Mercurial > hg > freeDiameter
comparison libfdcore/p_ce.c @ 1238:8f9684264fe0
Change management of the p_reqin_count counter to be updated only on routable messages. This should limit the errors in the counter value resulting from rejected or discarded link-local messages.
| author | Sebastien Decugis <sdecugis@freediameter.net> |
|---|---|
| date | Thu, 10 Oct 2013 16:08:46 +0200 |
| parents | e72c9dad62ac |
| children | 4ad4d614acfa |
comparison
equal
deleted
inserted
replaced
| 1236:a0d9fb49694e | 1238:8f9684264fe0 |
|---|---|
| 632 static void receiver_reject(struct cnxctx ** recv_cnx, struct msg ** cer, struct fd_pei * error) | 632 static void receiver_reject(struct cnxctx ** recv_cnx, struct msg ** cer, struct fd_pei * error) |
| 633 { | 633 { |
| 634 /* Create and send the CEA with appropriate error code */ | 634 /* Create and send the CEA with appropriate error code */ |
| 635 CHECK_FCT_DO( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, cer, MSGFL_ANSW_ERROR ), goto destroy ); | 635 CHECK_FCT_DO( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, cer, MSGFL_ANSW_ERROR ), goto destroy ); |
| 636 CHECK_FCT_DO( fd_msg_rescode_set(*cer, error->pei_errcode, error->pei_message, error->pei_avp, 1 ), goto destroy ); | 636 CHECK_FCT_DO( fd_msg_rescode_set(*cer, error->pei_errcode, error->pei_message, error->pei_avp, 1 ), goto destroy ); |
| 637 CHECK_FCT_DO( fd_out_send(cer, *recv_cnx, NULL), goto destroy ); | 637 CHECK_FCT_DO( fd_out_send(cer, *recv_cnx, NULL, 0), goto destroy ); |
| 638 | 638 |
| 639 if (error->pei_avp_free) { | 639 if (error->pei_avp_free) { |
| 640 fd_msg_free(error->pei_avp); | 640 fd_msg_free(error->pei_avp); |
| 641 } | 641 } |
| 642 | 642 |
| 656 { | 656 { |
| 657 struct msg * cer = NULL; | 657 struct msg * cer = NULL; |
| 658 | 658 |
| 659 /* Send CER on the new connection */ | 659 /* Send CER on the new connection */ |
| 660 CHECK_FCT( create_CER(peer, initiator, &cer) ); | 660 CHECK_FCT( create_CER(peer, initiator, &cer) ); |
| 661 CHECK_FCT( fd_out_send(&cer, initiator, peer) ); | 661 CHECK_FCT( fd_out_send(&cer, initiator, peer, 0) ); |
| 662 | 662 |
| 663 /* Are we doing an election ? */ | 663 /* Are we doing an election ? */ |
| 664 if (fd_peer_getstate(peer) == STATE_WAITCNXACK_ELEC) { | 664 if (fd_peer_getstate(peer) == STATE_WAITCNXACK_ELEC) { |
| 665 if (election_result(peer)) { | 665 if (election_result(peer)) { |
| 666 /* Close initiator connection */ | 666 /* Close initiator connection */ |
| 711 | 711 |
| 712 /* Set the error code */ | 712 /* Set the error code */ |
| 713 CHECK_FCT( fd_msg_rescode_set(*msg, "DIAMETER_UNABLE_TO_COMPLY", "No CER allowed in current state", NULL, 1 ) ); | 713 CHECK_FCT( fd_msg_rescode_set(*msg, "DIAMETER_UNABLE_TO_COMPLY", "No CER allowed in current state", NULL, 1 ) ); |
| 714 | 714 |
| 715 /* msg now contains an answer message to send back */ | 715 /* msg now contains an answer message to send back */ |
| 716 CHECK_FCT_DO( fd_out_send(msg, NULL, peer), /* In case of error the message has already been dumped */ ); | 716 CHECK_FCT_DO( fd_out_send(msg, NULL, peer, 0), /* In case of error the message has already been dumped */ ); |
| 717 } | 717 } |
| 718 | 718 |
| 719 /* If the state is not WAITCEA, just discard the message */ | 719 /* If the state is not WAITCEA, just discard the message */ |
| 720 if (req || ((st = fd_peer_getstate(peer)) != STATE_WAITCEA)) { | 720 if (req || ((st = fd_peer_getstate(peer)) != STATE_WAITCEA)) { |
| 721 if (*msg) { | 721 if (*msg) { |
| 940 /* Do not send the ISI IPsec if we are using the new mechanism */ | 940 /* Do not send the ISI IPsec if we are using the new mechanism */ |
| 941 if ((isi == PI_SEC_NONE) && (! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD))) | 941 if ((isi == PI_SEC_NONE) && (! (peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD))) |
| 942 isi = 0; | 942 isi = 0; |
| 943 } | 943 } |
| 944 | 944 |
| 945 /* Update the counter to match with the answer being sent */ | |
| 946 CHECK_POSIX( pthread_mutex_lock(&peer->p_state_mtx) ); | |
| 947 peer->p_reqin_count++; | |
| 948 CHECK_POSIX( pthread_mutex_unlock(&peer->p_state_mtx) ); | |
| 949 | |
| 950 /* Reply a CEA */ | 945 /* Reply a CEA */ |
| 951 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, &msg, 0 ) ); | 946 CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, &msg, 0 ) ); |
| 952 CHECK_FCT( fd_msg_rescode_set(msg, "DIAMETER_SUCCESS", NULL, NULL, 0 ) ); | 947 CHECK_FCT( fd_msg_rescode_set(msg, "DIAMETER_SUCCESS", NULL, NULL, 0 ) ); |
| 953 CHECK_FCT( add_CE_info(msg, peer->p_cnxctx, isi & PI_SEC_TLS_OLD, isi & PI_SEC_NONE) ); | 948 CHECK_FCT( add_CE_info(msg, peer->p_cnxctx, isi & PI_SEC_TLS_OLD, isi & PI_SEC_NONE) ); |
| 954 | 949 |
| 955 /* The connection is complete, but we may still need TLS handshake */ | 950 /* The connection is complete, but we may still need TLS handshake */ |
| 956 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, msg, peer, NULL, NULL); | 951 fd_hook_call(HOOK_PEER_CONNECT_SUCCESS, msg, peer, NULL, NULL); |
| 957 | 952 |
| 958 CHECK_FCT( fd_out_send(&msg, peer->p_cnxctx, peer ) ); | 953 CHECK_FCT( fd_out_send(&msg, peer->p_cnxctx, peer, 0 ) ); |
| 959 | 954 |
| 960 /* Handshake if needed */ | 955 /* Handshake if needed */ |
| 961 if (isi & PI_SEC_TLS_OLD) { | 956 if (isi & PI_SEC_TLS_OLD) { |
| 962 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE); | 957 fd_psm_change_state(peer, STATE_OPEN_HANDSHAKE); |
| 963 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_SERVER, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL), | 958 CHECK_FCT_DO( fd_cnx_handshake(peer->p_cnxctx, GNUTLS_SERVER, ALGO_HANDSHAKE_3436, peer->p_hdr.info.config.pic_priority, NULL), |