Brian Waters | 13d9601 | 2017-12-08 16:53:31 -0600 | [diff] [blame^] | 1 | /********************************************************************************************************* |
| 2 | * Software License Agreement (BSD License) * |
| 3 | * Author: Sebastien Decugis <sdecugis@freediameter.net> * |
| 4 | * * |
| 5 | * Copyright (c) 2013, WIDE Project and NICT * |
| 6 | * All rights reserved. * |
| 7 | * * |
| 8 | * Redistribution and use of this software in source and binary forms, with or without modification, are * |
| 9 | * permitted provided that the following conditions are met: * |
| 10 | * * |
| 11 | * * Redistributions of source code must retain the above * |
| 12 | * copyright notice, this list of conditions and the * |
| 13 | * following disclaimer. * |
| 14 | * * |
| 15 | * * Redistributions in binary form must reproduce the above * |
| 16 | * copyright notice, this list of conditions and the * |
| 17 | * following disclaimer in the documentation and/or other * |
| 18 | * materials provided with the distribution. * |
| 19 | * * |
| 20 | * * Neither the name of the WIDE Project or NICT nor the * |
| 21 | * names of its contributors may be used to endorse or * |
| 22 | * promote products derived from this software without * |
| 23 | * specific prior written permission of WIDE Project and * |
| 24 | * NICT. * |
| 25 | * * |
| 26 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED * |
| 27 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * |
| 28 | * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR * |
| 29 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * |
| 30 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * |
| 31 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * |
| 32 | * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * |
| 33 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * |
| 34 | *********************************************************************************************************/ |
| 35 | |
| 36 | /* Diameter Base protocol definitions. |
| 37 | */ |
| 38 | |
| 39 | #include "fdcore-internal.h" |
| 40 | |
| 41 | #include <netinet/in.h> |
| 42 | #include <sys/socket.h> |
| 43 | |
| 44 | /* The pointer for the global dictionary (initialized from main) */ |
| 45 | struct dictionary * fd_g_dict = NULL; |
| 46 | |
| 47 | |
| 48 | |
| 49 | #define CHECK_dict_new( _type, _data, _parent, _ref ) \ |
| 50 | CHECK_FCT( fd_dict_new( dict, (_type), (_data), (_parent), (_ref)) ); |
| 51 | |
| 52 | #define CHECK_dict_search( _type, _criteria, _what, _result ) \ |
| 53 | CHECK_FCT( fd_dict_search( dict, (_type), (_criteria), (_what), (_result), ENOENT) ); |
| 54 | |
| 55 | struct local_rules_definition { |
| 56 | char *avp_name; |
| 57 | enum rule_position position; |
| 58 | int min; |
| 59 | int max; |
| 60 | }; |
| 61 | |
| 62 | #define RULE_ORDER( _position ) ((((_position) == RULE_FIXED_HEAD) || ((_position) == RULE_FIXED_TAIL)) ? 1 : 0 ) |
| 63 | |
| 64 | #define PARSE_loc_rules( _rulearray, _parent) { \ |
| 65 | int __ar; \ |
| 66 | for (__ar=0; __ar < sizeof(_rulearray) / sizeof((_rulearray)[0]); __ar++) { \ |
| 67 | struct dict_rule_data __data = { NULL, \ |
| 68 | (_rulearray)[__ar].position, \ |
| 69 | 0, \ |
| 70 | (_rulearray)[__ar].min, \ |
| 71 | (_rulearray)[__ar].max}; \ |
| 72 | __data.rule_order = RULE_ORDER(__data.rule_position); \ |
| 73 | CHECK_FCT( fd_dict_search( \ |
| 74 | dict, \ |
| 75 | DICT_AVP, \ |
| 76 | AVP_BY_NAME, \ |
| 77 | (_rulearray)[__ar].avp_name, \ |
| 78 | &__data.rule_avp, 0 ) ); \ |
| 79 | if ( !__data.rule_avp ) { \ |
| 80 | TRACE_DEBUG(INFO, "AVP Not found: '%s'", (_rulearray)[__ar].avp_name ); \ |
| 81 | return ENOENT; \ |
| 82 | } \ |
| 83 | CHECK_FCT_DO( fd_dict_new( dict, DICT_RULE, &__data, _parent, NULL), \ |
| 84 | { \ |
| 85 | TRACE_DEBUG(INFO, "Error on rule with AVP '%s'", \ |
| 86 | (_rulearray)[__ar].avp_name ); \ |
| 87 | return EINVAL; \ |
| 88 | } ); \ |
| 89 | } \ |
| 90 | } |
| 91 | |
| 92 | int fd_dict_base_protocol(struct dictionary * dict) |
| 93 | { |
| 94 | TRACE_ENTRY("%p", dict); |
| 95 | CHECK_PARAMS(dict); |
| 96 | |
| 97 | /* Vendors section */ |
| 98 | { |
| 99 | /* The base RFC has no vendor information */ |
| 100 | ; |
| 101 | } |
| 102 | |
| 103 | /* Applications section */ |
| 104 | { |
| 105 | /* base accounting application */ |
| 106 | { |
| 107 | struct dict_application_data data = { 3, "Diameter Base Accounting" }; |
| 108 | CHECK_dict_new( DICT_APPLICATION, &data, NULL, NULL); |
| 109 | } |
| 110 | |
| 111 | /* relay application */ |
| 112 | { |
| 113 | struct dict_application_data data = { 0xffffffff, "Relay" }; |
| 114 | #if AI_RELAY != 0xffffffff |
| 115 | #error "AI_RELAY definition mismatch" |
| 116 | #endif |
| 117 | CHECK_dict_new( DICT_APPLICATION, &data , NULL, NULL); |
| 118 | } |
| 119 | } |
| 120 | |
| 121 | /* Derived AVP types section */ |
| 122 | { |
| 123 | /* Address */ |
| 124 | { |
| 125 | /* |
| 126 | The Address format is derived from the OctetString AVP Base |
| 127 | Format. It is a discriminated union, representing, for example a |
| 128 | 32-bit (IPv4) [RFC791] or 128-bit (IPv6) [RFC4291] address, most |
| 129 | significant octet first. The first two octets of the Address AVP |
| 130 | represents the AddressType, which contains an Address Family |
| 131 | defined in [IANAADFAM]. The AddressType is used to discriminate |
| 132 | the content and format of the remaining octets. |
| 133 | */ |
| 134 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "Address" , fd_dictfct_Address_interpret , fd_dictfct_Address_encode, fd_dictfct_Address_dump }; |
| 135 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 136 | } |
| 137 | |
| 138 | /* Time */ |
| 139 | { |
| 140 | /* |
| 141 | The Time format is derived from the OctetString AVP Base Format. |
| 142 | The string MUST contain four octets, in the same format as the |
| 143 | first four bytes are in the NTP timestamp format. The NTP |
| 144 | Timestamp format is defined in chapter 3 of [RFC4330]. |
| 145 | |
| 146 | This represents the number of seconds since 0h on 1 January 1900 |
| 147 | with respect to the Coordinated Universal Time (UTC). |
| 148 | |
| 149 | On 6h 28m 16s UTC, 7 February 2036 the time value will overflow. |
| 150 | SNTP [RFC4330] describes a procedure to extend the time to 2104. |
| 151 | This procedure MUST be supported by all DIAMETER nodes. |
| 152 | */ |
| 153 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "Time" , fd_dictfct_Time_interpret , fd_dictfct_Time_encode, fd_dictfct_Time_dump }; |
| 154 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 155 | } |
| 156 | |
| 157 | /* UTF8String */ |
| 158 | { |
| 159 | /* |
| 160 | The UTF8String format is derived from the OctetString AVP Base |
| 161 | Format. This is a human readable string represented using the |
| 162 | ISO/IEC IS 10646-1 character set, encoded as an OctetString using |
| 163 | the UTF-8 [RFC3629] transformation format described in RFC 3629. |
| 164 | |
| 165 | Since additional code points are added by amendments to the 10646 |
| 166 | standard from time to time, implementations MUST be prepared to |
| 167 | encounter any code point from 0x00000001 to 0x7fffffff. Byte |
| 168 | sequences that do not correspond to the valid encoding of a code |
| 169 | point into UTF-8 charset or are outside this range are prohibited. |
| 170 | |
| 171 | The use of control codes SHOULD be avoided. When it is necessary |
| 172 | to represent a new line, the control code sequence CR LF SHOULD be |
| 173 | used. |
| 174 | |
| 175 | The use of leading or trailing white space SHOULD be avoided. |
| 176 | |
| 177 | For code points not directly supported by user interface hardware |
| 178 | or software, an alternative means of entry and display, such as |
| 179 | hexadecimal, MAY be provided. |
| 180 | |
| 181 | For information encoded in 7-bit US-ASCII, the UTF-8 charset is |
| 182 | identical to the US-ASCII charset. |
| 183 | |
| 184 | UTF-8 may require multiple bytes to represent a single character / |
| 185 | code point; thus the length of an UTF8String in octets may be |
| 186 | different from the number of characters encoded. |
| 187 | |
| 188 | Note that the AVP Length field of an UTF8String is measured in |
| 189 | octets, not characters. |
| 190 | */ |
| 191 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "UTF8String" , NULL , NULL , fd_dictfct_UTF8String_dump }; |
| 192 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 193 | } |
| 194 | |
| 195 | /* DiameterIdentity */ |
| 196 | { |
| 197 | /* |
| 198 | The DiameterIdentity format is derived from the OctetString AVP |
| 199 | Base Format. |
| 200 | |
| 201 | DiameterIdentity = FQDN |
| 202 | |
| 203 | |
| 204 | DiameterIdentity value is used to uniquely identify a Diameter |
| 205 | node for purposes of duplicate connection and routing loop |
| 206 | detection. |
| 207 | |
| 208 | The contents of the string MUST be the FQDN of the Diameter node. |
| 209 | If multiple Diameter nodes run on the same host, each Diameter |
| 210 | node MUST be assigned a unique DiameterIdentity. If a Diameter |
| 211 | |
| 212 | node can be identified by several FQDNs, a single FQDN should be |
| 213 | picked at startup, and used as the only DiameterIdentity for that |
| 214 | node, whatever the connection it is sent on. Note that in this |
| 215 | document, DiameterIdentity is in ASCII form in order to be |
| 216 | compatible with existing DNS infrastructure. See Appendix D for |
| 217 | interactions between the Diameter protocol and Internationalized |
| 218 | Domain Name (IDNs). |
| 219 | */ |
| 220 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "DiameterIdentity" , NULL , NULL , fd_dictfct_UTF8String_dump }; |
| 221 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 222 | } |
| 223 | |
| 224 | /* DiameterURI */ |
| 225 | { |
| 226 | /* |
| 227 | The DiameterURI MUST follow the Uniform Resource Identifiers (URI) |
| 228 | syntax [RFC3986] rules specified below: |
| 229 | |
| 230 | "aaa://" FQDN [ port ] [ transport ] [ protocol ] |
| 231 | |
| 232 | ; No transport security |
| 233 | |
| 234 | "aaas://" FQDN [ port ] [ transport ] [ protocol ] |
| 235 | |
| 236 | ; Transport security used |
| 237 | |
| 238 | FQDN = Fully Qualified Host Name |
| 239 | |
| 240 | port = ":" 1*DIGIT |
| 241 | |
| 242 | ; One of the ports used to listen for |
| 243 | ; incoming connections. |
| 244 | ; If absent, |
| 245 | ; the default Diameter port (3868) is |
| 246 | ; assumed. |
| 247 | |
| 248 | transport = ";transport=" transport-protocol |
| 249 | |
| 250 | ; One of the transports used to listen |
| 251 | ; for incoming connections. If absent, |
| 252 | ; the default SCTP [RFC2960] protocol is |
| 253 | ; assumed. UDP MUST NOT be used when |
| 254 | ; the aaa-protocol field is set to |
| 255 | ; diameter. |
| 256 | |
| 257 | transport-protocol = ( "tcp" / "sctp" / "udp" ) |
| 258 | |
| 259 | protocol = ";protocol=" aaa-protocol |
| 260 | |
| 261 | ; If absent, the default AAA protocol |
| 262 | ; is diameter. |
| 263 | |
| 264 | aaa-protocol = ( "diameter" / "radius" / "tacacs+" ) |
| 265 | |
| 266 | The following are examples of valid Diameter host identities: |
| 267 | |
| 268 | aaa://host.example.com;transport=tcp |
| 269 | aaa://host.example.com:6666;transport=tcp |
| 270 | aaa://host.example.com;protocol=diameter |
| 271 | aaa://host.example.com:6666;protocol=diameter |
| 272 | aaa://host.example.com:6666;transport=tcp;protocol=diameter |
| 273 | aaa://host.example.com:1813;transport=udp;protocol=radius |
| 274 | */ |
| 275 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "DiameterURI" , NULL , NULL , fd_dictfct_UTF8String_dump }; |
| 276 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 277 | } |
| 278 | |
| 279 | /* Enumerated */ |
| 280 | { |
| 281 | /* |
| 282 | Enumerated is derived from the Integer32 AVP Base Format. The |
| 283 | definition contains a list of valid values and their |
| 284 | interpretation and is described in the Diameter application |
| 285 | introducing the AVP. |
| 286 | */ |
| 287 | |
| 288 | /* We don't use a generic "Enumerated" type in freeDiameter. Instead, we define |
| 289 | * types of the form "Enumerated(<avpname>)" where <avpname> is replaced |
| 290 | * by the name of the AVP to which the type applies. |
| 291 | * Example: Enumerated(Disconnect-Cause) |
| 292 | */ |
| 293 | ; |
| 294 | } |
| 295 | |
| 296 | /* IPFilterRule */ |
| 297 | { |
| 298 | /* |
| 299 | The IPFilterRule format is derived from the OctetString AVP Base |
| 300 | Format and uses the ASCII charset. The rule syntax is a modified |
| 301 | subset of ipfw(8) from FreeBSD. Packets may be filtered based on |
| 302 | the following information that is associated with it: |
| 303 | |
| 304 | Direction (in or out) |
| 305 | Source and destination IP address (possibly masked) |
| 306 | Protocol |
| 307 | Source and destination port (lists or ranges) |
| 308 | TCP flags |
| 309 | IP fragment flag |
| 310 | IP options |
| 311 | ICMP types |
| 312 | |
| 313 | Rules for the appropriate direction are evaluated in order, with |
| 314 | the first matched rule terminating the evaluation. Each packet is |
| 315 | evaluated once. If no rule matches, the packet is dropped if the |
| 316 | last rule evaluated was a permit, and passed if the last rule was |
| 317 | a deny. |
| 318 | |
| 319 | IPFilterRule filters MUST follow the format: |
| 320 | |
| 321 | action dir proto from src to dst [options] |
| 322 | |
| 323 | (...skipped loooong explanation...) |
| 324 | |
| 325 | There is one kind of packet that the access device MUST always |
| 326 | discard, that is an IP fragment with a fragment offset of one. |
| 327 | This is a valid packet, but it only has one use, to try to |
| 328 | circumvent firewalls. |
| 329 | |
| 330 | An access device that is unable to interpret or apply a deny rule |
| 331 | MUST terminate the session. An access device that is unable to |
| 332 | interpret or apply a permit rule MAY apply a more restrictive |
| 333 | rule. An access device MAY apply deny rules of its own before the |
| 334 | supplied rules, for example to protect the access device owner's |
| 335 | infrastructure. |
| 336 | */ |
| 337 | struct dict_type_data data = { AVP_TYPE_OCTETSTRING, "IPFilterRule" , NULL , NULL , fd_dictfct_UTF8String_dump }; |
| 338 | CHECK_dict_new( DICT_TYPE, &data , NULL, NULL); |
| 339 | } |
| 340 | } |
| 341 | |
| 342 | /* AVP section */ |
| 343 | { |
| 344 | struct dict_object * Address_type; |
| 345 | struct dict_object * UTF8String_type; |
| 346 | struct dict_object * DiameterIdentity_type; |
| 347 | struct dict_object * DiameterURI_type; |
| 348 | struct dict_object * Time_type; |
| 349 | |
| 350 | CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Address", &Address_type); |
| 351 | CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "UTF8String", &UTF8String_type); |
| 352 | CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterIdentity", &DiameterIdentity_type); |
| 353 | CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "DiameterURI", &DiameterURI_type); |
| 354 | CHECK_dict_search( DICT_TYPE, TYPE_BY_NAME, "Time", &Time_type); |
| 355 | |
| 356 | /* Vendor-Id */ |
| 357 | { |
| 358 | /* |
| 359 | The Vendor-Id AVP (AVP Code 266) is of type Unsigned32 and contains |
| 360 | the IANA "SMI Network Management Private Enterprise Codes" [RFC3232] |
| 361 | value assigned to the vendor of the Diameter device. It is |
| 362 | envisioned that the combination of the Vendor-Id, Product-Name |
| 363 | (Section 5.3.7) and the Firmware-Revision (Section 5.3.4) AVPs may |
| 364 | provide useful debugging information. |
| 365 | |
| 366 | A Vendor-Id value of zero in the CER or CEA messages is reserved and |
| 367 | indicates that this field is ignored. |
| 368 | */ |
| 369 | struct dict_avp_data data = { |
| 370 | 266, /* Code */ |
| 371 | #if AC_VENDOR_ID != 266 |
| 372 | #error "AC_VENDOR_ID definition mismatch" |
| 373 | #endif |
| 374 | 0, /* Vendor */ |
| 375 | "Vendor-Id", /* Name */ |
| 376 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 377 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 378 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 379 | }; |
| 380 | CHECK_dict_new( DICT_AVP, &data, NULL, NULL); |
| 381 | } |
| 382 | |
| 383 | /* Firmware-Revision */ |
| 384 | { |
| 385 | /* |
| 386 | The Firmware-Revision AVP (AVP Code 267) is of type Unsigned32 and is |
| 387 | used to inform a Diameter peer of the firmware revision of the |
| 388 | issuing device. |
| 389 | |
| 390 | For devices that do not have a firmware revision (general purpose |
| 391 | computers running Diameter software modules, for instance), the |
| 392 | revision of the Diameter software module may be reported instead. |
| 393 | */ |
| 394 | struct dict_avp_data data = { |
| 395 | 267, /* Code */ |
| 396 | #if AC_FIRMWARE_REVISION != 267 |
| 397 | #error "AC_FIRMWARE_REVISION definition mismatch" |
| 398 | #endif |
| 399 | 0, /* Vendor */ |
| 400 | "Firmware-Revision", /* Name */ |
| 401 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 402 | 0, /* Fixed flag values */ |
| 403 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 404 | }; |
| 405 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 406 | } |
| 407 | |
| 408 | /* Host-IP-Address */ |
| 409 | { |
| 410 | /* |
| 411 | The Host-IP-Address AVP (AVP Code 257) is of type Address and is used |
| 412 | to inform a Diameter peer of the sender's IP address. All source |
| 413 | addresses that a Diameter node expects to use with SCTP [RFC2960] |
| 414 | MUST be advertised in the CER and CEA messages by including a |
| 415 | Host-IP- Address AVP for each address. This AVP MUST ONLY be used in |
| 416 | the CER and CEA messages. |
| 417 | */ |
| 418 | struct dict_avp_data data = { |
| 419 | 257, /* Code */ |
| 420 | #if AC_HOST_IP_ADDRESS != 257 |
| 421 | #error "AC_HOST_IP_ADDRESS definition mismatch" |
| 422 | #endif |
| 423 | 0, /* Vendor */ |
| 424 | "Host-IP-Address", /* Name */ |
| 425 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 426 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 427 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 428 | }; |
| 429 | CHECK_dict_new( DICT_AVP, &data , Address_type, NULL); |
| 430 | } |
| 431 | |
| 432 | /* Supported-Vendor-Id */ |
| 433 | { |
| 434 | /* |
| 435 | The Supported-Vendor-Id AVP (AVP Code 265) is of type Unsigned32 and |
| 436 | contains the IANA "SMI Network Management Private Enterprise Codes" |
| 437 | [RFC3232] value assigned to a vendor other than the device vendor but |
| 438 | including the application vendor. This is used in the CER and CEA |
| 439 | messages in order to inform the peer that the sender supports (a |
| 440 | subset of) the vendor-specific AVPs defined by the vendor identified |
| 441 | in this AVP. The value of this AVP SHOULD NOT be set to zero. |
| 442 | Multiple instances of this AVP containing the same value SHOULD NOT |
| 443 | be sent. |
| 444 | */ |
| 445 | struct dict_avp_data data = { |
| 446 | 265, /* Code */ |
| 447 | #if AC_SUPPORTED_VENDOR_ID != 265 |
| 448 | #error "AC_SUPPORTED_VENDOR_ID definition mismatch" |
| 449 | #endif |
| 450 | 0, /* Vendor */ |
| 451 | "Supported-Vendor-Id", /* Name */ |
| 452 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 453 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 454 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 455 | }; |
| 456 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 457 | } |
| 458 | |
| 459 | /* Product-Name */ |
| 460 | { |
| 461 | /* |
| 462 | The Product-Name AVP (AVP Code 269) is of type UTF8String, and |
| 463 | contains the vendor assigned name for the product. The Product-Name |
| 464 | AVP SHOULD remain constant across firmware revisions for the same |
| 465 | product. |
| 466 | */ |
| 467 | struct dict_avp_data data = { |
| 468 | 269, /* Code */ |
| 469 | #if AC_PRODUCT_NAME != 269 |
| 470 | #error "AC_PRODUCT_NAME definition mismatch" |
| 471 | #endif |
| 472 | 0, /* Vendor */ |
| 473 | "Product-Name", /* Name */ |
| 474 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 475 | 0, /* Fixed flag values */ |
| 476 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 477 | }; |
| 478 | CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
| 479 | } |
| 480 | |
| 481 | /* Disconnect-Cause */ |
| 482 | { |
| 483 | /* |
| 484 | The Disconnect-Cause AVP (AVP Code 273) is of type Enumerated. A |
| 485 | Diameter node MUST include this AVP in the Disconnect-Peer-Request |
| 486 | message to inform the peer of the reason for its intention to |
| 487 | shutdown the transport connection. The following values are |
| 488 | supported: |
| 489 | |
| 490 | REBOOTING 0 |
| 491 | A scheduled reboot is imminent. Receiver of DPR with above result |
| 492 | code MAY attempt reconnection. |
| 493 | |
| 494 | BUSY 1 |
| 495 | The peer's internal resources are constrained, and it has |
| 496 | determined that the transport connection needs to be closed. |
| 497 | Receiver of DPR with above result code SHOULD NOT attempt |
| 498 | reconnection. |
| 499 | |
| 500 | DO_NOT_WANT_TO_TALK_TO_YOU 2 |
| 501 | The peer has determined that it does not see a need for the |
| 502 | transport connection to exist, since it does not expect any |
| 503 | messages to be exchanged in the near future. Receiver of DPR |
| 504 | with above result code SHOULD NOT attempt reconnection. |
| 505 | */ |
| 506 | struct dict_object * type; |
| 507 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Disconnect-Cause)" , NULL, NULL, NULL }; |
| 508 | struct dict_enumval_data t_0 = { "REBOOTING", { .i32 = 0 }}; |
| 509 | struct dict_enumval_data t_1 = { "BUSY", { .i32 = 1 }}; |
| 510 | struct dict_enumval_data t_2 = { "DO_NOT_WANT_TO_TALK_TO_YOU", { .i32 = 2 }}; |
| 511 | struct dict_avp_data data = { |
| 512 | 273, /* Code */ |
| 513 | #if AC_DISCONNECT_CAUSE != 273 |
| 514 | #error "AC_DISCONNECT_CAUSE definition mismatch" |
| 515 | #endif |
| 516 | 0, /* Vendor */ |
| 517 | "Disconnect-Cause", /* Name */ |
| 518 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 519 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 520 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 521 | }; |
| 522 | /* Create the Enumerated type, and then the AVP */ |
| 523 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 524 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 525 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 526 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 527 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 528 | } |
| 529 | |
| 530 | /* Origin-Host */ |
| 531 | { |
| 532 | /* |
| 533 | The Origin-Host AVP (AVP Code 264) is of type DiameterIdentity, and |
| 534 | MUST be present in all Diameter messages. This AVP identifies the |
| 535 | endpoint that originated the Diameter message. Relay agents MUST NOT |
| 536 | modify this AVP. |
| 537 | |
| 538 | The value of the Origin-Host AVP is guaranteed to be unique within a |
| 539 | single host. |
| 540 | |
| 541 | Note that the Origin-Host AVP may resolve to more than one address as |
| 542 | the Diameter peer may support more than one address. |
| 543 | |
| 544 | This AVP SHOULD be placed as close to the Diameter header as |
| 545 | possible. |
| 546 | */ |
| 547 | struct dict_avp_data data = { |
| 548 | 264, /* Code */ |
| 549 | #if AC_ORIGIN_HOST != 264 |
| 550 | #error "AC_ORIGIN_HOST definition mismatch" |
| 551 | #endif |
| 552 | 0, /* Vendor */ |
| 553 | "Origin-Host", /* Name */ |
| 554 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 555 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 556 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 557 | }; |
| 558 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 559 | } |
| 560 | |
| 561 | /* Origin-Realm */ |
| 562 | { |
| 563 | /* |
| 564 | The Origin-Realm AVP (AVP Code 296) is of type DiameterIdentity. |
| 565 | This AVP contains the Realm of the originator of any Diameter message |
| 566 | and MUST be present in all messages. |
| 567 | |
| 568 | This AVP SHOULD be placed as close to the Diameter header as |
| 569 | possible. |
| 570 | */ |
| 571 | struct dict_avp_data data = { |
| 572 | 296, /* Code */ |
| 573 | #if AC_ORIGIN_REALM != 296 |
| 574 | #error "AC_ORIGIN_REALM definition mismatch" |
| 575 | #endif |
| 576 | 0, /* Vendor */ |
| 577 | "Origin-Realm", /* Name */ |
| 578 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 579 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 580 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 581 | }; |
| 582 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 583 | } |
| 584 | |
| 585 | /* Destination-Host */ |
| 586 | { |
| 587 | /* |
| 588 | The Destination-Host AVP (AVP Code 293) is of type DiameterIdentity. |
| 589 | This AVP MUST be present in all unsolicited agent initiated messages, |
| 590 | MAY be present in request messages, and MUST NOT be present in Answer |
| 591 | messages. |
| 592 | |
| 593 | The absence of the Destination-Host AVP will cause a message to be |
| 594 | sent to any Diameter server supporting the application within the |
| 595 | realm specified in Destination-Realm AVP. |
| 596 | |
| 597 | This AVP SHOULD be placed as close to the Diameter header as |
| 598 | possible. |
| 599 | */ |
| 600 | struct dict_avp_data data = { |
| 601 | 293, /* Code */ |
| 602 | #if AC_DESTINATION_HOST != 293 |
| 603 | #error "AC_DESTINATION_HOST definition mismatch" |
| 604 | #endif |
| 605 | 0, /* Vendor */ |
| 606 | "Destination-Host", /* Name */ |
| 607 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 608 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 609 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 610 | }; |
| 611 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 612 | } |
| 613 | |
| 614 | /* Destination-Realm */ |
| 615 | { |
| 616 | /* |
| 617 | The Destination-Realm AVP (AVP Code 283) is of type DiameterIdentity, |
| 618 | and contains the realm the message is to be routed to. The |
| 619 | Destination-Realm AVP MUST NOT be present in Answer messages. |
| 620 | Diameter Clients insert the realm portion of the User-Name AVP. |
| 621 | Diameter servers initiating a request message use the value of the |
| 622 | Origin-Realm AVP from a previous message received from the intended |
| 623 | target host (unless it is known a priori). When present, the |
| 624 | Destination-Realm AVP is used to perform message routing decisions. |
| 625 | |
| 626 | Request messages whose ABNF does not list the Destination-Realm AVP |
| 627 | as a mandatory AVP are inherently non-routable messages. |
| 628 | |
| 629 | This AVP SHOULD be placed as close to the Diameter header as |
| 630 | possible. |
| 631 | */ |
| 632 | struct dict_avp_data data = { |
| 633 | 283, /* Code */ |
| 634 | #if AC_DESTINATION_REALM != 283 |
| 635 | #error "AC_DESTINATION_REALM definition mismatch" |
| 636 | #endif |
| 637 | 0, /* Vendor */ |
| 638 | "Destination-Realm", /* Name */ |
| 639 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 640 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 641 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 642 | }; |
| 643 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 644 | } |
| 645 | |
| 646 | /* Route-Record */ |
| 647 | { |
| 648 | /* |
| 649 | The Route-Record AVP (AVP Code 282) is of type DiameterIdentity. The |
| 650 | identity added in this AVP MUST be the same as the one received in |
| 651 | the Origin-Host of the Capabilities Exchange message. |
| 652 | */ |
| 653 | struct dict_avp_data data = { |
| 654 | 282, /* Code */ |
| 655 | #if AC_ROUTE_RECORD != 282 |
| 656 | #error "AC_ROUTE_RECORD definition mismatch" |
| 657 | #endif |
| 658 | 0, /* Vendor */ |
| 659 | "Route-Record", /* Name */ |
| 660 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 661 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 662 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 663 | }; |
| 664 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 665 | } |
| 666 | |
| 667 | /* Proxy-Host */ |
| 668 | { |
| 669 | /* |
| 670 | The Proxy-Host AVP (AVP Code 280) is of type DiameterIdentity. This |
| 671 | AVP contains the identity of the host that added the Proxy-Info AVP. |
| 672 | */ |
| 673 | struct dict_avp_data adata = { |
| 674 | 280, /* Code */ |
| 675 | #if AC_PROXY_HOST != 280 |
| 676 | #error "AC_PROXY_HOST definition mismatch" |
| 677 | #endif |
| 678 | 0, /* Vendor */ |
| 679 | "Proxy-Host", /* Name */ |
| 680 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 681 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 682 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 683 | }; |
| 684 | CHECK_dict_new( DICT_AVP, &adata , DiameterIdentity_type, NULL); |
| 685 | } |
| 686 | |
| 687 | /* Proxy-State */ |
| 688 | { |
| 689 | /* |
| 690 | The Proxy-State AVP (AVP Code 33) is of type OctetString, and |
| 691 | contains state local information, and MUST be treated as opaque data. |
| 692 | */ |
| 693 | struct dict_avp_data adata = { |
| 694 | 33, /* Code */ |
| 695 | #if AC_PROXY_STATE != 33 |
| 696 | #error "AC_PROXY_STATE definition mismatch" |
| 697 | #endif |
| 698 | 0, /* Vendor */ |
| 699 | "Proxy-State", /* Name */ |
| 700 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 701 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 702 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 703 | }; |
| 704 | CHECK_dict_new( DICT_AVP, &adata , NULL, NULL); |
| 705 | } |
| 706 | |
| 707 | /* Proxy-Info */ |
| 708 | { |
| 709 | /* |
| 710 | The Proxy-Info AVP (AVP Code 284) is of type Grouped. The Grouped |
| 711 | Data field has the following ABNF grammar: |
| 712 | |
| 713 | Proxy-Info ::= < AVP Header: 284 > |
| 714 | { Proxy-Host } |
| 715 | { Proxy-State } |
| 716 | * [ AVP ] |
| 717 | */ |
| 718 | struct dict_object * avp; |
| 719 | struct dict_avp_data data = { |
| 720 | 284, /* Code */ |
| 721 | #if AC_PROXY_INFO != 284 |
| 722 | #error "AC_PROXY_INFO definition mismatch" |
| 723 | #endif |
| 724 | 0, /* Vendor */ |
| 725 | "Proxy-Info", /* Name */ |
| 726 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 727 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 728 | AVP_TYPE_GROUPED /* base type of data */ |
| 729 | }; |
| 730 | struct local_rules_definition rules[] = |
| 731 | { { "Proxy-Host", RULE_REQUIRED, -1, 1 } |
| 732 | ,{ "Proxy-State", RULE_REQUIRED, -1, 1 } |
| 733 | }; |
| 734 | |
| 735 | CHECK_dict_new( DICT_AVP, &data , NULL, &avp); |
| 736 | PARSE_loc_rules( rules, avp ); |
| 737 | } |
| 738 | |
| 739 | /* Auth-Application-Id */ |
| 740 | { |
| 741 | /* |
| 742 | The Auth-Application-Id AVP (AVP Code 258) is of type Unsigned32 and |
| 743 | is used in order to advertise support of the Authentication and |
| 744 | Authorization portion of an application (see Section 2.4). If |
| 745 | present in a message other than CER and CEA, the value of the Auth- |
| 746 | Application-Id AVP MUST match the Application Id present in the |
| 747 | Diameter message header. |
| 748 | */ |
| 749 | struct dict_avp_data data = { |
| 750 | 258, /* Code */ |
| 751 | #if AC_AUTH_APPLICATION_ID != 258 |
| 752 | #error "AC_AUTH_APPLICATION_ID definition mismatch" |
| 753 | #endif |
| 754 | 0, /* Vendor */ |
| 755 | "Auth-Application-Id", /* Name */ |
| 756 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 757 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 758 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 759 | }; |
| 760 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 761 | } |
| 762 | |
| 763 | /* Acct-Application-Id */ |
| 764 | { |
| 765 | /* |
| 766 | The Acct-Application-Id AVP (AVP Code 259) is of type Unsigned32 and |
| 767 | is used in order to advertise support of the Accounting portion of an |
| 768 | application (see Section 2.4). If present in a message other than |
| 769 | CER and CEA, the value of the Acct-Application-Id AVP MUST match the |
| 770 | Application Id present in the Diameter message header. |
| 771 | */ |
| 772 | struct dict_avp_data data = { |
| 773 | 259, /* Code */ |
| 774 | #if AC_ACCT_APPLICATION_ID != 259 |
| 775 | #error "AC_ACCT_APPLICATION_ID definition mismatch" |
| 776 | #endif |
| 777 | 0, /* Vendor */ |
| 778 | "Acct-Application-Id", /* Name */ |
| 779 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 780 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 781 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 782 | }; |
| 783 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 784 | } |
| 785 | |
| 786 | /* Inband-Security-Id */ |
| 787 | { |
| 788 | /* |
| 789 | The Inband-Security-Id AVP (AVP Code 299) is of type Unsigned32 and |
| 790 | is used in order to advertise support of the Security portion of the |
| 791 | application. |
| 792 | |
| 793 | Currently, the following values are supported, but there is ample |
| 794 | room to add new security Ids. |
| 795 | |
| 796 | |
| 797 | NO_INBAND_SECURITY 0 |
| 798 | |
| 799 | This peer does not support TLS. This is the default value, if the |
| 800 | AVP is omitted. |
| 801 | |
| 802 | TLS 1 |
| 803 | |
| 804 | This node supports TLS security, as defined by [RFC4346]. |
| 805 | */ |
| 806 | |
| 807 | /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
| 808 | * This is the reason for the "*" in the type name |
| 809 | */ |
| 810 | |
| 811 | struct dict_object * type; |
| 812 | struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated(Inband-Security-Id)" , NULL, NULL, NULL }; |
| 813 | struct dict_enumval_data t_0 = { "NO_INBAND_SECURITY", { .u32 = ACV_ISI_NO_INBAND_SECURITY }}; |
| 814 | struct dict_enumval_data t_1 = { "TLS", { .u32 = ACV_ISI_TLS }}; |
| 815 | struct dict_avp_data data = { |
| 816 | 299, /* Code */ |
| 817 | #if AC_INBAND_SECURITY_ID != 299 |
| 818 | #error "AC_INBAND_SECURITY_ID definition mismatch" |
| 819 | #endif |
| 820 | 0, /* Vendor */ |
| 821 | "Inband-Security-Id", /* Name */ |
| 822 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 823 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 824 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 825 | }; |
| 826 | /* Create the Enumerated type, and then the AVP */ |
| 827 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 828 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 829 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 830 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 831 | } |
| 832 | |
| 833 | /* Vendor-Specific-Application-Id */ |
| 834 | { |
| 835 | /* |
| 836 | The Vendor-Specific-Application-Id AVP (AVP Code 260) is of type |
| 837 | Grouped and is used to advertise support of a vendor-specific |
| 838 | Diameter Application. Exactly one instance of either Auth- |
| 839 | Application-Id or Acct-Application-Id AVP MUST be present. The |
| 840 | Application Id carried by either Auth-Application-Id or Acct- |
| 841 | Application-Id AVP MUST comply with vendor specific Application Id |
| 842 | assignment described in Sec 11.3. It MUST also match the Application |
| 843 | Id present in the diameter header except when used in a CER or CEA |
| 844 | messages. |
| 845 | |
| 846 | The Vendor-Id AVP is an informational AVP pertaining to the vendor |
| 847 | who may have authorship of the vendor-specific Diameter application. |
| 848 | It MUST NOT be used as a means of defining a completely separate |
| 849 | vendor-specific Application Id space. |
| 850 | |
| 851 | This AVP MUST also be present as the first AVP in all experimental |
| 852 | commands defined in the vendor-specific application. |
| 853 | |
| 854 | This AVP SHOULD be placed as close to the Diameter header as |
| 855 | possible. |
| 856 | |
| 857 | AVP Format |
| 858 | |
| 859 | <Vendor-Specific-Application-Id> ::= < AVP Header: 260 > |
| 860 | { Vendor-Id } |
| 861 | [ Auth-Application-Id ] |
| 862 | [ Acct-Application-Id ] |
| 863 | |
| 864 | A Vendor-Specific-Application-Id AVP MUST contain exactly one of |
| 865 | either Auth-Application-Id or Acct-Application-Id. If a Vendor- |
| 866 | Specific-Application-Id is received without any of these two AVPs, |
| 867 | then the recipient SHOULD issue an answer with a Result-Code set to |
| 868 | DIAMETER_MISSING_AVP. The answer SHOULD also include a Failed-AVP |
| 869 | which MUST contain an example of an Auth-Application-Id AVP and an |
| 870 | Acct-Application-Id AVP. |
| 871 | |
| 872 | If a Vendor-Specific-Application-Id is received that contains both |
| 873 | Auth-Application-Id and Acct-Application-Id, then the recipient |
| 874 | SHOULD issue an answer with Result-Code set to |
| 875 | DIAMETER_AVP_OCCURS_TOO_MANY_TIMES. The answer SHOULD also include a |
| 876 | Failed-AVP which MUST contain the received Auth-Application-Id AVP |
| 877 | and Acct-Application-Id AVP. |
| 878 | */ |
| 879 | struct dict_object * avp; |
| 880 | struct dict_avp_data data = { |
| 881 | 260, /* Code */ |
| 882 | #if AC_VENDOR_SPECIFIC_APPLICATION_ID != 260 |
| 883 | #error "AC_VENDOR_SPECIFIC_APPLICATION_ID definition mismatch" |
| 884 | #endif |
| 885 | 0, /* Vendor */ |
| 886 | "Vendor-Specific-Application-Id", /* Name */ |
| 887 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 888 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 889 | AVP_TYPE_GROUPED /* base type of data */ |
| 890 | }; |
| 891 | |
| 892 | struct local_rules_definition rules[] = |
| 893 | { |
| 894 | #ifndef WORKAROUND_ACCEPT_INVALID_VSAI |
| 895 | /* ABNF from RFC6733 */ |
| 896 | { "Vendor-Id", RULE_REQUIRED, -1, 1 } |
| 897 | #else /* WORKAROUND_ACCEPT_INVALID_VSAI */ |
| 898 | /* ABNF from RFC3588 (including erratum, because original text is nonsense) */ |
| 899 | { "Vendor-Id", RULE_REQUIRED, -1, -1} |
| 900 | #endif /* WORKAROUND_ACCEPT_INVALID_VSAI */ |
| 901 | ,{ "Auth-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 902 | ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 903 | }; |
| 904 | |
| 905 | /* Create the grouped AVP */ |
| 906 | CHECK_dict_new( DICT_AVP, &data , NULL, &avp); |
| 907 | PARSE_loc_rules( rules, avp ); |
| 908 | |
| 909 | } |
| 910 | |
| 911 | /* Redirect-Host */ |
| 912 | { |
| 913 | /* |
| 914 | One or more of instances of this AVP MUST be present if the answer |
| 915 | message's 'E' bit is set and the Result-Code AVP is set to |
| 916 | DIAMETER_REDIRECT_INDICATION. |
| 917 | |
| 918 | Upon receiving the above, the receiving Diameter node SHOULD forward |
| 919 | the request directly to one of the hosts identified in these AVPs. |
| 920 | The server contained in the selected Redirect-Host AVP SHOULD be used |
| 921 | for all messages pertaining to this session. |
| 922 | */ |
| 923 | struct dict_avp_data data = { |
| 924 | 292, /* Code */ |
| 925 | #if AC_REDIRECT_HOST != 292 |
| 926 | #error "AC_REDIRECT_HOST definition mismatch" |
| 927 | #endif |
| 928 | 0, /* Vendor */ |
| 929 | "Redirect-Host", /* Name */ |
| 930 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 931 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 932 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 933 | }; |
| 934 | CHECK_dict_new( DICT_AVP, &data , DiameterURI_type, NULL); |
| 935 | } |
| 936 | |
| 937 | /* Redirect-Host-Usage */ |
| 938 | { |
| 939 | /* |
| 940 | The Redirect-Host-Usage AVP (AVP Code 261) is of type Enumerated. |
| 941 | This AVP MAY be present in answer messages whose 'E' bit is set and |
| 942 | the Result-Code AVP is set to DIAMETER_REDIRECT_INDICATION. |
| 943 | |
| 944 | When present, this AVP dictates how the routing entry resulting from |
| 945 | the Redirect-Host is to be used. The following values are supported: |
| 946 | |
| 947 | |
| 948 | DONT_CACHE 0 |
| 949 | |
| 950 | The host specified in the Redirect-Host AVP should not be cached. |
| 951 | This is the default value. |
| 952 | |
| 953 | |
| 954 | ALL_SESSION 1 |
| 955 | |
| 956 | All messages within the same session, as defined by the same value |
| 957 | of the Session-ID AVP MAY be sent to the host specified in the |
| 958 | Redirect-Host AVP. |
| 959 | |
| 960 | |
| 961 | ALL_REALM 2 |
| 962 | |
| 963 | All messages destined for the realm requested MAY be sent to the |
| 964 | host specified in the Redirect-Host AVP. |
| 965 | |
| 966 | |
| 967 | REALM_AND_APPLICATION 3 |
| 968 | |
| 969 | All messages for the application requested to the realm specified |
| 970 | MAY be sent to the host specified in the Redirect-Host AVP. |
| 971 | |
| 972 | ALL_APPLICATION 4 |
| 973 | |
| 974 | All messages for the application requested MAY be sent to the host |
| 975 | specified in the Redirect-Host AVP. |
| 976 | |
| 977 | |
| 978 | ALL_HOST 5 |
| 979 | |
| 980 | All messages that would be sent to the host that generated the |
| 981 | Redirect-Host MAY be sent to the host specified in the Redirect- |
| 982 | Host AVP. |
| 983 | |
| 984 | |
| 985 | ALL_USER 6 |
| 986 | |
| 987 | All messages for the user requested MAY be sent to the host |
| 988 | specified in the Redirect-Host AVP. |
| 989 | |
| 990 | |
| 991 | When multiple cached routes are created by redirect indications and |
| 992 | they differ only in redirect usage and peers to forward requests to |
| 993 | (see Section 6.1.8), a precedence rule MUST be applied to the |
| 994 | redirect usage values of the cached routes during normal routing to |
| 995 | resolve contentions that may occur. The precedence rule is the order |
| 996 | that dictate which redirect usage should be considered before any |
| 997 | other as they appear. The order is as follows: |
| 998 | |
| 999 | |
| 1000 | 1. ALL_SESSION |
| 1001 | |
| 1002 | 2. ALL_USER |
| 1003 | |
| 1004 | 3. REALM_AND_APPLICATION |
| 1005 | |
| 1006 | 4. ALL_REALM |
| 1007 | |
| 1008 | 5. ALL_APPLICATION |
| 1009 | |
| 1010 | 6. ALL_HOST |
| 1011 | */ |
| 1012 | struct dict_object * type; |
| 1013 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Redirect-Host-Usage)" , NULL, NULL, NULL }; |
| 1014 | struct dict_enumval_data t_0 = { "DONT_CACHE", { .i32 = 0 }}; |
| 1015 | struct dict_enumval_data t_1 = { "ALL_SESSION", { .i32 = 1 }}; |
| 1016 | struct dict_enumval_data t_2 = { "ALL_REALM", { .i32 = 2 }}; |
| 1017 | struct dict_enumval_data t_3 = { "REALM_AND_APPLICATION", { .i32 = 3 }}; |
| 1018 | struct dict_enumval_data t_4 = { "ALL_APPLICATION", { .i32 = 4 }}; |
| 1019 | struct dict_enumval_data t_5 = { "ALL_HOST", { .i32 = 5 }}; |
| 1020 | struct dict_enumval_data t_6 = { "ALL_USER", { .i32 = 6 }}; |
| 1021 | struct dict_avp_data data = { |
| 1022 | 261, /* Code */ |
| 1023 | #if AC_REDIRECT_HOST_USAGE != 261 |
| 1024 | #error "AC_REDIRECT_HOST_USAGE definition mismatch" |
| 1025 | #endif |
| 1026 | 0, /* Vendor */ |
| 1027 | "Redirect-Host-Usage", /* Name */ |
| 1028 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1029 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1030 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 1031 | }; |
| 1032 | /* Create the Enumerated type, and then the AVP */ |
| 1033 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1034 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 1035 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 1036 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 1037 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 1038 | CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
| 1039 | CHECK_dict_new( DICT_ENUMVAL, &t_5 , type, NULL); |
| 1040 | CHECK_dict_new( DICT_ENUMVAL, &t_6 , type, NULL); |
| 1041 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1042 | } |
| 1043 | |
| 1044 | /* Redirect-Max-Cache-Time */ |
| 1045 | { |
| 1046 | /* |
| 1047 | The Redirect-Max-Cache-Time AVP (AVP Code 262) is of type Unsigned32. |
| 1048 | This AVP MUST be present in answer messages whose 'E' bit is set, the |
| 1049 | Result-Code AVP is set to DIAMETER_REDIRECT_INDICATION and the |
| 1050 | Redirect-Host-Usage AVP set to a non-zero value. |
| 1051 | |
| 1052 | This AVP contains the maximum number of seconds the peer and route |
| 1053 | table entries, created as a result of the Redirect-Host, will be |
| 1054 | cached. Note that once a host created due to a redirect indication |
| 1055 | is no longer reachable, any associated peer and routing table entries |
| 1056 | MUST be deleted. |
| 1057 | */ |
| 1058 | struct dict_avp_data data = { |
| 1059 | 262, /* Code */ |
| 1060 | #if AC_REDIRECT_MAX_CACHE_TIME != 262 |
| 1061 | #error "AC_REDIRECT_MAX_CACHE_TIME definition mismatch" |
| 1062 | #endif |
| 1063 | 0, /* Vendor */ |
| 1064 | "Redirect-Max-Cache-Time", /* Name */ |
| 1065 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1066 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1067 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1068 | }; |
| 1069 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1070 | } |
| 1071 | |
| 1072 | /* Result-Code */ |
| 1073 | { |
| 1074 | /* |
| 1075 | The Result-Code AVP (AVP Code 268) is of type Unsigned32 and |
| 1076 | indicates whether a particular request was completed successfully or |
| 1077 | whether an error occurred. All Diameter answer messages defined in |
| 1078 | IETF applications MUST include one Result-Code AVP. A non-successful |
| 1079 | Result-Code AVP (one containing a non 2xxx value other than |
| 1080 | DIAMETER_REDIRECT_INDICATION) MUST include the Error-Reporting-Host |
| 1081 | AVP if the host setting the Result-Code AVP is different from the |
| 1082 | identity encoded in the Origin-Host AVP. |
| 1083 | |
| 1084 | The Result-Code data field contains an IANA-managed 32-bit address |
| 1085 | space representing errors (see Section 11.4). Diameter provides the |
| 1086 | following classes of errors, all identified by the thousands digit in |
| 1087 | the decimal notation: |
| 1088 | |
| 1089 | o 1xxx (Informational) |
| 1090 | |
| 1091 | o 2xxx (Success) |
| 1092 | |
| 1093 | o 3xxx (Protocol Errors) |
| 1094 | |
| 1095 | o 4xxx (Transient Failures) |
| 1096 | |
| 1097 | o 5xxx (Permanent Failure) |
| 1098 | |
| 1099 | A non-recognized class (one whose first digit is not defined in this |
| 1100 | section) MUST be handled as a permanent failure. |
| 1101 | */ |
| 1102 | |
| 1103 | /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
| 1104 | * This is the reason for the "*" in the type name |
| 1105 | */ |
| 1106 | struct dict_object * type; |
| 1107 | struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated(Result-Code)" , NULL, NULL, NULL }; |
| 1108 | struct dict_avp_data data = { |
| 1109 | 268, /* Code */ |
| 1110 | #if AC_RESULT_CODE != 268 |
| 1111 | #error "AC_RESULT_CODE definition mismatch" |
| 1112 | #endif |
| 1113 | 0, /* Vendor */ |
| 1114 | "Result-Code", /* Name */ |
| 1115 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1116 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1117 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1118 | }; |
| 1119 | /* Create the Enumerated type, and then the AVP */ |
| 1120 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1121 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1122 | |
| 1123 | /* Informational */ |
| 1124 | { |
| 1125 | /* 1001 */ |
| 1126 | { |
| 1127 | /* |
| 1128 | This informational error is returned by a Diameter server to |
| 1129 | inform the access device that the authentication mechanism being |
| 1130 | used requires multiple round trips, and a subsequent request needs |
| 1131 | to be issued in order for access to be granted. |
| 1132 | */ |
| 1133 | struct dict_enumval_data error_code = { "DIAMETER_MULTI_ROUND_AUTH", { .u32 = ER_DIAMETER_MULTI_ROUND_AUTH }}; |
| 1134 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1135 | } |
| 1136 | } |
| 1137 | /* Success */ |
| 1138 | { |
| 1139 | /* 2001 */ |
| 1140 | { |
| 1141 | /* |
| 1142 | The Request was successfully completed. |
| 1143 | */ |
| 1144 | struct dict_enumval_data error_code = { "DIAMETER_SUCCESS", { .u32 = ER_DIAMETER_SUCCESS }}; |
| 1145 | #if ER_DIAMETER_SUCCESS != 2001 |
| 1146 | #error "ER_DIAMETER_SUCCESS definition mismatch" |
| 1147 | #endif |
| 1148 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1149 | } |
| 1150 | /* 2002 */ |
| 1151 | { |
| 1152 | /* |
| 1153 | When returned, the request was successfully completed, but |
| 1154 | additional processing is required by the application in order to |
| 1155 | provide service to the user. |
| 1156 | */ |
| 1157 | struct dict_enumval_data error_code = { "DIAMETER_LIMITED_SUCCESS", { .u32 = ER_DIAMETER_LIMITED_SUCCESS }}; |
| 1158 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1159 | } |
| 1160 | } |
| 1161 | /* Protocol Errors */ |
| 1162 | { |
| 1163 | /* 3001 -- might be changed to 5xxx soon */ |
| 1164 | { |
| 1165 | /* |
| 1166 | The Request contained a Command-Code that the receiver did not |
| 1167 | recognize or support. This MUST be used when a Diameter node |
| 1168 | receives an experimental command that it does not understand. |
| 1169 | */ |
| 1170 | struct dict_enumval_data error_code = { "DIAMETER_COMMAND_UNSUPPORTED", { .u32 = ER_DIAMETER_COMMAND_UNSUPPORTED }}; |
| 1171 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1172 | } |
| 1173 | /* 3002 */ |
| 1174 | { |
| 1175 | /* |
| 1176 | This error is given when Diameter can not deliver the message to |
| 1177 | the destination, either because no host within the realm |
| 1178 | supporting the required application was available to process the |
| 1179 | request, or because Destination-Host AVP was given without the |
| 1180 | associated Destination-Realm AVP. |
| 1181 | */ |
| 1182 | struct dict_enumval_data error_code = { "DIAMETER_UNABLE_TO_DELIVER", { .u32 = ER_DIAMETER_UNABLE_TO_DELIVER }}; |
| 1183 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1184 | } |
| 1185 | /* 3003 */ |
| 1186 | { |
| 1187 | /* |
| 1188 | The intended realm of the request is not recognized. |
| 1189 | */ |
| 1190 | struct dict_enumval_data error_code = { "DIAMETER_REALM_NOT_SERVED", { .u32 = ER_DIAMETER_REALM_NOT_SERVED }}; |
| 1191 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1192 | } |
| 1193 | /* 3004 */ |
| 1194 | { |
| 1195 | /* |
| 1196 | When returned, a Diameter node SHOULD attempt to send the message |
| 1197 | to an alternate peer. This error MUST only be used when a |
| 1198 | specific server is requested, and it cannot provide the requested |
| 1199 | service. |
| 1200 | */ |
| 1201 | struct dict_enumval_data error_code = { "DIAMETER_TOO_BUSY", { .u32 = ER_DIAMETER_TOO_BUSY }}; |
| 1202 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1203 | } |
| 1204 | /* 3005 */ |
| 1205 | { |
| 1206 | /* |
| 1207 | An agent detected a loop while trying to get the message to the |
| 1208 | intended recipient. The message MAY be sent to an alternate peer, |
| 1209 | if one is available, but the peer reporting the error has |
| 1210 | identified a configuration problem. |
| 1211 | */ |
| 1212 | struct dict_enumval_data error_code = { "DIAMETER_LOOP_DETECTED", { .u32 = ER_DIAMETER_LOOP_DETECTED }}; |
| 1213 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1214 | } |
| 1215 | /* 3006 */ |
| 1216 | { |
| 1217 | /* |
| 1218 | A redirect agent has determined that the request could not be |
| 1219 | satisfied locally and the initiator of the request should direct |
| 1220 | the request directly to the server, whose contact information has |
| 1221 | been added to the response. When set, the Redirect-Host AVP MUST |
| 1222 | be present. |
| 1223 | */ |
| 1224 | struct dict_enumval_data error_code = { "DIAMETER_REDIRECT_INDICATION", { .u32 = ER_DIAMETER_REDIRECT_INDICATION }}; |
| 1225 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1226 | } |
| 1227 | /* 3007 */ |
| 1228 | { |
| 1229 | /* |
| 1230 | A request was sent for an application that is not supported. |
| 1231 | */ |
| 1232 | struct dict_enumval_data error_code = { "DIAMETER_APPLICATION_UNSUPPORTED", { .u32 = ER_DIAMETER_APPLICATION_UNSUPPORTED }}; |
| 1233 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1234 | } |
| 1235 | /* 3008 -- will change to 5xxx soon */ |
| 1236 | { |
| 1237 | /* |
| 1238 | A request was received whose bits in the Diameter header were |
| 1239 | either set to an invalid combination, or to a value that is |
| 1240 | inconsistent with the command code's definition. |
| 1241 | */ |
| 1242 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_HDR_BITS", { .u32 = ER_DIAMETER_INVALID_HDR_BITS }}; |
| 1243 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1244 | } |
| 1245 | /* 3009 -- will change to 5xxx soon */ |
| 1246 | { |
| 1247 | /* |
| 1248 | A request was received that included an AVP whose flag bits are |
| 1249 | set to an unrecognized value, or that is inconsistent with the |
| 1250 | AVP's definition. |
| 1251 | */ |
| 1252 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_BITS", { .u32 = ER_DIAMETER_INVALID_AVP_BITS }}; |
| 1253 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1254 | } |
| 1255 | /* 3010 -- will change to 5xxx soon */ |
| 1256 | { |
| 1257 | /* |
| 1258 | A CER was received from an unknown peer. |
| 1259 | */ |
| 1260 | struct dict_enumval_data error_code = { "DIAMETER_UNKNOWN_PEER", { .u32 = ER_DIAMETER_UNKNOWN_PEER }}; |
| 1261 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1262 | } |
| 1263 | } |
| 1264 | /* Transient Failures */ |
| 1265 | { |
| 1266 | /* 4001 */ |
| 1267 | { |
| 1268 | /* |
| 1269 | The authentication process for the user failed, most likely due to |
| 1270 | an invalid password used by the user. Further attempts MUST only |
| 1271 | be tried after prompting the user for a new password. |
| 1272 | */ |
| 1273 | struct dict_enumval_data error_code = { "DIAMETER_AUTHENTICATION_REJECTED", { .u32 = ER_DIAMETER_AUTHENTICATION_REJECTED }}; |
| 1274 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1275 | } |
| 1276 | /* 4002 */ |
| 1277 | { |
| 1278 | /* |
| 1279 | A Diameter node received the accounting request but was unable to |
| 1280 | commit it to stable storage due to a temporary lack of space. |
| 1281 | */ |
| 1282 | struct dict_enumval_data error_code = { "DIAMETER_OUT_OF_SPACE", { .u32 = ER_DIAMETER_OUT_OF_SPACE }}; |
| 1283 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1284 | } |
| 1285 | /* 4003 */ |
| 1286 | { |
| 1287 | /* |
| 1288 | The peer has determined that it has lost the election process and |
| 1289 | has therefore disconnected the transport connection. |
| 1290 | */ |
| 1291 | struct dict_enumval_data error_code = { "ELECTION_LOST", { .u32 = ER_ELECTION_LOST }}; |
| 1292 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1293 | } |
| 1294 | } |
| 1295 | /* Permanent Failures */ |
| 1296 | { |
| 1297 | /* 5001 */ |
| 1298 | { |
| 1299 | /* |
| 1300 | The peer received a message that contained an AVP that is not |
| 1301 | recognized or supported and was marked with the Mandatory bit. A |
| 1302 | Diameter message with this error MUST contain one or more Failed- |
| 1303 | AVP AVP containing the AVPs that caused the failure. |
| 1304 | */ |
| 1305 | struct dict_enumval_data error_code = { "DIAMETER_AVP_UNSUPPORTED", { .u32 = ER_DIAMETER_AVP_UNSUPPORTED }}; |
| 1306 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1307 | } |
| 1308 | /* 5002 */ |
| 1309 | { |
| 1310 | /* |
| 1311 | The request contained an unknown Session-Id. |
| 1312 | */ |
| 1313 | struct dict_enumval_data error_code = { "DIAMETER_UNKNOWN_SESSION_ID", { .u32 = ER_DIAMETER_UNKNOWN_SESSION_ID }}; |
| 1314 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1315 | } |
| 1316 | /* 5003 */ |
| 1317 | { |
| 1318 | /* |
| 1319 | A request was received for which the user could not be authorized. |
| 1320 | This error could occur if the service requested is not permitted |
| 1321 | to the user. |
| 1322 | */ |
| 1323 | struct dict_enumval_data error_code = { "DIAMETER_AUTHORIZATION_REJECTED",{ .u32 = ER_DIAMETER_AUTHORIZATION_REJECTED }}; |
| 1324 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1325 | } |
| 1326 | /* 5004 */ |
| 1327 | { |
| 1328 | /* |
| 1329 | The request contained an AVP with an invalid value in its data |
| 1330 | portion. A Diameter message indicating this error MUST include |
| 1331 | the offending AVPs within a Failed-AVP AVP. |
| 1332 | */ |
| 1333 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_VALUE", { .u32 = ER_DIAMETER_INVALID_AVP_VALUE }}; |
| 1334 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1335 | } |
| 1336 | /* 5005 */ |
| 1337 | { |
| 1338 | /* |
| 1339 | The request did not contain an AVP that is required by the Command |
| 1340 | Code definition. If this value is sent in the Result-Code AVP, a |
| 1341 | Failed-AVP AVP SHOULD be included in the message. The Failed-AVP |
| 1342 | AVP MUST contain an example of the missing AVP complete with the |
| 1343 | Vendor-Id if applicable. The value field of the missing AVP |
| 1344 | should be of correct minimum length and contain zeroes. |
| 1345 | */ |
| 1346 | struct dict_enumval_data error_code = { "DIAMETER_MISSING_AVP", { .u32 = ER_DIAMETER_MISSING_AVP }}; |
| 1347 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1348 | } |
| 1349 | /* 5006 */ |
| 1350 | { |
| 1351 | /* |
| 1352 | A request was received that cannot be authorized because the user |
| 1353 | has already expended allowed resources. An example of this error |
| 1354 | condition is a user that is restricted to one dial-up PPP port, |
| 1355 | attempts to establish a second PPP connection. |
| 1356 | */ |
| 1357 | struct dict_enumval_data error_code = { "DIAMETER_RESOURCES_EXCEEDED", { .u32 = ER_DIAMETER_RESOURCES_EXCEEDED }}; |
| 1358 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1359 | } |
| 1360 | /* 5007 */ |
| 1361 | { |
| 1362 | /* |
| 1363 | The Home Diameter server has detected AVPs in the request that |
| 1364 | contradicted each other, and is not willing to provide service to |
| 1365 | the user. The Failed-AVP AVPs MUST be present which contains the |
| 1366 | AVPs that contradicted each other. |
| 1367 | */ |
| 1368 | struct dict_enumval_data error_code = { "DIAMETER_CONTRADICTING_AVPS", { .u32 = ER_DIAMETER_CONTRADICTING_AVPS }}; |
| 1369 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1370 | } |
| 1371 | /* 5008 */ |
| 1372 | { |
| 1373 | /* |
| 1374 | A message was received with an AVP that MUST NOT be present. The |
| 1375 | Failed-AVP AVP MUST be included and contain a copy of the |
| 1376 | offending AVP. |
| 1377 | */ |
| 1378 | struct dict_enumval_data error_code = { "DIAMETER_AVP_NOT_ALLOWED", { .u32 = ER_DIAMETER_AVP_NOT_ALLOWED }}; |
| 1379 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1380 | } |
| 1381 | /* 5009 */ |
| 1382 | { |
| 1383 | /* |
| 1384 | A message was received that included an AVP that appeared more |
| 1385 | often than permitted in the message definition. The Failed-AVP |
| 1386 | AVP MUST be included and contain a copy of the first instance of |
| 1387 | the offending AVP that exceeded the maximum number of occurrences |
| 1388 | */ |
| 1389 | struct dict_enumval_data error_code = { "DIAMETER_AVP_OCCURS_TOO_MANY_TIMES",{ .u32 = ER_DIAMETER_AVP_OCCURS_TOO_MANY_TIMES }}; |
| 1390 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1391 | } |
| 1392 | /* 5010 */ |
| 1393 | { |
| 1394 | /* |
| 1395 | This error is returned by a Diameter node that is not acting as a |
| 1396 | relay when it receives a CER which advertises a set of |
| 1397 | applications that it does not support. |
| 1398 | */ |
| 1399 | struct dict_enumval_data error_code = { "DIAMETER_NO_COMMON_APPLICATION",{ .u32 = ER_DIAMETER_NO_COMMON_APPLICATION }}; |
| 1400 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1401 | } |
| 1402 | /* 5011 */ |
| 1403 | { |
| 1404 | /* |
| 1405 | This error is returned when a request was received, whose version |
| 1406 | number is unsupported. |
| 1407 | */ |
| 1408 | struct dict_enumval_data error_code = { "DIAMETER_UNSUPPORTED_VERSION", { .u32 = ER_DIAMETER_UNSUPPORTED_VERSION }}; |
| 1409 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1410 | } |
| 1411 | /* 5012 */ |
| 1412 | { |
| 1413 | /* |
| 1414 | This error is returned when a request is rejected for unspecified |
| 1415 | reasons. |
| 1416 | */ |
| 1417 | struct dict_enumval_data error_code = { "DIAMETER_UNABLE_TO_COMPLY", { .u32 = ER_DIAMETER_UNABLE_TO_COMPLY }}; |
| 1418 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1419 | } |
| 1420 | /* 5013 -- will change to 3xxx */ |
| 1421 | { |
| 1422 | /* |
| 1423 | This error is returned when an unrecognized bit in the Diameter |
| 1424 | header is set to one (1). |
| 1425 | */ |
| 1426 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_BIT_IN_HEADER", { .u32 = ER_DIAMETER_INVALID_BIT_IN_HEADER }}; |
| 1427 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1428 | } |
| 1429 | /* 5014 */ |
| 1430 | { |
| 1431 | /* |
| 1432 | The request contained an AVP with an invalid length. A Diameter |
| 1433 | message indicating this error MUST include the offending AVPs |
| 1434 | within a Failed-AVP AVP. In cases where the erroneous avp length |
| 1435 | value exceeds the message length or is less than the minimum AVP |
| 1436 | header length, it is sufficient to include the offending AVP |
| 1437 | header and a zero filled payload of the minimum required length |
| 1438 | for the payloads data type. If the AVP is a grouped AVP, the |
| 1439 | grouped AVP header with an empty payload would be sufficient to |
| 1440 | indicate the offending AVP. In the case where the offending AVP |
| 1441 | header cannot be fully decoded when avp length is less than the |
| 1442 | minimum AVP header length, it is sufficient to include an |
| 1443 | offending AVP header that is formulated by padding the incomplete |
| 1444 | AVP header with zero up to the minimum AVP header length. |
| 1445 | */ |
| 1446 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_LENGTH", { .u32 = ER_DIAMETER_INVALID_AVP_LENGTH }}; |
| 1447 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1448 | } |
| 1449 | /* 5015 -- will change to 3xxx */ |
| 1450 | { |
| 1451 | /* |
| 1452 | This error is returned when a request is received with an invalid |
| 1453 | message length. |
| 1454 | */ |
| 1455 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_MESSAGE_LENGTH", { .u32 = ER_DIAMETER_INVALID_MESSAGE_LENGTH }}; |
| 1456 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1457 | } |
| 1458 | /* 5016 */ |
| 1459 | { |
| 1460 | /* |
| 1461 | The request contained an AVP with which is not allowed to have the |
| 1462 | given value in the AVP Flags field. A Diameter message indicating |
| 1463 | this error MUST include the offending AVPs within a Failed-AVP |
| 1464 | AVP. |
| 1465 | */ |
| 1466 | struct dict_enumval_data error_code = { "DIAMETER_INVALID_AVP_BIT_COMBO", { .u32 = ER_DIAMETER_INVALID_AVP_BIT_COMBO }}; |
| 1467 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1468 | } |
| 1469 | /* 5017 */ |
| 1470 | { |
| 1471 | /* |
| 1472 | This error is returned when a CER message is received, and there |
| 1473 | are no common security mechanisms supported between the peers. A |
| 1474 | Capabilities-Exchange-Answer (CEA) MUST be returned with the |
| 1475 | Result-Code AVP set to DIAMETER_NO_COMMON_SECURITY. |
| 1476 | */ |
| 1477 | struct dict_enumval_data error_code = { "DIAMETER_NO_COMMON_SECURITY", { .u32 = ER_DIAMETER_NO_COMMON_SECURITY }}; |
| 1478 | CHECK_dict_new( DICT_ENUMVAL, &error_code , type, NULL); |
| 1479 | } |
| 1480 | } |
| 1481 | } |
| 1482 | |
| 1483 | /* Error-Message */ |
| 1484 | { |
| 1485 | /* |
| 1486 | The Error-Message AVP (AVP Code 281) is of type UTF8String. It MAY |
| 1487 | accompany a Result-Code AVP as a human readable error message. The |
| 1488 | Error-Message AVP is not intended to be useful in real-time, and |
| 1489 | SHOULD NOT be expected to be parsed by network entities. |
| 1490 | */ |
| 1491 | struct dict_avp_data data = { |
| 1492 | 281, /* Code */ |
| 1493 | #if AC_ERROR_MESSAGE != 281 |
| 1494 | #error "AC_ERROR_MESSAGE definition mismatch" |
| 1495 | #endif |
| 1496 | 0, /* Vendor */ |
| 1497 | "Error-Message", /* Name */ |
| 1498 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1499 | 0, /* Fixed flag values */ |
| 1500 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 1501 | }; |
| 1502 | CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
| 1503 | } |
| 1504 | |
| 1505 | /* Error-Reporting-Host */ |
| 1506 | { |
| 1507 | /* |
| 1508 | The Error-Reporting-Host AVP (AVP Code 294) is of type |
| 1509 | DiameterIdentity. This AVP contains the identity of the Diameter |
| 1510 | host that sent the Result-Code AVP to a value other than 2001 |
| 1511 | (Success), only if the host setting the Result-Code is different from |
| 1512 | the one encoded in the Origin-Host AVP. This AVP is intended to be |
| 1513 | used for troubleshooting purposes, and MUST be set when the Result- |
| 1514 | Code AVP indicates a failure. |
| 1515 | */ |
| 1516 | struct dict_avp_data data = { |
| 1517 | 294, /* Code */ |
| 1518 | #if AC_ERROR_REPORTING_HOST != 294 |
| 1519 | #error "AC_ERROR_REPORTING_HOST definition mismatch" |
| 1520 | #endif |
| 1521 | 0, /* Vendor */ |
| 1522 | "Error-Reporting-Host", /* Name */ |
| 1523 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1524 | 0, /* Fixed flag values */ |
| 1525 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 1526 | }; |
| 1527 | CHECK_dict_new( DICT_AVP, &data , DiameterIdentity_type, NULL); |
| 1528 | } |
| 1529 | |
| 1530 | /* Failed-AVP */ |
| 1531 | { |
| 1532 | /* |
| 1533 | The Failed-AVP AVP (AVP Code 279) is of type Grouped and provides |
| 1534 | debugging information in cases where a request is rejected or not |
| 1535 | fully processed due to erroneous information in a specific AVP. The |
| 1536 | value of the Result-Code AVP will provide information on the reason |
| 1537 | for the Failed-AVP AVP. A Diameter message SHOULD contain only one |
| 1538 | Failed-AVP that corresponds to the error indicated by the Result-Code |
| 1539 | AVP. For practical purposes, this Failed-AVP would typically refer |
| 1540 | to the first AVP processing error that a Diameter node encounters. |
| 1541 | |
| 1542 | The possible reasons for this AVP are the presence of an improperly |
| 1543 | constructed AVP, an unsupported or unrecognized AVP, an invalid AVP |
| 1544 | value, the omission of a required AVP, the presence of an explicitly |
| 1545 | excluded AVP (see tables in Section 10), or the presence of two or |
| 1546 | more occurrences of an AVP which is restricted to 0, 1, or 0-1 |
| 1547 | occurrences. |
| 1548 | |
| 1549 | A Diameter message SHOULD contain one Failed-AVP AVP, containing the |
| 1550 | entire AVP that could not be processed successfully. If the failure |
| 1551 | reason is omission of a required AVP, an AVP with the missing AVP |
| 1552 | code, the missing vendor id, and a zero filled payload of the minimum |
| 1553 | required length for the omitted AVP will be added. If the failure |
| 1554 | reason is an invalid AVP length where the reported length is less |
| 1555 | than the minimum AVP header length or greater than the reported |
| 1556 | message length, a copy of the offending AVP header and a zero filled |
| 1557 | payload of the minimum required length SHOULD be added. |
| 1558 | |
| 1559 | In the case where the offending AVP is embedded within a grouped AVP, |
| 1560 | the Failed-AVP MAY contain the grouped AVP which in turn contains the |
| 1561 | single offending AVP. The same method MAY be employed if the grouped |
| 1562 | AVP itself is embedded in yet another grouped AVP and so on. In this |
| 1563 | case, the Failed-AVP MAY contain the grouped AVP heirarchy up to the |
| 1564 | single offending AVP. This enables the recipient to detect the |
| 1565 | location of the offending AVP when embedded in a group. |
| 1566 | |
| 1567 | AVP Format |
| 1568 | |
| 1569 | <Failed-AVP> ::= < AVP Header: 279 > |
| 1570 | 1* {AVP} |
| 1571 | */ |
| 1572 | struct dict_avp_data data = { |
| 1573 | 279, /* Code */ |
| 1574 | #if AC_FAILED_AVP != 279 |
| 1575 | #error "AC_FAILED_AVP definition mismatch" |
| 1576 | #endif |
| 1577 | 0, /* Vendor */ |
| 1578 | "Failed-AVP", /* Name */ |
| 1579 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1580 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1581 | AVP_TYPE_GROUPED /* base type of data */ |
| 1582 | }; |
| 1583 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1584 | } |
| 1585 | |
| 1586 | /* Experimental-Result */ |
| 1587 | { |
| 1588 | /* |
| 1589 | The Experimental-Result AVP (AVP Code 297) is of type Grouped, and |
| 1590 | indicates whether a particular vendor-specific request was completed |
| 1591 | successfully or whether an error occurred. Its Data field has the |
| 1592 | following ABNF grammar: |
| 1593 | |
| 1594 | AVP Format |
| 1595 | |
| 1596 | Experimental-Result ::= < AVP Header: 297 > |
| 1597 | { Vendor-Id } |
| 1598 | { Experimental-Result-Code } |
| 1599 | |
| 1600 | The Vendor-Id AVP (see Section 5.3.3) in this grouped AVP identifies |
| 1601 | the vendor responsible for the assignment of the result code which |
| 1602 | follows. All Diameter answer messages defined in vendor-specific |
| 1603 | applications MUST include either one Result-Code AVP or one |
| 1604 | Experimental-Result AVP. |
| 1605 | */ |
| 1606 | struct dict_avp_data data = { |
| 1607 | 297, /* Code */ |
| 1608 | 0, /* Vendor */ |
| 1609 | "Experimental-Result", /* Name */ |
| 1610 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1611 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1612 | AVP_TYPE_GROUPED /* base type of data */ |
| 1613 | }; |
| 1614 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1615 | } |
| 1616 | |
| 1617 | /* Experimental-Result-Code */ |
| 1618 | { |
| 1619 | /* |
| 1620 | The Experimental-Result-Code AVP (AVP Code 298) is of type Unsigned32 |
| 1621 | and contains a vendor-assigned value representing the result of |
| 1622 | processing the request. |
| 1623 | |
| 1624 | It is recommended that vendor-specific result codes follow the same |
| 1625 | conventions given for the Result-Code AVP regarding the different |
| 1626 | types of result codes and the handling of errors (for non 2xxx |
| 1627 | values). |
| 1628 | */ |
| 1629 | /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
| 1630 | * This is the reason for the "*" in the type name. Vendors will have to define their values. |
| 1631 | */ |
| 1632 | struct dict_object * type; |
| 1633 | struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated(Experimental-Result-Code)" , NULL, NULL, NULL }; |
| 1634 | struct dict_avp_data data = { |
| 1635 | 298, /* Code */ |
| 1636 | 0, /* Vendor */ |
| 1637 | "Experimental-Result-Code", /* Name */ |
| 1638 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1639 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1640 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1641 | }; |
| 1642 | |
| 1643 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1644 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1645 | } |
| 1646 | |
| 1647 | /* Auth-Request-Type */ |
| 1648 | { |
| 1649 | /* |
| 1650 | The Auth-Request-Type AVP (AVP Code 274) is of type Enumerated and is |
| 1651 | included in application-specific auth requests to inform the peers |
| 1652 | whether a user is to be authenticated only, authorized only or both. |
| 1653 | Note any value other than both MAY cause RADIUS interoperability |
| 1654 | issues. The following values are defined: |
| 1655 | |
| 1656 | |
| 1657 | AUTHENTICATE_ONLY 1 |
| 1658 | |
| 1659 | The request being sent is for authentication only, and MUST |
| 1660 | contain the relevant application specific authentication AVPs that |
| 1661 | are needed by the Diameter server to authenticate the user. |
| 1662 | |
| 1663 | |
| 1664 | AUTHORIZE_ONLY 2 |
| 1665 | |
| 1666 | The request being sent is for authorization only, and MUST contain |
| 1667 | the application specific authorization AVPs that are necessary to |
| 1668 | identify the service being requested/offered. |
| 1669 | |
| 1670 | |
| 1671 | AUTHORIZE_AUTHENTICATE 3 |
| 1672 | |
| 1673 | The request contains a request for both authentication and |
| 1674 | authorization. The request MUST include both the relevant |
| 1675 | application specific authentication information, and authorization |
| 1676 | information necessary to identify the service being requested/ |
| 1677 | offered. |
| 1678 | */ |
| 1679 | struct dict_object * type; |
| 1680 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Auth-Request-Type)" , NULL, NULL, NULL }; |
| 1681 | struct dict_enumval_data t_1 = { "AUTHENTICATE_ONLY", { .i32 = 1 }}; |
| 1682 | struct dict_enumval_data t_2 = { "AUTHORIZE_ONLY", { .i32 = 2 }}; |
| 1683 | struct dict_enumval_data t_3 = { "AUTHORIZE_AUTHENTICATE", { .i32 = 3 }}; |
| 1684 | struct dict_avp_data data = { |
| 1685 | 274, /* Code */ |
| 1686 | 0, /* Vendor */ |
| 1687 | "Auth-Request-Type", /* Name */ |
| 1688 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1689 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1690 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 1691 | }; |
| 1692 | /* Create the Enumerated type, and then the AVP */ |
| 1693 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1694 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 1695 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 1696 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 1697 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1698 | } |
| 1699 | |
| 1700 | /* Session-Id */ |
| 1701 | { |
| 1702 | /* |
| 1703 | The Session-Id AVP (AVP Code 263) is of type UTF8String and is used |
| 1704 | to identify a specific session (see Section 8). All messages |
| 1705 | pertaining to a specific session MUST include only one Session-Id AVP |
| 1706 | and the same value MUST be used throughout the life of a session. |
| 1707 | When present, the Session-Id SHOULD appear immediately following the |
| 1708 | Diameter Header (see Section 3). |
| 1709 | |
| 1710 | The Session-Id MUST be globally and eternally unique, as it is meant |
| 1711 | to uniquely identify a user session without reference to any other |
| 1712 | information, and may be needed to correlate historical authentication |
| 1713 | information with accounting information. The Session-Id includes a |
| 1714 | mandatory portion and an implementation-defined portion; a |
| 1715 | recommended format for the implementation-defined portion is outlined |
| 1716 | below. |
| 1717 | |
| 1718 | (skipped, see RFC for detail) |
| 1719 | */ |
| 1720 | struct dict_avp_data data = { |
| 1721 | 263, /* Code */ |
| 1722 | #if AC_SESSION_ID != 263 |
| 1723 | #error "AC_SESSION_ID definition mismatch" |
| 1724 | #endif |
| 1725 | 0, /* Vendor */ |
| 1726 | "Session-Id", /* Name */ |
| 1727 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1728 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1729 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 1730 | }; |
| 1731 | CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
| 1732 | } |
| 1733 | |
| 1734 | /* Authorization-Lifetime */ |
| 1735 | { |
| 1736 | /* |
| 1737 | The Authorization-Lifetime AVP (AVP Code 291) is of type Unsigned32 |
| 1738 | and contains the maximum number of seconds of service to be provided |
| 1739 | to the user before the user is to be re-authenticated and/or re- |
| 1740 | authorized. Great care should be taken when the Authorization- |
| 1741 | Lifetime value is determined, since a low, non-zero, value could |
| 1742 | create significant Diameter traffic, which could congest both the |
| 1743 | network and the agents. |
| 1744 | |
| 1745 | A value of zero (0) means that immediate re-auth is necessary by the |
| 1746 | access device. This is typically used in cases where multiple |
| 1747 | authentication methods are used, and a successful auth response with |
| 1748 | this AVP set to zero is used to signal that the next authentication |
| 1749 | method is to be immediately initiated. The absence of this AVP, or a |
| 1750 | value of all ones (meaning all bits in the 32 bit field are set to |
| 1751 | one) means no re-auth is expected. |
| 1752 | |
| 1753 | If both this AVP and the Session-Timeout AVP are present in a |
| 1754 | message, the value of the latter MUST NOT be smaller than the |
| 1755 | Authorization-Lifetime AVP. |
| 1756 | |
| 1757 | An Authorization-Lifetime AVP MAY be present in re-authorization |
| 1758 | messages, and contains the number of seconds the user is authorized |
| 1759 | to receive service from the time the re-auth answer message is |
| 1760 | received by the access device. |
| 1761 | |
| 1762 | This AVP MAY be provided by the client as a hint of the maximum |
| 1763 | lifetime that it is willing to accept. However, the server MAY |
| 1764 | return a value that is equal to, or smaller, than the one provided by |
| 1765 | the client. |
| 1766 | */ |
| 1767 | struct dict_avp_data data = { |
| 1768 | 291, /* Code */ |
| 1769 | 0, /* Vendor */ |
| 1770 | "Authorization-Lifetime", /* Name */ |
| 1771 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1772 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1773 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1774 | }; |
| 1775 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1776 | } |
| 1777 | |
| 1778 | /* Auth-Grace-Period */ |
| 1779 | { |
| 1780 | /* |
| 1781 | The Auth-Grace-Period AVP (AVP Code 276) is of type Unsigned32 and |
| 1782 | contains the number of seconds the Diameter server will wait |
| 1783 | following the expiration of the Authorization-Lifetime AVP before |
| 1784 | cleaning up resources for the session. |
| 1785 | */ |
| 1786 | struct dict_avp_data data = { |
| 1787 | 276, /* Code */ |
| 1788 | 0, /* Vendor */ |
| 1789 | "Auth-Grace-Period", /* Name */ |
| 1790 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1791 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1792 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1793 | }; |
| 1794 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1795 | } |
| 1796 | |
| 1797 | /* Auth-Session-State */ |
| 1798 | { |
| 1799 | /* |
| 1800 | The Auth-Session-State AVP (AVP Code 277) is of type Enumerated and |
| 1801 | specifies whether state is maintained for a particular session. The |
| 1802 | client MAY include this AVP in requests as a hint to the server, but |
| 1803 | the value in the server's answer message is binding. The following |
| 1804 | values are supported: |
| 1805 | |
| 1806 | |
| 1807 | STATE_MAINTAINED 0 |
| 1808 | |
| 1809 | This value is used to specify that session state is being |
| 1810 | maintained, and the access device MUST issue a session termination |
| 1811 | message when service to the user is terminated. This is the |
| 1812 | default value. |
| 1813 | |
| 1814 | |
| 1815 | NO_STATE_MAINTAINED 1 |
| 1816 | |
| 1817 | This value is used to specify that no session termination messages |
| 1818 | will be sent by the access device upon expiration of the |
| 1819 | Authorization-Lifetime. |
| 1820 | */ |
| 1821 | struct dict_object * type; |
| 1822 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Auth-Session-State)" , NULL, NULL, NULL }; |
| 1823 | struct dict_enumval_data t_0 = { "STATE_MAINTAINED", { .i32 = 0 }}; |
| 1824 | struct dict_enumval_data t_1 = { "NO_STATE_MAINTAINED", { .i32 = 1 }}; |
| 1825 | struct dict_avp_data data = { |
| 1826 | 277, /* Code */ |
| 1827 | 0, /* Vendor */ |
| 1828 | "Auth-Session-State", /* Name */ |
| 1829 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1830 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1831 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 1832 | }; |
| 1833 | /* Create the Enumerated type, and then the AVP */ |
| 1834 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1835 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 1836 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 1837 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1838 | } |
| 1839 | |
| 1840 | /* Re-Auth-Request-Type */ |
| 1841 | { |
| 1842 | /* |
| 1843 | The Re-Auth-Request-Type AVP (AVP Code 285) is of type Enumerated and |
| 1844 | is included in application-specific auth answers to inform the client |
| 1845 | of the action expected upon expiration of the Authorization-Lifetime. |
| 1846 | If the answer message contains an Authorization-Lifetime AVP with a |
| 1847 | positive value, the Re-Auth-Request-Type AVP MUST be present in an |
| 1848 | answer message. The following values are defined: |
| 1849 | |
| 1850 | |
| 1851 | AUTHORIZE_ONLY 0 |
| 1852 | |
| 1853 | An authorization only re-auth is expected upon expiration of the |
| 1854 | Authorization-Lifetime. This is the default value if the AVP is |
| 1855 | not present in answer messages that include the Authorization- |
| 1856 | Lifetime. |
| 1857 | |
| 1858 | |
| 1859 | AUTHORIZE_AUTHENTICATE 1 |
| 1860 | |
| 1861 | An authentication and authorization re-auth is expected upon |
| 1862 | expiration of the Authorization-Lifetime. |
| 1863 | */ |
| 1864 | struct dict_object * type; |
| 1865 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Re-Auth-Request-Type)" , NULL, NULL, NULL }; |
| 1866 | struct dict_enumval_data t_0 = { "AUTHORIZE_ONLY", { .i32 = 0 }}; |
| 1867 | struct dict_enumval_data t_1 = { "AUTHORIZE_AUTHENTICATE", { .i32 = 1 }}; |
| 1868 | struct dict_avp_data data = { |
| 1869 | 285, /* Code */ |
| 1870 | 0, /* Vendor */ |
| 1871 | "Re-Auth-Request-Type", /* Name */ |
| 1872 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1873 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1874 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 1875 | }; |
| 1876 | /* Create the Enumerated type, and then the AVP */ |
| 1877 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 1878 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 1879 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 1880 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 1881 | } |
| 1882 | |
| 1883 | /* Session-Timeout */ |
| 1884 | { |
| 1885 | /* |
| 1886 | The Session-Timeout AVP (AVP Code 27) [RFC2865] is of type Unsigned32 |
| 1887 | and contains the maximum number of seconds of service to be provided |
| 1888 | to the user before termination of the session. When both the |
| 1889 | Session-Timeout and the Authorization-Lifetime AVPs are present in an |
| 1890 | answer message, the former MUST be equal to or greater than the value |
| 1891 | of the latter. |
| 1892 | |
| 1893 | A session that terminates on an access device due to the expiration |
| 1894 | of the Session-Timeout MUST cause an STR to be issued, unless both |
| 1895 | the access device and the home server had previously agreed that no |
| 1896 | session termination messages would be sent (see Section 8.11). |
| 1897 | |
| 1898 | A Session-Timeout AVP MAY be present in a re-authorization answer |
| 1899 | message, and contains the remaining number of seconds from the |
| 1900 | beginning of the re-auth. |
| 1901 | |
| 1902 | A value of zero, or the absence of this AVP, means that this session |
| 1903 | has an unlimited number of seconds before termination. |
| 1904 | |
| 1905 | This AVP MAY be provided by the client as a hint of the maximum |
| 1906 | timeout that it is willing to accept. However, the server MAY return |
| 1907 | a value that is equal to, or smaller, than the one provided by the |
| 1908 | client. |
| 1909 | */ |
| 1910 | struct dict_avp_data data = { |
| 1911 | 27, /* Code */ |
| 1912 | 0, /* Vendor */ |
| 1913 | "Session-Timeout", /* Name */ |
| 1914 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1915 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1916 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 1917 | }; |
| 1918 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 1919 | } |
| 1920 | |
| 1921 | /* User-Name */ |
| 1922 | { |
| 1923 | /* |
| 1924 | The User-Name AVP (AVP Code 1) [RFC2865] is of type UTF8String, which |
| 1925 | contains the User-Name, in a format consistent with the NAI |
| 1926 | specification [RFC4282]. |
| 1927 | */ |
| 1928 | struct dict_avp_data data = { |
| 1929 | 1, /* Code */ |
| 1930 | 0, /* Vendor */ |
| 1931 | "User-Name", /* Name */ |
| 1932 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 1933 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 1934 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 1935 | }; |
| 1936 | CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
| 1937 | } |
| 1938 | |
| 1939 | /* Termination-Cause */ |
| 1940 | { |
| 1941 | /* |
| 1942 | The Termination-Cause AVP (AVP Code 295) is of type Enumerated, and |
| 1943 | is used to indicate the reason why a session was terminated on the |
| 1944 | access device. The following values are defined: |
| 1945 | |
| 1946 | |
| 1947 | DIAMETER_LOGOUT 1 |
| 1948 | |
| 1949 | The user initiated a disconnect |
| 1950 | |
| 1951 | |
| 1952 | DIAMETER_SERVICE_NOT_PROVIDED 2 |
| 1953 | |
| 1954 | This value is used when the user disconnected prior to the receipt |
| 1955 | of the authorization answer message. |
| 1956 | |
| 1957 | |
| 1958 | DIAMETER_BAD_ANSWER 3 |
| 1959 | |
| 1960 | This value indicates that the authorization answer received by the |
| 1961 | access device was not processed successfully. |
| 1962 | |
| 1963 | |
| 1964 | DIAMETER_ADMINISTRATIVE 4 |
| 1965 | |
| 1966 | The user was not granted access, or was disconnected, due to |
| 1967 | administrative reasons, such as the receipt of a Abort-Session- |
| 1968 | Request message. |
| 1969 | |
| 1970 | |
| 1971 | DIAMETER_LINK_BROKEN 5 |
| 1972 | |
| 1973 | The communication to the user was abruptly disconnected. |
| 1974 | |
| 1975 | |
| 1976 | DIAMETER_AUTH_EXPIRED 6 |
| 1977 | |
| 1978 | The user's access was terminated since its authorized session time |
| 1979 | has expired. |
| 1980 | |
| 1981 | |
| 1982 | DIAMETER_USER_MOVED 7 |
| 1983 | |
| 1984 | The user is receiving services from another access device. |
| 1985 | |
| 1986 | |
| 1987 | DIAMETER_SESSION_TIMEOUT 8 |
| 1988 | |
| 1989 | The user's session has timed out, and service has been terminated. |
| 1990 | */ |
| 1991 | struct dict_object * type; |
| 1992 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Termination-Cause)" , NULL, NULL, NULL }; |
| 1993 | struct dict_enumval_data t_1 = { "DIAMETER_LOGOUT", { .i32 = 1 }}; |
| 1994 | struct dict_enumval_data t_2 = { "DIAMETER_SERVICE_NOT_PROVIDED", { .i32 = 2 }}; |
| 1995 | struct dict_enumval_data t_3 = { "DIAMETER_BAD_ANSWER", { .i32 = 3 }}; |
| 1996 | struct dict_enumval_data t_4 = { "DIAMETER_ADMINISTRATIVE", { .i32 = 4 }}; |
| 1997 | struct dict_enumval_data t_5 = { "DIAMETER_LINK_BROKEN", { .i32 = 5 }}; |
| 1998 | struct dict_enumval_data t_6 = { "DIAMETER_AUTH_EXPIRED", { .i32 = 6 }}; |
| 1999 | struct dict_enumval_data t_7 = { "DIAMETER_USER_MOVED", { .i32 = 7 }}; |
| 2000 | struct dict_enumval_data t_8 = { "DIAMETER_SESSION_TIMEOUT", { .i32 = 8 }}; |
| 2001 | struct dict_avp_data data = { |
| 2002 | 295, /* Code */ |
| 2003 | 0, /* Vendor */ |
| 2004 | "Termination-Cause", /* Name */ |
| 2005 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2006 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2007 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 2008 | }; |
| 2009 | /* Create the Enumerated type, and then the AVP */ |
| 2010 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 2011 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 2012 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 2013 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 2014 | CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
| 2015 | CHECK_dict_new( DICT_ENUMVAL, &t_5 , type, NULL); |
| 2016 | CHECK_dict_new( DICT_ENUMVAL, &t_6 , type, NULL); |
| 2017 | CHECK_dict_new( DICT_ENUMVAL, &t_7 , type, NULL); |
| 2018 | CHECK_dict_new( DICT_ENUMVAL, &t_8 , type, NULL); |
| 2019 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 2020 | } |
| 2021 | |
| 2022 | /* Origin-State-Id */ |
| 2023 | { |
| 2024 | /* |
| 2025 | The Origin-State-Id AVP (AVP Code 278), of type Unsigned32, is a |
| 2026 | monotonically increasing value that is advanced whenever a Diameter |
| 2027 | entity restarts with loss of previous state, for example upon reboot. |
| 2028 | Origin-State-Id MAY be included in any Diameter message, including |
| 2029 | CER. |
| 2030 | |
| 2031 | A Diameter entity issuing this AVP MUST create a higher value for |
| 2032 | this AVP each time its state is reset. A Diameter entity MAY set |
| 2033 | Origin-State-Id to the time of startup, or it MAY use an incrementing |
| 2034 | counter retained in non-volatile memory across restarts. |
| 2035 | |
| 2036 | The Origin-State-Id, if present, MUST reflect the state of the entity |
| 2037 | indicated by Origin-Host. If a proxy modifies Origin-Host, it MUST |
| 2038 | either remove Origin-State-Id or modify it appropriately as well. |
| 2039 | Typically, Origin-State-Id is used by an access device that always |
| 2040 | starts up with no active sessions; that is, any session active prior |
| 2041 | to restart will have been lost. By including Origin-State-Id in a |
| 2042 | message, it allows other Diameter entities to infer that sessions |
| 2043 | associated with a lower Origin-State-Id are no longer active. If an |
| 2044 | access device does not intend for such inferences to be made, it MUST |
| 2045 | either not include Origin-State-Id in any message, or set its value |
| 2046 | to 0. |
| 2047 | */ |
| 2048 | struct dict_avp_data data = { |
| 2049 | 278, /* Code */ |
| 2050 | 0, /* Vendor */ |
| 2051 | "Origin-State-Id", /* Name */ |
| 2052 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2053 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2054 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 2055 | }; |
| 2056 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2057 | } |
| 2058 | |
| 2059 | /* Session-Binding */ |
| 2060 | { |
| 2061 | /* |
| 2062 | The Session-Binding AVP (AVP Code 270) is of type Unsigned32, and MAY |
| 2063 | be present in application-specific authorization answer messages. If |
| 2064 | present, this AVP MAY inform the Diameter client that all future |
| 2065 | application-specific re-auth messages for this session MUST be sent |
| 2066 | to the same authorization server. This AVP MAY also specify that a |
| 2067 | Session-Termination-Request message for this session MUST be sent to |
| 2068 | the same authorizing server. |
| 2069 | |
| 2070 | This field is a bit mask, and the following bits have been defined: |
| 2071 | |
| 2072 | |
| 2073 | RE_AUTH 1 |
| 2074 | |
| 2075 | When set, future re-auth messages for this session MUST NOT |
| 2076 | include the Destination-Host AVP. When cleared, the default |
| 2077 | value, the Destination-Host AVP MUST be present in all re-auth |
| 2078 | messages for this session. |
| 2079 | |
| 2080 | |
| 2081 | STR 2 |
| 2082 | |
| 2083 | When set, the STR message for this session MUST NOT include the |
| 2084 | Destination-Host AVP. When cleared, the default value, the |
| 2085 | Destination-Host AVP MUST be present in the STR message for this |
| 2086 | session. |
| 2087 | |
| 2088 | |
| 2089 | ACCOUNTING 4 |
| 2090 | |
| 2091 | When set, all accounting messages for this session MUST NOT |
| 2092 | include the Destination-Host AVP. When cleared, the default |
| 2093 | value, the Destination-Host AVP, if known, MUST be present in all |
| 2094 | accounting messages for this session. |
| 2095 | */ |
| 2096 | |
| 2097 | /* Although the RFC does not specify an "Enumerated" type here, we go forward and create one. |
| 2098 | * This is the reason for the "*" in the type name |
| 2099 | * The actual values of the AVP will not always be defined here, but at least it can be used in some cases. |
| 2100 | * ... maybe the code will be changed later to support bitfields AVP ... |
| 2101 | */ |
| 2102 | |
| 2103 | struct dict_object * type; |
| 2104 | struct dict_type_data tdata = { AVP_TYPE_UNSIGNED32, "Enumerated(Session-Binding)" , NULL, NULL, NULL }; |
| 2105 | struct dict_enumval_data t_1 = { "RE_AUTH", { .u32 = 1 }}; |
| 2106 | struct dict_enumval_data t_2 = { "STR", { .u32 = 2 }}; |
| 2107 | struct dict_enumval_data t_4 = { "ACCOUNTING", { .u32 = 4 }}; |
| 2108 | struct dict_avp_data data = { |
| 2109 | 270, /* Code */ |
| 2110 | 0, /* Vendor */ |
| 2111 | "Session-Binding", /* Name */ |
| 2112 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2113 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2114 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 2115 | }; |
| 2116 | /* Create the Enumerated type, and then the AVP */ |
| 2117 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 2118 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 2119 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 2120 | CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
| 2121 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 2122 | } |
| 2123 | |
| 2124 | /* Session-Server-Failover */ |
| 2125 | { |
| 2126 | /* |
| 2127 | The Session-Server-Failover AVP (AVP Code 271) is of type Enumerated, |
| 2128 | and MAY be present in application-specific authorization answer |
| 2129 | messages that either do not include the Session-Binding AVP or |
| 2130 | include the Session-Binding AVP with any of the bits set to a zero |
| 2131 | value. If present, this AVP MAY inform the Diameter client that if a |
| 2132 | re-auth or STR message fails due to a delivery problem, the Diameter |
| 2133 | client SHOULD issue a subsequent message without the Destination-Host |
| 2134 | AVP. When absent, the default value is REFUSE_SERVICE. |
| 2135 | |
| 2136 | The following values are supported: |
| 2137 | |
| 2138 | |
| 2139 | REFUSE_SERVICE 0 |
| 2140 | |
| 2141 | If either the re-auth or the STR message delivery fails, terminate |
| 2142 | service with the user, and do not attempt any subsequent attempts. |
| 2143 | |
| 2144 | |
| 2145 | TRY_AGAIN 1 |
| 2146 | |
| 2147 | If either the re-auth or the STR message delivery fails, resend |
| 2148 | the failed message without the Destination-Host AVP present. |
| 2149 | |
| 2150 | |
| 2151 | ALLOW_SERVICE 2 |
| 2152 | |
| 2153 | If re-auth message delivery fails, assume that re-authorization |
| 2154 | succeeded. If STR message delivery fails, terminate the session. |
| 2155 | |
| 2156 | |
| 2157 | TRY_AGAIN_ALLOW_SERVICE 3 |
| 2158 | |
| 2159 | If either the re-auth or the STR message delivery fails, resend |
| 2160 | the failed message without the Destination-Host AVP present. If |
| 2161 | the second delivery fails for re-auth, assume re-authorization |
| 2162 | succeeded. If the second delivery fails for STR, terminate the |
| 2163 | session. |
| 2164 | */ |
| 2165 | struct dict_object * type; |
| 2166 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Session-Server-Failover)" , NULL, NULL, NULL }; |
| 2167 | struct dict_enumval_data t_0 = { "REFUSE_SERVICE", { .i32 = 0 }}; |
| 2168 | struct dict_enumval_data t_1 = { "TRY_AGAIN", { .i32 = 1 }}; |
| 2169 | struct dict_enumval_data t_2 = { "ALLOW_SERVICE", { .i32 = 2 }}; |
| 2170 | struct dict_enumval_data t_3 = { "TRY_AGAIN_ALLOW_SERVICE", { .i32 = 3 }}; |
| 2171 | struct dict_avp_data data = { |
| 2172 | 271, /* Code */ |
| 2173 | 0, /* Vendor */ |
| 2174 | "Session-Server-Failover", /* Name */ |
| 2175 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2176 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2177 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 2178 | }; |
| 2179 | /* Create the Enumerated type, and then the AVP */ |
| 2180 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 2181 | CHECK_dict_new( DICT_ENUMVAL, &t_0 , type, NULL); |
| 2182 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 2183 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 2184 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 2185 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 2186 | } |
| 2187 | |
| 2188 | /* Multi-Round-Time-Out */ |
| 2189 | { |
| 2190 | /* |
| 2191 | The Multi-Round-Time-Out AVP (AVP Code 272) is of type Unsigned32, |
| 2192 | and SHOULD be present in application-specific authorization answer |
| 2193 | messages whose Result-Code AVP is set to DIAMETER_MULTI_ROUND_AUTH. |
| 2194 | This AVP contains the maximum number of seconds that the access |
| 2195 | device MUST provide the user in responding to an authentication |
| 2196 | request. |
| 2197 | */ |
| 2198 | struct dict_avp_data data = { |
| 2199 | 272, /* Code */ |
| 2200 | 0, /* Vendor */ |
| 2201 | "Multi-Round-Time-Out", /* Name */ |
| 2202 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2203 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2204 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 2205 | }; |
| 2206 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2207 | } |
| 2208 | |
| 2209 | /* Class */ |
| 2210 | { |
| 2211 | /* |
| 2212 | The Class AVP (AVP Code 25) is of type OctetString and is used to by |
| 2213 | Diameter servers to return state information to the access device. |
| 2214 | When one or more Class AVPs are present in application-specific |
| 2215 | authorization answer messages, they MUST be present in subsequent re- |
| 2216 | authorization, session termination and accounting messages. Class |
| 2217 | AVPs found in a re-authorization answer message override the ones |
| 2218 | found in any previous authorization answer message. Diameter server |
| 2219 | implementations SHOULD NOT return Class AVPs that require more than |
| 2220 | 4096 bytes of storage on the Diameter client. A Diameter client that |
| 2221 | receives Class AVPs whose size exceeds local available storage MUST |
| 2222 | terminate the session. |
| 2223 | */ |
| 2224 | struct dict_avp_data data = { |
| 2225 | 25, /* Code */ |
| 2226 | 0, /* Vendor */ |
| 2227 | "Class", /* Name */ |
| 2228 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2229 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2230 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 2231 | }; |
| 2232 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2233 | } |
| 2234 | |
| 2235 | /* Event-Timestamp */ |
| 2236 | { |
| 2237 | /* |
| 2238 | The Event-Timestamp (AVP Code 55) is of type Time, and MAY be |
| 2239 | included in an Accounting-Request and Accounting-Answer messages to |
| 2240 | record the time that the reported event occurred, in seconds since |
| 2241 | January 1, 1900 00:00 UTC. |
| 2242 | */ |
| 2243 | struct dict_avp_data data = { |
| 2244 | 55, /* Code */ |
| 2245 | 0, /* Vendor */ |
| 2246 | "Event-Timestamp", /* Name */ |
| 2247 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2248 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2249 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 2250 | }; |
| 2251 | CHECK_dict_new( DICT_AVP, &data , Time_type, NULL); |
| 2252 | } |
| 2253 | |
| 2254 | |
| 2255 | /* Accounting-Record-Type */ |
| 2256 | { |
| 2257 | /* |
| 2258 | The Accounting-Record-Type AVP (AVP Code 480) is of type Enumerated |
| 2259 | and contains the type of accounting record being sent. The following |
| 2260 | values are currently defined for the Accounting-Record-Type AVP: |
| 2261 | |
| 2262 | |
| 2263 | EVENT_RECORD 1 |
| 2264 | |
| 2265 | An Accounting Event Record is used to indicate that a one-time |
| 2266 | event has occurred (meaning that the start and end of the event |
| 2267 | are simultaneous). This record contains all information relevant |
| 2268 | to the service, and is the only record of the service. |
| 2269 | |
| 2270 | |
| 2271 | START_RECORD 2 |
| 2272 | |
| 2273 | An Accounting Start, Interim, and Stop Records are used to |
| 2274 | indicate that a service of a measurable length has been given. An |
| 2275 | Accounting Start Record is used to initiate an accounting session, |
| 2276 | and contains accounting information that is relevant to the |
| 2277 | initiation of the session. |
| 2278 | |
| 2279 | |
| 2280 | INTERIM_RECORD 3 |
| 2281 | |
| 2282 | An Interim Accounting Record contains cumulative accounting |
| 2283 | information for an existing accounting session. Interim |
| 2284 | Accounting Records SHOULD be sent every time a re-authentication |
| 2285 | or re-authorization occurs. Further, additional interim record |
| 2286 | triggers MAY be defined by application-specific Diameter |
| 2287 | applications. The selection of whether to use INTERIM_RECORD |
| 2288 | records is done by the Acct-Interim-Interval AVP. |
| 2289 | |
| 2290 | |
| 2291 | STOP_RECORD 4 |
| 2292 | |
| 2293 | An Accounting Stop Record is sent to terminate an accounting |
| 2294 | session and contains cumulative accounting information relevant to |
| 2295 | the existing session. |
| 2296 | */ |
| 2297 | struct dict_object * type; |
| 2298 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Accounting-Record-Type)" , NULL, NULL, NULL }; |
| 2299 | struct dict_enumval_data t_1 = { "EVENT_RECORD", { .i32 = 1 }}; |
| 2300 | struct dict_enumval_data t_2 = { "START_RECORD", { .i32 = 2 }}; |
| 2301 | struct dict_enumval_data t_3 = { "INTERIM_RECORD", { .i32 = 3 }}; |
| 2302 | struct dict_enumval_data t_4 = { "STOP_RECORD", { .i32 = 4 }}; |
| 2303 | struct dict_avp_data data = { |
| 2304 | 480, /* Code */ |
| 2305 | 0, /* Vendor */ |
| 2306 | "Accounting-Record-Type", /* Name */ |
| 2307 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2308 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2309 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 2310 | }; |
| 2311 | /* Create the Enumerated type, and then the AVP */ |
| 2312 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 2313 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 2314 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 2315 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 2316 | CHECK_dict_new( DICT_ENUMVAL, &t_4 , type, NULL); |
| 2317 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 2318 | } |
| 2319 | |
| 2320 | /* Acct-Interim-Interval */ |
| 2321 | { |
| 2322 | /* |
| 2323 | The Acct-Interim-Interval AVP (AVP Code 85) is of type Unsigned32 and |
| 2324 | is sent from the Diameter home authorization server to the Diameter |
| 2325 | client. The client uses information in this AVP to decide how and |
| 2326 | when to produce accounting records. With different values in this |
| 2327 | AVP, service sessions can result in one, two, or two+N accounting |
| 2328 | records, based on the needs of the home-organization. The following |
| 2329 | accounting record production behavior is directed by the inclusion of |
| 2330 | this AVP: |
| 2331 | |
| 2332 | |
| 2333 | 1. The omission of the Acct-Interim-Interval AVP or its inclusion |
| 2334 | with Value field set to 0 means that EVENT_RECORD, START_RECORD, |
| 2335 | and STOP_RECORD are produced, as appropriate for the service. |
| 2336 | |
| 2337 | |
| 2338 | 2. The inclusion of the AVP with Value field set to a non-zero value |
| 2339 | means that INTERIM_RECORD records MUST be produced between the |
| 2340 | START_RECORD and STOP_RECORD records. The Value field of this |
| 2341 | AVP is the nominal interval between these records in seconds. |
| 2342 | |
| 2343 | The Diameter node that originates the accounting information, |
| 2344 | known as the client, MUST produce the first INTERIM_RECORD record |
| 2345 | roughly at the time when this nominal interval has elapsed from |
| 2346 | the START_RECORD, the next one again as the interval has elapsed |
| 2347 | once more, and so on until the session ends and a STOP_RECORD |
| 2348 | record is produced. |
| 2349 | |
| 2350 | The client MUST ensure that the interim record production times |
| 2351 | are randomized so that large accounting message storms are not |
| 2352 | created either among records or around a common service start |
| 2353 | time. |
| 2354 | */ |
| 2355 | struct dict_avp_data data = { |
| 2356 | 85, /* Code */ |
| 2357 | 0, /* Vendor */ |
| 2358 | "Acct-Interim-Interval", /* Name */ |
| 2359 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2360 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2361 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 2362 | }; |
| 2363 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2364 | } |
| 2365 | |
| 2366 | /* Accounting-Record-Number */ |
| 2367 | { |
| 2368 | /* |
| 2369 | The Accounting-Record-Number AVP (AVP Code 485) is of type Unsigned32 |
| 2370 | and identifies this record within one session. As Session-Id AVPs |
| 2371 | are globally unique, the combination of Session-Id and Accounting- |
| 2372 | Record-Number AVPs is also globally unique, and can be used in |
| 2373 | matching accounting records with confirmations. An easy way to |
| 2374 | produce unique numbers is to set the value to 0 for records of type |
| 2375 | EVENT_RECORD and START_RECORD, and set the value to 1 for the first |
| 2376 | INTERIM_RECORD, 2 for the second, and so on until the value for |
| 2377 | STOP_RECORD is one more than for the last INTERIM_RECORD. |
| 2378 | */ |
| 2379 | struct dict_avp_data data = { |
| 2380 | 485, /* Code */ |
| 2381 | 0, /* Vendor */ |
| 2382 | "Accounting-Record-Number", /* Name */ |
| 2383 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2384 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2385 | AVP_TYPE_UNSIGNED32 /* base type of data */ |
| 2386 | }; |
| 2387 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2388 | } |
| 2389 | |
| 2390 | /* Acct-Session-Id */ |
| 2391 | { |
| 2392 | /* |
| 2393 | The Acct-Session-Id AVP (AVP Code 44) is of type OctetString is only |
| 2394 | used when RADIUS/Diameter translation occurs. This AVP contains the |
| 2395 | contents of the RADIUS Acct-Session-Id attribute. |
| 2396 | */ |
| 2397 | struct dict_avp_data data = { |
| 2398 | 44, /* Code */ |
| 2399 | 0, /* Vendor */ |
| 2400 | "Acct-Session-Id", /* Name */ |
| 2401 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2402 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2403 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 2404 | }; |
| 2405 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2406 | } |
| 2407 | |
| 2408 | /* Acct-Multi-Session-Id */ |
| 2409 | { |
| 2410 | /* |
| 2411 | The Acct-Multi-Session-Id AVP (AVP Code 50) is of type UTF8String, |
| 2412 | following the format specified in Section 8.8. The Acct-Multi- |
| 2413 | Session-Id AVP is used to link together multiple related accounting |
| 2414 | sessions, where each session would have a unique Session-Id, but the |
| 2415 | same Acct-Multi-Session-Id AVP. This AVP MAY be returned by the |
| 2416 | Diameter server in an authorization answer, and MUST be used in all |
| 2417 | accounting messages for the given session. |
| 2418 | */ |
| 2419 | struct dict_avp_data data = { |
| 2420 | 50, /* Code */ |
| 2421 | 0, /* Vendor */ |
| 2422 | "Acct-Multi-Session-Id", /* Name */ |
| 2423 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2424 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2425 | AVP_TYPE_OCTETSTRING /* base type of data */ |
| 2426 | }; |
| 2427 | CHECK_dict_new( DICT_AVP, &data , UTF8String_type, NULL); |
| 2428 | } |
| 2429 | |
| 2430 | /* Accounting-Sub-Session-Id */ |
| 2431 | { |
| 2432 | /* |
| 2433 | The Accounting-Sub-Session-Id AVP (AVP Code 287) is of type |
| 2434 | Unsigned64 and contains the accounting sub-session identifier. The |
| 2435 | combination of the Session-Id and this AVP MUST be unique per sub- |
| 2436 | session, and the value of this AVP MUST be monotonically increased by |
| 2437 | one for all new sub-sessions. The absence of this AVP implies no |
| 2438 | sub-sessions are in use, with the exception of an Accounting-Request |
| 2439 | whose Accounting-Record-Type is set to STOP_RECORD. A STOP_RECORD |
| 2440 | message with no Accounting-Sub-Session-Id AVP present will signal the |
| 2441 | termination of all sub-sessions for a given Session-Id. |
| 2442 | */ |
| 2443 | struct dict_avp_data data = { |
| 2444 | 287, /* Code */ |
| 2445 | 0, /* Vendor */ |
| 2446 | "Accounting-Sub-Session-Id", /* Name */ |
| 2447 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2448 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2449 | AVP_TYPE_UNSIGNED64 /* base type of data */ |
| 2450 | }; |
| 2451 | CHECK_dict_new( DICT_AVP, &data , NULL, NULL); |
| 2452 | } |
| 2453 | |
| 2454 | /* Accounting-Realtime-Required */ |
| 2455 | { |
| 2456 | /* |
| 2457 | The Accounting-Realtime-Required AVP (AVP Code 483) is of type |
| 2458 | Enumerated and is sent from the Diameter home authorization server to |
| 2459 | the Diameter client or in the Accounting-Answer from the accounting |
| 2460 | server. The client uses information in this AVP to decide what to do |
| 2461 | if the sending of accounting records to the accounting server has |
| 2462 | been temporarily prevented due to, for instance, a network problem. |
| 2463 | |
| 2464 | |
| 2465 | DELIVER_AND_GRANT 1 |
| 2466 | |
| 2467 | The AVP with Value field set to DELIVER_AND_GRANT means that the |
| 2468 | service MUST only be granted as long as there is a connection to |
| 2469 | an accounting server. Note that the set of alternative accounting |
| 2470 | servers are treated as one server in this sense. Having to move |
| 2471 | the accounting record stream to a backup server is not a reason to |
| 2472 | discontinue the service to the user. |
| 2473 | |
| 2474 | |
| 2475 | GRANT_AND_STORE 2 |
| 2476 | |
| 2477 | The AVP with Value field set to GRANT_AND_STORE means that service |
| 2478 | SHOULD be granted if there is a connection, or as long as records |
| 2479 | can still be stored as described in Section 9.4. |
| 2480 | |
| 2481 | This is the default behavior if the AVP isn't included in the |
| 2482 | reply from the authorization server. |
| 2483 | |
| 2484 | |
| 2485 | GRANT_AND_LOSE 3 |
| 2486 | |
| 2487 | The AVP with Value field set to GRANT_AND_LOSE means that service |
| 2488 | SHOULD be granted even if the records can not be delivered or |
| 2489 | stored. |
| 2490 | */ |
| 2491 | struct dict_object * type; |
| 2492 | struct dict_type_data tdata = { AVP_TYPE_INTEGER32, "Enumerated(Accounting-Realtime-Required)" , NULL, NULL, NULL }; |
| 2493 | struct dict_enumval_data t_1 = { "DELIVER_AND_GRANT", { .i32 = 1 }}; |
| 2494 | struct dict_enumval_data t_2 = { "GRANT_AND_STORE", { .i32 = 2 }}; |
| 2495 | struct dict_enumval_data t_3 = { "GRANT_AND_LOSE", { .i32 = 3 }}; |
| 2496 | struct dict_avp_data data = { |
| 2497 | 483, /* Code */ |
| 2498 | 0, /* Vendor */ |
| 2499 | "Accounting-Realtime-Required", /* Name */ |
| 2500 | AVP_FLAG_VENDOR | AVP_FLAG_MANDATORY, /* Fixed flags */ |
| 2501 | AVP_FLAG_MANDATORY, /* Fixed flag values */ |
| 2502 | AVP_TYPE_INTEGER32 /* base type of data */ |
| 2503 | }; |
| 2504 | /* Create the Enumerated type, and then the AVP */ |
| 2505 | CHECK_dict_new( DICT_TYPE, &tdata , NULL, &type); |
| 2506 | CHECK_dict_new( DICT_ENUMVAL, &t_1 , type, NULL); |
| 2507 | CHECK_dict_new( DICT_ENUMVAL, &t_2 , type, NULL); |
| 2508 | CHECK_dict_new( DICT_ENUMVAL, &t_3 , type, NULL); |
| 2509 | CHECK_dict_new( DICT_AVP, &data , type, NULL); |
| 2510 | } |
| 2511 | |
| 2512 | } |
| 2513 | |
| 2514 | /* Commands section */ |
| 2515 | { |
| 2516 | /* To avoid defining global variables for all the AVP that we use here, we do search the dictionary in each sub-block. |
| 2517 | * This is far from optimal, but the code is clearer like this, and the time it requires at execution is not noticeable. |
| 2518 | */ |
| 2519 | |
| 2520 | /* Generic message syntax when the 'E' bit is set */ |
| 2521 | { |
| 2522 | /* |
| 2523 | The 'E' (Error Bit) in the Diameter header is set when the request |
| 2524 | caused a protocol-related error (see Section 7.1.3). A message with |
| 2525 | the 'E' bit MUST NOT be sent as a response to an answer message. |
| 2526 | Note that a message with the 'E' bit set is still subjected to the |
| 2527 | processing rules defined in Section 6.2. When set, the answer |
| 2528 | message will not conform to the ABNF specification for the command, |
| 2529 | and will instead conform to the following ABNF: |
| 2530 | |
| 2531 | Message Format |
| 2532 | |
| 2533 | <answer-message> ::= < Diameter Header: code, ERR [PXY] > |
| 2534 | 0*1< Session-Id > |
| 2535 | { Origin-Host } |
| 2536 | { Origin-Realm } |
| 2537 | { Result-Code } |
| 2538 | [ Origin-State-Id ] |
| 2539 | [ Error-Message ] |
| 2540 | [ Error-Reporting-Host ] |
| 2541 | [ Failed-AVP ] |
| 2542 | * [ Proxy-Info ] |
| 2543 | * [ AVP ] |
| 2544 | |
| 2545 | Note that the code used in the header is the same than the one found |
| 2546 | in the request message, but with the 'R' bit cleared and the 'E' bit |
| 2547 | set. The 'P' bit in the header is set to the same value as the one |
| 2548 | found in the request message. |
| 2549 | */ |
| 2550 | struct dict_object * cmd_error; |
| 2551 | struct local_rules_definition rules[] = |
| 2552 | { { "Session-Id", RULE_FIXED_HEAD,0, 1 } |
| 2553 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2554 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2555 | ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
| 2556 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2557 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 2558 | ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
| 2559 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 2560 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 2561 | }; |
| 2562 | CHECK_FCT( fd_dict_get_error_cmd(dict, &cmd_error) ); |
| 2563 | PARSE_loc_rules( rules, cmd_error ); |
| 2564 | } |
| 2565 | |
| 2566 | /* Capabilities-Exchange-Request */ |
| 2567 | { |
| 2568 | /* |
| 2569 | The Capabilities-Exchange-Request (CER), indicated by the Command- |
| 2570 | Code set to 257 and the Command Flags' 'R' bit set, is sent to |
| 2571 | exchange local capabilities. Upon detection of a transport failure, |
| 2572 | this message MUST NOT be sent to an alternate peer. |
| 2573 | |
| 2574 | When Diameter is run over SCTP [RFC2960], which allows for |
| 2575 | connections to span multiple interfaces and multiple IP addresses, |
| 2576 | the Capabilities-Exchange-Request message MUST contain one Host-IP- |
| 2577 | Address AVP for each potential IP address that MAY be locally used |
| 2578 | when transmitting Diameter messages. |
| 2579 | |
| 2580 | Message Format |
| 2581 | |
| 2582 | <CER> ::= < Diameter Header: 257, REQ > |
| 2583 | { Origin-Host } |
| 2584 | { Origin-Realm } |
| 2585 | 1* { Host-IP-Address } |
| 2586 | { Vendor-Id } |
| 2587 | { Product-Name } |
| 2588 | [ Origin-State-Id ] |
| 2589 | * [ Supported-Vendor-Id ] |
| 2590 | * [ Auth-Application-Id ] |
| 2591 | * [ Inband-Security-Id ] |
| 2592 | * [ Acct-Application-Id ] |
| 2593 | * [ Vendor-Specific-Application-Id ] |
| 2594 | [ Firmware-Revision ] |
| 2595 | * [ AVP ] |
| 2596 | */ |
| 2597 | struct dict_object * cmd; |
| 2598 | struct dict_cmd_data data = { |
| 2599 | 257, /* Code */ |
| 2600 | #if CC_CAPABILITIES_EXCHANGE != 257 |
| 2601 | #error "CC_CAPABILITIES_EXCHANGE definition mismatch" |
| 2602 | #endif |
| 2603 | "Capabilities-Exchange-Request", /* Name */ |
| 2604 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
| 2605 | CMD_FLAG_REQUEST /* Fixed flag values */ |
| 2606 | }; |
| 2607 | struct local_rules_definition rules[] = |
| 2608 | { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2609 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2610 | ,{ "Host-IP-Address", RULE_REQUIRED, -1,-1 } |
| 2611 | ,{ "Vendor-Id", RULE_REQUIRED, -1, 1 } |
| 2612 | ,{ "Product-Name", RULE_REQUIRED, -1, 1 } |
| 2613 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2614 | ,{ "Supported-Vendor-Id", RULE_OPTIONAL, -1,-1 } |
| 2615 | ,{ "Auth-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2616 | ,{ "Inband-Security-Id", RULE_OPTIONAL, -1,-1 } |
| 2617 | ,{ "Acct-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2618 | ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2619 | ,{ "Firmware-Revision", RULE_OPTIONAL, -1, 1 } |
| 2620 | }; |
| 2621 | |
| 2622 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2623 | PARSE_loc_rules( rules, cmd ); |
| 2624 | } |
| 2625 | |
| 2626 | /* Capabilities-Exchange-Answer */ |
| 2627 | { |
| 2628 | /* |
| 2629 | The Capabilities-Exchange-Answer (CEA), indicated by the Command-Code |
| 2630 | set to 257 and the Command Flags' 'R' bit cleared, is sent in |
| 2631 | response to a CER message. |
| 2632 | |
| 2633 | When Diameter is run over SCTP [RFC2960], which allows connections to |
| 2634 | span multiple interfaces, hence, multiple IP addresses, the |
| 2635 | Capabilities-Exchange-Answer message MUST contain one Host-IP-Address |
| 2636 | AVP for each potential IP address that MAY be locally used when |
| 2637 | transmitting Diameter messages. |
| 2638 | |
| 2639 | Message Format |
| 2640 | |
| 2641 | <CEA> ::= < Diameter Header: 257 > |
| 2642 | { Result-Code } |
| 2643 | { Origin-Host } |
| 2644 | { Origin-Realm } |
| 2645 | 1* { Host-IP-Address } |
| 2646 | { Vendor-Id } |
| 2647 | { Product-Name } |
| 2648 | [ Origin-State-Id ] |
| 2649 | [ Error-Message ] |
| 2650 | [ Failed-AVP ] |
| 2651 | * [ Supported-Vendor-Id ] |
| 2652 | * [ Auth-Application-Id ] |
| 2653 | * [ Inband-Security-Id ] |
| 2654 | * [ Acct-Application-Id ] |
| 2655 | * [ Vendor-Specific-Application-Id ] |
| 2656 | [ Firmware-Revision ] |
| 2657 | * [ AVP ] |
| 2658 | */ |
| 2659 | struct dict_object * cmd; |
| 2660 | struct dict_cmd_data data = { |
| 2661 | 257, /* Code */ |
| 2662 | #if CC_CAPABILITIES_EXCHANGE != 257 |
| 2663 | #error "CC_CAPABILITIES_EXCHANGE definition mismatch" |
| 2664 | #endif |
| 2665 | "Capabilities-Exchange-Answer", /* Name */ |
| 2666 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
| 2667 | 0 /* Fixed flag values */ |
| 2668 | }; |
| 2669 | struct local_rules_definition rules[] = |
| 2670 | { { "Result-Code", RULE_REQUIRED, -1, 1 } |
| 2671 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2672 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2673 | ,{ "Host-IP-Address", RULE_REQUIRED, -1,-1 } |
| 2674 | ,{ "Vendor-Id", RULE_REQUIRED, -1, 1 } |
| 2675 | ,{ "Product-Name", RULE_REQUIRED, -1, 1 } |
| 2676 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2677 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 2678 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 2679 | ,{ "Supported-Vendor-Id", RULE_OPTIONAL, -1,-1 } |
| 2680 | ,{ "Auth-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2681 | ,{ "Inband-Security-Id", RULE_OPTIONAL, -1,-1 } |
| 2682 | ,{ "Acct-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2683 | ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1,-1 } |
| 2684 | ,{ "Firmware-Revision", RULE_OPTIONAL, -1, 1 } |
| 2685 | }; |
| 2686 | |
| 2687 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2688 | PARSE_loc_rules( rules, cmd ); |
| 2689 | } |
| 2690 | |
| 2691 | /* Disconnect-Peer-Request */ |
| 2692 | { |
| 2693 | /* |
| 2694 | The Disconnect-Peer-Request (DPR), indicated by the Command-Code set |
| 2695 | to 282 and the Command Flags' 'R' bit set, is sent to a peer to |
| 2696 | inform its intentions to shutdown the transport connection. Upon |
| 2697 | detection of a transport failure, this message MUST NOT be sent to an |
| 2698 | alternate peer. |
| 2699 | |
| 2700 | Message Format |
| 2701 | |
| 2702 | <DPR> ::= < Diameter Header: 282, REQ > |
| 2703 | { Origin-Host } |
| 2704 | { Origin-Realm } |
| 2705 | { Disconnect-Cause } |
| 2706 | */ |
| 2707 | struct dict_object * cmd; |
| 2708 | struct dict_cmd_data data = { |
| 2709 | 282, /* Code */ |
| 2710 | #if CC_DISCONNECT_PEER != 282 |
| 2711 | #error "CC_DISCONNECT_PEER definition mismatch" |
| 2712 | #endif |
| 2713 | "Disconnect-Peer-Request", /* Name */ |
| 2714 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
| 2715 | CMD_FLAG_REQUEST /* Fixed flag values */ |
| 2716 | }; |
| 2717 | struct local_rules_definition rules[] = |
| 2718 | { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2719 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2720 | ,{ "Disconnect-Cause", RULE_REQUIRED, -1, 1 } |
| 2721 | }; |
| 2722 | |
| 2723 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2724 | PARSE_loc_rules( rules, cmd ); |
| 2725 | } |
| 2726 | |
| 2727 | /* Disconnect-Peer-Answer */ |
| 2728 | { |
| 2729 | /* |
| 2730 | The Disconnect-Peer-Answer (DPA), indicated by the Command-Code set |
| 2731 | to 282 and the Command Flags' 'R' bit cleared, is sent as a response |
| 2732 | to the Disconnect-Peer-Request message. Upon receipt of this |
| 2733 | message, the transport connection is shutdown. |
| 2734 | |
| 2735 | Message Format |
| 2736 | |
| 2737 | <DPA> ::= < Diameter Header: 282 > |
| 2738 | { Result-Code } |
| 2739 | { Origin-Host } |
| 2740 | { Origin-Realm } |
| 2741 | [ Error-Message ] |
| 2742 | [ Failed-AVP ] |
| 2743 | */ |
| 2744 | struct dict_object * cmd; |
| 2745 | struct dict_cmd_data data = { |
| 2746 | 282, /* Code */ |
| 2747 | #if CC_DISCONNECT_PEER != 282 |
| 2748 | #error "CC_DISCONNECT_PEER definition mismatch" |
| 2749 | #endif |
| 2750 | "Disconnect-Peer-Answer", /* Name */ |
| 2751 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
| 2752 | 0 /* Fixed flag values */ |
| 2753 | }; |
| 2754 | struct local_rules_definition rules[] = |
| 2755 | { { "Result-Code", RULE_REQUIRED, -1, 1 } |
| 2756 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2757 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2758 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 2759 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 2760 | }; |
| 2761 | |
| 2762 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2763 | PARSE_loc_rules( rules, cmd ); |
| 2764 | } |
| 2765 | |
| 2766 | /* Device-Watchdog-Request */ |
| 2767 | { |
| 2768 | /* |
| 2769 | The Device-Watchdog-Request (DWR), indicated by the Command-Code set |
| 2770 | to 280 and the Command Flags' 'R' bit set, is sent to a peer when no |
| 2771 | traffic has been exchanged between two peers (see Section 5.5.3). |
| 2772 | Upon detection of a transport failure, this message MUST NOT be sent |
| 2773 | to an alternate peer. |
| 2774 | |
| 2775 | Message Format |
| 2776 | |
| 2777 | <DWR> ::= < Diameter Header: 280, REQ > |
| 2778 | { Origin-Host } |
| 2779 | { Origin-Realm } |
| 2780 | [ Origin-State-Id ] |
| 2781 | */ |
| 2782 | struct dict_object * cmd; |
| 2783 | struct dict_cmd_data data = { |
| 2784 | 280, /* Code */ |
| 2785 | #if CC_DEVICE_WATCHDOG != 280 |
| 2786 | #error "CC_DEVICE_WATCHDOG definition mismatch" |
| 2787 | #endif |
| 2788 | "Device-Watchdog-Request", /* Name */ |
| 2789 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT | CMD_FLAG_ERROR, /* Fixed flags */ |
| 2790 | CMD_FLAG_REQUEST /* Fixed flag values */ |
| 2791 | }; |
| 2792 | struct local_rules_definition rules[] = |
| 2793 | { { "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2794 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2795 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2796 | }; |
| 2797 | |
| 2798 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2799 | PARSE_loc_rules( rules, cmd ); |
| 2800 | } |
| 2801 | |
| 2802 | /* Device-Watchdog-Answer */ |
| 2803 | { |
| 2804 | /* |
| 2805 | The Device-Watchdog-Answer (DWA), indicated by the Command-Code set |
| 2806 | to 280 and the Command Flags' 'R' bit cleared, is sent as a response |
| 2807 | to the Device-Watchdog-Request message. |
| 2808 | |
| 2809 | Message Format |
| 2810 | |
| 2811 | <DWA> ::= < Diameter Header: 280 > |
| 2812 | { Result-Code } |
| 2813 | { Origin-Host } |
| 2814 | { Origin-Realm } |
| 2815 | [ Error-Message ] |
| 2816 | [ Failed-AVP ] |
| 2817 | [ Origin-State-Id ] |
| 2818 | */ |
| 2819 | struct dict_object * cmd; |
| 2820 | struct dict_cmd_data data = { |
| 2821 | 280, /* Code */ |
| 2822 | #if CC_DEVICE_WATCHDOG != 280 |
| 2823 | #error "CC_DEVICE_WATCHDOG definition mismatch" |
| 2824 | #endif |
| 2825 | "Device-Watchdog-Answer", /* Name */ |
| 2826 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_RETRANSMIT, /* Fixed flags */ |
| 2827 | 0 /* Fixed flag values */ |
| 2828 | }; |
| 2829 | struct local_rules_definition rules[] = |
| 2830 | { { "Result-Code", RULE_REQUIRED, -1, 1 } |
| 2831 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2832 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2833 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 2834 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 2835 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2836 | }; |
| 2837 | |
| 2838 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2839 | PARSE_loc_rules( rules, cmd ); |
| 2840 | } |
| 2841 | |
| 2842 | /* Re-Auth-Request */ |
| 2843 | { |
| 2844 | /* |
| 2845 | The Re-Auth-Request (RAR), indicated by the Command-Code set to 258 |
| 2846 | and the message flags' 'R' bit set, may be sent by any server to the |
| 2847 | access device that is providing session service, to request that the |
| 2848 | user be re-authenticated and/or re-authorized. |
| 2849 | |
| 2850 | |
| 2851 | Message Format |
| 2852 | |
| 2853 | <RAR> ::= < Diameter Header: 258, REQ, PXY > |
| 2854 | < Session-Id > |
| 2855 | { Origin-Host } |
| 2856 | { Origin-Realm } |
| 2857 | { Destination-Realm } |
| 2858 | { Destination-Host } |
| 2859 | { Auth-Application-Id } |
| 2860 | { Re-Auth-Request-Type } |
| 2861 | [ User-Name ] |
| 2862 | [ Origin-State-Id ] |
| 2863 | * [ Proxy-Info ] |
| 2864 | * [ Route-Record ] |
| 2865 | * [ AVP ] |
| 2866 | */ |
| 2867 | struct dict_object * cmd; |
| 2868 | struct dict_cmd_data data = { |
| 2869 | 258, /* Code */ |
| 2870 | #if CC_RE_AUTH != 258 |
| 2871 | #error "CC_RE_AUTH definition mismatch" |
| 2872 | #endif |
| 2873 | "Re-Auth-Request", /* Name */ |
| 2874 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
| 2875 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 2876 | }; |
| 2877 | struct local_rules_definition rules[] = |
| 2878 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 2879 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2880 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2881 | ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
| 2882 | ,{ "Destination-Host", RULE_REQUIRED, -1, 1 } |
| 2883 | ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
| 2884 | ,{ "Re-Auth-Request-Type", RULE_REQUIRED, -1, 1 } |
| 2885 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 2886 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2887 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 2888 | ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
| 2889 | }; |
| 2890 | |
| 2891 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2892 | PARSE_loc_rules( rules, cmd ); |
| 2893 | } |
| 2894 | |
| 2895 | /* Re-Auth-Answer */ |
| 2896 | { |
| 2897 | /* |
| 2898 | The Re-Auth-Answer (RAA), indicated by the Command-Code set to 258 |
| 2899 | and the message flags' 'R' bit clear, is sent in response to the RAR. |
| 2900 | The Result-Code AVP MUST be present, and indicates the disposition of |
| 2901 | the request. |
| 2902 | |
| 2903 | A successful RAA message MUST be followed by an application-specific |
| 2904 | authentication and/or authorization message. |
| 2905 | |
| 2906 | |
| 2907 | Message Format |
| 2908 | |
| 2909 | <RAA> ::= < Diameter Header: 258, PXY > |
| 2910 | < Session-Id > |
| 2911 | { Result-Code } |
| 2912 | { Origin-Host } |
| 2913 | { Origin-Realm } |
| 2914 | [ User-Name ] |
| 2915 | [ Origin-State-Id ] |
| 2916 | [ Error-Message ] |
| 2917 | [ Error-Reporting-Host ] |
| 2918 | [ Failed-AVP ] |
| 2919 | * [ Redirect-Host ] |
| 2920 | [ Redirect-Host-Usage ] |
| 2921 | [ Redirect-Max-Cache-Time ] |
| 2922 | * [ Proxy-Info ] |
| 2923 | * [ AVP ] |
| 2924 | */ |
| 2925 | struct dict_object * cmd; |
| 2926 | struct dict_cmd_data data = { |
| 2927 | 258, /* Code */ |
| 2928 | #if CC_RE_AUTH != 258 |
| 2929 | #error "CC_RE_AUTH definition mismatch" |
| 2930 | #endif |
| 2931 | "Re-Auth-Answer", /* Name */ |
| 2932 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
| 2933 | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 2934 | }; |
| 2935 | struct local_rules_definition rules[] = |
| 2936 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 2937 | ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
| 2938 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2939 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2940 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 2941 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 2942 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 2943 | ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
| 2944 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 2945 | ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
| 2946 | ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
| 2947 | ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
| 2948 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 2949 | }; |
| 2950 | |
| 2951 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 2952 | PARSE_loc_rules( rules, cmd ); |
| 2953 | } |
| 2954 | |
| 2955 | /* Session-Termination-Request */ |
| 2956 | { |
| 2957 | /* |
| 2958 | The Session-Termination-Request (STR), indicated by the Command-Code |
| 2959 | set to 275 and the Command Flags' 'R' bit set, is sent by the access |
| 2960 | device to inform the Diameter Server that an authenticated and/or |
| 2961 | authorized session is being terminated. |
| 2962 | |
| 2963 | |
| 2964 | Message Format |
| 2965 | |
| 2966 | <STR> ::= < Diameter Header: 275, REQ, PXY > |
| 2967 | < Session-Id > |
| 2968 | { Origin-Host } |
| 2969 | { Origin-Realm } |
| 2970 | { Destination-Realm } |
| 2971 | { Auth-Application-Id } |
| 2972 | { Termination-Cause } |
| 2973 | [ User-Name ] |
| 2974 | [ Destination-Host ] |
| 2975 | * [ Class ] |
| 2976 | [ Origin-State-Id ] |
| 2977 | * [ Proxy-Info ] |
| 2978 | * [ Route-Record ] |
| 2979 | * [ AVP ] |
| 2980 | */ |
| 2981 | struct dict_object * cmd; |
| 2982 | struct dict_cmd_data data = { |
| 2983 | 275, /* Code */ |
| 2984 | #if CC_SESSION_TERMINATION != 275 |
| 2985 | #error "CC_SESSION_TERMINATION definition mismatch" |
| 2986 | #endif |
| 2987 | "Session-Termination-Request", /* Name */ |
| 2988 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
| 2989 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 2990 | }; |
| 2991 | struct local_rules_definition rules[] = |
| 2992 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 2993 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 2994 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 2995 | ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
| 2996 | ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
| 2997 | ,{ "Termination-Cause", RULE_REQUIRED, -1, 1 } |
| 2998 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 2999 | ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 } |
| 3000 | ,{ "Class", RULE_OPTIONAL, -1,-1 } |
| 3001 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3002 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3003 | ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
| 3004 | }; |
| 3005 | |
| 3006 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3007 | PARSE_loc_rules( rules, cmd ); |
| 3008 | } |
| 3009 | |
| 3010 | /* Session-Termination-Answer */ |
| 3011 | { |
| 3012 | /* |
| 3013 | The Session-Termination-Answer (STA), indicated by the Command-Code |
| 3014 | set to 275 and the message flags' 'R' bit clear, is sent by the |
| 3015 | Diameter Server to acknowledge the notification that the session has |
| 3016 | been terminated. The Result-Code AVP MUST be present, and MAY |
| 3017 | contain an indication that an error occurred while servicing the STR. |
| 3018 | |
| 3019 | Upon sending or receipt of the STA, the Diameter Server MUST release |
| 3020 | all resources for the session indicated by the Session-Id AVP. Any |
| 3021 | intermediate server in the Proxy-Chain MAY also release any |
| 3022 | resources, if necessary. |
| 3023 | |
| 3024 | Message Format |
| 3025 | |
| 3026 | <STA> ::= < Diameter Header: 275, PXY > |
| 3027 | < Session-Id > |
| 3028 | { Result-Code } |
| 3029 | { Origin-Host } |
| 3030 | { Origin-Realm } |
| 3031 | [ User-Name ] |
| 3032 | * [ Class ] |
| 3033 | [ Error-Message ] |
| 3034 | [ Error-Reporting-Host ] |
| 3035 | [ Failed-AVP ] |
| 3036 | [ Origin-State-Id ] |
| 3037 | * [ Redirect-Host ] |
| 3038 | [ Redirect-Host-Usage ] |
| 3039 | [ Redirect-Max-Cache-Time ] |
| 3040 | * [ Proxy-Info ] |
| 3041 | * [ AVP ] |
| 3042 | */ |
| 3043 | struct dict_object * cmd; |
| 3044 | struct dict_cmd_data data = { |
| 3045 | 275, /* Code */ |
| 3046 | #if CC_SESSION_TERMINATION != 275 |
| 3047 | #error "CC_SESSION_TERMINATION definition mismatch" |
| 3048 | #endif |
| 3049 | "Session-Termination-Answer", /* Name */ |
| 3050 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
| 3051 | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 3052 | }; |
| 3053 | struct local_rules_definition rules[] = |
| 3054 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 3055 | ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
| 3056 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 3057 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 3058 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 3059 | ,{ "Class", RULE_OPTIONAL, -1,-1 } |
| 3060 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 3061 | ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
| 3062 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 3063 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3064 | ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
| 3065 | ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
| 3066 | ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
| 3067 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3068 | }; |
| 3069 | |
| 3070 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3071 | PARSE_loc_rules( rules, cmd ); |
| 3072 | } |
| 3073 | |
| 3074 | /* Abort-Session-Request */ |
| 3075 | { |
| 3076 | /* |
| 3077 | The Abort-Session-Request (ASR), indicated by the Command-Code set to |
| 3078 | 274 and the message flags' 'R' bit set, may be sent by any server to |
| 3079 | the access device that is providing session service, to request that |
| 3080 | the session identified by the Session-Id be stopped. |
| 3081 | |
| 3082 | |
| 3083 | Message Format |
| 3084 | |
| 3085 | <ASR> ::= < Diameter Header: 274, REQ, PXY > |
| 3086 | < Session-Id > |
| 3087 | { Origin-Host } |
| 3088 | { Origin-Realm } |
| 3089 | { Destination-Realm } |
| 3090 | { Destination-Host } |
| 3091 | { Auth-Application-Id } |
| 3092 | [ User-Name ] |
| 3093 | [ Origin-State-Id ] |
| 3094 | * [ Proxy-Info ] |
| 3095 | * [ Route-Record ] |
| 3096 | * [ AVP ] |
| 3097 | */ |
| 3098 | struct dict_object * cmd; |
| 3099 | struct dict_cmd_data data = { |
| 3100 | 274, /* Code */ |
| 3101 | #if CC_ABORT_SESSION != 274 |
| 3102 | #error "CC_ABORT_SESSION definition mismatch" |
| 3103 | #endif |
| 3104 | "Abort-Session-Request", /* Name */ |
| 3105 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
| 3106 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 3107 | }; |
| 3108 | struct local_rules_definition rules[] = |
| 3109 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 3110 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 3111 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 3112 | ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
| 3113 | ,{ "Destination-Host", RULE_REQUIRED, -1, 1 } |
| 3114 | ,{ "Auth-Application-Id", RULE_REQUIRED, -1, 1 } |
| 3115 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 3116 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3117 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3118 | ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
| 3119 | }; |
| 3120 | |
| 3121 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3122 | PARSE_loc_rules( rules, cmd ); |
| 3123 | } |
| 3124 | |
| 3125 | /* Abort-Session-Answer */ |
| 3126 | { |
| 3127 | /* |
| 3128 | The Abort-Session-Answer (ASA), indicated by the Command-Code set to |
| 3129 | 274 and the message flags' 'R' bit clear, is sent in response to the |
| 3130 | ASR. The Result-Code AVP MUST be present, and indicates the |
| 3131 | disposition of the request. |
| 3132 | |
| 3133 | If the session identified by Session-Id in the ASR was successfully |
| 3134 | terminated, Result-Code is set to DIAMETER_SUCCESS. If the session |
| 3135 | is not currently active, Result-Code is set to |
| 3136 | DIAMETER_UNKNOWN_SESSION_ID. If the access device does not stop the |
| 3137 | session for any other reason, Result-Code is set to |
| 3138 | DIAMETER_UNABLE_TO_COMPLY. |
| 3139 | |
| 3140 | Message Format |
| 3141 | |
| 3142 | <ASA> ::= < Diameter Header: 274, PXY > |
| 3143 | < Session-Id > |
| 3144 | { Result-Code } |
| 3145 | { Origin-Host } |
| 3146 | { Origin-Realm } |
| 3147 | [ User-Name ] |
| 3148 | [ Origin-State-Id ] |
| 3149 | [ Error-Message ] |
| 3150 | [ Error-Reporting-Host ] |
| 3151 | [ Failed-AVP ] |
| 3152 | * [ Redirect-Host ] |
| 3153 | [ Redirect-Host-Usage ] |
| 3154 | [ Redirect-Max-Cache-Time ] |
| 3155 | * [ Proxy-Info ] |
| 3156 | * [ AVP ] |
| 3157 | */ |
| 3158 | struct dict_object * cmd; |
| 3159 | struct dict_cmd_data data = { |
| 3160 | 274, /* Code */ |
| 3161 | #if CC_ABORT_SESSION != 274 |
| 3162 | #error "CC_ABORT_SESSION definition mismatch" |
| 3163 | #endif |
| 3164 | "Abort-Session-Answer", /* Name */ |
| 3165 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
| 3166 | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 3167 | }; |
| 3168 | struct local_rules_definition rules[] = |
| 3169 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 3170 | ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
| 3171 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 3172 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 3173 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 3174 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3175 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 3176 | ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
| 3177 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 3178 | ,{ "Redirect-Host", RULE_OPTIONAL, -1,-1 } |
| 3179 | ,{ "Redirect-Host-Usage", RULE_OPTIONAL, -1, 1 } |
| 3180 | ,{ "Redirect-Max-Cache-Time", RULE_OPTIONAL, -1, 1 } |
| 3181 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3182 | }; |
| 3183 | |
| 3184 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3185 | PARSE_loc_rules( rules, cmd ); |
| 3186 | } |
| 3187 | |
| 3188 | /* Accounting-Request */ |
| 3189 | { |
| 3190 | /* |
| 3191 | The Accounting-Request (ACR) command, indicated by the Command-Code |
| 3192 | field set to 271 and the Command Flags' 'R' bit set, is sent by a |
| 3193 | Diameter node, acting as a client, in order to exchange accounting |
| 3194 | information with a peer. |
| 3195 | |
| 3196 | One of Acct-Application-Id and Vendor-Specific-Application-Id AVPs |
| 3197 | MUST be present. If the Vendor-Specific-Application-Id grouped AVP |
| 3198 | is present, it MUST include an Acct-Application-Id AVP. |
| 3199 | |
| 3200 | The AVP listed below SHOULD include service specific accounting AVPs, |
| 3201 | as described in Section 9.3. |
| 3202 | |
| 3203 | |
| 3204 | Message Format |
| 3205 | |
| 3206 | <ACR> ::= < Diameter Header: 271, REQ, PXY > |
| 3207 | < Session-Id > |
| 3208 | { Origin-Host } |
| 3209 | { Origin-Realm } |
| 3210 | { Destination-Realm } |
| 3211 | { Accounting-Record-Type } |
| 3212 | { Accounting-Record-Number } |
| 3213 | [ Acct-Application-Id ] |
| 3214 | [ Vendor-Specific-Application-Id ] |
| 3215 | [ User-Name ] |
| 3216 | [ Destination-Host ] |
| 3217 | [ Accounting-Sub-Session-Id ] |
| 3218 | [ Acct-Session-Id ] |
| 3219 | [ Acct-Multi-Session-Id ] |
| 3220 | [ Acct-Interim-Interval ] |
| 3221 | [ Accounting-Realtime-Required ] |
| 3222 | [ Origin-State-Id ] |
| 3223 | [ Event-Timestamp ] |
| 3224 | * [ Proxy-Info ] |
| 3225 | * [ Route-Record ] |
| 3226 | * [ AVP ] |
| 3227 | */ |
| 3228 | struct dict_object * cmd; |
| 3229 | struct dict_cmd_data data = { |
| 3230 | 271, /* Code */ |
| 3231 | #if CC_ACCOUNTING != 271 |
| 3232 | #error "CC_ACCOUNTING definition mismatch" |
| 3233 | #endif |
| 3234 | "Accounting-Request", /* Name */ |
| 3235 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE | CMD_FLAG_ERROR, /* Fixed flags */ |
| 3236 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 3237 | }; |
| 3238 | struct local_rules_definition rules[] = |
| 3239 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 3240 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 3241 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 3242 | ,{ "Destination-Realm", RULE_REQUIRED, -1, 1 } |
| 3243 | ,{ "Accounting-Record-Type", RULE_REQUIRED, -1, 1 } |
| 3244 | ,{ "Accounting-Record-Number", RULE_REQUIRED, -1, 1 } |
| 3245 | ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 3246 | ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 3247 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 3248 | ,{ "Destination-Host", RULE_OPTIONAL, -1, 1 } |
| 3249 | ,{ "Accounting-Sub-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3250 | ,{ "Acct-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3251 | ,{ "Acct-Multi-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3252 | ,{ "Acct-Interim-Interval", RULE_OPTIONAL, -1, 1 } |
| 3253 | ,{ "Accounting-Realtime-Required", RULE_OPTIONAL, -1, 1 } |
| 3254 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3255 | ,{ "Event-Timestamp", RULE_OPTIONAL, -1, 1 } |
| 3256 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3257 | ,{ "Route-Record", RULE_OPTIONAL, -1,-1 } |
| 3258 | }; |
| 3259 | |
| 3260 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3261 | PARSE_loc_rules( rules, cmd ); |
| 3262 | } |
| 3263 | |
| 3264 | /* Accounting-Answer */ |
| 3265 | { |
| 3266 | /* |
| 3267 | The Accounting-Answer (ACA) command, indicated by the Command-Code |
| 3268 | field set to 271 and the Command Flags' 'R' bit cleared, is used to |
| 3269 | acknowledge an Accounting-Request command. The Accounting-Answer |
| 3270 | command contains the same Session-Id as the corresponding request. |
| 3271 | |
| 3272 | Only the target Diameter Server, known as the home Diameter Server, |
| 3273 | SHOULD respond with the Accounting-Answer command. |
| 3274 | |
| 3275 | One of Acct-Application-Id and Vendor-Specific-Application-Id AVPs |
| 3276 | MUST be present. If the Vendor-Specific-Application-Id grouped AVP |
| 3277 | is present, it MUST contain an Acct-Application-Id AVP. |
| 3278 | |
| 3279 | The AVP listed below SHOULD include service specific accounting AVPs, |
| 3280 | as described in Section 9.3. |
| 3281 | |
| 3282 | |
| 3283 | Message Format |
| 3284 | |
| 3285 | <ACA> ::= < Diameter Header: 271, PXY > |
| 3286 | < Session-Id > |
| 3287 | { Result-Code } |
| 3288 | { Origin-Host } |
| 3289 | { Origin-Realm } |
| 3290 | { Accounting-Record-Type } |
| 3291 | { Accounting-Record-Number } |
| 3292 | [ Acct-Application-Id ] |
| 3293 | [ Vendor-Specific-Application-Id ] |
| 3294 | [ User-Name ] |
| 3295 | [ Accounting-Sub-Session-Id ] |
| 3296 | [ Acct-Session-Id ] |
| 3297 | [ Acct-Multi-Session-Id ] |
| 3298 | [ Error-Message ] |
| 3299 | [ Error-Reporting-Host ] |
| 3300 | [ Failed-AVP ] |
| 3301 | [ Acct-Interim-Interval ] |
| 3302 | [ Accounting-Realtime-Required ] |
| 3303 | [ Origin-State-Id ] |
| 3304 | [ Event-Timestamp ] |
| 3305 | * [ Proxy-Info ] |
| 3306 | * [ AVP ] |
| 3307 | */ |
| 3308 | struct dict_object * cmd; |
| 3309 | struct dict_cmd_data data = { |
| 3310 | 271, /* Code */ |
| 3311 | #if CC_ACCOUNTING != 271 |
| 3312 | #error "CC_ACCOUNTING definition mismatch" |
| 3313 | #endif |
| 3314 | "Accounting-Answer", /* Name */ |
| 3315 | CMD_FLAG_REQUEST | CMD_FLAG_PROXIABLE, /* Fixed flags */ |
| 3316 | CMD_FLAG_PROXIABLE /* Fixed flag values */ |
| 3317 | }; |
| 3318 | struct local_rules_definition rules[] = |
| 3319 | { { "Session-Id", RULE_FIXED_HEAD, -1, 1 } |
| 3320 | ,{ "Result-Code", RULE_REQUIRED, -1, 1 } |
| 3321 | ,{ "Origin-Host", RULE_REQUIRED, -1, 1 } |
| 3322 | ,{ "Origin-Realm", RULE_REQUIRED, -1, 1 } |
| 3323 | ,{ "Accounting-Record-Type", RULE_REQUIRED, -1, 1 } |
| 3324 | ,{ "Accounting-Record-Number", RULE_REQUIRED, -1, 1 } |
| 3325 | ,{ "Acct-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 3326 | ,{ "Vendor-Specific-Application-Id", RULE_OPTIONAL, -1, 1 } |
| 3327 | ,{ "User-Name", RULE_OPTIONAL, -1, 1 } |
| 3328 | ,{ "Accounting-Sub-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3329 | ,{ "Acct-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3330 | ,{ "Acct-Multi-Session-Id", RULE_OPTIONAL, -1, 1 } |
| 3331 | ,{ "Error-Message", RULE_OPTIONAL, -1, 1 } |
| 3332 | ,{ "Error-Reporting-Host", RULE_OPTIONAL, -1, 1 } |
| 3333 | ,{ "Failed-AVP", RULE_OPTIONAL, -1, 1 } |
| 3334 | ,{ "Acct-Interim-Interval", RULE_OPTIONAL, -1, 1 } |
| 3335 | ,{ "Accounting-Realtime-Required", RULE_OPTIONAL, -1, 1 } |
| 3336 | ,{ "Origin-State-Id", RULE_OPTIONAL, -1, 1 } |
| 3337 | ,{ "Event-Timestamp", RULE_OPTIONAL, -1, 1 } |
| 3338 | ,{ "Proxy-Info", RULE_OPTIONAL, -1,-1 } |
| 3339 | }; |
| 3340 | |
| 3341 | CHECK_dict_new( DICT_COMMAND, &data , NULL, &cmd); |
| 3342 | PARSE_loc_rules( rules, cmd ); |
| 3343 | } |
| 3344 | } |
| 3345 | |
| 3346 | return 0; |
| 3347 | } |