freeDiameter: libfdcore/p

annotate libfdcore/p_ce.c @ 1554:566bb46cc73f

Updated copyright information

author	Sebastien Decugis <sdecugis@freediameter.net>
date	Tue, 06 Oct 2020 21:34:53 +0800
parents	3cbe458fbfa9
children	2dbc816d48f4

rev	line source
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1 /*********************************************************************************************************
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	2 * Software License Agreement (BSD License) *
740 4a9f08d6b6ba Updated my mail address Sebastien Decugis <sdecugis@nict.go.jp> parents: 738 diff changeset	3 * Author: Sebastien Decugis <sdecugis@freediameter.net> *
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	4 * *
1554 566bb46cc73f Updated copyright information Sebastien Decugis <sdecugis@freediameter.net> parents: 1405 diff changeset	5 * Copyright (c) 2020, WIDE Project and NICT *
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	6 * All rights reserved. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	7 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	9 * permitted provided that the following conditions are met: *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	10 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	11 * * Redistributions of source code must retain the above *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	12 * copyright notice, this list of conditions and the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	13 * following disclaimer. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	14 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	15 * * Redistributions in binary form must reproduce the above *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	16 * copyright notice, this list of conditions and the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	17 * following disclaimer in the documentation and/or other *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	18 * materials provided with the distribution. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	19 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	20 * * Neither the name of the WIDE Project or NICT nor the *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	21 * names of its contributors may be used to endorse or *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	22 * promote products derived from this software without *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	23 * specific prior written permission of WIDE Project and *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	24 * NICT. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	25 * *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	34 *********************************************************************************************************/
6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	35
658 f198d16fa7f4 Initial commit for 1.1.0: Sebastien Decugis <sdecugis@nict.go.jp> parents: 454 diff changeset	36 #include "fdcore-internal.h"
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	37
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	38 /* This file contains code to handle Capabilities Exchange messages (CER and CEA) and election process */
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	39
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	40 /* Save a connection as peer's principal */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	41 static int set_peer_cnx(struct fd_peer * peer, struct cnxctx **cnx)
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	42 {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	43 CHECK_PARAMS( peer->p_cnxctx == NULL );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	44
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	45 /* Save the connection in peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	46 peer->p_cnxctx = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	47 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	48
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	49 /* Set the events to be sent to the PSM */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	50 CHECK_FCT( fd_cnx_recv_setaltfifo(peer->p_cnxctx, peer->p_events) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	51
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	52 /* Read the credentials if possible */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	53 if (fd_cnx_getTLS(peer->p_cnxctx)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	54 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	55 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	56
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	57 /* Read the endpoints, maybe used to reconnect to the peer later */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	58 CHECK_FCT( fd_cnx_getremoteeps(peer->p_cnxctx, &peer->p_hdr.info.pi_endpoints) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	59
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	60 /* Read the protocol */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	61 peer->p_hdr.info.runtime.pir_proto = fd_cnx_getproto(peer->p_cnxctx);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	62
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	63 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	64 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	65
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	66 /* Delete the peer connection, and cleanup associated information */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	67 void fd_p_ce_clear_cnx(struct fd_peer * peer, struct cnxctx ** cnx_kept)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	68 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	69 peer->p_hdr.info.runtime.pir_cert_list = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	70 peer->p_hdr.info.runtime.pir_cert_list_size = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	71 peer->p_hdr.info.runtime.pir_proto = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	72
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	73 if (peer->p_cnxctx) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	74 if (cnx_kept != NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	75 *cnx_kept = peer->p_cnxctx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	76 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	77 fd_cnx_destroy(peer->p_cnxctx);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	78 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	79 peer->p_cnxctx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	80 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	81 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	82
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	83 /* Election: compare the Diameter Ids by lexical order, return true if the election is won */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	84 static __inline__ int election_result(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	85 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	86 int ret = (strcasecmp(peer->p_hdr.info.pi_diamid, fd_g_config->cnf_diamid) < 0);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	87 if (ret) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	88 TRACE_DEBUG(INFO, "Election WON against peer '%s'", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	89 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	90 TRACE_DEBUG(INFO, "Election LOST against peer '%s'", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	91 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	92 return ret;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	93 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	94
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	95 /* Add AVPs about local information in a CER or CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	96 static int add_CE_info(struct msg msg, struct cnxctx cnx, int isi_tls, int isi_none)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	97 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	98 struct dict_object * dictobj = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	99 struct avp * avp = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	100 union avp_value val;
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	101 struct fd_list *li;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	102
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	103 /* Add the Origin-* AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	104 CHECK_FCT( fd_msg_add_origin ( msg, 1 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	105
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	106 /* Find the model for Host-IP-Address AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	107 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Host-IP-Address", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	108
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	109 /* Add the AVP(s) -- not sure what is the purpose... We could probably only add the primary one ? */
378 41e3c2a3721c Replaced old mechanism to discover local addresses by a call to getifaddrs, lot cleaner! Sebastien Decugis <sdecugis@nict.go.jp> parents: 332 diff changeset	110 for (li = fd_g_config->cnf_endpoints.next; li != &fd_g_config->cnf_endpoints; li = li->next) {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	111 struct fd_endpoint * ep = (struct fd_endpoint *)li;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	112 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	113 CHECK_FCT( fd_msg_avp_value_encode ( &ep->ss, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	114 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	115 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	116
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	117 /* Vendor-Id, Product-Name, and Firmware-Revision AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	118 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	119 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	120 val.u32 = MY_VENDOR_ID;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	121 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	122 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	123
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	124 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Product-Name", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	125 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	126 val.os.data = (unsigned char *)FD_PROJECT_NAME;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	127 val.os.len = strlen(FD_PROJECT_NAME);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	128 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	129 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	130
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	131 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Firmware-Revision", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	132 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	133 val.u32 = (uint32_t)(FD_PROJECT_VERSION_MAJOR * 10000 + FD_PROJECT_VERSION_MINOR * 100 + FD_PROJECT_VERSION_REV);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	134 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	135 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	136
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	137
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	138 /* Add the Inband-Security-Id AVP if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	139 if (isi_tls \|\| isi_none) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	140 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Inband-Security-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	141
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	142 if (isi_none) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	143 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	144 val.u32 = ACV_ISI_NO_INBAND_SECURITY;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	145 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	146 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	147 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	148
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	149 if (isi_tls) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	150 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	151 val.u32 = ACV_ISI_TLS;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	152 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	153 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	154 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	155 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	156
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	157 /* List of local applications */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	158 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	159 struct dict_object * dictobj_auth = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	160 struct dict_object * dictobj_acct = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	161 struct dict_object * dictobj_vid = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	162
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	163 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Specific-Application-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	164 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Vendor-Id", &dictobj_vid, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	165 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Auth-Application-Id", &dictobj_auth, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	166 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Acct-Application-Id", &dictobj_acct, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	167
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	168 for (li = fd_g_config->cnf_apps.next; li != &fd_g_config->cnf_apps; li = li->next) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	169 struct fd_app * a = (struct fd_app *)(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	170
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	171 if (a->flags.auth) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	172 CHECK_FCT( fd_msg_avp_new ( dictobj_auth, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	173 val.u32 = a->appid;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	174 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	175 if (a->vndid != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	176 struct avp * avp2 = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	177 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	178 CHECK_FCT( fd_msg_avp_add( avp2, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	179 avp = avp2;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	180 CHECK_FCT( fd_msg_avp_new ( dictobj_vid, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	181 val.u32 = a->vndid;
110 0e21b85edf85 Fix buggy CE info function for vendor-specific application id Sebastien Decugis <sdecugis@nict.go.jp> parents: 105 diff changeset	182 CHECK_FCT( fd_msg_avp_setvalue( avp2, &val ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	183 CHECK_FCT( fd_msg_avp_add( avp, MSG_BRW_LAST_CHILD, avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	184 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	185 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	186 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	187 if (a->flags.acct) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	188 CHECK_FCT( fd_msg_avp_new ( dictobj_acct, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	189 val.u32 = a->appid;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	190 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	191 if (a->vndid != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	192 struct avp * avp2 = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	193 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	194 CHECK_FCT( fd_msg_avp_add( avp2, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	195 avp = avp2;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	196 CHECK_FCT( fd_msg_avp_new ( dictobj_vid, 0, &avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	197 val.u32 = a->vndid;
110 0e21b85edf85 Fix buggy CE info function for vendor-specific application id Sebastien Decugis <sdecugis@nict.go.jp> parents: 105 diff changeset	198 CHECK_FCT( fd_msg_avp_setvalue( avp2, &val ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	199 CHECK_FCT( fd_msg_avp_add( avp, MSG_BRW_LAST_CHILD, avp2 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	200 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	201 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	202 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	203 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	204
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	205 /* do not forget the relay application */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	206 if (! fd_g_config->cnf_flags.no_fwd) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	207 CHECK_FCT( fd_msg_avp_new ( dictobj_auth, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	208 val.u32 = AI_RELAY;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	209 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	210 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	211 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	212 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	213
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	214 /* Add the list of supported vendors */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	215 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	216 uint32_t * array = fd_dict_get_vendorid_list(fd_g_config->cnf_dict);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	217 if (array) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	218 int i = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	219 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_NAME, "Supported-Vendor-Id", &dictobj, ENOENT ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	220
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	221 while (array[i] != 0) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	222 CHECK_FCT( fd_msg_avp_new ( dictobj, 0, &avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	223 val.u32 = array[i];
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	224 CHECK_FCT( fd_msg_avp_setvalue( avp, &val ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	225 CHECK_FCT( fd_msg_avp_add( msg, MSG_BRW_LAST_CHILD, avp ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	226 i++;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	227 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	228
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	229 free(array);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	230 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	231 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	232
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	233 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	234 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	235
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	236 /* Remove any information saved from a previous CER/CEA exchange */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	237 static void cleanup_remote_CE_info(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	238 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	239 /* free linked information */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	240 free(peer->p_hdr.info.runtime.pir_realm);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	241 free(peer->p_hdr.info.runtime.pir_prodname);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	242 while (!FD_IS_LIST_EMPTY(&peer->p_hdr.info.runtime.pir_apps)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	243 struct fd_list * li = peer->p_hdr.info.runtime.pir_apps.next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	244 fd_list_unlink(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	245 free(li);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	246 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	247 /* note: pir_cert_list needs not be freed (belongs to gnutls) */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	248
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	249 /* cleanup the area */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	250 memset(&peer->p_hdr.info.runtime, 0, sizeof(peer->p_hdr.info.runtime));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	251
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	252 /* reinit the list */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	253 fd_list_init(&peer->p_hdr.info.runtime.pir_apps, peer);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	254
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	255 /* Remove previously advertised endpoints */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	256 fd_ep_clearflags( &peer->p_hdr.info.pi_endpoints, EP_FL_ADV );
35 6486e97f56ae Added test for modified message parsing Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	257 }
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	258
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	259 /* Extract information sent by the remote peer and save it in our peer structure */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	260 static int save_remote_CE_info(struct msg * msg, struct fd_peer * peer, struct fd_pei * error, uint32_t *rc)
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	261 {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	262 struct avp * avp = NULL;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	263
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	264 cleanup_remote_CE_info(peer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	265
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	266 CHECK_FCT( fd_msg_browse( msg, MSG_BRW_FIRST_CHILD, &avp, NULL) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	267
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	268 /* Loop on all AVPs and save what we are interrested into */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	269 while (avp) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	270 struct avp_hdr * hdr;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	271
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	272 CHECK_FCT( fd_msg_avp_hdr( avp, &hdr ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	273
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	274 if (hdr->avp_flags & AVP_FLAG_VENDOR) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	275 /* Ignore all vendor-specific AVPs in CER/CEA because we don't support any currently */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	276 LOG_A("Ignored a vendor-specific AVP in CER / CEA");
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	277 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	278 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	279
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	280 switch (hdr->avp_code) {
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	281 case AC_RESULT_CODE: /* Result-Code */
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	282 if (hdr->avp_value == NULL) {
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	283 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	284 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	285 ASSERT(0); /* To check if this really happens, and understand why... */
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	286 goto next;
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	287 }
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	288
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	289 if (rc)
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	290 *rc = hdr->avp_value->u32;
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	291 break;
a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	292
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	293 case AC_ORIGIN_HOST: /* Origin-Host */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	294 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	295 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	296 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	297 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	298 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	299 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	300
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	301 /* We check that the value matches what we know, otherwise disconnect the peer */
738 d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	302 if (fd_os_almostcasesrch(hdr->avp_value->os.data, hdr->avp_value->os.len,
d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	303 peer->p_hdr.info.pi_diamid, peer->p_hdr.info.pi_diamidlen, NULL)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	304 TRACE_DEBUG(INFO, "Received a message with Origin-Host set to '%.*s' while expecting '%s'",
1027 0117a7746b21 Fix a number of errors and warnings introduced/highlighted by recent commits Sebastien Decugis <sdecugis@freediameter.net> parents: 1010 diff changeset	305 (int)hdr->avp_value->os.len, hdr->avp_value->os.data, peer->p_hdr.info.pi_diamid);
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	306 error->pei_errcode = "DIAMETER_AVP_NOT_ALLOWED";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	307 error->pei_message = "Your Origin-Host value does not match my configuration.";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	308 error->pei_avp = avp;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	309 return EINVAL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	310 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	311
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	312 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	313
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	314 case AC_ORIGIN_REALM: /* Origin-Realm */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	315 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	316 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	317 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	318 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	319 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	320 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	321
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	322 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	323 if (peer->p_hdr.info.runtime.pir_realm) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	324 TRACE_DEBUG(INFO, "Multiple instances of the Origin-Realm AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	325 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	326 error->pei_message = "I found several Origin-Realm AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	327 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	328 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	329 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	330
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	331 /* If the octet string contains a \0 */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	332 if (!fd_os_is_valid_DiameterIdentity(hdr->avp_value->os.data, hdr->avp_value->os.len)) {
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	333 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	334 error->pei_message = "Your Origin-Realm contains invalid characters.";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	335 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	336 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	337 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	338
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	339 /* Save the value */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	340 CHECK_MALLOC( peer->p_hdr.info.runtime.pir_realm = os0dup( hdr->avp_value->os.data, hdr->avp_value->os.len ) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	341 peer->p_hdr.info.runtime.pir_realmlen = hdr->avp_value->os.len;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	342 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	343
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	344 case AC_HOST_IP_ADDRESS: /* Host-IP-Address */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	345 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	346 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	347 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	348 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	349 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	350 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	351 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	352 sSS ss;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	353
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	354 /* Get the sockaddr value */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	355 memset(&ss, 0, sizeof(ss));
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	356 CHECK_FCT_DO( fd_msg_avp_value_interpret( avp, &ss),
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	357 {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	358 /* in case of error, assume the AVP value was wrong */
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	359 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	360 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	361 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	362 } );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	363
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	364 /* Save this endpoint in the list as advertized */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	365 CHECK_FCT( fd_ep_add_merge( &peer->p_hdr.info.pi_endpoints, (sSA *)&ss, sizeof(sSS), EP_FL_ADV ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	366 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	367 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	368
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	369 case AC_VENDOR_ID: /* Vendor-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	370 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	371 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	372 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	373 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	374 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	375 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	376
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	377 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	378 if (peer->p_hdr.info.runtime.pir_vendorid) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	379 TRACE_DEBUG(INFO, "Multiple instances of the Vendor-Id AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	380 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	381 error->pei_message = "I found several Vendor-Id AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	382 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	383 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	384 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	385
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	386 peer->p_hdr.info.runtime.pir_vendorid = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	387 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	388
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	389 case AC_PRODUCT_NAME: /* Product-Name */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	390 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	391 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	392 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	393 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	394 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	395 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	396
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	397 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	398 if (peer->p_hdr.info.runtime.pir_prodname) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	399 TRACE_DEBUG(INFO, "Multiple instances of the Product-Name AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	400 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	401 error->pei_message = "I found several Product-Name AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	402 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	403 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	404 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	405
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	406 CHECK_MALLOC( peer->p_hdr.info.runtime.pir_prodname = calloc( hdr->avp_value->os.len + 1, 1 ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	407 memcpy(peer->p_hdr.info.runtime.pir_prodname, hdr->avp_value->os.data, hdr->avp_value->os.len);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	408 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	409
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	410 case AC_ORIGIN_STATE_ID: /* Origin-State-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	411 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	412 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	413 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	414 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	415 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	416 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	417
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	418 /* In case of multiple AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	419 if (peer->p_hdr.info.runtime.pir_orstate) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	420 TRACE_DEBUG(INFO, "Multiple instances of the Origin-State-Id AVP");
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	421 error->pei_errcode = "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	422 error->pei_message = "I found several Origin-State-Id AVPs";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	423 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	424 return EINVAL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	425 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	426
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	427 peer->p_hdr.info.runtime.pir_orstate = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	428 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	429
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	430 case AC_SUPPORTED_VENDOR_ID: /* Supported-Vendor-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	431 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	432 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	433 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	434 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	435 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	436 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	437
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	438 TRACE_DEBUG(FULL, "'%s' claims support for a subset of vendor %d features.", peer->p_hdr.info.pi_diamid, hdr->avp_value->u32);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	439 /* not that it makes a difference for us...
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	440 -- if an application actually needs this info, we could save it somewhere.
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	441 */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	442 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	443
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	444 case AC_VENDOR_SPECIFIC_APPLICATION_ID: /* Vendor-Specific-Application-Id (grouped)*/
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	445 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	446 struct avp * inavp = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	447 vendor_id_t vid = 0;
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	448 application_id_t auth_aid = 0;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	449 application_id_t acct_aid = 0;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	450 int invalid=0;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	451
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	452 /* get the first child AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	453 CHECK_FCT( fd_msg_browse(avp, MSG_BRW_FIRST_CHILD, &inavp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	454
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	455 while (inavp) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	456 struct avp_hdr * inhdr;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	457 CHECK_FCT( fd_msg_avp_hdr( inavp, &inhdr ) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	458
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	459 if (inhdr->avp_flags & AVP_FLAG_VENDOR) {
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	460 LOG_A("Ignored a vendor AVP inside Vendor-Specific-Application-Id AVP");
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	461 goto innext;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	462 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	463
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	464 if (inhdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	465 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	466 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	467 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	468 goto innext;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	469 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	470 switch (inhdr->avp_code) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	471 case AC_VENDOR_ID: /* Vendor-Id */
1191 60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	472 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	473 if (vid != 0)
1191 60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	474 invalid++; /* We already had one such AVP. This is invalid according to RFC6733 but not RFC3588 (but there is an erratum) */
60e7b02a3ce7 Allow Vendor-Specific-Application-Id with several Vendor-Id AVPs as seen on some equipments Sebastien Decugis <sdecugis@freediameter.net> parents: 1186 diff changeset	475 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	476 vid = inhdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	477 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	478 case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	479 if (auth_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	480 invalid++; /* We already had one such AVP */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	481 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	482 if (acct_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	483 invalid++; /* Only 1 -Application-Id AVP is allowed /
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	484 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	485 auth_aid = inhdr->avp_value->u32;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	486 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	487 case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	488 if (acct_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	489 invalid++; /* We already had one such AVP */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	490 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	491 if (auth_aid != 0)
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	492 invalid++; /* Only 1 -Application-Id AVP is allowed /
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	493 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	494 acct_aid = inhdr->avp_value->u32;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	495 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	496 /* ignore other AVPs */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	497 }
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	498
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	499 if (invalid) {
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	500 TRACE_DEBUG(FULL, "Invalid Vendor-Specific-Application-Id AVP received");
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	501 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	502 error->pei_avp = avp;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	503 return EINVAL;
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	504 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	505
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	506 innext:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	507 /* Go to next in AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	508 CHECK_FCT( fd_msg_browse(inavp, MSG_BRW_NEXT, &inavp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	509 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	510
935 6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	511 /* Add entry in the list */
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	512 if (auth_aid) {
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	513 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, auth_aid, vid, 1, 0) );
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	514 }
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	515 if (acct_aid) {
6072619402a3 New CMake option WORKAROUND_ACCEPT_INVALID_VSAI for those invalids Vendor-Specific-Application-Id out there Sebastien Decugis <sdecugis@freediameter.net> parents: 837 diff changeset	516 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, acct_aid, vid, 0, 1) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	517 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	518 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	519 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	520
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	521 case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	522 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	523 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	524 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	525 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	526 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	527 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	528
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	529 if (hdr->avp_value->u32 == AI_RELAY) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	530 peer->p_hdr.info.runtime.pir_relay = 1;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	531 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	532 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, hdr->avp_value->u32, 0, 1, 0) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	533 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	534 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	535
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	536 case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	537 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	538 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	539 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	540 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	541 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	542 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	543
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	544 if (hdr->avp_value->u32 == AI_RELAY) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	545 /* Not clear if the relay application can be inside this AVP... */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	546 peer->p_hdr.info.runtime.pir_relay = 1;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	547 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	548 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, hdr->avp_value->u32, 0, 0, 1) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	549 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	550 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	551
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	552 case AC_FIRMWARE_REVISION: /* Firmware-Revision */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	553 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	554 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	555 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	556 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	557 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	558 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	559
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	560 peer->p_hdr.info.runtime.pir_firmrev = hdr->avp_value->u32;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	561 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	562
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	563 case AC_INBAND_SECURITY_ID: /* Inband-Security-Id */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	564 if (hdr->avp_value == NULL) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	565 /* This is a sanity check */
1119 79dd22145f52 Fix a number of compilation warnings Sebastien Decugis <sdecugis@freediameter.net> parents: 1113 diff changeset	566 LOG_F("Ignored an AVP (code %x) with unset value in CER/CEA", hdr->avp_code);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	567 ASSERT(0); /* To check if this really happens, and understand why... */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	568 goto next;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	569 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	570 if (hdr->avp_value->u32 >= 32 ) {
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	571 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE";
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	572 error->pei_message = "I don't support this Inband-Security-Id value (yet).";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	573 error->pei_avp = avp;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	574 return EINVAL;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	575 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	576 peer->p_hdr.info.runtime.pir_isi \|= (1 << hdr->avp_value->u32);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	577 break;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	578 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	579
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	580 next:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	581 /* Go to next AVP */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	582 CHECK_FCT( fd_msg_browse(avp, MSG_BRW_NEXT, &avp, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	583 }
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	584
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	585 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	586 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	587
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	588 /* Create a CER message for sending */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	589 static int create_CER(struct fd_peer * peer, struct cnxctx * cnx, struct msg ** cer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	590 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	591 int isi_tls = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	592 int isi_none = 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	593
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	594 /* Find CER dictionary object and create an instance */
66 dcbd5b5ee55c Added handling for DWR/DWA Sebastien Decugis <sdecugis@nict.go.jp> parents: 63 diff changeset	595 CHECK_FCT( fd_msg_new ( fd_dict_cmd_CER, MSGFL_ALLOC_ETEID, cer ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	596
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	597 /* Do we need Inband-Security-Id AVPs ? If we're already using TLS, we don't... */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	598 if (!fd_cnx_getTLS(cnx)) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	599 isi_none = peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE; /* we add it even if the peer does not use the old mechanism, it is impossible to distinguish */
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	600
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	601 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	602 if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	603 LOG_N("TLS disabled locally, so Inband-Security-Id (TLS) not included for peer %s", peer->p_hdr.info.pi_diamid);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	604 } else {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	605 isi_tls = 1;
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	606 }
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	607 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	608 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	609
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	610 /* Add the information about the local peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	611 CHECK_FCT( add_CE_info(*cer, cnx, isi_tls, isi_none) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	612
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	613 /* Done! */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	614 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	615 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	616
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	617
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	618 /* Continue with the initiator side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	619 static int to_waitcea(struct fd_peer * peer, struct cnxctx * cnx)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	620 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	621 /* We sent a CER on the connection, set the event queue so that we receive the CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	622 CHECK_FCT( set_peer_cnx(peer, &cnx) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	623
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	624 /* Change state and reset the timer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	625 CHECK_FCT( fd_psm_change_state(peer, STATE_WAITCEA) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	626 fd_psm_next_timeout(peer, 0, CEA_TIMEOUT);
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	627
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	628 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	629 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	630
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	631 /* Reject an incoming connection attempt */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	632 static void receiver_reject(struct cnxctx recv_cnx, struct msg cer, struct fd_pei * error)
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	633 {
1249 4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	634 struct msg_hdr * hdr = NULL;
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	635
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	636 /* Create and send the CEA with appropriate error code */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	637 CHECK_FCT_DO( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, cer, MSGFL_ANSW_ERROR ), goto destroy );
1249 4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	638 CHECK_FCT_DO( fd_msg_rescode_set(*cer, error->pei_errcode, error->pei_message, error->pei_avp, 0 ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	639 CHECK_FCT_DO( fd_msg_hdr( *cer, &hdr ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	640 if (hdr->msg_flags & CMD_FLAG_ERROR) {
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	641 /* Generic error format, just add the origin AVPs */
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	642 CHECK_FCT_DO( fd_msg_add_origin ( *cer, 1 ), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	643 } else {
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	644 /* Add other AVPs to be compliant with the ABNF */
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	645 CHECK_FCT_DO( add_CE_info(cer, recv_cnx, 0, 0), goto destroy );
4ad4d614acfa Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html Sebastien Decugis <sdecugis@freediameter.net> parents: 1238 diff changeset	646 }
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	647 CHECK_FCT_DO( fd_out_send(cer, *recv_cnx, NULL, 0), goto destroy );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	648
1230 e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	649 if (error->pei_avp_free) {
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	650 fd_msg_free(error->pei_avp);
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	651 }
e72c9dad62ac Fix issue with generating Failed-AVP when the error is DIAMETER_MISSING_AVP. Also fix a memory leak in that case Sebastien Decugis <sdecugis@freediameter.net> parents: 1191 diff changeset	652
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	653 /* And now destroy this connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	654 destroy:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	655 fd_cnx_destroy(*recv_cnx);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	656 *recv_cnx = NULL;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	657 if (*cer) {
1113 eb4ce68b6e5c Added calls to remaining hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1103 diff changeset	658 fd_hook_call(HOOK_MESSAGE_DROPPED, cer, NULL, "An error occurred while rejecting this CER.", fd_msg_pmdl_get(cer));
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	659 fd_msg_free(*cer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	660 *cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	661 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	662 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	663
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	664 /* We have established a new connection to the remote peer, send CER and eventually process the election */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	665 int fd_p_ce_handle_newcnx(struct fd_peer * peer, struct cnxctx * initiator)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	666 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	667 struct msg * cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	668
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	669 /* Send CER on the new connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	670 CHECK_FCT( create_CER(peer, initiator, &cer) );
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	671 CHECK_FCT( fd_out_send(&cer, initiator, peer, 0) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	672
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	673 /* Are we doing an election ? */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	674 if (fd_peer_getstate(peer) == STATE_WAITCNXACK_ELEC) {
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	675 if (election_result(peer)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	676 /* Close initiator connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	677 fd_cnx_destroy(initiator);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	678
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	679 LOG_D("%s: Election lost on outgoing connection, closing and answering CEA on incoming connection.", peer->p_hdr.info.pi_diamid);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	680
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	681 /* Process with the receiver side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	682 CHECK_FCT( fd_p_ce_process_receiver(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	683
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	684 } else {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	685 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	686 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	687 pei.pei_errcode = "ELECTION_LOST";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	688 pei.pei_message = "Please answer my CER instead, you won the election.";
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	689 LOG_D("%s: Election lost on incoming connection, closing and waiting for CEA on outgoing connection.", peer->p_hdr.info.pi_diamid);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	690
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	691 /* Answer an ELECTION LOST to the receiver side */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	692 receiver_reject(&peer->p_receiver, &peer->p_cer, &pei);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	693 CHECK_FCT( to_waitcea(peer, initiator) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	694 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	695 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	696 /* No election (yet) */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	697 CHECK_FCT( to_waitcea(peer, initiator) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	698 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	699
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	700 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	701 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	702
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	703 /* We have received a Capabilities Exchange message on the peer connection */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	704 int fd_p_ce_msgrcv(struct msg ** msg, int req, struct fd_peer * peer)
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	705 {
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	706 uint32_t rc = 0;
1405 3cbe458fbfa9 Fix compiler warnings Luke Mewburn <luke@mewburn.net> parents: 1396 diff changeset	707 int st = STATE_NEW;
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	708 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	709
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	710 TRACE_ENTRY("%p %p", msg, peer);
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	711 CHECK_PARAMS( msg && *msg && CHECK_PEER(peer) );
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	712
130 a16504d20ed1 Handle CEA with error result codes Sebastien Decugis <sdecugis@nict.go.jp> parents: 129 diff changeset	713 /* The only valid situation where we are called is in WAITCEA and we receive a CEA (we may have won an election) */
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	714
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	715 /* Note : to implement Capabilities Update, we would need to change here */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	716
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	717 /* If it is a CER, just reply an error */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	718 if (req) {
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	719 /* Create the error message */
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	720 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, msg, MSGFL_ANSW_ERROR ) );
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	721
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	722 /* Set the error code */
827 a8ed055a9253 Fix name of the constant errors used for rescode Sebastien Decugis <sdecugis@freediameter.net> parents: 740 diff changeset	723 CHECK_FCT( fd_msg_rescode_set(*msg, "DIAMETER_UNABLE_TO_COMPLY", "No CER allowed in current state", NULL, 1 ) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	724
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	725 /* msg now contains an answer message to send back */
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	726 CHECK_FCT_DO( fd_out_send(msg, NULL, peer, 0), /* In case of error the message has already been dumped */ );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	727 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	728
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	729 /* If the state is not WAITCEA, just discard the message */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	730 if (req \|\| ((st = fd_peer_getstate(peer)) != STATE_WAITCEA)) {
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	731 if (*msg) {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	732 /* In such case, just discard the message */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	733 char buf[128];
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	734 snprintf(buf, sizeof(buf), "Received while peer state machine was in state %s.", STATE_STR(st));
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	735 fd_hook_call(HOOK_MESSAGE_DROPPED, msg, peer, buf, fd_msg_pmdl_get(msg));
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	736
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	737 CHECK_FCT_DO( fd_msg_free(msg), / continue */);
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	738 *msg = NULL;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	739 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	740
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	741 return 0;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	742 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	743
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	744 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	745
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	746 /* Save info from the CEA into the peer */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	747 CHECK_FCT_DO( save_remote_CE_info(*msg, peer, &pei, &rc),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	748 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	749 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "An error occurred while processing incoming CEA.", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	750 goto cleanup;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	751 } );
62 a57a7133fe89 Dispose sent CEA Sebastien Decugis <sdecugis@nict.go.jp> parents: 56 diff changeset	752
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	753 /* Check the Result-Code */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	754 switch (rc) {
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	755 case ER_DIAMETER_SUCCESS:
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	756 /* Log success */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	757 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, *msg, peer, NULL, NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	758
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	759 /* Dispose of the message, we don't need it anymore */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	760 CHECK_FCT_DO( fd_msg_free(msg), / continue */ );
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	761 *msg = NULL;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	762
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	763 /* No problem, we can continue */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	764 break;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	765
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	766 case ER_DIAMETER_TOO_BUSY:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	767 /* Retry later */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	768 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "Remote peer is too busy", NULL);
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	769 fd_psm_cleanup(peer, 0);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	770 fd_psm_next_timeout(peer, 0, 300);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	771 return 0;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	772
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	773 case ER_ELECTION_LOST:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	774 /* Ok, just wait for a little while for the CER to be processed on the other connection. */
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	775 TRACE_DEBUG(FULL, "Peer %s replied a CEA with Result-Code AVP ELECTION_LOST, waiting for events.", peer->p_hdr.info.pi_diamid);
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	776 return 0;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	777
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	778 default:
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	779 /* In any other case, we abort all attempts to connect to this peer */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	780 fd_hook_call(HOOK_PEER_CONNECT_FAILED, *msg, peer, "CEA with unexpected error code", NULL);
131 50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	781 return EINVAL;
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	782 }
50d1dc19b221 Hopefully removed infinite loop Sebastien Decugis <sdecugis@nict.go.jp> parents: 130 diff changeset	783
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	784
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	785 /* Handshake if needed, start clear otherwise */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	786 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	787 int todo = peer->p_hdr.info.config.pic_flags.sec & peer->p_hdr.info.runtime.pir_isi ;
267 51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	788 /* Special case: if the peer did not send a ISI AVP */
51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	789 if (peer->p_hdr.info.runtime.pir_isi == 0)
51d224448024 Workaround to allow interop with (bad) opendiameter Sebastien Decugis <sdecugis@nict.go.jp> parents: 258 diff changeset	790 todo = peer->p_hdr.info.config.pic_flags.sec;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	791
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	792 if (todo == PI_SEC_NONE) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	793 /* Ok for clear connection */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	794 TRACE_DEBUG(INFO, "No TLS protection negotiated with peer '%s'.", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	795 CHECK_FCT( fd_cnx_start_clear(peer->p_cnxctx, 1) );
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	796
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	797 } else if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	798 LOG_E("Clear connection with remote peer '%s' is not (explicitly) allowed, and TLS is disabled. Giving up...", peer->p_hdr.info.pi_diamid);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	799 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS is disabled and peer is not configured for IPsec", NULL);
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	800 goto cleanup;
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	801
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	802 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	803 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE);
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1155 diff changeset	804 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_CLIENT, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL),
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	805 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	806 /* Handshake failed ... */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	807 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS handshake failed after CER/CEA exchange", NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	808 goto cleanup;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	809 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	810
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	811 /* Retrieve the credentials */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	812 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	813 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	814 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	815
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	816 /* Move to next state */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	817 if (peer->p_flags.pf_cnx_pb) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	818 fd_psm_change_state(peer, STATE_REOPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	819 CHECK_FCT( fd_p_dw_reopen(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	820 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	821 fd_psm_change_state(peer, STATE_OPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	822 fd_psm_next_timeout(peer, 1, peer->p_hdr.info.config.pic_twtimer ?: fd_g_config->cnf_timer_tw);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	823 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	824
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	825 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	826
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	827 cleanup:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	828 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	829
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	830 /* Send the error to the peer */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	831 CHECK_FCT( fd_event_send(peer->p_events, FDEVP_CNX_ERROR, 0, NULL) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	832
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	833 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	834 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	835
1396 188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	836 /* Check if enough processing peers are connected to allow connections by other peers */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	837 static int sufficient_processing_peers(void) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	838 int processing_peers_count = 0;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	839 struct fd_list * li;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	840
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	841 CHECK_FCT( pthread_rwlock_rdlock(&fd_g_activ_peers_rw) );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	842 for (li = fd_g_activ_peers.next; li != &fd_g_activ_peers; li = li->next) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	843 struct fd_peer * p = (struct fd_peer *)li->o;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	844
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	845 TRACE_DEBUG(FULL, "comparing '%s' against processing peers pattern", p->p_hdr.info.pi_diamid);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	846 if (regexec(&fd_g_config->cnf_processing_peers_pattern_regex, p->p_hdr.info.pi_diamid, 0, NULL, 0) == 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	847 processing_peers_count++;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	848 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	849 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	850 CHECK_FCT( pthread_rwlock_unlock(&fd_g_activ_peers_rw) );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	851
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	852 TRACE_DEBUG(FULL, "%d processing peers found", processing_peers_count);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	853 return (processing_peers_count >= fd_g_config->cnf_processing_peers_minimum);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	854 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	855
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	856 /* Handle the receiver side to go to OPEN or OPEN_NEW state (any election is resolved) */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	857 int fd_p_ce_process_receiver(struct fd_peer * peer)
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	858 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	859 struct fd_pei pei;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	860 struct msg * msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	861 int isi = 0;
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	862 int fatal = 0;
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	863 int tls_sync=0;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	864
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	865 TRACE_ENTRY("%p", peer);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	866
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	867 CHECK_FCT_DO( set_peer_cnx(peer, &peer->p_receiver),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	868 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	869 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Error saving the incoming connection in the peer structure", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	870 return __ret__;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	871 } );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	872 msg = peer->p_cer;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	873 peer->p_cer = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	874
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	875 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	876
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	877 /* Parse the content of the received CER */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	878 CHECK_FCT_DO( save_remote_CE_info(msg, peer, &pei, NULL), goto error_abort );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	879
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	880 /* Validate the realm if needed */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	881 if (peer->p_hdr.info.config.pic_realm) {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	882 size_t len = strlen(peer->p_hdr.info.config.pic_realm);
738 d666051658bd Fix broken 'almostcasecmp' logic Sebastien Decugis <sdecugis@nict.go.jp> parents: 725 diff changeset	883 if (fd_os_almostcasesrch(peer->p_hdr.info.config.pic_realm, len, peer->p_hdr.info.runtime.pir_realm, peer->p_hdr.info.runtime.pir_realmlen, NULL)) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	884 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', realm mismatch with configured value (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	885 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER"; /* maybe AVP_NOT_ALLOWED would be better fit? */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	886 goto error_abort;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	887 }
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	888 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	889
725 8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	890 /* Save the credentials if handshake already occurred */
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	891 if ( fd_cnx_getTLS(peer->p_cnxctx) ) {
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	892 CHECK_FCT( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size) );
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	893 }
8b03c672261f Fix a small bug in peers validation process Sebastien Decugis <sdecugis@nict.go.jp> parents: 706 diff changeset	894
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	895 /* Validate the peer if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	896 if (peer->p_flags.pf_responder) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	897 int res = fd_peer_validate( peer );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	898 if (res < 0) {
974 2091bf698fb1 Remove newlines from fd_log_debug, TRACE_DEBUG, TRACE_ERROR, and TRACE_DEBUG_ERROR Thomas Klausner <tk@giga.or.at> parents: 935 diff changeset	899 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', validation failed (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	900 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER";
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	901 goto error_abort;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	902 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	903 CHECK_FCT( res );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	904 }
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	905
1396 188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	906 /* Check peer type and if enough processing peers are already connected */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	907 if (fd_g_config->cnf_processing_peers_minimum > 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	908 if (regexec(&fd_g_config->cnf_processing_peers_pattern_regex, peer->p_hdr.info.pi_diamid, 0, NULL, 0) != 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	909 /* peer is not a processing peer */
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	910 if (!sufficient_processing_peers()) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	911 pei.pei_errcode = "DIAMETER_TOO_BUSY";
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	912 goto error_abort;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	913 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	914 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	915 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	916
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	917 if (peer->p_flags.pf_responder) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	918 int res = fd_peer_validate( peer );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	919 if (res < 0) {
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	920 TRACE_DEBUG(INFO, "Rejected CER from peer '%s', validation failed (returning DIAMETER_UNKNOWN_PEER).", peer->p_hdr.info.pi_diamid);
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	921 pei.pei_errcode = "DIAMETER_UNKNOWN_PEER";
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	922 goto error_abort;
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	923 }
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	924 CHECK_FCT( res );
188c82b6690b Add ProcessingPeersPattern and ProcessingPeersMinimum parameters. Thomas Klausner <tk@giga.or.at> parents: 1281 diff changeset	925 }
87 c1c0f8a45c67 Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 78 diff changeset	926 /* Check if we have common applications */
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	927 if ( fd_g_config->cnf_flags.no_fwd && (! peer->p_hdr.info.runtime.pir_relay) ) {
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	928 int got_common;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	929 CHECK_FCT( fd_app_check_common( &fd_g_config->cnf_apps, &peer->p_hdr.info.runtime.pir_apps, &got_common) );
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	930 if (!got_common) {
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	931 TRACE_DEBUG(INFO, "No common application with peer '%s', sending DIAMETER_NO_COMMON_APPLICATION", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	932 pei.pei_errcode = "DIAMETER_NO_COMMON_APPLICATION";
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	933 fatal = 1;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	934 goto error_abort;
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	935 }
0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	936 }
87 c1c0f8a45c67 Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 78 diff changeset	937
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	938 /* Do we agree on ISI ? */
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	939 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	940
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	941 /* In case of responder, the validate callback must have set the config.pic_flags.sec value already */
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	942
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	943 /* First case: we are not using old mechanism: ISI are deprecated, we ignore it. */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	944 if ( ! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD)) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	945 /* Just check then that the peer configuration allows for IPsec protection */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	946 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	947 isi = PI_SEC_NONE;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	948 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	949 /* otherwise, we should have already been protected. Reject */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	950 TRACE_DEBUG(INFO, "Non TLS-protected CER/CEA exchanges are not allowed with this peer, rejecting.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	951 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	952 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	953 /* The old mechanism is allowed with this peer. Now, look into the ISI AVP values */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	954
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	955 /* In case no ISI was present anyway: */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	956 if (!peer->p_hdr.info.runtime.pir_isi) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	957 TRACE_DEBUG(INFO, "Inband-Security-Id AVP is missing in received CER.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	958 if (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	959 isi = PI_SEC_NONE;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	960 TRACE_DEBUG(INFO, "IPsec protection allowed by configuration, allowing this mechanism to be used.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	961 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	962 /* otherwise, we should have already been protected. Reject */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	963 TRACE_DEBUG(INFO, "Rejecting the peer connection (please allow IPsec here or configure TLS in the remote peer).");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	964 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	965 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	966 /* OK, the remote peer did send the ISI AVP. */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	967 if ((peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE) && (peer->p_hdr.info.runtime.pir_isi & PI_SEC_NONE)) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	968 /* We have allowed IPsec */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	969 isi = PI_SEC_NONE;
1155 d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	970 } else if (fd_g_config->cnf_sec_data.tls_disabled) {
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	971 /* We can agree on TLS */
d00b5914351e Allow running freeDiameter without TLS credentials if the following conditions are verified: Sebastien Decugis <sdecugis@freediameter.net> parents: 1127 diff changeset	972 TRACE_DEBUG(INFO, "Remote peer is not allowed for IPsec and TLS is disabled.");;
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	973 } else if (peer->p_hdr.info.runtime.pir_isi & PI_SEC_TLS_OLD) {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	974 /* We can agree on TLS */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	975 isi = PI_SEC_TLS_OLD;
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	976 } else {
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	977 TRACE_DEBUG(INFO, "Remote peer requested IPsec protection, but local configuration forbids it.");
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	978 }
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	979 }
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	980 }
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	981
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	982 /* If we did not find an agreement */
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	983 if (!isi) {
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	984 TRACE_DEBUG(INFO, "No common security mechanism with '%s', sending DIAMETER_NO_COMMON_SECURITY", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	985 pei.pei_errcode = "DIAMETER_NO_COMMON_SECURITY";
162 79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	986 fatal = 1;
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	987 goto error_abort;
79768bf7d208 Completed whitelist extension Sebastien Decugis <sdecugis@nict.go.jp> parents: 160 diff changeset	988 }
332 e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	989
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	990 /* Do not send the ISI IPsec if we are using the new mechanism */
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	991 if ((isi == PI_SEC_NONE) && (! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD)))
e624fa5f85ca Attempt to fix a bug reported by Alexey Berdnikov (CER without ISI AVP) Sebastien Decugis <sdecugis@nict.go.jp> parents: 267 diff changeset	992 isi = 0;
1265 4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	993 } else if (peer->p_hdr.info.runtime.pir_isi & PI_SEC_TLS_OLD) {
4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	994 /* Seem some weird peers are sending the Inband-Security-Id AVP on the secure port... No harm */
4ca14a36ae66 Add Inband-Security-Id AVP to CEA if the CER contains one even if it is the secure port Sebastien Decugis <sdecugis@freediameter.net> parents: 1249 diff changeset	995 isi = PI_SEC_TLS_OLD;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	996 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	997
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	998 /* Reply a CEA */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	999 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, &msg, 0 ) );
56 299507847ef9 Fixed duplicate Origin-Host AVPs in CEA Sebastien Decugis <sdecugis@nict.go.jp> parents: 43 diff changeset	1000 CHECK_FCT( fd_msg_rescode_set(msg, "DIAMETER_SUCCESS", NULL, NULL, 0 ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1001 CHECK_FCT( add_CE_info(msg, peer->p_cnxctx, isi & PI_SEC_TLS_OLD, isi & PI_SEC_NONE) );
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1002
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1003 /* The connection is complete, but we may still need TLS handshake */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1004 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, msg, peer, NULL, NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1005
1238 8f9684264fe0 Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages. Sebastien Decugis <sdecugis@freediameter.net> parents: 1230 diff changeset	1006 CHECK_FCT( fd_out_send(&msg, peer->p_cnxctx, peer, 0 ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1007
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1008 /* Handshake if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1009 if (isi & PI_SEC_TLS_OLD) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1010 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE);
1181 22de21feec64 Preparing for DTLS support Sebastien Decugis <sdecugis@freediameter.net> parents: 1155 diff changeset	1011 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_SERVER, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL),
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1012 {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1013 /* Handshake failed ... */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1014 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "TLS handshake failed after CER/CEA exchange", NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1015 goto cleanup;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1016 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1017
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1018 /* Retrieve the credentials */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1019 CHECK_FCT_DO( fd_cnx_getcred(peer->p_cnxctx, &peer->p_hdr.info.runtime.pir_cert_list, &peer->p_hdr.info.runtime.pir_cert_list_size),
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1020 {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1021 /* Error ... */
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1022 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Unable to retrieve remote credentials after TLS handshake", NULL);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1023 goto cleanup;
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1024 } );
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1025
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1026
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1027 /* Call second validation callback if needed */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1028 if (peer->p_cb2) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1029 TRACE_DEBUG(FULL, "Calling second validation callback for %s", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1030 CHECK_FCT_DO( (*peer->p_cb2)( &peer->p_hdr.info ),
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1031 {
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1032 fd_hook_call(HOOK_PEER_CONNECT_FAILED, NULL, peer, "Validation callback rejected the peer after handshake", NULL);
78 a58f0757c06a Added code for DPR/DPA Sebastien Decugis <sdecugis@nict.go.jp> parents: 66 diff changeset	1033 CHECK_FCT( fd_psm_terminate( peer, "DO_NOT_WANT_TO_TALK_TO_YOU" ) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1034 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1035 } );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1036 }
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1037 tls_sync = 1;
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1038 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1039 if ( ! fd_cnx_getTLS(peer->p_cnxctx) ) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1040 TRACE_DEBUG(INFO, "No TLS protection negotiated with peer '%s'.", peer->p_hdr.info.pi_diamid);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1041 CHECK_FCT( fd_cnx_start_clear(peer->p_cnxctx, 1) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1042 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1043 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1044
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1045 /* Move to OPEN or REOPEN state */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1046 if (peer->p_flags.pf_cnx_pb) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1047 fd_psm_change_state(peer, STATE_REOPEN );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1048 CHECK_FCT( fd_p_dw_reopen(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1049 } else {
1186 56c36d1007b4 Further preparation of the DTLS integration. Some cleanups in the GNUTLS handling. Sebastien Decugis <sdecugis@freediameter.net> parents: 1181 diff changeset	1050 if ((!tls_sync) && (fd_cnx_is_unordered_delivery_supported(peer->p_cnxctx))) {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1051 fd_psm_change_state(peer, STATE_OPEN_NEW );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1052 /* send DWR */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1053 CHECK_FCT( fd_p_dw_timeout(peer) );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1054 } else {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1055
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1056 fd_psm_change_state(peer, STATE_OPEN );
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1057 fd_psm_next_timeout(peer, 1, peer->p_hdr.info.config.pic_twtimer ?: fd_g_config->cnf_timer_tw);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1058 }
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1059 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1060
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1061 return 0;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1062
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1063 error_abort:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1064 if (pei.pei_errcode) {
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1065 /* Send the error */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1066 fd_hook_call(HOOK_PEER_CONNECT_FAILED, msg, peer, pei.pei_message ?: pei.pei_errcode, NULL);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1067 receiver_reject(&peer->p_cnxctx, &msg, &pei);
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1068 } else {
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1069 char buf[1024];
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1070 snprintf(buf, sizeof(buf), "Unexpected error occurred while processing incoming connection from '%s'.", peer->p_hdr.info.pi_diamid);
d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1071 fd_hook_call(HOOK_PEER_CONNECT_FAILED, msg, peer, buf, NULL);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1072 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1073
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1074 cleanup:
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1075 if (msg) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1076 fd_msg_free(msg);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1077 }
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1078 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1079
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1080 /* Send the error to the peer */
105 0d9c9e004be0 Compute common applications after CER reception Sebastien Decugis <sdecugis@nict.go.jp> parents: 87 diff changeset	1081 CHECK_FCT( fd_event_send(peer->p_events, fatal ? FDEVP_TERMINATE : FDEVP_CNX_ERROR, 0, NULL) );
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1082
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1083 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1084 }
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1085
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1086 /* We have received a CER on a new connection for this peer */
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1087 int fd_p_ce_handle_newCER(struct msg ** msg, struct fd_peer * peer, struct cnxctx ** cnx, int valid)
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1088 {
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1089 struct fd_pei pei;
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1090 int cur_state = fd_peer_getstate(peer);
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1091 memset(&pei, 0, sizeof(pei));
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1092
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1093 switch (cur_state) {
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1094 case STATE_CLOSED:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1095 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1096 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1097 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1098 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1099 CHECK_FCT( fd_p_ce_process_receiver(peer) );
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1100 break;
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1101
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1102 case STATE_WAITCNXACK:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1103 /* Save the parameters in the peer, move to STATE_WAITCNXACK_ELEC */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1104 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1105 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1106 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1107 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1108 CHECK_FCT( fd_psm_change_state(peer, STATE_WAITCNXACK_ELEC) );
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1109 break;
7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1110
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1111 case STATE_WAITCEA:
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1112 if (election_result(peer)) {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1113
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1114 /* Close initiator connection (was already set as principal) */
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1115 LOG_D("%s: Election lost on outgoing connection, closing and answering CEA on incoming connection.", peer->p_hdr.info.pi_diamid);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1116 fd_p_ce_clear_cnx(peer, NULL);
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1117
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1118 /* and go on with the receiver side */
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1119 peer->p_receiver = *cnx;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1120 *cnx = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1121 peer->p_cer = *msg;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1122 *msg = NULL;
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1123 CHECK_FCT( fd_p_ce_process_receiver(peer) );
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1124
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1125 } else {
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1126
2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1127 /* Answer an ELECTION LOST to the receiver side and continue */
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1128 pei.pei_errcode = "ELECTION_LOST";
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1129 pei.pei_message = "Please answer my CER instead, you won the election.";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1130 LOG_D("%s: Election lost on incoming connection, closing and waiting for CEA on outgoing connection.", peer->p_hdr.info.pi_diamid);
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1131 receiver_reject(cnx, msg, &pei);
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1132 }
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1133 break;
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1134
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1135 default:
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1136 pei.pei_errcode = "DIAMETER_UNABLE_TO_COMPLY"; /* INVALID COMMAND? in case of Capabilities-Updates? */
4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1137 pei.pei_message = "Invalid state to receive a new connection attempt.";
1103 d8591b1c56cd Implemented a few hooks Sebastien Decugis <sdecugis@freediameter.net> parents: 1078 diff changeset	1138 LOG_E("%s: Rejecting new connection attempt while our state machine is in state '%s'", peer->p_hdr.info.pi_diamid, STATE_STR(cur_state));
706 4ffbc9f1e922 Large UNTESTED commit with the following changes: Sebastien Decugis <sdecugis@nict.go.jp> parents: 688 diff changeset	1139 receiver_reject(cnx, msg, &pei);
36 1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1140 }
1498b3c7304c Backup Sebastien Decugis <sdecugis@nict.go.jp> parents: 35 diff changeset	1141
43 2db15632a63d Added a large part of connection establishment logic, to test Sebastien Decugis <sdecugis@nict.go.jp> parents: 40 diff changeset	1142 return 0;
40 7e1deaa89540 Some progress on the PSM Sebastien Decugis <sdecugis@nict.go.jp> parents: 37 diff changeset	1143 }

Mercurial > hg > freeDiameter

annotate libfdcore/p_ce.c @ 1554:566bb46cc73f