Gitiles
Code Review Sign In
gerrit.opencord.org / freeDiameter-old / 13b0e7de0d66906d50e074a339f890d6e59813ad / . / extensions / dict_mip6a / dict_mip6a.c
blob: a31aeedd8f455dc6d2e82146979910019b25e0cd [file] [log] [blame]
Brian Waters13d96012017-12-08 16:53:31 -0600[diff] [blame]1/*********************************************************************************************************
2* Software License Agreement (BSD License) *
3* Author: Francois Bard <francois@tera.ics.keio.ac.jp> *
4* *
5* Copyright (c) 2010, Teraoka Laboratory, Keio University *
6* All rights reserved. *
7* *
8* Redistribution and use of this software in source and binary forms, with or without modification, are *
9* permitted provided that the following conditions are met: *
10* *
11* * Redistributions of source code must retain the above *
12* copyright notice, this list of conditions and the *
13* following disclaimer. *
14* *
15* * Redistributions in binary form must reproduce the above *
16* copyright notice, this list of conditions and the *
17* following disclaimer in the documentation and/or other *
18* materials provided with the distribution. *
19* *
20* * Neither the name of the Teraoka Laboratory nor the *
21* names of its contributors may be used to endorse or *
22* promote products derived from this software without *
23* specific prior written permission of Teraoka Laboratory *
24* *
25* *
26* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
27* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
28* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
29* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
30* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
31* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
32* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
33* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
34*********************************************************************************************************/
35
36/*
37
38The following table complete the one in RFC 5778, page 18. The AVPs are implemented below following the order of this table.
39We try to keep the structure of the grouped AVP by declaring the contained AVPs just before the grouped AVP they depend on.
40The number of '+' indicates the depth of the contained AVP.
41
42DEPTH NAME AVP RFC TYPE NOTES
43
44 MIP6-Feature-Vector 124 5447 Unsigned64
45 User-Name 1 3588 UTF8String
46 Service-Selection 493 5778 UTF8String
47 MIP-MN-AAA-SPI 341 5778 Unsigned32
48+ MIP-Home-Agent-Address 334 4004 Address
49++ Destination-Host 293 3588 DiameterIdentity
50++ Destination-Realm 283 3588 DiameterIdentity
51+ MIP-Home-Agent-Host 348 4004 Grouped
52+ MIP6-Home-Link-Prefix 125 5447 OctetString
53 MIP6-Agent-Info 486 5447 Grouped
54+ MIP-Replay-Mode 346 4004 Enumerated
55+ MIP-Algorithm-Type 345 4004 Enumerated
56+ MIP-MN-HA-SPI 491 5778 Unsigned32
57+ MIP-MSA-Lifetime 367 4004 Unsigned32
58+ MIP-Session-Key 343 4004 OctetString
59 MIP-MN-HA-MSA 492 5778 Grouped different from MIP-MN-to-HA-MSA (331)
60 MIP-Mobile-Node-Address 333 4004 Address
61 MIP-Careof-Address 487 5778 Address
62 MIP-Authenticator 488 5778 OctetString
63 MIP-MAC-Mobility-Data 489 5778 OctetString
64 MIP-Timestamp 490 5778 OctetString
65 Chargeable-User-Identity 89 5778 OctetString
66 MIP6-Auth-Mode 494 5778 Enumerated
67
68QoS AVPs (RFC 5777 - implemented in the corresponding dictionary)
69
70 QoS-Capability 578 5777 Grouped
71 QoS-Resources 508 5777 Grouped
72
73ACCOUNTING AVPs (section 6.21)
74
75 Accounting-Input-Octets 363 4004, 4005 Unsigned64
76 Accounting-Output-Octets 364 4004, 4005 Unsigned64
77 Accounting-Input-Packets 365 4004, 4005 Unsigned64
78 Accounting-Output-Packets 366 4004, 4005 Unsigned64
79 Acct-Multi-Session-Id 50 3588 UTF8String
80 Acct-Session-Time 46 2866, 4004 Unsigned32
81 MIP6-Feature-Vector ----------------------------------
82 MIP-Mobile-Node-Address ----------------------------------
83 MIP6-Agent-Info ----------------------------------
84 Chargeable-User-Identity ----------------------------------
85 Service-Selection ----------------------------------
86 QoS-Resources ----------------------------------
87 QoS-Capability ----------------------------------
88 MIP-Careof-Address ----------------------------------
89
90RADIUS AVPs (contained in the MIR/MIA)
91
92 NAS-Identifier 32 2865 radius (see avp)
93 NAS-IP-Address 4 2865 radius (see avp)
94 NAS-IPv6-Address 95 3162 radius (see avp)
95 NAS-Port-Type 61 2865 radius (see avp)
96 Called-Station-Id 30 2865 radius (see avp)
97 Calling-Station-Id 31 2865 radius (see avp)
98
99
100*/
101
102/****************************************************************************************************************************************
103* *
104* This table is a copy of the registry named "MIP6 Authentication Mode Registry" and managed by IANA. *
105* source : http://www.iana.org/assignments/aaa-parameters/aaa-parameters.txt *
106* up to date on october 2010 *
107* *
108* Value Token Reference *
109* 0 Reserved [RFC5778] *
110* 1 MIP6_AUTH_MN_AAA [RFC5778] *
111* 2-4294967295 Unassigned *
112* *
113****************************************************************************************************************************************/
114
115
116/*
117
118NOTES
119
120check for omissions !
121
122*/
123
124#include <freeDiameter/extension.h>
125
126#define CHECK_dict_new( _type, _data, _parent, _ref ) \
127 CHECK_FCT( fd_dict_new( fd_g_config->cnf_dict, (_type), (_data), (_parent), (_ref)) );
128
129#define CHECK_dict_search( _type, _criteria, _what, _result ) \
130 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, (_type), (_criteria), (_what), (_result), ENOENT) );
131
132struct local_rules_definition {
133 char *avp_name;
134 enum rule_position position;
135 int min;
136 int max;
137};
138
139#define RULE_ORDER( _position ) ((((_position) == RULE_FIXED_HEAD) || ((_position) == RULE_FIXED_TAIL)) ? 1 : 0 )
140
141#define PARSE_loc_rules( _rulearray, _parent) { \
142 int __ar; \
143 for (__ar=0; __ar < sizeof(_rulearray) / sizeof((_rulearray)[0]); __ar++) { \
144 struct dict_rule_data __data = { NULL, \
145 (_rulearray)[__ar].position, \
146 0, \
147 (_rulearray)[__ar].min, \
148 (_rulearray)[__ar].max}; \
149 __data.rule_order = RULE_ORDER(__data.rule_position); \
150 CHECK_FCT( fd_dict_search( \
151 fd_g_config->cnf_dict, \
152 DICT_AVP, \
153 AVP_BY_NAME, \
154 (_rulearray)[__ar].avp_name, \
155 &__data.rule_avp, 0 ) ); \
156 if ( !__data.rule_avp ) { \
157 TRACE_DEBUG(INFO, "AVP Not found: '%s'", (_rulearray)[__ar].avp_name ); \
158 return ENOENT; \
159 } \
160 CHECK_FCT_DO( fd_dict_new( fd_g_config->cnf_dict, DICT_RULE, &__data, _parent, NULL), \
161 { \
162 TRACE_DEBUG(INFO, "Error on rule with AVP '%s'", \
163 (_rulearray)[__ar].avp_name ); \
164 return EINVAL; \
165 } ); \
166 } \
167}
168
169#define enumval_def_u32( _val_, _str_ ) \
170 { _str_, { .u32 = _val_ }}
171
172#define enumval_def_os( _len_, _val_, _str_ ) \
173 { _str_, { .os = { .data = (unsigned char *)_val_, .len = _len_ }}}
174
175
176
177/* Defines if there are any */
178
179//New Result-Code for MIP (RFC5778, Section 7.*)
180#define DIAMETER_SUCCESS_RELOCATE_HA 2009
181#define DIAMETER_ERROR_MIP6_AUTH_MODE 5041
182
183//Others
184#define MIP6_AUTH_MN_AAA 1
185
186/* Dictionary */
187
188int dict_mip6a_init(char * conffile)
189{
190 struct dict_object * mip6a;
191 {
192 struct dict_application_data data = { 8, "Diameter Mobile IPv6 Auth (MIP6A) Application" };
193 CHECK_dict_new( DICT_APPLICATION, &data , NULL, &mip6a);
194 }
195
196 /***************/
197 /* AVP section */
198 /***************/
199 {
200 /* Loading all the derived data formats */
201
202 struct dict_object * Address_type;
203 struct dict_object * UTF8String_type;
204 struct dict_object * DiameterIdentity_type;
205 struct dict_object * DiameterURI_type;
206 struct dict_object * Time_type;
207
208 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Address", &Address_type);
209 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "UTF8String", &UTF8String_type);
210 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterIdentity", &DiameterIdentity_type);
211 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterURI", &DiameterURI_type);
212 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Time", &Time_type);
213
214 ///////////////////////////////////////////
215 /* AVPs for Mobile IPv6 Auth Application */
216 ///////////////////////////////////////////
217
218 /* MIP6-Feature-Vector - RFC 5447 */
219 {
220 /*
221
222 */
223
224 struct dict_avp_data data = {
225 124, /* Code */
226 0, /* Vendor */
227 "MIP6-Feature-Vector", /* Name */
228 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
229 AVP_FLAG_MANDATORY, /* Fixed flag values */
230 AVP_TYPE_UNSIGNED64 /* base type of data */
231 };
232
233 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
234 }
235
236 /* User-Name - RFC 3588 */
237
238 /*
239 Implemented in the base protocol
240 */
241
242 /* Service-Selection - RFC 5778 */
243 {
244 /*
245
246 */
247
248 struct dict_avp_data data = {
249 493, /* Code */
250 0, /* Vendor */
251 "Service-Selection", /* Name */
252 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
253 AVP_FLAG_MANDATORY, /* Fixed flag values */
254 AVP_TYPE_OCTETSTRING /* base type of data */
255 };
256
257 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL);
258 }
259
260 /* MIP-MN-AAA-SPI - RFC 5778 */
261 {
262 /*
263
264 */
265
266 struct dict_avp_data data = {
267 341, /* Code */
268 0, /* Vendor */
269 "MIP-MN-AAA-SPI", /* Name */
270 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
271 AVP_FLAG_MANDATORY, /* Fixed flag values */
272 AVP_TYPE_UNSIGNED32 /* base type of data */
273 };
274
275 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
276 }
277
278 /* Destination-Host - Base Protocol */
279
280 /*
281 Implemented in the base protocol
282 */
283
284 /* Destination-Realm - Base Protocol */
285
286 /*
287 Implemented in the base protocol
288 */
289
290 /* MIP-Home-Agent-Address - RFC 4004 */
291 {
292 /*
293
294 */
295
296 struct dict_avp_data data = {
297 334, /* Code */
298 0, /* Vendor */
299 "MIP-Home-Agent-Address", /* Name */
300 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
301 AVP_FLAG_MANDATORY, /* Fixed flag values */
302 AVP_TYPE_OCTETSTRING /* base type of data */
303 };
304
305 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
306 }
307
308 /* MIP-Home-Agent-Host - RFC 4004 */
309 {
310 /*
311
312 */
313 struct dict_object * avp;
314 struct dict_avp_data data = {
315 348, /* Code */
316 0, /* Vendor */
317 "MIP-Home-Agent-Host", /* Name */
318 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
319 AVP_FLAG_MANDATORY, /* Fixed flag values */
320 AVP_TYPE_GROUPED /* base type of data */
321 };
322
323 struct local_rules_definition rules[] =
324 { { "Destination-Realm", RULE_REQUIRED, -1, 1 }
325 ,{ "Destination-Host", RULE_REQUIRED, -1, 1 }
326 };
327
328 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
329 PARSE_loc_rules( rules, avp );
330 }
331
332 /* MIP6-Home-Link-Prefix - RFC 5447 */
333 {
334 /*
335
336 */
337
338 struct dict_avp_data data = {
339 125, /* Code */
340 0, /* Vendor */
341 "MIP6-Home-Link-Prefix", /* Name */
342 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
343 AVP_FLAG_MANDATORY, /* Fixed flag values */
344 AVP_TYPE_OCTETSTRING /* base type of data */
345 };
346
347 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
348 }
349
350 /* MIP6-Agent-Info - RFC 5447*/
351 {
352 /*
353
354 */
355 struct dict_object * avp;
356 struct dict_avp_data data = {
357 486, /* Code */
358 0, /* Vendor */
359 "MIP6-Agent-Info", /* Name */
360 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
361 AVP_FLAG_MANDATORY, /* Fixed flag values */
362 AVP_TYPE_GROUPED /* base type of data */
363 };
364
365 struct local_rules_definition rules[] =
366 { { "MIP-Home-Agent-Address", RULE_OPTIONAL, -1, 2 }
367 ,{ "MIP-Home-Agent-Host", RULE_OPTIONAL, -1, 1 }
368 ,{ "MIP6-Home-Link-Prefix", RULE_OPTIONAL, -1, 1 }
369 };
370
371 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
372 PARSE_loc_rules( rules, avp );
373 }
374
375 /* MIP-Replay-Mode - RFC 5778 & 4004 */
376 {
377 /*
378
379 */
380 struct dict_object * type;
381 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP-Replay-Mode)", NULL, NULL, NULL };
382 struct dict_enumval_data t_0 = { "None", { .i32 = 1 }};
383 struct dict_enumval_data t_1 = { "Timestamp", { .i32 = 2 }};
384 struct dict_avp_data data = {
385 346, /* Code */
386 0, /* Vendor */
387 "MIP-Replay-Mode", /* Name */
388 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
389 AVP_FLAG_MANDATORY, /* Fixed flag values */
390 AVP_TYPE_INTEGER32 /* base type of data */
391 };
392
393 /* Create the Enumerated type, and then the AVP */
394 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
395 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL);
396 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL);
397 CHECK_dict_new( DICT_AVP, &data , type, NULL);
398 }
399
400 /* MIP-Algorithm-Type - RFC 5778 & 4004 */
401 {
402 /*
403
404 */
405 struct dict_object * type;
406 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP-Algorithm-Type)", NULL, NULL, NULL };
407 struct dict_enumval_data t_2 = { "HMAC-SHA-1 [HMAC]", { .i32 = 2 }};
408 struct dict_avp_data data = {
409 345, /* Code */
410 0, /* Vendor */
411 "MIP-Algorithm-Type", /* Name */
412 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
413 AVP_FLAG_MANDATORY, /* Fixed flag values */
414 AVP_TYPE_INTEGER32 /* base type of data */
415 };
416
417 /* Create the Enumerated type, and then the AVP */
418 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
419 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL);
420 CHECK_dict_new( DICT_AVP, &data , type, NULL);
421 }
422
423 /* MIP-MN-HA-SPI - RFC 5778 */
424 {
425 /*
426
427 */
428 struct dict_avp_data data = {
429 491, /* Code */
430 0, /* Vendor */
431 "MIP-MN-HA-SPI", /* Name */
432 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
433 AVP_FLAG_MANDATORY, /* Fixed flag values */
434 AVP_TYPE_UNSIGNED32 /* base type of data */
435 };
436
437 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
438 }
439
440 /* MIP-MSA-Lifetime - RFC 4004 */
441 {
442 /*
443
444 */
445 struct dict_avp_data data = {
446 367, /* Code */
447 0, /* Vendor */
448 "MIP-MSA-Lifetime", /* Name */
449 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
450 AVP_FLAG_MANDATORY, /* Fixed flag values */
451 AVP_TYPE_UNSIGNED32 /* base type of data */
452 };
453
454 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
455 }
456
457 /* MIP-Session-Key - RFC 5778 */
458 {
459 /*
460
461 */
462 struct dict_avp_data data = {
463 343, /* Code */
464 0, /* Vendor */
465 "MIP-Session-Key", /* Name */
466 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
467 AVP_FLAG_MANDATORY, /* Fixed flag values */
468 AVP_TYPE_OCTETSTRING /* base type of data */
469 };
470
471 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
472 }
473
474 /* MIP-MN-HA-MSA - RFC 5778 */
475 {
476 /*
477
478 */
479 struct dict_object * avp;
480 struct dict_avp_data data = {
481 492, /* Code */
482 0, /* Vendor */
483 "MIP-MN-HA-MSA", /* Name */
484 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
485 AVP_FLAG_MANDATORY, /* Fixed flag values */
486 AVP_TYPE_GROUPED /* base type of data */
487 };
488
489 struct local_rules_definition rules[] =
490 { { "MIP-Session-Key", RULE_REQUIRED, -1, 1 }
491 ,{ "MIP-MSA-Lifetime", RULE_REQUIRED, -1, 1 }
492 ,{ "MIP-MN-HA-SPI", RULE_OPTIONAL, -1, 1 }
493 ,{ "MIP-Algorithm-Type", RULE_OPTIONAL, -1, 1 }
494 ,{ "MIP-Replay-Mode", RULE_OPTIONAL, -1, 1 }
495 };
496
497 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
498 PARSE_loc_rules( rules, avp );
499 }
500
501 /* MIP-Mobile-Node-Address - RFC 4004 */
502 {
503 /*
504
505 */
506
507 struct dict_avp_data data = {
508 333, /* Code */
509 0, /* Vendor */
510 "MIP-Mobile-Node-Address", /* Name */
511 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
512 AVP_FLAG_MANDATORY, /* Fixed flag values */
513 AVP_TYPE_OCTETSTRING /* base type of data */
514 };
515
516 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
517 }
518
519 /* MIP-Careof-Address - RFC 5778 */
520 {
521 /*
522
523 */
524 struct dict_avp_data data = {
525 487, /* Code */
526 0, /* Vendor */
527 "MIP-Careof-Address", /* Name */
528 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
529 AVP_FLAG_MANDATORY, /* Fixed flag values */
530 AVP_TYPE_OCTETSTRING /* base type of data */
531 };
532
533 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
534 }
535
536 /* MIP-Authenticator - RFC 5778 */
537 {
538 /*
539
540 */
541 struct dict_avp_data data = {
542 488, /* Code */
543 0, /* Vendor */
544 "MIP-Authenticator", /* Name */
545 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
546 AVP_FLAG_MANDATORY, /* Fixed flag values */
547 AVP_TYPE_OCTETSTRING /* base type of data */
548 };
549
550 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
551 }
552
553 /* MIP-MAC-Mobility-Data - RFC 5778 */
554 {
555 /*
556
557 */
558 struct dict_avp_data data = {
559 489, /* Code */
560 0, /* Vendor */
561 "MIP-MAC-Mobility-Data", /* Name */
562 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
563 AVP_FLAG_MANDATORY, /* Fixed flag values */
564 AVP_TYPE_OCTETSTRING /* base type of data */
565 };
566
567 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
568 }
569
570 /* MIP-Timestamp - RFC 5778 */
571 {
572 /*
573
574 */
575 struct dict_avp_data data = {
576 490, /* Code */
577 0, /* Vendor */
578 "MIP-Timestamp", /* Name */
579 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
580 AVP_FLAG_MANDATORY, /* Fixed flag values */
581 AVP_TYPE_OCTETSTRING /* base type of data */
582 };
583
584 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
585 }
586
587 /* Chargeable-User-Identity - RFC 5778 */
588 {
589 /*
590
591 */
592 struct dict_avp_data data = {
593 89, /* Code */
594 0, /* Vendor */
595 "Chargeable-User-Identity", /* Name */
596 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
597 AVP_FLAG_MANDATORY, /* Fixed flag values */
598 AVP_TYPE_OCTETSTRING /* base type of data */
599 };
600
601 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
602 }
603
604 /* MIP6-Auth-Mode - RFC 5778 */
605 {
606 /*
607
608 */
609 struct dict_object * type;
610 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP6-Auth-Mode)", NULL, NULL, NULL };
611 struct dict_enumval_data t_0 = { "None", { .i32 = MIP6_AUTH_MN_AAA }};
612 struct dict_avp_data data = {
613 494, /* Code */
614 0, /* Vendor */
615 "MIP6-Auth-Mode", /* Name */
616 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
617 AVP_FLAG_MANDATORY, /* Fixed flag values */
618 AVP_TYPE_INTEGER32 /* base type of data */
619 };
620
621 /* Create the Enumerated type, and then the AVP */
622 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
623 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL);
624 CHECK_dict_new( DICT_AVP, &data , type, NULL);
625 }
626
627 //////////////
628 /* QoS AVPs */
629 //////////////
630
631 /* QoS-Capability */
632
633 /*
634 Implemented in RFC 5777
635 */
636
637 /* QoS-Resources */
638
639 /*
640 Implemented in RFC 5777
641 */
642
643 /////////////////////
644 /* Accounting AVPs */
645 /////////////////////
646
647 /* Accounting-Input-Octets - RFC 4004 */
648 {
649 /*
650
651 */
652 struct dict_avp_data data = {
653 363, /* Code */
654 0, /* Vendor */
655 "Accounting-Input-Octets", /* Name */
656 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
657 AVP_FLAG_MANDATORY, /* Fixed flag values */
658 AVP_TYPE_UNSIGNED64 /* base type of data */
659 };
660
661 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
662 }
663
664 /* Accounting-Output-Octets - RFC 4004 */
665 {
666 /*
667
668 */
669 struct dict_avp_data data = {
670 364, /* Code */
671 0, /* Vendor */
672 "Accounting-Output-Octets", /* Name */
673 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
674 AVP_FLAG_MANDATORY, /* Fixed flag values */
675 AVP_TYPE_UNSIGNED64 /* base type of data */
676 };
677
678 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
679 }
680
681 /* Accounting-Input-Packets - RFC 4004 */
682 {
683 /*
684
685 */
686 struct dict_avp_data data = {
687 365, /* Code */
688 0, /* Vendor */
689 "Accounting-Input-Packets", /* Name */
690 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
691 AVP_FLAG_MANDATORY, /* Fixed flag values */
692 AVP_TYPE_UNSIGNED64 /* base type of data */
693 };
694
695 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
696 }
697
698 /* Accounting-Output-Packets - RFC 4004 */
699 {
700 /*
701
702 */
703 struct dict_avp_data data = {
704 366, /* Code */
705 0, /* Vendor */
706 "Accounting-Output-Packets", /* Name */
707 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
708 AVP_FLAG_MANDATORY, /* Fixed flag values */
709 AVP_TYPE_UNSIGNED64 /* base type of data */
710 };
711
712 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
713 }
714
715 /* Acct-Multi-Session-Id - RFC 3588 */
716
717 /*
718 Implemented in the base protocol
719 */
720
721 /* Acct-Session-Time - RFC 4004 */
722 {
723 /*
724
725 */
726 struct dict_avp_data data = {
727 46, /* Code */
728 0, /* Vendor */
729 "Acct-Session-Time", /* Name */
730 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
731 AVP_FLAG_MANDATORY, /* Fixed flag values */
732 AVP_TYPE_UNSIGNED32 /* base type of data */
733 };
734
735 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
736 }
737
738 /////////////////////////////////////
739 /* Radius AVPs - used in MIR & MIA */
740 /////////////////////////////////////
741
742 /*
743 We used the following correspondences for determining the type of the Radius AVPs
744
745 Radius Diameter
746
747 text UTF8Sting
748 string OctetString
749 address Address
750 integer Unsigned32
751 time Time
752 */
753
754
755 /* NAS-Identifier 32 3575 */
756 {
757 /*
758 string -> OctetString
759 */
760
761 struct dict_avp_data data = {
762 32, /* Code */
763 0, /* Vendor */
764 "NAS-Identifier", /* Name */
765 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
766 AVP_FLAG_MANDATORY, /* Fixed flag values */
767 AVP_TYPE_OCTETSTRING /* base type of data */
768 };
769
770 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
771 }
772
773 /* NAS-IP-Address 4 3575 */
774 {
775 /*
776 address -> Address
777 */
778
779 struct dict_avp_data data = {
780 4, /* Code */
781 0, /* Vendor */
782 "NAS-IP-Address", /* Name */
783 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
784 AVP_FLAG_MANDATORY, /* Fixed flag values */
785 AVP_TYPE_OCTETSTRING /* base type of data */
786 };
787
788 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
789 }
790
791 /* NAS-IPv6-Address 95 3162 */
792 {
793 /*
794 address -> Address
795 */
796
797 struct dict_avp_data data = {
798 95, /* Code */
799 0, /* Vendor */
800 "NAS-IPv6-Address", /* Name */
801 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
802 AVP_FLAG_MANDATORY, /* Fixed flag values */
803 AVP_TYPE_OCTETSTRING /* base type of data */
804 };
805
806 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
807 }
808
809 /* NAS-Port-Type 61 2865 */
810 {
811 /*
812 integer -> Unsigned32
813
814 Value
815
816 The Value field is four octets. "Virtual" refers to a connection
817 to the NAS via some transport protocol, instead of through a
818 physical port. For example, if a user telnetted into a NAS to
819 authenticate himself as an Outbound-User, the Access-Request might
820 include NAS-Port-Type = Virtual as a hint to the RADIUS server
821 that the user was not on a physical port.
822
823 0 Async
824 1 Sync
825 2 ISDN Sync
826 3 ISDN Async V.120
827 4 ISDN Async V.110
828 5 Virtual
829 6 PIAFS
830 7 HDLC Clear Channel
831 8 X.25
832 9 X.75
833 10 G.3 Fax
834 11 SDSL - Symmetric DSL
835 12 ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase
836 Modulation
837 13 ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone
838 14 IDSL - ISDN Digital Subscriber Line
839 15 Ethernet
840 16 xDSL - Digital Subscriber Line of unknown type
841 17 Cable
842 18 Wireless - Other
843 19 Wireless - IEEE 802.11
844
845 PIAFS is a form of wireless ISDN commonly used in Japan, and
846 stands for PHS (Personal Handyphone System) Internet Access Forum
847 Standard (PIAFS).
848 */
849
850 struct dict_avp_data data = {
851 61, /* Code */
852 0, /* Vendor */
853 "NAS-Port-Type", /* Name */
854 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
855 AVP_FLAG_MANDATORY, /* Fixed flag values */
856 AVP_TYPE_UNSIGNED32 /* base type of data */
857 };
858
859 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
860 }
861
862 /* Called-Station-Id 30 2865 */
863 {
864 /*
865 string -> OctetString
866 */
867
868 struct dict_avp_data data = {
869 30, /* Code */
870 0, /* Vendor */
871 "Called-Station-Id", /* Name */
872 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
873 AVP_FLAG_MANDATORY, /* Fixed flag values */
874 AVP_TYPE_OCTETSTRING /* base type of data */
875 };
876
877 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
878 }
879 /* Calling-Station-Id 31 2865 */
880 {
881 /*
882 string -> OctetString
883 */
884
885 struct dict_avp_data data = {
886 31, /* Code */
887 0, /* Vendor */
888 "Calling-Station-Id", /* Name */
889 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
890 AVP_FLAG_MANDATORY, /* Fixed flag values */
891 AVP_TYPE_OCTETSTRING /* base type of data */
892 };
893
894 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
895 }
896 }
897
898/*******************/
899/* Command section */
900/*******************/
901
902 {
903 /* MIP6-Request (MIR) */
904 {
905 /*
906
907 The MIP6-Request (MIR), indicated by the Command-Code field set to
908 325 and the 'R' bit set in the Command Flags field, is sent by the
909 HA, acting as a Diameter client, in order to request the
910 authentication and authorization of an MN.
911
912 Although the HA provides the Diameter server with replay protection-
913 related information, the HA is responsible for the replay protection.
914
915 The message format is shown below.
916
917 <MIP6-Request> ::= < Diameter Header: 325, REQ, PXY >
918 < Session-ID >
919 { Auth-Application-Id }
920 { User-Name }
921 { Destination-Realm }
922 { Origin-Host }
923 { Origin-Realm }
924 { Auth-Request-Type }
925 [ Destination-Host ]
926 [ Origin-State-Id ]
927 [ NAS-Identifier ]
928 [ NAS-IP-Address ]
929 [ NAS-IPv6-Address ]
930 [ NAS-Port-Type ]
931 [ Called-Station-Id ]
932 [ Calling-Station-Id ]
933 [ MIP6-Feature-Vector ]
934 { MIP6-Auth-Mode }
935 [ MIP-MN-AAA-SPI ]
936 [ MIP-MN-HA-SPI ]
937 1*2{ MIP-Mobile-Node-Address }
938 { MIP6-Agent-Info }
939 { MIP-Careof-Address }
940 [ MIP-Authenticator ]
941 [ MIP-MAC-Mobility-Data ]
942 [ MIP-Timestamp ]
943 [ QoS-Capability ]
944 * [ QoS-Resources ]
945 [ Chargeable-User-Identity ]
946 [ Service-Selection ]
947 [ Authorization-Lifetime ]
948 [ Auth-Session-State ]
949 * [ Proxy-Info ]
950 * [ Route-Record ]
951 * [ AVP ]
952
953 If the MN is both authenticated and authorized for the mobility
954 service, then the Auth-Request-Type AVP is set to the value
955 AUTHORIZE_AUTHENTICATE. This is the case when the MIP6-Auth-Mode is
956 set to the value MIP6_AUTH_MN_AAA.
957
958 */
959 struct dict_object * cmd;
960 struct dict_cmd_data data = {
961 325, /* Code */
962 "MIP6-Request", /* Name */
963 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */
964 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */
965 };
966 struct local_rules_definition rules[] =
967 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 }
968 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 }
969 ,{ "User-Name", RULE_REQUIRED, -1, 1 }
970 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 }
971 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 }
972 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 }
973 ,{ "Auth-Request-Type", RULE_REQUIRED, -1, 1 }
974 ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 }
975 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 }
976 ,{ "NAS-Identifier", RULE_OPTIONAL, -1, 1 }
977 ,{ "NAS-IP-Address", RULE_OPTIONAL, -1, 1 }
978 ,{ "NAS-IPv6-Address", RULE_OPTIONAL, -1, 1 }
979 ,{ "NAS-Port-Type", RULE_OPTIONAL, -1, 1 }
980 ,{ "Called-Station-Id", RULE_OPTIONAL, -1, 1 }
981 ,{ "Calling-Station-Id", RULE_OPTIONAL, -1, 1 }
982 ,{ "MIP6-Feature-Vector", RULE_OPTIONAL, -1, 1 }
983 ,{ "MIP6-Auth-Mode", RULE_OPTIONAL, -1, 1 }
984 ,{ "MIP-MN-AAA-SPI", RULE_OPTIONAL, -1, 1 }
985 ,{ "MIP-MN-HA-SPI", RULE_OPTIONAL, -1, 1 }
986 ,{ "MIP-Mobile-Node-Address", RULE_OPTIONAL, 1, 2 }
987 ,{ "MIP6-Agent-Info", RULE_OPTIONAL, -1, 1 }
988 ,{ "MIP-Careof-Address", RULE_OPTIONAL, -1, 1 }
989 ,{ "MIP-Authenticator", RULE_OPTIONAL, -1, 1 }
990 ,{ "MIP-MAC-Mobility-Data", RULE_OPTIONAL, -1, 1 }
991 ,{ "MIP-Timestamp", RULE_OPTIONAL, -1, 1 }
992 ,{ "QoS-Capability", RULE_OPTIONAL, -1, 1 }
993 ,{ "QoS-Resources", RULE_OPTIONAL, -1, -1 }
994 ,{ "Chargeable-User-Identity", RULE_OPTIONAL, -1, 1 }
995 ,{ "Service-Selection", RULE_OPTIONAL, -1, 1 }
996 ,{ "Authorization-Lifetime", RULE_OPTIONAL, -1, 1 }
997 ,{ "Auth-Session-State", RULE_OPTIONAL, -1, 1 }
998 ,{ "Proxy-Info", RULE_OPTIONAL, -1, -1 }
999 ,{ "Route-Record", RULE_OPTIONAL, -1, -1 }
1000 };
1001
1002 CHECK_dict_new( DICT_COMMAND, &data, mip6a, &cmd);
1003 PARSE_loc_rules( rules, cmd );
1004 }
1005
1006 /* MIP6-Answer (MIA) */
1007 {
1008 /*
1009
1010 The MIP6-Answer (MIA) message, indicated by the Command-Code field
1011 set to 325 and the 'R' bit cleared in the Command Flags field, is
1012 sent by the Diameter server in response to the MIP6-Request message.
1013
1014 The User-Name AVP MAY be included in the MIA if it is present in the
1015 MIR. The Result-Code AVP MAY contain one of the values defined in
1016 Section 7, in addition to the values defined in [RFC3588].
1017
1018 An MIA message with the Result-Code AVP set to DIAMETER_SUCCESS MUST
1019 include the MIP-Mobile-Node-Address AVP.
1020
1021 The message format is shown below.
1022
1023 <MIP6-Answer> ::= < Diameter Header: 325, PXY >
1024 < Session-Id >
1025 { Auth-Application-Id }
1026 { Result-Code }
1027 { Origin-Host }
1028 { Origin-Realm }
1029 { Auth-Request-Type }
1030 [ User-Name ]
1031 [ Authorization-Lifetime ]
1032 [ Auth-Session-State ]
1033 [ Error-Message ]
1034 [ Error-Reporting-Host ]
1035 [ Re-Auth-Request-Type ]
1036 [ MIP6-Feature-Vector ]
1037 [ MIP6-Agent-Info ]
1038 *2[ MIP-Mobile-Node-Address ]
1039 [ MIP-MN-HA-MSA ]
1040 * [ QoS-Resources ]
1041 [ Chargeable-User-Identity ]
1042 [ Service-Selection ]
1043 [ Origin-State-Id ]
1044 * [ Proxy-Info ]
1045 * [ Redirect-Host ]
1046 [ Redirect-Host-Usage ]
1047 [ Redirect-Max-Cache-Time ]
1048 * [ Failed-AVP ]
1049 * [ AVP ]
1050
1051 */
1052 struct dict_object * cmd;
1053 struct dict_cmd_data data = {
1054 325, /* Code */
1055 "MIP6-Answer", /* Name */
1056 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */
1057 CMD_FLAG_PROXIABLE /* Fixed flag values */
1058 };
1059 struct local_rules_definition rules[] =
1060 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 }
1061 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 }
1062 ,{ "Result-Code", RULE_REQUIRED, -1, 1 }
1063 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 }
1064 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 }
1065 ,{ "Auth-Request-Type", RULE_REQUIRED, -1, 1 }
1066 ,{ "User-Name", RULE_OPTIONAL, -1, 1 }
1067 ,{ "Authorization-Lifetime", RULE_OPTIONAL, -1, 1 }
1068 ,{ "Auth-Session-State", RULE_OPTIONAL, -1, 1 }
1069 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 }
1070 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 }
1071 ,{ "Re-Auth-Request-Type", RULE_OPTIONAL, -1, 1 }
1072 ,{ "MIP6-Feature-Vector", RULE_OPTIONAL, -1, 1 }
1073 ,{ "MIP6-Agent-Info", RULE_OPTIONAL, -1, 1 }
1074 ,{ "MIP-Mobile-Node-Address", RULE_OPTIONAL, -1, 2 }
1075 ,{ "MIP-MN-HA-MSA", RULE_OPTIONAL, -1, 1 }
1076 ,{ "QoS-Resources", RULE_OPTIONAL, -1, -1 }
1077 ,{ "Chargeable-User-Identity", RULE_OPTIONAL, -1, 1 }
1078 ,{ "Service-Selection", RULE_OPTIONAL, -1, 1 }
1079 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 }
1080 ,{ "Proxy-Info", RULE_OPTIONAL, -1, -1 }
1081 ,{ "Redirect-Host", RULE_OPTIONAL, -1, -1 }
1082 ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 }
1083 ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 }
1084 ,{ "Failed-AVP", RULE_OPTIONAL, -1, -1 }
1085 };
1086
1087 CHECK_dict_new( DICT_COMMAND, &data, mip6a, &cmd);
1088 PARSE_loc_rules( rules, cmd );
1089 }
1090 }
1091 LOG_D( "Dictionary Extension 'Diameter Mobile IPv6 Auth (MIP6A)' initialized");
1092 return 0;
1093}
1094EXTENSION_ENTRY("dict_mip6a", dict_mip6a_init, "dict_rfc5777");