Gitiles
Code Review Sign In
gerrit.opencord.org / freeDiameter-old / 13b0e7de0d66906d50e074a339f890d6e59813ad / . / extensions / dict_mip6i / dict_mip6i.c
blob: 7977cccaf56364035c1e5821245bf115ff6f716e [file] [log] [blame]
Brian Waters13d96012017-12-08 16:53:31 -0600[diff] [blame]1/*********************************************************************************************************
2* Software License Agreement (BSD License) *
3* Author: Francois Bard <francois@tera.ics.keio.ac.jp> *
4* *
5* Copyright (c) 2010, Teraoka Laboratory, Keio University *
6* All rights reserved. *
7* *
8* Redistribution and use of this software in source and binary forms, with or without modification, are *
9* permitted provided that the following conditions are met: *
10* *
11* * Redistributions of source code must retain the above *
12* copyright notice, this list of conditions and the *
13* following disclaimer. *
14* *
15* * Redistributions in binary form must reproduce the above *
16* copyright notice, this list of conditions and the *
17* following disclaimer in the documentation and/or other *
18* materials provided with the distribution. *
19* *
20* * Neither the name of the Teraoka Laboratory nor the *
21* names of its contributors may be used to endorse or *
22* promote products derived from this software without *
23* specific prior written permission of Teraoka Laboratory *
24* *
25* *
26* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED *
27* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A *
28* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR *
29* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT *
30* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS *
31* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR *
32* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF *
33* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
34*********************************************************************************************************/
35
36/*
37
38The following table complete the one in RFC 5778, page 18. The AVPs are implemented below following the order of this table.
39We try to keep the structure of the grouped AVP by declaring the contained AVPs just before the grouped AVP they depend on.
40The number of '+' indicates the depth of the contained AVP.
41
42DEPTH NAME AVP RFC TYPE NOTES
43
44 MIP6-Feature-Vector 124 5447 Unsigned64
45 MIP-Mobile-Node-Address 333 4004 Address
46+ MIP-Home-Agent-Address 334 4004 Address
47++ Destination-Host 293 3588 DiameterIdentity
48++ Destination-Realm 283 3588 DiameterIdentity
49+ MIP-Home-Agent-Host 348 4004 Grouped
50+ MIP6-Home-Link-Prefix 125 5447 OctetString
51 MIP6-Agent-Info 486 5447 Grouped
52 User-Name 1 3588 UTF8String
53 Service-Selection 493 5778 UTF8String
54+ MIP-Replay-Mode 346 4004 Enumerated
55+ MIP-Algorithm-Type 345 4004 Enumerated
56+ MIP-MN-HA-SPI 491 5778 Unsigned32
57+ MIP-MSA-Lifetime 367 4004 Unsigned32
58+ MIP-Session-Key 343 4004 OctetString
59 MIP-MN-HA-MSA 492 5778 Grouped different from MIP-MN-to-HA-MSA (331)
60 Chargeable-User-Identity 89 5778 OctetString
61
62QoS AVPs (RFC 5777 - implemented in the corresponding dictionary)
63
64 QoS-Capability 578 5777 Grouped
65 QoS-Resources 508 5777 Grouped
66
67ACCOUNTING AVPs (section 6.21)
68
69 Accounting-Input-Octets 363 4004, 4005 Unsigned64
70 Accounting-Output-Octets 364 4004, 4005 Unsigned64
71 Accounting-Input-Packets 365 4004, 4005 Unsigned64
72 Accounting-Output-Packets 366 4004, 4005 Unsigned64
73 Acct-Multi-Session-Id 50 3588 UTF8String
74 Acct-Session-Time 46 2866, 4004 Unsigned32
75 MIP6-Feature-Vector ----------------------------------
76 MIP-Mobile-Node-Address ----------------------------------
77 MIP6-Agent-Info ----------------------------------
78 Chargeable-User-Identity ----------------------------------
79 Service-Selection ----------------------------------
80 QoS-Resources ----------------------------------
81 QoS-Capability ----------------------------------
82 MIP-Careof-Address 487 5778 Address needed (appears in MIR/MIA)
83
84REST OF THE AVPs IN THE MIR & MIA EXCLUDING *[AVP] (as written on page 19 of RFC 5778)
85
86MIP6-Request
87
88 Session-ID 263 3588
89 Auth-Application-Id 258 3588
90 User-Name 1 3588
91 Destination-Realm 283 3588
92 Origin-Host 264 3588
93 Origin-Realm 296 3588
94 Auth-Request-Type 274 3588
95 Origin-State-Id 278 3588
96 NAS-Identifier 32 2865 radius (see avp) needed (radius)
97 NAS-IP-Address 4 2865 radius (see avp) needed (radius)
98 NAS-IPv6-Address 95 3162 radius (see avp) needed (radius)
99 NAS-Port-Type 61 2865 radius (see avp) needed (radius)
100 Called-Station-Id 30 2865 radius (see avp) needed (radius)
101 Calling-Station-Id 31 2865 radius (see avp) needed (radius)
102 MIP6-Feature-Vector ------------
103 MIP6-Auth-Mode 494 5778 Enumerated needed (mip6a)
104 MIP-MN-AAA-SPI 341 5778 Unsigned32 needed (mip6a)
105 MIP-MN-HA-SPI ------------
106 MIP-Mobile-Node-Address ------------
107 MIP6-Agent-Info ------------
108 MIP-Careof-Address ------------
109 MIP-Authenticator 488 5778 OctetString needed (mip6a)
110 MIP-MAC-Mobility-Data 489 5778 OctetString needed (mip6a)
111 MIP-Timestamp 490 5778 OctetString needed (mip6a)
112 QoS-Capability ------------
113 QoS-Resources ------------
114 Chargeable-User-Identity ------------
115 Service-Selection ------------
116 Authorization-Lifetime 291 3588
117 Auth-Session-State 277 3588
118 Proxy-Info 284 3588
119 Route-Record 282 3588
120
121MIP6-Answer - All of them are already implemented as base protocol AVPs or implemented earlier.
122
123*/
124
125/****************************************************************************************************************************************
126* *
127* This table is a copy of the registry named "MIP6 Authentication Mode Registry" and managed by IANA. *
128* source : http://www.iana.org/assignments/aaa-parameters/aaa-parameters.txt *
129* up to date on october 2010 *
130* *
131* Value Token Reference *
132* 0 Reserved [RFC5778] *
133* 1 MIP6_AUTH_MN_AAA [RFC5778] *
134* 2-4294967295 Unassigned *
135* *
136****************************************************************************************************************************************/
137
138
139/*
140
141NOTES
142
143check for omissions !
144
145*/
146
147#include <freeDiameter/extension.h>
148
149#define CHECK_dict_new( _type, _data, _parent, _ref ) \
150 CHECK_FCT( fd_dict_new( fd_g_config->cnf_dict, (_type), (_data), (_parent), (_ref)) );
151
152#define CHECK_dict_search( _type, _criteria, _what, _result ) \
153 CHECK_FCT( fd_dict_search( fd_g_config->cnf_dict, (_type), (_criteria), (_what), (_result), ENOENT) );
154
155struct local_rules_definition {
156 char *avp_name;
157 enum rule_position position;
158 int min;
159 int max;
160};
161
162#define RULE_ORDER( _position ) ((((_position) == RULE_FIXED_HEAD) || ((_position) == RULE_FIXED_TAIL)) ? 1 : 0 )
163
164#define PARSE_loc_rules( _rulearray, _parent) { \
165 int __ar; \
166 for (__ar=0; __ar < sizeof(_rulearray) / sizeof((_rulearray)[0]); __ar++) { \
167 struct dict_rule_data __data = { NULL, \
168 (_rulearray)[__ar].position, \
169 0, \
170 (_rulearray)[__ar].min, \
171 (_rulearray)[__ar].max}; \
172 __data.rule_order = RULE_ORDER(__data.rule_position); \
173 CHECK_FCT( fd_dict_search( \
174 fd_g_config->cnf_dict, \
175 DICT_AVP, \
176 AVP_BY_NAME, \
177 (_rulearray)[__ar].avp_name, \
178 &__data.rule_avp, 0 ) ); \
179 if ( !__data.rule_avp ) { \
180 TRACE_DEBUG(INFO, "AVP Not found: '%s'", (_rulearray)[__ar].avp_name ); \
181 return ENOENT; \
182 } \
183 CHECK_FCT_DO( fd_dict_new( fd_g_config->cnf_dict, DICT_RULE, &__data, _parent, NULL), \
184 { \
185 TRACE_DEBUG(INFO, "Error on rule with AVP '%s'", \
186 (_rulearray)[__ar].avp_name ); \
187 return EINVAL; \
188 } ); \
189 } \
190}
191
192#define enumval_def_u32( _val_, _str_ ) \
193 { _str_, { .u32 = _val_ }}
194
195#define enumval_def_os( _len_, _val_, _str_ ) \
196 { _str_, { .os = { .data = (unsigned char *)_val_, .len = _len_ }}}
197
198
199
200/* Defines if there are any */
201
202//New Result-Code for MIP (RFC5778, Section 7.*)
203#define DIAMETER_SUCCESS_RELOCATE_HA 2009
204#define DIAMETER_ERROR_MIP6_AUTH_MODE 5041
205
206//others
207#define MIP6_AUTH_MN_AAA 1
208
209/* Dictionary */
210
211int dict_mip6i_init(char * conffile)
212{
213 struct dict_object * mip6i;
214 {
215 struct dict_application_data data = { 7, "Diameter Mobile IPv6 IKE (MIP6I) Application" };
216 CHECK_dict_new( DICT_APPLICATION, &data , NULL, &mip6i);
217 }
218
219 /***************/
220 /* AVP section */
221 /***************/
222 {
223 /* Loading all the derived data formats */
224
225 struct dict_object * Address_type;
226 struct dict_object * UTF8String_type;
227 struct dict_object * DiameterIdentity_type;
228 struct dict_object * DiameterURI_type;
229 struct dict_object * Time_type;
230
231 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Address", &Address_type);
232 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "UTF8String", &UTF8String_type);
233 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterIdentity", &DiameterIdentity_type);
234 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterURI", &DiameterURI_type);
235 CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Time", &Time_type);
236
237 /* MIP6-Feature-Vector - RFC 5447 */
238 {
239 /*
240
241 */
242
243 struct dict_avp_data data = {
244 124, /* Code */
245 0, /* Vendor */
246 "MIP6-Feature-Vector", /* Name */
247 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
248 AVP_FLAG_MANDATORY, /* Fixed flag values */
249 AVP_TYPE_UNSIGNED64 /* base type of data */
250 };
251
252 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
253 }
254
255 /* MIP-Mobile-Node-Address - RFC 4004 */
256 {
257 /*
258
259 */
260
261 struct dict_avp_data data = {
262 333, /* Code */
263 0, /* Vendor */
264 "MIP-Mobile-Node-Address", /* Name */
265 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
266 AVP_FLAG_MANDATORY, /* Fixed flag values */
267 AVP_TYPE_OCTETSTRING /* base type of data */
268 };
269
270 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
271 }
272
273 /* MIP-Home-Agent-Address - RFC 4004 */
274 {
275 /*
276
277 */
278
279 struct dict_avp_data data = {
280 334, /* Code */
281 0, /* Vendor */
282 "MIP-Home-Agent-Address", /* Name */
283 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
284 AVP_FLAG_MANDATORY, /* Fixed flag values */
285 AVP_TYPE_OCTETSTRING /* base type of data */
286 };
287
288 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
289 }
290
291 /* Destination-Host - Base Protocol */
292
293 /*
294 Implemented in the base protocol
295 */
296
297 /* Destination-Realm - Base Protocol */
298
299 /*
300 Implemented in the base protocol
301 */
302
303 /* MIP-Home-Agent-Host - RFC 4004 */
304 {
305 /*
306
307 */
308 struct dict_object * avp;
309 struct dict_avp_data data = {
310 348, /* Code */
311 0, /* Vendor */
312 "MIP-Home-Agent-Host", /* Name */
313 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
314 AVP_FLAG_MANDATORY, /* Fixed flag values */
315 AVP_TYPE_GROUPED /* base type of data */
316 };
317
318 struct local_rules_definition rules[] =
319 { { "Destination-Realm", RULE_REQUIRED, -1, 1 }
320 ,{ "Destination-Host", RULE_REQUIRED, -1, 1 }
321 };
322
323 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
324 PARSE_loc_rules( rules, avp );
325 }
326
327 /* MIP6-Home-Link-Prefix - RFC 5447 */
328 {
329 /*
330
331 */
332
333 struct dict_avp_data data = {
334 125, /* Code */
335 0, /* Vendor */
336 "MIP6-Home-Link-Prefix", /* Name */
337 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
338 AVP_FLAG_MANDATORY, /* Fixed flag values */
339 AVP_TYPE_OCTETSTRING /* base type of data */
340 };
341
342 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
343 }
344
345 /* MIP6-Agent-Info - RFC 5447 */
346 {
347 /*
348
349 */
350 struct dict_object * avp;
351 struct dict_avp_data data = {
352 486, /* Code */
353 0, /* Vendor */
354 "MIP6-Agent-Info", /* Name */
355 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
356 AVP_FLAG_MANDATORY, /* Fixed flag values */
357 AVP_TYPE_GROUPED /* base type of data */
358 };
359
360 struct local_rules_definition rules[] =
361 { { "MIP-Home-Agent-Address", RULE_OPTIONAL, -1, 2 }
362 ,{ "MIP-Home-Agent-Host", RULE_OPTIONAL, -1, 1 }
363 ,{ "MIP6-Home-Link-Prefix", RULE_OPTIONAL, -1, 1 }
364 };
365
366 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
367 PARSE_loc_rules( rules, avp );
368 }
369
370 /* User-Name - RFC 3588 */
371
372 /*
373 Implemented in the base protocol
374 */
375
376 /* Service-Selection - RFC 5778 */
377 {
378 /*
379
380 */
381
382 struct dict_avp_data data = {
383 493, /* Code */
384 0, /* Vendor */
385 "Service-Selection", /* Name */
386 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
387 AVP_FLAG_MANDATORY, /* Fixed flag values */
388 AVP_TYPE_OCTETSTRING /* base type of data */
389 };
390
391 CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL);
392 }
393
394 /* MIP-Replay-Mode - RFC 5778 */
395 {
396 /*
397
398 */
399 struct dict_object * type;
400 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP-Replay-Mode)" , NULL, NULL, NULL };
401 struct dict_enumval_data t_1 = { "None", { .i32 = 1 }};
402 struct dict_enumval_data t_2 = { "Timestamp", { .i32 = 2 }};
403
404 struct dict_avp_data data = {
405 346, /* Code */
406 0, /* Vendor */
407 "MIP-Replay-Mode", /* Name */
408 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
409 AVP_FLAG_MANDATORY, /* Fixed flag values */
410 AVP_TYPE_INTEGER32 /* base type of data */
411 };
412 /* Create the Enumerated type, and then the AVP */
413 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
414 CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL);
415 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL);
416 CHECK_dict_new( DICT_AVP, &data , type, NULL);
417 }
418
419 /* MIP-Algorithm-Type - RFC 5778 */
420 {
421 /*
422 The MIP-Algorithm-Type AVP (AVP Code 345) is of type Enumerated and
423 contains the Algorithm identifier for the associated Mobile IPv6
424 MN-HA Authentication Option. The Diameter server selects the
425 algorithm type. Existing algorithm types are defined in [RFC4004]
426 that also fulfill current RFC 4285 requirements. This AVP is reused
427 from [RFC4004].
428 */
429 struct dict_object * type;
430 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP-Algorithm-Type)" , NULL, NULL, NULL };
431 struct dict_enumval_data t_2 = { "HMAC-SHA-1 [HMAC]", { .i32 = 2 }};
432
433 struct dict_avp_data data = {
434 345, /* Code */
435 0, /* Vendor */
436 "MIP-Algorithm-Type", /* Name */
437 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
438 AVP_FLAG_MANDATORY, /* Fixed flag values */
439 AVP_TYPE_INTEGER32 /* base type of data */
440 };
441 /* Create the Enumerated type, and then the AVP */
442 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
443 CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL);
444 CHECK_dict_new( DICT_AVP, &data , type, NULL);
445 }
446
447 /* MIP-MN-HA-SPI - RFC 5778 */
448 {
449 /*
450
451 */
452 struct dict_avp_data data = {
453 491, /* Code */
454 0, /* Vendor */
455 "MIP-MN-HA-SPI", /* Name */
456 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
457 AVP_FLAG_MANDATORY, /* Fixed flag values */
458 AVP_TYPE_UNSIGNED32 /* base type of data */
459 };
460
461 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
462 }
463
464 /* MIP-MSA-Lifetime - RFC 5778 */
465 {
466 /*
467
468 */
469 struct dict_avp_data data = {
470 367, /* Code */
471 0, /* Vendor */
472 "MIP-MSA-Lifetime", /* Name */
473 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
474 AVP_FLAG_MANDATORY, /* Fixed flag values */
475 AVP_TYPE_UNSIGNED32 /* base type of data */
476 };
477
478 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
479 }
480
481 /* MIP-Session-Key - RFC 5778 */
482 {
483 /*
484
485 */
486 struct dict_avp_data data = {
487 343, /* Code */
488 0, /* Vendor */
489 "MIP-Session-Key", /* Name */
490 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
491 AVP_FLAG_MANDATORY, /* Fixed flag values */
492 AVP_TYPE_OCTETSTRING /* base type of data */
493 };
494
495 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
496 }
497
498 /* MIP-MN-HA-MSA - RFC 5778 */
499 {
500 /*
501
502 */
503 struct dict_object * avp;
504 struct dict_avp_data data = {
505 492, /* Code */
506 0, /* Vendor */
507 "MIP-MN-HA-MSA", /* Name */
508 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
509 AVP_FLAG_MANDATORY, /* Fixed flag values */
510 AVP_TYPE_GROUPED /* base type of data */
511 };
512
513 struct local_rules_definition rules[] =
514 { { "MIP-Session-Key", RULE_REQUIRED, -1, 1 }
515 ,{ "MIP-MSA-Lifetime", RULE_REQUIRED, -1, 1 }
516 ,{ "MIP-MN-HA-SPI", RULE_OPTIONAL, -1, 1 }
517 ,{ "MIP-Algorithm-Type", RULE_OPTIONAL, -1, 1 }
518 ,{ "MIP-Replay-Mode", RULE_OPTIONAL, -1, 1 }
519 };
520
521 CHECK_dict_new( DICT_AVP, &data , NULL, &avp);
522 PARSE_loc_rules( rules, avp );
523 }
524
525 /* Chargeable-User-Identity - RFC 5778 */
526 {
527 /*
528
529 */
530 struct dict_avp_data data = {
531 89, /* Code */
532 0, /* Vendor */
533 "Chargeable-User-Identity", /* Name */
534 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
535 AVP_FLAG_MANDATORY, /* Fixed flag values */
536 AVP_TYPE_OCTETSTRING /* base type of data */
537 };
538
539 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
540 }
541
542 //////////////
543 /* QoS AVPs */
544 //////////////
545
546 /* QoS-Capability */
547
548 /*
549 Implemented in RFC 5777
550 */
551
552 /* QoS-Resources */
553
554 /*
555 Implemented in RFC 5777
556 */
557
558 /////////////////////
559 /* Accounting AVPs */
560 /////////////////////
561
562 /* Accounting-Input-Octets - RFC 4004 */
563 {
564 /*
565
566 */
567 struct dict_avp_data data = {
568 363, /* Code */
569 0, /* Vendor */
570 "Accounting-Input-Octets", /* Name */
571 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
572 AVP_FLAG_MANDATORY, /* Fixed flag values */
573 AVP_TYPE_UNSIGNED64 /* base type of data */
574 };
575
576 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
577 }
578
579 /* Accounting-Output-Octets - RFC 4004 */
580 {
581 /*
582
583 */
584 struct dict_avp_data data = {
585 364, /* Code */
586 0, /* Vendor */
587 "Accounting-Output-Octets", /* Name */
588 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
589 AVP_FLAG_MANDATORY, /* Fixed flag values */
590 AVP_TYPE_UNSIGNED64 /* base type of data */
591 };
592
593 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
594 }
595
596 /* Accounting-Input-Packets - RFC 4004 */
597 {
598 /*
599
600 */
601 struct dict_avp_data data = {
602 365, /* Code */
603 0, /* Vendor */
604 "Accounting-Input-Packets", /* Name */
605 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
606 AVP_FLAG_MANDATORY, /* Fixed flag values */
607 AVP_TYPE_UNSIGNED64 /* base type of data */
608 };
609
610 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
611 }
612
613 /* Accounting-Output-Packets - RFC 4004 */
614 {
615 /*
616
617 */
618 struct dict_avp_data data = {
619 366, /* Code */
620 0, /* Vendor */
621 "Accounting-Output-Packets", /* Name */
622 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
623 AVP_FLAG_MANDATORY, /* Fixed flag values */
624 AVP_TYPE_UNSIGNED64 /* base type of data */
625 };
626
627 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
628 }
629
630 /* Acct-Multi-Session-Id - RFC 3588 */
631
632 /*
633 Implemented in the base protocol
634 */
635
636 /* Acct-Session-Time - RFC 4004 */
637 {
638 /*
639
640 */
641 struct dict_avp_data data = {
642 46, /* Code */
643 0, /* Vendor */
644 "Acct-Session-Time", /* Name */
645 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
646 AVP_FLAG_MANDATORY, /* Fixed flag values */
647 AVP_TYPE_UNSIGNED32 /* base type of data */
648 };
649
650 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
651 }
652
653 /* MIP-Careof-Address - RFC 5778 */
654 {
655 /*
656 This AVP is needed in MIP6I at least for implementation reasons
657 (it appears in a command)
658 */
659
660 struct dict_avp_data data = {
661 487, /* Code */
662 0, /* Vendor */
663 "MIP-Careof-Address", /* Name */
664 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
665 AVP_FLAG_MANDATORY, /* Fixed flag values */
666 AVP_TYPE_OCTETSTRING /* base type of data */
667 };
668
669 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
670 }
671
672 /////////////////////////////////////
673 /* Radius AVPs used in MIR & MIA */
674 /////////////////////////////////////
675
676 /*
677 We used the following correspondences for determining the type of the Radius AVPs
678
679 Radius Diameter
680
681 text UTF8Sting
682 string OctetString
683 address Address
684 integer Unsigned32
685 time Time
686 */
687
688
689 /* NAS-Identifier 32 3575 */
690 {
691 /*
692 string -> OctetString
693 */
694
695 struct dict_avp_data data = {
696 32, /* Code */
697 0, /* Vendor */
698 "NAS-Identifier", /* Name */
699 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
700 AVP_FLAG_MANDATORY, /* Fixed flag values */
701 AVP_TYPE_OCTETSTRING /* base type of data */
702 };
703
704 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
705 }
706
707 /* NAS-IP-Address 4 3575 */
708 {
709 /*
710 address -> Address
711 */
712
713 struct dict_avp_data data = {
714 4, /* Code */
715 0, /* Vendor */
716 "NAS-IP-Address", /* Name */
717 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
718 AVP_FLAG_MANDATORY, /* Fixed flag values */
719 AVP_TYPE_OCTETSTRING /* base type of data */
720 };
721
722 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
723 }
724
725 /* NAS-IPv6-Address 95 3162 */
726 {
727 /*
728 address -> Address
729 */
730
731 struct dict_avp_data data = {
732 95, /* Code */
733 0, /* Vendor */
734 "NAS-IPv6-Address", /* Name */
735 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
736 AVP_FLAG_MANDATORY, /* Fixed flag values */
737 AVP_TYPE_OCTETSTRING /* base type of data */
738 };
739
740 CHECK_dict_new( DICT_AVP, &data , Address_type, NULL);
741 }
742
743 /* NAS-Port-Type 61 2865 */
744 {
745 /*
746 integer -> Unsigned32
747
748 Value
749
750 The Value field is four octets. "Virtual" refers to a connection
751 to the NAS via some transport protocol, instead of through a
752 physical port. For example, if a user telnetted into a NAS to
753 authenticate himself as an Outbound-User, the Access-Request might
754 include NAS-Port-Type = Virtual as a hint to the RADIUS server
755 that the user was not on a physical port.
756
757 0 Async
758 1 Sync
759 2 ISDN Sync
760 3 ISDN Async V.120
761 4 ISDN Async V.110
762 5 Virtual
763 6 PIAFS
764 7 HDLC Clear Channel
765 8 X.25
766 9 X.75
767 10 G.3 Fax
768 11 SDSL - Symmetric DSL
769 12 ADSL-CAP - Asymmetric DSL, Carrierless Amplitude Phase
770 Modulation
771 13 ADSL-DMT - Asymmetric DSL, Discrete Multi-Tone
772 14 IDSL - ISDN Digital Subscriber Line
773 15 Ethernet
774 16 xDSL - Digital Subscriber Line of unknown type
775 17 Cable
776 18 Wireless - Other
777 19 Wireless - IEEE 802.11
778
779 PIAFS is a form of wireless ISDN commonly used in Japan, and
780 stands for PHS (Personal Handyphone System) Internet Access Forum
781 Standard (PIAFS).
782 */
783
784 struct dict_avp_data data = {
785 61, /* Code */
786 0, /* Vendor */
787 "NAS-Port-Type", /* Name */
788 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
789 AVP_FLAG_MANDATORY, /* Fixed flag values */
790 AVP_TYPE_UNSIGNED32 /* base type of data */
791 };
792
793 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
794 }
795
796 /* Called-Station-Id 30 2865 */
797 {
798 /*
799 string -> OctetString
800 */
801
802 struct dict_avp_data data = {
803 30, /* Code */
804 0, /* Vendor */
805 "Called-Station-Id", /* Name */
806 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
807 AVP_FLAG_MANDATORY, /* Fixed flag values */
808 AVP_TYPE_OCTETSTRING /* base type of data */
809 };
810
811 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
812 }
813 /* Calling-Station-Id 31 2865 */
814 {
815 /*
816 string -> OctetString
817 */
818
819 struct dict_avp_data data = {
820 31, /* Code */
821 0, /* Vendor */
822 "Calling-Station-Id", /* Name */
823 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
824 AVP_FLAG_MANDATORY, /* Fixed flag values */
825 AVP_TYPE_OCTETSTRING /* base type of data */
826 };
827
828 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
829 }
830
831 ///////////////////////////////////////////////////////////
832 /* REST OF THE AVP IN THE MIR AND MIA EXCLUDING *[AVP] */
833 ///////////////////////////////////////////////////////////
834
835 /* MIP6-Auth-Mode - RFC 5778 */
836 {
837 /*
838
839 */
840 struct dict_object * type;
841 struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(MIP6-Auth-Mode)", NULL, NULL, NULL };
842 struct dict_enumval_data t_0 = { "None", { .i32 = MIP6_AUTH_MN_AAA }};
843 struct dict_avp_data data = {
844 494, /* Code */
845 0, /* Vendor */
846 "MIP6-Auth-Mode", /* Name */
847 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
848 AVP_FLAG_MANDATORY, /* Fixed flag values */
849 AVP_TYPE_INTEGER32 /* base type of data */
850 };
851
852 /* Create the Enumerated type, and then the AVP */
853 CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type);
854 CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL);
855 CHECK_dict_new( DICT_AVP, &data , type, NULL);
856 }
857
858 /* MIP-MN-AAA-SPI - RFC 5778 */
859 {
860 /*
861
862 */
863
864 struct dict_avp_data data = {
865 341, /* Code */
866 0, /* Vendor */
867 "MIP-MN-AAA-SPI", /* Name */
868 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
869 AVP_FLAG_MANDATORY, /* Fixed flag values */
870 AVP_TYPE_UNSIGNED32 /* base type of data */
871 };
872
873 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
874 }
875
876 /* MIP-Authenticator - RFC 5778 */
877 {
878 /*
879
880 */
881 struct dict_avp_data data = {
882 488, /* Code */
883 0, /* Vendor */
884 "MIP-Authenticator", /* Name */
885 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
886 AVP_FLAG_MANDATORY, /* Fixed flag values */
887 AVP_TYPE_OCTETSTRING /* base type of data */
888 };
889
890 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
891 }
892
893 /* MIP-MAC-Mobility-Data - RFC 5778 */
894 {
895 /*
896
897 */
898 struct dict_avp_data data = {
899 489, /* Code */
900 0, /* Vendor */
901 "MIP-MAC-Mobility-Data", /* Name */
902 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
903 AVP_FLAG_MANDATORY, /* Fixed flag values */
904 AVP_TYPE_OCTETSTRING /* base type of data */
905 };
906
907 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
908 }
909
910 /* MIP-Timestamp - RFC 5778 */
911 {
912 /*
913
914 */
915 struct dict_avp_data data = {
916 490, /* Code */
917 0, /* Vendor */
918 "MIP-Timestamp", /* Name */
919 AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */
920 AVP_FLAG_MANDATORY, /* Fixed flag values */
921 AVP_TYPE_OCTETSTRING /* base type of data */
922 };
923
924 CHECK_dict_new( DICT_AVP, &data , NULL, NULL);
925 }
926 }
927
928/*******************/
929/* Command section */
930/*******************/
931
932 {
933 /* Diameter-EAP-Request (DER) */
934
935 /*
936 Defined in dict_eap
937 */
938
939 /* Diameter-EAP-Answer (DEA) - COPIED FROM dict_eap.c, SEE IT FOR MORE REFERENCE */
940
941 /*
942 Defined in dict_eap
943 */
944
945 /* MIP6-Request (MIR) */
946 {
947 /*
948
949 The MIP6-Request (MIR), indicated by the Command-Code field set to
950 325 and the 'R' bit set in the Command Flags field, is sent by the
951 HA, acting as a Diameter client, in order to request the
952 authentication and authorization of an MN.
953
954 Although the HA provides the Diameter server with replay protection-
955 related information, the HA is responsible for the replay protection.
956
957 The message format is shown below.
958
959 <MIP6-Request> ::= < Diameter Header: 325, REQ, PXY >
960 < Session-ID >
961 { Auth-Application-Id }
962 { User-Name }
963 { Destination-Realm }
964 { Origin-Host }
965 { Origin-Realm }
966 { Auth-Request-Type }
967 [ Destination-Host ]
968 [ Origin-State-Id ]
969 [ NAS-Identifier ]
970 [ NAS-IP-Address ]
971 [ NAS-IPv6-Address ]
972 [ NAS-Port-Type ]
973 [ Called-Station-Id ]
974 [ Calling-Station-Id ]
975 [ MIP6-Feature-Vector ]
976 { MIP6-Auth-Mode }
977 [ MIP-MN-AAA-SPI ]
978 [ MIP-MN-HA-SPI ]
979 1*2{ MIP-Mobile-Node-Address }
980 { MIP6-Agent-Info }
981 { MIP-Careof-Address }
982 [ MIP-Authenticator ]
983 [ MIP-MAC-Mobility-Data ]
984 [ MIP-Timestamp ]
985 [ QoS-Capability ]
986 * [ QoS-Resources ]
987 [ Chargeable-User-Identity ]
988 [ Service-Selection ]
989 [ Authorization-Lifetime ]
990 [ Auth-Session-State ]
991 * [ Proxy-Info ]
992 * [ Route-Record ]
993 * [ AVP ]
994
995 If the MN is both authenticated and authorized for the mobility
996 service, then the Auth-Request-Type AVP is set to the value
997 AUTHORIZE_AUTHENTICATE. This is the case when the MIP6-Auth-Mode is
998 set to the value MIP6_AUTH_MN_AAA.
999
1000 */
1001 struct dict_object * cmd;
1002 struct dict_cmd_data data = {
1003 325, /* Code */
1004 "MIP6-Request", /* Name */
1005 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */
1006 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */
1007 };
1008 struct local_rules_definition rules[] =
1009 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 }
1010 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 }
1011 ,{ "User-Name", RULE_REQUIRED, -1, 1 }
1012 ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 }
1013 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 }
1014 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 }
1015 ,{ "Auth-Request-Type", RULE_REQUIRED, -1, 1 }
1016 ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 }
1017 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 }
1018 ,{ "NAS-Identifier", RULE_OPTIONAL, -1, 1 }
1019 ,{ "NAS-IP-Address", RULE_OPTIONAL, -1, 1 }
1020 ,{ "NAS-IPv6-Address", RULE_OPTIONAL, -1, 1 }
1021 ,{ "NAS-Port-Type", RULE_OPTIONAL, -1, 1 }
1022 ,{ "Called-Station-Id", RULE_OPTIONAL, -1, 1 }
1023 ,{ "Calling-Station-Id", RULE_OPTIONAL, -1, 1 }
1024 ,{ "MIP6-Feature-Vector", RULE_OPTIONAL, -1, 1 }
1025 ,{ "MIP6-Auth-Mode", RULE_OPTIONAL, -1, 1 }
1026 ,{ "MIP-MN-AAA-SPI", RULE_OPTIONAL, -1, 1 }
1027 ,{ "MIP-MN-HA-SPI", RULE_OPTIONAL, -1, 1 }
1028 ,{ "MIP-Mobile-Node-Address", RULE_OPTIONAL, 1, 2 }
1029 ,{ "MIP6-Agent-Info", RULE_OPTIONAL, -1, 1 }
1030 ,{ "MIP-Careof-Address", RULE_OPTIONAL, -1, 1 }
1031 ,{ "MIP-Authenticator", RULE_OPTIONAL, -1, 1 }
1032 ,{ "MIP-MAC-Mobility-Data", RULE_OPTIONAL, -1, 1 }
1033 ,{ "MIP-Timestamp", RULE_OPTIONAL, -1, 1 }
1034 ,{ "QoS-Capability", RULE_OPTIONAL, -1, 1 }
1035 ,{ "QoS-Resources", RULE_OPTIONAL, -1, -1 }
1036 ,{ "Chargeable-User-Identity", RULE_OPTIONAL, -1, 1 }
1037 ,{ "Service-Selection", RULE_OPTIONAL, -1, 1 }
1038 ,{ "Authorization-Lifetime", RULE_OPTIONAL, -1, 1 }
1039 ,{ "Auth-Session-State", RULE_OPTIONAL, -1, 1 }
1040 ,{ "Proxy-Info", RULE_OPTIONAL, -1, -1 }
1041 ,{ "Route-Record", RULE_OPTIONAL, -1, -1 }
1042 };
1043
1044 CHECK_dict_new( DICT_COMMAND, &data, mip6i, &cmd);
1045 PARSE_loc_rules( rules, cmd );
1046 }
1047
1048 /* MIP6-Answer (MIA) */
1049 {
1050 /*
1051
1052 The MIP6-Answer (MIA) message, indicated by the Command-Code field
1053 set to 325 and the 'R' bit cleared in the Command Flags field, is
1054 sent by the Diameter server in response to the MIP6-Request message.
1055
1056 The User-Name AVP MAY be included in the MIA if it is present in the
1057 MIR. The Result-Code AVP MAY contain one of the values defined in
1058 Section 7, in addition to the values defined in [RFC3588].
1059
1060 An MIA message with the Result-Code AVP set to DIAMETER_SUCCESS MUST
1061 include the MIP-Mobile-Node-Address AVP.
1062
1063 The message format is shown below.
1064
1065 <MIP6-Answer> ::= < Diameter Header: 325, PXY >
1066 < Session-Id >
1067 { Auth-Application-Id }
1068 { Result-Code }
1069 { Origin-Host }
1070 { Origin-Realm }
1071 { Auth-Request-Type }
1072 [ User-Name ]
1073 [ Authorization-Lifetime ]
1074 [ Auth-Session-State ]
1075 [ Error-Message ]
1076 [ Error-Reporting-Host ]
1077 [ Re-Auth-Request-Type ]
1078 [ MIP6-Feature-Vector ]
1079 [ MIP6-Agent-Info ]
1080 *2[ MIP-Mobile-Node-Address ]
1081 [ MIP-MN-HA-MSA ]
1082 * [ QoS-Resources ]
1083 [ Chargeable-User-Identity ]
1084 [ Service-Selection ]
1085 [ Origin-State-Id ]
1086 * [ Proxy-Info ]
1087 * [ Redirect-Host ]
1088 [ Redirect-Host-Usage ]
1089 [ Redirect-Max-Cache-Time ]
1090 * [ Failed-AVP ]
1091 * [ AVP ]
1092
1093 */
1094 struct dict_object * cmd;
1095 struct dict_cmd_data data = {
1096 325, /* Code */
1097 "MIP6-Answer", /* Name */
1098 CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */
1099 CMD_FLAG_PROXIABLE /* Fixed flag values */
1100 };
1101 struct local_rules_definition rules[] =
1102 { { "Session-Id", RULE_FIXED_HEAD, -1, 1 }
1103 ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 }
1104 ,{ "Result-Code", RULE_REQUIRED, -1, 1 }
1105 ,{ "Origin-Host", RULE_REQUIRED, -1, 1 }
1106 ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 }
1107 ,{ "Auth-Request-Type", RULE_REQUIRED, -1, 1 }
1108 ,{ "User-Name", RULE_OPTIONAL, -1, 1 }
1109 ,{ "Authorization-Lifetime", RULE_OPTIONAL, -1, 1 }
1110 ,{ "Auth-Session-State", RULE_OPTIONAL, -1, 1 }
1111 ,{ "Error-Message", RULE_OPTIONAL, -1, 1 }
1112 ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 }
1113 ,{ "Re-Auth-Request-Type", RULE_OPTIONAL, -1, 1 }
1114 ,{ "MIP6-Feature-Vector", RULE_OPTIONAL, -1, 1 }
1115 ,{ "MIP6-Agent-Info", RULE_OPTIONAL, -1, 1 }
1116 ,{ "MIP-Mobile-Node-Address", RULE_OPTIONAL, -1, 2 }
1117 ,{ "MIP-MN-HA-MSA", RULE_OPTIONAL, -1, 1 }
1118 ,{ "QoS-Resources", RULE_OPTIONAL, -1, -1 }
1119 ,{ "Chargeable-User-Identity", RULE_OPTIONAL, -1, 1 }
1120 ,{ "Service-Selection", RULE_OPTIONAL, -1, 1 }
1121 ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 }
1122 ,{ "Proxy-Info", RULE_OPTIONAL, -1, -1 }
1123 ,{ "Redirect-Host", RULE_OPTIONAL, -1, -1 }
1124 ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 }
1125 ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 }
1126 ,{ "Failed-AVP", RULE_OPTIONAL, -1, -1 }
1127 };
1128
1129 CHECK_dict_new( DICT_COMMAND, &data, mip6i, &cmd);
1130 PARSE_loc_rules( rules, cmd );
1131 }
1132 }
1133
1134 LOG_D( "Dictionary Extension 'Diameter Mobile IPv6 IKE (MIP6I)' initialized");
1135 return 0;
1136}
1137EXTENSION_ENTRY("dict_mip6i", dict_mip6i_init, "dict_rfc5777");