From deed57ed8da08e3262d61197da2ed00391b94be6 Mon Sep 17 00:00:00 2001 From: Anders Svensson Date: Thu, 19 Mar 2015 23:57:43 +0100 Subject: Improve language consistency in diameter(1) Akin to commit 85d44b58. --- lib/diameter/doc/src/diameter.xml | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) (limited to 'lib/diameter/doc') diff --git a/lib/diameter/doc/src/diameter.xml b/lib/diameter/doc/src/diameter.xml index 638c1c4c2b..a5a99f7835 100644 --- a/lib/diameter/doc/src/diameter.xml +++ b/lib/diameter/doc/src/diameter.xml @@ -303,7 +303,7 @@ Defaults to none.

{timeout, &dict_Unsigned32;}

-The number of milliseconds after which the request should +Number of milliseconds after which the request should timeout. Defaults to 5000.

 @@ -742,7 +742,7 @@ info fields of forms other than the above.

service_name() = term()

-The name of a service as passed to &start_service; and with which the +Name of a service as passed to &start_service; and with which the service is identified. There can be at most one service with a given name on a given node. Note that &make_ref; @@ -754,7 +754,7 @@ can be used to generate a service name that is somewhat unique.

service_opt()

-An option passed to &start_service;. +Option passed to &start_service;. Can be any &capability; as well as the following.

@@ -762,7 +762,7 @@ Can be any &capability; as well as the following.

{application, [&application_opt;]}

-Defines a Diameter application supported by the service.

+A Diameter application supported by the service.

A service must configure one tuple for each Diameter @@ -790,7 +790,7 @@ be matched by corresponding &capability; configuration, of | evaluable()}

-Specifies the degree to which the service allows multiple transport +The degree to which the service allows multiple transport connections to the same peer, as identified by its Origin-Host at capabilities exchange.

@@ -816,7 +816,7 @@ Defaults to nodes.

{sequence, {H,N} | &evaluable;}

-Specifies a constant value H for the topmost 32-N bits of +A constant value H for the topmost 32-N bits of of 32-bit End-to-End and Hop-by-Hop Identifiers generated by the service, either explicitly or as a return value of a function to be evaluated at &start_service;. @@ -851,7 +851,7 @@ outgoing requests.

{share_peers, boolean() | [node()] | evaluable()}

-Specifies nodes to which peer connections established on the local +Nodes to which peer connections established on the local Erlang node are communicated. Shared peers become available in the remote candidates list passed to &app_pick_peer; callbacks on remote nodes whose services are @@ -890,7 +890,7 @@ of a single Diameter node across multiple Erlang nodes.

{spawn_opt, [term()]}

-An options list passed to &spawn_opt; when spawning a process for an +Options list passed to &spawn_opt; when spawning a process for an incoming Diameter request, unless the transport in question specifies another value. Options monitor and link are ignored.

@@ -902,7 +902,7 @@ Defaults to the empty list.

{use_shared_peers, boolean() | [node()] | evaluable()}

-Specifies nodes from which communicated peers are made available in +Nodes from which communicated peers are made available in the remote candidates list of &app_pick_peer; callbacks.

@@ -942,7 +942,7 @@ each node from which requests are sent.

transport_opt()

-An option passed to &add_transport;. +Option passed to &add_transport;. Has one of the following types.

@@ -950,8 +950,7 @@ Has one of the following types.

{applications, [&application_alias;]}

-The list of Diameter applications to which the transport should be -restricted. +Diameter applications to which the transport should be restricted. Defaults to all applications configured on the service in question. Applications not configured on the service in question are ignored.

@@ -984,7 +983,7 @@ TLS is desired over TCP as implemented by &man_tcp;.

{capabilities_cb, &evaluable;}

-A callback invoked upon reception of CER/CEA during capabilities +Callback invoked upon reception of CER/CEA during capabilities exchange in order to ask whether or not the connection should be accepted. Applied to the &transport_ref; and @@ -1207,7 +1206,7 @@ the same peer.

{spawn_opt, [term()]}

-Options list passed to &spawn_opt; when spawning a process for an +Options passed to &spawn_opt; when spawning a process for an incoming Diameter request. Options monitor and link are ignored.

-- cgit v1.2.3 From 1590920c910c030369fbf871b63f6836b988e90a Mon Sep 17 00:00:00 2001 From: Anders Svensson Date: Thu, 12 Feb 2015 11:41:59 +0100 Subject: Add service_opt() string_decode To control whether stringish Diameter types are decoded to string or left as binary. The motivation is the same as in the parent commit: to avoid large strings being copied when incoming Diameter messages are passed between processes; or *if* in the case of messages destined for handle_request and handle_answer callbacks, since these are decoded in the dedicated processes that the callbacks take place in. It would be possible to do something about other messages without requiring an option, but disabling the decode is the most effective. The value is a boolean(), true being the default for backwards compatibility. Setting false causes both diameter_caps records and decoded messages to contain binary() in relevant places that previously had string(): diameter_app(3) callbacks need to be prepared for the change. The Diameter types affected are OctetString and the derived types that can contain arbitrarily large values: OctetString, UTF8String, DiameterIdentity, DiameterURI, IPFilterRule, and QoSFilterRule. Time and Address are unaffected. The DiameterURI decode has been redone using re(3), which both simplifies and does away with a vulnerability resulting from the conversion of arbitrary strings to atom. The solution continues the use and abuse of the process dictionary for encode/decode purposes, last seen in commit 0f9cdba. --- lib/diameter/doc/src/diameter.xml | 24 ++++++++++++++++++++++++ lib/diameter/doc/src/diameter_dict.xml | 9 +++++++-- lib/diameter/doc/src/seealso.ent | 5 +++++ 3 files changed, 36 insertions(+), 2 deletions(-) (limited to 'lib/diameter/doc') diff --git a/lib/diameter/doc/src/diameter.xml b/lib/diameter/doc/src/diameter.xml index a5a99f7835..cb397614e5 100644 --- a/lib/diameter/doc/src/diameter.xml +++ b/lib/diameter/doc/src/diameter.xml @@ -899,6 +899,30 @@ Options monitor and link are ignored.

Defaults to the empty list.

 + +{string_decode, boolean()} + +

+Whether or not to decode AVPs of type &dict_OctetString; and its +derived types &dict_DiameterIdentity;, &dict_DiameterURI;, +&dict_IPFilterRule;, &dict_QoSFilterRule;, and &dict_UTF8String;. +If true then AVPs of these types are decoded to string(). +If false then values are retained as binary().

+ +

+Defaults to true.

+ + +

+This option should be set to false +since a sufficiently malicious peer can otherwise cause large amounts +of memory to be consumed when decoded Diameter messages are passed +between processes. +The default value is for backwards compatibility.

+ + + + {use_shared_peers, boolean() | [node()] | evaluable()}

diff --git a/lib/diameter/doc/src/diameter_dict.xml b/lib/diameter/doc/src/diameter_dict.xml index 810a146b88..9db9bcffde 100644 --- a/lib/diameter/doc/src/diameter_dict.xml +++ b/lib/diameter/doc/src/diameter_dict.xml @@ -528,6 +528,11 @@ in a request record when sending a request, returned in a resulting answer record and passed to a &app_handle_request; callback upon reception of an incoming request.

+

+In cases in which there is a choice between list() and binary() types +for OctetString() and derived types, the representation is determined +by the value of &mod_string_decode;.

+

Basic AVP Data Formats

@@ -541,7 +546,7 @@ callback upon reception of an incoming request.

-OctetString() = [0..255]
+OctetString() = string() | binary()
 Integer32()   = -2147483647..2147483647
 Integer64()   = -9223372036854775807..9223372036854775807
 Unsigned32()  = 0..4294967295
@@ -603,7 +608,7 @@ and {{2104,2,26},{9,42,23}} (both inclusive) can be encoded.

 
 
 
-UTF8String() = [integer()]
+UTF8String() = [integer()] | binary()
 

 
 

diff --git a/lib/diameter/doc/src/seealso.ent b/lib/diameter/doc/src/seealso.ent
index 44541afb9b..b0e3a2c712 100644
--- a/lib/diameter/doc/src/seealso.ent
+++ b/lib/diameter/doc/src/seealso.ent
@@ -69,6 +69,8 @@ significant.
 connect_timer'>
 watchdog_timer'>
 
+diameter:service_opt() string_decode'>
+
 
 
 handle_answer/4'>
@@ -102,6 +104,9 @@ significant.
 
 Address()'>
 DiameterIdentity()'>
+DiameterURI()'>
+IPFilterRule()'>
+QoSFilterRule()'>
 Grouped()'>
 OctetString()'>
 Time()'>
-- 
cgit v1.2.3