Changeset 37:cc3c59fe98fe in freeDiameter for include
- Timestamp:
- Nov 5, 2009, 2:28:46 PM (15 years ago)
- Branch:
- default
- Phase:
- public
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
include/freeDiameter/freeDiameter.h
r36 r37 277 277 (((unsigned)(state)) <= STATE_MAX ? peer_state_str[((unsigned)(state)) ] : "<Invalid>") 278 278 279 /* Information about a remote peer . Same structure is used for creating a new entry, but not all fields are meaningful in that case*/279 /* Information about a remote peer */ 280 280 struct peer_info { 281 281 282 char * pi_diamid; /* UTF-8, \0 terminated. The Diameter Identity of the remote peer */ 283 char * pi_realm; /* Its realm, as received in CER/CEA exchange. */ 282 char * pi_diamid; /* UTF-8, \0 terminated. The Diameter Identity of the remote peer. */ 284 283 285 284 struct { 286 #define PI_P3_DEFAULT 0 /* Use the default L3 protocol configured for the host */ 287 #define PI_P3_IP 1 /* Use only IP to connect to this peer */ 288 #define PI_P3_IPv6 2 /* resp, IPv6 */ 289 unsigned pro3 :2; 290 291 #define PI_P4_DEFAULT 0 /* Use the default L4 proto configured for the host */ 292 #define PI_P4_TCP 1 /* Only use TCP */ 293 #define PI_P4_SCTP 2 /* Only use SCTP */ 294 unsigned pro4 :2; 295 296 #define PI_ALGPREF_SCTP 0 /* SCTP is initially attempted */ 297 #define PI_ALGPREF_TCP 1 /* TCP is initially attempted */ 298 unsigned alg :1; 299 300 #define PI_SEC_DEFAULT 0 /* New TLS security (dedicated port protecting also CER/CEA) */ 301 #define PI_SEC_NONE 1 /* Transparent security with this peer (IPsec) */ 302 #define PI_SEC_TLS_OLD 2 /* Old TLS security (inband on default port) */ 303 unsigned sec :2; 304 305 #define PI_EXP_NONE 0 /* the peer entry does not expire */ 306 #define PI_EXP_INACTIVE 1 /* the peer entry expires (i.e. is deleted) after pi_lft seconds without activity */ 307 unsigned exp :1; 308 309 #define PI_PRST_NONE 0 /* the peer entry is deleted after disconnection / error */ 310 #define PI_PRST_ALWAYS 1 /* the peer entry is persistant (will be kept as ZOMBIE in case of error) */ 311 unsigned persist :1; 312 313 unsigned inband_none :1; /* This is only meaningful with pi_flags.sec == 3 */ 314 unsigned inband_tls :1; /* This is only meaningful with pi_flags.sec == 3 */ 315 316 unsigned relay :1; /* The remote peer advertized the relay application */ 317 318 } pi_flags; /* Some flags */ 319 320 /* Additional parameters */ 321 uint32_t pi_lft; /* lifetime of this peer when inactive (see pi_flags.exp definition) */ 322 uint16_t pi_port; /* port to connect to. 0: default. */ 323 int pi_tctimer; /* use this value for TcTimer instead of global, if != 0 */ 324 int pi_twtimer; /* use this value for TwTimer instead of global, if != 0 */ 285 struct { 286 #define PI_P3_DEFAULT 0 /* Use any available protocol */ 287 #define PI_P3_IP 1 /* Use only IP to connect to this peer */ 288 #define PI_P3_IPv6 2 /* resp, IPv6 */ 289 unsigned pro3 :2; 290 291 #define PI_P4_DEFAULT 0 /* Attempt any available protocol */ 292 #define PI_P4_TCP 1 /* Only use TCP */ 293 #define PI_P4_SCTP 2 /* Only use SCTP */ 294 unsigned pro4 :2; 295 296 #define PI_ALGPREF_SCTP 0 /* SCTP is attempted first (default) */ 297 #define PI_ALGPREF_TCP 1 /* TCP is attempted first */ 298 unsigned alg :1; 299 300 #define PI_SEC_DEFAULT 0 /* New TLS security (handshake after connection, protecting also CER/CEA) */ 301 #define PI_SEC_NONE 1 /* Transparent security with this peer (IPsec) */ 302 #define PI_SEC_TLS_OLD 2 /* Old TLS security (use Inband-Security-Id AVP during CER/CEA) */ 303 unsigned sec :2; /* Set sec = 3 to authorize use of (Inband-Security-Id == NONE) with this peer, sec = 2 only authorizing TLS */ 304 305 #define PI_EXP_NONE 0 /* the peer entry does not expire */ 306 #define PI_EXP_INACTIVE 1 /* the peer entry expires (i.e. is deleted) after pi_lft seconds without activity */ 307 unsigned exp :1; 308 309 #define PI_PRST_NONE 0 /* the peer entry is deleted after disconnection / error */ 310 #define PI_PRST_ALWAYS 1 /* the peer entry is persistant (will be kept as ZOMBIE in case of error) */ 311 unsigned persist :1; 312 313 } pic_flags; /* Flags influencing the connection to the remote peer */ 314 315 char * pic_realm; /* If configured, the daemon will match the received realm in CER/CEA matches this. */ 316 uint16_t pic_port; /* port to connect to. 0: default. */ 317 318 uint32_t pic_lft; /* lifetime of this peer when inactive (see pic_flags.exp definition) */ 319 int pic_tctimer; /* use this value for TcTimer instead of global, if != 0 */ 320 int pic_twtimer; /* use this value for TwTimer instead of global, if != 0 */ 321 322 char * pic_priority; /* Priority string for GnuTLS if we don't use the default */ 323 324 } config; /* Configured data (static for this peer entry) */ 325 326 struct { 327 328 enum peer_state pir_state; /* Current state of the peer in the state machine */ 329 330 char * pir_realm; /* The received realm in CER/CEA. */ 331 332 uint32_t pir_vendorid; /* Content of the Vendor-Id AVP, or 0 by default */ 333 uint32_t pir_orstate; /* Origin-State-Id value */ 334 char * pir_prodname; /* copy of UTF-8 Product-Name AVP (\0 terminated) */ 335 uint32_t pir_firmrev; /* Content of the Firmware-Revision AVP */ 336 int pir_relay; /* The remote peer advertized the relay application */ 337 struct fd_list pir_apps; /* applications advertised by the remote peer, except relay (pi_flags.relay) */ 338 339 int pir_proto; /* The L4 protocol currently used with the peer (IPPROTO_TCP or IPPROTO_SCTP) */ 340 const gnutls_datum_t *pir_cert_list; /* The (valid) credentials that the peer has presented, or NULL if TLS is not used */ 341 /* This is inspired from http://www.gnu.org/software/gnutls/manual/gnutls.html#ex_003ax509_002dinfo 342 see there for example of using this data */ 343 unsigned int pir_cert_list_size; /* Number of certificates in the list */ 344 345 } runtime; /* Data populated after connection, may change between 2 connections -- not used by fd_peer_add */ 325 346 326 347 struct fd_list pi_endpoints; /* Endpoint(s) of the remote peer (configured, discovered, or advertized). list of struct fd_endpoint. DNS resolved if empty. */ 327 328 /* The remaining information must not be modified, and is not used for peer creation */329 enum peer_state pi_state;330 uint32_t pi_vendorid; /* Content of the Vendor-Id AVP, or 0 by default */331 uint32_t pi_orstate; /* Origin-State-Id value */332 char * pi_prodname; /* copy of UTF-8 Product-Name AVP (\0 terminated) */333 uint32_t pi_firmrev; /* Content of the Firmware-Revision AVP */334 struct fd_list pi_apps; /* applications advertised by the remote peer, except relay (pi_flags.relay) */335 struct {336 char *priority; /* In case the default priority is not appropriate */337 /* This is inspired from http://www.gnu.org/software/gnutls/manual/gnutls.html#ex_003ax509_002dinfo see there for example of using this data */338 const gnutls_datum_t *cert_list; /* The (valid) credentials that the peer has presented */339 unsigned int cert_list_size;/* Number of certificates in the list */340 } pi_sec_data;341 348 }; 342 349
Note: See TracChangeset
for help on using the changeset viewer.