Changeset 706:4ffbc9f1e922 in freeDiameter for libfdcore/config.c

Timestamp:

Feb 9, 2011, 3:26:58 PM (13 years ago)

Author:

Sebastien Decugis <sdecugis@nict.go.jp>

Branch:

default

Phase:

public

Message:

Large UNTESTED commit with the following changes:

• Improved DiameterIdentity? handling (esp. interationalization issues), and improve efficiency of some string operations in peers, sessions, and dictionary modules (closes #7)
• Cleanup in the session module to free only unreferenced sessions (#16)
• Removed fd_cpu_flush_cache(), replaced by more robust alternatives.
• Improved peer state machine algorithm to counter SCTP multistream race condition.

File:

• libfdcore/config.c (modified) (5 diffs)

libfdcore/config.c

@@ -146 +146 @@
 {
         extern FILE * fddin;
+        char * orig = NULL;
         
         /* Attempt to find the configuration file */
@@ -154 +155 @@
         if ((fddin == NULL) && (*fd_g_config->cnf_file != '/')) {
                 /* We got a relative path, attempt to add the default directory prefix */
-                char * bkp = fd_g_config->cnf_file;
-                CHECK_MALLOC( fd_g_config->cnf_file = malloc(strlen(bkp) + strlen(DEFAULT_CONF_PATH) + 2) ); /* we will not free it, but not important */
-                sprintf( fd_g_config->cnf_file, DEFAULT_CONF_PATH "/%s", bkp );
+                orig = fd_g_config->cnf_file;
+                CHECK_MALLOC( fd_g_config->cnf_file = malloc(strlen(orig) + strlen(DEFAULT_CONF_PATH) + 2) ); /* we will not free it, but not important */
+                sprintf( fd_g_config->cnf_file, DEFAULT_CONF_PATH "/%s", orig );
                 fddin = fopen(fd_g_config->cnf_file, "r");
         }
         if (fddin == NULL) {
                 int ret = errno;
-                fprintf(stderr, "Unable to open configuration file %s for reading: %s\n", fd_g_config->cnf_file, strerror(ret));
+                if (orig) {
+                        fprintf(stderr, "Unable to open configuration file for reading\n"
+                                        "Tried the following locations:\n"
+                                        " - %s\n"
+                                        " - %s\n"
+                                        "Error: %s\n", orig, fd_g_config->cnf_file, strerror(ret));
+                } else {
+                        fprintf(stderr, "Unable to open '%s' for reading: %s\n", fd_g_config->cnf_file, strerror(ret));
+                }
                 return ret;
         }
@@ -178 +187 @@
         }
         
+        /* If the CA is not provided, let's use the same file (assuming self-signed certificate) */
+        if (! fd_g_config->cnf_sec_data.ca_file) {
+                CHECK_MALLOC( fd_g_config->cnf_sec_data.ca_file = strdup(fd_g_config->cnf_sec_data.cert_file) );
+                CHECK_GNUTLS_DO( fd_g_config->cnf_sec_data.ca_file_nr += gnutls_certificate_set_x509_trust_file( 
+                                        fd_g_config->cnf_sec_data.credentials,
+                                        fd_g_config->cnf_sec_data.ca_file,
+                                        GNUTLS_X509_FMT_PEM),
+                                { 
+                                        TRACE_DEBUG(INFO, "Unable to use the local certificate as trusted security anchor (CA), please provide a valid TLS_CA='...' directive.");
+                                        return EINVAL;
+                                } );
+        }
+        
+        
         /* Resolve hostname if not provided */
         if (fd_g_config->cnf_diamid == NULL) {
-#ifndef HOST_NAME_MAX
-#define HOST_NAME_MAX 1024
-#endif /* HOST_NAME_MAX */
                 char buf[HOST_NAME_MAX + 1];
                 struct addrinfo hints, *info;
@@ -202 +222 @@
                         return EINVAL;
                 }
-                CHECK_MALLOC( fd_g_config->cnf_diamid = strdup(info->ai_canonname) );
+                fd_g_config->cnf_diamid = info->ai_canonname;
+                CHECK_FCT( fd_os_validate_DiameterIdentity(&fd_g_config->cnf_diamid, &fd_g_config->cnf_diamid_len, 1) );
                 freeaddrinfo(info);
-        }
-        
-        /* cache the length of the diameter id for the session module */
-        fd_g_config->cnf_diamid_len = strlen(fd_g_config->cnf_diamid);
+        } else {
+                CHECK_FCT( fd_os_validate_DiameterIdentity(&fd_g_config->cnf_diamid, &fd_g_config->cnf_diamid_len, 0) );
+        }
         
         /* Handle the realm part */
@@ -220 +240 @@
                                         fd_g_config->cnf_diamid);
                         return EINVAL;
-                }               
-                
-                CHECK_MALLOC( fd_g_config->cnf_diamrlm = strdup( start + 1 )  ); 
-        }
-        fd_g_config->cnf_diamrlm_len = strlen(fd_g_config->cnf_diamrlm);
+                }
+                
+                fd_g_config->cnf_diamrlm = start + 1;
+                CHECK_FCT( fd_os_validate_DiameterIdentity(&fd_g_config->cnf_diamrlm, &fd_g_config->cnf_diamrlm_len, 1) );
+        } else {
+                CHECK_FCT( fd_os_validate_DiameterIdentity(&fd_g_config->cnf_diamrlm, &fd_g_config->cnf_diamrlm_len, 0) );
+        }
         
         /* Validate some flags */