Committer: Miika Komu <miika@xxxxxx> Date: 19/03/2010 at 12:00:24 Revision: 3803 Revision-id: miika@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Branch nick: release-1.0.5 Log: Syncronized to trunk revisions 4001..4036 Modified: D firewall/lsi.c.doxyme D hipd/accessor.h.doxyme D hipd/blind.h.doxyme D hipd/bos.h.doxyme D hipd/cert.c.doxyme D hipd/cert.h.doxyme D hipd/close.h.doxyme D hipd/configfilereader.c.doxyme D hipd/configfilereader.h.doxyme D hipd/cookie.h.doxyme D hipd/dh.h.doxyme D hipd/hadb.h.doxyme D hipd/hadb_legacy.h.doxyme D hipd/hi3.h.doxyme D hipd/hidb.h.doxyme D hipd/hipd.h.doxyme D hipd/hiprelay.h.doxyme D hipd/init.h.doxyme D hipd/input.h.doxyme D hipd/keymat.h.doxyme D hipd/maintenance.h.doxyme D hipd/nat.c.doxyme D hipd/nat.h.doxyme D hipd/netdev.c.doxyme D hipd/netdev.h.doxyme D hipd/oppdb.h.doxyme D hipd/oppipdb.h.doxyme D hipd/output.c.doxyme D hipd/output.h.doxyme D hipd/pfkeyapi.c.doxyme D hipd/registration.c.doxyme D hipd/registration.h.doxyme D hipd/tcptimeout.c D hipd/tcptimeout.c.doxyme D hipd/tcptimeout.h D hipd/tcptimeout.h.doxyme D hipd/update.c.doxyme D hipd/update.h.doxyme D hipd/update_legacy.c.doxyme D hipd/update_legacy.h.doxyme D hipd/user.c.doxyme D hipd/user.h.doxyme D lib/core/builder.h.doxyme D lib/core/certtools.c.doxyme D lib/core/certtools.h.doxyme D lib/core/common_defines.h.doxyme D lib/core/debug.h.doxyme D lib/core/hashtable.h.doxyme D lib/core/hip_capability.h.doxyme D lib/core/icomm.h.doxyme D lib/core/ife.h.doxyme D lib/core/linkedlist.c.doxyme D lib/core/linkedlist.h.doxyme D lib/core/list.h.doxyme D lib/core/message.h.doxyme D lib/core/protodefs.h.doxyme D lib/core/sqlitedbapi.c.doxyme D lib/core/sqlitedbapi.h.doxyme D lib/core/state.h.doxyme D lib/tool/lutil.c.doxyme D lib/tool/nlink.c.doxyme D lib/tool/pk.c.doxyme D lib/tool/xfrmapi.c.doxyme A lib/tool/pfkeysadb.c A lib/tool/pfkeysadb.h M Android.mk M Makefile.am M agent/agent.c M agent/connhipd.c M agent/gui_interface.c M agent/hitdb.c M agent/hitdb.h M agent/language.c M agent/str_var.c M agent/tools.c M doc/COPYING M doc/doxygen.h M doc/verbose-header-files.txt M firewall/cache.c M firewall/cache.h M firewall/cache_port.c M firewall/cache_port.h M firewall/common_hipd_msg.c M firewall/common_hipd_msg.h M firewall/common_types.h M firewall/conntrack.c M firewall/conntrack.h M firewall/datapkt.c M firewall/datapkt.h M firewall/dlist.c M firewall/dlist.h M firewall/esp_prot_api.c M firewall/esp_prot_api.h M firewall/esp_prot_config.c M firewall/esp_prot_config.h M firewall/esp_prot_conntrack.c M firewall/esp_prot_conntrack.h M firewall/esp_prot_defines.h M firewall/esp_prot_fw_msg.c M firewall/esp_prot_fw_msg.h M firewall/firewall.h M firewall/firewall_control.c M firewall/firewall_control.h M firewall/firewall_defines.h M firewall/firewalldb.c M firewall/firewalldb.h M firewall/helpers.c M firewall/helpers.h M firewall/hslist.c M firewall/hslist.h M firewall/lsi.c M firewall/lsi.h M firewall/midauth.c M firewall/midauth.h M firewall/opptcp.c M firewall/opptcp.h M firewall/pisa.c M firewall/pisa.h M firewall/pisa_cert.c M firewall/pisa_cert.h M firewall/proxy.h M firewall/proxyconndb.c M firewall/proxyconndb.h M firewall/proxydb.h M firewall/rule_management.c M firewall/rule_management.h M firewall/sysopp.c M firewall/sysopp.h M firewall/user_ipsec_api.c M firewall/user_ipsec_api.h M firewall/user_ipsec_esp.c M firewall/user_ipsec_esp.h M firewall/user_ipsec_fw_msg.c M firewall/user_ipsec_fw_msg.h M firewall/user_ipsec_sadb.c M firewall/user_ipsec_sadb.h M hipd/accessor.h M hipd/blind.h M hipd/bos.h M hipd/cert.c M hipd/cert.h M hipd/close.h M hipd/cookie.h M hipd/dh.h M hipd/dht.c M hipd/dht.h M hipd/esp_prot_anchordb.c M hipd/esp_prot_anchordb.h M hipd/esp_prot_hipd_msg.c M hipd/esp_prot_hipd_msg.h M hipd/esp_prot_light_update.c M hipd/esp_prot_light_update.h M hipd/hadb.h M hipd/hadb_legacy.h M hipd/heartbeat.c M hipd/heartbeat.h M hipd/hi3.h M hipd/hidb.h M hipd/hipd.c M hipd/hipd.h M hipd/hit_to_ip.c M hipd/hit_to_ip.h M hipd/init.c M hipd/init.h M hipd/keymat.h M hipd/maintenance.h M hipd/netdev.c M hipd/netdev.h M hipd/nsupdate.c M hipd/nsupdate.h M hipd/oppdb.h M hipd/output.c M hipd/pfkeyapi.c M hipd/pfkeyapi.h M hipd/pisa.c M hipd/pisa.h M hipd/registration.c M hipd/update.c M hipd/update_legacy.c M hipd/update_legacy.h M hipd/user.c M hipd/user.h M hipd/user_ipsec_hipd_msg.c M hipd/user_ipsec_hipd_msg.h M hipd/user_ipsec_sadb_api.c M hipd/user_ipsec_sadb_api.h M i3/utils/netwrap.h M lib/conf/hipconf.c M lib/core/certtools.c M lib/core/certtools.h M lib/core/common_defines.h M lib/core/crypto.c M lib/core/crypto.h M lib/core/debug.h M lib/core/esp_prot_common.h M lib/core/filemanip.h M lib/core/hashchain.c M lib/core/hashchain.h M lib/core/hashchain_store.c M lib/core/hashchain_store.h M lib/core/hashtable.h M lib/core/hashtree.c M lib/core/hashtree.h M lib/core/hip_statistics.c M lib/core/hip_statistics.h M lib/core/hip_udp.h M lib/core/hit.h M lib/core/hostid.h M lib/core/hostsfiles.h M lib/core/icomm.h M lib/core/ife.h M lib/core/keylen.h M lib/core/list.h M lib/core/prefix.h M lib/core/protodefs.h M lib/core/solve.h M lib/core/sqlitedbapi.c M lib/core/sqlitedbapi.h M lib/core/straddr.h M lib/core/transform.h M lib/dht/libhipdht.c M lib/dht/libhipdht.h M lib/dht/libhipdhtxml.c M lib/dht/libhipdhtxml.h M lib/gui/create.c M lib/gui/dragndrop.c M lib/gui/events.c M lib/gui/hipgui.c M lib/gui/tools.c M lib/gui/widgets.c M lib/opphip/wrap_db.h M lib/performance/performance.h M lib/tool/lutil.c M lib/tool/nlink.c M lib/tool/pk.c M lib/tool/xfrmapi.c M test/auth_performance.c M test/certteststub.c M test/conntest-client-hip.c M test/conntest-client-native.c M test/conntest-client-opp.c M test/conntest-server.c M test/conntest.c M test/conntest.h M test/cookietest.c M test/demo/stdinclient.c M test/demo/stdinserver.c M test/dhtteststub.c M test/hadb_deprecated.c M test/hadb_old.c M test/hadb_old.h M test/hashtest.c M test/hc_performance.c M test/keygentest.c M test/listtest.c M test/misc_install.c M test/misc_install.h M test/performance/cookiesolver.c M test/sqliteteststub.c M tools/pisacert.c M verbose-headers.txt === modified file 'Android.mk' --- Android.mk 2010-03-19 09:53:35 +0000 +++ Android.mk 2010-03-19 10:00:34 +0000 @@ -39,7 +39,6 @@ accessor.c \ oppipdb.c \ dh.c \ - tcptimeout.c \ cert.c \ user_ipsec_sadb_api.c \ user_ipsec_hipd_msg.c \ === modified file 'Makefile.am' --- Makefile.am 2010-03-19 09:53:35 +0000 +++ Makefile.am 2010-03-19 10:00:34 +0000 @@ -178,7 +178,6 @@ hipd/accessor.c \ hipd/oppipdb.c \ hipd/dh.c \ - hipd/tcptimeout.c \ hipd/cert.c \ hipd/user_ipsec_sadb_api.c \ hipd/user_ipsec_hipd_msg.c \ @@ -221,7 +220,6 @@ firewall/dlist.c \ firewall/hslist.c \ firewall/user_ipsec_api.c \ - firewall/user_ipsec_esp.c \ firewall/user_ipsec_sadb.c \ firewall/user_ipsec_fw_msg.c \ firewall/common_hipd_msg.c \ @@ -238,7 +236,8 @@ firewall/savah_gateway.c \ firewall/cache.c \ firewall/cache_port.c \ - firewall/datapkt.c + firewall/datapkt.c \ + firewall/user_ipsec_esp.c if HIP_MIDAUTH firewall_hipfw_SOURCES += firewall/midauth.c \ @@ -332,7 +331,9 @@ DISTCLEANFILES = lib/ipsec/policy_token.h # don't use libipsec, but xfrmapi -if !HIP_PFKEY +if HIP_PFKEY +lib_tool_libhiptool_la_SOURCES += lib/tool/pfkeysadb.c +else lib_tool_libhiptool_la_SOURCES += lib/tool/xfrmapi.c endif # HIPPFKEY === modified file 'agent/agent.c' --- agent/agent.c 2010-03-19 09:53:35 +0000 +++ agent/agent.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file agent/agent.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains all the necessary signal handlers for the agent. The signal handlers * defined in this file are only used in the main() of this file. === modified file 'agent/connhipd.c' --- agent/connhipd.c 2010-03-19 09:53:35 +0000 +++ agent/connhipd.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file agent/connhipd.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains all the necessary things for the agent to communicate with * the hipd, initialization of the socket, handling of the messages, thread to ping the === modified file 'agent/gui_interface.c' --- agent/gui_interface.c 2010-02-17 17:38:08 +0000 +++ agent/gui_interface.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file agent/gui_interface.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'agent/hitdb.c' --- agent/hitdb.c 2010-02-17 17:38:08 +0000 +++ agent/hitdb.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file agent/hitdb.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Functions to manipulate the HIT database and do searcher from it. * Also contains the functionality that inserts the records from memory to === modified file 'agent/hitdb.h' --- agent/hitdb.h 2010-02-17 17:38:08 +0000 +++ agent/hitdb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_AGENT_HITDB_H #define HIP_AGENT_HITDB_H === modified file 'agent/language.c' --- agent/language.c 2010-02-17 17:38:08 +0000 +++ agent/language.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file agent/language.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Functions that load different defined languages and how to search * specific strings in that language === modified file 'agent/str_var.c' --- agent/str_var.c 2010-02-17 17:38:08 +0000 +++ agent/str_var.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file agent/str_var.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains functions that are used to create the memory * representation (linked list) of the language file. === modified file 'agent/tools.c' --- agent/tools.c 2010-02-17 17:38:08 +0000 +++ agent/tools.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file agent/tools.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'doc/COPYING' --- doc/COPYING 2010-02-18 12:26:08 +0000 +++ doc/COPYING 2010-03-19 10:00:34 +0000 @@ -1,3 +1,76 @@ +HIPL Licensing Conditions +========================= + +HIPL is licensed under GPLv2 until June 2010. After this, the license +of the code developed for the HIPL project changes from GPLv2 to +MIT (Expat license). However, the following companies can use the code +developed for the HIPL project using the MIT license already before the +mentioned date: + + * Nokia OYJ + * OY LM Ericsson Ab + * Elisa Oyj + * Puolustusvoimat + * Birdstep Technology Oy + * TeliaSonera Finland Oyj + * Tekes + +The code under the following directories was developed for the HIPL project: + + * firewall (see an exception below) + * tools (see exceptions below) + * lib/performance + * lib/opphip + * lib/conf + * lib/gui + * lib/core + * test + * agent + * hipd + * doc + +The following directories contain code imported from other projects +and have their own licensing conditions: + + * firewall/user_ipsec_esp.c + * tools/daemontools + * tools/djbdns + * tools/DNS + * lib/android + * lib/tool + * lib/ipsec + * i3 + +MIT (Expat) License +=================== + + Copyright (c) 2010 Helsinki University of Technology (Aalto + University) and RWTH Aachen University. + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation + files (the "Software"), to deal in the Software without + restriction, including without limitation the rights to use, + copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the + Software is furnished to do so, subject to the following + conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES + OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT + HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + OTHER DEALINGS IN THE SOFTWARE. + +GPLv2 License +============= + GNU GENERAL PUBLIC LICENSE Version 2, June 1991 === modified file 'doc/doxygen.h' --- doc/doxygen.h 2010-02-18 14:06:56 +0000 +++ doc/doxygen.h 2010-03-19 10:00:34 +0000 @@ -2,6 +2,9 @@ #define DOXYGEN_H /** * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * There should be no need to include this file anywhere! This is only for * defining doxygen related things, such as groups and lists. */ @@ -319,7 +322,7 @@ */ /** - * @file libinet6/protodefs.h + * @file * @def HIP_I1 * @def HIP_R1 * @def HIP_I2 @@ -405,7 +408,7 @@ */ /** - * @file libinet6/protodefs.h + * @file * @def HIP_PARAM_MIN * Defines the minimum parameter type value. * @note exclusive @@ -550,7 +553,7 @@ */ /** - * @file libinet6/protodefs.h + * @file * @def HIP_NTF_UNSUPPORTED_CRITICAL_PARAMETER_TYPE * Sent if the parameter type has the "critical" bit set and the * parameter type is not recognized. Notification Data contains the two @@ -625,7 +628,7 @@ */ /** - * @file libinet6/protodefs.h + * @file * @def HIP_SERVICE_RENDEZVOUS * Rendezvous service for relaying I1 packets. * @def HIP_SERVICE_RELAY @@ -636,7 +639,7 @@ */ /** - * @file libinet6/protodefs.h + * @file * @struct hip_rvs_hmac * Rendezvous server hmac. A non-critical parameter whose only difference with * the @c HMAC parameter defined in [I-D.ietf-hip-base] is its @c type code. @@ -778,7 +781,7 @@ */ /** - * @file libinet6/state.h + * @file * @def HIP_STATE_NONE * No state, structure unused. * @def HIP_STATE_UNASSOCIATED === modified file 'doc/verbose-header-files.txt' --- doc/verbose-header-files.txt 2010-02-01 13:24:34 +0000 +++ doc/verbose-header-files.txt 2010-03-19 10:00:34 +0000 @@ -36,7 +36,6 @@ libhipconf/hipconf.h : ACTION_RUN libhipconf/hipconf.h : ACTION_SET libhipconf/hipconf.h : ACTION_SHOTGUN -libhipconf/hipconf.h : ACTION_TCPTIMEOUT libhipconf/hipconf.h : ACTION_TRANSORDER firewall/esp_prot_api firewall/user_ipsec_sadb.h : active_item_length libhipcore/hip_statistics.h : added_squared_values @@ -277,7 +276,6 @@ libhipconf/hipconf.h : hip_conf_handle_service libhipconf/hipconf.h : hip_conf_handle_set libhipconf/hipconf.h : hip_conf_handle_shotgun_toggle -libhipconf/hipconf.h : hip_conf_handle_tcptimeout libhipconf/hipconf.h : hip_conf_handle_trans_order libhipconf/hipconf.h : hip_conf_handle_ttl firewall/conndb.h : hip_conn @@ -558,7 +556,6 @@ libhipcore/state.h : hip_stateless_info libhipcore/hip_statistics.h : HIP_STATISTICS_H_ libhipcore/protodefs.h : hip_stun -hipd/tcptimeout.h : HIP_TCPTIMEOUT libhipcore/protodefs.h : HIP_TEREDO_TYPE_MASK_100 libhipcore/utils.h : HIP_TMP_FNAME_TEMPLATE libhipcore/state.h : hip_turn_info @@ -1208,20 +1205,10 @@ agent/str_var.h : str_var_empty agent/str_var.h : str_var_find libhipandroid/regex.h : syntax -hipd/tcptimeout.h : sysctl_set_command -hipd/tcptimeout.h : SYSCTL_SET_COMMAND + libipsec/libpfkey.h : __SYSDEP_SA_LEN__ libhipcore/debug.h : SYSLOG_FACILITY libhipcore/debug.h : SYSLOG_OPT -hipd/tcptimeout.h : TCP_RETRIES_1_DEFAULT -hipd/tcptimeout.h : TCP_RETRIES_1_NEW -hipd/tcptimeout.h : TCP_RETRIES_1_STRING -hipd/tcptimeout.h : TCP_RETRIES_2_DEFAULT -hipd/tcptimeout.h : TCP_RETRIES_2_NEW -hipd/tcptimeout.h : TCP_RETRIES_2_STRING -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_DEFAULT -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_NEW -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_STRING test/unittest.h : TEST_CASE firewall/rule_management.h : test_parse_copy firewall/rule_management.h : test_rule_management @@ -1281,7 +1268,6 @@ firewall/common_types.h : TYPES_H_ libhipconf/hipconf.h : TYPE_SHOTGUN firewall/rule_management.h : TYPE_STR -libhipconf/hipconf.h : TYPE_TCPTIMEOUT libhipconf/hipconf.h : TYPE_TTL hipd/hiprelay.h : udp_port_r test/suite test/unittest.h : unit_test_suite_list_userspace === modified file 'firewall/cache.c' --- firewall/cache.c 2010-03-19 09:53:35 +0000 +++ firewall/cache.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/cache.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * === modified file 'firewall/cache.h' --- firewall/cache.h 2010-03-03 13:16:18 +0000 +++ firewall/cache.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_CACHE_H #define HIP_FIREWALL_CACHE_H === modified file 'firewall/cache_port.c' --- firewall/cache_port.c 2010-03-19 09:53:35 +0000 +++ firewall/cache_port.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/cache_port.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * === modified file 'firewall/cache_port.h' --- firewall/cache_port.h 2010-02-17 17:38:08 +0000 +++ firewall/cache_port.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_CACHE_PORT_H #define HIP_FIREWALL_CACHE_PORT_H === modified file 'firewall/common_hipd_msg.c' --- firewall/common_hipd_msg.c 2010-03-19 09:53:35 +0000 +++ firewall/common_hipd_msg.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,13 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> + * + * Contains one function to get the state of a host association. + * + * @author Miika Komu <miika@xxxxxx> + */ + /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'firewall/common_hipd_msg.h' --- firewall/common_hipd_msg.h 2010-02-17 17:38:08 +0000 +++ firewall/common_hipd_msg.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_COMMON_HIPD_MSG_H #define HIP_FIREWALL_COMMON_HIPD_MSG_H === modified file 'firewall/common_types.h' --- firewall/common_types.h 2010-02-17 13:08:39 +0000 +++ firewall/common_types.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_COMMON_TYPES_H #define HIP_FIREWALL_COMMON_TYPES_H === modified file 'firewall/conntrack.c' --- firewall/conntrack.c 2010-03-19 09:53:35 +0000 +++ firewall/conntrack.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/conntrack.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a>. * === modified file 'firewall/conntrack.h' --- firewall/conntrack.h 2010-03-19 09:53:35 +0000 +++ firewall/conntrack.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_CONNTRACK_H #define HIP_FIREWALL_CONNTRACK_H === modified file 'firewall/datapkt.c' --- firewall/datapkt.c 2010-03-19 09:53:35 +0000 +++ firewall/datapkt.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/datapkt.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'firewall/datapkt.h' --- firewall/datapkt.h 2010-02-17 17:38:08 +0000 +++ firewall/datapkt.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_DATAPKT_H #define HIP_FIREWALL_DATAPKT_H === modified file 'firewall/dlist.c' --- firewall/dlist.c 2010-02-14 12:32:17 +0000 +++ firewall/dlist.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/dlist.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * === modified file 'firewall/dlist.h' --- firewall/dlist.h 2010-02-17 17:38:08 +0000 +++ firewall/dlist.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_DLIST_H #define HIP_FIREWALL_DLIST_H === modified file 'firewall/esp_prot_api.c' --- firewall/esp_prot_api.c 2010-03-19 09:53:35 +0000 +++ firewall/esp_prot_api.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_api.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/esp_prot_api.h' --- firewall/esp_prot_api.h 2010-02-17 17:38:08 +0000 +++ firewall/esp_prot_api.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_api.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for adding and verifying tokens to ESP data packets for the * different modes, in order to allow middleboxes to inspect and === modified file 'firewall/esp_prot_config.c' --- firewall/esp_prot_config.c 2010-02-17 17:38:08 +0000 +++ firewall/esp_prot_config.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_config.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/esp_prot_config.h' --- firewall/esp_prot_config.h 2010-03-19 09:53:35 +0000 +++ firewall/esp_prot_config.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_config.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for reading of the configuration files for the * ESP protection extension. It furthermore provides sanity === modified file 'firewall/esp_prot_conntrack.c' --- firewall/esp_prot_conntrack.c 2010-03-19 09:53:35 +0000 +++ firewall/esp_prot_conntrack.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_conntrack.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'firewall/esp_prot_conntrack.h' --- firewall/esp_prot_conntrack.h 2010-03-19 09:53:35 +0000 +++ firewall/esp_prot_conntrack.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_conntrack.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for the connection tracking for the ESP protection extension. * === modified file 'firewall/esp_prot_defines.h' --- firewall/esp_prot_defines.h 2010-02-17 17:38:08 +0000 +++ firewall/esp_prot_defines.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_ESP_PROT_DEFINES_H #define HIP_FIREWALL_ESP_PROT_DEFINES_H === modified file 'firewall/esp_prot_fw_msg.c' --- firewall/esp_prot_fw_msg.c 2010-03-19 09:53:35 +0000 +++ firewall/esp_prot_fw_msg.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_fw_msg.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/esp_prot_fw_msg.h' --- firewall/esp_prot_fw_msg.h 2010-02-17 17:38:08 +0000 +++ firewall/esp_prot_fw_msg.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_fw_msg.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for the communication with the hipd. * === modified file 'firewall/firewall.h' --- firewall/firewall.h 2010-03-19 09:53:35 +0000 +++ firewall/firewall.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_FIREWALL_H #define HIP_FIREWALL_FIREWALL_H === modified file 'firewall/firewall_control.c' --- firewall/firewall_control.c 2010-03-19 09:53:35 +0000 +++ firewall/firewall_control.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/firewall_control.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'firewall/firewall_control.h' --- firewall/firewall_control.h 2010-03-19 09:53:35 +0000 +++ firewall/firewall_control.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_FIREWALL_CONTROL_H #define HIP_FIREWALL_FIREWALL_CONTROL_H === modified file 'firewall/firewall_defines.h' --- firewall/firewall_defines.h 2010-03-19 09:53:35 +0000 +++ firewall/firewall_defines.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_FIREWALL_DEFINES_H #define HIP_FIREWALL_FIREWALL_DEFINES_H === modified file 'firewall/firewalldb.c' --- firewall/firewalldb.c 2010-03-19 09:53:35 +0000 +++ firewall/firewalldb.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/firewalldb.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/firewalldb.h' --- firewall/firewalldb.h 2010-03-19 09:24:10 +0000 +++ firewall/firewalldb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_FIREWALLDB_H #define HIP_FIREWALL_FIREWALLDB_H === modified file 'firewall/helpers.c' --- firewall/helpers.c 2010-03-03 13:16:18 +0000 +++ firewall/helpers.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/helpers.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/helpers.h' --- firewall/helpers.h 2010-02-17 17:38:08 +0000 +++ firewall/helpers.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_HELPERS_H #define HIP_FIREWALL_HELPERS_H === modified file 'firewall/hslist.c' --- firewall/hslist.c 2010-02-14 12:32:17 +0000 +++ firewall/hslist.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/hslist.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/hslist.h' --- firewall/hslist.h 2010-02-17 13:08:39 +0000 +++ firewall/hslist.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_HSLIST_H #define HIP_FIREWALL_HSLIST_H === modified file 'firewall/lsi.c' --- firewall/lsi.c 2010-03-19 09:53:35 +0000 +++ firewall/lsi.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/lsi.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/lsi.h' --- firewall/lsi.h 2010-03-19 09:53:35 +0000 +++ firewall/lsi.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_LSI_H #define HIP_FIREWALL_LSI_H === modified file 'firewall/midauth.c' --- firewall/midauth.c 2010-03-19 09:53:35 +0000 +++ firewall/midauth.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/midauth.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/midauth.h' --- firewall/midauth.h 2010-03-19 09:53:35 +0000 +++ firewall/midauth.h 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/midauth.h + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/opptcp.c' --- firewall/opptcp.c 2010-03-19 09:53:35 +0000 +++ firewall/opptcp.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/opptcp.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/opptcp.h' --- firewall/opptcp.h 2010-02-17 13:08:39 +0000 +++ firewall/opptcp.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_OPPTCP_H #define HIP_FIREWALL_OPPTCP_H === modified file 'firewall/pisa.c' --- firewall/pisa.c 2010-03-19 09:53:35 +0000 +++ firewall/pisa.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/pisa.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/pisa.h' --- firewall/pisa.h 2010-02-18 09:06:49 +0000 +++ firewall/pisa.h 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/pisa.h + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/pisa_cert.c' --- firewall/pisa_cert.c 2010-02-18 09:06:49 +0000 +++ firewall/pisa_cert.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/pisa_cert.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/pisa_cert.h' --- firewall/pisa_cert.h 2010-02-18 09:06:49 +0000 +++ firewall/pisa_cert.h 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/pisa_cert.h + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/proxy.h' --- firewall/proxy.h 2010-03-19 09:53:35 +0000 +++ firewall/proxy.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_PROXY_H #define HIP_FIREWALL_PROXY_H === modified file 'firewall/proxyconndb.c' --- firewall/proxyconndb.c 2010-03-03 13:16:18 +0000 +++ firewall/proxyconndb.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/proxyconndb.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * === modified file 'firewall/proxyconndb.h' --- firewall/proxyconndb.h 2010-02-17 17:38:08 +0000 +++ firewall/proxyconndb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_PROXYCONNDB_H #define HIP_FIREWALL_PROXYCONNDB_H === modified file 'firewall/proxydb.h' --- firewall/proxydb.h 2010-02-17 17:38:08 +0000 +++ firewall/proxydb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_PROXYDB_H #define HIP_FIREWALL_PROXYDB_H === modified file 'firewall/rule_management.c' --- firewall/rule_management.c 2010-03-19 09:53:35 +0000 +++ firewall/rule_management.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/rule_management.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * @@ -96,7 +96,7 @@ * Writes the default firewall configuration file to the disk if it does * not exist * - * @file the configuration file name + * @file */ static void check_and_write_default_config(const char *file) { === modified file 'firewall/rule_management.h' --- firewall/rule_management.h 2010-02-17 17:38:08 +0000 +++ firewall/rule_management.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_RULE_MANAGEMENT_H #define HIP_FIREWALL_RULE_MANAGEMENT_H === modified file 'firewall/sysopp.c' --- firewall/sysopp.c 2010-03-19 09:53:35 +0000 +++ firewall/sysopp.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,26 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * System-based opportunistic mode for HIP. In contrast to the library-based + * opportunistic mode, this code hooks by iptables instead of LD_PRELOAD. + * See the following papers for more information: + * + * - <a href="http://hipl.hiit.fi/hipl/thesis_teresa_finez.pdf";>T. Finez, + * Backwards Compatibility Experimentation with Host Identity Protocol + * and Legacy Software and Networks , final project, December 2008</a> + * - <a href="http://www.iki.fi/miika/docs/ccnc09.pdf";> + * Miika Komu and Janne Lindqvist, Leap-of-Faith Security is Enough + * for IP Mobility, 6th Annual IEEE Consumer + * Communications & Networking Conference IEEE CCNC 2009, Las Vegas, + * Nevada, January 2009</a> + * + * @brief System-based opportunistic mode for HIP + * @author Teresa Finez + * @author Miika Komu <miika@xxxxxx> + */ + /* required for s6_addr32 */ #define _BSD_SOURCE @@ -15,6 +38,9 @@ #include "common_hipd_msg.h" #include "lib/core/hostid.h" +/** + * flush iptables rules for system-based opportunistic mode + */ void hip_fw_flush_system_based_opp_chains(void) { int err; @@ -27,8 +53,8 @@ * Checks whether a particular hit is one of the local ones. * Goes through all the local hits and compares with the given hit. * - * @param *hit the input src hit - * @return 1 if *hit is a local hit + * @param hit the input src hit + * @return 1 if @c hit is a local hit * 0 otherwise */ static int hit_is_local_hit(const struct in6_addr *hit) @@ -68,6 +94,13 @@ return res; } +/** + * Add a by-pass rule to skip opportunistic processing for a peer + * that was found non-HIP capable. Offers a significant speed up. + * + * @param ctx the packet context + * @param verdict the verdict to assign for the packet + */ static void hip_fw_add_non_hip_peer(const hip_fw_context_t *ctx, const int verdict) { @@ -220,6 +253,13 @@ return verdict; } +/** + * based on the parameters in a message, assign the HITs and IP addresses + * to a given firewall entry + * + * @param msg the message containing HITs and IP addresses + * @return zero on success or negative on error + */ int hip_fw_sys_opp_set_peer_hit(const struct hip_common *msg) { int err = 0, state; === modified file 'firewall/sysopp.h' --- firewall/sysopp.h 2010-02-17 17:38:08 +0000 +++ firewall/sysopp.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_FIREWALL_SYSOPP_H #define HIP_FIREWALL_SYSOPP_H === modified file 'firewall/user_ipsec_api.c' --- firewall/user_ipsec_api.c 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_api.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/user_ipsec_api.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * === modified file 'firewall/user_ipsec_api.h' --- firewall/user_ipsec_api.h 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_api.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/user_ipsec_api.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This implementation provides the API for userspace IPsec. * === modified file 'firewall/user_ipsec_esp.c' --- firewall/user_ipsec_esp.c 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_esp.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,9 @@ /** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ +/** * Host Identity Protocol * Copyright (C) 2004-06 the Boeing Company * @@ -12,7 +17,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * @file firewall/user_ipsec_esp.c + * @file * * @author Jeff Ahrenholz <jeffrey.m.ahrenholz@xxxxxxxxxx> * @author Rene Hummen <rene.hummen@xxxxxxxxxxxxxx> (ported to HIPL project and major rewrite) @@ -30,7 +35,7 @@ #include <openssl/hmac.h> #include <openssl/evp.h> #include "user_ipsec_esp.h" -#include "esp_prot_api.h" +#include "firewall/esp_prot_api.h" #include "lib/core/prefix.h" #include "lib/tool/checksum.h" === modified file 'firewall/user_ipsec_esp.h' --- firewall/user_ipsec_esp.h 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_esp.h 2010-03-19 10:00:34 +0000 @@ -1,4 +1,9 @@ /** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ +/** * Host Identity Protocol * Copyright (C) 2004-06 the Boeing Company * @@ -12,7 +17,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * @file firewall/user_ipsec_esp.h + * @file * * @author Jeff Ahrenholz <jeffrey.m.ahrenholz@xxxxxxxxxx> * @author Rene Hummen <rene.hummen@xxxxxxxxxxxxxx> (ported to HIPL project and major rewrite) @@ -26,8 +31,8 @@ #define _BSD_SOURCE -#include "user_ipsec_sadb.h" -#include "firewall_defines.h" +#include "firewall/user_ipsec_sadb.h" +#include "firewall/firewall_defines.h" int hip_beet_mode_output(const hip_fw_context_t *ctx, === modified file 'firewall/user_ipsec_fw_msg.c' --- firewall/user_ipsec_fw_msg.c 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_fw_msg.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/user_ipsec_fw_msg.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/user_ipsec_fw_msg.h' --- firewall/user_ipsec_fw_msg.h 2010-02-17 17:38:08 +0000 +++ firewall/user_ipsec_fw_msg.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/user_ipsec_fw_msg.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Inter-process communication with the hipd for userspace IPsec * === modified file 'firewall/user_ipsec_sadb.c' --- firewall/user_ipsec_sadb.c 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_sadb.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/user_ipsec_sadb.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'firewall/user_ipsec_sadb.h' --- firewall/user_ipsec_sadb.h 2010-03-19 09:53:35 +0000 +++ firewall/user_ipsec_sadb.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/user_ipsec_sadb.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Stores security association for IPsec connections and makes them * accessasible through HITs and (dst IP, spi). === modified file 'hipd/accessor.h' --- hipd/accessor.h 2010-03-19 09:53:35 +0000 +++ hipd/accessor.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_ACCESSOR_H #define HIP_HIPD_ACCESSOR_H === modified file 'hipd/blind.h' --- hipd/blind.h 2010-02-17 17:38:08 +0000 +++ hipd/blind.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_BLIND_H #define HIP_HIPD_BLIND_H === modified file 'hipd/bos.h' --- hipd/bos.h 2010-03-19 09:53:35 +0000 +++ hipd/bos.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_BOS_H #define HIP_HIPD_BOS_H === modified file 'hipd/cert.c' --- hipd/cert.c 2010-03-19 09:24:10 +0000 +++ hipd/cert.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,7 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * This file defines the certificate signing and verification * functions to use with HIP * === modified file 'hipd/cert.h' --- hipd/cert.h 2010-03-19 09:53:35 +0000 +++ hipd/cert.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_CERT_H #define HIP_HIPD_CERT_H === modified file 'hipd/close.h' --- hipd/close.h 2010-03-19 09:53:35 +0000 +++ hipd/close.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_CLOSE_H #define HIP_HIPD_CLOSE_H === modified file 'hipd/cookie.h' --- hipd/cookie.h 2010-03-19 09:53:35 +0000 +++ hipd/cookie.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_COOKIE_H #define HIP_HIPD_COOKIE_H === modified file 'hipd/dh.h' --- hipd/dh.h 2010-03-19 09:24:10 +0000 +++ hipd/dh.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_DH_H #define HIP_HIPD_DH_H === modified file 'hipd/dht.c' --- hipd/dht.c 2010-03-19 09:53:35 +0000 +++ hipd/dht.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file hipd/dht.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Summary on the usage * === modified file 'hipd/dht.h' --- hipd/dht.h 2010-03-19 09:53:35 +0000 +++ hipd/dht.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_DHT_H #define HIP_HIPD_DHT_H === modified file 'hipd/esp_prot_anchordb.c' --- hipd/esp_prot_anchordb.c 2010-03-19 09:53:35 +0000 +++ hipd/esp_prot_anchordb.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_anchordb.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/esp_prot_anchordb.h' --- hipd/esp_prot_anchordb.h 2010-02-17 17:38:08 +0000 +++ hipd/esp_prot_anchordb.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_anchordb.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API to store anchor elements to be used as references to * the hash structures stored in the BEX store of the hipfw. The elements === modified file 'hipd/esp_prot_hipd_msg.c' --- hipd/esp_prot_hipd_msg.c 2010-03-19 09:53:35 +0000 +++ hipd/esp_prot_hipd_msg.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_hipd_msg.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/esp_prot_hipd_msg.h' --- hipd/esp_prot_hipd_msg.h 2010-02-17 17:38:08 +0000 +++ hipd/esp_prot_hipd_msg.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_hipd_msg.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * hipd messages to the hipfw and additional parameters for BEX and * UPDATE messages. === modified file 'hipd/esp_prot_light_update.c' --- hipd/esp_prot_light_update.c 2010-03-19 09:53:35 +0000 +++ hipd/esp_prot_light_update.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file firewall/esp_prot_light_update.h + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/esp_prot_light_update.h' --- hipd/esp_prot_light_update.h 2010-02-17 17:38:08 +0000 +++ hipd/esp_prot_light_update.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_light_update.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Provides messaging functionality required for HHL-based anchor * element updates. === modified file 'hipd/hadb.h' --- hipd/hadb.h 2010-03-19 09:53:35 +0000 +++ hipd/hadb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HADB_H #define HIP_HIPD_HADB_H === modified file 'hipd/hadb_legacy.h' --- hipd/hadb_legacy.h 2010-02-17 17:38:08 +0000 +++ hipd/hadb_legacy.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HADB_LEGACY_H #define HIP_HIPD_HADB_LEGACY_H === modified file 'hipd/heartbeat.c' --- hipd/heartbeat.c 2010-03-03 13:16:18 +0000 +++ hipd/heartbeat.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,30 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * Heartbeat code detects problems with the ESP tunnel. It is based on + * sending ICMPv6 requests inside the tunnel. Each received ICMPv6 + * message indicates that the tunnel is in good "health". Correspondingly, + * when there are no ICMPv6 messages received it may be a good time + * to trigger an UPDATE packet to recover from the disconnectivity. + * + * The heartbeat code keeps also track of the time stamps for the + * ICMPv6 messages. It could be used to implement handovers to switch + * to faster paths or even as an utility for load balancing. At the + * moment, the heartbeat algorithm is rather simple and used just for + * fault tolerance. It should also noticed that the heartbeat code is + * required only at one side of the communications as long as the + * other party supports replying to ICMPv6 echo requests. + * + * @see "Varjonen et al, Secure and Efficient IPv4/IPv6 Handovers Using + * Host-Based Identifier-Locator Split, Journal of Communications + * Software and Systems, 2010". + * + * @author Samu Varjonen + * @author Miika Komu + */ + /* required for s6_addr32 */ #define _BSD_SOURCE @@ -6,6 +33,14 @@ #include "heartbeat.h" #include "maintenance.h" +/** + * an iterator to check and execute handover when ESP tunnel + * is not alive + * + * @param ha the related host association + * @param unused unused + * @return zero on success or negative on failure + */ int hip_handle_update_heartbeat_trigger(hip_ha_t *ha, void *unused) { struct hip_locator_info_addr_item *locators; === modified file 'hipd/heartbeat.h' --- hipd/heartbeat.h 2010-02-17 17:38:08 +0000 +++ hipd/heartbeat.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HEARTBEAT_H #define HIP_HIPD_HEARTBEAT_H === modified file 'hipd/hi3.h' --- hipd/hi3.h 2010-03-19 09:53:35 +0000 +++ hipd/hi3.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HI3_H #define HIP_HIPD_HI3_H === modified file 'hipd/hidb.h' --- hipd/hidb.h 2010-02-17 17:38:08 +0000 +++ hipd/hidb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HIDB #define HIP_HIPD_HIDB === modified file 'hipd/hipd.c' --- hipd/hipd.c 2010-03-19 09:53:35 +0000 +++ hipd/hipd.c 2010-03-19 10:00:34 +0000 @@ -127,9 +127,6 @@ /* Tells to the daemon should it build LOCATOR parameters to R1 and I2 */ int hip_locator_status = SO_HIP_SET_LOCATOR_OFF; -/* It tells the daemon to set tcp timeout parameters. Added By Tao Wan, on 09.Jan.2008 */ -int hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_ON; - /* Create /etc/hip stuff and exit (used for binary hipfw packaging) */ int create_configs_and_exit = 0; === modified file 'hipd/hipd.h' --- hipd/hipd.h 2010-03-19 09:53:35 +0000 +++ hipd/hipd.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_HIPD_H #define HIP_HIPD_HIPD_H === modified file 'hipd/hit_to_ip.c' --- hipd/hit_to_ip.c 2010-03-03 13:16:18 +0000 +++ hipd/hit_to_ip.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file ./hipd/hit_to_ip.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * @brief look for locators in hit-to-ip domain * @brief usually invoked by hip_map_id_to_addr === modified file 'hipd/hit_to_ip.h' --- hipd/hit_to_ip.h 2010-03-03 13:16:18 +0000 +++ hipd/hit_to_ip.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file ./hipd/hit_to_ip.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * @brief look for locators in hit-to-ip domain * @brief usually invoked by hip_map_id_to_addr === modified file 'hipd/init.c' --- hipd/init.c 2010-03-19 09:53:35 +0000 +++ hipd/init.c 2010-03-19 10:00:34 +0000 @@ -678,13 +678,6 @@ HIP_DEBUG("Initializing cert configuration file returned error\n"); } -#if 0 - /* init new tcptimeout parameters, added by Tao Wan on 14.Jan.2008*/ - - HIP_IFEL(set_new_tcptimeout_parameters_value(), -1, - "set new tcptimeout parameters error\n"); -#endif - hitdberr = 0; #ifdef CONFIG_HIP_AGENT hitdberr = hip_init_daemon_hitdb(); @@ -1089,10 +1082,6 @@ /* Close SAs with all peers */ // hip_send_close(NULL); -#if 0 - /*reset TCP timeout to be original vaule , added By Tao Wan on 14.Jan.2008. */ - reset_default_tcptimeout_parameters_value(); -#endif if (hipd_msg) { HIP_FREE(hipd_msg); } === modified file 'hipd/init.h' --- hipd/init.h 2010-03-03 13:16:18 +0000 +++ hipd/init.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_INIT_H #define HIP_HIPD_INIT_H @@ -14,7 +19,6 @@ #include "oppipdb.h" #include "lib/core/debug.h" #include "hiprelay.h" -#include "tcptimeout.h" #include "hadb.h" #include "hi3.h" #include "nsupdate.h" === modified file 'hipd/keymat.h' --- hipd/keymat.h 2010-03-19 09:53:35 +0000 +++ hipd/keymat.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_KEYMAT_H #define HIP_HIPD_KEYMAT_H === modified file 'hipd/maintenance.h' --- hipd/maintenance.h 2010-03-03 13:16:18 +0000 +++ hipd/maintenance.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_MAINTENANCE_H #define HIP_HIPD_MAINTENANCE_H === modified file 'hipd/netdev.c' --- hipd/netdev.c 2010-03-19 09:53:35 +0000 +++ hipd/netdev.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file hipd/netdev.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/netdev.h' --- hipd/netdev.h 2010-03-19 09:53:35 +0000 +++ hipd/netdev.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* * The component provides interface to receive IP address and IF * events over netlink from the kernel. === modified file 'hipd/nsupdate.c' --- hipd/nsupdate.c 2010-03-19 09:53:35 +0000 +++ hipd/nsupdate.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file hipd/nsupdate.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * @brief Update DNS data for the hit-to-ip domain name. * @brief It executes an external perl script for each HIT === modified file 'hipd/nsupdate.h' --- hipd/nsupdate.h 2010-02-17 17:38:08 +0000 +++ hipd/nsupdate.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file ./hipd/nsupdate.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * @brief Update DNS data for the hit-to-ip domain name. * @brief It executes an external perl script for each HIT === modified file 'hipd/oppdb.h' --- hipd/oppdb.h 2010-03-19 09:53:35 +0000 +++ hipd/oppdb.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* * hipd oppdb.h * === modified file 'hipd/output.c' --- hipd/output.c 2010-03-19 09:53:35 +0000 +++ hipd/output.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,8 @@ /* @file - * This file defines handling functions for outgoing packets for the Host + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * This file defines processing of outgoing packets for the Host * Identity Protocol (HIP). * * @author Janne Lundberg @@ -8,7 +11,6 @@ * @author Kristian Slavov * @author Samu Varjonen * @author Rene Hummen - * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. */ /* required for s6_addr32 */ @@ -311,13 +313,31 @@ #endif /* CONFIG_HIP_OPPORTUNISTIC */ /** - * Sends an I1 packet to the peer. Used internally by hip_send_i1 - * Check hip_send_i1 & hip_send_pkt for the parameters. + * Send an I1 packet to the Responder. Used internally by hip_send_i1(). + * + * @param i1 a pointer to a i1 packet common header with source and + * destination HITs. + * @param dst_hit destination HIT (used only for the opportunistic TCP extension) + * @param local_addr a pointer to our IPv6 or IPv4-in-IPv6 format IPv4 address. + * If local_addr is NULL, the packet is sent from all addresses. + * @param peer_addr a pointer to peer IPv6 or IPv4-in-IPv6 format IPv4 address. + * @param src_port not used. + * @param dst_port not used. + * @param entry a pointer to the current host association database state. + * @param retransmit a boolean value indicating if this is a retransmission + * (@b zero if this is @b not a retransmission). + * @return zero on success, or negative error value on error. + * @todo remove the dst_hit parameter? test with the opportunistic TCP extension */ -static int hip_send_i1_pkt(struct hip_common *i1, hip_hit_t *dst_hit, - struct in6_addr *local_addr, struct in6_addr *peer_addr, - in_port_t src_port, in_port_t dst_port, struct hip_common *i1_blind, - hip_ha_t *entry, int retransmit) +static int hip_send_i1_pkt(struct hip_common *i1, + hip_hit_t *dst_hit, + struct in6_addr *local_addr, + struct in6_addr *peer_addr, + in_port_t src_port, + in_port_t dst_port, + struct hip_common *i1_blind, + hip_ha_t *entry, + int retransmit) { int err = 0; @@ -382,10 +402,7 @@ } /** - * Sends an I1 packet to the peer. - * - * Send an I1 packet to the responder if an IPv6 address for the peer - * is known. + * Send an I1 packet to the Responder * * @param src_hit a pointer to source host identity tag. * @param dst_hit a pointer to destination host identity tag. @@ -512,14 +529,14 @@ } /** - * Constructs a new R1 packet payload. + * Construct a new R1 packet payload * * @param src_hit a pointer to the source host identity tag used in the * packet. * @param sign a funtion pointer to a signature funtion. - * @param private_key a pointer to ... - * @param host_id_pub a pointer to ... - * @param cookie a pointer to ... + * @param private_key a pointer to the local host private key + * @param host_id_pub a pointer to the public host id of the local host + * @param cookie_k the difficulty value for the puzzle * @return zero on success, or negative error value on error. */ struct hip_common *hip_create_r1(const struct in6_addr *src_hit, @@ -718,9 +735,9 @@ } /** - * Transmits an R1 packet to the network. + * Transmit an R1 packet to the network. * - * Sends an R1 packet to the peer and stores the cookie information that was + * Send an R1 packet to the peer and store the cookie information that was * sent. The packet is sent either to @c i1_saddr or @c dst_ip depending on the * value of @c dst_ip. If @c dst_ip is all zeroes (::/128) or NULL, R1 is sent * to @c i1_saddr; otherwise it is sent to @c dst_ip. In case the incoming I1 @@ -926,8 +943,9 @@ return err; } -/* Checks if source and destination IP addresses are compatible for sending - * packets between them +/** + * Check if source and destination IP addresses are compatible for sending + * packets between them * * @param src_addr Source address * @param dst_addr Destination address @@ -956,7 +974,7 @@ }; /** - * ... + * Cache a HIP packet for possible retransmission * * @param src_addr a pointer to the packet source address. * @param peer_addr a pointer to the packet destination address. @@ -964,6 +982,7 @@ * destination HITs. * @param entry a pointer to the current host association database state. * @return zero on success, or negative error value on error. + * @note currently the queue length is one and new packets replace old ones */ static int hip_queue_packet(const struct in6_addr *src_addr, const struct in6_addr *peer_addr, const struct hip_common *msg, hip_ha_t *entry) @@ -992,7 +1011,7 @@ } /** - * Sends a HIP message using raw HIP from one source address. Don't use this + * Send a HIP message using raw HIP from one source address. Don't use this * function directly, instead use hip_send_pkt(). It's used by hip_send_raw internally. * * Sends a HIP message to the peer on HIP/IP. This function calculates the @@ -1021,12 +1040,6 @@ * * @see hip_send_udp_from_one_src */ -/** - * Sends a HIP message using raw HIP from one source address. Don't use this - * function directly. It's used by hip_send_raw internally. - * - * @see hip_send_udp - */ static int hip_send_raw_from_one_src(const struct in6_addr *local_addr, const struct in6_addr *peer_addr, const in_port_t src_port, @@ -1249,7 +1262,7 @@ } /** - * Sends a HIP message using User Datagram Protocol (UDP). From one address. + * Send a HIP message using User Datagram Protocol (UDP) from one address. * Don't use this function directly, instead use hip_send_pkt() * * Sends a HIP message to the peer on UDP/IPv4. IPv6 is not supported, because @@ -1297,9 +1310,9 @@ } /** - * Sends a HIP message. + * Send a HIP message. * - * Sends a HIP message to the peer on HIP/IP. This function calculates the + * Sends a HIP message to the peer on HIP/IP. This function also calculates the * HIP packet checksum. * * Used protocol suite is <code>IPv4(HIP)</code> or <code>IPv6(HIP)</code>. @@ -1388,7 +1401,8 @@ }; /** - * This function sends ICMPv6 echo with timestamp to dsthit + * Send a heatbeat request (ICMPv6 echo request) inside ESP tunnel to + * a remote host * * @param socket to send with * @param srchit HIT to send from @@ -1507,6 +1521,7 @@ * Not in use. * @param not_used4 a boolean value indicating if this is a retransmission * (@b zero if this is @b not a retransmission). Not in use. + * @return zero on success or negative on failure * @note There are four parameters not used anywhere. However, these * parameters must exist in the function parameter list * because all the send-functions must have a uniform parameter === modified file 'hipd/pfkeyapi.c' --- hipd/pfkeyapi.c 2010-03-19 09:53:35 +0000 +++ hipd/pfkeyapi.c 2010-03-19 10:00:34 +0000 @@ -1,8 +1,14 @@ -/* - * Implements interfaces used to set IpSec SA/SP through PFKEY API's - * - * Authors: - * - Diego Beltrami <diego.beltrami@xxxxxxxxx> +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * @brief Hipd wrapper interface to access PFKEY APIs + * + * @author Diego Beltrami <diego.beltrami@xxxxxxxxx> + * + * @todo test this! + * @see lib/tool/xfrmapi.c for the wrappers for XFRM API */ /* required for caddr_t */ @@ -13,12 +19,17 @@ #include "pfkeyapi.h" #include "lib/core/hip_udp.h" #include "lib/core/keylen.h" - +#include "lib/tool/pfkeysadb.h" // FIXME: This must be turned to BEET when BEET will be supported by pfkey as well #define HIP_IPSEC_DEFAULT_MODE IPSEC_MODE_BEET -// Given an in6_addr, this function correctly fills in a sock_addr (needs to be already allocated!) +/** + * Given an in6_addr, this function correctly fills in a sock_addr (needs to be already allocated!) + * + * @param s_addr the output argument + * @param addr the input argument + */ static void get_sock_addr_from_in6(struct sockaddr *s_addr, const struct in6_addr *addr) { memset(s_addr, 0, sizeof(struct sockaddr_storage)); @@ -32,6 +43,11 @@ } } +/** + * Flush all IPsec Security Policies + * + * @return zero on success and negative on error + */ int hip_flush_all_policy() { int so, len, err = 0; @@ -48,6 +64,11 @@ return err; } +/** + * Flush all IPsec Security Associations + * + * @return zero on success and negative on error + */ int hip_flush_all_sa() { int so, len, err = 0; @@ -62,8 +83,14 @@ return err; } -/* - * todo: dst_addr is unused in the xfrmapi.h +/** + * delete a Security Association + * + * @param spi the SPI number distinguishing the SA + * @param peer_addr the destination address for the SA (unused) + * @param not_used not used + * @param direction HIP_SPI_DIRECTION_OUT or HIP_SPI_DIRECTION_IN + * @param entry corresponding host association */ void hip_delete_sa(const uint32_t spi, const struct in6_addr *peer_addr, const struct in6_addr *dst_addr, @@ -123,9 +150,26 @@ return spi; } -/* Security associations in the kernel with BEET are bounded to the outer - * address, meaning IP addresses. As a result the parameters to be given - * should be such an addresses and not the HITs. +/** + * Add a Security Association for IPsec ESP + * + * @param saddr outer source address of the SA + * @param daddr outer destination address of the SA + * @param src_hit inner source address of the SA (source HIT) + * @param dst_hit outer destination address of the SA (destination HIT) + * @param spi SPI number for the SA + * @param ealg encryption algorithm for ESP + * @param enckey encryption key for ESP + * @param authkey authentication key for ESP + * @param already_acquired currently unused + * @param direction the direction of the SA (HIP_SPI_DIRECTION_OUT or HIP_SPI_DIRECTION_IN) + * @param update zero if new SA or one if an old SA + * @param entry corresponding host association + * @return zero on success and non-zero on error + * @note IPv4 addresses in IPv6 mapped format + * @note If you make changes to this function, please change also + * hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa() and + * xfrmapi.c:add_sa() */ uint32_t hip_add_sa(const struct in6_addr *saddr, const struct in6_addr *daddr, const struct in6_addr *src_hit, const struct in6_addr *dst_hit, @@ -239,74 +283,21 @@ return err; } -// This function fills in policy0 and policylen0 according to the given parameters -// The full implementation can be found in racoon -// direction IPSEC_DIR_INBOUND | IPSEC_DIR_OUTBOUND -static int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction, - struct sockaddr *src, struct sockaddr *dst, u_int mode, int cmd) -{ - struct sadb_x_policy *xpl; - struct sadb_x_ipsecrequest *xisr; - caddr_t policy, p; - int policylen; - int xisrlen, src_len, dst_len; - - HIP_DEBUG("\n"); - /* get policy buffer size */ - policylen = sizeof(struct sadb_x_policy); - if (cmd != SADB_X_SPDDELETE) { - xisrlen = sizeof(*xisr); - xisrlen += (sysdep_sa_len(src) + sysdep_sa_len(dst)); - policylen += PFKEY_ALIGN8(xisrlen); - } - - /* make policy structure */ - policy = malloc(policylen); - if (!policy) { - HIP_ERROR("Cannot allocate memory for policy\n"); - return -ENOMEM; - } - - xpl = (struct sadb_x_policy *) policy; - xpl->sadb_x_policy_len = PFKEY_UNIT64(policylen); - xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; - xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC; - xpl->sadb_x_policy_dir = direction; - xpl->sadb_x_policy_id = 0; - - //xpl->sadb_x_policy_priority = PRIORITY_DEFAULT; - - if (cmd == SADB_X_SPDDELETE) { - goto end; - } - - xisr = (struct sadb_x_ipsecrequest *) (xpl + 1); - - xisr->sadb_x_ipsecrequest_proto = SADB_SATYPE_ESP; - xisr->sadb_x_ipsecrequest_mode = mode; - xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_REQUIRE; - xisr->sadb_x_ipsecrequest_reqid = 0; - p = (caddr_t) (xisr + 1); - - xisrlen = sizeof(*xisr); - - src_len = sysdep_sa_len(src); - dst_len = sysdep_sa_len(dst); - xisrlen += src_len + dst_len; - - memcpy(p, src, src_len); - p += src_len; - - memcpy(p, dst, dst_len); - p += dst_len; - - xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(xisrlen); -end: - *policy0 = policy; - *policylen0 = policylen; - return 0; -} - +/** + * modify an IPsec policy using PFKEY + * + * @param so the PF_KEY socket + * @param src_hit source HIT + * @param prefs source preferences + * @param dst_hit destination HIT + * @param prefd destination preferences + * @param src_addr source address + * @param dst_addr destination address + * @param proto the protocol + * @param cmd add or del + * @param direction input or output direction + * @return zero on success and non-zero on error + */ static int hip_pfkey_policy_modify(int so, const hip_hit_t *src_hit, u_int prefs, const hip_hit_t *dst_hit, u_int prefd, const struct in6_addr *src_addr, @@ -367,6 +358,19 @@ return err; } +/** + * set up a pair of security policies + * + * @param src_id source HIT + * @param dst_id destination HIT + * @param src_addr source IP address + * @param dst_addr destination IP address + * @param proto protocol for the SP (IPPROTO_ESP) + * @param use_full_prefix one if we should use /128 prefix for HITs + * or zero otherwise + * @param update zero if the the SP is new or one otherwise + * @note IPv4 addresses in IPv6 mapped format + */ int hip_setup_hit_sp_pair(const hip_hit_t *src_hit, const hip_hit_t *dst_hit, const struct in6_addr *src_addr, @@ -400,6 +404,15 @@ return err; } +/** + * delete a pair of Security Policies + * + * @param src_hit source HIT for the SP + * @param dst_hit destination HIT for the SP + * @param proto the protocol (IPPROTO_ESP) + * @param use_full_prefix one if we should use /128 prefix for HITs + * or zero otherwise + */ void hip_delete_hit_sp_pair(const hip_hit_t *src_hit, const hip_hit_t *dst_hit, const uint8_t proto, const int use_full_prefix) { @@ -424,12 +437,22 @@ return; } +/** + * delete the default Security Policy pair that triggers base exchanges + * + */ void hip_delete_default_prefix_sp_pair() { // Currently unused HIP_DEBUG("\n"); } +/** + * add the default security policy pair (based on HIT prefix) that + * triggers all base exchanges + * + * @return zero on success and negative on failure + */ int hip_setup_default_sp_prefix_pair() { // currently this function is not needed === modified file 'hipd/pfkeyapi.h' --- hipd/pfkeyapi.h 2010-03-19 09:53:35 +0000 +++ hipd/pfkeyapi.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_PFKEYAPI_H #define HIP_HIPD_PFKEYAPI_H === modified file 'hipd/pisa.c' --- hipd/pisa.c 2010-02-18 12:26:08 +0000 +++ hipd/pisa.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file hipd/pisa.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/pisa.h' --- hipd/pisa.h 2010-02-18 08:47:40 +0000 +++ hipd/pisa.h 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file hipd/pisa.h + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'hipd/registration.c' --- hipd/registration.c 2010-03-19 09:53:35 +0000 +++ hipd/registration.c 2010-03-19 10:00:34 +0000 @@ -1,11 +1,13 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * * This file defines a registration mechanism for the Host Identity Protocol * (HIP) that allows hosts to register with services. * * @author Lauri Silvennoinen * @note Related RFC: <a href="http://www.rfc-editor.org/rfc/rfc5203.txt";> * Host Identity Protocol (HIP) Registration Extension</a> - * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * @see registration.h * @see hiprelay.h */ @@ -56,7 +58,10 @@ */ hip_ll_t pending_requests; -void hip_init_services() +/** + * initialize services + */ +void hip_init_services(void) { hip_services[0].reg_type = HIP_SERVICE_RENDEZVOUS; hip_services[0].status = HIP_SERVICE_OFF; @@ -78,7 +83,10 @@ hip_ll_init(&pending_requests); } -void hip_uninit_services() +/** + * uninitialize services + */ +void hip_uninit_services(void) { hip_ll_uninit(&pending_requests, free); } @@ -1557,11 +1565,14 @@ return 0; } -// add by santtu from here -/* - * Why is this not named consistelty with other parameterhandlers? Why is it not - * hip_handle_param_reg_from? We have a naming convetion in use... - * -Lauri 22.07.2008 +/** + * process a REG_FROM parameter for HIP relay functionality + * + * @param entry the related host association + * @param msg the control message containing the REG_FROM parameter + * @return zero on success or negative on failure + * + * @todo rename this as hip_handle_param_reg_from() */ int hip_handle_reg_from(hip_ha_t *entry, struct hip_common *msg) { === modified file 'hipd/update.c' --- hipd/update.c 2010-03-19 09:53:35 +0000 +++ hipd/update.c 2010-03-19 10:00:34 +0000 @@ -1,13 +1,11 @@ /** * @file * This file defines various functions for sending, handling and receiving - * UPDATE packets for the Host Identity Protocol (HIP). This file is under - * heavy editing currently. + * UPDATE packets for the Host Identity Protocol (HIP) * - * TODO: Doxygen documentation is missing. Please fix this. + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * * @author Baris Boyvat <baris#boyvat.com> - * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. */ /* requiread for s6_addr32 */ @@ -33,6 +31,13 @@ int update_id_window_size = 50; +/** + * build locators in an UPDATE message + * + * @param locator_msg the message where the LOCATOR should be appended + * @param locators an extra pointer that will point to the LOCATOR + * @return zero on success or negative on failure + */ int hip_create_locators(hip_common_t *locator_msg, struct hip_locator_info_addr_item **locators) { @@ -53,9 +58,21 @@ return err; } -/// @todo : should we implement base draft update with ifindex 0 stuff ?? -/// @todo : Divide this function into more pieces, handle_spi, handle_seq, etc -/// @todo : Remove the uncommented lines? +/** + * construct any UPDATE message based on an incoming UPDATE packet + * + * @param received_update_packet the received UPDATE packet if any + * @param ha the related host association + * @param update_packet_to_send a preallocated message where the UPDATE + * packet will be written + * @param locators the locators of the local host + * @param type the type of the incoming packet + * @return zero on success or negative on failure + * + * @todo : should we implement base draft update with ifindex 0 stuff ?? + * @todo : Divide this function into more pieces, handle_spi, handle_seq, etc + * @todo : Remove the uncommented lines? + */ static int hip_create_update_msg(hip_common_t *received_update_packet, struct hip_hadb_state *ha, hip_common_t *update_packet_to_send, struct hip_locator_info_addr_item *locators, @@ -223,6 +240,15 @@ return err; } +/** + * deliver an UPDATE packet to the network + * + * @param update_packet_to_send the packet to deliver + * @param ha host association + * @param src_addr the source address to use for sending + * @param dst_addr the destination address to use for sending + * @return zero on success or negative on failure + */ static int hip_send_update_pkt(hip_common_t *update_packet_to_send, struct hip_hadb_state *ha, struct in6_addr *src_addr, struct in6_addr *dst_addr) @@ -239,6 +265,15 @@ return err; } +/** + * choose a sensible source address for an UPDATE packet with LOCATOR + * + * @param ha the related host association + * @param src_addr currently unused + * @param dst_addr the destination address + * @param new_src_addr the chosen source address + * @return zero on success or negative on failure + */ static int hip_select_local_addr_for_first_update(const struct hip_hadb_state *ha, const struct in6_addr *src_addr, const struct in6_addr *dst_addr, @@ -299,7 +334,19 @@ return err; } -// Locators should be sent to the whole verified addresses!!! +/** + * a wrapper function to handle any incoming UPDATE packet + * + * @param received_update_packet the received UPDATE packet if any + * @param ha the related host association + * @param src_addr the source address of the received packet + * @param dst_addr the destination address of the received packet + * @param locators the locators of the local host + * @param type the type of the received packet + * @return zero on success or negative on failure + * + * @todo locators should be sent to the whole verified addresses? + */ int hip_send_locators_to_one_peer(hip_common_t *received_update_packet, struct hip_hadb_state *ha, struct in6_addr *src_addr, @@ -386,6 +433,11 @@ return err; } +/** + * publish the locator set of the local host to all peers + * + * @return zero on success or negative on failure + */ int hip_send_locators_to_all_peers() { int err = 0; @@ -432,6 +484,13 @@ return err; } +/** + * verify HMAC and signature from an UPDATE message + * + * @param msg the message to verify + * @param entry the related host association + * @return zero on success or negative on failure + */ static int hip_check_hmac_and_signature(hip_common_t *msg, hip_ha_t *entry) { int err = 0; @@ -458,6 +517,14 @@ return err; } +/** + * process a LOCATOR paramter + * + * @param ha the related host association + * @param src_addr the source address where the locator arrived from + * @param locator the LOCATOR parameter + * @return zero on success or negative on failure + */ static int hip_handle_locator_parameter(hip_ha_t *ha, in6_addr_t *src_addr, const struct hip_locator *locator) { @@ -526,6 +593,14 @@ return err; } +/** + * process the first UPDATE packet (i.e. with a LOCATOR parameter) + * + * @param received_update_packet the UPDATE packet + * @param ha the related host association + * @param src_addr the source address of the UPDATE packet + * @return zero on success or negative on failure + */ static int hip_handle_first_update_packet(hip_common_t *received_update_packet, hip_ha_t *ha, in6_addr_t *src_addr) { @@ -557,6 +632,18 @@ return err; } +/** + * process the second UPDATE packet (i.e. with echo request) + * + * @param received_update_packet the UPDATE packet + * @param ha the related host association + * @param src_addr the source address of the received UPDATE packet + * @param dst_addr the destination address of the received UPDATE packet + * @return zero on success or negative on failure + * + * @todo The word "second" is misleading. There could be actually multiple + * "second" packets for each address to echo request. + */ static void hip_handle_second_update_packet(hip_common_t *received_update_packet, hip_ha_t *ha, in6_addr_t *src_addr, @@ -577,6 +664,18 @@ ipv6_addr_copy(&ha->peer_addr, dst_addr); } +/** + * process the third update (i.e. with echo response) + * + * @param received_update_packet the received UPDATE packet + * @param ha the related host association + * @param src_addr the source address of the received UPDATE packet + * @param dst_addr the destination address of the received UPDATE packet + * @return zero on success or negative on failure + * + * @todo The word "third" is misleading. There could be actually multiple + * "third" packets for each address to echo response. + */ static void hip_handle_third_update_packet(hip_common_t *received_update_packet, hip_ha_t *ha, in6_addr_t *src_addr, @@ -591,31 +690,17 @@ ipv6_addr_copy(&ha->peer_addr, dst_addr); } -static void hip_empty_oppipdb_old(void) -{ -#ifdef CONFIG_HIP_OPPORTUNISTIC - hip_for_each_oppip(hip_oppipdb_del_entry_by_entry, NULL); -#endif - if (hip_firewall_is_alive()) { - int err; - struct hip_common *msg; - - msg = hip_msg_alloc(); - HIP_IFEL(!msg, -1, "msg alloc failed\n"); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_FW_FLUSH_SYS_OPP_HIP, 0), - -1, "build hdr failed\n"); - - err = hip_sendto_firewall(msg); - err = err > 0 ? 0 : -1; - -out_err: - HIP_FREE(msg); - if (err) { - HIP_ERROR("Couldn't flush firewall chains\n"); - } - } -} - +/** + * process any UPDATE packet + * + * @param received_update_packet the received UPDATE packet + * @param src_addr the source address of the received UPDATE packet + * @param dst_addr the destination address of the received UPDATE packet + * @param ha the related host association + * @param sinfo the port numbers of the UDP tunnel (zeroed ports when + * the tunnel is absent) + * @return zero on success or negative on failure + */ int hip_receive_update(hip_common_t *received_update_packet, in6_addr_t *src_addr, in6_addr_t *dst_addr, hip_ha_t *ha, hip_portpair_t *sinfo) { === modified file 'hipd/update_legacy.c' --- hipd/update_legacy.c 2010-02-17 17:38:08 +0000 +++ hipd/update_legacy.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,12 @@ /** + * @file + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * * This file contains legacy functions for mobility that should be rewritten for modularity. * They are still included in the code base due to locator dependencies with DHT and - * base exchange code. + * base exchange code. See bugzilla ids 926 and 927. + * + * @author Baris Boyvat */ /* required for s6_addr32 */ @@ -9,6 +14,13 @@ #include "update_legacy.h" +/** + * build a LOCATOR parameter for an UPDATE packet + * + * @param msg the LOCATOR parameter will be appended to this UPDATE message + * @param spi the SPI number for this UPDATE + * @return zero on success on negative on failure + */ int hip_build_locators_old(struct hip_common *msg, uint32_t spi) { int err = 0, i = 0, count = 0; @@ -17,16 +29,12 @@ hip_list_t *item = NULL, *tmp = NULL; struct hip_locator_info_addr_item *locs = NULL; - //TODO count the number of UDP relay servers. - // check the control state of every hatb_state. - if (address_count == 0) { HIP_DEBUG("Host has only one or no addresses no point " "in building LOCATOR2 parameters\n"); goto out_err; } - //TODO check out the count for UDP and hip raw. addr_max = address_count; HIP_IFEL(!(locs = malloc(addr_max * @@ -70,3 +78,33 @@ return err; } + +/** + * Flush the opportunistic mode blacklist at the firewall. It is required + * when the host moves e.g. from one private address realm to another and + * the IP-address based blacklist becomes unreliable + */ +void hip_empty_oppipdb_old(void) +{ +#ifdef CONFIG_HIP_OPPORTUNISTIC + hip_for_each_oppip(hip_oppipdb_del_entry_by_entry, NULL); +#endif + if (hip_firewall_is_alive()) { + int err; + struct hip_common *msg; + + msg = hip_msg_alloc(); + HIP_IFEL(!msg, -1, "msg alloc failed\n"); + HIP_IFEL(hip_build_user_hdr(msg, HIP_MSG_FW_FLUSH_SYS_OPP_HIP, 0), + -1, "build hdr failed\n"); + + err = hip_sendto_firewall(msg); + err = err > 0 ? 0 : -1; + +out_err: + HIP_FREE(msg); + if (err) { + HIP_ERROR("Couldn't flush firewall chains\n"); + } + } +} === modified file 'hipd/update_legacy.h' --- hipd/update_legacy.h 2010-02-17 13:08:39 +0000 +++ hipd/update_legacy.h 2010-03-19 10:00:34 +0000 @@ -1,16 +1,15 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_HIPD_UPDATE_LEGACY_H #define HIP_HIPD_UPDATE_LEGACY_H #include "update.h" -/** - * Builds udp and raw locator items into locator list to msg - * this is the extension of hip_build_locators in output.c - * type2 locators are collected also - * - * @param msg a pointer to hip_common to append the LOCATORS - * @return len of LOCATOR2 on success, or negative error value on error - */ int hip_build_locators_old(struct hip_common *msg, uint32_t spi); +void hip_empty_oppipdb_old(void); + #endif /* HIP_HIPD_UPDATE_LEGACY_H */ === modified file 'hipd/user.c' --- hipd/user.c 2010-03-19 09:53:35 +0000 +++ hipd/user.c 2010-03-19 10:00:34 +0000 @@ -1,16 +1,26 @@ /** @file - * This file defines a user message handling function for the Host Identity - * Protocol (HIP). - * - * We don't currently have a workqueue. The functionality in this file mostly - * covers catching userspace messages only. + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * + * This file defines a user message (i.e. message from hipconf or hipfw) processing. + * The interface sends a response message back if the sender requested one. See + * lib/core/message.c for the details. + * + * No queue has been implemented for the user message. The interface relies on + * the user socket internal buffers to have enough space for caching. + * + * The user socket listens on an UDP port bound to IPv6 loopback. + * Processing of user messages includes an access control mechanism based on the + * port number. If the sender's port number is below 1024, it is running on + * root privileges and has full access. Ports above 1024 have limited access + * to functionality. * * @author Miika Komu <miika_iki.fi> * @author Kristian Slavov <kslavov_hiit.fi> * @author Bing Zhou <bingzhou_cc.hut.fi> * @author Tao Wan <twan_cc.hut.fi> * @author Rene Hummen - * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * @todo split the gigantic hip_handle_user_msg() into an array of handler functions */ /* required for s6_addr32 */ @@ -25,6 +35,13 @@ #include "lib/core/hip_udp.h" #include "hipd.h" +/** + * send a response message back to the origin + * + * @param msg the message to send + * @param dst the destination of the message + * @return zero on success, or negative error value on error. + */ int hip_sendto_user(const struct hip_common *msg, const struct sockaddr *dst) { HIP_DEBUG("Sending msg type %d\n", hip_get_msg_type(msg)); @@ -39,9 +56,8 @@ * add a case block for your SO_HIP_NEWMODE constant in the * switch(msg_type) block in this function. * @param msg a pointer to the received user message HIP packet. - * @param src + * @param src the origin of the sender * @return zero on success, or negative error value on error. - * @see hip_so. */ int hip_handle_user_msg(hip_common_t *msg, struct sockaddr_in6 *src) { @@ -260,29 +276,6 @@ HIP_IFEL(hip_set_blind_off(), -1, "hip_set_blind_off failed\n"); break; #endif - case SO_HIP_SET_TCPTIMEOUT_ON: - HIP_DEBUG("Setting TCP TIMEOUT ON\n"); - hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_ON; - HIP_DEBUG("hip tcp timeout status = %d (should be %d)\n", - hip_tcptimeout_status, SO_HIP_SET_TCPTIMEOUT_ON); - - /* paramters setting to do here */ - HIP_IFEL(set_new_tcptimeout_parameters_value(), -1, - "set new tcptimeout parameters error\n"); - break; - - case SO_HIP_SET_TCPTIMEOUT_OFF: - HIP_DEBUG("Setting TCP TIMEOUT OFF\n"); - hip_tcptimeout_status = SO_HIP_SET_TCPTIMEOUT_OFF; - HIP_DEBUG("hip tcp timeout status = %d (should be %d)\n", - hip_tcptimeout_status, SO_HIP_SET_TCPTIMEOUT_OFF); - - /* paramters resetting */ - HIP_IFEL(reset_default_tcptimeout_parameters_value(), -1, - "reset tcptimeout parameters to be default error\n"); - - break; - #ifdef CONFIG_HIP_DHT case SO_HIP_DHT_GW: { @@ -1417,20 +1410,3 @@ return err; } - -int hip_handle_netlink_msg(const struct nlmsghdr *msg, int len, void *arg) -{ - int err = 0; - - for (; NLMSG_OK(msg, (uint32_t) len); msg = NLMSG_NEXT(msg, len)) { - switch (msg->nlmsg_type) { - case SO_HIP_ADD_PEER_MAP_HIT_IP: - HIP_DEBUG("add hit-ip map\n"); - break; - default: - HIP_DEBUG("Unexpected msg type: %d\n", msg->nlmsg_type); - break; - } - } - return err; -} === modified file 'hipd/user.h' --- hipd/user.h 2010-02-17 17:38:08 +0000 +++ hipd/user.h 2010-03-19 10:00:34 +0000 @@ -21,7 +21,6 @@ #include "hidb.h" #include "cert.h" #include "hipd.h" -#include "tcptimeout.h" #include "registration.h" #include "esp_prot_hipd_msg.h" #include "user_ipsec_hipd_msg.h" @@ -29,6 +28,4 @@ int hip_sendto_user(const struct hip_common *msg, const struct sockaddr *dst); int hip_handle_user_msg(hip_common_t *msg, struct sockaddr_in6 *src); -int hip_handle_netlink_msg(const struct nlmsghdr *msg, int len, void *arg); - #endif /* HIP_HIPD_USER_H */ === modified file 'hipd/user_ipsec_hipd_msg.c' --- hipd/user_ipsec_hipd_msg.c 2010-03-19 09:53:35 +0000 +++ hipd/user_ipsec_hipd_msg.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file hipd/user_ipsec_hipd_msg.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Messaging required for the userspace IPsec implementation of the hipfw * === modified file 'hipd/user_ipsec_hipd_msg.h' --- hipd/user_ipsec_hipd_msg.h 2010-02-17 17:38:08 +0000 +++ hipd/user_ipsec_hipd_msg.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file hipd/user_ipsec_hipd_msg.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> * * Messaging required for the userspace IPsec implementation of the hipfw * === modified file 'hipd/user_ipsec_sadb_api.c' --- hipd/user_ipsec_sadb_api.c 2010-02-17 17:38:08 +0000 +++ hipd/user_ipsec_sadb_api.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/user_ipsec_sadb_api.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Provides the API used by the hipd to set up and maintain the * userspace IPsec state in the hipfw. === modified file 'hipd/user_ipsec_sadb_api.h' --- hipd/user_ipsec_sadb_api.h 2010-02-17 17:38:08 +0000 +++ hipd/user_ipsec_sadb_api.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/user_ipsec_sadb_api.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Provides the API used by the hipd to set up and maintain the * userspace IPsec state in the hipfw. === modified file 'i3/utils/netwrap.h' --- i3/utils/netwrap.h 2010-02-17 17:38:08 +0000 +++ i3/utils/netwrap.h 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file Generic socket library minimally abstracting from differences between POSIX and Windows networking implementations, and whatever deranged variations may lurk out there. + * @file */ #ifndef __SYSTEM_NETWRAP_H__ #define __SYSTEM_NETWRAP_H__ === modified file 'lib/conf/hipconf.c' --- lib/conf/hipconf.c 2010-03-19 09:53:35 +0000 +++ lib/conf/hipconf.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,4 @@ -/** @file lib/conf/hipconf +/** @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * @@ -81,7 +81,7 @@ #define TYPE_DHT 22 #define TYPE_OPPTCP 23 #define TYPE_ORDER 24 -#define TYPE_TCPTIMEOUT 25 /* add By Tao Wan, on 04.01.2008*/ +/* free slot */ #define TYPE_HIPPROXY 26 #define TYPE_HEARTBEAT 27 #define TYPE_HI3 28 @@ -151,7 +151,6 @@ "locator on|off|get\n" "debug all|medium|none\n" "restart daemon\n" - "set tcptimeout on|off\n" /*added by Tao Wan*/ "transform order <integer> " " (1=AES, 2=3DES, 3=NULL and place them to order\n" " like 213 for the order 3DES, AES and NULL)\n" @@ -516,8 +515,6 @@ ret = ACTION_TRANSORDER; } else if (!strcmp("restart", argv[1])) { ret = ACTION_RESTART; - } else if (!strcmp("tcptimeout", argv[1])) { /*added by Tao Wan, 08.Jan.2008 */ - ret = ACTION_TCPTIMEOUT; } else if (!strcmp("reinit", argv[1])) { ret = ACTION_REINIT; } else if (!strcmp("hi3", argv[1])) { @@ -592,7 +589,6 @@ case ACTION_DEBUG: case ACTION_RESTART: case ACTION_REINIT: - case ACTION_TCPTIMEOUT: case ACTION_NSUPDATE: case ACTION_HIT_TO_IP: case ACTION_HIT_TO_IP_SET: @@ -669,8 +665,6 @@ } } else if (strcmp("locator", argv[1]) == 0) { ret = TYPE_LOCATOR; - } else if (!strcmp("tcptimeout", text)) { - ret = TYPE_TCPTIMEOUT; } else if ((!strcmp("all", text)) && (strcmp("bos", argv[1]) == 0)) { ret = TYPE_BOS; } else if (!strcmp("debug", text)) { @@ -777,7 +771,6 @@ case ACTION_BOS: case ACTION_MHADDR: case ACTION_HANDOVER: - case ACTION_TCPTIMEOUT: case ACTION_TRANSORDER: case ACTION_REINIT: #ifdef CONFIG_HIP_HIPPROXY @@ -2772,42 +2765,6 @@ } /** - * Handles the hipconf commands where the type is @ tcptimeout. Experimental. - * Tries to pimp up TCP using /proc file system to tolerate mobility better. - * - * @param msg a pointer to the buffer where the message for hipd will - * be written. - * @param action the numeric action identifier for the action to be performed. - * @param opt an array of pointers to the command line arguments after - * the action and type. - * @param optc the number of elements in the array (@b 0). - * @return zero on success, or negative error value on error. - */ -static int hip_conf_handle_tcptimeout(struct hip_common *msg, - int action, - const char *opt[], - int optc, - int send_only) -{ - int err = 0, status = 0; - - if (!strcmp("on", opt[0])) { - HIP_INFO("tcptimeout set on\n"); - status = SO_HIP_SET_TCPTIMEOUT_ON; - } else if (!strcmp("off", opt[0])) { - HIP_INFO("tcptimeout set off\n"); - status = SO_HIP_SET_TCPTIMEOUT_OFF; - } else { - HIP_IFEL(1, -1, "bad args\n"); - // err = -1; - } - HIP_IFEL(hip_build_user_hdr(msg, status, 0), -1, "build hdr failed: %s\n", strerror(err)); - -out_err: - return err; -} - -/** * Function that is used to set HIP PROXY on or off * * @param msg input/output message for the query/response for hipd @@ -3290,7 +3247,7 @@ hip_conf_handle_dht_toggle, /* 22: TYPE_DHT */ hip_conf_handle_opptcp, /* 23: TYPE_OPPTCP */ hip_conf_handle_trans_order, /* 24: TYPE_ORDER */ - hip_conf_handle_tcptimeout, /* 25: TYPE_TCPTIMEOUT */ + NULL, hip_conf_handle_hipproxy, /* 26: TYPE_HIPPROXY */ hip_conf_handle_heartbeat, /* 27: TYPE_HEARTBEAT */ hip_conf_handle_hi3, /* 28: TYPE_HI3 */ === modified file 'lib/core/certtools.c' --- lib/core/certtools.c 2010-03-19 09:53:35 +0000 +++ lib/core/certtools.c 2010-03-19 10:00:34 +0000 @@ -1,6 +1,10 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * This file defines the certificate building and verification functions to use with HIP * + * * @author Samu Varjonen */ === modified file 'lib/core/certtools.h' --- lib/core/certtools.h 2010-03-19 09:53:35 +0000 +++ lib/core/certtools.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_CERTTOOLS_H #define HIP_LIB_CORE_CERTTOOLS_H === modified file 'lib/core/common_defines.h' --- lib/core/common_defines.h 2010-02-17 17:38:08 +0000 +++ lib/core/common_defines.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* * common_defines.h * === modified file 'lib/core/crypto.c' --- lib/core/crypto.c 2010-03-19 09:53:35 +0000 +++ lib/core/crypto.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file lib/tool/crypto.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'lib/core/crypto.h' --- lib/core/crypto.h 2010-03-19 09:53:35 +0000 +++ lib/core/crypto.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_CRYPTO_H #define HIP_LIB_CORE_CRYPTO_H === modified file 'lib/core/debug.h' --- lib/core/debug.h 2010-03-19 09:53:35 +0000 +++ lib/core/debug.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_DEBUG_H #define HIP_LIB_CORE_DEBUG_H === modified file 'lib/core/esp_prot_common.h' --- lib/core/esp_prot_common.h 2010-02-17 17:38:08 +0000 +++ lib/core/esp_prot_common.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/esp_prot_common.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for the functionality for the ESP protection in * hipd and hipfw. It also defines necessary TPA parameters used by both === modified file 'lib/core/filemanip.h' --- lib/core/filemanip.h 2010-03-19 09:53:35 +0000 +++ lib/core/filemanip.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_FILEMANIP_H #define HIP_LIB_CORE_FILEMANIP_H === modified file 'lib/core/hashchain.c' --- lib/core/hashchain.c 2010-02-18 14:58:39 +0000 +++ lib/core/hashchain.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashchain.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for a hash chain API * === modified file 'lib/core/hashchain.h' --- lib/core/hashchain.h 2010-02-17 17:38:08 +0000 +++ lib/core/hashchain.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashchain.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for a hash chain API * === modified file 'lib/core/hashchain_store.c' --- lib/core/hashchain_store.c 2010-02-18 14:58:39 +0000 +++ lib/core/hashchain_store.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashchain_store.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Stores a number of pre-created hash structures and supports HHL-based * linking of hash structures in different hierarchy levels. === modified file 'lib/core/hashchain_store.h' --- lib/core/hashchain_store.h 2010-02-17 17:38:08 +0000 +++ lib/core/hashchain_store.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashchain_store.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Stores a number of pre-created hash structures and supports HHL-based * linking of hash structures in different hierarchy levels. === modified file 'lib/core/hashtable.h' --- lib/core/hashtable.h 2010-03-19 09:53:35 +0000 +++ lib/core/hashtable.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #include <stdio.h> #include <string.h> #include <stdlib.h> === modified file 'lib/core/hashtree.c' --- lib/core/hashtree.c 2010-02-18 14:58:39 +0000 +++ lib/core/hashtree.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashtree.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for Hash trees * === modified file 'lib/core/hashtree.h' --- lib/core/hashtree.h 2010-02-17 13:08:39 +0000 +++ lib/core/hashtree.h 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file firewall/hashtree.h + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * API for Hash trees * === modified file 'lib/core/hip_statistics.c' --- lib/core/hip_statistics.c 2010-03-19 09:53:35 +0000 +++ lib/core/hip_statistics.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,4 @@ -/** @file hip_statistics.c +/** @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'lib/core/hip_statistics.h' --- lib/core/hip_statistics.h 2010-03-03 16:51:18 +0000 +++ lib/core/hip_statistics.h 2010-03-19 10:00:34 +0000 @@ -1,4 +1,4 @@ -/** @file hip_statistics.h +/** @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'lib/core/hip_udp.h' --- lib/core/hip_udp.h 2010-03-19 09:53:35 +0000 +++ lib/core/hip_udp.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_HIP_UDP_H #define HIP_LIB_CORE_HIP_UDP_H === modified file 'lib/core/hit.h' --- lib/core/hit.h 2010-03-19 09:53:35 +0000 +++ lib/core/hit.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_HIT_H #define HIP_LIB_CORE_HIT_H === modified file 'lib/core/hostid.h' --- lib/core/hostid.h 2010-03-19 09:53:35 +0000 +++ lib/core/hostid.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_HOSTID_H #define HIP_LIB_CORE_HOSTID_H === modified file 'lib/core/hostsfiles.h' --- lib/core/hostsfiles.h 2010-03-19 09:53:35 +0000 +++ lib/core/hostsfiles.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_HOSTSFILES_H #define HIP_LIB_CORE_HOSTSFILES_H === modified file 'lib/core/icomm.h' --- lib/core/icomm.h 2010-03-19 09:25:52 +0000 +++ lib/core/icomm.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_ICOMM_H #define HIP_LIB_CORE_ICOMM_H === modified file 'lib/core/ife.h' --- lib/core/ife.h 2010-03-19 09:25:52 +0000 +++ lib/core/ife.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_IFE_H #define HIP_LIB_CORE_IFE_H === modified file 'lib/core/keylen.h' --- lib/core/keylen.h 2010-03-19 09:53:35 +0000 +++ lib/core/keylen.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_KEYLEN_H #define HIP_LIB_CORE_KEYLEN_H === modified file 'lib/core/list.h' --- lib/core/list.h 2010-02-17 17:38:08 +0000 +++ lib/core/list.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_LIST_H #define HIP_LIB_CORE_LIST_H === modified file 'lib/core/prefix.h' --- lib/core/prefix.h 2010-03-19 09:53:35 +0000 +++ lib/core/prefix.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_UTILS_H #define HIP_LIB_CORE_UTILS_H === modified file 'lib/core/protodefs.h' --- lib/core/protodefs.h 2010-03-19 09:53:35 +0000 +++ lib/core/protodefs.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /** @file * This file defines a Host Identity Protocol (HIP) header and parameter * related constants and structures. === modified file 'lib/core/solve.h' --- lib/core/solve.h 2010-03-19 09:53:35 +0000 +++ lib/core/solve.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_SOLVE_H #define HIP_LIB_CORE_SOLVE_H === modified file 'lib/core/sqlitedbapi.c' --- lib/core/sqlitedbapi.c 2010-03-19 09:53:35 +0000 +++ lib/core/sqlitedbapi.c 2010-03-19 10:00:34 +0000 @@ -1,8 +1,10 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * This file defines the api for sqlite to use with HIPL. Is compiled only with agent. * * @author Samu Varjonen - * */ #include "config.h" === modified file 'lib/core/sqlitedbapi.h' --- lib/core/sqlitedbapi.h 2010-03-19 09:53:35 +0000 +++ lib/core/sqlitedbapi.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_SQLITEDBAPI_H #define HIP_LIB_CORE_SQLITEDBAPI_H === modified file 'lib/core/straddr.h' --- lib/core/straddr.h 2010-03-19 09:53:35 +0000 +++ lib/core/straddr.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_STRADDR_H #define HIP_LIB_CORE_STRADDR_H === modified file 'lib/core/transform.h' --- lib/core/transform.h 2010-03-19 09:53:35 +0000 +++ lib/core/transform.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_CORE_TRANSFORM_H #define HIP_LIB_CORE_TRANSFORM_H === modified file 'lib/dht/libhipdht.c' --- lib/dht/libhipdht.c 2010-03-19 09:53:35 +0000 +++ lib/dht/libhipdht.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libdht/libhipopendht.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * Functions to use OpenDHT/Bamboo-DHT/OpenLookup-v1/OpenLookup-v2. Supports * put, get, put-rm and rm messages. === modified file 'lib/dht/libhipdht.h' --- lib/dht/libhipdht.h 2010-03-19 09:53:35 +0000 +++ lib/dht/libhipdht.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,10 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + */ + #ifndef HIP_LIB_DHT_LIBHIPDHT_H #define HIP_LIB_DHT_LIBHIPDHT_H === modified file 'lib/dht/libhipdhtxml.c' --- lib/dht/libhipdhtxml.c 2010-03-19 09:53:35 +0000 +++ lib/dht/libhipdhtxml.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,13 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * DHT interface to publish and subscribe hostname-HIT-IP mappings. + * + * @author Samu Varjonen + */ + /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'lib/dht/libhipdhtxml.h' --- lib/dht/libhipdhtxml.h 2010-02-17 17:38:08 +0000 +++ lib/dht/libhipdhtxml.h 2010-03-19 10:00:34 +0000 @@ -4,12 +4,13 @@ /** @file * A header file for libhipopendhtxml.c * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * All xml-rpc message building functions for opendht. * Also contains base 64 encoding and decoding wrappers that should * be moved somewhere else because they are used also in cert stuff. * * @author Samu Varjonen - * @version 0.2 * */ === modified file 'lib/gui/create.c' --- lib/gui/create.c 2010-03-03 13:16:18 +0000 +++ lib/gui/create.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/create.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains the all the needed functions to create the main window and all * the needed dialogs and other widgets for the agent GUI === modified file 'lib/gui/dragndrop.c' --- lib/gui/dragndrop.c 2010-02-17 17:38:08 +0000 +++ lib/gui/dragndrop.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/dragndrop.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains all the necessary signal handlers for the agents drag'n'drop. * === modified file 'lib/gui/events.c' --- lib/gui/events.c 2010-02-17 17:38:08 +0000 +++ lib/gui/events.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/events.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains event handlers for every button etc. in agent GUI excluding * drag'n'drop events that are in libhipgui/dragndrop.c === modified file 'lib/gui/hipgui.c' --- lib/gui/hipgui.c 2010-03-03 13:16:18 +0000 +++ lib/gui/hipgui.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/hipgui.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains functionality that manipulate the content showed * by the GUI also contains the main initialization function for the GUI === modified file 'lib/gui/tools.c' --- lib/gui/tools.c 2010-03-03 13:16:18 +0000 +++ lib/gui/tools.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/tools.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains the all the needed functions to create the main window and all * the needed dialogs and other widgets for the agent GUI === modified file 'lib/gui/widgets.c' --- lib/gui/widgets.c 2010-02-17 17:38:08 +0000 +++ lib/gui/widgets.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,7 @@ /** - * @file libhipgui/widgets.c + * @file * - * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * * This file contains functions to init all the widgets needed for the GUI as * well as the deinitialization of the widget system. Also functions how to set === modified file 'lib/opphip/wrap_db.h' --- lib/opphip/wrap_db.h 2010-02-17 17:38:08 +0000 +++ lib/opphip/wrap_db.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_OPPHIP_WRAP_DB_H #define HIP_LIB_OPPHIP_WRAP_DB_H === modified file 'lib/performance/performance.h' --- lib/performance/performance.h 2010-02-17 17:38:08 +0000 +++ lib/performance/performance.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_LIB_PERFORMANCE_PERFORMANCE_H #define HIP_LIB_PERFORMANCE_PERFORMANCE_H === modified file 'lib/tool/lutil.c' --- lib/tool/lutil.c 2010-03-19 09:53:35 +0000 +++ lib/tool/lutil.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file lib/tool/lutil.c + * @file * * Distributed under * <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> === modified file 'lib/tool/nlink.c' --- lib/tool/nlink.c 2010-03-19 09:53:35 +0000 +++ lib/tool/nlink.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file lib/tool/nlink.c + * @file * * This code originates from <a * href="http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2";>iproute2 === added file 'lib/tool/pfkeysadb.c' --- lib/tool/pfkeysadb.c 1970-01-01 00:00:00 +0000 +++ lib/tool/pfkeysadb.c 2010-03-19 10:00:34 +0000 @@ -0,0 +1,99 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * @brief this file contains IPsec management functionality borrowed from Racoon + */ +/* required for caddr_t */ +#define _BSD_SOURCE + +#include "config.h" + +#include <lib/ipsec/pfkeyv2.h> +#include <linux/ipsec.h> + +#include "config.h" +#include "hipd/pfkeyapi.h" +#include "lib/ipsec/libpfkey.h" +#include "lib/core/hip_udp.h" +#include "lib/core/keylen.h" +#include "lib/core/debug.h" +#include "pfkeysadb.h" + +/** + * This function fills in policy0 and policylen0 according to the given parameters + * The full implementation can be found in racoon. + * + * @param policy0 the IPsec policy + * @param policylen0 length of the policy + * @param direction IPSEC_DIR_INBOUND | IPSEC_DIR_OUTBOUND + * @param src the source address for the policy + * @param dst the destination address for the policy + * @param mode the IPsec mode + * @param cmd add or delete + */ +int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction, + struct sockaddr *src, struct sockaddr *dst, u_int mode, int cmd) +{ + struct sadb_x_policy *xpl; + struct sadb_x_ipsecrequest *xisr; + caddr_t policy, p; + int policylen; + int xisrlen, src_len, dst_len; + + HIP_DEBUG("\n"); + /* get policy buffer size */ + policylen = sizeof(struct sadb_x_policy); + if (cmd != SADB_X_SPDDELETE) { + xisrlen = sizeof(*xisr); + xisrlen += (sysdep_sa_len(src) + sysdep_sa_len(dst)); + policylen += PFKEY_ALIGN8(xisrlen); + } + + /* make policy structure */ + policy = malloc(policylen); + if (!policy) { + HIP_ERROR("Cannot allocate memory for policy\n"); + return -ENOMEM; + } + + xpl = (struct sadb_x_policy *) policy; + xpl->sadb_x_policy_len = PFKEY_UNIT64(policylen); + xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; + xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC; + xpl->sadb_x_policy_dir = direction; + xpl->sadb_x_policy_id = 0; + + //xpl->sadb_x_policy_priority = PRIORITY_DEFAULT; + + if (cmd == SADB_X_SPDDELETE) { + goto end; + } + + xisr = (struct sadb_x_ipsecrequest *) (xpl + 1); + + xisr->sadb_x_ipsecrequest_proto = SADB_SATYPE_ESP; + xisr->sadb_x_ipsecrequest_mode = mode; + xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_REQUIRE; + xisr->sadb_x_ipsecrequest_reqid = 0; + p = (caddr_t) (xisr + 1); + + xisrlen = sizeof(*xisr); + + src_len = sysdep_sa_len(src); + dst_len = sysdep_sa_len(dst); + xisrlen += src_len + dst_len; + + memcpy(p, src, src_len); + p += src_len; + + memcpy(p, dst, dst_len); + p += dst_len; + + xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8(xisrlen); +end: + *policy0 = policy; + *policylen0 = policylen; + return 0; +} === added file 'lib/tool/pfkeysadb.h' --- lib/tool/pfkeysadb.h 1970-01-01 00:00:00 +0000 +++ lib/tool/pfkeysadb.h 2010-03-19 10:00:34 +0000 @@ -0,0 +1,7 @@ +#ifndef HIP_LIB_TOOL_PFKEYSADB_H +#define HIP_LIB_TOOL_PFKEYSADB_H + +int getsadbpolicy(caddr_t *policy0, int *policylen0, int direction, + struct sockaddr *src, struct sockaddr *dst, u_int mode, int cmd); + +#endif /* HIP_LIB_TOOL_PFKEYSADB_H */ === modified file 'lib/tool/pk.c' --- lib/tool/pk.c 2010-03-19 09:53:35 +0000 +++ lib/tool/pk.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file lib/tool/pk.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'lib/tool/xfrmapi.c' --- lib/tool/xfrmapi.c 2010-03-19 09:53:35 +0000 +++ lib/tool/xfrmapi.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file libhiptool/xfrmapi.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * @@ -23,8 +23,6 @@ #include "xfrmapi.h" -#ifndef CONFIG_HIP_PFKEY - #define RTA_BUF_SIZE 2048 /* New OSes have this, but older ones don't */ @@ -786,5 +784,3 @@ out_err: return err; } - -#endif /* ! CONFIG_HIP_PFKEY */ === modified file 'test/auth_performance.c' --- test/auth_performance.c 2010-03-19 09:53:35 +0000 +++ test/auth_performance.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,5 @@ /** - * @file test/auth_performance.c + * @file * * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> * === modified file 'test/certteststub.c' --- test/certteststub.c 2010-03-19 09:53:35 +0000 +++ test/certteststub.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /** @file * A teststub for certtools.c/h * === modified file 'test/conntest-client-hip.c' --- test/conntest-client-hip.c 2010-03-19 09:53:35 +0000 +++ test/conntest-client-hip.c 2010-03-19 10:00:34 +0000 @@ -1,9 +1,18 @@ /** @file - * A test client for testing connection between hosts. Use this in context - * with conntest-server. "gai" stands for "give all information" :D + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * + * A test client for testing connection between hosts very much + * similar to nc and nc6. The main difference is that this client can + * actually handle multihoming properly and supports both IPv4 and + * IPv6 in the same application . Use this in context with + * conntest-server for testing HIP connectivity or non-HIP + * connectivity (see the manual for examples). When testing HIP + * connectivity, you have either have the HITs/LSIs overloaded in + * /etc/hosts file or use the DNS proxy (see the manual). * * @author Lauri Silvennoinen - * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. + * @author Miika Komu <miika@xxxxxx> */ /* required for s6_addr32 */ === modified file 'test/conntest-client-native.c' --- test/conntest-client-native.c 2010-03-19 09:53:35 +0000 +++ test/conntest-client-native.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* * Echo STDIN to a selected server which should echo it back. * Use this application with conntest-server-xx. === modified file 'test/conntest-client-opp.c' --- test/conntest-client-opp.c 2010-03-19 09:53:35 +0000 +++ test/conntest-client-opp.c 2010-03-19 10:00:34 +0000 @@ -1,7 +1,13 @@ -/* - * Echo STDIN to a selected machine via tcp or udp using ipv6. Use this - * with conntest-server. - * +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * Connection testing client similar to conntest-client-hip. When the code + * is configured with --enable-opportunistic, this code is linked to the + * opportunistic mode library and, hence, uses the opportunistic mode. + * + * @author Miika Komu <miika@xxxxxx> */ /* required for s6_addr32 */ @@ -25,6 +31,13 @@ #include "lib/core/ife.h" #include "conntest.h" +/** + * Main function. + * + * @param argc command line argument count. + * @param argv command line arguments. + * @return zero on success or non-zero on failure + */ int main(int argc, char *argv[]) { int socktype, i, err = 0; === modified file 'test/conntest-server.c' --- test/conntest-server.c 2010-03-19 09:53:35 +0000 +++ test/conntest-server.c 2010-03-19 10:00:34 +0000 @@ -1,12 +1,12 @@ -/* - * Get data from client and send it back (echo server). Use this with - * conntest-client. - * - * Bugs: - * - this is a kludge - * - * Todo: - * - rewrite/refactor for better modularity +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * + * An echo server that receives data from network and echoes it back. Use this with + * with conntest-client + * + * @todo rewrite/refactor for better modularity */ /* required for s6_addr32 */ @@ -31,6 +31,11 @@ #include "config.h" #include "conntest.h" +/** + * handle signals + * + * @param signo the signal number + */ static void sig_handler(int signo) { if (signo == SIGTERM) { @@ -41,6 +46,13 @@ } } +/** + * Main function. + * + * @param argc command line argument count. + * @param argv command line arguments. + * @return zero on success or non-zero on failure + */ int main(int argc, char *argv[]) { int port; === modified file 'test/conntest.c' --- test/conntest.c 2010-03-19 09:53:35 +0000 +++ test/conntest.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,13 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl.txt";>GNU/GPL</a> + * + * Utility functionality for conntest-client and conntest-server + * + * @author Miika Komu <miika@xxxxxx> + */ + /* required for s6_addr32 */ #define _BSD_SOURCE @@ -6,13 +16,12 @@ #include "lib/tool/lutil.h" /** - * create_serversocket - given the port and the protocol - * it binds the socket and listen to it + * given the port and the protocol, this function binds the socket and listen to it + * * @param proto type of protocol * @param port the kind of protocol * - * @return the socket id, - * exits on error. + * @return the socket id, exits on error. */ int create_serversocket(int type, in_port_t port) { @@ -80,6 +89,12 @@ return fd; } +/** + * TCP-based server loop + * + * @param serversock the server socket + * @return zero on success or negative on error + */ int main_server_tcp(int serversock) { int peerfd = 0, err = 0; @@ -135,6 +150,12 @@ return err; } +/** + * create an IPv4-based UDP socket + * + * @param local_port the local port for which to bind to + * @return zero on success or negative on failure + */ int create_udp_ipv4_socket(in_port_t local_port) { int ipv4_sock = -1, err = 0, on = 1; @@ -194,6 +215,17 @@ } } +/** + * Send a message over UDP. Notice that this works on a multihoming + * host correctly (in contrast to nc or nc6) + * + * @param sock the socket to use for sending + * @param data the data to send + * @param data_len the length of data in bytes + * @param local_addr the local address to use for sending + * @param peer_addr the peer address to use for sending + * @return zero on success or negative on failure + */ int udp_send_msg(int sock, uint8_t *data, size_t data_len, struct sockaddr *local_addr, struct sockaddr *peer_addr) @@ -267,6 +299,14 @@ return err; } +/** + * UDP-based main loop + * + * @param ipv4_sock the socket to use for IPv6 communications + * @param ipv6_sock the socket to use for IPv4 communications + * @param local_port the local port to which to bind + * @return zero on success or negative on failure + */ int main_server_udp(int ipv4_sock, int ipv6_sock, in_port_t local_port) { /* Use recvmsg/sendmsg instead of recvfrom/sendto because @@ -401,13 +441,12 @@ } /** - * main_server - given the port and the protocol - * it handles the functionality of the responder + * given the port and the protocol this function handles the functionality of the responder + * * @param proto type of protocol * @param port the kind of protocol * - * @return the socket id, - * exits on error. + * @return the socket id, exits on error. */ int main_server(int type, in_port_t port) { === modified file 'test/conntest.h' --- test/conntest.h 2010-03-19 09:53:35 +0000 +++ test/conntest.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_TEST_CONNTEST_H #define HIP_TEST_CONNTEST_H === modified file 'test/cookietest.c' --- test/cookietest.c 2010-03-19 09:53:35 +0000 +++ test/cookietest.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'test/demo/stdinclient.c' --- test/demo/stdinclient.c 2010-02-18 14:06:56 +0000 +++ test/demo/stdinclient.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,7 @@ -/* - * $Id: stdinclient.c,v 1.3 2003/10/03 11:42:05 mika Exp $ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> */ #include <stdio.h> === modified file 'test/demo/stdinserver.c' --- test/demo/stdinserver.c 2010-03-03 13:16:18 +0000 +++ test/demo/stdinserver.c 2010-03-19 10:00:34 +0000 @@ -1,5 +1,7 @@ -/* - * $Id: stdinserver.c,v 1.3 2003/10/03 11:40:19 mika Exp $ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> */ #include <stdio.h> === modified file 'test/dhtteststub.c' --- test/dhtteststub.c 2010-03-19 09:53:35 +0000 +++ test/dhtteststub.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /** @file * Teststub for the DHT interface * === modified file 'test/hadb_deprecated.c' --- test/hadb_deprecated.c 2010-02-10 23:43:06 +0000 +++ test/hadb_deprecated.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* Set the ifindex of given SPI */ /* assumes locked HA */ void hip_hadb_set_spi_ifindex_deprecated(hip_ha_t *entry, === modified file 'test/hadb_old.c' --- test/hadb_old.c 2010-02-10 23:43:06 +0000 +++ test/hadb_old.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ // 17.11.2009: // THIS FILE IS OBSOLETED. // PLEASE DO NOT USE! === modified file 'test/hadb_old.h' --- test/hadb_old.h 2010-02-08 15:18:06 +0000 +++ test/hadb_old.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ // 17.11.2009: // THIS FILE IS OBSOLETED. // PLEASE DO NOT USE! === modified file 'test/hashtest.c' --- test/hashtest.c 2010-03-03 13:16:18 +0000 +++ test/hashtest.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'test/hc_performance.c' --- test/hc_performance.c 2010-03-03 13:16:18 +0000 +++ test/hc_performance.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #include <stdio.h> /* printf & co */ #include <stdlib.h> /* exit & co */ #include <unistd.h> === modified file 'test/keygentest.c' --- test/keygentest.c 2010-03-19 09:53:35 +0000 +++ test/keygentest.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'test/listtest.c' --- test/listtest.c 2010-02-17 17:38:08 +0000 +++ test/listtest.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #include <stdlib.h> #include <sys/queue.h> #include <stdio.h> === modified file 'test/misc_install.c' --- test/misc_install.c 2010-02-17 17:38:08 +0000 +++ test/misc_install.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* required for s6_addr32 */ #define _BSD_SOURCE === modified file 'test/misc_install.h' --- test/misc_install.h 2010-02-17 17:38:08 +0000 +++ test/misc_install.h 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ #ifndef HIP_TEST_MISC_INSTALL_H #define HIP_TEST_MISC_INSTALL_H === modified file 'test/performance/cookiesolver.c' --- test/performance/cookiesolver.c 2010-03-03 13:16:18 +0000 +++ test/performance/cookiesolver.c 2010-03-19 10:00:34 +0000 @@ -1,3 +1,8 @@ +/** + * @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + */ /* $Id: cookiesolver.c,v 1.3 2003/10/14 15:50:31 krisu Exp $ */ #include <stdio.h> === modified file 'test/sqliteteststub.c' --- test/sqliteteststub.c 2010-03-19 09:53:35 +0000 +++ test/sqliteteststub.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,7 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * A teststub for certtools.c/h * * File for testing the main operations of certtools. === modified file 'tools/pisacert.c' --- tools/pisacert.c 2010-03-19 09:53:35 +0000 +++ tools/pisacert.c 2010-03-19 10:00:34 +0000 @@ -1,4 +1,7 @@ /** @file + * + * Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a> + * * Generate a SPKI certificate for use with PISA. * * @author Thomas Jansen <mithi@xxxxxxxxx> === modified file 'verbose-headers.txt' --- verbose-headers.txt 2010-02-01 13:24:34 +0000 +++ verbose-headers.txt 2010-03-19 10:00:34 +0000 @@ -320,18 +320,6 @@ hipd/registration.h : hip_set_srv_max_lifetime hipd/registration.h : hip_set_srv_min_lifetime hipd/registration.h : hip_srv_status_t -hipd/tcptimeout.h : HIP_TCPTIMEOUT -hipd/tcptimeout.h : sysctl_set_command -hipd/tcptimeout.h : SYSCTL_SET_COMMAND -hipd/tcptimeout.h : TCP_RETRIES_1_DEFAULT -hipd/tcptimeout.h : TCP_RETRIES_1_NEW -hipd/tcptimeout.h : TCP_RETRIES_1_STRING -hipd/tcptimeout.h : TCP_RETRIES_2_DEFAULT -hipd/tcptimeout.h : TCP_RETRIES_2_NEW -hipd/tcptimeout.h : TCP_RETRIES_2_STRING -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_DEFAULT -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_NEW -hipd/tcptimeout.h : TCP_SLOW_START_AFTER_IDLE_STRING hipd/user_ipsec_hipd_msg.h : USER_IPSEC_HIPD_MSG_H_ hipd/user_ipsec_sadb_api.h : hip_userspace_ipsec_send_to_fw hipd/user_ipsec_sadb_api.h : USER_IPSEC_SADB_API_H_ @@ -371,7 +359,6 @@ libhipconf/hipconf.h : ACTION_RUN libhipconf/hipconf.h : ACTION_SET libhipconf/hipconf.h : ACTION_SHOTGUN -libhipconf/hipconf.h : ACTION_TCPTIMEOUT libhipconf/hipconf.h : ACTION_TRANSORDER libhipconf/hipconf.h : LIB_LENGTH libhipconf/hipconf.h : OPT_HI_FILE