freeDiameter: libfdcore/p

annotate libfdcore/p_ce.c @ 1559:2dbc816d48f4

Fail when a peer with empty Origin-Realm tries to connect. Empty Origin-Realms cause problems in the routing code later. Reduce warnings when reporting an empty Failed-AVP; both avp_source and avp_rawdata are NULL in this case.

author	Thomas Klausner <wiz@gatalith.at>
date	Tue, 27 Oct 2020 10:50:04 +0100
parents	566bb46cc73f
children

rev	line source
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1 /*********************************************************************************************************
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	2 * Software License Agreement (BSD License) *
740 4a9f08d6b6ba Updated my mail address Sebastien Decugis <sdecugis@nict.go.jp> parents: 738 diff changeset	3 * Author: Sebastien Decugis <sdecugis@freediameter.net> *
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	4 * *
1554 566bb46cc73f Updated copyright information Sebastien Decugis <sdecugis@freediameter.net> parents: 1405 diff changeset	5 * Copyright (c) 2020, WIDE Project and NICT *
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	6 * All rights reserved. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	7 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	9 * permitted provided that the following conditions are met: *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	10 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	11 * * Redistributions of source code must retain the above *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	12 * copyright notice, this list of conditions and the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	13 * following disclaimer. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	14 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	15 * * Redistributions in binary form must reproduce the above *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	16 * copyright notice, this list of conditions and the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	17 * following disclaimer in the documentation and/or other *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	18 * materials provided with the distribution. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	19 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	20 * * Neither the name of the WIDE Project or NICT nor the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	21 * names of its contributors may be used to endorse or *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	22 * promote products derived from this software without *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	23 * specific prior written permission of WIDE Project and *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	24 * NICT. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	25 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	34 *********************************************************************************************************/
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	35
658 f198d16fa7f4 Initial commit for 1.1.0: Sebastien Decugis <sdecugis@nict.go.jp> parents: 454 diff changeset	36 #include "fdcore-internal.h"
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	37
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	38 /* This file contains code to handle Capabilities Exchange messages (CER and CEA) and election process */
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	39
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	40 /* Save a connection as peer's principal */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	41 static int set_peer_cnx(struct fd_peer * peer, struct cnxctx **cnx)
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	42 {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	43 CHECK_PARAMS( peer->p_cnxctx == NULL );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	44
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	45 /* Save the connection in peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	46 peer->p_cnxctx = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	47 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	48
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	49 /* Set the events to be sent to the PSM */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	50 CHECK_FCT( fd_cnx_recv_setaltfifo(peer->p_cnxctx, peer->p_events) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	51
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	52 /* Read the credentials if possible */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	53 if (fd_cnx_getTLS(peer->p_cnxctx)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	54 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	55 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	56
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	57 /* Read the endpoints, maybe used to reconnect to the peer later */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	58 CHECK_FCT( fd_cnx_getremoteeps(peer->p_cnxctx, &peer->p_hdr.info.pi_endpoints) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	59
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	60 /* Read the protocol */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	61 peer->p_hdr.info.runtime.pir_proto = fd_cnx_getproto(peer->p_cnxctx);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	62
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	63 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	64 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	65
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	66 /* Delete the peer connection, and cleanup associated information */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	67 void fd_p_ce_clear_cnx(struct fd_peer * peer, struct cnxctx ** cnx_kept)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	68 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	69 peer->p_hdr.info.runtime.pir_cert_list = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	70 peer->p_hdr.info.runtime.pir_cert_list_size = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	71 peer->p_hdr.info.runtime.pir_proto = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	72
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	73 if (peer->p_cnxctx) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	74 if (cnx_kept != NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	75 *cnx_kept = peer->p_cnxctx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	76 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	77 fd_cnx_destroy(peer->p_cnxctx);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	78 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	79 peer->p_cnxctx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	80 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	81 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	82
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	83 /* Election: compare the Diameter Ids by lexical order, return true if the election is won */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	84 static __inline__ int election_result(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	85 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	86 int ret = (strcasecmp(peer->p_hdr.info.pi_diamid, fd_g_config->cnf_diamid) < 0);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	87 if (ret) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	88 TRACE_DEBUG(INFO, "Election WON against peer '%s'", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	89 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	90 TRACE_DEBUG(INFO, "Election LOST against peer '%s'", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	91 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	92 return ret;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	93 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	94
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	95 /* Add AVPs about local information in a CER or CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	96 static int add_CE_info(struct msg msg, struct cnxctx cnx, int isi_tls, int isi_none)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	97 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	98 struct dict_object * dictobj = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	99 struct avp * avp = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	100 union avp_value val;
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	101 struct fd_list *li;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	102
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	103 /* Add the Origin-* AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	104 CHECK_FCT( fd_msg_add_origin ( msg, 1 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	105
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	106 /* Find the model for Host-IP-Address AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	107 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Host-IP-Address", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	108
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	109 /* Add the AVP(s) -- not sure what is the purpose... We could probably only add the primary one ? */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	110 for (li = fd_g_config->cnf_endpoints.next; li != &fd_g_config->cnf_endpoints; li = li->next) {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	111 struct fd_endpoint * ep = (struct fd_endpoint *)li;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	112 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	113 CHECK_FCT( fd_msg_avp_value_encode ( &ep->ss, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	114 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	115 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	116
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	117 /* Vendor-Id, Product-Name, and Firmware-Revision AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	118 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	119 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	120 val.u32 = MY_VENDOR_ID;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	121 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	122 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	123
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	124 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Product-Name", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	125 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	126 val.os.data = (unsigned char *)FD_PROJECT_NAME;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	127 val.os.len = strlen(FD_PROJECT_NAME);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	128 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	129 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	130
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	131 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Firmware-Revision", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	132 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	133 val.u32 = (uint32_t)(FD_PROJECT_VERSION_MAJOR * 10000 + FD_PROJECT_VERSION_MINOR * 100 + FD_PROJECT_VERSION_REV);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	134 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	135 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	136
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	137
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	138 /* Add the Inband-Security-Id AVP if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	139 if (isi_tls \|\| isi_none) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	140 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Inband-Security-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	141
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	142 if (isi_none) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	143 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	144 val.u32 = ACV_ISI_NO_INBAND_SECURITY;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	145 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	146 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	147 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	148
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	149 if (isi_tls) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	150 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	151 val.u32 = ACV_ISI_TLS;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	152 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	153 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	154 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	155 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	156
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	157 /* List of local applications */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	158 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	159 struct dict_object * dictobj_auth = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	160 struct dict_object * dictobj_acct = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	161 struct dict_object * dictobj_vid = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	162
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	163 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Specific-Application-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	164 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Id", &dictobj_vid, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	165 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Auth-Application-Id", &dictobj_auth, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	166 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Acct-Application-Id", &dictobj_acct, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	167
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	168 for (li = fd_g_config->cnf_apps.next; li != &fd_g_config->cnf_apps; li = li->next) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	169 struct fd_app * a = (struct fd_app *)(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	170
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	171 if (a->flags.auth) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	172 CHECK_FCT( fd_msg_avp_new ( dictobj_auth, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	173 val.u32 = a->appid;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	174 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	175 if (a->vndid != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	176 struct avp * avp2 = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	177 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	178 CHECK_FCT( fd_msg_avp_add( avp2, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	179 avp = avp2;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	180 CHECK_FCT( fd_msg_avp_new ( dictobj_vid, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	181 val.u32 = a->vndid;
110 0e21b85edf85 Fix buggy CE info function for vendor-specific application id Sebastien Decugis <sdecugis@nict.go.jp> parents: 105 diff changeset	182 CHECK_FCT( fd_msg_avp_setvalue( avp2, &val ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	183 CHECK_FCT( fd_msg_avp_add( avp, MSG_BRW_LAST_CHILD, avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	184 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	185 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	186 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	187 if (a->flags.acct) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	188 CHECK_FCT( fd_msg_avp_new ( dictobj_acct, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	189 val.u32 = a->appid;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	190 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	191 if (a->vndid != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	192 struct avp * avp2 = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	193 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	194 CHECK_FCT( fd_msg_avp_add( avp2, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	195 avp = avp2;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	196 CHECK_FCT( fd_msg_avp_new ( dictobj_vid, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	197 val.u32 = a->vndid;
110 0e21b85edf85 Fix buggy CE info function for vendor-specific application id Sebastien Decugis <sdecugis@nict.go.jp> parents: 105 diff changeset	198 CHECK_FCT( fd_msg_avp_setvalue( avp2, &val ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	199 CHECK_FCT( fd_msg_avp_add( avp, MSG_BRW_LAST_CHILD, avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	200 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	201 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	202 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	203 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	204
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	205 /* do not forget the relay application */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	206 if (! fd_g_config->cnf_flags.no_fwd) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	207 CHECK_FCT( fd_msg_avp_new ( dictobj_auth, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	208 val.u32 = AI_RELAY;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	209 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	210 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	211 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	212 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	213
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	214 /* Add the list of supported vendors */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	215 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	216 uint32_t * array = fd_dict_get_vendorid_list(fd_g_config->cnf_dict);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	217 if (array) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	218 int i = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	219 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Supported-Vendor-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	220
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	221 while (array[i] != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	222 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	223 val.u32 = array[i];
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	224 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	225 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	226 i++;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	227 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	228
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	229 free(array);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	230 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	231 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	232
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	233 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	234 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	235
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	236 /* Remove any information saved from a previous CER/CEA exchange */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	237 static void cleanup_remote_CE_info(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	238 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	239 /* free linked information */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	240 free(peer->p_hdr.info.runtime.pir_realm);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	241 free(peer->p_hdr.info.runtime.pir_prodname);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	242 while (!FD_IS_LIST_EMPTY(&peer->p_hdr.info.runtime.pir_apps)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	243 struct fd_list * li = peer->p_hdr.info.runtime.pir_apps.next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	244 fd_list_unlink(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	245 free(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	246 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	247 /* note: pir_cert_list needs not be freed (belongs to gnutls) */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	248
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	249 /* cleanup the area */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	250 memset(&peer->p_hdr.info.runtime, 0, sizeof(peer->p_hdr.info.runtime));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	251
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	252 /* reinit the list */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	253 fd_list_init(&peer->p_hdr.info.runtime.pir_apps, peer);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	254
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	255 /* Remove previously advertised endpoints */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	256 fd_ep_clearflags( &peer->p_hdr.info.pi_endpoints, EP_FL_ADV );
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	257 }
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	258
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	259 /* Extract information sent by the remote peer and save it in our peer structure */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	260 static int save_remote_CE_info(struct msg * msg, struct fd_peer * peer, struct fd_pei * error, uint32_t *rc)
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	261 {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	262 struct avp * avp = NULL;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	263
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	264 cleanup_remote_CE_info(peer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	265
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	266 CHECK_FCT( fd_msg_browse( msg, MSG_BRW_FIRST_CHILD, &avp, NULL) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	267
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	268 /* Loop on all AVPs and save what we are interrested into */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	269 while (avp) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	270 struct avp_hdr * hdr;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	271
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	272 CHECK_FCT( fd_msg_avp_hdr( avp, &hdr ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	273
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	274 if (hdr->avp_flags & AVP_FLAG_VENDOR) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	275 /* Ignore all vendor-specific AVPs in CER/CEA because we don't support any currently */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	276 LOG_A("Ignored a vendor-specific AVP in CER / CEA");
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	277 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	278 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	279
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	280 switch (hdr->avp_code) {
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	281 case AC_RESULT_CODE: /* Result-Code */
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	282 if (hdr->avp_value == NULL) {
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	283 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	284 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	285 ASSERT(0); /* To check if this really happens, and understand why... */
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	286 goto next;
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	287 }
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	288
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	289 if (rc)
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	290 *rc = hdr->avp_value->u32;
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	291 break;
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	292
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	293 case AC_ORIGIN_HOST: /* Origin-Host */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	294 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	295 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	296 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	297 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	298 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	299 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	300
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	301 /* We check that the value matches what we know, otherwise disconnect the peer */
738 d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	302 if (fd_os_almostcasesrch(hdr->avp_value->os.data, hdr->avp_value->os.len,
d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	303 peer->p_hdr.info.pi_diamid, peer->p_hdr.info.pi_diamidlen, NULL)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	304 TRACE_DEBUG(INFO, "Received a message with Origin-Host set to '%.*s' while expecting '%s'",
1027 0117a7746b21 Fix a number of errors and warnings introduced/highlighted by recent commits Sebastien Decugis <sdecugis@freediameter.net> parents: 1010 diff changeset	305 (int)hdr->avp_value->os.len, hdr->avp_value->os.data, peer->p_hdr.info.pi_diamid);
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	306 error->pei_errcode = "DIAMETER_AVP_NOT_ALLOWED";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	307 error->pei_message = "Your Origin-Host value does not match my configuration.";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	308 error->pei_avp = avp;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	309 return EINVAL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	310 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	311
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	312 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	313
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	314 case AC_ORIGIN_REALM: /* Origin-Realm */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	315 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	316 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	317 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	318 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	319 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	320 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	321
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	322 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	323 if (peer->p_hdr.info.runtime.pir_realm) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	324 TRACE_DEBUG(INFO, "Multiple instances of the Origin-Realm AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	325 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	326 error->pei_message = "I found several Origin-Realm AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	327 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	328 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	329 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	330
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	331 /* If the octet string contains a \0 */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	332 if (!fd_os_is_valid_DiameterIdentity(hdr->avp_value->os.data, hdr->avp_value->os.len)) {
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	333 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	334 error->pei_message = "Your Origin-Realm contains invalid characters.";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	335 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	336 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	337 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	338
1559 2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	339 /* Origin-Realm is empty */
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	340 if (hdr->avp_value->os.len == 0) {
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	341 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	342 error->pei_message = "Your Origin-Realm is empty.";
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	343 error->pei_avp = avp;
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	344 return EINVAL;
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	345 }
2dbc816d48f4 Fail when a peer with empty Origin-Realm tries to connect. Thomas Klausner <wiz@gatalith.at> parents: 1554 diff changeset	346
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	347 /* Save the value */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	348 CHECK_MALLOC( peer->p_hdr.info.runtime.pir_realm = os0dup( hdr->avp_value->os.data, hdr->avp_value->os.len ) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	349 peer->p_hdr.info.runtime.pir_realmlen = hdr->avp_value->os.len;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	350 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	351
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	352 case AC_HOST_IP_ADDRESS: /* Host-IP-Address */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	353 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	354 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	355 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	356 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	357 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	358 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	359 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	360 sSS ss;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	361
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	362 /* Get the sockaddr value */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	363 memset(&ss, 0, sizeof(ss));
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	364 CHECK_FCT_DO( fd_msg_avp_value_interpret( avp, &ss),
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	365 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	366 /* in case of error, assume the AVP value was wrong */
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	367 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	368 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	369 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	370 } );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	371
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	372 /* Save this endpoint in the list as advertized */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	373 CHECK_FCT( fd_ep_add_merge( &peer->p_hdr.info.pi_endpoints, (sSA *)&ss, sizeof(sSS), EP_FL_ADV ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	374 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	375 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	376
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	377 case AC_VENDOR_ID: /* Vendor-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	378 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	379 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	380 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	381 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	382 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	383 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	384
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	385 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	386 if (peer->p_hdr.info.runtime.pir_vendorid) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	387 TRACE_DEBUG(INFO, "Multiple instances of the Vendor-Id AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	388 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	389 error->pei_message = "I found several Vendor-Id AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	390 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	391 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	392 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	393
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	394 peer->p_hdr.info.runtime.pir_vendorid = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	395 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	396
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	397 case AC_PRODUCT_NAME: /* Product-Name */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	398 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	399 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	400 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	401 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	402 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	403 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	404
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	405 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	406 if (peer->p_hdr.info.runtime.pir_prodname) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	407 TRACE_DEBUG(INFO, "Multiple instances of the Product-Name AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	408 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	409 error->pei_message = "I found several Product-Name AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	410 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	411 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	412 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	413
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	414 CHECK_MALLOC( peer->p_hdr.info.runtime.pir_prodname = calloc( hdr->avp_value->os.len + 1, 1 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	415 memcpy(peer->p_hdr.info.runtime.pir_prodname, hdr->avp_value->os.data, hdr->avp_value->os.len);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	416 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	417
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	418 case AC_ORIGIN_STATE_ID: /* Origin-State-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	419 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	420 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	421 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	422 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	423 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	424 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	425
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	426 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	427 if (peer->p_hdr.info.runtime.pir_orstate) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	428 TRACE_DEBUG(INFO, "Multiple instances of the Origin-State-Id AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	429 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	430 error->pei_message = "I found several Origin-State-Id AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	431 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	432 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	433 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	434
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	435 peer->p_hdr.info.runtime.pir_orstate = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	436 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	437
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	438 case AC_SUPPORTED_VENDOR_ID: /* Supported-Vendor-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	439 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	440 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	441 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	442 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	443 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	444 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	445
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	446 TRACE_DEBUG(FULL, "'%s' claims support for a subset of vendor %d features.", peer->p_hdr.info.pi_diamid, hdr->avp_value->u32);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	447 /* not that it makes a difference for us...
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	448 -- if an application actually needs this info, we could save it somewhere.
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	449 */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	450 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	451
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	452 case AC_VENDOR_SPECIFIC_APPLICATION_ID: /* Vendor-Specific-Application-Id (grouped)*/
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	453 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	454 struct avp * inavp = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	455 vendor_id_t vid = 0;
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	456 application_id_t auth_aid = 0;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	457 application_id_t acct_aid = 0;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	458 int invalid=0;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	459
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	460 /* get the first child AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	461 CHECK_FCT( fd_msg_browse(avp, MSG_BRW_FIRST_CHILD, &inavp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	462
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	463 while (inavp) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	464 struct avp_hdr * inhdr;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	465 CHECK_FCT( fd_msg_avp_hdr( inavp, &inhdr ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	466
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	467 if (inhdr->avp_flags & AVP_FLAG_VENDOR) {
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	468 LOG_A("Ignored a vendor AVP inside Vendor-Specific-Application-Id AVP");
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	469 goto innext;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	470 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	471
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	472 if (inhdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	473 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	474 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	475 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	476 goto innext;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	477 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	478 switch (inhdr->avp_code) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	479 case AC_VENDOR_ID: /* Vendor-Id */
1191 60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	480 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	481 if (vid != 0)
1191 60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	482 invalid++; /* We already had one such AVP. This is invalid according to RFC6733 but not RFC3588 (but there is an erratum) */
60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	483 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	484 vid = inhdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	485 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	486 case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	487 if (auth_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	488 invalid++; /* We already had one such AVP */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	489 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	490 if (acct_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	491 invalid++; /* Only 1 -Application-Id AVP is allowed /
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	492 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	493 auth_aid = inhdr->avp_value->u32;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	494 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	495 case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	496 if (acct_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	497 invalid++; /* We already had one such AVP */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	498 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	499 if (auth_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	500 invalid++; /* Only 1 -Application-Id AVP is allowed /
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	501 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	502 acct_aid = inhdr->avp_value->u32;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	503 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	504 /* ignore other AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	505 }
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	506
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	507 if (invalid) {
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	508 TRACE_DEBUG(FULL, "Invalid Vendor-Specific-Application-Id AVP received");
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	509 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	510 error->pei_avp = avp;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	511 return EINVAL;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	512 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	513
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	514 innext:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	515 /* Go to next in AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	516 CHECK_FCT( fd_msg_browse(inavp, MSG_BRW_NEXT, &inavp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	517 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	518
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	519 /* Add entry in the list */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	520 if (auth_aid) {
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	521 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, auth_aid, vid, 1, 0) );
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	522 }
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	523 if (acct_aid) {
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	524 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, acct_aid, vid, 0, 1) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	525 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	526 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	527 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	528
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	529 case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	530 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	531 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	532 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	533 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	534 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	535 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	536
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	537 if (hdr->avp_value->u32 == AI_RELAY) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	538 peer->p_hdr.info.runtime.pir_relay = 1;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	539 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	540 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, hdr->avp_value->u32, 0, 1, 0) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	541 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	542 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	543
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	544 case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	545 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	546 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	547 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	548 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	549 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	550 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	551
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	552 if (hdr->avp_value->u32 == AI_RELAY) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	553 /* Not clear if the relay application can be inside this AVP... */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	554 peer->p_hdr.info.runtime.pir_relay = 1;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	555 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	556 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, hdr->avp_value->u32, 0, 0, 1) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	557 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	558 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	559
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	560 case AC_FIRMWARE_REVISION: /* Firmware-Revision */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	561 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	562 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	563 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	564 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	565 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	566 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	567
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	568 peer->p_hdr.info.runtime.pir_firmrev = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	569 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	570
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	571 case AC_INBAND_SECURITY_ID: /* Inband-Security-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	572 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	573 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	574 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	575 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	576 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	577 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	578 if (hdr->avp_value->u32 >= 32 ) {
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	579 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	580 error->pei_message = "I don't support this Inband-Security-Id value (yet).";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	581 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	582 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	583 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	584 peer->p_hdr.info.runtime.pir_isi \|= (1 << hdr->avp_value->u32);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	585 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	586 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	587
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	588 next:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	589 /* Go to next AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	590 CHECK_FCT( fd_msg_browse(avp, MSG_BRW_NEXT, &avp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	591 }
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	592
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	593 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	594 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	595
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	596 /* Create a CER message for sending */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	597 static int create_CER(struct fd_peer * peer, struct cnxctx * cnx, struct msg ** cer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	598 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	599 int isi_tls = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	600 int isi_none = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	601
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	602 /* Find CER dictionary object and create an instance */
66 dcbd5b5ee55c Added handling for DWR/DWA Sebastien Decugis <sdecugis@nict.go.jp> parents: 63 diff changeset	603 CHECK_FCT( fd_msg_new ( fd_dict_cmd_CER, MSGFL_ALLOC_ETEID, cer ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	604
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	605 /* Do we need Inband-Security-Id AVPs ? If we're already using TLS, we don't... */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	606 if (!fd_cnx_getTLS(cnx)) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	607 isi_none = peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE; /* we add it even if the peer does not use the old mechanism, it is impossible to distinguish */
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	608
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	609 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	610 if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	611 LOG_N("TLS disabled locally, so Inband-Security-Id (TLS) not included for peer %s", peer->p_hdr.info.pi_diamid);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	612 } else {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	613 isi_tls = 1;
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	614 }
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	615 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	616 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	617
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	618 /* Add the information about the local peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	619 CHECK_FCT( add_CE_info(*cer, cnx, isi_tls, isi_none) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	620
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	621 /* Done! */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	622 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	623 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	624
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	625
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	626 /* Continue with the initiator side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	627 static int to_waitcea(struct fd_peer * peer, struct cnxctx * cnx)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	628 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	629 /* We sent a CER on the connection, set the event queue so that we receive the CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	630 CHECK_FCT( set_peer_cnx(peer, &cnx) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	631
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	632 /* Change state and reset the timer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	633 CHECK_FCT( fd_psm_change_state(peer, STATE_WAITCEA) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	634 fd_psm_next_timeout(peer, 0, CEA_TIMEOUT);
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	635
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	636 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	637 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	638
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	639 /* Reject an incoming connection attempt */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	640 static void receiver_reject(struct cnxctx recv_cnx, struct msg cer, struct fd_pei * error)
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	641 {
1249 4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	642 struct msg_hdr * hdr = NULL;
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	643
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	644 /* Create and send the CEA with appropriate error code */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	645 CHECK_FCT_DO( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, cer, MSGFL_ANSW_ERROR ), goto destroy );
1249 4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	646 CHECK_FCT_DO( fd_msg_rescode_set(*cer, error->pei_errcode, error->pei_message, error->pei_avp, 0 ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	647 CHECK_FCT_DO( fd_msg_hdr( *cer, &hdr ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	648 if (hdr->msg_flags & CMD_FLAG_ERROR) {
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	649 /* Generic error format, just add the origin AVPs */
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	650 CHECK_FCT_DO( fd_msg_add_origin ( *cer, 1 ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	651 } else {
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	652 /* Add other AVPs to be compliant with the ABNF */
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	653 CHECK_FCT_DO( add_CE_info(cer, recv_cnx, 0, 0), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	654 }
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	655 CHECK_FCT_DO( fd_out_send(cer, *recv_cnx, NULL, 0), goto destroy );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	656
1230 e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	657 if (error->pei_avp_free) {
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	658 fd_msg_free(error->pei_avp);
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	659 }
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	660
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	661 /* And now destroy this connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	662 destroy:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	663 fd_cnx_destroy(*recv_cnx);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	664 *recv_cnx = NULL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	665 if (*cer) {
1113 eb4ce68b6e5c Added calls to remaining hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1103 diff changeset	666 fd_hook_call(HOOK_MESSAGE_DROPPED, cer, NULL, "An error occurred while rejecting this CER.", fd_msg_pmdl_get(cer));
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	667 fd_msg_free(*cer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	668 *cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	669 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	670 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	671
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	672 /* We have established a new connection to the remote peer, send CER and eventually process the election */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	673 int fd_p_ce_handle_newcnx(struct fd_peer * peer, struct cnxctx * initiator)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	674 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	675 struct msg * cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	676
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	677 /* Send CER on the new connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	678 CHECK_FCT( create_CER(peer, initiator, &cer) );
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	679 CHECK_FCT( fd_out_send(&cer, initiator, peer, 0) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	680
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	681 /* Are we doing an election ? */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	682 if (fd_peer_getstate(peer) == STATE_WAITCNXACK_ELEC) {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	683 if (election_result(peer)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	684 /* Close initiator connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	685 fd_cnx_destroy(initiator);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	686
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	687 LOG_D("%s: Election lost on outgoing connection, closing and answering CEA on incoming connection.", peer->p_hdr.info.pi_diamid);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	688
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	689 /* Process with the receiver side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	690 CHECK_FCT( fd_p_ce_process_receiver(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	691
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	692 } else {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	693 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	694 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	695 pei.pei_errcode = "ELECTION_LOST";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	696 pei.pei_message = "Please answer my CER instead, you won the election.";
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	697 LOG_D("%s: Election lost on incoming connection, closing and waiting for CEA on outgoing connection.", peer->p_hdr.info.pi_diamid);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	698
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	699 /* Answer an ELECTION LOST to the receiver side */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	700 receiver_reject(&peer->p_receiver, &peer->p_cer, &pei);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	701 CHECK_FCT( to_waitcea(peer, initiator) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	702 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	703 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	704 /* No election (yet) */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	705 CHECK_FCT( to_waitcea(peer, initiator) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	706 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	707
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	708 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	709 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	710
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	711 /* We have received a Capabilities Exchange message on the peer connection */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	712 int fd_p_ce_msgrcv(struct msg ** msg, int req, struct fd_peer * peer)
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	713 {
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	714 uint32_t rc = 0;
1405 3cbe458fbfa9 Fix compiler warnings Luke Mewburn <luke@mewburn.net> parents: 1396 diff changeset	715 int st = STATE_NEW;
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	716 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	717
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	718 TRACE_ENTRY("%p %p", msg, peer);
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	719 CHECK_PARAMS( msg && *msg && CHECK_PEER(peer) );
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	720
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	721 /* The only valid situation where we are called is in WAITCEA and we receive a CEA (we may have won an election) */
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	722
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	723 /* Note : to implement Capabilities Update, we would need to change here */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	724
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	725 /* If it is a CER, just reply an error */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	726 if (req) {
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	727 /* Create the error message */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	728 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, msg, MSGFL_ANSW_ERROR ) );
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	729
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	730 /* Set the error code */
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	731 CHECK_FCT( fd_msg_rescode_set(*msg, "DIAMETER_UNABLE_TO_COMPLY", "No CER allowed in current state", NULL, 1 ) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	732
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	733 /* msg now contains an answer message to send back */
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	734 CHECK_FCT_DO( fd_out_send(msg, NULL, peer, 0), /* In case of error the message has already been dumped */ );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	735 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	736
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	737 /* If the state is not WAITCEA, just discard the message */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	738 if (req \|\| ((st = fd_peer_getstate(peer)) != STATE_WAITCEA)) {
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	739 if (*msg) {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	740 /* In such case, just discard the message */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	741 char buf[128];
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	742 snprintf(buf, sizeof(buf), "Received while peer state machine was in state %s.", STATE_STR(st));
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	743 fd_hook_call(HOOK_MESSAGE_DROPPED, msg, peer, buf, fd_msg_pmdl_get(msg));
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	744
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	745 CHECK_FCT_DO( fd_msg_free(msg), / continue */);
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	746 *msg = NULL;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	747 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	748
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	749 return 0;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	750 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	751
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	752 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	753
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	754 /* Save info from the CEA into the peer */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	755 CHECK_FCT_DO( save_remote_CE_info(*msg, peer, &pei, &rc),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	756 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	757 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "An error occurred while processing incoming CEA.", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	758 goto cleanup;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	759 } );
62 a57a7133fe89 Dispose sent CEA Sebastien Decugis <sdecugis@nict.go.jp> parents: 56 diff changeset	760
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	761 /* Check the Result-Code */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	762 switch (rc) {
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	763 case ER_DIAMETER_SUCCESS:
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	764 /* Log success */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	765 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, *msg, peer, NULL, NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	766
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	767 /* Dispose of the message, we don't need it anymore */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	768 CHECK_FCT_DO( fd_msg_free(msg), / continue */ );
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	769 *msg = NULL;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	770
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	771 /* No problem, we can continue */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	772 break;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	773
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	774 case ER_DIAMETER_TOO_BUSY:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	775 /* Retry later */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	776 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "Remote peer is too busy", NULL);
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	777 fd_psm_cleanup(peer, 0);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	778 fd_psm_next_timeout(peer, 0, 300);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	779 return 0;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	780
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	781 case ER_ELECTION_LOST:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	782 /* Ok, just wait for a little while for the CER to be processed on the other connection. */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	783 TRACE_DEBUG(FULL, "Peer %s replied a CEA with Result-Code AVP ELECTION_LOST, waiting for events.", peer->p_hdr.info.pi_diamid);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	784 return 0;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	785
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	786 default:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	787 /* In any other case, we abort all attempts to connect to this peer */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	788 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "CEA with unexpected error code", NULL);
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	789 return EINVAL;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	790 }
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	791
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	792
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	793 /* Handshake if needed, start clear otherwise */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	794 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	795 int todo = peer->p_hdr.info.config.pic_flags.sec & peer->p_hdr.info.runtime.pir_isi ;
267 51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	796 /* Special case: if the peer did not send a ISI AVP */
51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	797 if (peer->p_hdr.info.runtime.pir_isi == 0)
51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	798 todo = peer->p_hdr.info.config.pic_flags.sec;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	799
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	800 if (todo == PI_SEC_NONE) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	801 /* Ok for clear connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	802 TRACE_DEBUG(INFO, "No TLS protection negotiated with peer '%s'.", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	803 CHECK_FCT( fd_cnx_start_clear(peer->p_cnxctx, 1) );
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	804
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	805 } else if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	806 LOG_E("Clear connection with remote peer '%s' is not (explicitly) allowed, and TLS is disabled. Giving up...", peer->p_hdr.info.pi_diamid);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	807 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS is disabled and peer is not configured for IPsec", NULL);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	808 goto cleanup;
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	809
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	810 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	811 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE);
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1155 diff changeset	812 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_CLIENT, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL),
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	813 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	814 /* Handshake failed ... */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	815 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS handshake failed after CER/CEA exchange", NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	816 goto cleanup;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	817 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	818
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	819 /* Retrieve the credentials */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	820 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	821 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	822 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	823
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	824 /* Move to next state */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	825 if (peer->p_flags.pf_cnx_pb) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	826 fd_psm_change_state(peer, STATE_REOPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	827 CHECK_FCT( fd_p_dw_reopen(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	828 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	829 fd_psm_change_state(peer, STATE_OPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	830 fd_psm_next_timeout(peer, 1, peer->p_hdr.info.config.pic_twtimer ?: fd_g_config->cnf_timer_tw);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	831 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	832
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	833 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	834
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	835 cleanup:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	836 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	837
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	838 /* Send the error to the peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	839 CHECK_FCT( fd_event_send(peer->p_events, FDEVP_CNX_ERROR, 0, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	840
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	841 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	842 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	843
1396 188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	844 /* Check if enough processing peers are connected to allow connections by other peers */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	845 static int sufficient_processing_peers(void) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	846 int processing_peers_count = 0;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	847 struct fd_list * li;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	848
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	849 CHECK_FCT( pthread_rwlock_rdlock(&fd_g_activ_peers_rw) );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	850 for (li = fd_g_activ_peers.next; li != &fd_g_activ_peers; li = li->next) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	851 struct fd_peer * p = (struct fd_peer *)li->o;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	852
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	853 TRACE_DEBUG(FULL, "comparing '%s' against processing peers pattern", p->p_hdr.info.pi_diamid);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	854 if (regexec(&fd_g_config->cnf_processing_peers_pattern_regex, p->p_hdr.info.pi_diamid, 0, NULL, 0) == 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	855 processing_peers_count++;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	856 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	857 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	858 CHECK_FCT( pthread_rwlock_unlock(&fd_g_activ_peers_rw) );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	859
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	860 TRACE_DEBUG(FULL, "%d processing peers found", processing_peers_count);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	861 return (processing_peers_count >= fd_g_config->cnf_processing_peers_minimum);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	862 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	863
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	864 /* Handle the receiver side to go to OPEN or OPEN_NEW state (any election is resolved) */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	865 int fd_p_ce_process_receiver(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	866 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	867 struct fd_pei pei;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	868 struct msg * msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	869 int isi = 0;
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	870 int fatal = 0;
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	871 int tls_sync=0;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	872
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	873 TRACE_ENTRY("%p", peer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	874
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	875 CHECK_FCT_DO( set_peer_cnx(peer, &peer->p_receiver),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	876 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	877 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Error saving the incoming connection in the peer structure", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	878 return __ret__;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	879 } );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	880 msg = peer->p_cer;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	881 peer->p_cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	882
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	883 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	884
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	885 /* Parse the content of the received CER */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	886 CHECK_FCT_DO( save_remote_CE_info(msg, peer, &pei, NULL), goto error_abort );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	887
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	888 /* Validate the realm if needed */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	889 if (peer->p_hdr.info.config.pic_realm) {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	890 size_t len = strlen(peer->p_hdr.info.config.pic_realm);
738 d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	891 if (fd_os_almostcasesrch(peer->p_hdr.info.config.pic_realm, len, peer->p_hdr.info.runtime.pir_realm, peer->p_hdr.info.runtime.pir_realmlen, NULL)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	892 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', realm mismatch with configured value (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	893 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER"; /* maybe AVP_NOT_ALLOWED would be better fit? */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	894 goto error_abort;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	895 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	896 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	897
725 8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	898 /* Save the credentials if handshake already occurred */
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	899 if ( fd_cnx_getTLS(peer->p_cnxctx) ) {
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	900 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	901 }
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	902
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	903 /* Validate the peer if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	904 if (peer->p_flags.pf_responder) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	905 int res = fd_peer_validate( peer );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	906 if (res < 0) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	907 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', validation failed (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	908 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER";
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	909 goto error_abort;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	910 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	911 CHECK_FCT( res );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	912 }
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	913
1396 188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	914 /* Check peer type and if enough processing peers are already connected */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	915 if (fd_g_config->cnf_processing_peers_minimum > 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	916 if (regexec(&fd_g_config->cnf_processing_peers_pattern_regex, peer->p_hdr.info.pi_diamid, 0, NULL, 0) != 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	917 /* peer is not a processing peer */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	918 if (!sufficient_processing_peers()) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	919 pei.pei_errcode = "DIAMETER_TOO_BUSY";
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	920 goto error_abort;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	921 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	922 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	923 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	924
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	925 if (peer->p_flags.pf_responder) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	926 int res = fd_peer_validate( peer );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	927 if (res < 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	928 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', validation failed (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	929 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER";
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	930 goto error_abort;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	931 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	932 CHECK_FCT( res );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	933 }
87 c1c0f8a45c67 Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 78 diff changeset	934 /* Check if we have common applications */
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	935 if ( fd_g_config->cnf_flags.no_fwd && (! peer->p_hdr.info.runtime.pir_relay) ) {
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	936 int got_common;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	937 CHECK_FCT( fd_app_check_common( &fd_g_config->cnf_apps, &peer->p_hdr.info.runtime.pir_apps, &got_common) );
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	938 if (!got_common) {
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	939 TRACE_DEBUG(INFO, "No common application with peer '%s', sending DIAMETER_NO_COMMON_APPLICATION", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	940 pei.pei_errcode = "DIAMETER_NO_COMMON_APPLICATION";
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	941 fatal = 1;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	942 goto error_abort;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	943 }
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	944 }
87 c1c0f8a45c67 Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 78 diff changeset	945
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	946 /* Do we agree on ISI ? */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	947 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	948
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	949 /* In case of responder, the validate callback must have set the config.pic_flags.sec value already */
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	950
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	951 /* First case: we are not using old mechanism: ISI are deprecated, we ignore it. */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	952 if ( ! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD)) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	953 /* Just check then that the peer configuration allows for IPsec protection */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	954 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	955 isi = PI_SEC_NONE;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	956 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	957 /* otherwise, we should have already been protected. Reject */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	958 TRACE_DEBUG(INFO, "Non TLS-protected CER/CEA exchanges are not allowed with this peer, rejecting.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	959 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	960 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	961 /* The old mechanism is allowed with this peer. Now, look into the ISI AVP values */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	962
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	963 /* In case no ISI was present anyway: */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	964 if (!peer->p_hdr.info.runtime.pir_isi) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	965 TRACE_DEBUG(INFO, "Inband-Security-Id AVP is missing in received CER.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	966 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	967 isi = PI_SEC_NONE;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	968 TRACE_DEBUG(INFO, "IPsec protection allowed by configuration, allowing this mechanism to be used.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	969 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	970 /* otherwise, we should have already been protected. Reject */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	971 TRACE_DEBUG(INFO, "Rejecting the peer connection (please allow IPsec here or configure TLS in the remote peer).");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	972 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	973 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	974 /* OK, the remote peer did send the ISI AVP. */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	975 if ((peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) && (peer->p_hdr.info.runtime.pir_isi & PI_SEC_NONE)) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	976 /* We have allowed IPsec */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	977 isi = PI_SEC_NONE;
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	978 } else if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	979 /* We can agree on TLS */
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	980 TRACE_DEBUG(INFO, "Remote peer is not allowed for IPsec and TLS is disabled.");;
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	981 } else if (peer->p_hdr.info.runtime.pir_isi & PI_SEC_TLS_OLD) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	982 /* We can agree on TLS */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	983 isi = PI_SEC_TLS_OLD;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	984 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	985 TRACE_DEBUG(INFO, "Remote peer requested IPsec protection, but local configuration forbids it.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	986 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	987 }
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	988 }
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	989
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	990 /* If we did not find an agreement */
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	991 if (!isi) {
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	992 TRACE_DEBUG(INFO, "No common security mechanism with '%s', sending DIAMETER_NO_COMMON_SECURITY", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	993 pei.pei_errcode = "DIAMETER_NO_COMMON_SECURITY";
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	994 fatal = 1;
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	995 goto error_abort;
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	996 }
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	997
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	998 /* Do not send the ISI IPsec if we are using the new mechanism */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	999 if ((isi == PI_SEC_NONE) && (! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD)))
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	1000 isi = 0;
1265 4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	1001 } else if (peer->p_hdr.info.runtime.pir_isi & PI_SEC_TLS_OLD) {
4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	1002 /* Seem some weird peers are sending the Inband-Security-Id AVP on the secure port... No harm */
4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	1003 isi = PI_SEC_TLS_OLD;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1004 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1005
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1006 /* Reply a CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1007 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, &msg, 0 ) );
56 299507847ef9 Fixed duplicate Origin-Host AVPs in CEA Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1008 CHECK_FCT( fd_msg_rescode_set(msg, "DIAMETER_SUCCESS", NULL, NULL, 0 ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1009 CHECK_FCT( add_CE_info(msg, peer->p_cnxctx, isi & PI_SEC_TLS_OLD, isi & PI_SEC_NONE) );
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1010
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1011 /* The connection is complete, but we may still need TLS handshake */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1012 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, msg, peer, NULL, NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1013
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	1014 CHECK_FCT( fd_out_send(&msg, peer->p_cnxctx, peer, 0 ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1015
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1016 /* Handshake if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1017 if (isi & PI_SEC_TLS_OLD) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1018 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE);
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1155 diff changeset	1019 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_SERVER, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL),
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1020 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1021 /* Handshake failed ... */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1022 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS handshake failed after CER/CEA exchange", NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1023 goto cleanup;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1024 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1025
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1026 /* Retrieve the credentials */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1027 CHECK_FCT_DO( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1028 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1029 /* Error ... */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1030 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Unable to retrieve remote credentials after TLS handshake", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1031 goto cleanup;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1032 } );
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1033
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1034
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1035 /* Call second validation callback if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1036 if (peer->p_cb2) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1037 TRACE_DEBUG(FULL, "Calling second validation callback for %s", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1038 CHECK_FCT_DO( (*peer->p_cb2)( &peer->p_hdr.info ),
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1039 {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1040 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Validation callback rejected the peer after handshake", NULL);
78 a58f0757c06a Added code for DPR/DPA Sebastien Decugis <sdecugis@nict.go.jp> parents: 66 diff changeset	1041 CHECK_FCT( fd_psm_terminate( peer, "DO_NOT_WANT_TO_TALK_TO_YOU" ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1042 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1043 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1044 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1045 tls_sync = 1;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1046 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1047 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1048 TRACE_DEBUG(INFO, "No TLS protection negotiated with peer '%s'.", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1049 CHECK_FCT( fd_cnx_start_clear(peer->p_cnxctx, 1) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1050 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1051 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1052
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1053 /* Move to OPEN or REOPEN state */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1054 if (peer->p_flags.pf_cnx_pb) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1055 fd_psm_change_state(peer, STATE_REOPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1056 CHECK_FCT( fd_p_dw_reopen(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1057 } else {
1186 56c36d1007b4 Further preparation of the DTLS integration. Some cleanups in the GNUTLS handling. Sebastien Decugis <sdecugis@freediameter.net> parents: 1181 diff changeset	1058 if ((!tls_sync) && (fd_cnx_is_unordered_delivery_supported(peer->p_cnxctx))) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1059 fd_psm_change_state(peer, STATE_OPEN_NEW );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1060 /* send DWR */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1061 CHECK_FCT( fd_p_dw_timeout(peer) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1062 } else {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1063
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1064 fd_psm_change_state(peer, STATE_OPEN );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1065 fd_psm_next_timeout(peer, 1, peer->p_hdr.info.config.pic_twtimer ?: fd_g_config->cnf_timer_tw);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1066 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1067 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1068
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1069 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1070
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1071 error_abort:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1072 if (pei.pei_errcode) {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1073 /* Send the error */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1074 fd_hook_call(HOOK_PEER_CONNECT_FAILED, msg, peer, pei.pei_message ?: pei.pei_errcode, NULL);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1075 receiver_reject(&peer->p_cnxctx, &msg, &pei);
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1076 } else {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1077 char buf[1024];
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1078 snprintf(buf, sizeof(buf), "Unexpected error occurred while processing incoming connection from '%s'.", peer->p_hdr.info.pi_diamid);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1079 fd_hook_call(HOOK_PEER_CONNECT_FAILED, msg, peer, buf, NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1080 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1081
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1082 cleanup:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1083 if (msg) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1084 fd_msg_free(msg);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1085 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1086 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1087
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1088 /* Send the error to the peer */
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	1089 CHECK_FCT( fd_event_send(peer->p_events, fatal ? FDEVP_TERMINATE : FDEVP_CNX_ERROR, 0, NULL) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1090
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1091 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1092 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1093
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1094 /* We have received a CER on a new connection for this peer */
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1095 int fd_p_ce_handle_newCER(struct msg ** msg, struct fd_peer * peer, struct cnxctx ** cnx, int valid)
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1096 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1097 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1098 int cur_state = fd_peer_getstate(peer);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1099 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1100
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1101 switch (cur_state) {
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1102 case STATE_CLOSED:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1103 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1104 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1105 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1106 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1107 CHECK_FCT( fd_p_ce_process_receiver(peer) );
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1108 break;
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1109
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1110 case STATE_WAITCNXACK:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1111 /* Save the parameters in the peer, move to STATE_WAITCNXACK_ELEC */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1112 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1113 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1114 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1115 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1116 CHECK_FCT( fd_psm_change_state(peer, STATE_WAITCNXACK_ELEC) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1117 break;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1118
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1119 case STATE_WAITCEA:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1120 if (election_result(peer)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1121
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1122 /* Close initiator connection (was already set as principal) */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1123 LOG_D("%s: Election lost on outgoing connection, closing and answering CEA on incoming connection.", peer->p_hdr.info.pi_diamid);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1124 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1125
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1126 /* and go on with the receiver side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1127 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1128 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1129 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1130 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1131 CHECK_FCT( fd_p_ce_process_receiver(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1132
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1133 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1134
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1135 /* Answer an ELECTION LOST to the receiver side and continue */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1136 pei.pei_errcode = "ELECTION_LOST";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1137 pei.pei_message = "Please answer my CER instead, you won the election.";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1138 LOG_D("%s: Election lost on incoming connection, closing and waiting for CEA on outgoing connection.", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1139 receiver_reject(cnx, msg, &pei);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1140 }
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1141 break;
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1142
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1143 default:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1144 pei.pei_errcode = "DIAMETER_UNABLE_TO_COMPLY"; /* INVALID COMMAND? in case of Capabilities-Updates? */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1145 pei.pei_message = "Invalid state to receive a new connection attempt.";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1146 LOG_E("%s: Rejecting new connection attempt while our state machine is in state '%s'", peer->p_hdr.info.pi_diamid, STATE_STR(cur_state));
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1147 receiver_reject(cnx, msg, &pei);
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1148 }
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1149
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1150 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1151 }

Mercurial > hg > freeDiameter

annotate libfdcore/p_ce.c @ 1559:2dbc816d48f4