Changeset 935:6072619402a3 in freeDiameter
- Timestamp:
- Mar 9, 2013, 11:43:33 PM (11 years ago)
- Branch:
- default
- Phase:
- public
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
include/freeDiameter/CMakeLists.txt
r933 r935 29 29 OPTION(DISABLE_PEER_EXPIRY "Disable RFC3539 Peers Connections Expiration after inactivity?" OFF) 30 30 31 32 MARK_AS_ADVANCED(DISABLE_SCTP DEBUG_SCTP SCTP_USE_MAPPED_ADDRESSES ERRORS_ON_TODO DIAMID_IDNA_IGNORE DIAMID_IDNA_REJECT DISABLE_PEER_EXPIRY) 31 # The following workaround increases compatibility with some implementations without breaking anything in freeDiameter, 32 # so it can be enabled without risk. We keep it disabled by default anyway for those people who use freeDiameter to check the 33 # compliancy of their implementation with the Diameter RFC... 34 OPTION(WORKAROUND_ACCEPT_INVALID_VSAI "Do not reject a CER/CEA with a Vendor-Specific-Application-Id AVP containing both Auth- and Acct- application AVPs?" OFF) 35 36 MARK_AS_ADVANCED(DISABLE_SCTP DEBUG_SCTP SCTP_USE_MAPPED_ADDRESSES ERRORS_ON_TODO DIAMID_IDNA_IGNORE DIAMID_IDNA_REJECT DISABLE_PEER_EXPIRY WORKAROUND_ACCEPT_INVALID_VSAI) 33 37 34 38 ######################## -
include/freeDiameter/freeDiameter-host.h.in
r933 r935 60 60 #cmakedefine DIAMID_IDNA_REJECT 61 61 #cmakedefine DISABLE_PEER_EXPIRY 62 #cmakedefine WORKAROUND_ACCEPT_INVALID_VSAI 62 63 #cmakedefine GNUTLS_VERSION_210 63 64 #cmakedefine GNUTLS_VERSION_300 -
libfdcore/p_ce.c
r837 r935 455 455 { 456 456 struct avp * inavp = NULL; 457 application_id_t aid = 0;458 457 vendor_id_t vid = 0; 459 int auth = 0; 460 int acct = 0; 458 application_id_t auth_aid = 0; 459 application_id_t acct_aid = 0; 460 int invalid=0; 461 461 462 462 /* get the first child AVP */ … … 482 482 switch (inhdr->avp_code) { 483 483 case AC_VENDOR_ID: /* Vendor-Id */ 484 if (vid != 0) 485 invalid++; /* We already had one such AVP */ 484 486 vid = inhdr->avp_value->u32; 485 487 break; 486 488 case AC_AUTH_APPLICATION_ID: /* Auth-Application-Id */ 487 aid = inhdr->avp_value->u32; 488 auth += 1; 489 if (auth_aid != 0) 490 invalid++; /* We already had one such AVP */ 491 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI 492 if (acct_aid != 0) 493 invalid++; /* Only 1 *-Application-Id AVP is allowed */ 494 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */ 495 auth_aid = inhdr->avp_value->u32; 489 496 break; 490 497 case AC_ACCT_APPLICATION_ID: /* Acct-Application-Id */ 491 aid = inhdr->avp_value->u32; 492 acct += 1; 498 if (acct_aid != 0) 499 invalid++; /* We already had one such AVP */ 500 #ifndef WORKAROUND_ACCEPT_INVALID_VSAI 501 if (auth_aid != 0) 502 invalid++; /* Only 1 *-Application-Id AVP is allowed */ 503 #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */ 504 acct_aid = inhdr->avp_value->u32; 493 505 break; 494 506 /* ignore other AVPs */ 507 } 508 509 if (invalid) { 510 TRACE_DEBUG(FULL, "Invalid Vendor-Specific-Application-Id AVP received, ignored"); 511 fd_msg_dump_one(FULL, avp); 512 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE"; 513 error->pei_avp = avp; 514 return EINVAL; 495 515 } 496 516 … … 500 520 } 501 521 502 if (auth + acct != 1) { 503 TRACE_DEBUG(FULL, "Invalid Vendor-Specific-Application-Id AVP received, ignored"); 504 fd_msg_dump_one(FULL, avp); 505 error->pei_errcode = "DIAMETER_INVALID_AVP_VALUE"; 506 error->pei_avp = avp; 507 return EINVAL; 508 } else { 509 /* Add an entry in the list */ 510 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, aid, vid, auth, acct) ); 522 /* Add entry in the list */ 523 if (auth_aid) { 524 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, auth_aid, vid, 1, 0) ); 525 } 526 if (acct_aid) { 527 CHECK_FCT( fd_app_merge(&peer->p_hdr.info.runtime.pir_apps, acct_aid, vid, 0, 1) ); 511 528 } 512 529 }
Note: See TracChangeset
for help on using the changeset viewer.