[hipl-commit] [release-1.0.5] Rev 3803: Syncronized to trunk revisions 4001..4036
- From: Miika Komu <miika@xxxxxx>
- To: hipl-commit@xxxxxxxxxxxxx
- Date: Fri, 19 Mar 2010 12:00:24 +0200
Committer: Miika Komu <miika@xxxxxx>
Date: 19/03/2010 at 12:00:24
Revision: 3803
Revision-id: miika@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: release-1.0.5
Log:
Syncronized to trunk revisions 4001..4036
Modified:
D firewall/lsi.c.doxyme
D hipd/accessor.h.doxyme
D hipd/blind.h.doxyme
D hipd/bos.h.doxyme
D hipd/cert.c.doxyme
D hipd/cert.h.doxyme
D hipd/close.h.doxyme
D hipd/configfilereader.c.doxyme
D hipd/configfilereader.h.doxyme
D hipd/cookie.h.doxyme
D hipd/dh.h.doxyme
D hipd/hadb.h.doxyme
D hipd/hadb_legacy.h.doxyme
D hipd/hi3.h.doxyme
D hipd/hidb.h.doxyme
D hipd/hipd.h.doxyme
D hipd/hiprelay.h.doxyme
D hipd/init.h.doxyme
D hipd/input.h.doxyme
D hipd/keymat.h.doxyme
D hipd/maintenance.h.doxyme
D hipd/nat.c.doxyme
D hipd/nat.h.doxyme
D hipd/netdev.c.doxyme
D hipd/netdev.h.doxyme
D hipd/oppdb.h.doxyme
D hipd/oppipdb.h.doxyme
D hipd/output.c.doxyme
D hipd/output.h.doxyme
D hipd/pfkeyapi.c.doxyme
D hipd/registration.c.doxyme
D hipd/registration.h.doxyme
D hipd/tcptimeout.c
D hipd/tcptimeout.c.doxyme
D hipd/tcptimeout.h
D hipd/tcptimeout.h.doxyme
D hipd/update.c.doxyme
D hipd/update.h.doxyme
D hipd/update_legacy.c.doxyme
D hipd/update_legacy.h.doxyme
D hipd/user.c.doxyme
D hipd/user.h.doxyme
D lib/core/builder.h.doxyme
D lib/core/certtools.c.doxyme
D lib/core/certtools.h.doxyme
D lib/core/common_defines.h.doxyme
D lib/core/debug.h.doxyme
D lib/core/hashtable.h.doxyme
D lib/core/hip_capability.h.doxyme
D lib/core/icomm.h.doxyme
D lib/core/ife.h.doxyme
D lib/core/linkedlist.c.doxyme
D lib/core/linkedlist.h.doxyme
D lib/core/list.h.doxyme
D lib/core/message.h.doxyme
D lib/core/protodefs.h.doxyme
D lib/core/sqlitedbapi.c.doxyme
D lib/core/sqlitedbapi.h.doxyme
D lib/core/state.h.doxyme
D lib/tool/lutil.c.doxyme
D lib/tool/nlink.c.doxyme
D lib/tool/pk.c.doxyme
D lib/tool/xfrmapi.c.doxyme
A lib/tool/pfkeysadb.c
A lib/tool/pfkeysadb.h
M Android.mk
M Makefile.am
M agent/agent.c
M agent/connhipd.c
M agent/gui_interface.c
M agent/hitdb.c
M agent/hitdb.h
M agent/language.c
M agent/str_var.c
M agent/tools.c
M doc/COPYING
M doc/doxygen.h
M doc/verbose-header-files.txt
M firewall/cache.c
M firewall/cache.h
M firewall/cache_port.c
M firewall/cache_port.h
M firewall/common_hipd_msg.c
M firewall/common_hipd_msg.h
M firewall/common_types.h
M firewall/conntrack.c
M firewall/conntrack.h
M firewall/datapkt.c
M firewall/datapkt.h
M firewall/dlist.c
M firewall/dlist.h
M firewall/esp_prot_api.c
M firewall/esp_prot_api.h
M firewall/esp_prot_config.c
M firewall/esp_prot_config.h
M firewall/esp_prot_conntrack.c
M firewall/esp_prot_conntrack.h
M firewall/esp_prot_defines.h
M firewall/esp_prot_fw_msg.c
M firewall/esp_prot_fw_msg.h
M firewall/firewall.h
M firewall/firewall_control.c
M firewall/firewall_control.h
M firewall/firewall_defines.h
M firewall/firewalldb.c
M firewall/firewalldb.h
M firewall/helpers.c
M firewall/helpers.h
M firewall/hslist.c
M firewall/hslist.h
M firewall/lsi.c
M firewall/lsi.h
M firewall/midauth.c
M firewall/midauth.h
M firewall/opptcp.c
M firewall/opptcp.h
M firewall/pisa.c
M firewall/pisa.h
M firewall/pisa_cert.c
M firewall/pisa_cert.h
M firewall/proxy.h
M firewall/proxyconndb.c
M firewall/proxyconndb.h
M firewall/proxydb.h
M firewall/rule_management.c
M firewall/rule_management.h
M firewall/sysopp.c
M firewall/sysopp.h
M firewall/user_ipsec_api.c
M firewall/user_ipsec_api.h
M firewall/user_ipsec_esp.c
M firewall/user_ipsec_esp.h
M firewall/user_ipsec_fw_msg.c
M firewall/user_ipsec_fw_msg.h
M firewall/user_ipsec_sadb.c
M firewall/user_ipsec_sadb.h
M hipd/accessor.h
M hipd/blind.h
M hipd/bos.h
M hipd/cert.c
M hipd/cert.h
M hipd/close.h
M hipd/cookie.h
M hipd/dh.h
M hipd/dht.c
M hipd/dht.h
M hipd/esp_prot_anchordb.c
M hipd/esp_prot_anchordb.h
M hipd/esp_prot_hipd_msg.c
M hipd/esp_prot_hipd_msg.h
M hipd/esp_prot_light_update.c
M hipd/esp_prot_light_update.h
M hipd/hadb.h
M hipd/hadb_legacy.h
M hipd/heartbeat.c
M hipd/heartbeat.h
M hipd/hi3.h
M hipd/hidb.h
M hipd/hipd.c
M hipd/hipd.h
M hipd/hit_to_ip.c
M hipd/hit_to_ip.h
M hipd/init.c
M hipd/init.h
M hipd/keymat.h
M hipd/maintenance.h
M hipd/netdev.c
M hipd/netdev.h
M hipd/nsupdate.c
M hipd/nsupdate.h
M hipd/oppdb.h
M hipd/output.c
M hipd/pfkeyapi.c
M hipd/pfkeyapi.h
M hipd/pisa.c
M hipd/pisa.h
M hipd/registration.c
M hipd/update.c
M hipd/update_legacy.c
M hipd/update_legacy.h
M hipd/user.c
M hipd/user.h
M hipd/user_ipsec_hipd_msg.c
M hipd/user_ipsec_hipd_msg.h
M hipd/user_ipsec_sadb_api.c
M hipd/user_ipsec_sadb_api.h
M i3/utils/netwrap.h
M lib/conf/hipconf.c
M lib/core/certtools.c
M lib/core/certtools.h
M lib/core/common_defines.h
M lib/core/crypto.c
M lib/core/crypto.h
M lib/core/debug.h
M lib/core/esp_prot_common.h
M lib/core/filemanip.h
M lib/core/hashchain.c
M lib/core/hashchain.h
M lib/core/hashchain_store.c
M lib/core/hashchain_store.h
M lib/core/hashtable.h
M lib/core/hashtree.c
M lib/core/hashtree.h
M lib/core/hip_statistics.c
M lib/core/hip_statistics.h
M lib/core/hip_udp.h
M lib/core/hit.h
M lib/core/hostid.h
M lib/core/hostsfiles.h
M lib/core/icomm.h
M lib/core/ife.h
M lib/core/keylen.h
M lib/core/list.h
M lib/core/prefix.h
M lib/core/protodefs.h
M lib/core/solve.h
M lib/core/sqlitedbapi.c
M lib/core/sqlitedbapi.h
M lib/core/straddr.h
M lib/core/transform.h
M lib/dht/libhipdht.c
M lib/dht/libhipdht.h
M lib/dht/libhipdhtxml.c
M lib/dht/libhipdhtxml.h
M lib/gui/create.c
M lib/gui/dragndrop.c
M lib/gui/events.c
M lib/gui/hipgui.c
M lib/gui/tools.c
M lib/gui/widgets.c
M lib/opphip/wrap_db.h
M lib/performance/performance.h
M lib/tool/lutil.c
M lib/tool/nlink.c
M lib/tool/pk.c
M lib/tool/xfrmapi.c
M test/auth_performance.c
M test/certteststub.c
M test/conntest-client-hip.c
M test/conntest-client-native.c
M test/conntest-client-opp.c
M test/conntest-server.c
M test/conntest.c
M test/conntest.h
M test/cookietest.c
M test/demo/stdinclient.c
M test/demo/stdinserver.c
M test/dhtteststub.c
M test/hadb_deprecated.c
M test/hadb_old.c
M test/hadb_old.h
M test/hashtest.c
M test/hc_performance.c
M test/keygentest.c
M test/listtest.c
M test/misc_install.c
M test/misc_install.h
M test/performance/cookiesolver.c
M test/sqliteteststub.c
M tools/pisacert.c
M verbose-headers.txt
=== modified file 'Android.mk'
--- Android.mk 2010-03-19 09:53:35 +0000
+++ Android.mk 2010-03-19 10:00:34 +0000
@@ -39,7 +39,6 @@
accessor.c \
oppipdb.c \
dh.c \
- tcptimeout.c \
cert.c \
user_ipsec_sadb_api.c \
user_ipsec_hipd_msg.c \
=== modified file 'Makefile.am'
--- Makefile.am 2010-03-19 09:53:35 +0000
+++ Makefile.am 2010-03-19 10:00:34 +0000
@@ -178,7 +178,6 @@
hipd/accessor.c \
hipd/oppipdb.c \
hipd/dh.c \
- hipd/tcptimeout.c \
hipd/cert.c \
hipd/user_ipsec_sadb_api.c \
hipd/user_ipsec_hipd_msg.c \
@@ -221,7 +220,6 @@
firewall/dlist.c \
firewall/hslist.c \
firewall/user_ipsec_api.c \
- firewall/user_ipsec_esp.c \
firewall/user_ipsec_sadb.c \
firewall/user_ipsec_fw_msg.c \
firewall/common_hipd_msg.c \
@@ -238,7 +236,8 @@
firewall/savah_gateway.c \
firewall/cache.c \
firewall/cache_port.c \
- firewall/datapkt.c
+ firewall/datapkt.c \
+ firewall/user_ipsec_esp.c
if HIP_MIDAUTH
firewall_hipfw_SOURCES += firewall/midauth.c \
@@ -332,7 +331,9 @@
DISTCLEANFILES = lib/ipsec/policy_token.h
# don't use libipsec, but xfrmapi
-if !HIP_PFKEY
+if HIP_PFKEY
+lib_tool_libhiptool_la_SOURCES += lib/tool/pfkeysadb.c
+else
lib_tool_libhiptool_la_SOURCES += lib/tool/xfrmapi.c
endif # HIPPFKEY
=== modified file 'agent/agent.c'
--- agent/agent.c 2010-03-19 09:53:35 +0000
+++ agent/agent.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file agent/agent.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains all the necessary signal handlers for the agent. The
signal handlers
* defined in this file are only used in the main() of this file.
=== modified file 'agent/connhipd.c'
--- agent/connhipd.c 2010-03-19 09:53:35 +0000
+++ agent/connhipd.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file agent/connhipd.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains all the necessary things for the agent to communicate
with
* the hipd, initialization of the socket, handling of the messages, thread to
ping the
=== modified file 'agent/gui_interface.c'
--- agent/gui_interface.c 2010-02-17 17:38:08 +0000
+++ agent/gui_interface.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file agent/gui_interface.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'agent/hitdb.c'
--- agent/hitdb.c 2010-02-17 17:38:08 +0000
+++ agent/hitdb.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file agent/hitdb.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Functions to manipulate the HIT database and do searcher from it.
* Also contains the functionality that inserts the records from memory to
=== modified file 'agent/hitdb.h'
--- agent/hitdb.h 2010-02-17 17:38:08 +0000
+++ agent/hitdb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_AGENT_HITDB_H
#define HIP_AGENT_HITDB_H
=== modified file 'agent/language.c'
--- agent/language.c 2010-02-17 17:38:08 +0000
+++ agent/language.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file agent/language.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Functions that load different defined languages and how to search
* specific strings in that language
=== modified file 'agent/str_var.c'
--- agent/str_var.c 2010-02-17 17:38:08 +0000
+++ agent/str_var.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file agent/str_var.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains functions that are used to create the memory
* representation (linked list) of the language file.
=== modified file 'agent/tools.c'
--- agent/tools.c 2010-02-17 17:38:08 +0000
+++ agent/tools.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file agent/tools.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'doc/COPYING'
--- doc/COPYING 2010-02-18 12:26:08 +0000
+++ doc/COPYING 2010-03-19 10:00:34 +0000
@@ -1,3 +1,76 @@
+HIPL Licensing Conditions
+=========================
+
+HIPL is licensed under GPLv2 until June 2010. After this, the license
+of the code developed for the HIPL project changes from GPLv2 to
+MIT (Expat license). However, the following companies can use the code
+developed for the HIPL project using the MIT license already before the
+mentioned date:
+
+ * Nokia OYJ
+ * OY LM Ericsson Ab
+ * Elisa Oyj
+ * Puolustusvoimat
+ * Birdstep Technology Oy
+ * TeliaSonera Finland Oyj
+ * Tekes
+
+The code under the following directories was developed for the HIPL project:
+
+ * firewall (see an exception below)
+ * tools (see exceptions below)
+ * lib/performance
+ * lib/opphip
+ * lib/conf
+ * lib/gui
+ * lib/core
+ * test
+ * agent
+ * hipd
+ * doc
+
+The following directories contain code imported from other projects
+and have their own licensing conditions:
+
+ * firewall/user_ipsec_esp.c
+ * tools/daemontools
+ * tools/djbdns
+ * tools/DNS
+ * lib/android
+ * lib/tool
+ * lib/ipsec
+ * i3
+
+MIT (Expat) License
+===================
+
+ Copyright (c) 2010 Helsinki University of Technology (Aalto
+ University) and RWTH Aachen University.
+
+ Permission is hereby granted, free of charge, to any person
+ obtaining a copy of this software and associated documentation
+ files (the "Software"), to deal in the Software without
+ restriction, including without limitation the rights to use,
+ copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the
+ Software is furnished to do so, subject to the following
+ conditions:
+
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+
+GPLv2 License
+=============
+
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
=== modified file 'doc/doxygen.h'
--- doc/doxygen.h 2010-02-18 14:06:56 +0000
+++ doc/doxygen.h 2010-03-19 10:00:34 +0000
@@ -2,6 +2,9 @@
#define DOXYGEN_H
/**
* @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* There should be no need to include this file anywhere! This is only for
* defining doxygen related things, such as groups and lists.
*/
@@ -319,7 +322,7 @@
*/
/**
- * @file libinet6/protodefs.h
+ * @file
* @def HIP_I1
* @def HIP_R1
* @def HIP_I2
@@ -405,7 +408,7 @@
*/
/**
- * @file libinet6/protodefs.h
+ * @file
* @def HIP_PARAM_MIN
* Defines the minimum parameter type value.
* @note exclusive
@@ -550,7 +553,7 @@
*/
/**
- * @file libinet6/protodefs.h
+ * @file
* @def HIP_NTF_UNSUPPORTED_CRITICAL_PARAMETER_TYPE
* Sent if the parameter type has the "critical" bit set and the
* parameter type is not recognized. Notification Data contains the two
@@ -625,7 +628,7 @@
*/
/**
- * @file libinet6/protodefs.h
+ * @file
* @def HIP_SERVICE_RENDEZVOUS
* Rendezvous service for relaying I1 packets.
* @def HIP_SERVICE_RELAY
@@ -636,7 +639,7 @@
*/
/**
- * @file libinet6/protodefs.h
+ * @file
* @struct hip_rvs_hmac
* Rendezvous server hmac. A non-critical parameter whose only
difference with
* the @c HMAC parameter defined in [I-D.ietf-hip-base] is its @c type
code.
@@ -778,7 +781,7 @@
*/
/**
- * @file libinet6/state.h
+ * @file
* @def HIP_STATE_NONE
* No state, structure unused.
* @def HIP_STATE_UNASSOCIATED
=== modified file 'doc/verbose-header-files.txt'
--- doc/verbose-header-files.txt 2010-02-01 13:24:34 +0000
+++ doc/verbose-header-files.txt 2010-03-19 10:00:34 +0000
@@ -36,7 +36,6 @@
libhipconf/hipconf.h : ACTION_RUN
libhipconf/hipconf.h : ACTION_SET
libhipconf/hipconf.h : ACTION_SHOTGUN
-libhipconf/hipconf.h : ACTION_TCPTIMEOUT
libhipconf/hipconf.h : ACTION_TRANSORDER
firewall/esp_prot_api firewall/user_ipsec_sadb.h : active_item_length
libhipcore/hip_statistics.h : added_squared_values
@@ -277,7 +276,6 @@
libhipconf/hipconf.h : hip_conf_handle_service
libhipconf/hipconf.h : hip_conf_handle_set
libhipconf/hipconf.h : hip_conf_handle_shotgun_toggle
-libhipconf/hipconf.h : hip_conf_handle_tcptimeout
libhipconf/hipconf.h : hip_conf_handle_trans_order
libhipconf/hipconf.h : hip_conf_handle_ttl
firewall/conndb.h : hip_conn
@@ -558,7 +556,6 @@
libhipcore/state.h : hip_stateless_info
libhipcore/hip_statistics.h : HIP_STATISTICS_H_
libhipcore/protodefs.h : hip_stun
-hipd/tcptimeout.h : HIP_TCPTIMEOUT
libhipcore/protodefs.h : HIP_TEREDO_TYPE_MASK_100
libhipcore/utils.h : HIP_TMP_FNAME_TEMPLATE
libhipcore/state.h : hip_turn_info
@@ -1208,20 +1205,10 @@
agent/str_var.h : str_var_empty
agent/str_var.h : str_var_find
libhipandroid/regex.h : syntax
-hipd/tcptimeout.h : sysctl_set_command
-hipd/tcptimeout.h : SYSCTL_SET_COMMAND
+
libipsec/libpfkey.h : __SYSDEP_SA_LEN__
libhipcore/debug.h : SYSLOG_FACILITY
libhipcore/debug.h : SYSLOG_OPT
-hipd/tcptimeout.h : TCP_RETRIES_1_DEFAULT
-hipd/tcptimeout.h : TCP_RETRIES_1_NEW
-hipd/tcptimeout.h : TCP_RETRIES_1_STRING
-hipd/tcptimeout.h : TCP_RETRIES_2_DEFAULT
-hipd/tcptimeout.h : TCP_RETRIES_2_NEW
-hipd/tcptimeout.h : TCP_RETRIES_2_STRING
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_DEFAULT
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_NEW
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_STRING
test/unittest.h : TEST_CASE
firewall/rule_management.h : test_parse_copy
firewall/rule_management.h : test_rule_management
@@ -1281,7 +1268,6 @@
firewall/common_types.h : TYPES_H_
libhipconf/hipconf.h : TYPE_SHOTGUN
firewall/rule_management.h : TYPE_STR
-libhipconf/hipconf.h : TYPE_TCPTIMEOUT
libhipconf/hipconf.h : TYPE_TTL
hipd/hiprelay.h : udp_port_r
test/suite test/unittest.h : unit_test_suite_list_userspace
=== modified file 'firewall/cache.c'
--- firewall/cache.c 2010-03-19 09:53:35 +0000
+++ firewall/cache.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/cache.c
+ * @file
*
* Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*
=== modified file 'firewall/cache.h'
--- firewall/cache.h 2010-03-03 13:16:18 +0000
+++ firewall/cache.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_CACHE_H
#define HIP_FIREWALL_CACHE_H
=== modified file 'firewall/cache_port.c'
--- firewall/cache_port.c 2010-03-19 09:53:35 +0000
+++ firewall/cache_port.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/cache_port.c
+ * @file
*
* Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*
=== modified file 'firewall/cache_port.h'
--- firewall/cache_port.h 2010-02-17 17:38:08 +0000
+++ firewall/cache_port.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_CACHE_PORT_H
#define HIP_FIREWALL_CACHE_PORT_H
=== modified file 'firewall/common_hipd_msg.c'
--- firewall/common_hipd_msg.c 2010-03-19 09:53:35 +0000
+++ firewall/common_hipd_msg.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,13 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
+ *
+ * Contains one function to get the state of a host association.
+ *
+ * @author Miika Komu <miika@xxxxxx>
+ */
+
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'firewall/common_hipd_msg.h'
--- firewall/common_hipd_msg.h 2010-02-17 17:38:08 +0000
+++ firewall/common_hipd_msg.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_COMMON_HIPD_MSG_H
#define HIP_FIREWALL_COMMON_HIPD_MSG_H
=== modified file 'firewall/common_types.h'
--- firewall/common_types.h 2010-02-17 13:08:39 +0000
+++ firewall/common_types.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_COMMON_TYPES_H
#define HIP_FIREWALL_COMMON_TYPES_H
=== modified file 'firewall/conntrack.c'
--- firewall/conntrack.c 2010-03-19 09:53:35 +0000
+++ firewall/conntrack.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/conntrack.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>.
*
=== modified file 'firewall/conntrack.h'
--- firewall/conntrack.h 2010-03-19 09:53:35 +0000
+++ firewall/conntrack.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_CONNTRACK_H
#define HIP_FIREWALL_CONNTRACK_H
=== modified file 'firewall/datapkt.c'
--- firewall/datapkt.c 2010-03-19 09:53:35 +0000
+++ firewall/datapkt.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/datapkt.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'firewall/datapkt.h'
--- firewall/datapkt.h 2010-02-17 17:38:08 +0000
+++ firewall/datapkt.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_DATAPKT_H
#define HIP_FIREWALL_DATAPKT_H
=== modified file 'firewall/dlist.c'
--- firewall/dlist.c 2010-02-14 12:32:17 +0000
+++ firewall/dlist.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/dlist.c
+ * @file
*
* Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*
=== modified file 'firewall/dlist.h'
--- firewall/dlist.h 2010-02-17 17:38:08 +0000
+++ firewall/dlist.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_DLIST_H
#define HIP_FIREWALL_DLIST_H
=== modified file 'firewall/esp_prot_api.c'
--- firewall/esp_prot_api.c 2010-03-19 09:53:35 +0000
+++ firewall/esp_prot_api.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_api.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/esp_prot_api.h'
--- firewall/esp_prot_api.h 2010-02-17 17:38:08 +0000
+++ firewall/esp_prot_api.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_api.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for adding and verifying tokens to ESP data packets for the
* different modes, in order to allow middleboxes to inspect and
=== modified file 'firewall/esp_prot_config.c'
--- firewall/esp_prot_config.c 2010-02-17 17:38:08 +0000
+++ firewall/esp_prot_config.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_config.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/esp_prot_config.h'
--- firewall/esp_prot_config.h 2010-03-19 09:53:35 +0000
+++ firewall/esp_prot_config.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_config.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for reading of the configuration files for the
* ESP protection extension. It furthermore provides sanity
=== modified file 'firewall/esp_prot_conntrack.c'
--- firewall/esp_prot_conntrack.c 2010-03-19 09:53:35 +0000
+++ firewall/esp_prot_conntrack.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_conntrack.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'firewall/esp_prot_conntrack.h'
--- firewall/esp_prot_conntrack.h 2010-03-19 09:53:35 +0000
+++ firewall/esp_prot_conntrack.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_conntrack.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for the connection tracking for the ESP protection extension.
*
=== modified file 'firewall/esp_prot_defines.h'
--- firewall/esp_prot_defines.h 2010-02-17 17:38:08 +0000
+++ firewall/esp_prot_defines.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_ESP_PROT_DEFINES_H
#define HIP_FIREWALL_ESP_PROT_DEFINES_H
=== modified file 'firewall/esp_prot_fw_msg.c'
--- firewall/esp_prot_fw_msg.c 2010-03-19 09:53:35 +0000
+++ firewall/esp_prot_fw_msg.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_fw_msg.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/esp_prot_fw_msg.h'
--- firewall/esp_prot_fw_msg.h 2010-02-17 17:38:08 +0000
+++ firewall/esp_prot_fw_msg.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_fw_msg.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for the communication with the hipd.
*
=== modified file 'firewall/firewall.h'
--- firewall/firewall.h 2010-03-19 09:53:35 +0000
+++ firewall/firewall.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_FIREWALL_H
#define HIP_FIREWALL_FIREWALL_H
=== modified file 'firewall/firewall_control.c'
--- firewall/firewall_control.c 2010-03-19 09:53:35 +0000
+++ firewall/firewall_control.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/firewall_control.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'firewall/firewall_control.h'
--- firewall/firewall_control.h 2010-03-19 09:53:35 +0000
+++ firewall/firewall_control.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_FIREWALL_CONTROL_H
#define HIP_FIREWALL_FIREWALL_CONTROL_H
=== modified file 'firewall/firewall_defines.h'
--- firewall/firewall_defines.h 2010-03-19 09:53:35 +0000
+++ firewall/firewall_defines.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_FIREWALL_DEFINES_H
#define HIP_FIREWALL_FIREWALL_DEFINES_H
=== modified file 'firewall/firewalldb.c'
--- firewall/firewalldb.c 2010-03-19 09:53:35 +0000
+++ firewall/firewalldb.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/firewalldb.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/firewalldb.h'
--- firewall/firewalldb.h 2010-03-19 09:24:10 +0000
+++ firewall/firewalldb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_FIREWALLDB_H
#define HIP_FIREWALL_FIREWALLDB_H
=== modified file 'firewall/helpers.c'
--- firewall/helpers.c 2010-03-03 13:16:18 +0000
+++ firewall/helpers.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/helpers.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/helpers.h'
--- firewall/helpers.h 2010-02-17 17:38:08 +0000
+++ firewall/helpers.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_HELPERS_H
#define HIP_FIREWALL_HELPERS_H
=== modified file 'firewall/hslist.c'
--- firewall/hslist.c 2010-02-14 12:32:17 +0000
+++ firewall/hslist.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/hslist.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/hslist.h'
--- firewall/hslist.h 2010-02-17 13:08:39 +0000
+++ firewall/hslist.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_HSLIST_H
#define HIP_FIREWALL_HSLIST_H
=== modified file 'firewall/lsi.c'
--- firewall/lsi.c 2010-03-19 09:53:35 +0000
+++ firewall/lsi.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/lsi.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/lsi.h'
--- firewall/lsi.h 2010-03-19 09:53:35 +0000
+++ firewall/lsi.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_LSI_H
#define HIP_FIREWALL_LSI_H
=== modified file 'firewall/midauth.c'
--- firewall/midauth.c 2010-03-19 09:53:35 +0000
+++ firewall/midauth.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/midauth.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/midauth.h'
--- firewall/midauth.h 2010-03-19 09:53:35 +0000
+++ firewall/midauth.h 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/midauth.h
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/opptcp.c'
--- firewall/opptcp.c 2010-03-19 09:53:35 +0000
+++ firewall/opptcp.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/opptcp.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/opptcp.h'
--- firewall/opptcp.h 2010-02-17 13:08:39 +0000
+++ firewall/opptcp.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_OPPTCP_H
#define HIP_FIREWALL_OPPTCP_H
=== modified file 'firewall/pisa.c'
--- firewall/pisa.c 2010-03-19 09:53:35 +0000
+++ firewall/pisa.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/pisa.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/pisa.h'
--- firewall/pisa.h 2010-02-18 09:06:49 +0000
+++ firewall/pisa.h 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/pisa.h
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/pisa_cert.c'
--- firewall/pisa_cert.c 2010-02-18 09:06:49 +0000
+++ firewall/pisa_cert.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/pisa_cert.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/pisa_cert.h'
--- firewall/pisa_cert.h 2010-02-18 09:06:49 +0000
+++ firewall/pisa_cert.h 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/pisa_cert.h
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/proxy.h'
--- firewall/proxy.h 2010-03-19 09:53:35 +0000
+++ firewall/proxy.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_PROXY_H
#define HIP_FIREWALL_PROXY_H
=== modified file 'firewall/proxyconndb.c'
--- firewall/proxyconndb.c 2010-03-03 13:16:18 +0000
+++ firewall/proxyconndb.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/proxyconndb.c
+ * @file
*
* Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*
=== modified file 'firewall/proxyconndb.h'
--- firewall/proxyconndb.h 2010-02-17 17:38:08 +0000
+++ firewall/proxyconndb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_PROXYCONNDB_H
#define HIP_FIREWALL_PROXYCONNDB_H
=== modified file 'firewall/proxydb.h'
--- firewall/proxydb.h 2010-02-17 17:38:08 +0000
+++ firewall/proxydb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_PROXYDB_H
#define HIP_FIREWALL_PROXYDB_H
=== modified file 'firewall/rule_management.c'
--- firewall/rule_management.c 2010-03-19 09:53:35 +0000
+++ firewall/rule_management.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/rule_management.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
@@ -96,7 +96,7 @@
* Writes the default firewall configuration file to the disk if it does
* not exist
*
- * @file the configuration file name
+ * @file
*/
static void check_and_write_default_config(const char *file)
{
=== modified file 'firewall/rule_management.h'
--- firewall/rule_management.h 2010-02-17 17:38:08 +0000
+++ firewall/rule_management.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_RULE_MANAGEMENT_H
#define HIP_FIREWALL_RULE_MANAGEMENT_H
=== modified file 'firewall/sysopp.c'
--- firewall/sysopp.c 2010-03-19 09:53:35 +0000
+++ firewall/sysopp.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,26 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * System-based opportunistic mode for HIP. In contrast to the library-based
+ * opportunistic mode, this code hooks by iptables instead of LD_PRELOAD.
+ * See the following papers for more information:
+ *
+ * - <a href="http://hipl.hiit.fi/hipl/thesis_teresa_finez.pdf";>T. Finez,
+ * Backwards Compatibility Experimentation with Host Identity Protocol
+ * and Legacy Software and Networks , final project, December 2008</a>
+ * - <a href="http://www.iki.fi/miika/docs/ccnc09.pdf";>
+ * Miika Komu and Janne Lindqvist, Leap-of-Faith Security is Enough
+ * for IP Mobility, 6th Annual IEEE Consumer
+ * Communications & Networking Conference IEEE CCNC 2009, Las Vegas,
+ * Nevada, January 2009</a>
+ *
+ * @brief System-based opportunistic mode for HIP
+ * @author Teresa Finez
+ * @author Miika Komu <miika@xxxxxx>
+ */
+
/* required for s6_addr32 */
#define _BSD_SOURCE
@@ -15,6 +38,9 @@
#include "common_hipd_msg.h"
#include "lib/core/hostid.h"
+/**
+ * flush iptables rules for system-based opportunistic mode
+ */
void hip_fw_flush_system_based_opp_chains(void)
{
int err;
@@ -27,8 +53,8 @@
* Checks whether a particular hit is one of the local ones.
* Goes through all the local hits and compares with the given hit.
*
- * @param *hit the input src hit
- * @return 1 if *hit is a local hit
+ * @param hit the input src hit
+ * @return 1 if @c hit is a local hit
* 0 otherwise
*/
static int hit_is_local_hit(const struct in6_addr *hit)
@@ -68,6 +94,13 @@
return res;
}
+/**
+ * Add a by-pass rule to skip opportunistic processing for a peer
+ * that was found non-HIP capable. Offers a significant speed up.
+ *
+ * @param ctx the packet context
+ * @param verdict the verdict to assign for the packet
+ */
static void hip_fw_add_non_hip_peer(const hip_fw_context_t *ctx,
const int verdict)
{
@@ -220,6 +253,13 @@
return verdict;
}
+/**
+ * based on the parameters in a message, assign the HITs and IP addresses
+ * to a given firewall entry
+ *
+ * @param msg the message containing HITs and IP addresses
+ * @return zero on success or negative on error
+ */
int hip_fw_sys_opp_set_peer_hit(const struct hip_common *msg)
{
int err = 0, state;
=== modified file 'firewall/sysopp.h'
--- firewall/sysopp.h 2010-02-17 17:38:08 +0000
+++ firewall/sysopp.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_FIREWALL_SYSOPP_H
#define HIP_FIREWALL_SYSOPP_H
=== modified file 'firewall/user_ipsec_api.c'
--- firewall/user_ipsec_api.c 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_api.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/user_ipsec_api.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
=== modified file 'firewall/user_ipsec_api.h'
--- firewall/user_ipsec_api.h 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_api.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/user_ipsec_api.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This implementation provides the API for userspace IPsec.
*
=== modified file 'firewall/user_ipsec_esp.c'
--- firewall/user_ipsec_esp.c 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_esp.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,9 @@
/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
+/**
* Host Identity Protocol
* Copyright (C) 2004-06 the Boeing Company
*
@@ -12,7 +17,7 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * @file firewall/user_ipsec_esp.c
+ * @file
*
* @author Jeff Ahrenholz <jeffrey.m.ahrenholz@xxxxxxxxxx>
* @author Rene Hummen <rene.hummen@xxxxxxxxxxxxxx> (ported to HIPL project
and major rewrite)
@@ -30,7 +35,7 @@
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include "user_ipsec_esp.h"
-#include "esp_prot_api.h"
+#include "firewall/esp_prot_api.h"
#include "lib/core/prefix.h"
#include "lib/tool/checksum.h"
=== modified file 'firewall/user_ipsec_esp.h'
--- firewall/user_ipsec_esp.h 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_esp.h 2010-03-19 10:00:34 +0000
@@ -1,4 +1,9 @@
/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
+/**
* Host Identity Protocol
* Copyright (C) 2004-06 the Boeing Company
*
@@ -12,7 +17,7 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * @file firewall/user_ipsec_esp.h
+ * @file
*
* @author Jeff Ahrenholz <jeffrey.m.ahrenholz@xxxxxxxxxx>
* @author Rene Hummen <rene.hummen@xxxxxxxxxxxxxx> (ported to HIPL project
and major rewrite)
@@ -26,8 +31,8 @@
#define _BSD_SOURCE
-#include "user_ipsec_sadb.h"
-#include "firewall_defines.h"
+#include "firewall/user_ipsec_sadb.h"
+#include "firewall/firewall_defines.h"
int hip_beet_mode_output(const hip_fw_context_t *ctx,
=== modified file 'firewall/user_ipsec_fw_msg.c'
--- firewall/user_ipsec_fw_msg.c 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_fw_msg.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/user_ipsec_fw_msg.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/user_ipsec_fw_msg.h'
--- firewall/user_ipsec_fw_msg.h 2010-02-17 17:38:08 +0000
+++ firewall/user_ipsec_fw_msg.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/user_ipsec_fw_msg.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Inter-process communication with the hipd for userspace IPsec
*
=== modified file 'firewall/user_ipsec_sadb.c'
--- firewall/user_ipsec_sadb.c 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_sadb.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/user_ipsec_sadb.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'firewall/user_ipsec_sadb.h'
--- firewall/user_ipsec_sadb.h 2010-03-19 09:53:35 +0000
+++ firewall/user_ipsec_sadb.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/user_ipsec_sadb.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Stores security association for IPsec connections and makes them
* accessasible through HITs and (dst IP, spi).
=== modified file 'hipd/accessor.h'
--- hipd/accessor.h 2010-03-19 09:53:35 +0000
+++ hipd/accessor.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_ACCESSOR_H
#define HIP_HIPD_ACCESSOR_H
=== modified file 'hipd/blind.h'
--- hipd/blind.h 2010-02-17 17:38:08 +0000
+++ hipd/blind.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_BLIND_H
#define HIP_HIPD_BLIND_H
=== modified file 'hipd/bos.h'
--- hipd/bos.h 2010-03-19 09:53:35 +0000
+++ hipd/bos.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_BOS_H
#define HIP_HIPD_BOS_H
=== modified file 'hipd/cert.c'
--- hipd/cert.c 2010-03-19 09:24:10 +0000
+++ hipd/cert.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,7 @@
/** @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* This file defines the certificate signing and verification
* functions to use with HIP
*
=== modified file 'hipd/cert.h'
--- hipd/cert.h 2010-03-19 09:53:35 +0000
+++ hipd/cert.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_CERT_H
#define HIP_HIPD_CERT_H
=== modified file 'hipd/close.h'
--- hipd/close.h 2010-03-19 09:53:35 +0000
+++ hipd/close.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_CLOSE_H
#define HIP_HIPD_CLOSE_H
=== modified file 'hipd/cookie.h'
--- hipd/cookie.h 2010-03-19 09:53:35 +0000
+++ hipd/cookie.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_COOKIE_H
#define HIP_HIPD_COOKIE_H
=== modified file 'hipd/dh.h'
--- hipd/dh.h 2010-03-19 09:24:10 +0000
+++ hipd/dh.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_DH_H
#define HIP_HIPD_DH_H
=== modified file 'hipd/dht.c'
--- hipd/dht.c 2010-03-19 09:53:35 +0000
+++ hipd/dht.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file hipd/dht.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Summary on the usage
*
=== modified file 'hipd/dht.h'
--- hipd/dht.h 2010-03-19 09:53:35 +0000
+++ hipd/dht.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_DHT_H
#define HIP_HIPD_DHT_H
=== modified file 'hipd/esp_prot_anchordb.c'
--- hipd/esp_prot_anchordb.c 2010-03-19 09:53:35 +0000
+++ hipd/esp_prot_anchordb.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_anchordb.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/esp_prot_anchordb.h'
--- hipd/esp_prot_anchordb.h 2010-02-17 17:38:08 +0000
+++ hipd/esp_prot_anchordb.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_anchordb.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API to store anchor elements to be used as references to
* the hash structures stored in the BEX store of the hipfw. The elements
=== modified file 'hipd/esp_prot_hipd_msg.c'
--- hipd/esp_prot_hipd_msg.c 2010-03-19 09:53:35 +0000
+++ hipd/esp_prot_hipd_msg.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_hipd_msg.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/esp_prot_hipd_msg.h'
--- hipd/esp_prot_hipd_msg.h 2010-02-17 17:38:08 +0000
+++ hipd/esp_prot_hipd_msg.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_hipd_msg.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* hipd messages to the hipfw and additional parameters for BEX and
* UPDATE messages.
=== modified file 'hipd/esp_prot_light_update.c'
--- hipd/esp_prot_light_update.c 2010-03-19 09:53:35 +0000
+++ hipd/esp_prot_light_update.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file firewall/esp_prot_light_update.h
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/esp_prot_light_update.h'
--- hipd/esp_prot_light_update.h 2010-02-17 17:38:08 +0000
+++ hipd/esp_prot_light_update.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_light_update.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Provides messaging functionality required for HHL-based anchor
* element updates.
=== modified file 'hipd/hadb.h'
--- hipd/hadb.h 2010-03-19 09:53:35 +0000
+++ hipd/hadb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HADB_H
#define HIP_HIPD_HADB_H
=== modified file 'hipd/hadb_legacy.h'
--- hipd/hadb_legacy.h 2010-02-17 17:38:08 +0000
+++ hipd/hadb_legacy.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HADB_LEGACY_H
#define HIP_HIPD_HADB_LEGACY_H
=== modified file 'hipd/heartbeat.c'
--- hipd/heartbeat.c 2010-03-03 13:16:18 +0000
+++ hipd/heartbeat.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,30 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * Heartbeat code detects problems with the ESP tunnel. It is based on
+ * sending ICMPv6 requests inside the tunnel. Each received ICMPv6
+ * message indicates that the tunnel is in good "health". Correspondingly,
+ * when there are no ICMPv6 messages received it may be a good time
+ * to trigger an UPDATE packet to recover from the disconnectivity.
+ *
+ * The heartbeat code keeps also track of the time stamps for the
+ * ICMPv6 messages. It could be used to implement handovers to switch
+ * to faster paths or even as an utility for load balancing. At the
+ * moment, the heartbeat algorithm is rather simple and used just for
+ * fault tolerance. It should also noticed that the heartbeat code is
+ * required only at one side of the communications as long as the
+ * other party supports replying to ICMPv6 echo requests.
+ *
+ * @see "Varjonen et al, Secure and Efficient IPv4/IPv6 Handovers Using
+ * Host-Based Identifier-Locator Split, Journal of Communications
+ * Software and Systems, 2010".
+ *
+ * @author Samu Varjonen
+ * @author Miika Komu
+ */
+
/* required for s6_addr32 */
#define _BSD_SOURCE
@@ -6,6 +33,14 @@
#include "heartbeat.h"
#include "maintenance.h"
+/**
+ * an iterator to check and execute handover when ESP tunnel
+ * is not alive
+ *
+ * @param ha the related host association
+ * @param unused unused
+ * @return zero on success or negative on failure
+ */
int hip_handle_update_heartbeat_trigger(hip_ha_t *ha, void *unused)
{
struct hip_locator_info_addr_item *locators;
=== modified file 'hipd/heartbeat.h'
--- hipd/heartbeat.h 2010-02-17 17:38:08 +0000
+++ hipd/heartbeat.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HEARTBEAT_H
#define HIP_HIPD_HEARTBEAT_H
=== modified file 'hipd/hi3.h'
--- hipd/hi3.h 2010-03-19 09:53:35 +0000
+++ hipd/hi3.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HI3_H
#define HIP_HIPD_HI3_H
=== modified file 'hipd/hidb.h'
--- hipd/hidb.h 2010-02-17 17:38:08 +0000
+++ hipd/hidb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HIDB
#define HIP_HIPD_HIDB
=== modified file 'hipd/hipd.c'
--- hipd/hipd.c 2010-03-19 09:53:35 +0000
+++ hipd/hipd.c 2010-03-19 10:00:34 +0000
@@ -127,9 +127,6 @@
/* Tells to the daemon should it build LOCATOR parameters to R1 and I2 */
int hip_locator_status = SO_HIP_SET_LOCATOR_OFF;
-/* It tells the daemon to set tcp timeout parameters. Added By Tao Wan, on
09.Jan.2008 */
-int hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_ON;
-
/* Create /etc/hip stuff and exit (used for binary hipfw packaging) */
int create_configs_and_exit = 0;
=== modified file 'hipd/hipd.h'
--- hipd/hipd.h 2010-03-19 09:53:35 +0000
+++ hipd/hipd.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_HIPD_H
#define HIP_HIPD_HIPD_H
=== modified file 'hipd/hit_to_ip.c'
--- hipd/hit_to_ip.c 2010-03-03 13:16:18 +0000
+++ hipd/hit_to_ip.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file ./hipd/hit_to_ip.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* @brief look for locators in hit-to-ip domain
* @brief usually invoked by hip_map_id_to_addr
=== modified file 'hipd/hit_to_ip.h'
--- hipd/hit_to_ip.h 2010-03-03 13:16:18 +0000
+++ hipd/hit_to_ip.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file ./hipd/hit_to_ip.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* @brief look for locators in hit-to-ip domain
* @brief usually invoked by hip_map_id_to_addr
=== modified file 'hipd/init.c'
--- hipd/init.c 2010-03-19 09:53:35 +0000
+++ hipd/init.c 2010-03-19 10:00:34 +0000
@@ -678,13 +678,6 @@
HIP_DEBUG("Initializing cert configuration file returned error\n");
}
-#if 0
- /* init new tcptimeout parameters, added by Tao Wan on 14.Jan.2008*/
-
- HIP_IFEL(set_new_tcptimeout_parameters_value(), -1,
- "set new tcptimeout parameters error\n");
-#endif
-
hitdberr = 0;
#ifdef CONFIG_HIP_AGENT
hitdberr = hip_init_daemon_hitdb();
@@ -1089,10 +1082,6 @@
/* Close SAs with all peers */
// hip_send_close(NULL);
-#if 0
- /*reset TCP timeout to be original vaule , added By Tao Wan on
14.Jan.2008. */
- reset_default_tcptimeout_parameters_value();
-#endif
if (hipd_msg) {
HIP_FREE(hipd_msg);
}
=== modified file 'hipd/init.h'
--- hipd/init.h 2010-03-03 13:16:18 +0000
+++ hipd/init.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_INIT_H
#define HIP_HIPD_INIT_H
@@ -14,7 +19,6 @@
#include "oppipdb.h"
#include "lib/core/debug.h"
#include "hiprelay.h"
-#include "tcptimeout.h"
#include "hadb.h"
#include "hi3.h"
#include "nsupdate.h"
=== modified file 'hipd/keymat.h'
--- hipd/keymat.h 2010-03-19 09:53:35 +0000
+++ hipd/keymat.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_KEYMAT_H
#define HIP_HIPD_KEYMAT_H
=== modified file 'hipd/maintenance.h'
--- hipd/maintenance.h 2010-03-03 13:16:18 +0000
+++ hipd/maintenance.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_MAINTENANCE_H
#define HIP_HIPD_MAINTENANCE_H
=== modified file 'hipd/netdev.c'
--- hipd/netdev.c 2010-03-19 09:53:35 +0000
+++ hipd/netdev.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file hipd/netdev.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/netdev.h'
--- hipd/netdev.h 2010-03-19 09:53:35 +0000
+++ hipd/netdev.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/*
* The component provides interface to receive IP address and IF
* events over netlink from the kernel.
=== modified file 'hipd/nsupdate.c'
--- hipd/nsupdate.c 2010-03-19 09:53:35 +0000
+++ hipd/nsupdate.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file hipd/nsupdate.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* @brief Update DNS data for the hit-to-ip domain name.
* @brief It executes an external perl script for each HIT
=== modified file 'hipd/nsupdate.h'
--- hipd/nsupdate.h 2010-02-17 17:38:08 +0000
+++ hipd/nsupdate.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file ./hipd/nsupdate.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* @brief Update DNS data for the hit-to-ip domain name.
* @brief It executes an external perl script for each HIT
=== modified file 'hipd/oppdb.h'
--- hipd/oppdb.h 2010-03-19 09:53:35 +0000
+++ hipd/oppdb.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/*
* hipd oppdb.h
*
=== modified file 'hipd/output.c'
--- hipd/output.c 2010-03-19 09:53:35 +0000
+++ hipd/output.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,8 @@
/* @file
- * This file defines handling functions for outgoing packets for the Host
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * This file defines processing of outgoing packets for the Host
* Identity Protocol (HIP).
*
* @author Janne Lundberg
@@ -8,7 +11,6 @@
* @author Kristian Slavov
* @author Samu Varjonen
* @author Rene Hummen
- * @note Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*/
/* required for s6_addr32 */
@@ -311,13 +313,31 @@
#endif /* CONFIG_HIP_OPPORTUNISTIC */
/**
- * Sends an I1 packet to the peer. Used internally by hip_send_i1
- * Check hip_send_i1 & hip_send_pkt for the parameters.
+ * Send an I1 packet to the Responder. Used internally by hip_send_i1().
+ *
+ * @param i1 a pointer to a i1 packet common header with source and
+ * destination HITs.
+ * @param dst_hit destination HIT (used only for the opportunistic TCP
extension)
+ * @param local_addr a pointer to our IPv6 or IPv4-in-IPv6 format IPv4 address.
+ * If local_addr is NULL, the packet is sent from all
addresses.
+ * @param peer_addr a pointer to peer IPv6 or IPv4-in-IPv6 format IPv4
address.
+ * @param src_port not used.
+ * @param dst_port not used.
+ * @param entry a pointer to the current host association database state.
+ * @param retransmit a boolean value indicating if this is a retransmission
+ * (@b zero if this is @b not a retransmission).
+ * @return zero on success, or negative error value on error.
+ * @todo remove the dst_hit parameter? test with the opportunistic TCP
extension
*/
-static int hip_send_i1_pkt(struct hip_common *i1, hip_hit_t *dst_hit,
- struct in6_addr *local_addr, struct in6_addr
*peer_addr,
- in_port_t src_port, in_port_t dst_port, struct
hip_common *i1_blind,
- hip_ha_t *entry, int retransmit)
+static int hip_send_i1_pkt(struct hip_common *i1,
+ hip_hit_t *dst_hit,
+ struct in6_addr *local_addr,
+ struct in6_addr *peer_addr,
+ in_port_t src_port,
+ in_port_t dst_port,
+ struct hip_common *i1_blind,
+ hip_ha_t *entry,
+ int retransmit)
{
int err = 0;
@@ -382,10 +402,7 @@
}
/**
- * Sends an I1 packet to the peer.
- *
- * Send an I1 packet to the responder if an IPv6 address for the peer
- * is known.
+ * Send an I1 packet to the Responder
*
* @param src_hit a pointer to source host identity tag.
* @param dst_hit a pointer to destination host identity tag.
@@ -512,14 +529,14 @@
}
/**
- * Constructs a new R1 packet payload.
+ * Construct a new R1 packet payload
*
* @param src_hit a pointer to the source host identity tag used in the
* packet.
* @param sign a funtion pointer to a signature funtion.
- * @param private_key a pointer to ...
- * @param host_id_pub a pointer to ...
- * @param cookie a pointer to ...
+ * @param private_key a pointer to the local host private key
+ * @param host_id_pub a pointer to the public host id of the local host
+ * @param cookie_k the difficulty value for the puzzle
* @return zero on success, or negative error value on error.
*/
struct hip_common *hip_create_r1(const struct in6_addr *src_hit,
@@ -718,9 +735,9 @@
}
/**
- * Transmits an R1 packet to the network.
+ * Transmit an R1 packet to the network.
*
- * Sends an R1 packet to the peer and stores the cookie information that was
+ * Send an R1 packet to the peer and store the cookie information that was
* sent. The packet is sent either to @c i1_saddr or @c dst_ip depending on
the
* value of @c dst_ip. If @c dst_ip is all zeroes (::/128) or NULL, R1 is sent
* to @c i1_saddr; otherwise it is sent to @c dst_ip. In case the incoming I1
@@ -926,8 +943,9 @@
return err;
}
-/* Checks if source and destination IP addresses are compatible for sending
- * packets between them
+/**
+ * Check if source and destination IP addresses are compatible for sending
+ * packets between them
*
* @param src_addr Source address
* @param dst_addr Destination address
@@ -956,7 +974,7 @@
};
/**
- * ...
+ * Cache a HIP packet for possible retransmission
*
* @param src_addr a pointer to the packet source address.
* @param peer_addr a pointer to the packet destination address.
@@ -964,6 +982,7 @@
* destination HITs.
* @param entry a pointer to the current host association database state.
* @return zero on success, or negative error value on error.
+ * @note currently the queue length is one and new packets replace old ones
*/
static int hip_queue_packet(const struct in6_addr *src_addr, const struct
in6_addr *peer_addr,
const struct hip_common *msg, hip_ha_t *entry)
@@ -992,7 +1011,7 @@
}
/**
- * Sends a HIP message using raw HIP from one source address. Don't use this
+ * Send a HIP message using raw HIP from one source address. Don't use this
* function directly, instead use hip_send_pkt(). It's used by hip_send_raw
internally.
*
* Sends a HIP message to the peer on HIP/IP. This function calculates the
@@ -1021,12 +1040,6 @@
*
* @see hip_send_udp_from_one_src
*/
-/**
- * Sends a HIP message using raw HIP from one source address. Don't use this
- * function directly. It's used by hip_send_raw internally.
- *
- * @see hip_send_udp
- */
static int hip_send_raw_from_one_src(const struct in6_addr *local_addr,
const struct in6_addr *peer_addr,
const in_port_t src_port,
@@ -1249,7 +1262,7 @@
}
/**
- * Sends a HIP message using User Datagram Protocol (UDP). From one address.
+ * Send a HIP message using User Datagram Protocol (UDP) from one address.
* Don't use this function directly, instead use hip_send_pkt()
*
* Sends a HIP message to the peer on UDP/IPv4. IPv6 is not supported, because
@@ -1297,9 +1310,9 @@
}
/**
- * Sends a HIP message.
+ * Send a HIP message.
*
- * Sends a HIP message to the peer on HIP/IP. This function calculates the
+ * Sends a HIP message to the peer on HIP/IP. This function also calculates the
* HIP packet checksum.
*
* Used protocol suite is <code>IPv4(HIP)</code> or <code>IPv6(HIP)</code>.
@@ -1388,7 +1401,8 @@
};
/**
- * This function sends ICMPv6 echo with timestamp to dsthit
+ * Send a heatbeat request (ICMPv6 echo request) inside ESP tunnel to
+ * a remote host
*
* @param socket to send with
* @param srchit HIT to send from
@@ -1507,6 +1521,7 @@
* Not in use.
* @param not_used4 a boolean value indicating if this is a retransmission
* (@b zero if this is @b not a retransmission). Not in use.
+ * @return zero on success or negative on failure
* @note There are four parameters not used anywhere. However, these
* parameters must exist in the function parameter list
* because all the send-functions must have a uniform
parameter
=== modified file 'hipd/pfkeyapi.c'
--- hipd/pfkeyapi.c 2010-03-19 09:53:35 +0000
+++ hipd/pfkeyapi.c 2010-03-19 10:00:34 +0000
@@ -1,8 +1,14 @@
-/*
- * Implements interfaces used to set IpSec SA/SP through PFKEY API's
- *
- * Authors:
- * - Diego Beltrami <diego.beltrami@xxxxxxxxx>
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * @brief Hipd wrapper interface to access PFKEY APIs
+ *
+ * @author Diego Beltrami <diego.beltrami@xxxxxxxxx>
+ *
+ * @todo test this!
+ * @see lib/tool/xfrmapi.c for the wrappers for XFRM API
*/
/* required for caddr_t */
@@ -13,12 +19,17 @@
#include "pfkeyapi.h"
#include "lib/core/hip_udp.h"
#include "lib/core/keylen.h"
-
+#include "lib/tool/pfkeysadb.h"
// FIXME: This must be turned to BEET when BEET will be supported by pfkey as
well
#define HIP_IPSEC_DEFAULT_MODE IPSEC_MODE_BEET
-// Given an in6_addr, this function correctly fills in a sock_addr (needs to
be already allocated!)
+/**
+ * Given an in6_addr, this function correctly fills in a sock_addr (needs to
be already allocated!)
+ *
+ * @param s_addr the output argument
+ * @param addr the input argument
+ */
static void get_sock_addr_from_in6(struct sockaddr *s_addr, const struct
in6_addr *addr)
{
memset(s_addr, 0, sizeof(struct sockaddr_storage));
@@ -32,6 +43,11 @@
}
}
+/**
+ * Flush all IPsec Security Policies
+ *
+ * @return zero on success and negative on error
+ */
int hip_flush_all_policy()
{
int so, len, err = 0;
@@ -48,6 +64,11 @@
return err;
}
+/**
+ * Flush all IPsec Security Associations
+ *
+ * @return zero on success and negative on error
+ */
int hip_flush_all_sa()
{
int so, len, err = 0;
@@ -62,8 +83,14 @@
return err;
}
-/*
- * todo: dst_addr is unused in the xfrmapi.h
+/**
+ * delete a Security Association
+ *
+ * @param spi the SPI number distinguishing the SA
+ * @param peer_addr the destination address for the SA (unused)
+ * @param not_used not used
+ * @param direction HIP_SPI_DIRECTION_OUT or HIP_SPI_DIRECTION_IN
+ * @param entry corresponding host association
*/
void hip_delete_sa(const uint32_t spi, const struct in6_addr *peer_addr,
const struct in6_addr *dst_addr,
@@ -123,9 +150,26 @@
return spi;
}
-/* Security associations in the kernel with BEET are bounded to the outer
- * address, meaning IP addresses. As a result the parameters to be given
- * should be such an addresses and not the HITs.
+/**
+ * Add a Security Association for IPsec ESP
+ *
+ * @param saddr outer source address of the SA
+ * @param daddr outer destination address of the SA
+ * @param src_hit inner source address of the SA (source HIT)
+ * @param dst_hit outer destination address of the SA (destination HIT)
+ * @param spi SPI number for the SA
+ * @param ealg encryption algorithm for ESP
+ * @param enckey encryption key for ESP
+ * @param authkey authentication key for ESP
+ * @param already_acquired currently unused
+ * @param direction the direction of the SA (HIP_SPI_DIRECTION_OUT or
HIP_SPI_DIRECTION_IN)
+ * @param update zero if new SA or one if an old SA
+ * @param entry corresponding host association
+ * @return zero on success and non-zero on error
+ * @note IPv4 addresses in IPv6 mapped format
+ * @note If you make changes to this function, please change also
+ * hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa() and
+ * xfrmapi.c:add_sa()
*/
uint32_t hip_add_sa(const struct in6_addr *saddr, const struct in6_addr *daddr,
const struct in6_addr *src_hit, const struct in6_addr
*dst_hit,
@@ -239,74 +283,21 @@
return err;
}
-// This function fills in policy0 and policylen0 according to the given
parameters
-// The full implementation can be found in racoon
-// direction IPSEC_DIR_INBOUND | IPSEC_DIR_OUTBOUND
-static int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction,
- struct sockaddr *src, struct sockaddr *dst, u_int
mode, int cmd)
-{
- struct sadb_x_policy *xpl;
- struct sadb_x_ipsecrequest *xisr;
- caddr_t policy, p;
- int policylen;
- int xisrlen, src_len, dst_len;
-
- HIP_DEBUG("\n");
- /* get policy buffer size */
- policylen = sizeof(struct sadb_x_policy);
- if (cmd != SADB_X_SPDDELETE) {
- xisrlen = sizeof(*xisr);
- xisrlen += (sysdep_sa_len(src) + sysdep_sa_len(dst));
- policylen += PFKEY_ALIGN8(xisrlen);
- }
-
- /* make policy structure */
- policy = malloc(policylen);
- if (!policy) {
- HIP_ERROR("Cannot allocate memory for policy\n");
- return -ENOMEM;
- }
-
- xpl = (struct sadb_x_policy *) policy;
- xpl->sadb_x_policy_len = PFKEY_UNIT64(policylen);
- xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
- xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
- xpl->sadb_x_policy_dir = direction;
- xpl->sadb_x_policy_id = 0;
-
- //xpl->sadb_x_policy_priority = PRIORITY_DEFAULT;
-
- if (cmd == SADB_X_SPDDELETE) {
- goto end;
- }
-
- xisr = (struct sadb_x_ipsecrequest *) (xpl + 1);
-
- xisr->sadb_x_ipsecrequest_proto = SADB_SATYPE_ESP;
- xisr->sadb_x_ipsecrequest_mode = mode;
- xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_REQUIRE;
- xisr->sadb_x_ipsecrequest_reqid = 0;
- p = (caddr_t) (xisr + 1);
-
- xisrlen = sizeof(*xisr);
-
- src_len = sysdep_sa_len(src);
- dst_len = sysdep_sa_len(dst);
- xisrlen += src_len + dst_len;
-
- memcpy(p, src, src_len);
- p += src_len;
-
- memcpy(p, dst, dst_len);
- p += dst_len;
-
- xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(xisrlen);
-end:
- *policy0 = policy;
- *policylen0 = policylen;
- return 0;
-}
-
+/**
+ * modify an IPsec policy using PFKEY
+ *
+ * @param so the PF_KEY socket
+ * @param src_hit source HIT
+ * @param prefs source preferences
+ * @param dst_hit destination HIT
+ * @param prefd destination preferences
+ * @param src_addr source address
+ * @param dst_addr destination address
+ * @param proto the protocol
+ * @param cmd add or del
+ * @param direction input or output direction
+ * @return zero on success and non-zero on error
+ */
static int hip_pfkey_policy_modify(int so, const hip_hit_t *src_hit, u_int
prefs,
const hip_hit_t *dst_hit, u_int prefd,
const struct in6_addr *src_addr,
@@ -367,6 +358,19 @@
return err;
}
+/**
+ * set up a pair of security policies
+ *
+ * @param src_id source HIT
+ * @param dst_id destination HIT
+ * @param src_addr source IP address
+ * @param dst_addr destination IP address
+ * @param proto protocol for the SP (IPPROTO_ESP)
+ * @param use_full_prefix one if we should use /128 prefix for HITs
+ * or zero otherwise
+ * @param update zero if the the SP is new or one otherwise
+ * @note IPv4 addresses in IPv6 mapped format
+ */
int hip_setup_hit_sp_pair(const hip_hit_t *src_hit,
const hip_hit_t *dst_hit,
const struct in6_addr *src_addr,
@@ -400,6 +404,15 @@
return err;
}
+/**
+ * delete a pair of Security Policies
+ *
+ * @param src_hit source HIT for the SP
+ * @param dst_hit destination HIT for the SP
+ * @param proto the protocol (IPPROTO_ESP)
+ * @param use_full_prefix one if we should use /128 prefix for HITs
+ * or zero otherwise
+ */
void hip_delete_hit_sp_pair(const hip_hit_t *src_hit, const hip_hit_t *dst_hit,
const uint8_t proto, const int use_full_prefix)
{
@@ -424,12 +437,22 @@
return;
}
+/**
+ * delete the default Security Policy pair that triggers base exchanges
+ *
+ */
void hip_delete_default_prefix_sp_pair()
{
// Currently unused
HIP_DEBUG("\n");
}
+/**
+ * add the default security policy pair (based on HIT prefix) that
+ * triggers all base exchanges
+ *
+ * @return zero on success and negative on failure
+ */
int hip_setup_default_sp_prefix_pair()
{
// currently this function is not needed
=== modified file 'hipd/pfkeyapi.h'
--- hipd/pfkeyapi.h 2010-03-19 09:53:35 +0000
+++ hipd/pfkeyapi.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_PFKEYAPI_H
#define HIP_HIPD_PFKEYAPI_H
=== modified file 'hipd/pisa.c'
--- hipd/pisa.c 2010-02-18 12:26:08 +0000
+++ hipd/pisa.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file hipd/pisa.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/pisa.h'
--- hipd/pisa.h 2010-02-18 08:47:40 +0000
+++ hipd/pisa.h 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file hipd/pisa.h
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'hipd/registration.c'
--- hipd/registration.c 2010-03-19 09:53:35 +0000
+++ hipd/registration.c 2010-03-19 10:00:34 +0000
@@ -1,11 +1,13 @@
/** @file
+ *
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ *
* This file defines a registration mechanism for the Host Identity Protocol
* (HIP) that allows hosts to register with services.
*
* @author Lauri Silvennoinen
* @note Related RFC: <a href="http://www.rfc-editor.org/rfc/rfc5203.txt";>
* Host Identity Protocol (HIP) Registration Extension</a>
- * @note Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
* @see registration.h
* @see hiprelay.h
*/
@@ -56,7 +58,10 @@
*/
hip_ll_t pending_requests;
-void hip_init_services()
+/**
+ * initialize services
+ */
+void hip_init_services(void)
{
hip_services[0].reg_type = HIP_SERVICE_RENDEZVOUS;
hip_services[0].status = HIP_SERVICE_OFF;
@@ -78,7 +83,10 @@
hip_ll_init(&pending_requests);
}
-void hip_uninit_services()
+/**
+ * uninitialize services
+ */
+void hip_uninit_services(void)
{
hip_ll_uninit(&pending_requests, free);
}
@@ -1557,11 +1565,14 @@
return 0;
}
-// add by santtu from here
-/*
- * Why is this not named consistelty with other parameterhandlers? Why is it
not
- * hip_handle_param_reg_from? We have a naming convetion in use...
- * -Lauri 22.07.2008
+/**
+ * process a REG_FROM parameter for HIP relay functionality
+ *
+ * @param entry the related host association
+ * @param msg the control message containing the REG_FROM parameter
+ * @return zero on success or negative on failure
+ *
+ * @todo rename this as hip_handle_param_reg_from()
*/
int hip_handle_reg_from(hip_ha_t *entry, struct hip_common *msg)
{
=== modified file 'hipd/update.c'
--- hipd/update.c 2010-03-19 09:53:35 +0000
+++ hipd/update.c 2010-03-19 10:00:34 +0000
@@ -1,13 +1,11 @@
/**
* @file
* This file defines various functions for sending, handling and receiving
- * UPDATE packets for the Host Identity Protocol (HIP). This file is under
- * heavy editing currently.
+ * UPDATE packets for the Host Identity Protocol (HIP)
*
- * TODO: Doxygen documentation is missing. Please fix this.
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*
* @author Baris Boyvat <baris#boyvat.com>
- * @note Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
*/
/* requiread for s6_addr32 */
@@ -33,6 +31,13 @@
int update_id_window_size = 50;
+/**
+ * build locators in an UPDATE message
+ *
+ * @param locator_msg the message where the LOCATOR should be appended
+ * @param locators an extra pointer that will point to the LOCATOR
+ * @return zero on success or negative on failure
+ */
int hip_create_locators(hip_common_t *locator_msg,
struct hip_locator_info_addr_item **locators)
{
@@ -53,9 +58,21 @@
return err;
}
-/// @todo : should we implement base draft update with ifindex 0 stuff ??
-/// @todo : Divide this function into more pieces, handle_spi, handle_seq, etc
-/// @todo : Remove the uncommented lines?
+/**
+ * construct any UPDATE message based on an incoming UPDATE packet
+ *
+ * @param received_update_packet the received UPDATE packet if any
+ * @param ha the related host association
+ * @param update_packet_to_send a preallocated message where the UPDATE
+ * packet will be written
+ * @param locators the locators of the local host
+ * @param type the type of the incoming packet
+ * @return zero on success or negative on failure
+ *
+ * @todo : should we implement base draft update with ifindex 0 stuff ??
+ * @todo : Divide this function into more pieces, handle_spi, handle_seq, etc
+ * @todo : Remove the uncommented lines?
+ */
static int hip_create_update_msg(hip_common_t *received_update_packet,
struct hip_hadb_state *ha, hip_common_t
*update_packet_to_send,
struct hip_locator_info_addr_item *locators,
@@ -223,6 +240,15 @@
return err;
}
+/**
+ * deliver an UPDATE packet to the network
+ *
+ * @param update_packet_to_send the packet to deliver
+ * @param ha host association
+ * @param src_addr the source address to use for sending
+ * @param dst_addr the destination address to use for sending
+ * @return zero on success or negative on failure
+ */
static int hip_send_update_pkt(hip_common_t *update_packet_to_send,
struct hip_hadb_state *ha, struct in6_addr
*src_addr,
struct in6_addr *dst_addr)
@@ -239,6 +265,15 @@
return err;
}
+/**
+ * choose a sensible source address for an UPDATE packet with LOCATOR
+ *
+ * @param ha the related host association
+ * @param src_addr currently unused
+ * @param dst_addr the destination address
+ * @param new_src_addr the chosen source address
+ * @return zero on success or negative on failure
+ */
static int hip_select_local_addr_for_first_update(const struct hip_hadb_state
*ha,
const struct in6_addr
*src_addr,
const struct in6_addr
*dst_addr,
@@ -299,7 +334,19 @@
return err;
}
-// Locators should be sent to the whole verified addresses!!!
+/**
+ * a wrapper function to handle any incoming UPDATE packet
+ *
+ * @param received_update_packet the received UPDATE packet if any
+ * @param ha the related host association
+ * @param src_addr the source address of the received packet
+ * @param dst_addr the destination address of the received packet
+ * @param locators the locators of the local host
+ * @param type the type of the received packet
+ * @return zero on success or negative on failure
+ *
+ * @todo locators should be sent to the whole verified addresses?
+ */
int hip_send_locators_to_one_peer(hip_common_t *received_update_packet,
struct hip_hadb_state *ha,
struct in6_addr *src_addr,
@@ -386,6 +433,11 @@
return err;
}
+/**
+ * publish the locator set of the local host to all peers
+ *
+ * @return zero on success or negative on failure
+ */
int hip_send_locators_to_all_peers()
{
int err = 0;
@@ -432,6 +484,13 @@
return err;
}
+/**
+ * verify HMAC and signature from an UPDATE message
+ *
+ * @param msg the message to verify
+ * @param entry the related host association
+ * @return zero on success or negative on failure
+ */
static int hip_check_hmac_and_signature(hip_common_t *msg, hip_ha_t *entry)
{
int err = 0;
@@ -458,6 +517,14 @@
return err;
}
+/**
+ * process a LOCATOR paramter
+ *
+ * @param ha the related host association
+ * @param src_addr the source address where the locator arrived from
+ * @param locator the LOCATOR parameter
+ * @return zero on success or negative on failure
+ */
static int hip_handle_locator_parameter(hip_ha_t *ha, in6_addr_t *src_addr,
const struct hip_locator *locator)
{
@@ -526,6 +593,14 @@
return err;
}
+/**
+ * process the first UPDATE packet (i.e. with a LOCATOR parameter)
+ *
+ * @param received_update_packet the UPDATE packet
+ * @param ha the related host association
+ * @param src_addr the source address of the UPDATE packet
+ * @return zero on success or negative on failure
+ */
static int hip_handle_first_update_packet(hip_common_t *received_update_packet,
hip_ha_t *ha, in6_addr_t *src_addr)
{
@@ -557,6 +632,18 @@
return err;
}
+/**
+ * process the second UPDATE packet (i.e. with echo request)
+ *
+ * @param received_update_packet the UPDATE packet
+ * @param ha the related host association
+ * @param src_addr the source address of the received UPDATE packet
+ * @param dst_addr the destination address of the received UPDATE packet
+ * @return zero on success or negative on failure
+ *
+ * @todo The word "second" is misleading. There could be actually multiple
+ * "second" packets for each address to echo request.
+ */
static void hip_handle_second_update_packet(hip_common_t
*received_update_packet,
hip_ha_t *ha,
in6_addr_t *src_addr,
@@ -577,6 +664,18 @@
ipv6_addr_copy(&ha->peer_addr, dst_addr);
}
+/**
+ * process the third update (i.e. with echo response)
+ *
+ * @param received_update_packet the received UPDATE packet
+ * @param ha the related host association
+ * @param src_addr the source address of the received UPDATE packet
+ * @param dst_addr the destination address of the received UPDATE packet
+ * @return zero on success or negative on failure
+ *
+ * @todo The word "third" is misleading. There could be actually multiple
+ * "third" packets for each address to echo response.
+ */
static void hip_handle_third_update_packet(hip_common_t
*received_update_packet,
hip_ha_t *ha,
in6_addr_t *src_addr,
@@ -591,31 +690,17 @@
ipv6_addr_copy(&ha->peer_addr, dst_addr);
}
-static void hip_empty_oppipdb_old(void)
-{
-#ifdef CONFIG_HIP_OPPORTUNISTIC
- hip_for_each_oppip(hip_oppipdb_del_entry_by_entry, NULL);
-#endif
- if (hip_firewall_is_alive()) {
- int err;
- struct hip_common *msg;
-
- msg = hip_msg_alloc();
- HIP_IFEL(!msg, -1, "msg alloc failed\n");
- HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_FW_FLUSH_SYS_OPP_HIP, 0),
- -1, "build hdr failed\n");
-
- err = hip_sendto_firewall(msg);
- err = err > 0 ? 0 : -1;
-
-out_err:
- HIP_FREE(msg);
- if (err) {
- HIP_ERROR("Couldn't flush firewall chains\n");
- }
- }
-}
-
+/**
+ * process any UPDATE packet
+ *
+ * @param received_update_packet the received UPDATE packet
+ * @param src_addr the source address of the received UPDATE packet
+ * @param dst_addr the destination address of the received UPDATE packet
+ * @param ha the related host association
+ * @param sinfo the port numbers of the UDP tunnel (zeroed ports when
+ * the tunnel is absent)
+ * @return zero on success or negative on failure
+ */
int hip_receive_update(hip_common_t *received_update_packet, in6_addr_t
*src_addr,
in6_addr_t *dst_addr, hip_ha_t *ha, hip_portpair_t
*sinfo)
{
=== modified file 'hipd/update_legacy.c'
--- hipd/update_legacy.c 2010-02-17 17:38:08 +0000
+++ hipd/update_legacy.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,12 @@
/**
+ * @file
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ *
* This file contains legacy functions for mobility that should be rewritten
for modularity.
* They are still included in the code base due to locator dependencies with
DHT and
- * base exchange code.
+ * base exchange code. See bugzilla ids 926 and 927.
+ *
+ * @author Baris Boyvat
*/
/* required for s6_addr32 */
@@ -9,6 +14,13 @@
#include "update_legacy.h"
+/**
+ * build a LOCATOR parameter for an UPDATE packet
+ *
+ * @param msg the LOCATOR parameter will be appended to this UPDATE message
+ * @param spi the SPI number for this UPDATE
+ * @return zero on success on negative on failure
+ */
int hip_build_locators_old(struct hip_common *msg, uint32_t spi)
{
int err = 0, i = 0, count = 0;
@@ -17,16 +29,12 @@
hip_list_t *item = NULL, *tmp = NULL;
struct hip_locator_info_addr_item *locs = NULL;
- //TODO count the number of UDP relay servers.
- // check the control state of every hatb_state.
-
if (address_count == 0) {
HIP_DEBUG("Host has only one or no addresses no point "
"in building LOCATOR2 parameters\n");
goto out_err;
}
- //TODO check out the count for UDP and hip raw.
addr_max = address_count;
HIP_IFEL(!(locs = malloc(addr_max *
@@ -70,3 +78,33 @@
return err;
}
+
+/**
+ * Flush the opportunistic mode blacklist at the firewall. It is required
+ * when the host moves e.g. from one private address realm to another and
+ * the IP-address based blacklist becomes unreliable
+ */
+void hip_empty_oppipdb_old(void)
+{
+#ifdef CONFIG_HIP_OPPORTUNISTIC
+ hip_for_each_oppip(hip_oppipdb_del_entry_by_entry, NULL);
+#endif
+ if (hip_firewall_is_alive()) {
+ int err;
+ struct hip_common *msg;
+
+ msg = hip_msg_alloc();
+ HIP_IFEL(!msg, -1, "msg alloc failed\n");
+ HIP_IFEL(hip_build_user_hdr(msg, HIP_MSG_FW_FLUSH_SYS_OPP_HIP, 0),
+ -1, "build hdr failed\n");
+
+ err = hip_sendto_firewall(msg);
+ err = err > 0 ? 0 : -1;
+
+out_err:
+ HIP_FREE(msg);
+ if (err) {
+ HIP_ERROR("Couldn't flush firewall chains\n");
+ }
+ }
+}
=== modified file 'hipd/update_legacy.h'
--- hipd/update_legacy.h 2010-02-17 13:08:39 +0000
+++ hipd/update_legacy.h 2010-03-19 10:00:34 +0000
@@ -1,16 +1,15 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_HIPD_UPDATE_LEGACY_H
#define HIP_HIPD_UPDATE_LEGACY_H
#include "update.h"
-/**
- * Builds udp and raw locator items into locator list to msg
- * this is the extension of hip_build_locators in output.c
- * type2 locators are collected also
- *
- * @param msg a pointer to hip_common to append the LOCATORS
- * @return len of LOCATOR2 on success, or negative error value on
error
- */
int hip_build_locators_old(struct hip_common *msg, uint32_t spi);
+void hip_empty_oppipdb_old(void);
+
#endif /* HIP_HIPD_UPDATE_LEGACY_H */
=== modified file 'hipd/user.c'
--- hipd/user.c 2010-03-19 09:53:35 +0000
+++ hipd/user.c 2010-03-19 10:00:34 +0000
@@ -1,16 +1,26 @@
/** @file
- * This file defines a user message handling function for the Host Identity
- * Protocol (HIP).
- *
- * We don't currently have a workqueue. The functionality in this file mostly
- * covers catching userspace messages only.
+ *
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ *
+ * This file defines a user message (i.e. message from hipconf or hipfw)
processing.
+ * The interface sends a response message back if the sender requested one. See
+ * lib/core/message.c for the details.
+ *
+ * No queue has been implemented for the user message. The interface relies on
+ * the user socket internal buffers to have enough space for caching.
+ *
+ * The user socket listens on an UDP port bound to IPv6 loopback.
+ * Processing of user messages includes an access control mechanism based on
the
+ * port number. If the sender's port number is below 1024, it is running on
+ * root privileges and has full access. Ports above 1024 have limited access
+ * to functionality.
*
* @author Miika Komu <miika_iki.fi>
* @author Kristian Slavov <kslavov_hiit.fi>
* @author Bing Zhou <bingzhou_cc.hut.fi>
* @author Tao Wan <twan_cc.hut.fi>
* @author Rene Hummen
- * @note Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ * @todo split the gigantic hip_handle_user_msg() into an array of handler
functions
*/
/* required for s6_addr32 */
@@ -25,6 +35,13 @@
#include "lib/core/hip_udp.h"
#include "hipd.h"
+/**
+ * send a response message back to the origin
+ *
+ * @param msg the message to send
+ * @param dst the destination of the message
+ * @return zero on success, or negative error value on error.
+ */
int hip_sendto_user(const struct hip_common *msg, const struct sockaddr *dst)
{
HIP_DEBUG("Sending msg type %d\n", hip_get_msg_type(msg));
@@ -39,9 +56,8 @@
* add a case block for your SO_HIP_NEWMODE constant in the
* switch(msg_type) block in this function.
* @param msg a pointer to the received user message HIP packet.
- * @param src
+ * @param src the origin of the sender
* @return zero on success, or negative error value on error.
- * @see hip_so.
*/
int hip_handle_user_msg(hip_common_t *msg, struct sockaddr_in6 *src)
{
@@ -260,29 +276,6 @@
HIP_IFEL(hip_set_blind_off(), -1, "hip_set_blind_off failed\n");
break;
#endif
- case SO_HIP_SET_TCPTIMEOUT_ON:
- HIP_DEBUG("Setting TCP TIMEOUT ON\n");
- hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_ON;
- HIP_DEBUG("hip tcp timeout status = %d (should be %d)\n",
- hip_tcptimeout_status, SO_HIP_SET_TCPTIMEOUT_ON);
-
- /* paramters setting to do here */
- HIP_IFEL(set_new_tcptimeout_parameters_value(), -1,
- "set new tcptimeout parameters error\n");
- break;
-
- case SO_HIP_SET_TCPTIMEOUT_OFF:
- HIP_DEBUG("Setting TCP TIMEOUT OFF\n");
- hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_OFF;
- HIP_DEBUG("hip tcp timeout status = %d (should be %d)\n",
- hip_tcptimeout_status, SO_HIP_SET_TCPTIMEOUT_OFF);
-
- /* paramters resetting */
- HIP_IFEL(reset_default_tcptimeout_parameters_value(), -1,
- "reset tcptimeout parameters to be default error\n");
-
- break;
-
#ifdef CONFIG_HIP_DHT
case SO_HIP_DHT_GW:
{
@@ -1417,20 +1410,3 @@
return err;
}
-
-int hip_handle_netlink_msg(const struct nlmsghdr *msg, int len, void *arg)
-{
- int err = 0;
-
- for (; NLMSG_OK(msg, (uint32_t) len); msg = NLMSG_NEXT(msg, len)) {
- switch (msg->nlmsg_type) {
- case SO_HIP_ADD_PEER_MAP_HIT_IP:
- HIP_DEBUG("add hit-ip map\n");
- break;
- default:
- HIP_DEBUG("Unexpected msg type: %d\n", msg->nlmsg_type);
- break;
- }
- }
- return err;
-}
=== modified file 'hipd/user.h'
--- hipd/user.h 2010-02-17 17:38:08 +0000
+++ hipd/user.h 2010-03-19 10:00:34 +0000
@@ -21,7 +21,6 @@
#include "hidb.h"
#include "cert.h"
#include "hipd.h"
-#include "tcptimeout.h"
#include "registration.h"
#include "esp_prot_hipd_msg.h"
#include "user_ipsec_hipd_msg.h"
@@ -29,6 +28,4 @@
int hip_sendto_user(const struct hip_common *msg, const struct sockaddr *dst);
int hip_handle_user_msg(hip_common_t *msg, struct sockaddr_in6 *src);
-int hip_handle_netlink_msg(const struct nlmsghdr *msg, int len, void *arg);
-
#endif /* HIP_HIPD_USER_H */
=== modified file 'hipd/user_ipsec_hipd_msg.c'
--- hipd/user_ipsec_hipd_msg.c 2010-03-19 09:53:35 +0000
+++ hipd/user_ipsec_hipd_msg.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file hipd/user_ipsec_hipd_msg.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Messaging required for the userspace IPsec implementation of the hipfw
*
=== modified file 'hipd/user_ipsec_hipd_msg.h'
--- hipd/user_ipsec_hipd_msg.h 2010-02-17 17:38:08 +0000
+++ hipd/user_ipsec_hipd_msg.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file hipd/user_ipsec_hipd_msg.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
*
* Messaging required for the userspace IPsec implementation of the hipfw
*
=== modified file 'hipd/user_ipsec_sadb_api.c'
--- hipd/user_ipsec_sadb_api.c 2010-02-17 17:38:08 +0000
+++ hipd/user_ipsec_sadb_api.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/user_ipsec_sadb_api.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Provides the API used by the hipd to set up and maintain the
* userspace IPsec state in the hipfw.
=== modified file 'hipd/user_ipsec_sadb_api.h'
--- hipd/user_ipsec_sadb_api.h 2010-02-17 17:38:08 +0000
+++ hipd/user_ipsec_sadb_api.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/user_ipsec_sadb_api.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Provides the API used by the hipd to set up and maintain the
* userspace IPsec state in the hipfw.
=== modified file 'i3/utils/netwrap.h'
--- i3/utils/netwrap.h 2010-02-17 17:38:08 +0000
+++ i3/utils/netwrap.h 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file Generic socket library minimally abstracting from differences between
POSIX and Windows networking implementations, and whatever deranged variations
may lurk out there.
+ * @file
*/
#ifndef __SYSTEM_NETWRAP_H__
#define __SYSTEM_NETWRAP_H__
=== modified file 'lib/conf/hipconf.c'
--- lib/conf/hipconf.c 2010-03-19 09:53:35 +0000
+++ lib/conf/hipconf.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,4 @@
-/** @file lib/conf/hipconf
+/** @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
@@ -81,7 +81,7 @@
#define TYPE_DHT 22
#define TYPE_OPPTCP 23
#define TYPE_ORDER 24
-#define TYPE_TCPTIMEOUT 25 /* add By Tao Wan, on 04.01.2008*/
+/* free slot */
#define TYPE_HIPPROXY 26
#define TYPE_HEARTBEAT 27
#define TYPE_HI3 28
@@ -151,7 +151,6 @@
"locator on|off|get\n"
"debug all|medium|none\n"
"restart daemon\n"
- "set tcptimeout on|off\n" /*added by Tao Wan*/
"transform order <integer> "
" (1=AES, 2=3DES, 3=NULL and place them to order\n"
" like 213 for the order 3DES, AES and NULL)\n"
@@ -516,8 +515,6 @@
ret = ACTION_TRANSORDER;
} else if (!strcmp("restart", argv[1])) {
ret = ACTION_RESTART;
- } else if (!strcmp("tcptimeout", argv[1])) { /*added by Tao Wan,
08.Jan.2008 */
- ret = ACTION_TCPTIMEOUT;
} else if (!strcmp("reinit", argv[1])) {
ret = ACTION_REINIT;
} else if (!strcmp("hi3", argv[1])) {
@@ -592,7 +589,6 @@
case ACTION_DEBUG:
case ACTION_RESTART:
case ACTION_REINIT:
- case ACTION_TCPTIMEOUT:
case ACTION_NSUPDATE:
case ACTION_HIT_TO_IP:
case ACTION_HIT_TO_IP_SET:
@@ -669,8 +665,6 @@
}
} else if (strcmp("locator", argv[1]) == 0) {
ret = TYPE_LOCATOR;
- } else if (!strcmp("tcptimeout", text)) {
- ret = TYPE_TCPTIMEOUT;
} else if ((!strcmp("all", text)) && (strcmp("bos", argv[1]) == 0)) {
ret = TYPE_BOS;
} else if (!strcmp("debug", text)) {
@@ -777,7 +771,6 @@
case ACTION_BOS:
case ACTION_MHADDR:
case ACTION_HANDOVER:
- case ACTION_TCPTIMEOUT:
case ACTION_TRANSORDER:
case ACTION_REINIT:
#ifdef CONFIG_HIP_HIPPROXY
@@ -2772,42 +2765,6 @@
}
/**
- * Handles the hipconf commands where the type is @ tcptimeout. Experimental.
- * Tries to pimp up TCP using /proc file system to tolerate mobility better.
- *
- * @param msg a pointer to the buffer where the message for hipd will
- * be written.
- * @param action the numeric action identifier for the action to be performed.
- * @param opt an array of pointers to the command line arguments after
- * the action and type.
- * @param optc the number of elements in the array (@b 0).
- * @return zero on success, or negative error value on error.
- */
-static int hip_conf_handle_tcptimeout(struct hip_common *msg,
- int action,
- const char *opt[],
- int optc,
- int send_only)
-{
- int err = 0, status = 0;
-
- if (!strcmp("on", opt[0])) {
- HIP_INFO("tcptimeout set on\n");
- status = SO_HIP_SET_TCPTIMEOUT_ON;
- } else if (!strcmp("off", opt[0])) {
- HIP_INFO("tcptimeout set off\n");
- status = SO_HIP_SET_TCPTIMEOUT_OFF;
- } else {
- HIP_IFEL(1, -1, "bad args\n");
- // err = -1;
- }
- HIP_IFEL(hip_build_user_hdr(msg, status, 0), -1, "build hdr failed: %s\n",
strerror(err));
-
-out_err:
- return err;
-}
-
-/**
* Function that is used to set HIP PROXY on or off
*
* @param msg input/output message for the query/response for hipd
@@ -3290,7 +3247,7 @@
hip_conf_handle_dht_toggle, /* 22: TYPE_DHT */
hip_conf_handle_opptcp, /* 23: TYPE_OPPTCP */
hip_conf_handle_trans_order, /* 24: TYPE_ORDER */
- hip_conf_handle_tcptimeout, /* 25: TYPE_TCPTIMEOUT */
+ NULL,
hip_conf_handle_hipproxy, /* 26: TYPE_HIPPROXY */
hip_conf_handle_heartbeat, /* 27: TYPE_HEARTBEAT */
hip_conf_handle_hi3, /* 28: TYPE_HI3 */
=== modified file 'lib/core/certtools.c'
--- lib/core/certtools.c 2010-03-19 09:53:35 +0000
+++ lib/core/certtools.c 2010-03-19 10:00:34 +0000
@@ -1,6 +1,10 @@
/** @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* This file defines the certificate building and verification functions to
use with HIP
*
+ *
* @author Samu Varjonen
*/
=== modified file 'lib/core/certtools.h'
--- lib/core/certtools.h 2010-03-19 09:53:35 +0000
+++ lib/core/certtools.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_CERTTOOLS_H
#define HIP_LIB_CORE_CERTTOOLS_H
=== modified file 'lib/core/common_defines.h'
--- lib/core/common_defines.h 2010-02-17 17:38:08 +0000
+++ lib/core/common_defines.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/*
* common_defines.h
*
=== modified file 'lib/core/crypto.c'
--- lib/core/crypto.c 2010-03-19 09:53:35 +0000
+++ lib/core/crypto.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file lib/tool/crypto.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'lib/core/crypto.h'
--- lib/core/crypto.h 2010-03-19 09:53:35 +0000
+++ lib/core/crypto.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_CRYPTO_H
#define HIP_LIB_CORE_CRYPTO_H
=== modified file 'lib/core/debug.h'
--- lib/core/debug.h 2010-03-19 09:53:35 +0000
+++ lib/core/debug.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_DEBUG_H
#define HIP_LIB_CORE_DEBUG_H
=== modified file 'lib/core/esp_prot_common.h'
--- lib/core/esp_prot_common.h 2010-02-17 17:38:08 +0000
+++ lib/core/esp_prot_common.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/esp_prot_common.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for the functionality for the ESP protection in
* hipd and hipfw. It also defines necessary TPA parameters used by both
=== modified file 'lib/core/filemanip.h'
--- lib/core/filemanip.h 2010-03-19 09:53:35 +0000
+++ lib/core/filemanip.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_FILEMANIP_H
#define HIP_LIB_CORE_FILEMANIP_H
=== modified file 'lib/core/hashchain.c'
--- lib/core/hashchain.c 2010-02-18 14:58:39 +0000
+++ lib/core/hashchain.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashchain.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for a hash chain API
*
=== modified file 'lib/core/hashchain.h'
--- lib/core/hashchain.h 2010-02-17 17:38:08 +0000
+++ lib/core/hashchain.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashchain.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for a hash chain API
*
=== modified file 'lib/core/hashchain_store.c'
--- lib/core/hashchain_store.c 2010-02-18 14:58:39 +0000
+++ lib/core/hashchain_store.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashchain_store.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Stores a number of pre-created hash structures and supports HHL-based
* linking of hash structures in different hierarchy levels.
=== modified file 'lib/core/hashchain_store.h'
--- lib/core/hashchain_store.h 2010-02-17 17:38:08 +0000
+++ lib/core/hashchain_store.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashchain_store.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Stores a number of pre-created hash structures and supports HHL-based
* linking of hash structures in different hierarchy levels.
=== modified file 'lib/core/hashtable.h'
--- lib/core/hashtable.h 2010-03-19 09:53:35 +0000
+++ lib/core/hashtable.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
=== modified file 'lib/core/hashtree.c'
--- lib/core/hashtree.c 2010-02-18 14:58:39 +0000
+++ lib/core/hashtree.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashtree.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for Hash trees
*
=== modified file 'lib/core/hashtree.h'
--- lib/core/hashtree.h 2010-02-17 13:08:39 +0000
+++ lib/core/hashtree.h 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file firewall/hashtree.h
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* API for Hash trees
*
=== modified file 'lib/core/hip_statistics.c'
--- lib/core/hip_statistics.c 2010-03-19 09:53:35 +0000
+++ lib/core/hip_statistics.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,4 @@
-/** @file hip_statistics.c
+/** @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'lib/core/hip_statistics.h'
--- lib/core/hip_statistics.h 2010-03-03 16:51:18 +0000
+++ lib/core/hip_statistics.h 2010-03-19 10:00:34 +0000
@@ -1,4 +1,4 @@
-/** @file hip_statistics.h
+/** @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'lib/core/hip_udp.h'
--- lib/core/hip_udp.h 2010-03-19 09:53:35 +0000
+++ lib/core/hip_udp.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_HIP_UDP_H
#define HIP_LIB_CORE_HIP_UDP_H
=== modified file 'lib/core/hit.h'
--- lib/core/hit.h 2010-03-19 09:53:35 +0000
+++ lib/core/hit.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_HIT_H
#define HIP_LIB_CORE_HIT_H
=== modified file 'lib/core/hostid.h'
--- lib/core/hostid.h 2010-03-19 09:53:35 +0000
+++ lib/core/hostid.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_HOSTID_H
#define HIP_LIB_CORE_HOSTID_H
=== modified file 'lib/core/hostsfiles.h'
--- lib/core/hostsfiles.h 2010-03-19 09:53:35 +0000
+++ lib/core/hostsfiles.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_HOSTSFILES_H
#define HIP_LIB_CORE_HOSTSFILES_H
=== modified file 'lib/core/icomm.h'
--- lib/core/icomm.h 2010-03-19 09:25:52 +0000
+++ lib/core/icomm.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_ICOMM_H
#define HIP_LIB_CORE_ICOMM_H
=== modified file 'lib/core/ife.h'
--- lib/core/ife.h 2010-03-19 09:25:52 +0000
+++ lib/core/ife.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_IFE_H
#define HIP_LIB_CORE_IFE_H
=== modified file 'lib/core/keylen.h'
--- lib/core/keylen.h 2010-03-19 09:53:35 +0000
+++ lib/core/keylen.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_KEYLEN_H
#define HIP_LIB_CORE_KEYLEN_H
=== modified file 'lib/core/list.h'
--- lib/core/list.h 2010-02-17 17:38:08 +0000
+++ lib/core/list.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_LIST_H
#define HIP_LIB_CORE_LIST_H
=== modified file 'lib/core/prefix.h'
--- lib/core/prefix.h 2010-03-19 09:53:35 +0000
+++ lib/core/prefix.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_UTILS_H
#define HIP_LIB_CORE_UTILS_H
=== modified file 'lib/core/protodefs.h'
--- lib/core/protodefs.h 2010-03-19 09:53:35 +0000
+++ lib/core/protodefs.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/** @file
* This file defines a Host Identity Protocol (HIP) header and parameter
* related constants and structures.
=== modified file 'lib/core/solve.h'
--- lib/core/solve.h 2010-03-19 09:53:35 +0000
+++ lib/core/solve.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_SOLVE_H
#define HIP_LIB_CORE_SOLVE_H
=== modified file 'lib/core/sqlitedbapi.c'
--- lib/core/sqlitedbapi.c 2010-03-19 09:53:35 +0000
+++ lib/core/sqlitedbapi.c 2010-03-19 10:00:34 +0000
@@ -1,8 +1,10 @@
/** @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* This file defines the api for sqlite to use with HIPL. Is compiled only
with agent.
*
* @author Samu Varjonen
- *
*/
#include "config.h"
=== modified file 'lib/core/sqlitedbapi.h'
--- lib/core/sqlitedbapi.h 2010-03-19 09:53:35 +0000
+++ lib/core/sqlitedbapi.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_SQLITEDBAPI_H
#define HIP_LIB_CORE_SQLITEDBAPI_H
=== modified file 'lib/core/straddr.h'
--- lib/core/straddr.h 2010-03-19 09:53:35 +0000
+++ lib/core/straddr.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_STRADDR_H
#define HIP_LIB_CORE_STRADDR_H
=== modified file 'lib/core/transform.h'
--- lib/core/transform.h 2010-03-19 09:53:35 +0000
+++ lib/core/transform.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_CORE_TRANSFORM_H
#define HIP_LIB_CORE_TRANSFORM_H
=== modified file 'lib/dht/libhipdht.c'
--- lib/dht/libhipdht.c 2010-03-19 09:53:35 +0000
+++ lib/dht/libhipdht.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libdht/libhipopendht.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* Functions to use OpenDHT/Bamboo-DHT/OpenLookup-v1/OpenLookup-v2. Supports
* put, get, put-rm and rm messages.
=== modified file 'lib/dht/libhipdht.h'
--- lib/dht/libhipdht.h 2010-03-19 09:53:35 +0000
+++ lib/dht/libhipdht.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,10 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ */
+
#ifndef HIP_LIB_DHT_LIBHIPDHT_H
#define HIP_LIB_DHT_LIBHIPDHT_H
=== modified file 'lib/dht/libhipdhtxml.c'
--- lib/dht/libhipdhtxml.c 2010-03-19 09:53:35 +0000
+++ lib/dht/libhipdhtxml.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,13 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * DHT interface to publish and subscribe hostname-HIT-IP mappings.
+ *
+ * @author Samu Varjonen
+ */
+
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'lib/dht/libhipdhtxml.h'
--- lib/dht/libhipdhtxml.h 2010-02-17 17:38:08 +0000
+++ lib/dht/libhipdhtxml.h 2010-03-19 10:00:34 +0000
@@ -4,12 +4,13 @@
/** @file
* A header file for libhipopendhtxml.c
*
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* All xml-rpc message building functions for opendht.
* Also contains base 64 encoding and decoding wrappers that should
* be moved somewhere else because they are used also in cert stuff.
*
* @author Samu Varjonen
- * @version 0.2
*
*/
=== modified file 'lib/gui/create.c'
--- lib/gui/create.c 2010-03-03 13:16:18 +0000
+++ lib/gui/create.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/create.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains the all the needed functions to create the main window
and all
* the needed dialogs and other widgets for the agent GUI
=== modified file 'lib/gui/dragndrop.c'
--- lib/gui/dragndrop.c 2010-02-17 17:38:08 +0000
+++ lib/gui/dragndrop.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/dragndrop.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains all the necessary signal handlers for the agents
drag'n'drop.
*
=== modified file 'lib/gui/events.c'
--- lib/gui/events.c 2010-02-17 17:38:08 +0000
+++ lib/gui/events.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/events.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains event handlers for every button etc. in agent GUI
excluding
* drag'n'drop events that are in libhipgui/dragndrop.c
=== modified file 'lib/gui/hipgui.c'
--- lib/gui/hipgui.c 2010-03-03 13:16:18 +0000
+++ lib/gui/hipgui.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/hipgui.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains functionality that manipulate the content showed
* by the GUI also contains the main initialization function for the GUI
=== modified file 'lib/gui/tools.c'
--- lib/gui/tools.c 2010-03-03 13:16:18 +0000
+++ lib/gui/tools.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/tools.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains the all the needed functions to create the main window
and all
* the needed dialogs and other widgets for the agent GUI
=== modified file 'lib/gui/widgets.c'
--- lib/gui/widgets.c 2010-02-17 17:38:08 +0000
+++ lib/gui/widgets.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,7 @@
/**
- * @file libhipgui/widgets.c
+ * @file
*
- * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT>
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
* This file contains functions to init all the widgets needed for the GUI as
* well as the deinitialization of the widget system. Also functions how to set
=== modified file 'lib/opphip/wrap_db.h'
--- lib/opphip/wrap_db.h 2010-02-17 17:38:08 +0000
+++ lib/opphip/wrap_db.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_OPPHIP_WRAP_DB_H
#define HIP_LIB_OPPHIP_WRAP_DB_H
=== modified file 'lib/performance/performance.h'
--- lib/performance/performance.h 2010-02-17 17:38:08 +0000
+++ lib/performance/performance.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_LIB_PERFORMANCE_PERFORMANCE_H
#define HIP_LIB_PERFORMANCE_PERFORMANCE_H
=== modified file 'lib/tool/lutil.c'
--- lib/tool/lutil.c 2010-03-19 09:53:35 +0000
+++ lib/tool/lutil.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file lib/tool/lutil.c
+ * @file
*
* Distributed under
* <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
=== modified file 'lib/tool/nlink.c'
--- lib/tool/nlink.c 2010-03-19 09:53:35 +0000
+++ lib/tool/nlink.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file lib/tool/nlink.c
+ * @file
*
* This code originates from <a
*
href="http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2";>iproute2
=== added file 'lib/tool/pfkeysadb.c'
--- lib/tool/pfkeysadb.c 1970-01-01 00:00:00 +0000
+++ lib/tool/pfkeysadb.c 2010-03-19 10:00:34 +0000
@@ -0,0 +1,99 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * @brief this file contains IPsec management functionality borrowed from
Racoon
+ */
+/* required for caddr_t */
+#define _BSD_SOURCE
+
+#include "config.h"
+
+#include <lib/ipsec/pfkeyv2.h>
+#include <linux/ipsec.h>
+
+#include "config.h"
+#include "hipd/pfkeyapi.h"
+#include "lib/ipsec/libpfkey.h"
+#include "lib/core/hip_udp.h"
+#include "lib/core/keylen.h"
+#include "lib/core/debug.h"
+#include "pfkeysadb.h"
+
+/**
+ * This function fills in policy0 and policylen0 according to the given
parameters
+ * The full implementation can be found in racoon.
+ *
+ * @param policy0 the IPsec policy
+ * @param policylen0 length of the policy
+ * @param direction IPSEC_DIR_INBOUND | IPSEC_DIR_OUTBOUND
+ * @param src the source address for the policy
+ * @param dst the destination address for the policy
+ * @param mode the IPsec mode
+ * @param cmd add or delete
+ */
+int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction,
+ struct sockaddr *src, struct sockaddr *dst, u_int mode, int
cmd)
+{
+ struct sadb_x_policy *xpl;
+ struct sadb_x_ipsecrequest *xisr;
+ caddr_t policy, p;
+ int policylen;
+ int xisrlen, src_len, dst_len;
+
+ HIP_DEBUG("\n");
+ /* get policy buffer size */
+ policylen = sizeof(struct sadb_x_policy);
+ if (cmd != SADB_X_SPDDELETE) {
+ xisrlen = sizeof(*xisr);
+ xisrlen += (sysdep_sa_len(src) + sysdep_sa_len(dst));
+ policylen += PFKEY_ALIGN8(xisrlen);
+ }
+
+ /* make policy structure */
+ policy = malloc(policylen);
+ if (!policy) {
+ HIP_ERROR("Cannot allocate memory for policy\n");
+ return -ENOMEM;
+ }
+
+ xpl = (struct sadb_x_policy *) policy;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(policylen);
+ xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
+ xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
+ xpl->sadb_x_policy_dir = direction;
+ xpl->sadb_x_policy_id = 0;
+
+ //xpl->sadb_x_policy_priority = PRIORITY_DEFAULT;
+
+ if (cmd == SADB_X_SPDDELETE) {
+ goto end;
+ }
+
+ xisr = (struct sadb_x_ipsecrequest *) (xpl + 1);
+
+ xisr->sadb_x_ipsecrequest_proto = SADB_SATYPE_ESP;
+ xisr->sadb_x_ipsecrequest_mode = mode;
+ xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_REQUIRE;
+ xisr->sadb_x_ipsecrequest_reqid = 0;
+ p = (caddr_t) (xisr + 1);
+
+ xisrlen = sizeof(*xisr);
+
+ src_len = sysdep_sa_len(src);
+ dst_len = sysdep_sa_len(dst);
+ xisrlen += src_len + dst_len;
+
+ memcpy(p, src, src_len);
+ p += src_len;
+
+ memcpy(p, dst, dst_len);
+ p += dst_len;
+
+ xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(xisrlen);
+end:
+ *policy0 = policy;
+ *policylen0 = policylen;
+ return 0;
+}
=== added file 'lib/tool/pfkeysadb.h'
--- lib/tool/pfkeysadb.h 1970-01-01 00:00:00 +0000
+++ lib/tool/pfkeysadb.h 2010-03-19 10:00:34 +0000
@@ -0,0 +1,7 @@
+#ifndef HIP_LIB_TOOL_PFKEYSADB_H
+#define HIP_LIB_TOOL_PFKEYSADB_H
+
+int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction,
+ struct sockaddr *src, struct sockaddr *dst, u_int mode, int
cmd);
+
+#endif /* HIP_LIB_TOOL_PFKEYSADB_H */
=== modified file 'lib/tool/pk.c'
--- lib/tool/pk.c 2010-03-19 09:53:35 +0000
+++ lib/tool/pk.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file lib/tool/pk.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'lib/tool/xfrmapi.c'
--- lib/tool/xfrmapi.c 2010-03-19 09:53:35 +0000
+++ lib/tool/xfrmapi.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file libhiptool/xfrmapi.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
@@ -23,8 +23,6 @@
#include "xfrmapi.h"
-#ifndef CONFIG_HIP_PFKEY
-
#define RTA_BUF_SIZE 2048
/* New OSes have this, but older ones don't */
@@ -786,5 +784,3 @@
out_err:
return err;
}
-
-#endif /* ! CONFIG_HIP_PFKEY */
=== modified file 'test/auth_performance.c'
--- test/auth_performance.c 2010-03-19 09:53:35 +0000
+++ test/auth_performance.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,5 @@
/**
- * @file test/auth_performance.c
+ * @file
*
* Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*
=== modified file 'test/certteststub.c'
--- test/certteststub.c 2010-03-19 09:53:35 +0000
+++ test/certteststub.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/** @file
* A teststub for certtools.c/h
*
=== modified file 'test/conntest-client-hip.c'
--- test/conntest-client-hip.c 2010-03-19 09:53:35 +0000
+++ test/conntest-client-hip.c 2010-03-19 10:00:34 +0000
@@ -1,9 +1,18 @@
/** @file
- * A test client for testing connection between hosts. Use this in context
- * with conntest-server. "gai" stands for "give all information" :D
+ *
+ * Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ *
+ * A test client for testing connection between hosts very much
+ * similar to nc and nc6. The main difference is that this client can
+ * actually handle multihoming properly and supports both IPv4 and
+ * IPv6 in the same application . Use this in context with
+ * conntest-server for testing HIP connectivity or non-HIP
+ * connectivity (see the manual for examples). When testing HIP
+ * connectivity, you have either have the HITs/LSIs overloaded in
+ * /etc/hosts file or use the DNS proxy (see the manual).
*
* @author Lauri Silvennoinen
- * @note Distributed under <a
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ * @author Miika Komu <miika@xxxxxx>
*/
/* required for s6_addr32 */
=== modified file 'test/conntest-client-native.c'
--- test/conntest-client-native.c 2010-03-19 09:53:35 +0000
+++ test/conntest-client-native.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/*
* Echo STDIN to a selected server which should echo it back.
* Use this application with conntest-server-xx.
=== modified file 'test/conntest-client-opp.c'
--- test/conntest-client-opp.c 2010-03-19 09:53:35 +0000
+++ test/conntest-client-opp.c 2010-03-19 10:00:34 +0000
@@ -1,7 +1,13 @@
-/*
- * Echo STDIN to a selected machine via tcp or udp using ipv6. Use this
- * with conntest-server.
- *
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * Connection testing client similar to conntest-client-hip. When the code
+ * is configured with --enable-opportunistic, this code is linked to the
+ * opportunistic mode library and, hence, uses the opportunistic mode.
+ *
+ * @author Miika Komu <miika@xxxxxx>
*/
/* required for s6_addr32 */
@@ -25,6 +31,13 @@
#include "lib/core/ife.h"
#include "conntest.h"
+/**
+ * Main function.
+ *
+ * @param argc command line argument count.
+ * @param argv command line arguments.
+ * @return zero on success or non-zero on failure
+ */
int main(int argc, char *argv[])
{
int socktype, i, err = 0;
=== modified file 'test/conntest-server.c'
--- test/conntest-server.c 2010-03-19 09:53:35 +0000
+++ test/conntest-server.c 2010-03-19 10:00:34 +0000
@@ -1,12 +1,12 @@
-/*
- * Get data from client and send it back (echo server). Use this with
- * conntest-client.
- *
- * Bugs:
- * - this is a kludge
- *
- * Todo:
- * - rewrite/refactor for better modularity
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * An echo server that receives data from network and echoes it back. Use this
with
+ * with conntest-client
+ *
+ * @todo rewrite/refactor for better modularity
*/
/* required for s6_addr32 */
@@ -31,6 +31,11 @@
#include "config.h"
#include "conntest.h"
+/**
+ * handle signals
+ *
+ * @param signo the signal number
+ */
static void sig_handler(int signo)
{
if (signo == SIGTERM) {
@@ -41,6 +46,13 @@
}
}
+/**
+ * Main function.
+ *
+ * @param argc command line argument count.
+ * @param argv command line arguments.
+ * @return zero on success or non-zero on failure
+ */
int main(int argc, char *argv[])
{
int port;
=== modified file 'test/conntest.c'
--- test/conntest.c 2010-03-19 09:53:35 +0000
+++ test/conntest.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,13 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>
+ *
+ * Utility functionality for conntest-client and conntest-server
+ *
+ * @author Miika Komu <miika@xxxxxx>
+ */
+
/* required for s6_addr32 */
#define _BSD_SOURCE
@@ -6,13 +16,12 @@
#include "lib/tool/lutil.h"
/**
- * create_serversocket - given the port and the protocol
- * it binds the socket and listen to it
+ * given the port and the protocol, this function binds the socket and listen
to it
+ *
* @param proto type of protocol
* @param port the kind of protocol
*
- * @return the socket id,
- * exits on error.
+ * @return the socket id, exits on error.
*/
int create_serversocket(int type, in_port_t port)
{
@@ -80,6 +89,12 @@
return fd;
}
+/**
+ * TCP-based server loop
+ *
+ * @param serversock the server socket
+ * @return zero on success or negative on error
+ */
int main_server_tcp(int serversock)
{
int peerfd = 0, err = 0;
@@ -135,6 +150,12 @@
return err;
}
+/**
+ * create an IPv4-based UDP socket
+ *
+ * @param local_port the local port for which to bind to
+ * @return zero on success or negative on failure
+ */
int create_udp_ipv4_socket(in_port_t local_port)
{
int ipv4_sock = -1, err = 0, on = 1;
@@ -194,6 +215,17 @@
}
}
+/**
+ * Send a message over UDP. Notice that this works on a multihoming
+ * host correctly (in contrast to nc or nc6)
+ *
+ * @param sock the socket to use for sending
+ * @param data the data to send
+ * @param data_len the length of data in bytes
+ * @param local_addr the local address to use for sending
+ * @param peer_addr the peer address to use for sending
+ * @return zero on success or negative on failure
+ */
int udp_send_msg(int sock, uint8_t *data, size_t data_len,
struct sockaddr *local_addr,
struct sockaddr *peer_addr)
@@ -267,6 +299,14 @@
return err;
}
+/**
+ * UDP-based main loop
+ *
+ * @param ipv4_sock the socket to use for IPv6 communications
+ * @param ipv6_sock the socket to use for IPv4 communications
+ * @param local_port the local port to which to bind
+ * @return zero on success or negative on failure
+ */
int main_server_udp(int ipv4_sock, int ipv6_sock, in_port_t local_port)
{
/* Use recvmsg/sendmsg instead of recvfrom/sendto because
@@ -401,13 +441,12 @@
}
/**
- * main_server - given the port and the protocol
- * it handles the functionality of the responder
+ * given the port and the protocol this function handles the functionality of
the responder
+ *
* @param proto type of protocol
* @param port the kind of protocol
*
- * @return the socket id,
- * exits on error.
+ * @return the socket id, exits on error.
*/
int main_server(int type, in_port_t port)
{
=== modified file 'test/conntest.h'
--- test/conntest.h 2010-03-19 09:53:35 +0000
+++ test/conntest.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_TEST_CONNTEST_H
#define HIP_TEST_CONNTEST_H
=== modified file 'test/cookietest.c'
--- test/cookietest.c 2010-03-19 09:53:35 +0000
+++ test/cookietest.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'test/demo/stdinclient.c'
--- test/demo/stdinclient.c 2010-02-18 14:06:56 +0000
+++ test/demo/stdinclient.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,7 @@
-/*
- * $Id: stdinclient.c,v 1.3 2003/10/03 11:42:05 mika Exp $
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*/
#include <stdio.h>
=== modified file 'test/demo/stdinserver.c'
--- test/demo/stdinserver.c 2010-03-03 13:16:18 +0000
+++ test/demo/stdinserver.c 2010-03-19 10:00:34 +0000
@@ -1,5 +1,7 @@
-/*
- * $Id: stdinserver.c,v 1.3 2003/10/03 11:40:19 mika Exp $
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
*/
#include <stdio.h>
=== modified file 'test/dhtteststub.c'
--- test/dhtteststub.c 2010-03-19 09:53:35 +0000
+++ test/dhtteststub.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/** @file
* Teststub for the DHT interface
*
=== modified file 'test/hadb_deprecated.c'
--- test/hadb_deprecated.c 2010-02-10 23:43:06 +0000
+++ test/hadb_deprecated.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* Set the ifindex of given SPI */
/* assumes locked HA */
void hip_hadb_set_spi_ifindex_deprecated(hip_ha_t *entry,
=== modified file 'test/hadb_old.c'
--- test/hadb_old.c 2010-02-10 23:43:06 +0000
+++ test/hadb_old.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
// 17.11.2009:
// THIS FILE IS OBSOLETED.
// PLEASE DO NOT USE!
=== modified file 'test/hadb_old.h'
--- test/hadb_old.h 2010-02-08 15:18:06 +0000
+++ test/hadb_old.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
// 17.11.2009:
// THIS FILE IS OBSOLETED.
// PLEASE DO NOT USE!
=== modified file 'test/hashtest.c'
--- test/hashtest.c 2010-03-03 13:16:18 +0000
+++ test/hashtest.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'test/hc_performance.c'
--- test/hc_performance.c 2010-03-03 13:16:18 +0000
+++ test/hc_performance.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#include <stdio.h> /* printf & co */
#include <stdlib.h> /* exit & co */
#include <unistd.h>
=== modified file 'test/keygentest.c'
--- test/keygentest.c 2010-03-19 09:53:35 +0000
+++ test/keygentest.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'test/listtest.c'
--- test/listtest.c 2010-02-17 17:38:08 +0000
+++ test/listtest.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#include <stdlib.h>
#include <sys/queue.h>
#include <stdio.h>
=== modified file 'test/misc_install.c'
--- test/misc_install.c 2010-02-17 17:38:08 +0000
+++ test/misc_install.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* required for s6_addr32 */
#define _BSD_SOURCE
=== modified file 'test/misc_install.h'
--- test/misc_install.h 2010-02-17 17:38:08 +0000
+++ test/misc_install.h 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
#ifndef HIP_TEST_MISC_INSTALL_H
#define HIP_TEST_MISC_INSTALL_H
=== modified file 'test/performance/cookiesolver.c'
--- test/performance/cookiesolver.c 2010-03-03 13:16:18 +0000
+++ test/performance/cookiesolver.c 2010-03-19 10:00:34 +0000
@@ -1,3 +1,8 @@
+/**
+ * @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ */
/* $Id: cookiesolver.c,v 1.3 2003/10/14 15:50:31 krisu Exp $ */
#include <stdio.h>
=== modified file 'test/sqliteteststub.c'
--- test/sqliteteststub.c 2010-03-19 09:53:35 +0000
+++ test/sqliteteststub.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,7 @@
/** @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* A teststub for certtools.c/h
*
* File for testing the main operations of certtools.
=== modified file 'tools/pisacert.c'
--- tools/pisacert.c 2010-03-19 09:53:35 +0000
+++ tools/pisacert.c 2010-03-19 10:00:34 +0000
@@ -1,4 +1,7 @@
/** @file
+ *
+ * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
* Generate a SPKI certificate for use with PISA.
*
* @author Thomas Jansen <mithi@xxxxxxxxx>
=== modified file 'verbose-headers.txt'
--- verbose-headers.txt 2010-02-01 13:24:34 +0000
+++ verbose-headers.txt 2010-03-19 10:00:34 +0000
@@ -320,18 +320,6 @@
hipd/registration.h : hip_set_srv_max_lifetime
hipd/registration.h : hip_set_srv_min_lifetime
hipd/registration.h : hip_srv_status_t
-hipd/tcptimeout.h : HIP_TCPTIMEOUT
-hipd/tcptimeout.h : sysctl_set_command
-hipd/tcptimeout.h : SYSCTL_SET_COMMAND
-hipd/tcptimeout.h : TCP_RETRIES_1_DEFAULT
-hipd/tcptimeout.h : TCP_RETRIES_1_NEW
-hipd/tcptimeout.h : TCP_RETRIES_1_STRING
-hipd/tcptimeout.h : TCP_RETRIES_2_DEFAULT
-hipd/tcptimeout.h : TCP_RETRIES_2_NEW
-hipd/tcptimeout.h : TCP_RETRIES_2_STRING
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_DEFAULT
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_NEW
-hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_STRING
hipd/user_ipsec_hipd_msg.h : USER_IPSEC_HIPD_MSG_H_
hipd/user_ipsec_sadb_api.h : hip_userspace_ipsec_send_to_fw
hipd/user_ipsec_sadb_api.h : USER_IPSEC_SADB_API_H_
@@ -371,7 +359,6 @@
libhipconf/hipconf.h : ACTION_RUN
libhipconf/hipconf.h : ACTION_SET
libhipconf/hipconf.h : ACTION_SHOTGUN
-libhipconf/hipconf.h : ACTION_TCPTIMEOUT
libhipconf/hipconf.h : ACTION_TRANSORDER
libhipconf/hipconf.h : LIB_LENGTH
libhipconf/hipconf.h : OPT_HI_FILE
Other related posts:
- » [hipl-commit] [release-1.0.5] Rev 3803: Syncronized to trunk revisions 4001..4036 - Miika Komu