694 lines
24 KiB
C
694 lines
24 KiB
C
/*********************************************************************************************************
|
|
* Software License Agreement (BSD License) *
|
|
* Author: Sebastien Decugis <sdecugis@freediameter.net> *
|
|
* *
|
|
* Copyright (c) 2013, WIDE Project and NICT *
|
|
* All rights reserved. *
|
|
* *
|
|
* Redistribution and use of this software in source and binary forms, with or without modification, are *
|
|
* permitted provided that the following conditions are met: *
|
|
* *
|
|
* * Redistributions of source code must retain the above *
|
|
* copyright notice, this list of conditions and the *
|
|
* following disclaimer. *
|
|
* *
|
|
* * Redistributions in binary form must reproduce the above *
|
|
* copyright notice, this list of conditions and the *
|
|
* following disclaimer in the documentation and/or other *
|
|
* materials provided with the distribution. *
|
|
* *
|
|
* * Neither the name of the WIDE Project or NICT nor the *
|
|
* names of its contributors may be used to endorse or *
|
|
* promote products derived from this software without *
|
|
* specific prior written permission of WIDE Project and *
|
|
* NICT. *
|
|
* *
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
|
|
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
|
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
|
|
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
|
|
* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
|
|
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
|
|
*********************************************************************************************************/
|
|
|
|
#include "fdcore-internal.h"
|
|
|
|
/* Global list of peers */
|
|
struct fd_list fd_g_peers = FD_LIST_INITIALIZER(fd_g_peers);
|
|
pthread_rwlock_t fd_g_peers_rw = PTHREAD_RWLOCK_INITIALIZER;
|
|
|
|
/* List of active peers */
|
|
struct fd_list fd_g_activ_peers = FD_LIST_INITIALIZER(fd_g_activ_peers); /* peers linked by their p_actives oredered by p_diamid */
|
|
pthread_rwlock_t fd_g_activ_peers_rw = PTHREAD_RWLOCK_INITIALIZER;
|
|
|
|
/* List of validation callbacks (registered with fd_peer_validate_register) */
|
|
static struct fd_list validators = FD_LIST_INITIALIZER(validators); /* list items are simple fd_list with "o" pointing to the callback */
|
|
static pthread_rwlock_t validators_rw = PTHREAD_RWLOCK_INITIALIZER;
|
|
|
|
|
|
/* Alloc / reinit a peer structure. if *ptr is not NULL, it must already point to a valid struct fd_peer. */
|
|
int fd_peer_alloc(struct fd_peer ** ptr)
|
|
{
|
|
struct fd_peer *p;
|
|
|
|
TRACE_ENTRY("%p", ptr);
|
|
CHECK_PARAMS(ptr);
|
|
|
|
if (*ptr) {
|
|
p = *ptr;
|
|
} else {
|
|
CHECK_MALLOC( p = malloc(sizeof(struct fd_peer)) );
|
|
*ptr = p;
|
|
}
|
|
|
|
/* Now initialize the content */
|
|
memset(p, 0, sizeof(struct fd_peer));
|
|
|
|
fd_list_init(&p->p_hdr.chain, p);
|
|
|
|
fd_list_init(&p->p_hdr.info.pi_endpoints, p);
|
|
fd_list_init(&p->p_hdr.info.runtime.pir_apps, p);
|
|
|
|
p->p_eyec = EYEC_PEER;
|
|
CHECK_POSIX( pthread_mutex_init(&p->p_state_mtx, NULL) );
|
|
|
|
fd_list_init(&p->p_actives, p);
|
|
fd_list_init(&p->p_expiry, p);
|
|
CHECK_FCT( fd_fifo_new(&p->p_tosend, 5) );
|
|
CHECK_FCT( fd_fifo_new(&p->p_tofailover, 0) );
|
|
p->p_hbh = lrand48();
|
|
|
|
fd_list_init(&p->p_sr.srs, p);
|
|
fd_list_init(&p->p_sr.exp, p);
|
|
CHECK_POSIX( pthread_mutex_init(&p->p_sr.mtx, NULL) );
|
|
CHECK_POSIX( pthread_cond_init(&p->p_sr.cnd, NULL) );
|
|
|
|
fd_list_init(&p->p_connparams, p);
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Add a new peer entry */
|
|
int fd_peer_add ( struct peer_info * info, const char * orig_dbg, void (*cb)(struct peer_info *, void *), void * cb_data )
|
|
{
|
|
struct fd_peer *p = NULL;
|
|
struct fd_list * li, *li_inf;
|
|
int ret = 0;
|
|
|
|
TRACE_ENTRY("%p %p %p %p", info, orig_dbg, cb, cb_data);
|
|
CHECK_PARAMS(info && info->pi_diamid);
|
|
|
|
if (info->config.pic_realm) {
|
|
if (!fd_os_is_valid_DiameterIdentity((os0_t)info->config.pic_realm, strlen(info->config.pic_realm))) {
|
|
TRACE_DEBUG(INFO, "'%s' is not a valid DiameterIdentity.", info->config.pic_realm);
|
|
return EINVAL;
|
|
}
|
|
}
|
|
|
|
/* Create a structure to contain the new peer information */
|
|
CHECK_FCT( fd_peer_alloc(&p) );
|
|
|
|
/* Copy the informations from the parameters received */
|
|
p->p_hdr.info.pi_diamid = info->pi_diamid;
|
|
CHECK_FCT( fd_os_validate_DiameterIdentity(&p->p_hdr.info.pi_diamid, &p->p_hdr.info.pi_diamidlen, 1) );
|
|
|
|
memcpy( &p->p_hdr.info.config, &info->config, sizeof(p->p_hdr.info.config) );
|
|
|
|
/* Duplicate the strings if provided */
|
|
if (info->config.pic_realm) {
|
|
CHECK_MALLOC( p->p_hdr.info.config.pic_realm = strdup(info->config.pic_realm) );
|
|
}
|
|
if (info->config.pic_priority) {
|
|
CHECK_MALLOC( p->p_hdr.info.config.pic_priority = strdup(info->config.pic_priority) );
|
|
}
|
|
|
|
/* Move the list of endpoints into the peer */
|
|
if (info->pi_endpoints.next)
|
|
while (!FD_IS_LIST_EMPTY( &info->pi_endpoints ) ) {
|
|
li = info->pi_endpoints.next;
|
|
fd_list_unlink(li);
|
|
fd_list_insert_before(&p->p_hdr.info.pi_endpoints, li);
|
|
}
|
|
|
|
/* The internal data */
|
|
if (orig_dbg) {
|
|
CHECK_MALLOC( p->p_dbgorig = strdup(orig_dbg) );
|
|
} else {
|
|
CHECK_MALLOC( p->p_dbgorig = strdup("unspecified") );
|
|
}
|
|
p->p_cb = cb;
|
|
p->p_cb_data = cb_data;
|
|
|
|
/* Ok, now check if we don't already have an entry with the same Diameter Id, and insert this one */
|
|
CHECK_POSIX( pthread_rwlock_wrlock(&fd_g_peers_rw) );
|
|
li_inf = &fd_g_peers;
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
struct fd_peer * next = (struct fd_peer *)li;
|
|
int cont;
|
|
int cmp = fd_os_almostcasesrch( p->p_hdr.info.pi_diamid, p->p_hdr.info.pi_diamidlen,
|
|
next->p_hdr.info.pi_diamid, next->p_hdr.info.pi_diamidlen,
|
|
&cont );
|
|
if (cmp > 0)
|
|
li_inf = li; /* it will come after this element, for sure */
|
|
|
|
if (cmp == 0) {
|
|
ret = EEXIST; /* we have a duplicate */
|
|
break;
|
|
}
|
|
if (!cont)
|
|
break;
|
|
}
|
|
|
|
/* We can insert the new peer object */
|
|
if (! ret)
|
|
do {
|
|
/* Update expiry list */
|
|
CHECK_FCT_DO( ret = fd_p_expi_update( p ), break );
|
|
|
|
/* Insert the new element in the list */
|
|
fd_list_insert_after( li_inf, &p->p_hdr.chain );
|
|
} while (0);
|
|
|
|
CHECK_POSIX( pthread_rwlock_unlock(&fd_g_peers_rw) );
|
|
if (ret) {
|
|
CHECK_FCT( fd_peer_free(&p) );
|
|
} else {
|
|
CHECK_FCT( fd_psm_begin(p) );
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
/* Search for a peer */
|
|
int fd_peer_getbyid( DiamId_t diamid, size_t diamidlen, int igncase, struct peer_hdr ** peer )
|
|
{
|
|
struct fd_list * li;
|
|
TRACE_ENTRY("%p %zd %d %p", diamid, diamidlen, igncase, peer);
|
|
CHECK_PARAMS( diamid && diamidlen && peer );
|
|
|
|
*peer = NULL;
|
|
|
|
/* Search in the list */
|
|
CHECK_POSIX( pthread_rwlock_rdlock(&fd_g_peers_rw) );
|
|
if (igncase) {
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
struct fd_peer * next = (struct fd_peer *)li;
|
|
int cmp, cont;
|
|
cmp = fd_os_almostcasesrch( diamid, diamidlen, next->p_hdr.info.pi_diamid, next->p_hdr.info.pi_diamidlen, &cont );
|
|
if (cmp == 0) {
|
|
*peer = &next->p_hdr;
|
|
break;
|
|
}
|
|
if (!cont)
|
|
break;
|
|
}
|
|
} else {
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
struct fd_peer * next = (struct fd_peer *)li;
|
|
int cmp = fd_os_cmp( diamid, diamidlen, next->p_hdr.info.pi_diamid, next->p_hdr.info.pi_diamidlen );
|
|
if (cmp > 0)
|
|
continue;
|
|
if (cmp == 0)
|
|
*peer = &next->p_hdr;
|
|
break;
|
|
}
|
|
}
|
|
CHECK_POSIX( pthread_rwlock_unlock(&fd_g_peers_rw) );
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
#define free_null( _v ) \
|
|
if (_v) { \
|
|
free(_v); \
|
|
(_v) = NULL; \
|
|
}
|
|
|
|
#define free_list( _l ) \
|
|
while (!FD_IS_LIST_EMPTY(_l)) { \
|
|
struct fd_list * __li = ((struct fd_list *)(_l))->next; \
|
|
fd_list_unlink(__li); \
|
|
free(__li); \
|
|
}
|
|
|
|
/* Empty the lists of p_tosend, p_failover, and p_sentreq messages */
|
|
void fd_peer_failover_msg(struct fd_peer * peer)
|
|
{
|
|
struct msg *m;
|
|
TRACE_ENTRY("%p", peer);
|
|
CHECK_PARAMS_DO(CHECK_PEER(peer), return);
|
|
|
|
/* Requeue all messages in the "out" queue */
|
|
while ( fd_fifo_tryget(peer->p_tosend, &m) == 0 ) {
|
|
/* but only if they are routable */
|
|
if (fd_msg_is_routable(m)) {
|
|
fd_hook_call(HOOK_MESSAGE_FAILOVER, m, peer, NULL, fd_msg_pmdl_get(m));
|
|
CHECK_FCT_DO(fd_fifo_post_noblock(fd_g_outgoing, (void *)&m),
|
|
{
|
|
/* fallback: destroy the message */
|
|
fd_hook_call(HOOK_MESSAGE_DROPPED, m, NULL, "Internal error: unable to requeue this message during failover process", fd_msg_pmdl_get(m));
|
|
CHECK_FCT_DO(fd_msg_free(m), /* What can we do more? */)
|
|
} );
|
|
} else {
|
|
/* Just free it */
|
|
/* fd_hook_call(HOOK_MESSAGE_DROPPED, m, NULL, "Non-routable message freed during handover", fd_msg_pmdl_get(m)); */
|
|
CHECK_FCT_DO(fd_msg_free(m), /* What can we do more? */)
|
|
}
|
|
}
|
|
|
|
/* Requeue all messages in the "failover" queue */
|
|
while ( fd_fifo_tryget(peer->p_tofailover, &m) == 0 ) {
|
|
fd_hook_call(HOOK_MESSAGE_FAILOVER, m, peer, NULL, fd_msg_pmdl_get(m));
|
|
CHECK_FCT_DO(fd_fifo_post_noblock(fd_g_outgoing, (void *)&m),
|
|
{
|
|
/* fallback: destroy the message */
|
|
fd_hook_call(HOOK_MESSAGE_DROPPED, m, NULL, "Internal error: unable to requeue this message during failover process", fd_msg_pmdl_get(m));
|
|
CHECK_FCT_DO(fd_msg_free(m), /* What can we do more? */)
|
|
} );
|
|
}
|
|
|
|
/* Requeue all routable sent requests */
|
|
fd_p_sr_failover(&peer->p_sr);
|
|
|
|
/* Done */
|
|
return;
|
|
}
|
|
|
|
/* Describe the current connection */
|
|
int fd_peer_cnx_proto_info(struct peer_hdr *peer, char * buf, size_t len)
|
|
{
|
|
struct fd_peer * p = (struct fd_peer *)peer;
|
|
TRACE_ENTRY("%p %p %zd", peer, buf, len);
|
|
CHECK_PARAMS(CHECK_PEER(peer) && buf && len);
|
|
|
|
if (p->p_cnxctx) {
|
|
CHECK_FCT(fd_cnx_proto_info(p->p_cnxctx, buf, len));
|
|
} else if (p->p_receiver) {
|
|
CHECK_FCT(fd_cnx_proto_info(p->p_receiver, buf, len));
|
|
} else {
|
|
snprintf(buf, len, "Not Connected");
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Return the value of srlist->cnt */
|
|
int fd_peer_get_load_pending(struct peer_hdr *peer, long * to_receive, long * to_send)
|
|
{
|
|
struct fd_peer * p = (struct fd_peer *)peer;
|
|
TRACE_ENTRY("%p %p %p", peer, to_receive, to_send);
|
|
CHECK_PARAMS(CHECK_PEER(peer));
|
|
|
|
if (to_receive) {
|
|
CHECK_POSIX( pthread_mutex_lock(&p->p_sr.mtx) );
|
|
*to_receive = p->p_sr.cnt;
|
|
CHECK_POSIX( pthread_mutex_unlock(&p->p_sr.mtx) );
|
|
}
|
|
if (to_send) {
|
|
CHECK_POSIX( pthread_mutex_lock(&p->p_state_mtx) );
|
|
*to_send = p->p_reqin_count;
|
|
CHECK_POSIX( pthread_mutex_unlock(&p->p_state_mtx) );
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
|
|
/* Destroy a structure once cleanups have been performed (fd_psm_abord, ...) */
|
|
int fd_peer_free(struct fd_peer ** ptr)
|
|
{
|
|
struct fd_peer *p;
|
|
|
|
TRACE_ENTRY("%p", ptr);
|
|
CHECK_PARAMS(ptr);
|
|
p = *ptr;
|
|
*ptr = NULL;
|
|
CHECK_PARAMS(p);
|
|
|
|
CHECK_PARAMS( FD_IS_LIST_EMPTY(&p->p_hdr.chain) );
|
|
|
|
free_null(p->p_hdr.info.pi_diamid);
|
|
|
|
free_null(p->p_hdr.info.config.pic_realm);
|
|
free_null(p->p_hdr.info.config.pic_priority);
|
|
|
|
free_null(p->p_hdr.info.runtime.pir_realm);
|
|
free_null(p->p_hdr.info.runtime.pir_prodname);
|
|
free_list( &p->p_hdr.info.runtime.pir_apps );
|
|
|
|
free_list( &p->p_hdr.info.pi_endpoints );
|
|
|
|
free_null(p->p_dbgorig);
|
|
|
|
fd_list_unlink(&p->p_expiry);
|
|
fd_list_unlink(&p->p_actives);
|
|
|
|
CHECK_FCT_DO( fd_fifo_del(&p->p_tosend), /* continue */ );
|
|
CHECK_FCT_DO( fd_fifo_del(&p->p_tofailover), /* continue */ );
|
|
CHECK_POSIX_DO( pthread_mutex_destroy(&p->p_state_mtx), /* continue */);
|
|
CHECK_POSIX_DO( pthread_mutex_destroy(&p->p_sr.mtx), /* continue */);
|
|
CHECK_POSIX_DO( pthread_cond_destroy(&p->p_sr.cnd), /* continue */);
|
|
|
|
/* If the callback is still around... */
|
|
if (p->p_cb)
|
|
(*p->p_cb)(NULL, p->p_cb_data);
|
|
|
|
/* Free the structure */
|
|
free(p);
|
|
return 0;
|
|
}
|
|
|
|
/* Terminate peer module (destroy all peers, first gently, then violently) */
|
|
int fd_peer_fini()
|
|
{
|
|
struct fd_list * li;
|
|
struct fd_list purge = FD_LIST_INITIALIZER(purge); /* Store zombie peers here */
|
|
int list_empty;
|
|
struct timespec wait_until, now;
|
|
|
|
TRACE_ENTRY();
|
|
|
|
CHECK_FCT_DO(fd_p_expi_fini(), /* continue */);
|
|
|
|
TRACE_DEBUG(INFO, "Sending terminate signal to all peer connections");
|
|
|
|
CHECK_FCT_DO( pthread_rwlock_wrlock(&fd_g_peers_rw), /* continue */ );
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
struct fd_peer * peer = (struct fd_peer *)li->o;
|
|
|
|
if (fd_peer_getstate(peer) != STATE_ZOMBIE) {
|
|
CHECK_FCT_DO( fd_psm_terminate(peer, "REBOOTING"), /* continue */ );
|
|
} else {
|
|
li = li->prev; /* to avoid breaking the loop */
|
|
fd_list_unlink(&peer->p_hdr.chain);
|
|
fd_list_insert_before(&purge, &peer->p_hdr.chain);
|
|
}
|
|
}
|
|
list_empty = FD_IS_LIST_EMPTY(&fd_g_peers);
|
|
CHECK_FCT_DO( pthread_rwlock_unlock(&fd_g_peers_rw), /* continue */ );
|
|
|
|
if (!list_empty) {
|
|
CHECK_SYS( clock_gettime(CLOCK_REALTIME, &now) );
|
|
fd_psm_start(); /* just in case */
|
|
TRACE_DEBUG(INFO, "Waiting for connections shutdown... (%d sec max)", DPR_TIMEOUT + 1);
|
|
wait_until.tv_sec = now.tv_sec + DPR_TIMEOUT + 1;
|
|
wait_until.tv_nsec = now.tv_nsec;
|
|
}
|
|
|
|
while ((!list_empty) && (TS_IS_INFERIOR(&now, &wait_until))) {
|
|
|
|
/* Allow the PSM(s) to execute */
|
|
usleep(100000);
|
|
|
|
/* Remove zombie peers */
|
|
CHECK_FCT_DO( pthread_rwlock_wrlock(&fd_g_peers_rw), /* continue */ );
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
struct fd_peer * peer = (struct fd_peer *)li->o;
|
|
if (fd_peer_getstate(peer) == STATE_ZOMBIE) {
|
|
li = li->prev; /* to avoid breaking the loop */
|
|
fd_list_unlink(&peer->p_hdr.chain);
|
|
fd_list_insert_before(&purge, &peer->p_hdr.chain);
|
|
}
|
|
}
|
|
list_empty = FD_IS_LIST_EMPTY(&fd_g_peers);
|
|
CHECK_FCT_DO( pthread_rwlock_unlock(&fd_g_peers_rw), /* continue */ );
|
|
CHECK_SYS( clock_gettime(CLOCK_REALTIME, &now) );
|
|
}
|
|
|
|
if (!list_empty) {
|
|
TRACE_DEBUG(INFO, "Forcing connections shutdown");
|
|
CHECK_FCT_DO( pthread_rwlock_wrlock(&fd_g_peers_rw), /* continue */ );
|
|
while (!FD_IS_LIST_EMPTY(&fd_g_peers)) {
|
|
struct fd_peer * peer = (struct fd_peer *)(fd_g_peers.next->o);
|
|
fd_psm_abord(peer);
|
|
fd_list_unlink(&peer->p_hdr.chain);
|
|
fd_list_insert_before(&purge, &peer->p_hdr.chain);
|
|
}
|
|
CHECK_FCT_DO( pthread_rwlock_unlock(&fd_g_peers_rw), /* continue */ );
|
|
}
|
|
|
|
/* Free memory objects of all peers */
|
|
while (!FD_IS_LIST_EMPTY(&purge)) {
|
|
struct fd_peer * peer = (struct fd_peer *)(purge.next->o);
|
|
fd_list_unlink(&peer->p_hdr.chain);
|
|
fd_peer_free(&peer);
|
|
}
|
|
|
|
/* Now empty the validators list */
|
|
CHECK_FCT_DO( pthread_rwlock_wrlock(&validators_rw), /* continue */ );
|
|
while (!FD_IS_LIST_EMPTY( &validators )) {
|
|
struct fd_list * v = validators.next;
|
|
fd_list_unlink(v);
|
|
free(v);
|
|
}
|
|
CHECK_FCT_DO( pthread_rwlock_unlock(&validators_rw), /* continue */ );
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* Dump info of one peer */
|
|
DECLARE_FD_DUMP_PROTOTYPE(fd_peer_dump, struct peer_hdr * p, int details)
|
|
{
|
|
FD_DUMP_HANDLE_OFFSET();
|
|
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "{peer}(@%p): ", p), return NULL);
|
|
|
|
if (!CHECK_PEER(p)) {
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "INVALID/NULL"), return NULL);
|
|
} else {
|
|
struct fd_peer * peer = (struct fd_peer *)p;
|
|
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "%s [%s, cnt:%ldsr,%ldpa]", peer->p_hdr.info.pi_diamid, STATE_STR(fd_peer_getstate(peer)), peer->p_sr.cnt, peer->p_reqin_count), return NULL);
|
|
if (details > 0) {
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, " rlm:%s", peer->p_hdr.info.runtime.pir_realm ?: "<unknown>"), return NULL);
|
|
if (peer->p_hdr.info.runtime.pir_prodname) {
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, " ['%s' %u]", peer->p_hdr.info.runtime.pir_prodname, peer->p_hdr.info.runtime.pir_firmrev), return NULL);
|
|
}
|
|
}
|
|
if (details > 1) {
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, " [from:%s] flags:%s%s%s%s%s%s%s%s lft:%ds",
|
|
peer->p_dbgorig ?: "unset",
|
|
peer->p_hdr.info.config.pic_flags.pro3 == PI_P3_DEFAULT ? "-" :
|
|
(peer->p_hdr.info.config.pic_flags.pro3 == PI_P3_IP ? "4" : "6"),
|
|
peer->p_hdr.info.config.pic_flags.pro4 == PI_P4_DEFAULT ? "-" :
|
|
(peer->p_hdr.info.config.pic_flags.pro4 == PI_P4_TCP ? "T" : "S"),
|
|
peer->p_hdr.info.config.pic_flags.alg ? "P" : "-",
|
|
peer->p_hdr.info.config.pic_flags.sec & PI_SEC_NONE ? "N" :"-",
|
|
peer->p_hdr.info.config.pic_flags.sec & PI_SEC_TLS_OLD ? "O" :"-",
|
|
peer->p_hdr.info.config.pic_flags.sctpsec & PI_SCTPSEC_3436 ? "3" :"-",
|
|
peer->p_hdr.info.config.pic_flags.exp ? "E" : "-",
|
|
peer->p_hdr.info.config.pic_flags.persist ? "P" : "-",
|
|
peer->p_hdr.info.config.pic_lft), return NULL);
|
|
}
|
|
|
|
}
|
|
|
|
return *buf;
|
|
}
|
|
|
|
/* Dump the list of peers */
|
|
DECLARE_FD_DUMP_PROTOTYPE(fd_peer_dump_list, int details)
|
|
{
|
|
struct fd_list * li;
|
|
FD_DUMP_HANDLE_OFFSET();
|
|
|
|
CHECK_FCT_DO( pthread_rwlock_rdlock(&fd_g_peers_rw), /* continue */ );
|
|
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
CHECK_MALLOC_DO( fd_peer_dump(FD_DUMP_STD_PARAMS, (struct peer_hdr *)li->o, details), break);
|
|
if (li->next != &fd_g_peers) {
|
|
CHECK_MALLOC_DO( fd_dump_extend( FD_DUMP_STD_PARAMS, "\n"), break);
|
|
}
|
|
}
|
|
|
|
CHECK_FCT_DO( pthread_rwlock_unlock(&fd_g_peers_rw), /* continue */ );
|
|
return *buf;
|
|
}
|
|
|
|
static struct dict_object *avp_oh_model = NULL;
|
|
static pthread_mutex_t cache_avp_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
|
|
/* Handle an incoming CER request on a new connection */
|
|
int fd_peer_handle_newCER( struct msg ** cer, struct cnxctx ** cnx )
|
|
{
|
|
struct msg * msg;
|
|
struct avp *avp_oh;
|
|
struct avp_hdr * avp_hdr;
|
|
struct fd_list * li, *li_inf;
|
|
int found = 0;
|
|
int ret = 0;
|
|
struct fd_peer * peer;
|
|
struct cnx_incoming * ev_data;
|
|
|
|
TRACE_ENTRY("%p %p", cer, cnx);
|
|
CHECK_PARAMS(cer && *cer && cnx && *cnx);
|
|
|
|
msg = *cer;
|
|
|
|
/* If needed, resolve the dictionary model for Origin-Host */
|
|
CHECK_POSIX( pthread_mutex_lock(&cache_avp_lock) );
|
|
if (!avp_oh_model) {
|
|
avp_code_t code = AC_ORIGIN_HOST;
|
|
CHECK_FCT_DO( fd_dict_search ( fd_g_config->cnf_dict, DICT_AVP, AVP_BY_CODE, &code, &avp_oh_model, ENOENT),
|
|
{ LOG_E("Cannot find Origin-Host AVP definition in the dictionary!"); (void) pthread_mutex_unlock(&cache_avp_lock); return __ret__; } );
|
|
}
|
|
CHECK_POSIX( pthread_mutex_unlock(&cache_avp_lock) );
|
|
|
|
/* Find the Diameter Identity of the remote peer in the message */
|
|
CHECK_FCT( fd_msg_search_avp ( msg, avp_oh_model, &avp_oh ) );
|
|
ASSERT(avp_oh); /* otherwise it should not have passed rules validation, right? */
|
|
CHECK_FCT( fd_msg_avp_hdr ( avp_oh, &avp_hdr ) );
|
|
|
|
/* First, check if the Origin-Host value is valid */
|
|
if (!fd_os_is_valid_DiameterIdentity(avp_hdr->avp_value->os.data, avp_hdr->avp_value->os.len)) {
|
|
CHECK_FCT( fd_msg_new_answer_from_req ( fd_g_config->cnf_dict, cer, MSGFL_ANSW_ERROR ) );
|
|
CHECK_FCT( fd_msg_rescode_set(*cer, "DIAMETER_INVALID_AVP_VALUE",
|
|
"Your Origin-Host contains invalid characters.", avp_oh, 1 ) );
|
|
|
|
fd_hook_call(HOOK_PEER_CONNECT_FAILED, *cer, NULL, "Received CER with invalid Origin-Host AVP", NULL);
|
|
|
|
CHECK_FCT( fd_out_send(cer, *cnx, NULL, 0) );
|
|
return EINVAL;
|
|
}
|
|
|
|
/* Search if we already have this peer id in our list. We take directly the write lock so that we don't need to upgrade if it is a new peer.
|
|
* There is space for a small optimization here if needed.
|
|
*/
|
|
CHECK_POSIX( pthread_rwlock_wrlock(&fd_g_peers_rw) );
|
|
|
|
li_inf = &fd_g_peers;
|
|
for (li = fd_g_peers.next; li != &fd_g_peers; li = li->next) {
|
|
int cmp, cont;
|
|
peer = (struct fd_peer *)li;
|
|
cmp = fd_os_almostcasesrch( avp_hdr->avp_value->os.data, avp_hdr->avp_value->os.len, peer->p_hdr.info.pi_diamid, peer->p_hdr.info.pi_diamidlen, &cont );
|
|
if (cmp > 0) {
|
|
li_inf = li;
|
|
}
|
|
if (cmp == 0) {
|
|
found = 1;
|
|
break;
|
|
}
|
|
if (!cont)
|
|
break;
|
|
}
|
|
|
|
if (!found) {
|
|
/* Create a new peer entry for this new remote peer */
|
|
peer = NULL;
|
|
CHECK_FCT_DO( ret = fd_peer_alloc(&peer), goto out );
|
|
|
|
/* Set the peer Diameter Id and the responder flag parameters */
|
|
CHECK_MALLOC_DO( peer->p_hdr.info.pi_diamid = os0dup(avp_hdr->avp_value->os.data, avp_hdr->avp_value->os.len),
|
|
{ ret = ENOMEM; goto out; } );
|
|
peer->p_hdr.info.pi_diamidlen = avp_hdr->avp_value->os.len;
|
|
CHECK_MALLOC_DO( peer->p_dbgorig = strdup(fd_cnx_getid(*cnx)), { ret = ENOMEM; goto out; } );
|
|
peer->p_flags.pf_responder = 1;
|
|
peer->p_flags.pf_delete = 1;
|
|
|
|
LOG_D("Created new peer object for incoming CER: %s", peer->p_hdr.info.pi_diamid);
|
|
|
|
#ifndef DISABLE_PEER_EXPIRY
|
|
/* Set this peer to expire on inactivity */
|
|
peer->p_hdr.info.config.pic_flags.exp = PI_EXP_INACTIVE;
|
|
peer->p_hdr.info.config.pic_lft = 3600; /* 1 hour without any message
|
|
-- RFC3539 states that this must not be inferior to BRINGDOWN_INTERVAL = 5 minutes */
|
|
|
|
CHECK_FCT_DO( ret = fd_p_expi_update( peer ), goto out );
|
|
#endif /* DISABLE_PEER_EXPIRY */
|
|
|
|
/* Insert the new peer in the list (the PSM will take care of setting the expiry after validation) */
|
|
fd_list_insert_after( li_inf, &peer->p_hdr.chain );
|
|
|
|
/* Start the PSM, which will receive the event below */
|
|
CHECK_FCT_DO( ret = fd_psm_begin(peer), goto out );
|
|
} else {
|
|
/* Check if the peer is in zombie state */
|
|
if (fd_peer_getstate(peer) == STATE_ZOMBIE) {
|
|
/* Re-activate the peer */
|
|
if (peer->p_hdr.info.config.pic_flags.exp)
|
|
peer->p_flags.pf_responder = 1;
|
|
CHECK_POSIX_DO( pthread_mutex_lock(&peer->p_state_mtx), );
|
|
peer->p_state = STATE_NEW;
|
|
CHECK_POSIX_DO( pthread_mutex_unlock(&peer->p_state_mtx), );
|
|
peer->p_flags.pf_localterm = 0;
|
|
CHECK_FCT_DO( ret = fd_psm_begin(peer), goto out );
|
|
}
|
|
}
|
|
|
|
/* Send the new connection event to the PSM */
|
|
CHECK_MALLOC_DO( ev_data = malloc(sizeof(struct cnx_incoming)), { ret = ENOMEM; goto out; } );
|
|
memset(ev_data, 0, sizeof(*ev_data));
|
|
|
|
ev_data->cer = msg;
|
|
ev_data->cnx = *cnx;
|
|
ev_data->validate = !found;
|
|
|
|
CHECK_FCT_DO( ret = fd_event_send(peer->p_events, FDEVP_CNX_INCOMING, sizeof(*ev_data), ev_data), goto out );
|
|
|
|
out:
|
|
CHECK_POSIX( pthread_rwlock_unlock(&fd_g_peers_rw) );
|
|
|
|
if (ret == 0) {
|
|
/* Reset the "out" parameters, so that they are not cleanup on function return. */
|
|
*cer = NULL;
|
|
*cnx = NULL;
|
|
} else {
|
|
char buf[1024];
|
|
snprintf(buf, sizeof(buf), "An error occurred while processing new incoming CER: %s", strerror(ret));
|
|
fd_hook_call(HOOK_PEER_CONNECT_FAILED, *cer, NULL, buf, NULL);
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
/* Save a callback to accept / reject incoming unknown peers */
|
|
int fd_peer_validate_register ( int (*peer_validate)(struct peer_info * /* info */, int * /* auth */, int (**cb2)(struct peer_info *)) )
|
|
{
|
|
struct fd_list * v;
|
|
|
|
TRACE_ENTRY("%p", peer_validate);
|
|
CHECK_PARAMS(peer_validate);
|
|
|
|
/* Alloc a new entry */
|
|
CHECK_MALLOC( v = malloc(sizeof(struct fd_list)) );
|
|
fd_list_init( v, peer_validate );
|
|
|
|
/* Add at the beginning of the list */
|
|
CHECK_FCT( pthread_rwlock_wrlock(&validators_rw) );
|
|
fd_list_insert_after(&validators, v);
|
|
CHECK_FCT( pthread_rwlock_unlock(&validators_rw));
|
|
|
|
/* Done! */
|
|
return 0;
|
|
}
|
|
|
|
/* Validate a peer by calling the callbacks in turn -- return 0 if the peer is validated, ! 0 in case of error (>0) or if the peer is rejected (-1) */
|
|
int fd_peer_validate( struct fd_peer * peer )
|
|
{
|
|
int ret = 0;
|
|
struct fd_list * v;
|
|
|
|
CHECK_FCT( pthread_rwlock_rdlock(&validators_rw) );
|
|
for (v = validators.next; v != &validators; v = v->next) {
|
|
int auth = 0;
|
|
pthread_cleanup_push(fd_cleanup_rwlock, &validators_rw);
|
|
CHECK_FCT_DO( ret = ((int(*)(struct peer_info *, int *, int (**)(struct peer_info *)))(v->o)) (&peer->p_hdr.info, &auth, &peer->p_cb2), );
|
|
pthread_cleanup_pop(0);
|
|
if (ret)
|
|
goto out;
|
|
if (auth) {
|
|
ret = (auth > 0) ? 0 : -1;
|
|
goto out;
|
|
}
|
|
peer->p_cb2 = NULL;
|
|
}
|
|
|
|
/* No callback has given a firm result, the default is to reject */
|
|
ret = -1;
|
|
out:
|
|
CHECK_FCT( pthread_rwlock_unlock(&validators_rw));
|
|
return ret;
|
|
}
|