freeDiameter: freeDiameter/config.c annotate

annotate freeDiameter/config.c @ 18:e7187583dcf8

Added CA helper script

author	Sebastien Decugis <sdecugis@nict.go.jp>
date	Mon, 05 Oct 2009 17:13:01 +0900
parents	ab3c58d88be3
children	277ec00d793e

rev	line source
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	1 /*********************************************************************************************************
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	2 * Software License Agreement (BSD License) *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	3 * Author: Sebastien Decugis <sdecugis@nict.go.jp> *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	4 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	5 * Copyright (c) 2009, WIDE Project and NICT *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	6 * All rights reserved. *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	7 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	8 * Redistribution and use of this software in source and binary forms, with or without modification, are *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	9 * permitted provided that the following conditions are met: *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	10 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	11 * * Redistributions of source code must retain the above *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	12 * copyright notice, this list of conditions and the *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	13 * following disclaimer. *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	14 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	15 * * Redistributions in binary form must reproduce the above *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	16 * copyright notice, this list of conditions and the *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	17 * following disclaimer in the documentation and/or other *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	18 * materials provided with the distribution. *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	19 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	20 * * Neither the name of the WIDE Project or NICT nor the *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	21 * names of its contributors may be used to endorse or *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	22 * promote products derived from this software without *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	23 * specific prior written permission of WIDE Project and *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	24 * NICT. *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	25 * *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	27 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	28 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	29 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	30 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	32 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	34 *********************************************************************************************************/
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	35
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	36 #include "fD.h"
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	37
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	38 /* Configuration management */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	39
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	40 #ifndef GNUTLS_DEFAULT_PRIORITY
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	41 # define GNUTLS_DEFAULT_PRIORITY "NORMAL"
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	42 #endif /* GNUTLS_DEFAULT_PRIORITY */
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	43 #ifndef GNUTLS_DEFAULT_DHBITS
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	44 # define GNUTLS_DEFAULT_DHBITS 1024
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	45 #endif /* GNUTLS_DEFAULT_DHBITS */
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	46
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	47 /* Initialize the fd_g_config structure to default values */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	48 int fd_conf_init()
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	49 {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	50 TRACE_ENTRY();
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	51
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	52 fd_g_config->cnf_eyec = EYEC_CONFIG;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	53 fd_g_config->cnf_file = DEFAULT_CONF_FILE;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	54
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	55 fd_g_config->cnf_timer_tc = 30;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	56 fd_g_config->cnf_timer_tw = 30;
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	57
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	58 fd_g_config->cnf_port = 3868;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	59 fd_g_config->cnf_port_tls = 3869;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	60 fd_g_config->cnf_sctp_str = 30;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	61 fd_list_init(&fd_g_config->cnf_endpoints, NULL);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	62 fd_list_init(&fd_g_config->cnf_apps, NULL);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	63 #ifdef DISABLE_SCTP
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	64 fd_g_config->cnf_flags.no_sctp = 1;
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	65 #endif /* DISABLE_SCTP */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	66
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	67 fd_g_config->cnf_orstateid = (uint32_t) time(NULL);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	68
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	69 CHECK_FCT( fd_dict_init(&fd_g_config->cnf_dict) );
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	70 CHECK_FCT( fd_fifo_new(&fd_g_config->cnf_main_ev) );
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	71
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	72 /* TLS parameters */
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	73 CHECK_GNUTLS_DO( gnutls_certificate_allocate_credentials (&fd_g_config->cnf_sec_data.credentials), return ENOMEM );
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	74 CHECK_GNUTLS_DO( gnutls_dh_params_init (&fd_g_config->cnf_sec_data.dh_cache), return ENOMEM );
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	75
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	76 return 0;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	77 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	78
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	79 void fd_conf_dump()
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	80 {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	81 if (!TRACE_BOOL(INFO))
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	82 return;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	83
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	84 fd_log_debug("-- Configuration :\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	85 fd_log_debug(" Debug trace level ...... : %+d\n", fd_g_debug_lvl);
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	86 fd_log_debug(" Configuration file ..... : %s\n", fd_g_config->cnf_file);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	87 fd_log_debug(" Diameter Identity ...... : %s (l:%Zi)\n", fd_g_config->cnf_diamid, fd_g_config->cnf_diamid_len);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	88 fd_log_debug(" Diameter Realm ......... : %s (l:%Zi)\n", fd_g_config->cnf_diamrlm, fd_g_config->cnf_diamrlm_len);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	89 fd_log_debug(" Tc Timer ............... : %u\n", fd_g_config->cnf_timer_tc);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	90 fd_log_debug(" Tw Timer ............... : %u\n", fd_g_config->cnf_timer_tw);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	91 fd_log_debug(" Local port ............. : %hu\n", fd_g_config->cnf_port);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	92 fd_log_debug(" Local secure port ...... : %hu\n", fd_g_config->cnf_port_tls);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	93 fd_log_debug(" Number of SCTP streams . : %hu\n", fd_g_config->cnf_sctp_str);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	94 if (FD_IS_LIST_EMPTY(&fd_g_config->cnf_endpoints)) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	95 fd_log_debug(" Local endpoints ........ : Default (use all available)\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	96 } else {
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	97 struct fd_list * li = fd_g_config->cnf_endpoints.next;
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	98 fd_log_debug(" Local endpoints ........ : ");
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	99 while (li != &fd_g_config->cnf_endpoints) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	100 struct fd_endpoint * ep = (struct fd_endpoint *)li;
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	101 if (li != fd_g_config->cnf_endpoints.next) fd_log_debug(" ");
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	102 sSA_DUMP_NODE( &ep->ss, NI_NUMERICHOST );
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	103 fd_log_debug("\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	104 li = li->next;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	105 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	106 }
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	107 if (FD_IS_LIST_EMPTY(&fd_g_config->cnf_apps)) {
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	108 fd_log_debug(" Local applications ..... : (none)\n");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	109 } else {
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	110 struct fd_list * li = fd_g_config->cnf_apps.next;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	111 fd_log_debug(" Local applications ..... : ");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	112 while (li != &fd_g_config->cnf_apps) {
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	113 struct fd_app * app = (struct fd_app *)li;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	114 if (li != fd_g_config->cnf_apps.next) fd_log_debug(" ");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	115 fd_log_debug("App: %u\t%s%s%s\tVnd: %u\n",
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	116 app->appid,
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	117 app->flags.auth ? "Au" : "--",
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	118 app->flags.acct ? "Ac" : "--",
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	119 app->flags.common ? "C" : "-",
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	120 app->vndid);
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	121 li = li->next;
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	122 }
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	123 }
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	124
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	125 fd_log_debug(" Flags : - IP ........... : %s\n", fd_g_config->cnf_flags.no_ip4 ? "DISABLED" : "Enabled");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	126 fd_log_debug(" - IPv6 ......... : %s\n", fd_g_config->cnf_flags.no_ip6 ? "DISABLED" : "Enabled");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	127 fd_log_debug(" - Relay app .... : %s\n", fd_g_config->cnf_flags.no_fwd ? "DISABLED" : "Enabled");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	128 fd_log_debug(" - TCP .......... : %s\n", fd_g_config->cnf_flags.no_tcp ? "DISABLED" : "Enabled");
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	129 #ifdef DISABLE_SCTP
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	130 fd_log_debug(" - SCTP ......... : DISABLED (at compilation)\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	131 #else /* DISABLE_SCTP */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	132 fd_log_debug(" - SCTP ......... : %s\n", fd_g_config->cnf_flags.no_sctp ? "DISABLED" : "Enabled");
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	133 #endif /* DISABLE_SCTP */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	134 fd_log_debug(" - Pref. proto .. : %s\n", fd_g_config->cnf_flags.pr_tcp ? "TCP" : "SCTP");
c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	135 fd_log_debug(" - TLS method ... : %s\n", fd_g_config->cnf_flags.tls_alg ? "INBAND" : "Separate port");
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	136
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	137 fd_log_debug(" TLS : - Certificate .. : %s\n", fd_g_config->cnf_sec_data.cert_file ?: "(NONE)");
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	138 fd_log_debug(" - Private key .. : %s\n", fd_g_config->cnf_sec_data.key_file ?: "(NONE)");
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	139 fd_log_debug(" - CA (trust) ... : %s\n", fd_g_config->cnf_sec_data.ca_file ?: "(none)");
17 ab3c58d88be3 Added proper gcrypt initializer Sebastien Decugis <sdecugis@nict.go.jp> parents: 10 diff changeset	140 fd_log_debug(" - CRL .......... : %s\n", fd_g_config->cnf_sec_data.crl_file ?: "(none)");
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	141 fd_log_debug(" - Priority ..... : %s\n", fd_g_config->cnf_sec_data.prio_string ?: "(default: '" GNUTLS_DEFAULT_PRIORITY "')");
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	142 fd_log_debug(" - DH bits ...... : %d\n", fd_g_config->cnf_sec_data.dh_bits ?: GNUTLS_DEFAULT_DHBITS);
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	143
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	144 fd_log_debug(" Origin-State-Id ........ : %u\n", fd_g_config->cnf_orstateid);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	145 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	146
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	147 /* Parse the configuration file (using the yacc parser) */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	148 int fd_conf_parse()
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	149 {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	150 extern FILE * fddin;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	151
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	152 TRACE_DEBUG (FULL, "Parsing configuration file: %s", fd_g_config->cnf_file);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	153
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	154 fddin = fopen(fd_g_config->cnf_file, "r");
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	155 if (fddin == NULL) {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	156 int ret = errno;
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	157 fprintf(stderr, "Unable to open configuration file %s for reading: %s\n", fd_g_config->cnf_file, strerror(ret));
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	158 return ret;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	159 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	160
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	161 /* call yacc parser */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	162 CHECK_FCT( fddparse(fd_g_config) );
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	163
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	164 /* close the file */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	165 fclose(fddin);
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	166
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	167 /* Check that TLS private key was given */
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	168 if (! fd_g_config->cnf_sec_data.key_file) {
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	169 fprintf(stderr, "Missing private key configuration for TLS. Please provide the TLS_cred configuration directive.\n");
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	170 return EINVAL;
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	171 }
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	172
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	173 /* Resolve hostname if not provided */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	174 if (fd_g_config->cnf_diamid == NULL) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	175 #ifndef HOST_NAME_MAX
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	176 #define HOST_NAME_MAX 1024
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	177 #endif /* HOST_NAME_MAX */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	178 char buf[HOST_NAME_MAX + 1];
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	179 struct addrinfo hints, *info;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	180 int ret;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	181
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	182 /* local host name */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	183 CHECK_SYS(gethostname(buf, sizeof(buf)));
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	184
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	185 /* get FQDN */
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	186 memset(&hints, 0, sizeof hints);
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	187 hints.ai_flags = AI_CANONNAME;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	188
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	189 ret = getaddrinfo(buf, NULL, &hints, &info);
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	190 if (ret != 0) {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	191 fprintf(stderr, "Error resolving local FQDN :\n"
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	192 " '%s' : %s\n"
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	193 "Please provide LocalIdentity in configuration file.\n",
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	194 buf, gai_strerror(ret));
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	195 return EINVAL;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	196 }
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	197 CHECK_MALLOC( fd_g_config->cnf_diamid = strdup(info->ai_canonname) );
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	198 freeaddrinfo(info);
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	199 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	200
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	201 /* cache the length of the diameter id for the session module */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	202 fd_g_config->cnf_diamid_len = strlen(fd_g_config->cnf_diamid);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	203
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	204 /* Handle the realm part */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	205 if (fd_g_config->cnf_diamrlm == NULL) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	206 char * start = NULL;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	207
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	208 /* Check the diameter identity is a fqdn */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	209 start = strchr(fd_g_config->cnf_diamid, '.');
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	210 if ((start == NULL) \|\| (start[1] == '\0')) {
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	211 fprintf(stderr, "Unable to extract realm from the LocalIdentity '%s'.\n"
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	212 "Please fix your LocalIdentity setting or provide LocalRealm.\n",
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	213 fd_g_config->cnf_diamid);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	214 return EINVAL;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	215 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	216
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	217 CHECK_MALLOC( fd_g_config->cnf_diamrlm = strdup( start + 1 ) );
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	218 }
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	219 fd_g_config->cnf_diamrlm_len = strlen(fd_g_config->cnf_diamrlm);
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	220
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	221 /* Validate some flags */
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	222 if (fd_g_config->cnf_flags.no_ip4 && fd_g_config->cnf_flags.no_ip6) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	223 fprintf(stderr, "IP and IPv6 cannot be disabled at the same time.\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	224 return EINVAL;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	225 }
10 c5c99c73c2bf Added some extensions and functions in the daemon Sebastien Decugis <sdecugis@nict.go.jp> parents: 8 diff changeset	226 if (fd_g_config->cnf_flags.no_tcp && fd_g_config->cnf_flags.no_sctp) {
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	227 fprintf(stderr, "TCP and SCTP cannot be disabled at the same time.\n");
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	228 return EINVAL;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	229 }
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	230
18 e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	231 /* Configure TLS default parameters */
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	232 if (! fd_g_config->cnf_sec_data.prio_string) {
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	233 const char * err_pos = NULL;
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	234 CHECK_GNUTLS_DO( gnutls_priority_init(
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	235 &fd_g_config->cnf_sec_data.prio_cache,
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	236 GNUTLS_DEFAULT_PRIORITY,
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	237 &err_pos),
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	238 { TRACE_DEBUG(INFO, "Error in priority string at position : %s", err_pos); return EINVAL; } );
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	239 }
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	240 if (! fd_g_config->cnf_sec_data.dh_bits) {
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	241 CHECK_GNUTLS_DO( gnutls_dh_params_generate2(
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	242 fd_g_config->cnf_sec_data.dh_cache,
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	243 GNUTLS_DEFAULT_DHBITS),
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	244 { TRACE_DEBUG(INFO, "Error in DH bits value : %d", GNUTLS_DEFAULT_DHBITS); return EINVAL; } );
e7187583dcf8 Added CA helper script Sebastien Decugis <sdecugis@nict.go.jp> parents: 17 diff changeset	245 }
17 ab3c58d88be3 Added proper gcrypt initializer Sebastien Decugis <sdecugis@nict.go.jp> parents: 10 diff changeset	246
ab3c58d88be3 Added proper gcrypt initializer Sebastien Decugis <sdecugis@nict.go.jp> parents: 10 diff changeset	247
8 3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	248 return 0;
3e143f047f78 Backup for the week-end Sebastien Decugis <sdecugis@nict.go.jp> parents: diff changeset	249 }

Mercurial > hg > freeDiameter

annotate freeDiameter/config.c @ 18:e7187583dcf8