Changeset 13:ef9ef3bf4752 in freeDiameter for include/freeDiameter/freeDiameter.h

Timestamp:

Sep 30, 2009, 6:25:46 PM (15 years ago)

Author:

Sebastien Decugis <sdecugis@nict.go.jp>

Branch:

default

Phase:

public

Message:

Progress on peer state machine

File:

• include/freeDiameter/freeDiameter.h (modified) (6 diffs)

include/freeDiameter/freeDiameter.h

@@ -81 +81 @@
         struct fd_list  chain;  /* link in cnf_endpoints list */
         sSS             ss;     /* the socket information. */
+        struct {
+                unsigned conf : 1; /* This endpoint is statically configured in a configuration file */
+                unsigned disc : 1; /* This endpoint was resolved from the Diameter Identity or other DNS query */
+                unsigned adv  : 1; /* This endpoint was advertized in Diameter CER/CEA exchange */
+                unsigned ll   : 1; /* Lower layer mechanism provided this endpoint */
+                
+                /* To add: a validity timestamp for DNS records ? How do we retrieve this lifetime from DNS ? */
+
+        }               meta;   /* Additional information about the endpoint */
 };
 
@@ -164 +173 @@
         peer_state_str[ ((unsigned)(state)) <= STATE_REOPEN ? ((unsigned)(state)) : 0 ]
 
-/* Information about a remote peer, used both for query and for creating a new entry */
+/* Information about a remote peer. Same structure is used for creating a new entry, but not all fields are meaningful in that case */
 struct peer_info {
         
-        char * pi_diamid;       /* UTF-8, \0 terminated. The Diameter Identity of the remote peer */
-        char * pi_realm;        /* idem, its realm. */
+        char *          pi_diamid;      /* UTF-8, \0 terminated. The Diameter Identity of the remote peer */
+        char *          pi_realm;       /* Its realm, as received in CER/CEA exchange. */
         
         struct {
@@ -191 +200 @@
                 
                 #define PI_EXP_NONE     0       /* the peer entry does not expire */
-                #define PI_EXP_INACTIVE 1       /* the peer entry expires after pi_lft seconds without activity */
+                #define PI_EXP_INACTIVE 1       /* the peer entry expires (i.e. is deleted) after pi_lft seconds without activity */
                 unsigned        exp :1;
                 
@@ -199 +208 @@
                 unsigned        inband :2;      /* This is only meaningful with pi_flags.sec == 3 */
                 
-                unsigned        relay :1;       /* The remote peer advertized the relay application */          
-        } pi_flags;
+                unsigned        relay :1;       /* The remote peer advertized the relay application */
+
+        }               pi_flags;       /* Some flags */
         
         /* Additional parameters */
-        uint32_t        pi_lft;         /* lifetime of entry without activity (except watchdogs) (see pi_flags.exp definition) */
+        uint32_t        pi_lft;         /* lifetime of this peer when inactive (see pi_flags.exp definition) */
         uint16_t        pi_streams;     /* number of streams for SCTP. 0 = default */
         uint16_t        pi_port;        /* port to connect to. 0: default. */
@@ -209 +219 @@
         int             pi_twtimer;     /* use this value for TwTimer instead of global, if != 0 */
         
-        struct fd_list  pi_endpoints;   /* Endpoint(s) of the remote peer (discovered or advertized). list of struct fd_endpoint. DNS resolved if empty. */
+        struct fd_list  pi_endpoints;   /* Endpoint(s) of the remote peer (configured, discovered, or advertized). list of struct fd_endpoint. DNS resolved if empty. */
+        
+        /* TLS specific data -- the exact data pointed here depends on the security module in use (ex: gnutls, ...) */
+        enum {
+                PI_SEC_GNUTLS = 0,      /* The security module is GNUTLS, this is the default */
+                PI_SEC_OTHER            /* Another security module (TBD) */
+        }               pi_sec_module;
+        union {
+                /* Security data when pi_sec_module == PI_SEC_GNUTLS */
+                struct {
+                        void *  CA;     /* Authority to use to validate this peer credentials (a CA or root certificate) -- use default if NULL */
+                        void *  cred;   /* The (valid) credentials that the peer has presented */
+                }       gnutls;
+                /* Security data when pi_sec_module == PI_SEC_OTHER */
+                struct {
+                        void * dummy;   /* Something meaningful for the other security module */
+                }       other;
+        }               pi_sec_data;
         
         /* The remaining information is read-only, not used for peer creation */
@@ -244 +271 @@
  * DESCRIPTION: 
  *  Add a peer to the list of peers to which the daemon must maintain a connexion.
- * If cb is not null, the callback is called when the connection is in OPEN state or
+ *
+ *  The content of info parameter is copied, except for the list of endpoints if 
+ * not empty, which is simply moved into the created object. It means that the list
+ * items must have been malloc'd, so that they can be freed.
+ *
+ *  If cb is not null, the callback is called when the connection is in OPEN state or
  * when an error has occurred. The callback should use the pi_state information to 
- * determine which one it is.
+ * determine which one it is. If the first parameter of the called callback is NULL, it 
+ * means that the peer is being destroyed before attempt success / failure. 
+ * cb is called to allow freeing cb_data in  * this case.
+ *
+ *  The orig_dbg string is only useful for easing debug, and can be left to NULL.
  *
  * RETURN VALUE: