Mercurial > hg > freeDiameter
annotate include/freeDiameter/freeDiameter.h @ 83:c662d3eb6ff6
Started support for routing module
| author | Sebastien Decugis <sdecugis@nict.go.jp> |
|---|---|
| date | Wed, 02 Dec 2009 18:28:28 +0900 |
| parents | b6344f1d521a |
| children | e5fcd672caff |
| rev | line source |
|---|---|
| 0 | 1 /********************************************************************************************************* |
| 2 * Software License Agreement (BSD License) * | |
| 3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> * | |
| 4 * * | |
| 5 * Copyright (c) 2009, WIDE Project and NICT * | |
| 6 * All rights reserved. * | |
| 7 * * | |
| 8 * Redistribution and use of this software in source and binary forms, with or without modification, are * | |
| 9 * permitted provided that the following conditions are met: * | |
| 10 * * | |
| 11 * * Redistributions of source code must retain the above * | |
| 12 * copyright notice, this list of conditions and the * | |
| 13 * following disclaimer. * | |
| 14 * * | |
| 15 * * Redistributions in binary form must reproduce the above * | |
| 16 * copyright notice, this list of conditions and the * | |
| 17 * following disclaimer in the documentation and/or other * | |
| 18 * materials provided with the distribution. * | |
| 19 * * | |
| 20 * * Neither the name of the WIDE Project or NICT nor the * | |
| 21 * names of its contributors may be used to endorse or * | |
| 22 * promote products derived from this software without * | |
| 23 * specific prior written permission of WIDE Project and * | |
| 24 * NICT. * | |
| 25 * * | |
| 26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * | |
| 27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * | |
| 28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * | |
| 29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * | |
| 30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * | |
| 31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * | |
| 32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * | |
| 33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * | |
| 34 *********************************************************************************************************/ | |
| 35 | |
| 36 #ifndef _FREEDIAMETER_H | |
| 37 #define _FREEDIAMETER_H | |
| 38 | |
| 39 | |
|
1
bafb831ba688
Fix names to proper case for freeDiameter
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
0
diff
changeset
|
40 #include <freeDiameter/libfreeDiameter.h> |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
41 #include <gnutls/gnutls.h> |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
42 #include <gnutls/x509.h> |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
43 |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
44 /* GNUTLS version */ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
45 #ifndef GNUTLS_VERSION |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
46 #define GNUTLS_VERSION LIBGNUTLS_VERSION |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
47 #endif /* GNUTLS_VERSION */ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
48 |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
49 /* Check the return value of a GNUTLS function, log and propagate */ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
50 #define CHECK_GNUTLS_DO( __call__, __fallback__ ) { \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
51 int __ret__; \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
52 TRACE_DEBUG_ALL( "Check FCT: " #__call__ ); \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
53 __ret__ = (__call__); \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
54 if (__ret__ < 0) { \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
55 TRACE_DEBUG(INFO, "Error in '" #__call__ "':\t%s", gnutls_strerror(__ret__)); \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
56 __fallback__; \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
57 } \ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
58 } |
| 0 | 59 |
| 60 | |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
61 /* Structure to hold the configuration of the freeDiameter daemon */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
62 struct fd_config { |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
63 int cnf_eyec; /* Eye catcher: EYEC_CONFIG */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
64 #define EYEC_CONFIG 0xC011F16 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
65 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
66 char *cnf_file; /* Configuration file to parse, default is DEFAULT_CONF_FILE */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
67 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
68 char *cnf_diamid; /* Diameter Identity of the local peer (FQDN -- UTF-8) */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
69 size_t cnf_diamid_len; /* length of the previous string */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
70 char *cnf_diamrlm; /* Diameter realm of the local peer, default to realm part of diam_id */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
71 size_t cnf_diamrlm_len;/* length of the previous string */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
72 |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
73 unsigned int cnf_timer_tc; /* The value in seconds of the default Tc timer */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
74 unsigned int cnf_timer_tw; /* The value in seconds of the default Tw timer */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
75 |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
76 uint16_t cnf_port; /* the local port for legacy Diameter (default: 3868) in host byte order */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
77 uint16_t cnf_port_tls; /* the local port for Diameter/TLS (default: 3869) in host byte order */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
78 uint16_t cnf_sctp_str; /* default max number of streams for SCTP associations (def: 30) */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
79 struct fd_list cnf_endpoints; /* the local endpoints to bind the server to. list of struct fd_endpoint. default is empty (bind all) */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
80 struct fd_list cnf_apps; /* Applications locally supported (except relay, see flags). Use fd_disp_app_support to add one. list of struct fd_app. */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
81 struct { |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
82 unsigned no_fwd : 1; /* the peer does not relay messages (0xffffff app id) */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
83 unsigned no_ip4 : 1; /* disable IP */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
84 unsigned no_ip6 : 1; /* disable IPv6 */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
85 unsigned no_tcp : 1; /* disable use of TCP */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
86 unsigned no_sctp: 1; /* disable the use of SCTP */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
87 unsigned pr_tcp : 1; /* prefer TCP over SCTP */ |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
88 unsigned tls_alg: 1; /* TLS algorithm for initiated cnx. 0: separate port. 1: inband-security (old) */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
89 } cnf_flags; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
90 |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
91 struct { |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
92 /* Credentials parameters (backup) */ |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
93 char * cert_file; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
94 char * key_file; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
95 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
96 char * ca_file; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
97 char * crl_file; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
98 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
99 char * prio_string; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
100 unsigned int dh_bits; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
101 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
102 /* GNUTLS parameters */ |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
103 gnutls_priority_t prio_cache; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
104 gnutls_dh_params_t dh_cache; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
105 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
106 /* GNUTLS server credential(s) */ |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
107 gnutls_certificate_credentials_t credentials; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
17
diff
changeset
|
108 |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
109 } cnf_sec_data; |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
110 |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
111 uint32_t cnf_orstateid; /* The value to use in Origin-State-Id, default to random value */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
112 struct dictionary *cnf_dict; /* pointer to the global dictionary */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
113 struct fifo *cnf_main_ev; /* events for the daemon's main (struct fd_event items) */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
114 }; |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
115 extern struct fd_config *fd_g_config; /* The pointer to access the global configuration, initalized in main */ |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
7
diff
changeset
|
116 |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
117 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
118 /***************************************/ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
119 /* Peers information */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
120 /***************************************/ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
121 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
122 /* States of a peer */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
123 enum peer_state { |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
124 /* Stable states */ |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
125 STATE_NEW = 0, /* The peer has been just been created, PSM thread not started yet */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
126 STATE_OPEN, /* Connexion established */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
127 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
128 /* Peer state machine */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
129 STATE_CLOSED, /* No connection established, will re-attempt after TcTimer. */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
130 STATE_CLOSING, /* the connection is being shutdown (DPR/DPA in progress) */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
131 STATE_WAITCNXACK, /* Attempting to establish transport-level connection */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
132 STATE_WAITCNXACK_ELEC, /* Received a CER from this same peer on an incoming connection (other peer object), while we were waiting for cnx ack */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
133 STATE_WAITCEA, /* Connection established, CER sent, waiting for CEA */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
134 /* STATE_WAITRETURNS_ELEC, */ /* This state is not stable and therefore deprecated: |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
135 We have sent a CER on our initiated connection, and received a CER from the remote peer on another connection. Election. |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
136 If we win the election, we must disconnect the initiated connection and send a CEA on the other => we go to OPEN state. |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
137 If we lose, we disconnect the other connection (receiver) and fallback to WAITCEA state. */ |
| 42 | 138 STATE_OPEN_HANDSHAKE, /* TLS Handshake and validation are in progress in open state -- we use it only for debug purpose, it is never displayed */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
139 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
140 /* Failover state machine */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
141 STATE_SUSPECT, /* A DWR was sent and not answered within TwTime. Failover in progress. */ |
|
14
14cf6daf716d
Some progress on peers module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
142 STATE_REOPEN, /* Connection has been re-established, waiting for 3 DWR/DWA exchanges before putting back to service */ |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
143 |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
144 /* Error state */ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
145 STATE_ZOMBIE /* The PSM thread is not running anymore; it must be re-started or peer should be deleted. */ |
|
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
146 #define STATE_MAX STATE_ZOMBIE |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
147 }; |
|
33
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
148 /* The following macro is called in freeDiameter/p_psm.c */ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
149 #define DECLARE_STATE_STR() \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
150 const char *peer_state_str[] = { \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
151 "STATE_NEW" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
152 , "STATE_OPEN" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
153 , "STATE_CLOSED" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
154 , "STATE_CLOSING" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
155 , "STATE_WAITCNXACK" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
156 , "STATE_WAITCNXACK_ELEC" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
157 , "STATE_WAITCEA" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
158 , "STATE_OPEN_HANDSHAKE" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
159 , "STATE_SUSPECT" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
160 , "STATE_REOPEN" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
161 , "STATE_ZOMBIE" \ |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
162 }; |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
163 extern const char *peer_state_str[]; |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
11
diff
changeset
|
164 #define STATE_STR(state) \ |
|
16
013ce9851131
Started including TLS code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
14
diff
changeset
|
165 (((unsigned)(state)) <= STATE_MAX ? peer_state_str[((unsigned)(state)) ] : "<Invalid>") |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
166 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
167 /* Information about a remote peer */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
168 struct peer_info { |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
169 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
170 char * pi_diamid; /* UTF-8, \0 terminated. The Diameter Identity of the remote peer. */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
171 |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
172 struct { |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
173 struct { |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
174 #define PI_P3_DEFAULT 0 /* Use any available protocol */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
175 #define PI_P3_IP 1 /* Use only IP to connect to this peer */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
176 #define PI_P3_IPv6 2 /* resp, IPv6 */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
177 unsigned pro3 :2; |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
178 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
179 #define PI_P4_DEFAULT 0 /* Attempt any available protocol */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
180 #define PI_P4_TCP 1 /* Only use TCP */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
181 #define PI_P4_SCTP 2 /* Only use SCTP */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
182 unsigned pro4 :2; |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
183 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
184 #define PI_ALGPREF_SCTP 0 /* SCTP is attempted first (default) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
185 #define PI_ALGPREF_TCP 1 /* TCP is attempted first */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
186 unsigned alg :1; |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
187 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
188 #define PI_SEC_DEFAULT 0 /* New TLS security (handshake after connection, protecting also CER/CEA) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
189 #define PI_SEC_NONE 1 /* Transparent security with this peer (IPsec) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
190 #define PI_SEC_TLS_OLD 2 /* Old TLS security (use Inband-Security-Id AVP during CER/CEA) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
191 unsigned sec :2; /* Set sec = 3 to authorize use of (Inband-Security-Id == NONE) with this peer, sec = 2 only authorizing TLS */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
192 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
193 #define PI_EXP_NONE 0 /* the peer entry does not expire */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
194 #define PI_EXP_INACTIVE 1 /* the peer entry expires (i.e. is deleted) after pi_lft seconds without activity */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
195 unsigned exp :1; |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
196 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
197 #define PI_PRST_NONE 0 /* the peer entry is deleted after disconnection / error */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
198 #define PI_PRST_ALWAYS 1 /* the peer entry is persistant (will be kept as ZOMBIE in case of error) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
199 unsigned persist :1; |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
200 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
201 } pic_flags; /* Flags influencing the connection to the remote peer */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
202 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
203 char * pic_realm; /* If configured, the daemon will match the received realm in CER/CEA matches this. */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
204 uint16_t pic_port; /* port to connect to. 0: default. */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
205 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
206 uint32_t pic_lft; /* lifetime of this peer when inactive (see pic_flags.exp definition) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
207 int pic_tctimer; /* use this value for TcTimer instead of global, if != 0 */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
208 int pic_twtimer; /* use this value for TwTimer instead of global, if != 0 */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
209 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
210 char * pic_priority; /* Priority string for GnuTLS if we don't use the default */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
211 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
212 } config; /* Configured data (static for this peer entry) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
213 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
214 struct { |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
215 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
216 enum peer_state pir_state; /* Current state of the peer in the state machine */ |
| 36 | 217 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
218 char * pir_realm; /* The received realm in CER/CEA. */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
219 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
220 uint32_t pir_vendorid; /* Content of the Vendor-Id AVP, or 0 by default */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
221 uint32_t pir_orstate; /* Origin-State-Id value */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
222 char * pir_prodname; /* copy of UTF-8 Product-Name AVP (\0 terminated) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
223 uint32_t pir_firmrev; /* Content of the Firmware-Revision AVP */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
224 int pir_relay; /* The remote peer advertized the relay application */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
225 struct fd_list pir_apps; /* applications advertised by the remote peer, except relay (pi_flags.relay) */ |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
226 int pir_isi; /* Inband-Security-Id advertised (PI_SEC_* bits) */ |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
227 |
|
78
a58f0757c06a
Added code for DPR/DPA
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
43
diff
changeset
|
228 uint32_t pir_lastDC; /* The last Disconnect-Cause value received */ |
|
a58f0757c06a
Added code for DPR/DPA
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
43
diff
changeset
|
229 |
|
37
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
230 int pir_proto; /* The L4 protocol currently used with the peer (IPPROTO_TCP or IPPROTO_SCTP) */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
231 const gnutls_datum_t *pir_cert_list; /* The (valid) credentials that the peer has presented, or NULL if TLS is not used */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
232 /* This is inspired from http://www.gnu.org/software/gnutls/manual/gnutls.html#ex_003ax509_002dinfo |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
233 see there for example of using this data */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
234 unsigned int pir_cert_list_size; /* Number of certificates in the list */ |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
235 |
|
cc3c59fe98fe
Lot of cleanups in peer structure management
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
36
diff
changeset
|
236 } runtime; /* Data populated after connection, may change between 2 connections -- not used by fd_peer_add */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
237 |
|
13
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
238 struct fd_list pi_endpoints; /* Endpoint(s) of the remote peer (configured, discovered, or advertized). list of struct fd_endpoint. DNS resolved if empty. */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
239 }; |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
240 |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
241 struct peer_hdr { |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
242 struct fd_list chain; /* List of all the peers, ordered by their Diameter Id */ |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
243 struct peer_info info; /* The public data */ |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
244 |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
245 /* This header is followed by more data in the private peer structure definition */ |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
246 }; |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
247 |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
248 /* the global list of peers. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
249 Since we are not expecting so many connections, we don't use a hash, but it might be changed. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
250 The list items are peer_hdr structures (actually, fd_peer, but the cast is OK) */ |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
251 extern struct fd_list fd_g_peers; |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
252 extern pthread_rwlock_t fd_g_peers_rw; /* protect the list */ |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
253 |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
254 /* |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
255 * FUNCTION: fd_peer_add |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
256 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
257 * PARAMETERS: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
258 * info : Information to create the peer. |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
11
diff
changeset
|
259 * orig_dbg : A string indicating the origin of the peer information, for debug (ex: conf, redirect, ...) |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
260 * cb : optional, a callback to call (once) when the peer connection is established or failed |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
261 * cb_data : opaque data to pass to the callback. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
262 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
263 * DESCRIPTION: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
264 * Add a peer to the list of peers to which the daemon must maintain a connexion. |
|
13
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
265 * |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
266 * The content of info parameter is copied, except for the list of endpoints if |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
267 * not empty, which is simply moved into the created object. It means that the list |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
268 * items must have been malloc'd, so that they can be freed. |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
269 * |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
270 * If cb is not null, the callback is called when the connection is in OPEN state or |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
271 * when an error has occurred. The callback should use the pi_state information to |
|
13
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
272 * determine which one it is. If the first parameter of the called callback is NULL, it |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
273 * means that the peer is being destroyed before attempt success / failure. |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
274 * cb is called to allow freeing cb_data in * this case. |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
275 * |
|
ef9ef3bf4752
Progress on peer state machine
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
12
diff
changeset
|
276 * The orig_dbg string is only useful for easing debug, and can be left to NULL. |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
277 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
278 * RETURN VALUE: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
279 * 0 : The peer is added. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
280 * EINVAL : A parameter is invalid. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
281 * EEXIST : A peer with the same Diameter-Id is already in the list. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
282 * (other standard errors may be returned, too, with their standard meaning. Example: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
283 * ENOMEM : Memory allocation for the new object element failed.) |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
284 */ |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
11
diff
changeset
|
285 int fd_peer_add ( struct peer_info * info, char * orig_dbg, void (*cb)(struct peer_info *, void *), void * cb_data ); |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
286 |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
287 /* |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
288 * FUNCTION: peer_validate_register |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
289 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
290 * PARAMETERS: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
291 * peer_validate : Callback as defined bellow. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
292 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
293 * DESCRIPTION: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
294 * Add a callback to authorize / reject incoming peer connections. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
295 * All registered callbacks are called until a callback sets auth = -1 or auth = 1. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
296 * If no callback returns a clear decision, the default behavior is applied (reject unknown connections) |
|
33
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
297 * The callbacks are called in FILO order of their registration. |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
298 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
299 * RETURN VALUE: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
300 * 0 : The callback is added. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
301 * !0 : An error occurred. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
302 */ |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
303 int fd_peer_validate_register ( int (*peer_validate)(struct peer_info * /* info */, int * /* auth */, int (**cb2)(struct peer_info *)) ); |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
304 /* |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
305 * CALLBACK: peer_validate |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
306 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
307 * PARAMETERS: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
308 * info : Structure containing information about the peer attempting the connection. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
309 * auth : Store there the result if the peer is accepted (1), rejected (-1), or unknown (0). |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
310 * cb2 : If != NULL and in case of PI_SEC_TLS_OLD, another callback to call after handshake (if auth = 1). |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
311 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
312 * DESCRIPTION: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
313 * This callback is called when a new connection is being established from an unknown peer, |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
314 * after the CER is received. An extension must register such callback with peer_validate_register. |
|
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
315 * |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
316 * The callback can learn if the peer has sent Inband-Security-Id AVPs in runtime.pir_isi fields. |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
317 * It can also learn if a handshake has already been performed in runtime.pir_cert_list field. |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
318 * The callback must set the value of config.pic_flags.sec appropriately to allow a connection without TLS. |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
319 * |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
320 * If the old TLS mechanism is used, |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
321 * the extension may also need to check the credentials provided during the TLS |
|
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
322 * exchange (remote certificate). For this purpose, it may set the address of a new callback |
|
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
323 * to be called once the handshake is completed. This new callback receives the information |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
324 * structure as parameter (with pir_cert_list set) and returns 0 if the credentials are correct, |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
325 * or an error code otherwise. If the error code is received, the connection is closed and the |
|
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
326 * peer is destroyed. |
|
11
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
327 * |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
328 * RETURN VALUE: |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
329 * 0 : The authorization decision has been written in the location pointed by auth. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
330 * !0 : An error occurred. |
|
6576ef5e01eb
Added some support for peers
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
331 */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
332 |
| 0 | 333 /***************************************/ |
| 334 /* Sending a message on the network */ | |
| 335 /***************************************/ | |
| 336 | |
| 337 /* | |
| 338 * FUNCTION: fd_msg_send | |
| 339 * | |
| 340 * PARAMETERS: | |
| 341 * pmsg : Location of the message to be sent on the network (set to NULL on function return to avoid double deletion). | |
| 342 * anscb : A callback to be called when answer is received, if msg is a request (optional) | |
| 343 * anscb_data : opaque data to be passed back to the anscb when it is called. | |
| 344 * | |
| 345 * DESCRIPTION: | |
| 346 * Sends a message on the network. (actually simply queues it in a global queue, to be picked by a daemon's thread) | |
| 347 * For requests, the end-to-end id must be set (see fd_msg_get_eteid / MSGFL_ALLOC_ETEID). | |
| 348 * For answers, the message must be created with function fd_msg_new_answ. | |
| 349 * | |
| 350 * The routing module will handle sending to the correct peer, usually based on the Destination-Realm / Destination-Host AVP. | |
| 351 * | |
| 352 * If the msg is a request, there are two ways of receiving the answer: | |
| 353 * - either having registered a callback in the dispatch module (see disp_register) | |
| 354 * - or provide a callback as parameter here. If such callback is provided, it is called before the dispatch callbacks. | |
| 355 * The prototype for this callback function is: | |
| 356 * void anscb(void * data, struct msg ** answer) | |
| 357 * where: | |
| 358 * data : opaque data that was registered along with the callback. | |
| 359 * answer : location of the pointer to the answer. | |
| 360 * note1: on function return, if *answer is not NULL, the message is passed to the dispatch module for regular callbacks. | |
| 361 * otherwise, the callback must take care of freeing the message (msg_free). | |
| 362 * note2: the opaque data is not freed by the daemon in any case, extensions should ensure clean handling in waaad_ext_fini. | |
| 363 * | |
| 364 * If no callback is registered to handle an answer, the message is discarded and an error is logged. | |
| 365 * | |
| 366 * RETURN VALUE: | |
| 367 * 0 : The message has been queued for sending (sending may fail asynchronously). | |
| 368 * EINVAL : A parameter is invalid (ex: anscb provided but message is not a request). | |
| 369 * ... | |
| 370 */ | |
| 371 int fd_msg_send ( struct msg ** pmsg, void (*anscb)(void *, struct msg **), void * data ); | |
| 372 | |
| 373 /* | |
| 374 * FUNCTION: fd_msg_rescode_set | |
| 375 * | |
| 376 * PARAMETERS: | |
| 377 * msg : A msg object -- it must be an answer. | |
| 378 * rescode : The name of the returned error code (ex: "DIAMETER_INVALID_AVP") | |
| 379 * errormsg : (optional) human-readable error message to put in Error-Message AVP | |
| 380 * optavp : (optional) If provided, the content will be put inside a Failed-AVP | |
| 381 * type_id : 0 => nothing; 1 => adds Origin-Host and Origin-Realm with local info. 2=> adds Error-Reporting-Host. | |
| 382 * | |
| 383 * DESCRIPTION: | |
| 384 * This function adds a Result-Code AVP to a message, and optionally | |
| 385 * - sets the 'E' error flag in the header, | |
| 386 * - adds Error-Message, Error-Reporting-Host and Failed-AVP AVPs. | |
| 387 * | |
| 388 * RETURN VALUE: | |
| 389 * 0 : Operation complete. | |
| 390 * !0 : an error occurred. | |
| 391 */ | |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
392 int fd_msg_rescode_set( struct msg * msg, char * rescode, char * errormsg, struct avp * optavp, int type_id ); |
| 0 | 393 |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
394 /* Add Origin-Host, Origin-Realm, (if osi) Origin-State-Id AVPS at the end of the message */ |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
395 int fd_msg_add_origin ( struct msg * msg, int osi ); |
| 0 | 396 |
|
34
0e2b57789361
Backup for the WE, some warnings remaining
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
33
diff
changeset
|
397 /* Parse a message against our dictionary, and in case of error log and eventually build the error reply (on return and EBADMSG, *msg == NULL or *msg is the error message ready to send) */ |
|
0e2b57789361
Backup for the WE, some warnings remaining
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
33
diff
changeset
|
398 int fd_msg_parse_or_error( struct msg ** msg ); |
| 0 | 399 |
|
7
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
400 |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
401 /***************************************/ |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
402 /* Dispatch module, daemon's part */ |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
403 /***************************************/ |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
404 |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
405 /* |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
406 * FUNCTION: fd_disp_app_support |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
407 * |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
408 * PARAMETERS: |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
409 * app : The dictionary object corresponding to the Application. |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
410 * vendor : (Optional) the dictionary object of a Vendor to claim support in Vendor-Specific-Application-Id |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
411 * auth : Support auth app part. |
|
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
412 * acct : Support acct app part. |
|
7
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
413 * |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
414 * DESCRIPTION: |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
415 * Registers an application to be advertized in CER/CEA exchanges. |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
416 * Messages with an application-id matching a registered value are passed to the dispatch module, |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
417 * while other messages are simply relayed or an error is returned (if local node does not relay) |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
418 * |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
419 * RETURN VALUE: |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
420 * 0 : The application support is registered. |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
421 * EINVAL : A parameter is invalid. |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
422 */ |
|
10
c5c99c73c2bf
Added some extensions and functions in the daemon
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
8
diff
changeset
|
423 int fd_disp_app_support ( struct dict_object * app, struct dict_object * vendor, int auth, int acct ); |
|
7
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
424 |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
425 /* Note: if we want to support capabilities updates, we'll have to add possibility to remove an app as well... */ |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
426 |
|
e5af94b04946
Added dispatch module and tests
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
1
diff
changeset
|
427 |
|
24
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
428 /***************************************/ |
|
83
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
429 /* Routing module */ |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
430 /***************************************/ |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
431 |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
432 /* This file contains the definitions of types and functions involved in the routing decisions in freeDiameter, |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
433 * and that can be called by extensions. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
434 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
435 * Three different type of messages must be distinguished: |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
436 * - Messages received, and the peer is final recipient (IN messages) |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
437 * - Messages received, and the peer is not final recipient (FWD messages) |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
438 * - Message is locally generated (OUT messages) |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
439 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
440 * There are three global message queues (in queues.c) and also peers-specific queues (in struct fd_peer). |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
441 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
442 * (*) IN messages processing details: |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
443 * - the message is received from the remote peer, a FDEVP_CNX_MSG_RECV event is generated for the peer. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
444 * - the PSM thread parses the buffer, does some verifications, handles non routable messages (fd_msg_is_routable) |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
445 * - routable messages are queued in the fd_g_incoming global queue. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
446 * - a thread (routing-in) picks the message and takes the decision if it is handled locally or forwarded, |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
447 * based on local capabilities (registered by extensions). |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
448 * - If the message is handled locally, it is queued in fd_g_local. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
449 * - Another thread (dispatch.c) will handle this message and pass it to registered callbacks (see fd_disp_register in libfreeDiameter.h). |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
450 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
451 * (*) FWD messages details: |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
452 * - The process is the same as for IN messages, until the routing-in threads makes its decision that the message is not handled locally. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
453 * - All callbacks registered with fd_rt_fwd_register are called for the message (see bellow). |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
454 * - these callbacks will typically do proxying work. Note that adding the route-record is handled by the daemon. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
455 * - Once all callbacks have been called, the message is queued in the global fd_g_outgoing queue. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
456 * - The remaining processing is the same as for OUT messages, as described bellow. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
457 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
458 * (*) OUT messages details: |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
459 * - The message are picked from fd_g_outgoing, as result of forwarding process or call to fd_msg_send. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
460 * - The (routing-out) thread builds a list of possible destinations for the message. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
461 * The logic to build this list is as follow: |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
462 * - create a list of all known peers in the "OPEN" state. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
463 * - remove from that list all peers that are in a Route-Record AVP of the message, to avoid routing loops. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
464 * - remove also all peers that have previously replied an error message for this message. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
465 * - If the list is empty, create an error UNABLE_TO_DELIVER (note: should we trig dynamic discovery here???) and reply this. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
466 * - Otherwise, call all callbacks registered by function fd_rt_out_register, with the list of peers and the message. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
467 * - Order the resulting list of peers by score (see bellow), and sent the message to the peer with highest (positive) score. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
468 * - in case the peer is no longer in the "OPEN" state, send the message to the second peer in the list. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
469 * - if no peer is in OPEN state anymore, restart the process of creating the list. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
470 * - The peer thread will handle the creation of the Hop-by-hop ID and sending the message. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
471 * |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
472 * This part of the API (routing-api.h) provides the definitions of the rt_out_cb_t and rt_fwd_cb_t callbacks, and the |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
473 * functions to register and deregister these callbacks. |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
474 */ |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
475 |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
476 |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
477 |
|
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
478 /***************************************/ |
| 82 | 479 /* Events helpers */ |
| 480 /***************************************/ | |
| 481 | |
| 482 struct fd_event { | |
| 483 int code; /* codespace depends on the queue */ | |
| 484 size_t size; | |
| 485 void *data; | |
| 486 }; | |
| 487 | |
|
83
c662d3eb6ff6
Started support for routing module
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
82
diff
changeset
|
488 /* Daemon's codespace: 1000->1999 (1500->1999 defined in fD.h) */ |
| 82 | 489 enum { |
| 490 FDEV_TERMINATE = 1000 /* request to terminate */ | |
| 491 ,FDEV_DUMP_DICT /* Dump the content of the dictionary */ | |
| 492 ,FDEV_DUMP_EXT /* Dump state of extensions */ | |
| 493 ,FDEV_DUMP_SERV /* Dump the server socket status */ | |
| 494 ,FDEV_DUMP_QUEUES /* Dump the message queues */ | |
| 495 ,FDEV_DUMP_CONFIG /* Dump the configuration */ | |
| 496 ,FDEV_DUMP_PEERS /* Dump the list of peers */ | |
| 497 }; | |
| 498 | |
| 499 int fd_event_send(struct fifo *queue, int code, size_t datasz, void * data); | |
| 500 int fd_event_get(struct fifo *queue, int *code, size_t *datasz, void ** data); | |
| 501 int fd_event_timedget(struct fifo *queue, struct timespec * timeout, int timeoutcode, int *code, size_t *datasz, void ** data); | |
| 502 void fd_event_destroy(struct fifo **queue, void (*free_cb)(void * data)); | |
| 503 const char * fd_ev_str(int event); | |
| 504 | |
| 505 | |
| 506 /***************************************/ | |
|
24
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
507 /* Endpoints lists helpers */ |
|
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
508 /***************************************/ |
|
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
509 |
| 82 | 510 struct fd_endpoint { |
| 511 struct fd_list chain; /* link in cnf_endpoints list */ | |
| 512 | |
| 513 union { | |
| 514 sSS ss; /* the socket information. List is always ordered by ss value (memcmp) -- see fd_ep_add_merge */ | |
| 515 sSA4 sin; | |
| 516 sSA6 sin6; | |
| 517 sSA sa; | |
| 518 }; | |
| 519 | |
| 520 #define EP_FL_CONF (1 << 0) /* This endpoint is statically configured in a configuration file */ | |
| 521 #define EP_FL_DISC (1 << 1) /* This endpoint was resolved from the Diameter Identity or other DNS query */ | |
| 522 #define EP_FL_ADV (1 << 2) /* This endpoint was advertized in Diameter CER/CEA exchange */ | |
| 523 #define EP_FL_LL (1 << 3) /* Lower layer mechanism provided this endpoint */ | |
| 524 #define EP_FL_PRIMARY (1 << 4) /* This endpoint is primary in a multihomed SCTP association */ | |
| 525 uint32_t flags; /* Additional information about the endpoint */ | |
| 526 | |
| 527 /* To add: a validity timestamp for DNS records ? How do we retrieve this lifetime from DNS ? */ | |
| 528 }; | |
| 529 | |
|
24
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
530 int fd_ep_add_merge( struct fd_list * list, sSA * sa, socklen_t sl, uint32_t flags ); |
|
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
531 int fd_ep_filter( struct fd_list * list, uint32_t flags ); |
|
38
68c1890f7049
Fixed a small bug in SCTP close
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
37
diff
changeset
|
532 int fd_ep_filter_family( struct fd_list * list, int af ); |
|
24
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
533 int fd_ep_clearflags( struct fd_list * list, uint32_t flags ); |
|
33
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
534 void fd_ep_dump_one( char * prefix, struct fd_endpoint * ep, char * suffix ); |
|
e6fcdf12b9a0
Added a lot of TODOs :)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
25
diff
changeset
|
535 void fd_ep_dump( int indent, struct fd_list * eps ); |
|
24
bd83ce9328ed
Cleanups and completed sctp code (not finished)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
23
diff
changeset
|
536 |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
537 /***************************************/ |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
538 /* Applications lists helpers */ |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
539 /***************************************/ |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
540 |
| 82 | 541 struct fd_app { |
| 542 struct fd_list chain; /* link in cnf_apps list. List ordered by appid. */ | |
| 543 struct { | |
| 544 unsigned auth : 1; | |
| 545 unsigned acct : 1; | |
| 546 unsigned common : 1; | |
| 547 } flags; | |
| 548 vendor_id_t vndid; /* if not 0, Vendor-Specific-App-Id AVP will be used */ | |
| 549 application_id_t appid; /* The identifier of the application */ | |
| 550 }; | |
| 551 | |
|
43
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
552 int fd_app_merge(struct fd_list * list, application_id_t aid, vendor_id_t vid, int auth, int acct); |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
553 int fd_app_find_common(struct fd_list * target, struct fd_list * reference); |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
554 int fd_app_gotcommon(struct fd_list * apps); |
|
2db15632a63d
Added a large part of connection establishment logic, to test
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
42
diff
changeset
|
555 |
| 0 | 556 #endif /* _FREEDIAMETER_H */ |