Navigation

Changeset 1540:407e0a889c7e in freeDiameter for libfdcore


Ignore:
Timestamp:
May 1, 2020, 5:20:33 PM (4 years ago)
Author:
Luke Mewburn <luke@mewburn.net>
Branch:
default
Phase:
public
Message:

SCTP ConnectPeer?: sctp_bindx() to local endpoints

When connecting to an SCTP peer using sctp_connectx() with local
addresses configured with ListenOn?, bind to the ListenOn? addresses
using sctp_bindx() so that the SCTP INIT only contains the
configured local addresses, matching what is advertised in the CER,
and disable SCTP_AUTO_ASCONF.

If no local addresses are configured with ListenOn?, the previous
behaviour of sctp_connectx() and enable SCTP_AUTO_ASCONF is used.

Location:
libfdcore
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • libfdcore/cnxctx.c

    r1419 r1540  
    331331}
    332332
    333 /* Same for SCTP, accepts a list of remote addresses to connect to (see sctp_connectx for how they are used) */
    334 struct cnxctx * fd_cnx_cli_connect_sctp(int no_ip6, uint16_t port, struct fd_list * list)
     333/* Same for SCTP, accepts a list of remote addresses to connect to (see sctp_connectx for how they are used).
     334 * If src_list is not NULL and not empty, list of local addresses to connect from via sctp_bindx(). */
     335struct cnxctx * fd_cnx_cli_connect_sctp(int no_ip6, uint16_t port, struct fd_list * list, struct fd_list * src_list)
    335336{
    336337#ifdef DISABLE_SCTP
     
    345346        sSS primary;
    346347
    347         TRACE_ENTRY("%p", list);
     348        TRACE_ENTRY("%p %p", list, src_list);
    348349        CHECK_PARAMS_DO( list && !FD_IS_LIST_EMPTY(list), return NULL );
    349350
     351        /* Log SCTP association source and destination endpoints */
     352        {
     353                char * buf = NULL;
     354                size_t len = 0, offset = 0;
     355                CHECK_MALLOC_DO( fd_dump_extend( &buf, &len, &offset, "Connecting SCTP endpoints"), );
     356                CHECK_MALLOC_DO( fd_dump_extend( &buf, &len, &offset, " source: "), );
     357                if (src_list && !FD_IS_LIST_EMPTY(src_list)) {
     358                        CHECK_MALLOC_DO( fd_ep_dump( &buf, &len, &offset, 0, 0, src_list ), );
     359                } else {
     360                        CHECK_MALLOC_DO( fd_dump_extend( &buf, &len, &offset, "(ANY)"), );
     361                }
     362                CHECK_MALLOC_DO( fd_dump_extend( &buf, &len, &offset, ", destination: "), );
     363                CHECK_MALLOC_DO( fd_ep_dump( &buf, &len, &offset, 0, 0, list ), );
     364                LOG_D("%s", buf ?: "Error determining SCTP endpoints");
     365                free(buf);
     366        }
     367
    350368        fd_sa_sdump_numeric(sa_buf, &((struct fd_endpoint *)(list->next))->sa);
    351369
     
    353371
    354372        {
    355                 int ret = fd_sctp_client( &sock, no_ip6, port, list );
     373                int ret = fd_sctp_client( &sock, no_ip6, port, list, src_list );
    356374                if (ret != 0) {
    357375                        LOG_D("SCTP connection to [%s,...] failed: %s", sa_buf, strerror(ret));

  • libfdcore/cnxctx.h

    r1421 r1540  
    118118int fd_sctp_create_bind_server( int * sock, int family, struct fd_list * list, uint16_t port );
    119119int fd_sctp_listen( int sock );
    120 int fd_sctp_client( int *sock, int no_ip6, uint16_t port, struct fd_list * list );
     120int fd_sctp_client( int *sock, int no_ip6, uint16_t port, struct fd_list * list, struct fd_list * src_list );
    121121int fd_sctp_get_local_ep(int sock,  struct fd_list * list);
    122122int fd_sctp_get_remote_ep(int sock, struct fd_list * list);

  • libfdcore/config.c

    r1415 r1540  
    148148        CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "          - Pref. proto .. : %s\n", fd_g_config->cnf_flags.pr_tcp ? "TCP" : "SCTP"), return NULL);
    149149        CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "          - TLS method ... : %s\n", fd_g_config->cnf_flags.tls_alg ? "INBAND" : "Separate port"), return NULL);
     150        CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "          - Client bind .. : %s\n", fd_g_config->cnf_flags.no_bind ? "DISABLED" : "Enabled"), return NULL);
    150151       
    151152        CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "  TLS :   - Certificate .. : %s\n", fd_g_config->cnf_sec_data.cert_file ?: "(NONE)"), return NULL);
     
    352353       
    353354        /* Validate local endpoints */
    354         if ((!FD_IS_LIST_EMPTY(&fd_g_config->cnf_endpoints)) && (fd_g_config->cnf_flags.no_ip4 || fd_g_config->cnf_flags.no_ip6)) {
     355        fd_g_config->cnf_flags.no_bind = FD_IS_LIST_EMPTY(&fd_g_config->cnf_endpoints);
     356        if ((!fd_g_config->cnf_flags.no_bind) && (fd_g_config->cnf_flags.no_ip4 || fd_g_config->cnf_flags.no_ip6)) {
    355357                struct fd_list * li;
    356358                for ( li = fd_g_config->cnf_endpoints.next; li != &fd_g_config->cnf_endpoints; li = li->next) {

  • libfdcore/fdcore-internal.h

    r1397 r1540  
    343343struct cnxctx * fd_cnx_serv_accept(struct cnxctx * serv);
    344344struct cnxctx * fd_cnx_cli_connect_tcp(sSA * sa, socklen_t addrlen);
    345 struct cnxctx * fd_cnx_cli_connect_sctp(int no_ip6, uint16_t port, struct fd_list * list);
     345struct cnxctx * fd_cnx_cli_connect_sctp(int no_ip6, uint16_t port, struct fd_list * list, struct fd_list * src_list);
    346346int             fd_cnx_start_clear(struct cnxctx * conn, int loop);
    347347void            fd_cnx_sethostname(struct cnxctx * conn, DiamId_t hn);

  • libfdcore/p_cnx.c

    r1203 r1540  
    262262                switch (nc->proto) {
    263263                        case IPPROTO_TCP:
     264/* TODO: use no_bind and first of cnf_endpoints of nc->ss.sa_family ? */
    264265                                cnx = fd_cnx_cli_connect_tcp((sSA *)&nc->ss, sSAlen(&nc->ss));
    265266                                break;
     
    267268                        case IPPROTO_SCTP:
    268269                                cnx = fd_cnx_cli_connect_sctp((peer->p_hdr.info.config.pic_flags.pro3 == PI_P3_IP) ? 1 : fd_g_config->cnf_flags.no_ip6,
    269                                                         nc->port, &peer->p_hdr.info.pi_endpoints);
     270                                                        nc->port, &peer->p_hdr.info.pi_endpoints,
     271                                                        fd_g_config->cnf_flags.no_bind ? NULL : &fd_g_config->cnf_endpoints);
    270272                                break;
    271273#endif /* DISABLE_SCTP */

  • libfdcore/sctp.c

    r1495 r1540  
    870870
    871871/* Create a client socket and connect to remote server */
    872 int fd_sctp_client( int *sock, int no_ip6, uint16_t port, struct fd_list * list )
     872int fd_sctp_client( int *sock, int no_ip6, uint16_t port, struct fd_list * list, struct fd_list * src_list )
    873873{
    874874        int family;
     
    880880        int count = 0;
    881881        int ret;
     882        int bind_default = 1;   /* enable ASCONF in postbind */
    882883       
    883884        sar.buf = NULL;
    884885       
    885         TRACE_ENTRY("%p %i %hu %p", sock, no_ip6, port, list);
     886        TRACE_ENTRY("%p %i %hu %p %p", sock, no_ip6, port, list, src_list);
    886887        CHECK_PARAMS( sock && list && (!FD_IS_LIST_EMPTY(list)) );
     888        CHECK_PARAMS( !src_list || (src_list && (!FD_IS_LIST_EMPTY(src_list))) );
    887889       
    888890        if (no_ip6) {
     
    900902        /* Set the socket options */
    901903        CHECK_FCT_DO( ret = fd_setsockopt_prebind(*sock), goto out );
    902        
     904
     905        /* Bind to explicit source addresses if requested */
     906        if (src_list && !FD_IS_LIST_EMPTY(src_list)) {
     907                sSA * bindsar = NULL; /* array of addresses */
     908                size_t sz = 0; /* size of the array */
     909                int sarcount = 0; /* number of sock addr in the array */
     910
     911                /* Create the array of configured addresses */
     912                CHECK_FCT_DO( ret = add_addresses_from_list_mask((void *)&bindsar, &sz, &sarcount, family, 0, src_list, EP_FL_CONF, EP_FL_CONF), goto out );
     913
     914                if (sarcount) {
     915                        LOG_A("Bind to local SCTP endpoints (%d addresses attempted) ", sarcount);
     916
     917                        CHECK_SYS_DO( ret = sctp_bindx(*sock, bindsar, sarcount, SCTP_BINDX_ADD_ADDR), goto out );
     918                }
     919
     920                /* Disable ASCONF option in postbind */
     921                bind_default = 0;
     922
     923                /* We don't need bindsar anymore */
     924                free(bindsar);
     925        }
     926
    903927        /* Create the array of addresses, add first the configured addresses, then the discovered, then the other ones */
    904928        CHECK_FCT_DO( ret = add_addresses_from_list_mask(&sar.buf, &size, &count, family, htons(port), list, EP_FL_CONF,              EP_FL_CONF        ), goto out );
     
    945969       
    946970        /* Set the remaining sockopts */
    947         CHECK_FCT_DO( ret = fd_setsockopt_postbind(*sock, 1),
     971        CHECK_FCT_DO( ret = fd_setsockopt_postbind(*sock, bind_default),
    948972                {
    949973                        CHECK_SYS_DO( shutdown(*sock, SHUT_RDWR), /* continue */ );
Note: See TracChangeset for help on using the changeset viewer.