for |
|
|
2120 this AVP each time its state is reset. A Diameter entity MAY set |
|
|
2121 Origin-State-Id to the time of startup, or it MAY use an incrementing |
|
|
2122 counter retained in non-volatile memory across restarts. |
|
|
2123 |
|
|
2124 The Origin-State-Id, if present, MUST reflect the state of the entity |
|
|
2125 indicated by Origin-Host. If a proxy modifies Origin-Host, it MUST |
|
|
2126 either remove Origin-State-Id or modify it appropriately as well. |
|
|
2127 Typically, Origin-State-Id is used by an access device that always |
|
|
2128 starts up with no active sessions; that is, any session active prior |
|
|
2129 to restart will have been lost. By including Origin-State-Id in a |
|
|
2130 message, it allows other Diameter entities to infer that sessions |
|
|
2131 associated with a lower Origin-State-Id are no longer active. If an |
|
|
2132 access device does not intend for such inferences to be made, it MUST |
|
|
2133 either not include Origin-State-Id in any message, or set its value |
|
|
2134 to 0. |
|
|
2135 */ |
|
|
2136 struct dict_avp_data data = { |
|
|
2137 278, /* Code */ |
|
|
2138 0, /* Vendor */ |
|
|
2139 "Origin-State-Id", /* Name */ |
|
|
2140 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2141 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2142 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2143 }; |
|
|
2144 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2145 } |
|
|
2146 |
|
|
2147 /* Session-Binding */ |
|
|
2148 { |
|
|
2149 /* |
|
|
2150 The Session-Binding AVP (AVP Code 270) is of type Unsigned32, and MAY |
|
|
2151 be present in application-specific authorization answer messages. If |
|
|
2152 present, this AVP MAY inform the Diameter client that all future |
|
|
2153 application-specific re-auth messages for this session MUST be sent |
|
|
2154 to the same authorization server. This AVP MAY also specify that a |
|
|
2155 Session-Termination-Request message for this session MUST be sent to |
|
|
2156 the same authorizing server. |
|
|
2157 |
|
|
2158 This field is a bit mask, and the following bits have been defined: |
|
|
2159 |
|
|
2160 |
|
|
2161 RE_AUTH 1 |
|
|
2162 |
|
|
2163 When set, future re-auth messages for this session MUST NOT |
|
|
2164 include the Destination-Host AVP. When cleared, the default |
|
|
2165 value, the Destination-Host AVP MUST be present in all re-auth |
|
|
2166 messages for this session. |
|
|
2167 |
|
|
2168 |
|
|
2169 STR 2 |
|
|
2170 |
|
|
2171 When set, the STR message for this session MUST NOT include the |
|
|
2172 Destination-Host AVP. When cleared, the default value, the |
|
|
2173 Destination-Host AVP MUST be present in the STR message for this |
|
|
2174 session. |
|
|
2175 |
|
|
2176 |
|
|
2177 ACCOUNTING 4 |
|
|
2178 |
|
|
2179 When set, all accounting messages for this session MUST NOT |
|
|
2180 include the Destination-Host AVP. When cleared, the default |
|
|
2181 value, the Destination-Host AVP, if known, MUST be present in all |
|
|
2182 accounting messages for this session. |
|
|
2183 */ |
|
|
2184 |
|
|
2185 /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
|
|
2186 * This is the reason for the "*" in the type name |
|
|
2187 * The actual values of the AVP will not always be defined here, but at least it can be used in some cases. |
|
|
2188 * ... maybe the code will be changed later to support bitfields AVP ... |
|
|
2189 */ |
|
|
2190 |
|
|
2191 struct dict_object * type; |
|
|
2192 struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated*(Session-Binding)" , NULL, NULL}; |
|
|
2193 struct dict_enumval_data t_1 = { "RE_AUTH", { .u32 = 1 }}; |
|
|
2194 struct dict_enumval_data t_2 = { "STR", { .u32 = 2 }}; |
|
|
2195 struct dict_enumval_data t_4 = { "ACCOUNTING", { .u32 = 4 }}; |
|
|
2196 struct dict_avp_data data = { |
|
|
2197 270, /* Code */ |
|
|
2198 0, /* Vendor */ |
|
|
2199 "Session-Binding", /* Name */ |
|
|
2200 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2201 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2202 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2203 }; |
|
|
2204 /* Create the Enumerated type, and then the AVP */ |
|
|
2205 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
2206 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
2207 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
2208 CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
|
|
2209 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
2210 } |
|
|
2211 |
|
|
2212 /* Session-Server-Failover */ |
|
|
2213 { |
|
|
2214 /* |
|
|
2215 The Session-Server-Failover AVP (AVP Code 271) is of type Enumerated, |
|
|
2216 and MAY be present in application-specific authorization answer |
|
|
2217 messages that either do not include the Session-Binding AVP or |
|
|
2218 include the Session-Binding AVP with any of the bits set to a zero |
|
|
2219 value. If present, this AVP MAY inform the Diameter client that if a |
|
|
2220 re-auth or STR message fails due to a delivery problem, the Diameter |
|
|
2221 client SHOULD issue a subsequent message without the Destination-Host |
|
|
2222 AVP. When absent, the default value is REFUSE_SERVICE. |
|
|
2223 |
|
|
2224 The following values are supported: |
|
|
2225 |
|
|
2226 |
|
|
2227 REFUSE_SERVICE 0 |
|
|
2228 |
|
|
2229 If either the re-auth or the STR message delivery fails, terminate |
|
|
2230 service with the user, and do not attempt any subsequent attempts. |
|
|
2231 |
|
|
2232 |
|
|
2233 TRY_AGAIN 1 |
|
|
2234 |
|
|
2235 If either the re-auth or the STR message delivery fails, resend |
|
|
2236 the failed message without the Destination-Host AVP present. |
|
|
2237 |
|
|
2238 |
|
|
2239 ALLOW_SERVICE 2 |
|
|
2240 |
|
|
2241 If re-auth message delivery fails, assume that re-authorization |
|
|
2242 succeeded. If STR message delivery fails, terminate the session. |
|
|
2243 |
|
|
2244 |
|
|
2245 TRY_AGAIN_ALLOW_SERVICE 3 |
|
|
2246 |
|
|
2247 If either the re-auth or the STR message delivery fails, resend |
|
|
2248 the failed message without the Destination-Host AVP present. If |
|
|
2249 the second delivery fails for re-auth, assume re-authorization |
|
|
2250 succeeded. If the second delivery fails for STR, terminate the |
|
|
2251 session. |
|
|
2252 */ |
|
|
2253 struct dict_object * type; |
|
|
2254 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Session-Server-Failover)" , NULL, NULL}; |
|
|
2255 struct dict_enumval_data t_0 = { "REFUSE_SERVICE", { .i32 = 0 }}; |
|
|
2256 struct dict_enumval_data t_1 = { "TRY_AGAIN", { .i32 = 1 }}; |
|
|
2257 struct dict_enumval_data t_2 = { "ALLOW_SERVICE", { .i32 = 2 }}; |
|
|
2258 struct dict_enumval_data t_3 = { "TRY_AGAIN_ALLOW_SERVICE", { .i32 = 3 }}; |
|
|
2259 struct dict_avp_data data = { |
|
|
2260 271, /* Code */ |
|
|
2261 0, /* Vendor */ |
|
|
2262 "Session-Server-Failover", /* Name */ |
|
|
2263 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2264 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2265 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
2266 }; |
|
|
2267 /* Create the Enumerated type, and then the AVP */ |
|
|
2268 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
2269 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
|
|
2270 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
2271 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
2272 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
2273 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
2274 } |
|
|
2275 |
|
|
2276 /* Multi-Round-Time-Out */ |
|
|
2277 { |
|
|
2278 /* |
|
|
2279 The Multi-Round-Time-Out AVP (AVP Code 272) is of type Unsigned32, |
|
|
2280 and SHOULD be present in application-specific authorization answer |
|
|
2281 messages whose Result-Code AVP is set to DIAMETER_MULTI_ROUND_AUTH. |
|
|
2282 This AVP contains the maximum number of seconds that the access |
|
|
2283 device MUST provide the user in responding to an authentication |
|
|
2284 request. |
|
|
2285 */ |
|
|
2286 struct dict_avp_data data = { |
|
|
2287 272, /* Code */ |
|
|
2288 0, /* Vendor */ |
|
|
2289 "Multi-Round-Time-Out", /* Name */ |
|
|
2290 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2291 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2292 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2293 }; |
|
|
2294 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2295 } |
|
|
2296 |
|
|
2297 /* Class */ |
|
|
2298 { |
|
|
2299 /* |
|
|
2300 The Class AVP (AVP Code 25) is of type OctetString and is used to by |
|
|
2301 Diameter servers to return state information to the access device. |
|
|
2302 When one or more Class AVPs are present in application-specific |
|
|
2303 authorization answer messages, they MUST be present in subsequent re- |
|
|
2304 authorization, session termination and accounting messages. Class |
|
|
2305 AVPs found in a re-authorization answer message override the ones |
|
|
2306 found in any previous authorization answer message. Diameter server |
|
|
2307 implementations SHOULD NOT return Class AVPs that require more than |
|
|
2308 4096 bytes of storage on the Diameter client. A Diameter client that |
|
|
2309 receives Class AVPs whose size exceeds local available storage MUST |
|
|
2310 terminate the session. |
|
|
2311 */ |
|
|
2312 struct dict_avp_data data = { |
|
|
2313 25, /* Code */ |
|
|
2314 0, /* Vendor */ |
|
|
2315 "Class", /* Name */ |
|
|
2316 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2317 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2318 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
2319 }; |
|
|
2320 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2321 } |
|
|
2322 |
|
|
2323 /* Event-Timestamp */ |
|
|
2324 { |
|
|
2325 /* |
|
|
2326 The Event-Timestamp (AVP Code 55) is of type Time, and MAY be |
|
|
2327 included in an Accounting-Request and Accounting-Answer messages to |
|
|
2328 record the time that the reported event occurred, in seconds since |
|
|
2329 January 1, 1900 00:00 UTC. |
|
|
2330 */ |
|
|
2331 struct dict_avp_data data = { |
|
|
2332 55, /* Code */ |
|
|
2333 0, /* Vendor */ |
|
|
2334 "Event-Timestamp", /* Name */ |
|
|
2335 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2336 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2337 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
2338 }; |
|
|
2339 CHECK_dict_new( DICT_AVP, &data , Time_type, NULL); |
|
|
2340 } |
|
|
2341 |
|
|
2342 |
|
|
2343 /* Accounting-Record-Type */ |
|
|
2344 { |
|
|
2345 /* |
|
|
2346 The Accounting-Record-Type AVP (AVP Code 480) is of type Enumerated |
|
|
2347 and contains the type of accounting record being sent. The following |
|
|
2348 values are currently defined for the Accounting-Record-Type AVP: |
|
|
2349 |
|
|
2350 |
|
|
2351 EVENT_RECORD 1 |
|
|
2352 |
|
|
2353 An Accounting Event Record is used to indicate that a one-time |
|
|
2354 event has occurred (meaning that the start and end of the event |
|
|
2355 are simultaneous). This record contains all information relevant |
|
|
2356 to the service, and is the only record of the service. |
|
|
2357 |
|
|
2358 |
|
|
2359 START_RECORD 2 |
|
|
2360 |
|
|
2361 An Accounting Start, Interim, and Stop Records are used to |
|
|
2362 indicate that a service of a measurable length has been given. An |
|
|
2363 Accounting Start Record is used to initiate an accounting session, |
|
|
2364 and contains accounting information that is relevant to the |
|
|
2365 initiation of the session. |
|
|
2366 |
|
|
2367 |
|
|
2368 INTERIM_RECORD 3 |
|
|
2369 |
|
|
2370 An Interim Accounting Record contains cumulative accounting |
|
|
2371 information for an existing accounting session. Interim |
|
|
2372 Accounting Records SHOULD be sent every time a re-authentication |
|
|
2373 or re-authorization occurs. Further, additional interim record |
|
|
2374 triggers MAY be defined by application-specific Diameter |
|
|
2375 applications. The selection of whether to use INTERIM_RECORD |
|
|
2376 records is done by the Acct-Interim-Interval AVP. |
|
|
2377 |
|
|
2378 |
|
|
2379 STOP_RECORD 4 |
|
|
2380 |
|
|
2381 An Accounting Stop Record is sent to terminate an accounting |
|
|
2382 session and contains cumulative accounting information relevant to |
|
|
2383 the existing session. |
|
|
2384 */ |
|
|
2385 struct dict_object * type; |
|
|
2386 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Accounting-Record-Type)" , NULL, NULL}; |
|
|
2387 struct dict_enumval_data t_1 = { "EVENT_RECORD", { .i32 = 1 }}; |
|
|
2388 struct dict_enumval_data t_2 = { "START_RECORD", { .i32 = 2 }}; |
|
|
2389 struct dict_enumval_data t_3 = { "INTERIM_RECORD", { .i32 = 3 }}; |
|
|
2390 struct dict_enumval_data t_4 = { "STOP_RECORD", { .i32 = 4 }}; |
|
|
2391 struct dict_avp_data data = { |
|
|
2392 480, /* Code */ |
|
|
2393 0, /* Vendor */ |
|
|
2394 "Accounting-Record-Type", /* Name */ |
|
|
2395 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2396 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2397 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
2398 }; |
|
|
2399 /* Create the Enumerated type, and then the AVP */ |
|
|
2400 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
2401 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
2402 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
2403 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
2404 CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
|
|
2405 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
2406 } |
|
|
2407 |
|
|
2408 /* Acct-Interim-Interval */ |
|
|
2409 { |
|
|
2410 /* |
|
|
2411 The Acct-Interim-Interval AVP (AVP Code 85) is of type Unsigned32 and |
|
|
2412 is sent from the Diameter home authorization server to the Diameter |
|
|
2413 client. The client uses information in this AVP to decide how and |
|
|
2414 when to produce accounting records. With different values in this |
|
|
2415 AVP, service sessions can result in one, two, or two+N accounting |
|
|
2416 records, based on the needs of the home-organization. The following |
|
|
2417 accounting record production behavior is directed by the inclusion of |
|
|
2418 this AVP: |
|
|
2419 |
|
|
2420 |
|
|
2421 1. The omission of the Acct-Interim-Interval AVP or its inclusion |
|
|
2422 with Value field set to 0 means that EVENT_RECORD, START_RECORD, |
|
|
2423 and STOP_RECORD are produced, as appropriate for the service. |
|
|
2424 |
|
|
2425 |
|
|
2426 2. The inclusion of the AVP with Value field set to a non-zero value |
|
|
2427 means that INTERIM_RECORD records MUST be produced between the |
|
|
2428 START_RECORD and STOP_RECORD records. The Value field of this |
|
|
2429 AVP is the nominal interval between these records in seconds. |
|
|
2430 |
|
|
2431 The Diameter node that originates the accounting information, |
|
|
2432 known as the client, MUST produce the first INTERIM_RECORD record |
|
|
2433 roughly at the time when this nominal interval has elapsed from |
|
|
2434 the START_RECORD, the next one again as the interval has elapsed |
|
|
2435 once more, and so on until the session ends and a STOP_RECORD |
|
|
2436 record is produced. |
|
|
2437 |
|
|
2438 The client MUST ensure that the interim record production times |
|
|
2439 are randomized so that large accounting message storms are not |
|
|
2440 created either among records or around a common service start |
|
|
2441 time. |
|
|
2442 */ |
|
|
2443 struct dict_avp_data data = { |
|
|
2444 85, /* Code */ |
|
|
2445 0, /* Vendor */ |
|
|
2446 "Acct-Interim-Interval", /* Name */ |
|
|
2447 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2448 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2449 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2450 }; |
|
|
2451 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2452 } |
|
|
2453 |
|
|
2454 /* Accounting-Record-Number */ |
|
|
2455 { |
|
|
2456 /* |
|
|
2457 The Accounting-Record-Number AVP (AVP Code 485) is of type Unsigned32 |
|
|
2458 and identifies this record within one session. As Session-Id AVPs |
|
|
2459 are globally unique, the combination of Session-Id and Accounting- |
|
|
2460 Record-Number AVPs is also globally unique, and can be used in |
|
|
2461 matching accounting records with confirmations. An easy way to |
|
|
2462 produce unique numbers is to set the value to 0 for records of type |
|
|
2463 EVENT_RECORD and START_RECORD, and set the value to 1 for the first |
|
|
2464 INTERIM_RECORD, 2 for the second, and so on until the value for |
|
|
2465 STOP_RECORD is one more than for the last INTERIM_RECORD. |
|
|
2466 */ |
|
|
2467 struct dict_avp_data data = { |
|
|
2468 485, /* Code */ |
|
|
2469 0, /* Vendor */ |
|
|
2470 "Accounting-Record-Number", /* Name */ |
|
|
2471 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2472 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2473 AVP_TYPE_UNSIGNED32 /* base type of data */ |
|
|
2474 }; |
|
|
2475 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2476 } |
|
|
2477 |
|
|
2478 /* Acct-Session-Id */ |
|
|
2479 { |
|
|
2480 /* |
|
|
2481 The Acct-Session-Id AVP (AVP Code 44) is of type OctetString is only |
|
|
2482 used when RADIUS/Diameter translation occurs. This AVP contains the |
|
|
2483 contents of the RADIUS Acct-Session-Id attribute. |
|
|
2484 */ |
|
|
2485 struct dict_avp_data data = { |
|
|
2486 44, /* Code */ |
|
|
2487 0, /* Vendor */ |
|
|
2488 "Acct-Session-Id", /* Name */ |
|
|
2489 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2490 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2491 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
2492 }; |
|
|
2493 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2494 } |
|
|
2495 |
|
|
2496 /* Acct-Multi-Session-Id */ |
|
|
2497 { |
|
|
2498 /* |
|
|
2499 The Acct-Multi-Session-Id AVP (AVP Code 50) is of type UTF8String, |
|
|
2500 following the format specified in Section 8.8. The Acct-Multi- |
|
|
2501 Session-Id AVP is used to link together multiple related accounting |
|
|
2502 sessions, where each session would have a unique Session-Id, but the |
|
|
2503 same Acct-Multi-Session-Id AVP. This AVP MAY be returned by the |
|
|
2504 Diameter server in an authorization answer, and MUST be used in all |
|
|
2505 accounting messages for the given session. |
|
|
2506 */ |
|
|
2507 struct dict_avp_data data = { |
|
|
2508 50, /* Code */ |
|
|
2509 0, /* Vendor */ |
|
|
2510 "Acct-Multi-Session-Id", /* Name */ |
|
|
2511 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2512 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2513 AVP_TYPE_OCTETSTRING /* base type of data */ |
|
|
2514 }; |
|
|
2515 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
|
|
2516 } |
|
|
2517 |
|
|
2518 /* Accounting-Sub-Session-Id */ |
|
|
2519 { |
|
|
2520 /* |
|
|
2521 The Accounting-Sub-Session-Id AVP (AVP Code 287) is of type |
|
|
2522 Unsigned64 and contains the accounting sub-session identifier. The |
|
|
2523 combination of the Session-Id and this AVP MUST be unique per sub- |
|
|
2524 session, and the value of this AVP MUST be monotonically increased by |
|
|
2525 one for all new sub-sessions. The absence of this AVP implies no |
|
|
2526 sub-sessions are in use, with the exception of an Accounting-Request |
|
|
2527 whose Accounting-Record-Type is set to STOP_RECORD. A STOP_RECORD |
|
|
2528 message with no Accounting-Sub-Session-Id AVP present will signal the |
|
|
2529 termination of all sub-sessions for a given Session-Id. |
|
|
2530 */ |
|
|
2531 struct dict_avp_data data = { |
|
|
2532 287, /* Code */ |
|
|
2533 0, /* Vendor */ |
|
|
2534 "Accounting-Sub-Session-Id", /* Name */ |
|
|
2535 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2536 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2537 AVP_TYPE_UNSIGNED64 /* base type of data */ |
|
|
2538 }; |
|
|
2539 CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
|
|
2540 } |
|
|
2541 |
|
|
2542 /* Accounting-Realtime-Required */ |
|
|
2543 { |
|
|
2544 /* |
|
|
2545 The Accounting-Realtime-Required AVP (AVP Code 483) is of type |
|
|
2546 Enumerated and is sent from the Diameter home authorization server to |
|
|
2547 the Diameter client or in the Accounting-Answer from the accounting |
|
|
2548 server. The client uses information in this AVP to decide what to do |
|
|
2549 if the sending of accounting records to the accounting server has |
|
|
2550 been temporarily prevented due to, for instance, a network problem. |
|
|
2551 |
|
|
2552 |
|
|
2553 DELIVER_AND_GRANT 1 |
|
|
2554 |
|
|
2555 The AVP with Value field set to DELIVER_AND_GRANT means that the |
|
|
2556 service MUST only be granted as long as there is a connection to |
|
|
2557 an accounting server. Note that the set of alternative accounting |
|
|
2558 servers are treated as one server in this sense. Having to move |
|
|
2559 the accounting record stream to a backup server is not a reason to |
|
|
2560 discontinue the service to the user. |
|
|
2561 |
|
|
2562 |
|
|
2563 GRANT_AND_STORE 2 |
|
|
2564 |
|
|
2565 The AVP with Value field set to GRANT_AND_STORE means that service |
|
|
2566 SHOULD be granted if there is a connection, or as long as records |
|
|
2567 can still be stored as described in Section 9.4. |
|
|
2568 |
|
|
2569 This is the default behavior if the AVP isn't included in the |
|
|
2570 reply from the authorization server. |
|
|
2571 |
|
|
2572 |
|
|
2573 GRANT_AND_LOSE 3 |
|
|
2574 |
|
|
2575 The AVP with Value field set to GRANT_AND_LOSE means that service |
|
|
2576 SHOULD be granted even if the records can not be delivered or |
|
|
2577 stored. |
|
|
2578 */ |
|
|
2579 struct dict_object * type; |
|
|
2580 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Accounting-Realtime-Required)" , NULL, NULL}; |
|
|
2581 struct dict_enumval_data t_1 = { "DELIVER_AND_GRANT", { .i32 = 1 }}; |
|
|
2582 struct dict_enumval_data t_2 = { "GRANT_AND_STORE", { .i32 = 2 }}; |
|
|
2583 struct dict_enumval_data t_3 = { "GRANT_AND_LOSE", { .i32 = 3 }}; |
|
|
2584 struct dict_avp_data data = { |
|
|
2585 483, /* Code */ |
|
|
2586 0, /* Vendor */ |
|
|
2587 "Accounting-Realtime-Required", /* Name */ |
|
|
2588 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
|
|
2589 AVP_FLAG_MANDATORY, /* Fixed flag values */ |
|
|
2590 AVP_TYPE_INTEGER32 /* base type of data */ |
|
|
2591 }; |
|
|
2592 /* Create the Enumerated type, and then the AVP */ |
|
|
2593 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
|
|
2594 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
|
|
2595 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
|
|
2596 CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
|
|
2597 CHECK_dict_new( DICT_AVP, &data , type, NULL); |
|
|
2598 } |
|
|
2599 |
|
|
2600 } |
|
|
2601 |
|
|
2602 /* Commands section */ |
|
|
2603 { |
|
|
2604 /* To avoid defining global variables for all the AVP that we use here, we do search the dictionary in each sub-block. |
|
|
2605 * This is far from optimal, but the code is clearer like this, and the time it requires at execution is not noticeable. |
|
|
2606 */ |
|
|
2607 |
|
|
2608 /* Generic message syntax when the 'E' bit is set */ |
|
|
2609 { |
|
|
2610 /* |
|
|
2611 The 'E' (Error Bit) in the Diameter header is set when the request |
|
|
2612 caused a protocol-related error (see Section 7.1.3). A message with |
|
|
2613 the 'E' bit MUST NOT be sent as a response to an answer message. |
|
|
2614 Note that a message with the 'E' bit set is still subjected to the |
|
|
2615 processing rules defined in Section 6.2. When set, the answer |
|
|
2616 message will not conform to the ABNF specification for the command, |
|
|
2617 and will instead conform to the following ABNF: |
|
|
2618 |
|
|
2619 Message Format |
|
|
2620 |
|
|
2621 <answer-message> ::= < Diameter Header: code, ERR [PXY] > |
|
|
2622 0*1< Session-Id > |
|
|
2623 { Origin-Host } |
|
|
2624 { Origin-Realm } |
|
|
2625 { Result-Code } |
|
|
2626 [ Origin-State-Id ] |
|
|
2627 [ Error-Message ] |
|
|
2628 [ Error-Reporting-Host ] |
|
|
2629 [ Failed-AVP ] |
|
|
2630 * [ Proxy-Info ] |
|
|
2631 * [ AVP ] |
|
|
2632 |
|
|
2633 Note that the code used in the header is the same than the one found |
|
|
2634 in the request message, but with the 'R' bit cleared and the 'E' bit |
|
|
2635 set. The 'P' bit in the header is set to the same value as the one |
|
|
2636 found in the request message. |
|
|
2637 */ |
|
|
2638 struct dict_object * cmd_error; |
|
|
2639 struct local_rules_definition rules[] = |
|
|
2640 { { "Session-Id", RULE_FIXED_HEAD,0, 1 } |
|
|
2641 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2642 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2643 ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
2644 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2645 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
2646 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
|
|
2647 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
2648 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
2649 }; |
|
|
2650 CHECK_FCT( fd_dict_get_error_cmd(dict, &cmd_error) ); |
|
|
2651 PARSE_loc_rules( rules, cmd_error ); |
|
|
2652 } |
|
|
2653 |
|
|
2654 /* Capabilities-Exchange-Request */ |
|
|
2655 { |
|
|
2656 /* |
|
|
2657 The Capabilities-Exchange-Request (CER), indicated by the Command- |
|
|
2658 Code set to 257 and the Command Flags' 'R' bit set, is sent to |
|
|
2659 exchange local capabilities. Upon detection of a transport failure, |
|
|
2660 this message MUST NOT be sent to an alternate peer. |
|
|
2661 |
|
|
2662 When Diameter is run over SCTP [RFC2960], which allows for |
|
|
2663 connections to span multiple interfaces and multiple IP addresses, |
|
|
2664 the Capabilities-Exchange-Request message MUST contain one Host-IP- |
|
|
2665 Address AVP for each potential IP address that MAY be locally used |
|
|
2666 when transmitting Diameter messages. |
|
|
2667 |
|
|
2668 Message Format |
|
|
2669 |
|
|
2670 <CER> ::= < Diameter Header: 257, REQ > |
|
|
2671 { Origin-Host } |
|
|
2672 { Origin-Realm } |
|
|
2673 1* { Host-IP-Address } |
|
|
2674 { Vendor-Id } |
|
|
2675 { Product-Name } |
|
|
2676 [ Origin-State-Id ] |
|
|
2677 * [ Supported-Vendor-Id ] |
|
|
2678 * [ Auth-Application-Id ] |
|
|
2679 * [ Inband-Security-Id ] |
|
|
2680 * [ Acct-Application-Id ] |
|
|
2681 * [ Vendor-Specific-Application-Id ] |
|
|
2682 [ Firmware-Revision ] |
|
|
2683 * [ AVP ] |
|
|
2684 */ |
|
|
2685 struct dict_object * cmd; |
|
|
2686 struct dict_cmd_data data = { |
|
|
2687 257, /* Code */ |
|
|
2688 #if CC_CAPABILITIES_EXCHANGE != 257 |
|
|
2689 #error "CC_CAPABILITIES_EXCHANGE definition mismatch" |
|
|
2690 #endif |
|
|
2691 "Capabilities-Exchange-Request", /* Name */ |
|
|
2692 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
2693 CMD_FLAG_REQUEST /* Fixed flag values */ |
|
|
2694 }; |
|
|
2695 struct local_rules_definition rules[] = |
|
|
2696 { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2697 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2698 ,{ "Host-IP-Address", RULE_REQUIRED, -1,-1 } |
|
|
2699 ,{ "Vendor-Id", RULE_REQUIRED, -1, 1 } |
|
|
2700 ,{ "Product-Name", RULE_REQUIRED, -1, 1 } |
|
|
2701 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2702 ,{ "Supported-Vendor-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2703 ,{ "Auth-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2704 ,{ "Inband-Security-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2705 ,{ "Acct-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2706 ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2707 ,{ "Firmware-Revision", RULE_OPTIONAL, -1, 1 } |
|
|
2708 }; |
|
|
2709 |
|
|
2710 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2711 PARSE_loc_rules( rules, cmd ); |
|
|
2712 } |
|
|
2713 |
|
|
2714 /* Capabilities-Exchange-Answer */ |
|
|
2715 { |
|
|
2716 /* |
|
|
2717 The Capabilities-Exchange-Answer (CEA), indicated by the Command-Code |
|
|
2718 set to 257 and the Command Flags' 'R' bit cleared, is sent in |
|
|
2719 response to a CER message. |
|
|
2720 |
|
|
2721 When Diameter is run over SCTP [RFC2960], which allows connections to |
|
|
2722 span multiple interfaces, hence, multiple IP addresses, the |
|
|
2723 Capabilities-Exchange-Answer message MUST contain one Host-IP-Address |
|
|
2724 AVP for each potential IP address that MAY be locally used when |
|
|
2725 transmitting Diameter messages. |
|
|
2726 |
|
|
2727 Message Format |
|
|
2728 |
|
|
2729 <CEA> ::= < Diameter Header: 257 > |
|
|
2730 { Result-Code } |
|
|
2731 { Origin-Host } |
|
|
2732 { Origin-Realm } |
|
|
2733 1* { Host-IP-Address } |
|
|
2734 { Vendor-Id } |
|
|
2735 { Product-Name } |
|
|
2736 [ Origin-State-Id ] |
|
|
2737 [ Error-Message ] |
|
|
2738 [ Failed-AVP ] |
|
|
2739 * [ Supported-Vendor-Id ] |
|
|
2740 * [ Auth-Application-Id ] |
|
|
2741 * [ Inband-Security-Id ] |
|
|
2742 * [ Acct-Application-Id ] |
|
|
2743 * [ Vendor-Specific-Application-Id ] |
|
|
2744 [ Firmware-Revision ] |
|
|
2745 * [ AVP ] |
|
|
2746 */ |
|
|
2747 struct dict_object * cmd; |
|
|
2748 struct dict_cmd_data data = { |
|
|
2749 257, /* Code */ |
|
|
2750 #if CC_CAPABILITIES_EXCHANGE != 257 |
|
|
2751 #error "CC_CAPABILITIES_EXCHANGE definition mismatch" |
|
|
2752 #endif |
|
|
2753 "Capabilities-Exchange-Answer", /* Name */ |
|
|
2754 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
|
|
2755 0 /* Fixed flag values */ |
|
|
2756 }; |
|
|
2757 struct local_rules_definition rules[] = |
|
|
2758 { { "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
2759 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2760 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2761 ,{ "Host-IP-Address", RULE_REQUIRED, -1,-1 } |
|
|
2762 ,{ "Vendor-Id", RULE_REQUIRED, -1, 1 } |
|
|
2763 ,{ "Product-Name", RULE_REQUIRED, -1, 1 } |
|
|
2764 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2765 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
2766 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
2767 ,{ "Supported-Vendor-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2768 ,{ "Auth-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2769 ,{ "Inband-Security-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2770 ,{ "Acct-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2771 ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1,-1 } |
|
|
2772 ,{ "Firmware-Revision", RULE_OPTIONAL, -1, 1 } |
|
|
2773 }; |
|
|
2774 |
|
|
2775 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2776 PARSE_loc_rules( rules, cmd ); |
|
|
2777 } |
|
|
2778 |
|
|
2779 /* Disconnect-Peer-Request */ |
|
|
2780 { |
|
|
2781 /* |
|
|
2782 The Disconnect-Peer-Request (DPR), indicated by the Command-Code set |
|
|
2783 to 282 and the Command Flags' 'R' bit set, is sent to a peer to |
|
|
2784 inform its intentions to shutdown the transport connection. Upon |
|
|
2785 detection of a transport failure, this message MUST NOT be sent to an |
|
|
2786 alternate peer. |
|
|
2787 |
|
|
2788 Message Format |
|
|
2789 |
|
|
2790 <DPR> ::= < Diameter Header: 282, REQ > |
|
|
2791 { Origin-Host } |
|
|
2792 { Origin-Realm } |
|
|
2793 { Disconnect-Cause } |
|
|
2794 */ |
|
|
2795 struct dict_object * cmd; |
|
|
2796 struct dict_cmd_data data = { |
|
|
2797 282, /* Code */ |
|
|
2798 #if CC_DISCONNECT_PEER != 282 |
|
|
2799 #error "CC_DISCONNECT_PEER definition mismatch" |
|
|
2800 #endif |
|
|
2801 "Disconnect-Peer-Request", /* Name */ |
|
|
2802 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
2803 CMD_FLAG_REQUEST /* Fixed flag values */ |
|
|
2804 }; |
|
|
2805 struct local_rules_definition rules[] = |
|
|
2806 { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2807 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2808 ,{ "Disconnect-Cause", RULE_REQUIRED, -1, 1 } |
|
|
2809 }; |
|
|
2810 |
|
|
2811 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2812 PARSE_loc_rules( rules, cmd ); |
|
|
2813 } |
|
|
2814 |
|
|
2815 /* Disconnect-Peer-Answer */ |
|
|
2816 { |
|
|
2817 /* |
|
|
2818 The Disconnect-Peer-Answer (DPA), indicated by the Command-Code set |
|
|
2819 to 282 and the Command Flags' 'R' bit cleared, is sent as a response |
|
|
2820 to the Disconnect-Peer-Request message. Upon receipt of this |
|
|
2821 message, the transport connection is shutdown. |
|
|
2822 |
|
|
2823 Message Format |
|
|
2824 |
|
|
2825 <DPA> ::= < Diameter Header: 282 > |
|
|
2826 { Result-Code } |
|
|
2827 { Origin-Host } |
|
|
2828 { Origin-Realm } |
|
|
2829 [ Error-Message ] |
|
|
2830 [ Failed-AVP ] |
|
|
2831 */ |
|
|
2832 struct dict_object * cmd; |
|
|
2833 struct dict_cmd_data data = { |
|
|
2834 282, /* Code */ |
|
|
2835 #if CC_DISCONNECT_PEER != 282 |
|
|
2836 #error "CC_DISCONNECT_PEER definition mismatch" |
|
|
2837 #endif |
|
|
2838 "Disconnect-Peer-Answer", /* Name */ |
|
|
2839 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
|
|
2840 0 /* Fixed flag values */ |
|
|
2841 }; |
|
|
2842 struct local_rules_definition rules[] = |
|
|
2843 { { "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
2844 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2845 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2846 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
2847 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
2848 }; |
|
|
2849 |
|
|
2850 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2851 PARSE_loc_rules( rules, cmd ); |
|
|
2852 } |
|
|
2853 |
|
|
2854 /* Device-Watchdog-Request */ |
|
|
2855 { |
|
|
2856 /* |
|
|
2857 The Device-Watchdog-Request (DWR), indicated by the Command-Code set |
|
|
2858 to 280 and the Command Flags' 'R' bit set, is sent to a peer when no |
|
|
2859 traffic has been exchanged between two peers (see Section 5.5.3). |
|
|
2860 Upon detection of a transport failure, this message MUST NOT be sent |
|
|
2861 to an alternate peer. |
|
|
2862 |
|
|
2863 Message Format |
|
|
2864 |
|
|
2865 <DWR> ::= < Diameter Header: 280, REQ > |
|
|
2866 { Origin-Host } |
|
|
2867 { Origin-Realm } |
|
|
2868 [ Origin-State-Id ] |
|
|
2869 */ |
|
|
2870 struct dict_object * cmd; |
|
|
2871 struct dict_cmd_data data = { |
|
|
2872 280, /* Code */ |
|
|
2873 #if CC_DEVICE_WATCHDOG != 280 |
|
|
2874 #error "CC_DEVICE_WATCHDOG definition mismatch" |
|
|
2875 #endif |
|
|
2876 "Device-Watchdog-Request", /* Name */ |
|
|
2877 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
2878 CMD_FLAG_REQUEST /* Fixed flag values */ |
|
|
2879 }; |
|
|
2880 struct local_rules_definition rules[] = |
|
|
2881 { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2882 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2883 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2884 }; |
|
|
2885 |
|
|
2886 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2887 PARSE_loc_rules( rules, cmd ); |
|
|
2888 } |
|
|
2889 |
|
|
2890 /* Device-Watchdog-Answer */ |
|
|
2891 { |
|
|
2892 /* |
|
|
2893 The Device-Watchdog-Answer (DWA), indicated by the Command-Code set |
|
|
2894 to 280 and the Command Flags' 'R' bit cleared, is sent as a response |
|
|
2895 to the Device-Watchdog-Request message. |
|
|
2896 |
|
|
2897 Message Format |
|
|
2898 |
|
|
2899 <DWA> ::= < Diameter Header: 280 > |
|
|
2900 { Result-Code } |
|
|
2901 { Origin-Host } |
|
|
2902 { Origin-Realm } |
|
|
2903 [ Error-Message ] |
|
|
2904 [ Failed-AVP ] |
|
|
2905 [ Origin-State-Id ] |
|
|
2906 */ |
|
|
2907 struct dict_object * cmd; |
|
|
2908 struct dict_cmd_data data = { |
|
|
2909 280, /* Code */ |
|
|
2910 #if CC_DEVICE_WATCHDOG != 280 |
|
|
2911 #error "CC_DEVICE_WATCHDOG definition mismatch" |
|
|
2912 #endif |
|
|
2913 "Device-Watchdog-Answer", /* Name */ |
|
|
2914 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
|
|
2915 0 /* Fixed flag values */ |
|
|
2916 }; |
|
|
2917 struct local_rules_definition rules[] = |
|
|
2918 { { "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
2919 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2920 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2921 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
2922 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
2923 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2924 }; |
|
|
2925 |
|
|
2926 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2927 PARSE_loc_rules( rules, cmd ); |
|
|
2928 } |
|
|
2929 |
|
|
2930 /* Re-Auth-Request */ |
|
|
2931 { |
|
|
2932 /* |
|
|
2933 The Re-Auth-Request (RAR), indicated by the Command-Code set to 258 |
|
|
2934 and the message flags' 'R' bit set, may be sent by any server to the |
|
|
2935 access device that is providing session service, to request that the |
|
|
2936 user be re-authenticated and/or re-authorized. |
|
|
2937 |
|
|
2938 |
|
|
2939 Message Format |
|
|
2940 |
|
|
2941 <RAR> ::= < Diameter Header: 258, REQ, PXY > |
|
|
2942 < Session-Id > |
|
|
2943 { Origin-Host } |
|
|
2944 { Origin-Realm } |
|
|
2945 { Destination-Realm } |
|
|
2946 { Destination-Host } |
|
|
2947 { Auth-Application-Id } |
|
|
2948 { Re-Auth-Request-Type } |
|
|
2949 [ User-Name ] |
|
|
2950 [ Origin-State-Id ] |
|
|
2951 * [ Proxy-Info ] |
|
|
2952 * [ Route-Record ] |
|
|
2953 * [ AVP ] |
|
|
2954 */ |
|
|
2955 struct dict_object * cmd; |
|
|
2956 struct dict_cmd_data data = { |
|
|
2957 258, /* Code */ |
|
|
2958 #if CC_RE_AUTH != 258 |
|
|
2959 #error "CC_RE_AUTH definition mismatch" |
|
|
2960 #endif |
|
|
2961 "Re-Auth-Request", /* Name */ |
|
|
2962 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
2963 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
2964 }; |
|
|
2965 struct local_rules_definition rules[] = |
|
|
2966 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
2967 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
2968 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2969 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
|
|
2970 ,{ "Destination-Host", RULE_REQUIRED, -1, 1 } |
|
|
2971 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
|
|
2972 ,{ "Re-Auth-Request-Type", RULE_REQUIRED, -1, 1 } |
|
|
2973 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
2974 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
2975 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
2976 ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
|
|
2977 }; |
|
|
2978 |
|
|
2979 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
2980 PARSE_loc_rules( rules, cmd ); |
|
|
2981 } |
|
|
2982 |
|
|
2983 /* Re-Auth-Answer */ |
|
|
2984 { |
|
|
2985 /* |
|
|
2986 The Re-Auth-Answer (RAA), indicated by the Command-Code set to 258 |
|
|
2987 and the message flags' 'R' bit clear, is sent in response to the RAR. |
|
|
2988 The Result-Code AVP MUST be present, and indicates the disposition of |
|
|
2989 the request. |
|
|
2990 |
|
|
2991 A successful RAA message MUST be followed by an application-specific |
|
|
2992 authentication and/or authorization message. |
|
|
2993 |
|
|
2994 |
|
|
2995 Message Format |
|
|
2996 |
|
|
2997 <RAA> ::= < Diameter Header: 258, PXY > |
|
|
2998 < Session-Id > |
|
|
2999 { Result-Code } |
|
|
3000 { Origin-Host } |
|
|
3001 { Origin-Realm } |
|
|
3002 [ User-Name ] |
|
|
3003 [ Origin-State-Id ] |
|
|
3004 [ Error-Message ] |
|
|
3005 [ Error-Reporting-Host ] |
|
|
3006 [ Failed-AVP ] |
|
|
3007 * [ Redirect-Host ] |
|
|
3008 [ Redirect-Host-Usage ] |
|
|
3009 [ Redirect-Max-Cache-Time ] |
|
|
3010 * [ Proxy-Info ] |
|
|
3011 * [ AVP ] |
|
|
3012 */ |
|
|
3013 struct dict_object * cmd; |
|
|
3014 struct dict_cmd_data data = { |
|
|
3015 258, /* Code */ |
|
|
3016 #if CC_RE_AUTH != 258 |
|
|
3017 #error "CC_RE_AUTH definition mismatch" |
|
|
3018 #endif |
|
|
3019 "Re-Auth-Answer", /* Name */ |
|
|
3020 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
|
|
3021 CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3022 }; |
|
|
3023 struct local_rules_definition rules[] = |
|
|
3024 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3025 ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
3026 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3027 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3028 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3029 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3030 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
3031 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3032 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
3033 ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
|
|
3034 ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
|
|
3035 ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
|
|
3036 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3037 }; |
|
|
3038 |
|
|
3039 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3040 PARSE_loc_rules( rules, cmd ); |
|
|
3041 } |
|
|
3042 |
|
|
3043 /* Session-Termination-Request */ |
|
|
3044 { |
|
|
3045 /* |
|
|
3046 The Session-Termination-Request (STR), indicated by the Command-Code |
|
|
3047 set to 275 and the Command Flags' 'R' bit set, is sent by the access |
|
|
3048 device to inform the Diameter Server that an authenticated and/or |
|
|
3049 authorized session is being terminated. |
|
|
3050 |
|
|
3051 |
|
|
3052 Message Format |
|
|
3053 |
|
|
3054 <STR> ::= < Diameter Header: 275, REQ, PXY > |
|
|
3055 < Session-Id > |
|
|
3056 { Origin-Host } |
|
|
3057 { Origin-Realm } |
|
|
3058 { Destination-Realm } |
|
|
3059 { Auth-Application-Id } |
|
|
3060 { Termination-Cause } |
|
|
3061 [ User-Name ] |
|
|
3062 [ Destination-Host ] |
|
|
3063 * [ Class ] |
|
|
3064 [ Origin-State-Id ] |
|
|
3065 * [ Proxy-Info ] |
|
|
3066 * [ Route-Record ] |
|
|
3067 * [ AVP ] |
|
|
3068 */ |
|
|
3069 struct dict_object * cmd; |
|
|
3070 struct dict_cmd_data data = { |
|
|
3071 275, /* Code */ |
|
|
3072 #if CC_SESSION_TERMINATION != 275 |
|
|
3073 #error "CC_SESSION_TERMINATION definition mismatch" |
|
|
3074 #endif |
|
|
3075 "Session-Termination-Request", /* Name */ |
|
|
3076 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
3077 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3078 }; |
|
|
3079 struct local_rules_definition rules[] = |
|
|
3080 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3081 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3082 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3083 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3084 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
|
|
3085 ,{ "Termination-Cause", RULE_REQUIRED, -1, 1 } |
|
|
3086 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3087 ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3088 ,{ "Class", RULE_OPTIONAL, -1,-1 } |
|
|
3089 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3090 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3091 ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
|
|
3092 }; |
|
|
3093 |
|
|
3094 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3095 PARSE_loc_rules( rules, cmd ); |
|
|
3096 } |
|
|
3097 |
|
|
3098 /* Session-Termination-Answer */ |
|
|
3099 { |
|
|
3100 /* |
|
|
3101 The Session-Termination-Answer (STA), indicated by the Command-Code |
|
|
3102 set to 275 and the message flags' 'R' bit clear, is sent by the |
|
|
3103 Diameter Server to acknowledge the notification that the session has |
|
|
3104 been terminated. The Result-Code AVP MUST be present, and MAY |
|
|
3105 contain an indication that an error occurred while servicing the STR. |
|
|
3106 |
|
|
3107 Upon sending or receipt of the STA, the Diameter Server MUST release |
|
|
3108 all resources for the session indicated by the Session-Id AVP. Any |
|
|
3109 intermediate server in the Proxy-Chain MAY also release any |
|
|
3110 resources, if necessary. |
|
|
3111 |
|
|
3112 Message Format |
|
|
3113 |
|
|
3114 <STA> ::= < Diameter Header: 275, PXY > |
|
|
3115 < Session-Id > |
|
|
3116 { Result-Code } |
|
|
3117 { Origin-Host } |
|
|
3118 { Origin-Realm } |
|
|
3119 [ User-Name ] |
|
|
3120 * [ Class ] |
|
|
3121 [ Error-Message ] |
|
|
3122 [ Error-Reporting-Host ] |
|
|
3123 [ Failed-AVP ] |
|
|
3124 [ Origin-State-Id ] |
|
|
3125 * [ Redirect-Host ] |
|
|
3126 [ Redirect-Host-Usage ] |
|
|
3127 [ Redirect-Max-Cache-Time ] |
|
|
3128 * [ Proxy-Info ] |
|
|
3129 * [ AVP ] |
|
|
3130 */ |
|
|
3131 struct dict_object * cmd; |
|
|
3132 struct dict_cmd_data data = { |
|
|
3133 275, /* Code */ |
|
|
3134 #if CC_SESSION_TERMINATION != 275 |
|
|
3135 #error "CC_SESSION_TERMINATION definition mismatch" |
|
|
3136 #endif |
|
|
3137 "Session-Termination-Answer", /* Name */ |
|
|
3138 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
|
|
3139 CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3140 }; |
|
|
3141 struct local_rules_definition rules[] = |
|
|
3142 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3143 ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
3144 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3145 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3146 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3147 ,{ "Class", RULE_OPTIONAL, -1,-1 } |
|
|
3148 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
3149 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3150 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
3151 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3152 ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
|
|
3153 ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
|
|
3154 ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
|
|
3155 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3156 }; |
|
|
3157 |
|
|
3158 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3159 PARSE_loc_rules( rules, cmd ); |
|
|
3160 } |
|
|
3161 |
|
|
3162 /* Abort-Session-Request */ |
|
|
3163 { |
|
|
3164 /* |
|
|
3165 The Abort-Session-Request (ASR), indicated by the Command-Code set to |
|
|
3166 274 and the message flags' 'R' bit set, may be sent by any server to |
|
|
3167 the access device that is providing session service, to request that |
|
|
3168 the session identified by the Session-Id be stopped. |
|
|
3169 |
|
|
3170 |
|
|
3171 Message Format |
|
|
3172 |
|
|
3173 <ASR> ::= < Diameter Header: 274, REQ, PXY > |
|
|
3174 < Session-Id > |
|
|
3175 { Origin-Host } |
|
|
3176 { Origin-Realm } |
|
|
3177 { Destination-Realm } |
|
|
3178 { Destination-Host } |
|
|
3179 { Auth-Application-Id } |
|
|
3180 [ User-Name ] |
|
|
3181 [ Origin-State-Id ] |
|
|
3182 * [ Proxy-Info ] |
|
|
3183 * [ Route-Record ] |
|
|
3184 * [ AVP ] |
|
|
3185 */ |
|
|
3186 struct dict_object * cmd; |
|
|
3187 struct dict_cmd_data data = { |
|
|
3188 274, /* Code */ |
|
|
3189 #if CC_ABORT_SESSION != 274 |
|
|
3190 #error "CC_ABORT_SESSION definition mismatch" |
|
|
3191 #endif |
|
|
3192 "Abort-Session-Request", /* Name */ |
|
|
3193 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
3194 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3195 }; |
|
|
3196 struct local_rules_definition rules[] = |
|
|
3197 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3198 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3199 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3200 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3201 ,{ "Destination-Host", RULE_REQUIRED, -1, 1 } |
|
|
3202 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
|
|
3203 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3204 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3205 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3206 ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
|
|
3207 }; |
|
|
3208 |
|
|
3209 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3210 PARSE_loc_rules( rules, cmd ); |
|
|
3211 } |
|
|
3212 |
|
|
3213 /* Abort-Session-Answer */ |
|
|
3214 { |
|
|
3215 /* |
|
|
3216 The Abort-Session-Answer (ASA), indicated by the Command-Code set to |
|
|
3217 274 and the message flags' 'R' bit clear, is sent in response to the |
|
|
3218 ASR. The Result-Code AVP MUST be present, and indicates the |
|
|
3219 disposition of the request. |
|
|
3220 |
|
|
3221 If the session identified by Session-Id in the ASR was successfully |
|
|
3222 terminated, Result-Code is set to DIAMETER_SUCCESS. If the session |
|
|
3223 is not currently active, Result-Code is set to |
|
|
3224 DIAMETER_UNKNOWN_SESSION_ID. If the access device does not stop the |
|
|
3225 session for any other reason, Result-Code is set to |
|
|
3226 DIAMETER_UNABLE_TO_COMPLY. |
|
|
3227 |
|
|
3228 Message Format |
|
|
3229 |
|
|
3230 <ASA> ::= < Diameter Header: 274, PXY > |
|
|
3231 < Session-Id > |
|
|
3232 { Result-Code } |
|
|
3233 { Origin-Host } |
|
|
3234 { Origin-Realm } |
|
|
3235 [ User-Name ] |
|
|
3236 [ Origin-State-Id ] |
|
|
3237 [ Error-Message ] |
|
|
3238 [ Error-Reporting-Host ] |
|
|
3239 [ Failed-AVP ] |
|
|
3240 * [ Redirect-Host ] |
|
|
3241 [ Redirect-Host-Usage ] |
|
|
3242 [ Redirect-Max-Cache-Time ] |
|
|
3243 * [ Proxy-Info ] |
|
|
3244 * [ AVP ] |
|
|
3245 */ |
|
|
3246 struct dict_object * cmd; |
|
|
3247 struct dict_cmd_data data = { |
|
|
3248 274, /* Code */ |
|
|
3249 #if CC_ABORT_SESSION != 274 |
|
|
3250 #error "CC_ABORT_SESSION definition mismatch" |
|
|
3251 #endif |
|
|
3252 "Abort-Session-Answer", /* Name */ |
|
|
3253 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
|
|
3254 CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3255 }; |
|
|
3256 struct local_rules_definition rules[] = |
|
|
3257 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3258 ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
3259 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3260 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3261 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3262 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3263 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
3264 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3265 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
3266 ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
|
|
3267 ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
|
|
3268 ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
|
|
3269 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3270 }; |
|
|
3271 |
|
|
3272 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3273 PARSE_loc_rules( rules, cmd ); |
|
|
3274 } |
|
|
3275 |
|
|
3276 /* Accounting-Request */ |
|
|
3277 { |
|
|
3278 /* |
|
|
3279 The Accounting-Request (ACR) command, indicated by the Command-Code |
|
|
3280 field set to 271 and the Command Flags' 'R' bit set, is sent by a |
|
|
3281 Diameter node, acting as a client, in order to exchange accounting |
|
|
3282 information with a peer. |
|
|
3283 |
|
|
3284 One of Acct-Application-Id and Vendor-Specific-Application-Id AVPs |
|
|
3285 MUST be present. If the Vendor-Specific-Application-Id grouped AVP |
|
|
3286 is present, it MUST include an Acct-Application-Id AVP. |
|
|
3287 |
|
|
3288 The AVP listed below SHOULD include service specific accounting AVPs, |
|
|
3289 as described in Section 9.3. |
|
|
3290 |
|
|
3291 |
|
|
3292 Message Format |
|
|
3293 |
|
|
3294 <ACR> ::= < Diameter Header: 271, REQ, PXY > |
|
|
3295 < Session-Id > |
|
|
3296 { Origin-Host } |
|
|
3297 { Origin-Realm } |
|
|
3298 { Destination-Realm } |
|
|
3299 { Accounting-Record-Type } |
|
|
3300 { Accounting-Record-Number } |
|
|
3301 [ Acct-Application-Id ] |
|
|
3302 [ Vendor-Specific-Application-Id ] |
|
|
3303 [ User-Name ] |
|
|
3304 [ Destination-Host ] |
|
|
3305 [ Accounting-Sub-Session-Id ] |
|
|
3306 [ Acct-Session-Id ] |
|
|
3307 [ Acct-Multi-Session-Id ] |
|
|
3308 [ Acct-Interim-Interval ] |
|
|
3309 [ Accounting-Realtime-Required ] |
|
|
3310 [ Origin-State-Id ] |
|
|
3311 [ Event-Timestamp ] |
|
|
3312 * [ Proxy-Info ] |
|
|
3313 * [ Route-Record ] |
|
|
3314 * [ AVP ] |
|
|
3315 */ |
|
|
3316 struct dict_object * cmd; |
|
|
3317 struct dict_cmd_data data = { |
|
|
3318 271, /* Code */ |
|
|
3319 #if CC_ACCOUNTING != 271 |
|
|
3320 #error "CC_ACCOUNTING definition mismatch" |
|
|
3321 #endif |
|
|
3322 "Accounting-Request", /* Name */ |
|
|
3323 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
|
|
3324 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3325 }; |
|
|
3326 struct local_rules_definition rules[] = |
|
|
3327 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3328 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3329 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3330 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3331 ,{ "Accounting-Record-Type", RULE_REQUIRED, -1, 1 } |
|
|
3332 ,{ "Accounting-Record-Number", RULE_REQUIRED, -1, 1 } |
|
|
3333 ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3334 ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3335 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3336 ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3337 ,{ "Accounting-Sub-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3338 ,{ "Acct-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3339 ,{ "Acct-Multi-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3340 ,{ "Acct-Interim-Interval", RULE_OPTIONAL, -1, 1 } |
|
|
3341 ,{ "Accounting-Realtime-Required", RULE_OPTIONAL, -1, 1 } |
|
|
3342 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3343 ,{ "Event-Timestamp", RULE_OPTIONAL, -1, 1 } |
|
|
3344 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3345 ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
|
|
3346 }; |
|
|
3347 |
|
|
3348 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3349 PARSE_loc_rules( rules, cmd ); |
|
|
3350 } |
|
|
3351 |
|
|
3352 /* Accounting-Answer */ |
|
|
3353 { |
|
|
3354 /* |
|
|
3355 The Accounting-Answer (ACA) command, indicated by the Command-Code |
|
|
3356 field set to 271 and the Command Flags' 'R' bit cleared, is used to |
|
|
3357 acknowledge an Accounting-Request command. The Accounting-Answer |
|
|
3358 command contains the same Session-Id as the corresponding request. |
|
|
3359 |
|
|
3360 Only the target Diameter Server, known as the home Diameter Server, |
|
|
3361 SHOULD respond with the Accounting-Answer command. |
|
|
3362 |
|
|
3363 One of Acct-Application-Id and Vendor-Specific-Application-Id AVPs |
|
|
3364 MUST be present. If the Vendor-Specific-Application-Id grouped AVP |
|
|
3365 is present, it MUST contain an Acct-Application-Id AVP. |
|
|
3366 |
|
|
3367 The AVP listed below SHOULD include service specific accounting AVPs, |
|
|
3368 as described in Section 9.3. |
|
|
3369 |
|
|
3370 |
|
|
3371 Message Format |
|
|
3372 |
|
|
3373 <ACA> ::= < Diameter Header: 271, PXY > |
|
|
3374 < Session-Id > |
|
|
3375 { Result-Code } |
|
|
3376 { Origin-Host } |
|
|
3377 { Origin-Realm } |
|
|
3378 { Accounting-Record-Type } |
|
|
3379 { Accounting-Record-Number } |
|
|
3380 [ Acct-Application-Id ] |
|
|
3381 [ Vendor-Specific-Application-Id ] |
|
|
3382 [ User-Name ] |
|
|
3383 [ Accounting-Sub-Session-Id ] |
|
|
3384 [ Acct-Session-Id ] |
|
|
3385 [ Acct-Multi-Session-Id ] |
|
|
3386 [ Error-Message ] |
|
|
3387 [ Error-Reporting-Host ] |
|
|
3388 [ Failed-AVP ] |
|
|
3389 [ Acct-Interim-Interval ] |
|
|
3390 [ Accounting-Realtime-Required ] |
|
|
3391 [ Origin-State-Id ] |
|
|
3392 [ Event-Timestamp ] |
|
|
3393 * [ Proxy-Info ] |
|
|
3394 * [ AVP ] |
|
|
3395 */ |
|
|
3396 struct dict_object * cmd; |
|
|
3397 struct dict_cmd_data data = { |
|
|
3398 271, /* Code */ |
|
|
3399 #if CC_ACCOUNTING != 271 |
|
|
3400 #error "CC_ACCOUNTING definition mismatch" |
|
|
3401 #endif |
|
|
3402 "Accounting-Answer", /* Name */ |
|
|
3403 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
|
|
3404 CMD_FLAG_PROXIABLE /* Fixed flag values */ |
|
|
3405 }; |
|
|
3406 struct local_rules_definition rules[] = |
|
|
3407 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
|
|
3408 ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
|
|
3409 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
|
|
3410 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
|
|
3411 ,{ "Accounting-Record-Type", RULE_REQUIRED, -1, 1 } |
|
|
3412 ,{ "Accounting-Record-Number", RULE_REQUIRED, -1, 1 } |
|
|
3413 ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3414 ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3415 ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
|
|
3416 ,{ "Accounting-Sub-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3417 ,{ "Acct-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3418 ,{ "Acct-Multi-Session-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3419 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
|
|
3420 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
|
|
3421 ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
|
|
3422 ,{ "Acct-Interim-Interval", RULE_OPTIONAL, -1, 1 } |
|
|
3423 ,{ "Accounting-Realtime-Required", RULE_OPTIONAL, -1, 1 } |
|
|
3424 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
|
|
3425 ,{ "Event-Timestamp", RULE_OPTIONAL, -1, 1 } |
|
|
3426 ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
|
|
3427 }; |
|
|
3428 |
|
|
3429 CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
|
|
3430 PARSE_loc_rules( rules, cmd ); |
|
|
3431 } |
|
|
3432 } |
|
|
3433 |
|
|
3434 return 0; |
|
|
3435 } |
