Navigation


Ignore:
Timestamp:
Nov 25, 2009, 7:07:09 PM (14 years ago)
Author:
Sebastien Decugis <sdecugis@nict.go.jp>
Branch:
default
Phase:
public
Message:

Added a large part of connection establishment logic, to test

File:
1 edited

Legend:

Unmodified
Added
Removed

  • include/freeDiameter/freeDiameter.h

    r42 r43  
    336336                int             pir_relay;      /* The remote peer advertized the relay application */
    337337                struct fd_list  pir_apps;       /* applications advertised by the remote peer, except relay (pi_flags.relay) */
     338                int             pir_isi;        /* Inband-Security-Id advertised (PI_SEC_* bits) */
    338339               
    339340                int             pir_proto;      /* The L4 protocol currently used with the peer (IPPROTO_TCP or IPPROTO_SCTP) */
     
    423424 * after the CER is received. An extension must register such callback with peer_validate_register.
    424425 *
    425  *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) the extension may instruct the daemon explicitely
    426  * to not use TLS by clearing info->pi_flags.inband_tls -- only if inband_none is set.
    427  *
    428  *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) and info->pi_flags.inband_tls is set,
     426 *   The callback can learn if the peer has sent Inband-Security-Id AVPs in runtime.pir_isi fields.
     427 * It can also learn if a handshake has already been performed in runtime.pir_cert_list field.
     428 * The callback must set the value of config.pic_flags.sec appropriately to allow a connection without TLS.
     429 *
     430 *   If the old TLS mechanism is used,
    429431 * the extension may also need to check the credentials provided during the TLS
    430432 * exchange (remote certificate). For this purpose, it may set the address of a new callback
    431433 * to be called once the handshake is completed. This new callback receives the information
    432  * structure as parameter (with pi_sec_data set) and returns 0 if the credentials are correct,
     434 * structure as parameter (with pir_cert_list set) and returns 0 if the credentials are correct,
    433435 * or an error code otherwise. If the error code is received, the connection is closed and the
    434436 * peer is destroyed.
     
    545547void fd_ep_dump( int indent, struct fd_list * eps );
    546548
     549/***************************************/
     550/*   Applications lists helpers        */
     551/***************************************/
     552
     553int fd_app_merge(struct fd_list * list, application_id_t aid, vendor_id_t vid, int auth, int acct);
     554int fd_app_find_common(struct fd_list * target, struct fd_list * reference);
     555int fd_app_gotcommon(struct fd_list * apps);
     556
    547557#endif /* _FREEDIAMETER_H */
Note: See TracChangeset for help on using the changeset viewer.