Navigation


Ignore:
Timestamp:
Oct 7, 2009, 7:31:39 PM (15 years ago)
Author:
Sebastien Decugis <sdecugis@nict.go.jp>
Branch:
default
Phase:
public
Message:

Backup before typhoon... Progress on server side

File:
1 edited

Legend:

Unmodified
Added
Removed

  • include/freeDiameter/freeDiameter.h

    r18 r20  
    118118struct fd_endpoint {
    119119        struct fd_list  chain;  /* link in cnf_endpoints list */
    120         sSS             ss;     /* the socket information. */
     120        sSS             ss;     /* the socket information. List is always ordered by ss value (memcmp) */
    121121        struct {
    122122                unsigned conf : 1; /* This endpoint is statically configured in a configuration file */
     
    175175        ,FDEV_DUMP_DICT         /* Dump the content of the dictionary */
    176176        ,FDEV_DUMP_EXT          /* Dump state of extensions */
     177        ,FDEV_DUMP_SERV         /* Dump the server socket status */
    177178        ,FDEV_DUMP_QUEUES       /* Dump the message queues */
    178179        ,FDEV_DUMP_CONFIG       /* Dump the configuration */
    179180        ,FDEV_DUMP_PEERS        /* Dump the list of peers */
    180181};
    181 const char * fd_ev_str(int event);
     182const char * fd_ev_str(int event); /* defined in freeDiameter/main.c */
    182183
    183184
     
    202203                                   If we win the election, we must disconnect the initiated connection and send a CEA on the other => we go to OPEN state.
    203204                                   If we lose, we disconnect the other connection (receiver) and fallback to WAITCEA state. */
     205        STATE_OPEN_HANDSHAKE,   /* TLS Handshake and validation are in progress in open state */
    204206       
    205207        /* Failover state machine */
     
    211213#define STATE_MAX STATE_ZOMBIE
    212214};
    213 extern const char *peer_state_str[];
     215extern const char *peer_state_str[]; /* defined in freeDiameter/p_psm.c */
    214216#define STATE_STR(state) \
    215217        (((unsigned)(state)) <= STATE_MAX ? peer_state_str[((unsigned)(state)) ] : "<Invalid>")
     
    245247                unsigned        exp :1;
    246248               
    247                 /* Following flags are read-only and received from remote peer */
    248                 #define PI_INB_NONE     1       /* Remote peer advertised inband-sec-id 0 (None) */
    249                 #define PI_INB_TLS      2       /* Remote peer advertised inband-sec-id 1 (TLS) */
    250                 unsigned        inband :2;      /* This is only meaningful with pi_flags.sec == 3 */
     249                unsigned        inband_none :1; /* This is only meaningful with pi_flags.sec == 3 */
     250                unsigned        inband_tls  :1; /* This is only meaningful with pi_flags.sec == 3 */
    251251               
    252252                unsigned        relay :1;       /* The remote peer advertized the relay application */
     
    338338 * !0   : An error occurred.
    339339 */
    340 int fd_peer_validate_register ( int (*peer_validate)(struct peer_info * /* info */, int * /* auth */) );
     340int fd_peer_validate_register ( int (*peer_validate)(struct peer_info * /* info */, int * /* auth */, int (**cb2)(struct peer_info *)) );
    341341/*
    342342 * CALLBACK:    peer_validate
     
    345345 *   info     : Structure containing information about the peer attempting the connection.
    346346 *   auth     : Store there the result if the peer is accepted (1), rejected (-1), or unknown (0).
     347 *   cb2      : If != NULL and in case of PI_SEC_TLS_OLD, another callback to call after handshake (if auth = 1).
    347348 *
    348349 * DESCRIPTION:
    349350 *   This callback is called when a new connection is being established from an unknown peer,
    350  *  after the CER is received. An extension must register such callback with peer_validate_register.
     351 * after the CER is received. An extension must register such callback with peer_validate_register.
     352 *
     353 *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) the extension may instruct the daemon explicitely
     354 * to not use TLS by clearing info->pi_flags.inband_tls -- only if inband_none is set.
     355 *
     356 *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) and info->pi_flags.inband_tls is set,
     357 * the extension may also need to check the credentials provided during the TLS
     358 * exchange (remote certificate). For this purpose, it may set the address of a new callback
     359 * to be called once the handshake is completed. This new callback receives the information
     360 * structure as parameter (with pi_sec_data set) and returns 0 if the credentials are correct,
     361 * or an error code otherwise. If the error code is received, the connection is closed and the
     362 * peer is destroyed.
    351363 *
    352364 * RETURN VALUE:
Note: See TracChangeset for help on using the changeset viewer.