aboutsummaryrefslogtreecommitdiffstats
path: root/lib/diameter/src/base
AgeCommit message (Collapse)Author
2015-06-22Merge branch 'bruce/change-license'Bruce Yinhe
OTP-12845 * bruce/change-license: fix errors caused by changed line numbers Change license text to APLv2
2015-06-22Merge branch 'anders/diameter/18/OTP-12588'Anders Svensson
* anders/diameter/18/OTP-12588: vsn -> 1.10 Remove dead upgrade-related code Update appup for 18 Fix release note typo Fix comment typo
2015-06-22Merge branch 'anders/diameter/sctp/OTP-12768'Anders Svensson
* anders/diameter/sctp/OTP-12768: Fix connection timeouts in test transports Fix start order of alternate transports Log discarded answers Ensure accepting processes are first in, first out Remove upgrade-related code Be less parallel in traffic suite Increase send/receive buffers for testsuite SCTP listeners Decrease unnecessarily long testsuite timetraps Simplify accepting transport start Simplify peeloff signaling Simplify socket close at terminate Don't monitor listener after peeloff Don't receive initial messages out of order Remove assumption that SCTP association ids will be unique
2015-06-22Merge branch 'anders/diameter/grouped_errors/OTP-12721'Anders Svensson
* anders/diameter/grouped_errors/OTP-12721: Fix decode of Grouped AVPs containing errors Simplify logic Simplify logic
2015-06-21Fix start order of alternate transportsAnders Svensson
A transport configured with diameter:add_transport/2 can be passed multiple transport_module/transport_config tuples in order to specify alternate configuration, modules being attempted in order until one succeeds. This is primarily for the connecting case, to allow a transport to be configured to first attempt connection over SCTP, and then TCP in case SCTP fails, with configuration like that documented: {transport_module, diameter_sctp}, {transport_config, [...], 5000}, {transport_module, diameter_tcp}, {transport_config, [...]} If the options are the same in both cases, another possibility would be configuration like this, which attaches the same transport_config to both modules: {transport_module, diameter_sctp}, {transport_module, diameter_tcp}, {transport_config, [...], 5000}, However, in this case the start order was reversed relative to the documented order: first tcp, then sctp. This commit restores the intended order. OTP-12851
2015-06-20Remove dead upgrade-related codeAnders Svensson
Not needed with the parent commit's restart_application.
2015-06-20Log discarded answersAnders Svensson
To diameter_lib:log/4, which was last motivated in commit 39acfdb0.
2015-06-18Change license text to APLv2Bruce Yinhe
2015-06-18Fix decode of Grouped AVPs containing errorsAnders Svensson
RFC 6733 says this of Failed-AVP in 7.5: In the case where the offending AVP is embedded within a Grouped AVP, the Failed-AVP MAY contain the grouped AVP, which in turn contains the single offending AVP. The same method MAY be employed if the grouped AVP itself is embedded in yet another grouped AVP and so on. In this case, the Failed-AVP MAY contain the grouped AVP hierarchy up to the single offending AVP. This enables the recipient to detect the location of the offending AVP when embedded in a group. It says this of DIAMETER_INVALID_AVP_LENGTH in 7.1.5: The request contained an AVP with an invalid length. A Diameter message indicating this error MUST include the offending AVPs within a Failed-AVP AVP. In cases where the erroneous AVP length value exceeds the message length or is less than the minimum AVP header length, it is sufficient to include the offending AVP header and a zero filled payload of the minimum required length for the payloads data type. If the AVP is a Grouped AVP, the Grouped AVP header with an empty payload would be sufficient to indicate the offending AVP. In the case where the offending AVP header cannot be fully decoded when the AVP length is less than the minimum AVP header length, it is sufficient to include an offending AVP header that is formulated by padding the incomplete AVP header with zero up to the minimum AVP header length. The AVPs placed in the errors field of a diameter_packet record are intended to be appropriate for inclusion in a Failed-AVP, but neither of the above paragraphs has been followed in the Grouped case: the entire faulty AVP (non-faulty components and all) has been included. This made it impossible to identify the actual faulty AVP in all but simple case. This commit adapts the decode to the RFC, and implements the suggested single faulty AVP, nested in as many Grouped containers as required. The best-effort decode of Failed-AVP in answer messages, initially implemented in commit 0f9cdbaf, is also applied.
2015-05-30Merge branch 'maint'Anders Svensson
2015-05-18Fix counting of no_result_code/invalid_error_bitAnders Svensson
The message was regarded as unknown if the answer message in question set the E-bit and the application dictionary was not the common dictionary.
2015-05-18Count relayed answersAnders Svensson
That is, outgoing answer messages received in response to a handle_request callback having returned {relay, Opts}.
2015-05-18Rename dictionary-related functions/variablesAnders Svensson
To clarify what it is that's being computed, which isn't entirely obvious. No functional change, just renaming.
2015-05-18Lift answer send up the call chainAnders Svensson
As the first step in starting to count outgoing, relayed answer messages.
2015-05-18Count discarded incoming messagesAnders Svensson
An incoming Diameter message is either a request, an answer to an outstanding request, or an unexpected answer. The latter weren't counted, but are now counted on keys of this form: {pid(), {{unknown, 0}, recv, discarded}} The form of the second element is similar to those of other counters, like: {{relay, 0|1}, send|recv, invalid_error_bit} Compare this to the key used when counting known answers: {{ApplicationId, CommandCode, 0}, recv} The application id and command code aren't included so as not to count on arbitrary keys, a topic last visited in commit 49e8b11c.
2015-05-18Include R-bit in unknown message counter keysAnders Svensson
To differentiate between requests and answers, in analogy with relay counters. This isn't backwards compatible, but these counters aren't yet documented.
2015-05-18Fix broken relay countersAnders Svensson
Commit 49e8b11c broke the counting of relayed message, causing them to be accumulated as unknown messages.
2015-05-18Fix broken result code countersAnders Svensson
Commit a1df50b3 broke result code counters in the case of answer messages sent as a header/avp lists (unless the avps, untypically, set the name field), and for answers sent/received in the relay application.
2015-05-06Merge branch 'maint'Zandra Hird
Conflicts: OTP_VERSION erts/vsn.mk lib/test_server/src/erl2html2.erl
2015-05-06Merge branch 'anders/diameter/counters/OTP-12701' into maint-17Erlang/OTP
* anders/diameter/counters/OTP-12701: Add counters testcase to 3xxx suite Fix counting error with unknown application id Add missing doc wording
2015-05-06Merge branch 'anders/diameter/result_codes/OTP-12654' into maint-17Erlang/OTP
* anders/diameter/result_codes/OTP-12654: Fix broken traffic testcase Match harder in traffic suite Don't confuse Result-Code and Experimental-Result
2015-05-05Don't confuse Result-Code and Experimental-ResultAnders Svensson
Decode of an answer message not setting the E-bit, and containing Experiment-Result but not Result-Code, identified Result-Code as the erroneous when Erroneous-Result-Code was 3xxx. Here's an example (from trace) of a the errors field after decode: [{5004, {diameter_avp,undefined,undefined,false,false,undefined,'Result-Code', 3001,undefined,undefined}}], The diameter_avp was just constructed from the AVP name and decoded result, without regard for which result code AVP contained the value. Fix by extracting the AVP from the incoming message.
2015-05-03Fix counting error with unknown application idAnders Svensson
Statistics could be accumulated on a key like {{23,275,0}, recv} even though 23 was not the application id of the dictionary in question. Missed in commits df19c272 and 7816ab2f.
2015-04-03Remove extra avp bit from diameter_avp decodeAnders Svensson
In the case of a faulty AVP Length (pointing past the end of a message or not spanning the header), an extra bit is prepended to data bytes in diameter_avp:collect_avps/1 in order to force a 5014 decode error. The bit is supposed to be removed as part of the decode in diameter_gen.hrl but this didn't happen in case of an AVP that unknown to the dictionary in question.
2015-03-27Merge branch 'maint'Anders Svensson
2015-03-27Limit FQDN in DiameterURI to 255 octetsAnders Svensson
As for the port number in the parent commit, a FQDN can't be arbitrarily long, at most 255 octets. Make decode fail if it's more.
2015-03-27Limit DiameterURI ports to 0-65535 digits on decodeAnders Svensson
A port number is a 16-bit integer, but the regexp used to parse it in commit 1590920 slavishly followed the RFC 6733 grammar in matching an arbitrary number of digits. Make decode fail if it's anything more than 5, to avoid doing erlang:list_to_integer/1 on arbitrarily large lists. Also make it fail if the resulting integer is outside of the expected range.
2015-03-27Add service_opt() incoming_maxlenAnders Svensson
To bound the length of incoming messages that will be decoded. A message longer than the specified number of bytes is discarded. An incoming_maxlen_exceeded counter is incremented to make note of the occurrence. The motivation is to prevent a sufficiently malicious peer from generating significant load by sending long messages with many AVPs for diameter to decode. The 24-bit message length header accomodates (16#FFFFFF - 20) div 12 = 1398099 Unsigned32 AVPs for example, which the current record-valued decode is too slow with in practice. A bound of 16#FFFF bytes allows for 5461 small AVPs, which is probably more than enough for the majority of applications, but the default is the full 16#FFFFFF.
2015-03-26Add guard to reject {spawn_opt, false} as transport/service_opt()Anders Svensson
It was possible to configure the option, but doing so caused the service to fail when starting a watchdog process: {function_clause, [{diameter_service,'-spawn_opts/1-lc$^0/1-0-', [false], [{file,"base/diameter_service.erl"},{line,846}]}, {diameter_service,start,5, [{file,"base/diameter_service.erl"},{line,820}]}, {diameter_service,start,3, [{file,"base/diameter_service.erl"},{line,782}]}, {diameter_service,handle_call,3, [{file,"base/diameter_service.erl"},{line,385}]}, {gen_server,try_handle_call,4,[{file,"gen_server.erl"},{line,607}]}, {gen_server,handle_msg,5,[{file,"gen_server.erl"},{line,639}]}, {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]} Tests for the option in the config suite were also missing. Bungled in commit 78b3dc6.
2015-03-24Merge branch 'maint'Anders Svensson
2015-03-24Merge branch 'anders/diameter/dpr/OTP-12609' into maintAnders Svensson
* anders/diameter/dpr/OTP-12609: Discard incoming/outgoing requests after incoming DPR Add transport_opt() dpr_timeout Be lenient with errors in incoming DPR
2015-03-24Adapt to changed DiameterURI defaults in RFC 6733Anders Svensson
Despite claims of full backwards compatibility, the text of RFC 6733 changes the interpretation of unspecified values in a DiameterURI. In particular, 3588 says that the default port and transport are 3868 and sctp respectively, while 6733 says it's either 3868/tcp (aaa) or 5658/tcp (aaas). The 3588 defaults were used regardless, but now use them only if the common dictionary is diameter_gen_base_rfc3588. The 6733 defaults are used otherwise. This kind of change in the standard can lead to interop problems, since a node has to know which RFC its peer is following to know that it will properly interpret missing URI components. Encode of a URI includes all components to avoid such confusion. That said, note that the defaults in the diameter_uri record have *not* been changed. This avoids breaking code that depends on them, but the risk is that such code sends inappropriate values. The record defaults may be changed in a future release, to force values to be explicitly specified.
2015-03-24Reject transport=udp;protocol=diameter at DiameterURI encodeAnders Svensson
Both RFC 3588 and 6733 disallow the combination. Make its encode fail.
2015-03-24Merge branch 'anders/diameter/string_decode/OTP-11952' into maintAnders Svensson
* anders/diameter/string_decode/OTP-11952: Let examples override default service options Set {restrict_connections, false} in example server Set {string_decode, false} in examples Test {string_decode, false} in traffic suite Add service_opt() string_decode Strip potentially large terms when sending outgoing Diameter messages Improve language consistency in diameter(1)
2015-03-24Merge branch 'anders/diameter/route_record/OTP-12551' into maintAnders Svensson
* anders/diameter/route_record/OTP-12551: Fix ordering of AVPs in relayed messages
2015-03-24Add service_opt() string_decodeAnders Svensson
To control whether stringish Diameter types are decoded to string or left as binary. The motivation is the same as in the parent commit: to avoid large strings being copied when incoming Diameter messages are passed between processes; or *if* in the case of messages destined for handle_request and handle_answer callbacks, since these are decoded in the dedicated processes that the callbacks take place in. It would be possible to do something about other messages without requiring an option, but disabling the decode is the most effective. The value is a boolean(), true being the default for backwards compatibility. Setting false causes both diameter_caps records and decoded messages to contain binary() in relevant places that previously had string(): diameter_app(3) callbacks need to be prepared for the change. The Diameter types affected are OctetString and the derived types that can contain arbitrarily large values: OctetString, UTF8String, DiameterIdentity, DiameterURI, IPFilterRule, and QoSFilterRule. Time and Address are unaffected. The DiameterURI decode has been redone using re(3), which both simplifies and does away with a vulnerability resulting from the conversion of arbitrary strings to atom. The solution continues the use and abuse of the process dictionary for encode/decode purposes, last seen in commit 0f9cdba.
2015-03-23Strip potentially large terms when sending outgoing Diameter messagesAnders Svensson
Both incoming and outgoing Diameter messages pass through two or three processes, depending on whether they're incoming or outgoing: the transport process and corresponding peer_fsm process and (for incoming) watchdog processes. Since terms other than binary are copied when passing process boundaries, large terms lead to copying that can be problematic, if frequent enough. Since only the bin and transport_data fields of a diameter_packet record are needed by the transport process, discard others when sending outgoing messages. Strictly speaking, the statement that only the aforementioned fields are needed by the transport process depends on the transport process. It's true of those implemented by diameter (in diameter_tcp and diameter_sctp), but an implementation that makes use of other fields is assuming more than the documentation in diameter_transport(3) promises.
2015-03-23Merge branch 'maint'Anders Svensson
2015-03-23Discard incoming/outgoing requests after incoming DPRAnders Svensson
With the same motivation as in commits 5bd2d72 and b1fd629. As in the latter, incoming DPR is the only exception.
2015-03-23Add transport_opt() dpr_timeoutAnders Svensson
To cause a peer connection to be closed following an outgoing DPA, in case the peer fails to do so. It is the recipient of DPA that should close the connection according to RFC 6733.
2015-03-23Be lenient with errors in incoming DPRAnders Svensson
To avoid having the peer interpret the error as meaning the connection shouldn't be closed, which probably does more harm than ignoring syntactic errors in the DPR. Note that RFC 6733 says this about incoming DPR, in 5.4 Disconnecting Peer Connections: Upon receipt of the message, the Disconnect-Peer-Answer message is returned, which SHOULD contain an error if messages have recently been forwarded, and are likely in flight, which would otherwise cause a race condition. The race here is presumably between answers to forwarded requests and the outgoing DPA, but we have no handling for this: whether or not there are pending answers is irrelevant to how DPR is answered. It's questionable that a peer should be able to prevent disconnection in any case: it has to be the node sending DPR that decides if it's approriate, and the peer should take it as an indication of what's coming. Incoming DPA is already treated leniently: the only error that's not ignored is mismatching End-to-End and Hop-by-Hop Identifiers, since there's no distinguishing an erroneous value from an unsolicited DPA. This mismatch could also be ignored, which is the case for DWA for example, but this problem is already dealt with by dpa_timeout, which causes a connection to be closed even when the expected DPA isn't received.
2015-03-23Merge branch 'anders/diameter/dpr/OTP-12542' into maintAnders Svensson
* anders/diameter/dpr/OTP-12542: Discard CER or DWR sent with diameter:call/4 Allow DPR to be sent with diameter:call/4 Add transport_opt() dpa_timeout Add testcase for sending DPR with diameter:call/4
2015-03-23Merge branch 'anders/diameter/dpr/OTP-12543' into maintAnders Svensson
* anders/diameter/dpr/OTP-12543: Discard incoming requests after outgoing DPR Discard outgoing requests after outgoing DPR
2015-03-23Fix ordering of AVPs in relayed messagesAnders Svensson
6.1.9 of RFC 6733 states this: A relay or proxy agent MUST append a Route-Record AVP to all requests forwarded. The AVP was inserted as the head of the AVP list, not appended, since the entire AVP list was reversed relative to the received order. Thanks to Andrzej TrawiƄski.
2015-03-22Discard CER or DWR sent with diameter:call/4Anders Svensson
These are requests that diameter itself sends. It's previously been possible to send them, but answers timed out at the caller since they were discarded in diameter_watchdog. Answers will still timeout, but now the requests are discarded before being sent.
2015-03-22Allow DPR to be sent with diameter:call/4Anders Svensson
DPR is sent by diameter at application shutdown, service stop, or transport removal. It has been possible to send the request with diameter:call/4, but the answer was discarded, instead of the transport process being terminated. This commit causes DPR to be handled in the same way regardless of whether it's sent by diameter or by diameter:call/4. Note that the behaviour subsequent to DPA is unchanged. In particular, in the connecting case, the closed connection will be reestablished after a connect_timer expiry unless the transport is removed. The more probable use case is the listening case, to disconnect a single peer associated with a listening transport.
2015-03-22Add transport_opt() dpa_timeoutAnders Svensson
To make the default DPA timeout configurable. The timeout say how many milliseconds to wait for DPA in response to an outgoing DPR before terminating the transport process regardless.
2015-03-22Discard incoming requests after outgoing DPRAnders Svensson
Since there's a race between an answer being sent and the connection being closed upon the reception of DPA that's likely to be lost, and because of the questionability of sending messages after DPR, as discussed in the parent commit. An exception is made for DPR so that simultaneous DPR in both directions doesn't result in it being discarded on both ends.
2015-03-22Discard outgoing requests after outgoing DPRAnders Svensson
RFC 6733 isn't terribly clear about what should happen to incoming or outgoing messages once DPR is sent and the Peer State Machine transitions into state Closing. There's no event for this in section 5.6, Peer State Machine, and no clarification in section 5.4, Disconnecting Peer Connections. There is a little bit of discussion in 2.1.1, SCTP Guidelines, in relation to unordered message delivery, but the tone there is that messages might be received after DPR because of unordered delivery, not because they were actually sent after DPR. Discarding outgoing answers may do more harm than good, but requests are more likely to be unexpected, as has been seen to be the case with DWR following DPR. DPR indicates a desire to close the connection: discard any subsequent outgoing requests.
2015-03-22Merge branch 'maint'Anders Svensson