Committer: Tim Just <tim.just@xxxxxxxxxxxxxx> Date: Thu Feb 11 00:55:24 2010 +0100 Revision: 3591 Revision-id: tim.just@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Branch nick: trunk Log: Reformatted lib/core. Modified: M lib/core/builder.c M lib/core/builder.c.doxyme M lib/core/builder.h M lib/core/builder.h.doxyme M lib/core/certtools.c M lib/core/certtools.c.doxyme M lib/core/certtools.h M lib/core/certtools.h.doxyme M lib/core/common_defines.h M lib/core/common_defines.h.doxyme M lib/core/debug.c M lib/core/debug.c.doxyme M lib/core/debug.h M lib/core/debug.h.doxyme M lib/core/esp_prot_common.c M lib/core/esp_prot_common.h M lib/core/getendpointinfo.c M lib/core/getendpointinfo.c.doxyme M lib/core/getendpointinfo.h M lib/core/getendpointinfo.h.doxyme M lib/core/hashchain.c M lib/core/hashchain.h M lib/core/hashchain_store.c M lib/core/hashchain_store.h M lib/core/hashtable.c M lib/core/hashtable.c.doxyme M lib/core/hashtable.h M lib/core/hashtable.h.doxyme M lib/core/hashtree.c M lib/core/hashtree.h M lib/core/hip_capability.c M lib/core/hip_capability.c.doxyme M lib/core/hip_capability.h M lib/core/hip_capability.h.doxyme M lib/core/hip_statistics.c M lib/core/hip_statistics.c.doxyme M lib/core/hip_statistics.h M lib/core/hip_statistics.h.doxyme M lib/core/icomm.h M lib/core/icomm.h.doxyme M lib/core/ife.h M lib/core/ife.h.doxyme M lib/core/kerncompat.h M lib/core/kerncompat.h.doxyme M lib/core/linkedlist.c M lib/core/linkedlist.c.doxyme M lib/core/linkedlist.h M lib/core/linkedlist.h.doxyme M lib/core/list.h M lib/core/list.h.doxyme M lib/core/message.c M lib/core/message.c.doxyme M lib/core/message.h M lib/core/message.h.doxyme M lib/core/misc.c M lib/core/misc.c.doxyme M lib/core/misc.h M lib/core/misc.h.doxyme M lib/core/protodefs.h M lib/core/protodefs.h.doxyme M lib/core/sqlitedbapi.c M lib/core/sqlitedbapi.c.doxyme M lib/core/sqlitedbapi.h M lib/core/sqlitedbapi.h.doxyme M lib/core/state.h M lib/core/state.h.doxyme M lib/core/utils.c M lib/core/utils.c.doxyme M lib/core/utils.h M lib/core/utils.h.doxyme === modified file 'lib/core/builder.c' --- lib/core/builder.c 2010-02-08 15:18:06 +0000 +++ lib/core/builder.c 2010-02-10 23:55:24 +0000 @@ -62,7 +62,8 @@ #include "hipd/input.h" #include "lib/tool/crypto.h" -#define IN6ADDR_ANY_INIT { { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } } } +/* Not needed, already defined in netinet/in.h */ +/* #define IN6ADDR_ANY_INIT { { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } } } */ #ifdef __KERNEL__ const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; @@ -81,41 +82,42 @@ * - endpoint is not padded */ static void hip_build_endpoint_hdr(struct endpoint_hip *endpoint_hdr, - const char *hostname, - se_hip_flags_t endpoint_flags, - uint8_t host_id_algo, - unsigned int rr_data_len) + const char *hostname, + se_hip_flags_t endpoint_flags, + uint8_t host_id_algo, + unsigned int rr_data_len) { - hip_build_param_host_id_hdr_priv(&endpoint_hdr->id.host_id, - hostname, rr_data_len, host_id_algo); - endpoint_hdr->family = PF_HIP; - endpoint_hdr->length = sizeof(struct endpoint_hip); - endpoint_hdr->flags = endpoint_flags; - endpoint_hdr->algo = host_id_algo; - _HIP_DEBUG("%d %d %d\n", - sizeof(struct endpoint_hip), - hip_get_param_total_len(&endpoint_hdr->id.host_id), - sizeof(struct hip_host_id)); - _HIP_DEBUG("endpoint hdr length: %d\n", endpoint_hdr->length); + hip_build_param_host_id_hdr_priv(&endpoint_hdr->id.host_id, + hostname, rr_data_len, host_id_algo); + endpoint_hdr->family = PF_HIP; + endpoint_hdr->length = sizeof(struct endpoint_hip); + endpoint_hdr->flags = endpoint_flags; + endpoint_hdr->algo = host_id_algo; + _HIP_DEBUG("%d %d %d\n", + sizeof(struct endpoint_hip), + hip_get_param_total_len(&endpoint_hdr->id.host_id), + sizeof(struct hip_host_id)); + _HIP_DEBUG("endpoint hdr length: %d\n", endpoint_hdr->length); } void hip_build_param_host_id_only_priv(struct hip_host_id_priv *host_id, - const void *rr_data, - const char *fqdn) + const void *rr_data, + const char *fqdn) { - unsigned int rr_len = ntohs(host_id->hi_length) - - sizeof(struct hip_host_id_key_rdata); - uint16_t fqdn_len; - - _HIP_DEBUG("hi len: %d\n", ntohs(host_id->hi_length)); - _HIP_DEBUG("Copying %d bytes\n", rr_len); - - memcpy(host_id->key, rr_data, rr_len); - - fqdn_len = ntohs(host_id->di_type_length) & 0x0FFF; - _HIP_DEBUG("fqdn len: %d\n", fqdn_len); - if (fqdn_len) - memcpy(host_id->hostname, fqdn, fqdn_len); + unsigned int rr_len = ntohs(host_id->hi_length) - + sizeof(struct hip_host_id_key_rdata); + uint16_t fqdn_len; + + _HIP_DEBUG("hi len: %d\n", ntohs(host_id->hi_length)); + _HIP_DEBUG("Copying %d bytes\n", rr_len); + + memcpy(host_id->key, rr_data, rr_len); + + fqdn_len = ntohs(host_id->di_type_length) & 0x0FFF; + _HIP_DEBUG("fqdn len: %d\n", fqdn_len); + if (fqdn_len) { + memcpy(host_id->hostname, fqdn, fqdn_len); + } } /* @@ -123,21 +125,21 @@ * - caller is responsible of reserving enough mem for endpoint */ static void hip_build_endpoint(struct endpoint_hip *endpoint, - const struct endpoint_hip *endpoint_hdr, - const char *hostname, - const unsigned char *key_rr, - unsigned int key_rr_len) + const struct endpoint_hip *endpoint_hdr, + const char *hostname, + const unsigned char *key_rr, + unsigned int key_rr_len) { - _HIP_DEBUG("len=%d ep=%d rr=%d hostid=%d\n", - endpoint_hdr->length, - sizeof(struct endpoint_hip), - key_rr_len, - sizeof(struct hip_host_id)); - HIP_ASSERT(endpoint_hdr->length == sizeof(struct endpoint_hip) + - hip_get_param_total_len(&endpoint_hdr->id.host_id) - - sizeof(struct hip_host_id_priv)); - memcpy(endpoint, endpoint_hdr, sizeof(struct endpoint_hip)); - hip_build_param_host_id_only_priv(&endpoint->id.host_id, key_rr, hostname); + _HIP_DEBUG("len=%d ep=%d rr=%d hostid=%d\n", + endpoint_hdr->length, + sizeof(struct endpoint_hip), + key_rr_len, + sizeof(struct hip_host_id)); + HIP_ASSERT(endpoint_hdr->length == sizeof(struct endpoint_hip) + + hip_get_param_total_len(&endpoint_hdr->id.host_id) - + sizeof(struct hip_host_id_priv)); + memcpy(endpoint, endpoint_hdr, sizeof(struct endpoint_hip)); + hip_build_param_host_id_only_priv(&endpoint->id.host_id, key_rr, hostname); } /** @@ -150,9 +152,10 @@ * behaviour. * */ -void hip_msg_init(struct hip_common *msg) { - /* note: this is used both for daemon and network messages */ - memset(msg, 0, HIP_MAX_PACKET); +void hip_msg_init(struct hip_common *msg) +{ + /* note: this is used both for daemon and network messages */ + memset(msg, 0, HIP_MAX_PACKET); } /** @@ -162,12 +165,13 @@ */ struct hip_common *hip_msg_alloc(void) { - struct hip_common *ptr; + struct hip_common *ptr; - ptr = HIP_MALLOC(HIP_MAX_PACKET, GFP_ATOMIC); - if (ptr) - hip_msg_init(ptr); - return ptr; + ptr = HIP_MALLOC(HIP_MAX_PACKET, GFP_ATOMIC); + if (ptr) { + hip_msg_init(ptr); + } + return ptr; } /** @@ -176,7 +180,7 @@ */ void hip_msg_free(struct hip_common *msg) { - HIP_FREE(msg); + HIP_FREE(msg); } /** @@ -186,11 +190,14 @@ * * @return the real size of HIP header in bytes (host byte order) */ -uint16_t hip_convert_msg_total_len_to_bytes(const hip_hdr_len_t len) { - return (len == 0) ? 0 : ((len + 1) << 3); +uint16_t hip_convert_msg_total_len_to_bytes(const hip_hdr_len_t len) +{ + return (len == 0) ? 0 : ((len + 1) << 3); } -uint16_t hip_convert_msg_total_len_to_bytes_16(uint16_t len) { - return (len == 0) ? 0 : ((len + 1) << 3); + +uint16_t hip_convert_msg_total_len_to_bytes_16(uint16_t len) +{ + return (len == 0) ? 0 : ((len + 1) << 3); } /** @@ -199,27 +206,30 @@ * * @return the real, total size of the message in bytes (host byte order). */ -uint16_t hip_get_msg_total_len(const struct hip_common *msg) { - if (msg->ver_res == HIP_USER_VER_RES) { - struct hip_common_user *umsg = (struct hip_common_user *)msg; - return hip_convert_msg_total_len_to_bytes_16(umsg->len); - } else - return hip_convert_msg_total_len_to_bytes(msg->payload_len); +uint16_t hip_get_msg_total_len(const struct hip_common *msg) +{ + if (msg->ver_res == HIP_USER_VER_RES) { + struct hip_common_user *umsg = (struct hip_common_user *) msg; + return hip_convert_msg_total_len_to_bytes_16(umsg->len); + } else { + return hip_convert_msg_total_len_to_bytes(msg->payload_len); + } } - /** * hip_set_msg_total_len - set the total message length in bytes * @param msg pointer to the beginning of the message header * @param len the total size of the message in bytes (host byte order) */ -void hip_set_msg_total_len(struct hip_common *msg, uint16_t len) { - /* assert len % 8 == 0 ? */ - if (msg->ver_res == HIP_USER_VER_RES && len < HIP_MAX_PACKET) { - struct hip_common_user *umsg = (struct hip_common_user *)msg; - umsg->len = (len < 8) ? 0 : ((len >> 3) - 1); - } else - msg->payload_len = (len < 8) ? 0 : ((len >> 3) - 1); +void hip_set_msg_total_len(struct hip_common *msg, uint16_t len) +{ + /* assert len % 8 == 0 ? */ + if (msg->ver_res == HIP_USER_VER_RES && len < HIP_MAX_PACKET) { + struct hip_common_user *umsg = (struct hip_common_user *) msg; + umsg->len = (len < 8) ? 0 : ((len >> 3) - 1); + } else { + msg->payload_len = (len < 8) ? 0 : ((len >> 3) - 1); + } } /** @@ -229,8 +239,9 @@ * @return the type of the message (in host byte order) * */ -hip_hdr_type_t hip_get_msg_type(const struct hip_common *msg) { - return msg->type_hdr; +hip_hdr_type_t hip_get_msg_type(const struct hip_common *msg) +{ + return msg->type_hdr; } /** @@ -239,8 +250,9 @@ * @param type the type of the message (in host byte order) * */ -void hip_set_msg_type(struct hip_common *msg, hip_hdr_type_t type) { - msg->type_hdr = type; +void hip_set_msg_type(struct hip_common *msg, hip_hdr_type_t type) +{ + msg->type_hdr = type; } /** @@ -250,13 +262,14 @@ * @return the error value from the message (in host byte order) * */ -hip_hdr_err_t hip_get_msg_err(const struct hip_common *msg) { - /* Note: error value is stored in checksum field for daemon messages. - This should be fixed later on by defining an own header for - daemon messages. This function should then input void* as - the message argument and cast it to the daemon message header - structure. */ - return msg->checksum; /* 1 byte, no ntohs() */ +hip_hdr_err_t hip_get_msg_err(const struct hip_common *msg) +{ + /* Note: error value is stored in checksum field for daemon messages. + * This should be fixed later on by defining an own header for + * daemon messages. This function should then input void* as + * the message argument and cast it to the daemon message header + * structure. */ + return msg->checksum; /* 1 byte, no ntohs() */ } /** @@ -264,25 +277,28 @@ * @param msg pointer to the beginning of the message header * @param err the error value */ -void hip_set_msg_err(struct hip_common *msg, hip_hdr_err_t err) { - /* note: error value is stored in checksum field for daemon messages */ - msg->checksum = err; +void hip_set_msg_err(struct hip_common *msg, hip_hdr_err_t err) +{ + /* note: error value is stored in checksum field for daemon messages */ + msg->checksum = err; } uint16_t hip_get_msg_checksum(struct hip_common *msg) { - return msg->checksum; /* one byte, no ntohs() */ + return msg->checksum; /* one byte, no ntohs() */ } /** * hip_zero_msg_checksum - zero message checksum */ -void hip_zero_msg_checksum(struct hip_common *msg) { - msg->checksum = 0; /* one byte, no ntohs() */ +void hip_zero_msg_checksum(struct hip_common *msg) +{ + msg->checksum = 0; /* one byte, no ntohs() */ } -void hip_set_msg_checksum(struct hip_common *msg, u8 checksum) { - msg->checksum = checksum; /* one byte, no ntohs() */ +void hip_set_msg_checksum(struct hip_common *msg, u8 checksum) +{ + msg->checksum = checksum; /* one byte, no ntohs() */ } /** @@ -292,10 +308,11 @@ * @return the total length of the parameter in bytes (host byte * order), including the padding. */ -hip_tlv_len_t hip_get_param_total_len(const void *tlv_common) { - return HIP_LEN_PAD(sizeof(struct hip_tlv_common) + - ntohs(((const struct hip_tlv_common *) - tlv_common)->length)); +hip_tlv_len_t hip_get_param_total_len(const void *tlv_common) +{ + return HIP_LEN_PAD(sizeof(struct hip_tlv_common) + + ntohs(((const struct hip_tlv_common *) + tlv_common)->length)); } /** @@ -305,8 +322,9 @@ * @return the length of the parameter in bytes (in host byte order), * excluding padding and the length of "type" and "length" fields */ -hip_tlv_len_t hip_get_param_contents_len(const void *tlv_common) { - return ntohs(((const struct hip_tlv_common *)tlv_common)->length); +hip_tlv_len_t hip_get_param_contents_len(const void *tlv_common) +{ + return ntohs(((const struct hip_tlv_common *) tlv_common)->length); } /** @@ -315,9 +333,10 @@ * @param len the length of the parameter in bytes (in host byte order), * excluding padding and the length of "type" and "length" fields */ -void hip_set_param_contents_len(struct hip_tlv_common*tlv_generic, - hip_tlv_len_t len) { - tlv_generic->length = htons(len); +void hip_set_param_contents_len(struct hip_tlv_common *tlv_generic, + hip_tlv_len_t len) +{ + tlv_generic->length = htons(len); } /** @@ -326,8 +345,9 @@ * @param tlv_common pointer to the parameter * @return the type of the parameter (in host byte order) */ -hip_tlv_type_t hip_get_param_type(const void *tlv_common) { - return ntohs(((const struct hip_tlv_common *)tlv_common)->type); +hip_tlv_type_t hip_get_param_type(const void *tlv_common) +{ + return ntohs(((const struct hip_tlv_common *) tlv_common)->type); } /** @@ -335,8 +355,9 @@ * @param tlv_common pointer to the parameter * @param type type of the parameter (in host byte order) */ -void hip_set_param_type(struct hip_tlv_common *tlv_generic, hip_tlv_type_t type) { - tlv_generic->type = htons(type); +void hip_set_param_type(struct hip_tlv_common *tlv_generic, hip_tlv_type_t type) +{ + tlv_generic->type = htons(type); } /** @@ -347,9 +368,11 @@ */ /* TODO function is unused - can it be deleted? */ #if 0 -static void *hip_get_diffie_hellman_param_public_value_contents(const void *tlv_common) { - return (void *) tlv_common + sizeof(struct hip_diffie_hellman); +static void *hip_get_diffie_hellman_param_public_value_contents(const void *tlv_common) +{ + return (void *) tlv_common + sizeof(struct hip_diffie_hellman); } + #endif /** @@ -361,10 +384,9 @@ */ static hip_tlv_len_t hip_get_diffie_hellman_param_public_value_len(const struct hip_diffie_hellman *dh) { - return hip_get_param_contents_len(dh) - sizeof(uint8_t) - sizeof(uint16_t); + return hip_get_param_contents_len(dh) - sizeof(uint8_t) - sizeof(uint16_t); } - /** * hip_dh_select_key - Selects the stronger DH key according to Moskowitz, R. * et al. "Host Identity Protocol" draft-ietf-hip-base-07.txt, section 5.2.6: @@ -383,47 +405,46 @@ */ struct hip_dh_public_value *hip_dh_select_key(const struct hip_diffie_hellman *dhf) { - struct hip_dh_public_value *dhpv1 = NULL, *dhpv2 = NULL, *err = NULL; - - if ( ntohs(dhf->pub_val.pub_len) == - hip_get_diffie_hellman_param_public_value_len(dhf) ){ - HIP_DEBUG("Single DHF public value received\n"); - return (struct hip_dh_public_value *)&dhf->pub_val.group_id; - } else { - - dhpv1 = (struct hip_dh_public_value *)&dhf->pub_val.group_id; - dhpv2 = (struct hip_dh_public_value *) - (dhf->pub_val.public_value + ntohs(dhf->pub_val.pub_len)); - - HIP_IFEL (hip_get_diffie_hellman_param_public_value_len(dhf) != - ntohs(dhpv1->pub_len) + sizeof(uint8_t) + sizeof(uint16_t) - + ntohs(dhpv2->pub_len), dhpv1, "Malformed DHF parameter\n"); - - HIP_DEBUG("Multiple DHF public values received\n"); - - _HIP_DEBUG("dhpv1->group_id= %d dhpv2->group_id= %d\n", - dhpv1->group_id, dhpv2->group_id); - _HIP_DEBUG("dhpv1->pub_len= %d dhpv2->pub_len= %d\n", - dhpv1->pub_len, dhpv2->pub_len); - _HIP_DEBUG("ntohs(dhpv1->pub_len)= %d ntohs(dhpv2->pub_len)= %d\n", - ntohs(dhpv1->pub_len), ntohs(dhpv2->pub_len)); - - - - /* Selection of a DH key depending on select_dh_key */ - if ( (select_dh_key == STRONGER_KEY && - dhpv1->group_id >= dhpv2->group_id) || - (select_dh_key == WEAKER_KEY && - dhpv1->group_id <= dhpv2->group_id) ) - return dhpv1; - else - return dhpv2; - } - out_err: - return err; + struct hip_dh_public_value *dhpv1 = NULL, *dhpv2 = NULL, *err = NULL; + + if (ntohs(dhf->pub_val.pub_len) == + hip_get_diffie_hellman_param_public_value_len(dhf)) { + HIP_DEBUG("Single DHF public value received\n"); + return (struct hip_dh_public_value *) &dhf->pub_val.group_id; + } else { + dhpv1 = (struct hip_dh_public_value *) &dhf->pub_val.group_id; + dhpv2 = (struct hip_dh_public_value *) + (dhf->pub_val.public_value + ntohs(dhf->pub_val.pub_len)); + + HIP_IFEL(hip_get_diffie_hellman_param_public_value_len(dhf) != + ntohs(dhpv1->pub_len) + sizeof(uint8_t) + sizeof(uint16_t) + + ntohs(dhpv2->pub_len), dhpv1, "Malformed DHF parameter\n"); + + HIP_DEBUG("Multiple DHF public values received\n"); + + _HIP_DEBUG("dhpv1->group_id= %d dhpv2->group_id= %d\n", + dhpv1->group_id, dhpv2->group_id); + _HIP_DEBUG("dhpv1->pub_len= %d dhpv2->pub_len= %d\n", + dhpv1->pub_len, dhpv2->pub_len); + _HIP_DEBUG("ntohs(dhpv1->pub_len)= %d ntohs(dhpv2->pub_len)= %d\n", + ntohs(dhpv1->pub_len), ntohs(dhpv2->pub_len)); + + + + /* Selection of a DH key depending on select_dh_key */ + if ((select_dh_key == STRONGER_KEY && + dhpv1->group_id >= dhpv2->group_id) || + (select_dh_key == WEAKER_KEY && + dhpv1->group_id <= dhpv2->group_id)) { + return dhpv1; + } else { + return dhpv2; + } + } +out_err: + return err; } - #if 0 /** * hip_set_param_spi_value - set the spi value in spi_lsi parameter @@ -433,7 +454,7 @@ */ void hip_set_param_spi_value(struct hip_esp_info *esp_info, uint32_t spi) { - esp_info->spi = htonl(spi); + esp_info->spi = htonl(spi); } /** @@ -444,8 +465,9 @@ */ uint32_t hip_get_param_spi_value(const struct hip_esp_info *esp_info) { - return ntohl(esp_info->spi); + return ntohl(esp_info->spi); } + #endif /** @@ -457,7 +479,7 @@ */ uint16_t hip_get_unit_test_suite_param_id(const struct hip_unit_test *test) { - return ntohs(test->suiteid); + return ntohs(test->suiteid); } /** @@ -469,24 +491,27 @@ */ uint16_t hip_get_unit_test_case_param_id(const struct hip_unit_test *test) { - return ntohs(test->caseid); -} - -uint8_t hip_get_host_id_algo(const struct hip_host_id *host_id) { - return host_id->rdata.algorithm; /* 8 bits, no ntons() */ -} - -struct hip_locator_info_addr_item *hip_get_locator_first_addr_item(const struct hip_locator *locator) { - return (struct hip_locator_info_addr_item *) (locator + 1); -} + return ntohs(test->caseid); +} + +uint8_t hip_get_host_id_algo(const struct hip_host_id *host_id) +{ + return host_id->rdata.algorithm; /* 8 bits, no ntons() */ +} + +struct hip_locator_info_addr_item *hip_get_locator_first_addr_item(const struct hip_locator *locator) +{ + return (struct hip_locator_info_addr_item *) (locator + 1); +} + /* remove by santtu, since the item have type2 -int hip_get_locator_addr_item_count(struct hip_locator *locator) { - return (hip_get_param_contents_len(locator) - - (sizeof(struct hip_locator) - - sizeof(struct hip_tlv_common))) / - sizeof(struct hip_locator_info_addr_item); -} -*/ + * int hip_get_locator_addr_item_count(struct hip_locator *locator) { + * return (hip_get_param_contents_len(locator) - + * (sizeof(struct hip_locator) - + * sizeof(struct hip_tlv_common))) / + * sizeof(struct hip_locator_info_addr_item); + * } + */ #ifndef __KERNEL__ /** @@ -503,26 +528,25 @@ */ int hip_get_lifetime_value(time_t seconds, uint8_t *lifetime) { - /* Check that we get a lifetime value between 1 and 255. The minimum - lifetime according to the registration draft is 0.004 seconds, but - the reverse formula gives zero for that. 15384774.906 seconds is the - maximum value. The boundary checks done here are just curiosities - since services are usually granted for minutes to a couple of days, - but not for milliseconds and days. However, log() gives a range error - if "seconds" is zero. */ - if(seconds == 0) { - *lifetime = 0; - return -1; - }else if(seconds > 15384774) { - *lifetime = 255; - return -1; - }else { - *lifetime = (8 * (log(seconds) / log(2))) + 64; - return 0; - } + /* Check that we get a lifetime value between 1 and 255. The minimum + * lifetime according to the registration draft is 0.004 seconds, but + * the reverse formula gives zero for that. 15384774.906 seconds is the + * maximum value. The boundary checks done here are just curiosities + * since services are usually granted for minutes to a couple of days, + * but not for milliseconds and days. However, log() gives a range error + * if "seconds" is zero. */ + if (seconds == 0) { + *lifetime = 0; + return -1; + } else if (seconds > 15384774) { + *lifetime = 255; + return -1; + } else { + *lifetime = (8 * (log(seconds) / log(2))) + 64; + return 0; + } } - /** * Translates a service life time from a 8-bit integer value to seconds. The * lifetime value is translated to a 8-bit integer value using following @@ -533,20 +557,22 @@ * @return zero on success, -1 on error. Error occurs when @c lifetime * is zero. */ -int hip_get_lifetime_seconds(uint8_t lifetime, time_t *seconds){ - if(lifetime == 0) { - *seconds = 0; - return -1; - } - /* All values between from 1 to 63 give just fractions of a second. */ - else if(lifetime < 64) { - *seconds = 1; - return 0; - } else { - *seconds = pow(2, ((double)((lifetime)-64)/8)); - return 0; - } +int hip_get_lifetime_seconds(uint8_t lifetime, time_t *seconds) +{ + if (lifetime == 0) { + *seconds = 0; + return -1; + } + /* All values between from 1 to 63 give just fractions of a second. */ + else if (lifetime < 64) { + *seconds = 1; + return 0; + } else { + *seconds = pow(2, ((double) ((lifetime) - 64) / 8)); + return 0; + } } + #endif /** * hip_check_user_msg_len - check validity of user message length @@ -555,20 +581,20 @@ * @return 1 if the message length is valid, or 0 if the message length is * invalid */ -int hip_check_user_msg_len(const struct hip_common *msg) { - uint16_t len; - - HIP_ASSERT(msg); - len = hip_get_msg_total_len(msg); - - if (len < sizeof(struct hip_common) || len > HIP_MAX_PACKET) { - return 0; - } else { - return 1; - } +int hip_check_user_msg_len(const struct hip_common *msg) +{ + uint16_t len; + + HIP_ASSERT(msg); + len = hip_get_msg_total_len(msg); + + if (len < sizeof(struct hip_common) || len > HIP_MAX_PACKET) { + return 0; + } else { + return 1; + } } - /** * hip_check_network_msg_len - check validity of network message length * @param msg pointer to the message @@ -578,20 +604,18 @@ */ int hip_check_network_msg_len(const struct hip_common *msg) { - uint16_t len; - - HIP_ASSERT(msg); - len = hip_get_msg_total_len(msg); - - if (len < sizeof(struct hip_common) || len > HIP_MAX_NETWORK_PACKET) { - return 0; - } else { - return 1; - } + uint16_t len; + + HIP_ASSERT(msg); + len = hip_get_msg_total_len(msg); + + if (len < sizeof(struct hip_common) || len > HIP_MAX_NETWORK_PACKET) { + return 0; + } else { + return 1; + } } - - /** * hip_check_network_msg_type - check the type of the network message * @param msg pointer to the message @@ -599,32 +623,33 @@ * @return 1 if the message type is valid, or 0 if the message type is * invalid */ -int hip_check_network_msg_type(const struct hip_common *msg) { - int ok = 0; - hip_hdr_type_t supported[] = - { - HIP_I1, - HIP_R1, - HIP_I2, - HIP_R2, - HIP_UPDATE, - HIP_NOTIFY, - HIP_BOS, - HIP_CLOSE, - HIP_CLOSE_ACK, - HIP_LUPDATE - }; - hip_hdr_type_t i; - hip_hdr_type_t type = hip_get_msg_type(msg); - - for (i = 0; i < sizeof(supported) / sizeof(hip_hdr_type_t); i++) { - if (type == supported[i]) { - ok = 1; - break; - } - } - - return ok; +int hip_check_network_msg_type(const struct hip_common *msg) +{ + int ok = 0; + hip_hdr_type_t supported[] = + { + HIP_I1, + HIP_R1, + HIP_I2, + HIP_R2, + HIP_UPDATE, + HIP_NOTIFY, + HIP_BOS, + HIP_CLOSE, + HIP_CLOSE_ACK, + HIP_LUPDATE + }; + hip_hdr_type_t i; + hip_hdr_type_t type = hip_get_msg_type(msg); + + for (i = 0; i < sizeof(supported) / sizeof(hip_hdr_type_t); i++) { + if (type == supported[i]) { + ok = 1; + break; + } + } + + return ok; } /** @@ -635,7 +660,7 @@ */ int hip_check_userspace_param_type(const struct hip_tlv_common *param) { - return 1; + return 1; } /** @@ -656,83 +681,83 @@ */ int hip_check_network_param_type(const struct hip_tlv_common *param) { - int ok = 0; - hip_tlv_type_t i; - hip_tlv_type_t valid[] = - { - HIP_PARAM_ACK, - HIP_PARAM_BLIND_NONCE, - HIP_PARAM_CERT, - HIP_PARAM_DIFFIE_HELLMAN, - HIP_PARAM_ECHO_REQUEST, - HIP_PARAM_ECHO_REQUEST_SIGN, - HIP_PARAM_ECHO_RESPONSE, - HIP_PARAM_ECHO_RESPONSE_SIGN, - HIP_PARAM_ENCRYPTED, - HIP_PARAM_ESP_INFO, - HIP_PARAM_ESP_INFO, - HIP_PARAM_ESP_TRANSFORM, - HIP_PARAM_FROM, - HIP_PARAM_RELAY_FROM, - //add by santtu - HIP_PARAM_RELAY_HMAC, - //end add - HIP_PARAM_HIP_SIGNATURE, - HIP_PARAM_HIP_SIGNATURE2, - HIP_PARAM_HIP_TRANSFORM, - HIP_PARAM_HMAC, - HIP_PARAM_HMAC, - HIP_PARAM_HMAC2, - HIP_PARAM_RVS_HMAC, - HIP_PARAM_HOST_ID, - HIP_PARAM_LOCATOR, - //add by santtu - HIP_PARAM_NAT_TRANSFORM, - HIP_PARAM_NAT_PACING, - HIP_PARAM_STUN, - //end add - HIP_PARAM_NOTIFICATION, - HIP_PARAM_PUZZLE, - HIP_PARAM_R1_COUNTER, - HIP_PARAM_REG_FAILED, - HIP_PARAM_REG_INFO, - HIP_PARAM_REG_REQUEST, - HIP_PARAM_REG_RESPONSE, - HIP_PARAM_SEQ, - HIP_PARAM_SOLUTION, - HIP_PARAM_VIA_RVS, - HIP_PARAM_RELAY_TO, - //add by santtu - HIP_PARAM_REG_FROM, - //end add - HIP_PARAM_ESP_PROT_TRANSFORMS, - HIP_PARAM_ESP_PROT_ANCHOR, - HIP_PARAM_ESP_PROT_BRANCH, - HIP_PARAM_ESP_PROT_SECRET, - HIP_PARAM_ESP_PROT_ROOT + int ok = 0; + hip_tlv_type_t i; + hip_tlv_type_t valid[] = + { + HIP_PARAM_ACK, + HIP_PARAM_BLIND_NONCE, + HIP_PARAM_CERT, + HIP_PARAM_DIFFIE_HELLMAN, + HIP_PARAM_ECHO_REQUEST, + HIP_PARAM_ECHO_REQUEST_SIGN, + HIP_PARAM_ECHO_RESPONSE, + HIP_PARAM_ECHO_RESPONSE_SIGN, + HIP_PARAM_ENCRYPTED, + HIP_PARAM_ESP_INFO, + HIP_PARAM_ESP_INFO, + HIP_PARAM_ESP_TRANSFORM, + HIP_PARAM_FROM, + HIP_PARAM_RELAY_FROM, + //add by santtu + HIP_PARAM_RELAY_HMAC, + //end add + HIP_PARAM_HIP_SIGNATURE, + HIP_PARAM_HIP_SIGNATURE2, + HIP_PARAM_HIP_TRANSFORM, + HIP_PARAM_HMAC, + HIP_PARAM_HMAC, + HIP_PARAM_HMAC2, + HIP_PARAM_RVS_HMAC, + HIP_PARAM_HOST_ID, + HIP_PARAM_LOCATOR, + //add by santtu + HIP_PARAM_NAT_TRANSFORM, + HIP_PARAM_NAT_PACING, + HIP_PARAM_STUN, + //end add + HIP_PARAM_NOTIFICATION, + HIP_PARAM_PUZZLE, + HIP_PARAM_R1_COUNTER, + HIP_PARAM_REG_FAILED, + HIP_PARAM_REG_INFO, + HIP_PARAM_REG_REQUEST, + HIP_PARAM_REG_RESPONSE, + HIP_PARAM_SEQ, + HIP_PARAM_SOLUTION, + HIP_PARAM_VIA_RVS, + HIP_PARAM_RELAY_TO, + //add by santtu + HIP_PARAM_REG_FROM, + //end add + HIP_PARAM_ESP_PROT_TRANSFORMS, + HIP_PARAM_ESP_PROT_ANCHOR, + HIP_PARAM_ESP_PROT_BRANCH, + HIP_PARAM_ESP_PROT_SECRET, + HIP_PARAM_ESP_PROT_ROOT #ifdef CONFIG_HIP_MIDAUTH - ,HIP_PARAM_ECHO_REQUEST_M, - HIP_PARAM_ECHO_RESPONSE_M, - HIP_PARAM_CHALLENGE_REQUEST, - HIP_PARAM_CHALLENGE_RESPONSE + , HIP_PARAM_ECHO_REQUEST_M, + HIP_PARAM_ECHO_RESPONSE_M, + HIP_PARAM_CHALLENGE_REQUEST, + HIP_PARAM_CHALLENGE_RESPONSE #endif - }; - hip_tlv_type_t type = hip_get_param_type(param); - - /** @todo check the lengths of the parameters */ - - for (i = 0; i < ARRAY_SIZE(valid); i++) { - if (!(type & 0x0001)) { - _HIP_DEBUG("Optional param, skip\n"); - ok = 1; - break; - } else if (type == valid[i]) { - ok = 1; - break; - } - } - - return ok; + }; + hip_tlv_type_t type = hip_get_param_type(param); + + /** @todo check the lengths of the parameters */ + + for (i = 0; i < ARRAY_SIZE(valid); i++) { + if (!(type & 0x0001)) { + _HIP_DEBUG("Optional param, skip\n"); + ok = 1; + break; + } else if (type == valid[i]) { + ok = 1; + break; + } + } + + return ok; } /** @@ -748,27 +773,28 @@ * message). Zero is returned on invalid contents length. */ int hip_check_param_contents_len(const struct hip_common *msg, - const struct hip_tlv_common *param) { - int ok = 0; - int param_len = hip_get_param_total_len(param); - void *pos = (void *) param; - - /* Note: the lower limit is not checked, because there really is no - lower limit. */ - - if (pos == ((void *)msg)) { - HIP_ERROR("not a parameter\n"); - } else if (pos + param_len > ((void *) msg) + HIP_MAX_PACKET) { - HIP_DEBUG("param far too long (%d)\n", param_len); - } else if (param_len > hip_get_msg_total_len(msg)) { - HIP_DEBUG("param too long (%d) msg_len %d\n", param_len, - hip_get_msg_total_len(msg)); - } else { - _HIP_DEBUG("param length ok (%d) msg_len %d\n", param_len, - hip_get_msg_total_len(msg)); - ok = 1; - } - return ok; + const struct hip_tlv_common *param) +{ + int ok = 0; + int param_len = hip_get_param_total_len(param); + void *pos = (void *) param; + + /* Note: the lower limit is not checked, because there really is no + * lower limit. */ + + if (pos == ((void *) msg)) { + HIP_ERROR("not a parameter\n"); + } else if (pos + param_len > ((void *) msg) + HIP_MAX_PACKET) { + HIP_DEBUG("param far too long (%d)\n", param_len); + } else if (param_len > hip_get_msg_total_len(msg)) { + HIP_DEBUG("param too long (%d) msg_len %d\n", param_len, + hip_get_msg_total_len(msg)); + } else { + _HIP_DEBUG("param length ok (%d) msg_len %d\n", param_len, + hip_get_msg_total_len(msg)); + ok = 1; + } + return ok; } /** @@ -781,48 +807,47 @@ * NULL if no parameters were found. */ struct hip_tlv_common *hip_get_next_param(const struct hip_common *msg, - const struct hip_tlv_common *current_param) + const struct hip_tlv_common *current_param) { - struct hip_tlv_common *next_param = NULL; - void *pos = (void *) current_param; - - if (!msg) { - HIP_ERROR("msg null\n"); - goto out; - } - - if (current_param == NULL) { - pos = (void *) msg; - } - - if (pos == msg) - pos += sizeof(struct hip_common); - else - pos += hip_get_param_total_len(current_param); - - next_param = (struct hip_tlv_common *) pos; - - /* check that the next parameter does not point - a) outside of the message - b) out of the buffer with check_param_contents_len() - c) to an empty slot in the message */ - if (((char *) next_param) - ((char *) msg) >= - hip_get_msg_total_len(msg) || /* a */ - !hip_check_param_contents_len(msg, next_param) || /* b */ - hip_get_param_contents_len(next_param) == 0) { /* c */ - _HIP_DEBUG("no more parameters found\n"); - next_param = NULL; - } else { - /* next parameter successfully found */ - _HIP_DEBUG("next param: type=%d, len=%d\n", - hip_get_param_type(next_param), - hip_get_param_contents_len(next_param)); - } - - out: - return next_param; - - + struct hip_tlv_common *next_param = NULL; + void *pos = (void *) current_param; + + if (!msg) { + HIP_ERROR("msg null\n"); + goto out; + } + + if (current_param == NULL) { + pos = (void *) msg; + } + + if (pos == msg) { + pos += sizeof(struct hip_common); + } else { + pos += hip_get_param_total_len(current_param); + } + + next_param = (struct hip_tlv_common *) pos; + + /* check that the next parameter does not point + * a) outside of the message + * b) out of the buffer with check_param_contents_len() + * c) to an empty slot in the message */ + if (((char *) next_param) - ((char *) msg) >= + hip_get_msg_total_len(msg) || /* a */ + !hip_check_param_contents_len(msg, next_param) || /* b */ + hip_get_param_contents_len(next_param) == 0) { /* c */ + _HIP_DEBUG("no more parameters found\n"); + next_param = NULL; + } else { + /* next parameter successfully found */ + _HIP_DEBUG("next param: type=%d, len=%d\n", + hip_get_param_type(next_param), + hip_get_param_contents_len(next_param)); + } + +out: + return next_param; } /** @@ -831,7 +856,7 @@ * If there are multiple parameters of the same type, one should use * hip_get_next_param() after calling this function to iterate through * them all. - + * * @param msg a pointer to the beginning of the message header. * @param param_type the type of the parameter to be searched from msg * (in host byte order) @@ -841,25 +866,25 @@ */ void *hip_get_param(const struct hip_common *msg, hip_tlv_type_t param_type) { - void *matched = NULL; - struct hip_tlv_common *current_param = NULL; - - _HIP_DEBUG("searching for type %d\n", param_type); - - /** @todo Optimize: stop when next parameter's type is greater than the - searched one. */ - - while((current_param = hip_get_next_param(msg, current_param)) - != NULL) { - _HIP_DEBUG("current param %d\n", - hip_get_param_type(current_param)); - if (hip_get_param_type(current_param) == param_type) { - matched = current_param; - break; - } - } - - return matched; + void *matched = NULL; + struct hip_tlv_common *current_param = NULL; + + _HIP_DEBUG("searching for type %d\n", param_type); + + /** @todo Optimize: stop when next parameter's type is greater than the + * searched one. */ + + while ((current_param = hip_get_next_param(msg, current_param)) + != NULL) { + _HIP_DEBUG("current param %d\n", + hip_get_param_type(current_param)); + if (hip_get_param_type(current_param) == param_type) { + matched = current_param; + break; + } + } + + return matched; } /** @@ -875,13 +900,13 @@ * @c param_type were found. */ void *hip_get_param_contents(const struct hip_common *msg, - hip_tlv_type_t param_type) + hip_tlv_type_t param_type) { - - void *contents = hip_get_param(msg,param_type); - if (contents) - contents += sizeof(struct hip_tlv_common); - return contents; + void *contents = hip_get_param(msg, param_type); + if (contents) { + contents += sizeof(struct hip_tlv_common); + } + return contents; } /** @@ -893,10 +918,9 @@ */ void *hip_get_param_contents_direct(const void *tlv_common) { - return ((void *)tlv_common) + sizeof(struct hip_tlv_common); + return ((void *) tlv_common) + sizeof(struct hip_tlv_common); } - /* hip_get_nth_param - get nth parameter of given type from the message * @param msg pointer to the beginning of the message header * @param param_type the type of the parameter to be searched from msg @@ -906,24 +930,25 @@ * @return the nth parameter from the message if found, else %NULL. */ void *hip_get_nth_param(const struct hip_common *msg, - hip_tlv_type_t param_type, int n) + hip_tlv_type_t param_type, int n) { - struct hip_tlv_common *param = NULL; - int i = 0; - - if (n < 1) { - HIP_ERROR("n < 1 (n=%d)\n", n); - return NULL; - } - - while((param = hip_get_next_param(msg, param))) { - if (hip_get_param_type(param) == param_type) { - i++; - if (i == n) - return param; - } - } - return NULL; + struct hip_tlv_common *param = NULL; + int i = 0; + + if (n < 1) { + HIP_ERROR("n < 1 (n=%d)\n", n); + return NULL; + } + + while ((param = hip_get_next_param(msg, param))) { + if (hip_get_param_type(param) == param_type) { + i++; + if (i == n) { + return param; + } + } + } + return NULL; } /** @@ -943,47 +968,46 @@ */ static void *hip_find_free_param(const struct hip_common *msg) { - struct hip_tlv_common *current_param = NULL; - struct hip_tlv_common *last_used_pos = NULL; - void *free_pos = NULL; - void *first_pos = ((void *) msg) + sizeof(struct hip_common); - - /* Check for no parameters: this has to be checked separately because - we cannot tell from the return value of get_next_param() whether - the message was completely full or there just were no parameters. - The length is used for checking the existance of parameter, because - type field may be zero (SPI_LSI = 0) and therefore it cannot be - used for checking the existance. */ - if (hip_get_param_contents_len((struct hip_tlv_common *) first_pos) - == 0) { - _HIP_DEBUG("no parameters\n"); - free_pos = first_pos; - goto out; - } - - while((current_param = hip_get_next_param(msg, current_param)) - != NULL) { - last_used_pos = current_param; - _HIP_DEBUG("not free: type=%d, contents_len=%d\n", - hip_get_param_type(current_param), - hip_get_param_contents_len(current_param)); - } - - if (last_used_pos == NULL) { - free_pos = NULL; /* the message was full */ - } else { - free_pos = ((void *) last_used_pos) + - hip_get_param_total_len(last_used_pos); - } - - out: - return free_pos; + struct hip_tlv_common *current_param = NULL; + struct hip_tlv_common *last_used_pos = NULL; + void *free_pos = NULL; + void *first_pos = ((void *) msg) + sizeof(struct hip_common); + + /* Check for no parameters: this has to be checked separately because + * we cannot tell from the return value of get_next_param() whether + * the message was completely full or there just were no parameters. + * The length is used for checking the existance of parameter, because + * type field may be zero (SPI_LSI = 0) and therefore it cannot be + * used for checking the existance. */ + if (hip_get_param_contents_len((struct hip_tlv_common *) first_pos) + == 0) { + _HIP_DEBUG("no parameters\n"); + free_pos = first_pos; + goto out; + } + + while ((current_param = hip_get_next_param(msg, current_param)) + != NULL) { + last_used_pos = current_param; + _HIP_DEBUG("not free: type=%d, contents_len=%d\n", + hip_get_param_type(current_param), + hip_get_param_contents_len(current_param)); + } + + if (last_used_pos == NULL) { + free_pos = NULL; /* the message was full */ + } else { + free_pos = ((void *) last_used_pos) + + hip_get_param_total_len(last_used_pos); + } + +out: + return free_pos; } - /** * @brief Updates messsage header length - * + * * This function is called always when a parameter has been added or the * daemon/network header was written. This function writes the new * header length directly into the message. @@ -992,43 +1016,43 @@ */ void hip_calc_hdr_len(struct hip_common *msg) { - struct hip_tlv_common *param = NULL; - void *pos = (void *) msg; - - /* We cannot call get_next() or get_free() because they need a valid - header length which is to be (possibly) calculated now. So, the - header length must be calculated manually here. */ - - if (hip_get_msg_total_len(msg) == 0) { - /* msg len is zero when - 1) calling build_param() for the first time - 2) calling just the build_hdr() without building - any parameters, e.g. in plain error messages */ - _HIP_DEBUG("case 1,2\n"); - hip_set_msg_total_len(msg, sizeof(struct hip_common)); - } else { - /* 3) do nothing, build_param()+ */ - /* 4) do nothing, build_param()+ and build_hdr() */ - _HIP_DEBUG("case 3,4\n"); - } - - pos += hip_get_msg_total_len(msg); - param = (struct hip_tlv_common *) pos; - if (hip_get_param_contents_len(param) != 0) { - /* Case 1 and 3: a new parameter (with a valid length) has - been added and the message length has not been updated. */ - _HIP_DEBUG("case 1,3\n"); - hip_set_msg_total_len(msg, hip_get_msg_total_len(msg) + - hip_get_param_total_len(param)); - /* XX assert: new pos must be of type 0 (assume only one - header has been added) */ - } else { - /* case 2 and 4: the message length does not need to be - updated */ - _HIP_DEBUG("case 2,4\n"); - } - - _HIP_DEBUG("msg len %d\n", hip_get_msg_total_len(msg)); + struct hip_tlv_common *param = NULL; + void *pos = (void *) msg; + + /* We cannot call get_next() or get_free() because they need a valid + * header length which is to be (possibly) calculated now. So, the + * header length must be calculated manually here. */ + + if (hip_get_msg_total_len(msg) == 0) { + /* msg len is zero when + * 1) calling build_param() for the first time + * 2) calling just the build_hdr() without building + * any parameters, e.g. in plain error messages */ + _HIP_DEBUG("case 1,2\n"); + hip_set_msg_total_len(msg, sizeof(struct hip_common)); + } else { + /* 3) do nothing, build_param()+ */ + /* 4) do nothing, build_param()+ and build_hdr() */ + _HIP_DEBUG("case 3,4\n"); + } + + pos += hip_get_msg_total_len(msg); + param = (struct hip_tlv_common *) pos; + if (hip_get_param_contents_len(param) != 0) { + /* Case 1 and 3: a new parameter (with a valid length) has + * been added and the message length has not been updated. */ + _HIP_DEBUG("case 1,3\n"); + hip_set_msg_total_len(msg, hip_get_msg_total_len(msg) + + hip_get_param_total_len(param)); + /* XX assert: new pos must be of type 0 (assume only one + * header has been added) */ + } else { + /* case 2 and 4: the message length does not need to be + * updated */ + _HIP_DEBUG("case 2,4\n"); + } + + _HIP_DEBUG("msg len %d\n", hip_get_msg_total_len(msg)); } /** @@ -1047,12 +1071,12 @@ * (in host byte order) */ void hip_calc_generic_param_len(struct hip_tlv_common *tlv_common, - hip_tlv_len_t tlv_size, - hip_tlv_len_t contents_size) + hip_tlv_len_t tlv_size, + hip_tlv_len_t contents_size) { - hip_set_param_contents_len(tlv_common, - tlv_size + contents_size - - sizeof(struct hip_tlv_common)); + hip_set_param_contents_len(tlv_common, + tlv_size + contents_size - + sizeof(struct hip_tlv_common)); } /** @@ -1066,10 +1090,11 @@ * it assumes that the length of the header of the TLV is just * sizeof(struct hip_tlv_common). */ -void hip_calc_param_len(struct hip_tlv_common * tlv_common, hip_tlv_len_t contents_size) +void hip_calc_param_len(struct hip_tlv_common *tlv_common, hip_tlv_len_t contents_size) { - hip_calc_generic_param_len(tlv_common, sizeof(struct hip_tlv_common), - contents_size); + hip_calc_generic_param_len(tlv_common, + sizeof(struct hip_tlv_common), + contents_size); } /** @@ -1081,44 +1106,43 @@ */ void hip_dump_msg(const struct hip_common *msg) { - struct hip_tlv_common *current_param = NULL; - void *contents = NULL; - /* The value of the "Length"-field in current parameter. */ - hip_tlv_len_t len = 0; - /* Total length of the parameter (type+length+value+padding), and the - length of padding. */ - size_t total_len = 0, pad_len = 0; - HIP_DEBUG("--------------- MSG START ------------------\n"); - - HIP_DEBUG("Msg type : %s (%d)\n", - hip_message_type_name(hip_get_msg_type(msg)), - hip_get_msg_type(msg)); - HIP_DEBUG("Msg length: %d\n", hip_get_msg_total_len(msg)); - HIP_DEBUG("Msg err: %d\n", hip_get_msg_err(msg)); - HIP_DEBUG("Msg controls: 0x%04x\n", msg->control); - - _HIP_DEBUG_HIT("Msg hits: ", &msg->hits ); - _HIP_DEBUG_HIT("Msg hitr: ", &msg->hitr ); - - while((current_param = hip_get_next_param(msg, current_param)) != NULL) - { - len = hip_get_param_contents_len(current_param); - /* Formula from base draft section 5.2.1. */ - total_len = 11 + len - (len +3) % 8; - pad_len = total_len - len - sizeof(hip_tlv_type_t) - - sizeof(hip_tlv_len_t); - contents = hip_get_param_contents_direct(current_param); - HIP_DEBUG("Parameter type:%s (%d). Total length: %d (4 type+"\ - "length, %d content, %d padding).\n", - hip_param_type_name(hip_get_param_type(current_param)), - hip_get_param_type(current_param), - total_len, - len, - pad_len); - HIP_HEXDUMP("Contents:", contents, len); - HIP_HEXDUMP("Padding:", contents + len , pad_len); - } - HIP_DEBUG("---------------- MSG END --------------------\n"); + struct hip_tlv_common *current_param = NULL; + void *contents = NULL; + /* The value of the "Length"-field in current parameter. */ + hip_tlv_len_t len = 0; + /* Total length of the parameter (type+length+value+padding), and the + * length of padding. */ + size_t total_len = 0, pad_len = 0; + HIP_DEBUG("--------------- MSG START ------------------\n"); + + HIP_DEBUG("Msg type : %s (%d)\n", + hip_message_type_name(hip_get_msg_type(msg)), + hip_get_msg_type(msg)); + HIP_DEBUG("Msg length: %d\n", hip_get_msg_total_len(msg)); + HIP_DEBUG("Msg err: %d\n", hip_get_msg_err(msg)); + HIP_DEBUG("Msg controls: 0x%04x\n", msg->control); + + _HIP_DEBUG_HIT("Msg hits: ", &msg->hits ); + _HIP_DEBUG_HIT("Msg hitr: ", &msg->hitr ); + + while ((current_param = hip_get_next_param(msg, current_param)) != NULL) { + len = hip_get_param_contents_len(current_param); + /* Formula from base draft section 5.2.1. */ + total_len = 11 + len - (len + 3) % 8; + pad_len = total_len - len - sizeof(hip_tlv_type_t) + - sizeof(hip_tlv_len_t); + contents = hip_get_param_contents_direct(current_param); + HIP_DEBUG("Parameter type:%s (%d). Total length: %d (4 type+" \ + "length, %d content, %d padding).\n", + hip_param_type_name(hip_get_param_type(current_param)), + hip_get_param_type(current_param), + total_len, + len, + pad_len); + HIP_HEXDUMP("Contents:", contents, len); + HIP_HEXDUMP("Padding:", contents + len, pad_len); + } + HIP_DEBUG("---------------- MSG END --------------------\n"); } /** @@ -1131,117 +1155,118 @@ * @param msg_type message type number * @return name of the message type **/ -char* hip_message_type_name(const uint8_t msg_type){ - switch (msg_type) { - case HIP_I1: return "HIP_I1"; - case HIP_R1: return "HIP_R1"; - case HIP_I2: return "HIP_I2"; - case HIP_R2: return "HIP_R2"; - case HIP_UPDATE: return "HIP_UPDATE"; - case HIP_NOTIFY: return "HIP_NOTIFY"; - case HIP_CLOSE: return "HIP_CLOSE"; - case HIP_CLOSE_ACK: return "HIP_CLOSE_ACK"; - case HIP_CER: return "HIP_CER"; - case HIP_PAYLOAD: return "HIP_PAYLOAD"; - case HIP_PSIG: return "HIP_PSIG"; - case HIP_TRIG: return "HIP_TRIG"; +char *hip_message_type_name(const uint8_t msg_type) +{ + switch (msg_type) { + case HIP_I1: return "HIP_I1"; + case HIP_R1: return "HIP_R1"; + case HIP_I2: return "HIP_I2"; + case HIP_R2: return "HIP_R2"; + case HIP_UPDATE: return "HIP_UPDATE"; + case HIP_NOTIFY: return "HIP_NOTIFY"; + case HIP_CLOSE: return "HIP_CLOSE"; + case HIP_CLOSE_ACK: return "HIP_CLOSE_ACK"; + case HIP_CER: return "HIP_CER"; + case HIP_PAYLOAD: return "HIP_PAYLOAD"; + case HIP_PSIG: return "HIP_PSIG"; + case HIP_TRIG: return "HIP_TRIG"; - case SO_HIP_ADD_LOCAL_HI: return "SO_HIP_ADD_LOCAL_HI"; - case SO_HIP_DEL_LOCAL_HI: return "SO_HIP_DEL_LOCAL_HI"; - case SO_HIP_RUN_UNIT_TEST: return "SO_HIP_RUN_UNIT_TEST"; - case SO_HIP_RST: return "SO_HIP_RST"; - case SO_HIP_UNIT_TEST: return "SO_HIP_UNIT_TEST"; - case SO_HIP_BOS: return "SO_HIP_BOS"; - case SO_HIP_NETLINK_DUMMY: return "SO_HIP_NETLINK_DUMMY"; - case SO_HIP_CONF_PUZZLE_NEW: return "SO_HIP_CONF_PUZZLE_NEW"; - case SO_HIP_CONF_PUZZLE_GET: return "SO_HIP_CONF_PUZZLE_GET"; - case SO_HIP_CONF_PUZZLE_SET: return "SO_HIP_CONF_PUZZLE_SET"; - case SO_HIP_CONF_PUZZLE_INC: return "SO_HIP_CONF_PUZZLE_INC"; - case SO_HIP_CONF_PUZZLE_DEC: return "SO_HIP_CONF_PUZZLE_DEC"; - case SO_HIP_SET_OPPORTUNISTIC_MODE: return "SO_HIP_SET_OPPORTUNISTIC_MODE"; - case SO_HIP_SET_BLIND_ON: return "SO_HIP_SET_BLIND_ON"; - case SO_HIP_SET_BLIND_OFF: return "SO_HIP_SET_BLIND_OFF"; - case SO_HIP_DHT_GW: return "SO_HIP_DHT_GW"; - case SO_HIP_SET_DEBUG_ALL: return "SO_HIP_SET_DEBUG_ALL"; - case SO_HIP_SET_DEBUG_MEDIUM: return "SO_HIP_SET_DEBUG_MEDIUM"; - case SO_HIP_SET_DEBUG_NONE: return "SO_HIP_SET_DEBUG_NONE"; - case SO_HIP_MHADDR_ACTIVE: return "SO_HIP_MHADDR_ACTIVE"; - case SO_HIP_MHADDR_LAZY: return "SO_HIP_MHADDR_LAZY"; - case SO_HIP_RESTART: return "SO_HIP_RESTART"; - case SO_HIP_SET_LOCATOR_ON: return "SO_HIP_SET_LOCATOR_ON"; - case SO_HIP_SET_LOCATOR_OFF: return "SO_HIP_SET_LOCATOR_OFF"; - case SO_HIP_DHT_SET: return "SO_HIP_DHT_SET"; - case SO_HIP_DHT_ON: return "SO_HIP_DHT_ON"; - case SO_HIP_DHT_OFF: return "SO_HIP_DHT_OFF"; - case SO_HIP_HIT_TO_IP_ON: return "SO_HIP_HIT_TO_IP_ON"; - case SO_HIP_HIT_TO_IP_OFF: return "SO_HIP_HIT_TO_IP_OFF"; - case SO_HIP_HIT_TO_IP_SET: return "SO_HIP_HIT_TO_IP_SET"; - case SO_HIP_SET_OPPTCP_ON: return "SO_HIP_SET_OPPTCP_ON"; - case SO_HIP_SET_OPPTCP_OFF: return "SO_HIP_SET_OPPTCP_OFF"; - case SO_HIP_OPPTCP_SEND_TCP_PACKET: return "SO_HIP_OPPTCP_SEND_TCP_PACKET"; - case SO_HIP_TRANSFORM_ORDER: return "SO_HIP_TRANSFORM_ORDER"; - case SO_HIP_OFFER_RVS: return "SO_HIP_OFFER_RVS"; - case SO_HIP_CANCEL_RVS: return "SO_HIP_CANCEL_RVS"; - case SO_HIP_REINIT_RVS: return "SO_HIP_REINIT_RVS"; - case SO_HIP_ADD_DEL_SERVER: return "SO_HIP_ADD_DEL_SERVER"; - case SO_HIP_OFFER_HIPRELAY: return "SO_HIP_OFFER_HIPRELAY"; - case SO_HIP_CANCEL_HIPRELAY: return "SO_HIP_CANCEL_HIPRELAY"; - case SO_HIP_REINIT_RELAY: return "SO_HIP_REINIT_RELAY"; - case SO_HIP_ADD_DB_HI: return "SO_HIP_ADD_DB_HI"; - case SO_HIP_FIREWALL_PING: return "SO_HIP_FIREWALL_PING"; - case SO_HIP_FIREWALL_PING_REPLY: return "SO_HIP_FIREWALL_PING_REPLY"; - case SO_HIP_FIREWALL_QUIT: return "SO_HIP_FIREWALL_QUIT"; - case SO_HIP_AGENT_PING: return "SO_HIP_AGENT_PING"; - case SO_HIP_AGENT_PING_REPLY: return "SO_HIP_AGENT_PING_REPLY"; - case SO_HIP_AGENT_QUIT: return "SO_HIP_AGENT_QUIT"; - case SO_HIP_DAEMON_QUIT: return "SO_HIP_DAEMON_QUIT"; - case SO_HIP_I1_REJECT: return "SO_HIP_I1_REJECT"; - case SO_HIP_SET_NAT_PLAIN_UDP: return "SO_HIP_SET_NAT_PLAIN_UDP"; - case SO_HIP_SET_NAT_NONE: return "SO_HIP_SET_NAT_NONE"; - case SO_HIP_SET_HIPPROXY_ON: return "SO_HIP_SET_HIPPROXY_ON"; - case SO_HIP_SET_HIPPROXY_OFF: return "SO_HIP_SET_HIPPROXY_OFF"; - case SO_HIP_GET_PROXY_LOCAL_ADDRESS: return "SO_HIP_GET_PROXY_LOCAL_ADDRESS"; - case SO_HIP_HIPPROXY_STATUS_REQUEST: return "SO_HIP_HIPPROXY_STATUS_REQUEST"; - case SO_HIP_OPPTCP_UNBLOCK_AND_BLACKLIST: return "SO_HIP_OPPTCP_UNBLOCK_AND_BLACKLIST"; - case SO_HIP_FW_BEX_DONE: return "SO_HIP_FW_BEX_DONE"; - case SO_HIP_SET_TCPTIMEOUT_ON: return "SO_HIP_SET_TCPTIMEOUT_ON"; - case SO_HIP_SET_TCPTIMEOUT_OFF: return "SO_HIP_SET_TCPTIMEOUT_OFF"; - case SO_HIP_SET_NAT_ICE_UDP: return "SO_HIP_SET_NAT_ICE_UDP"; - case SO_HIP_IPSEC_ADD_SA: return "SO_HIP_IPSEC_ADD_SA"; - case SO_HIP_USERSPACE_IPSEC: return "SO_HIP_USERSPACE_IPSEC"; - case SO_HIP_ESP_PROT_TFM: return "SO_HIP_ESP_PROT_TFM"; - case SO_HIP_BEX_STORE_UPDATE: return "SO_HIP_BEX_STORE_UPDATE"; - case SO_HIP_TRIGGER_UPDATE: return "SO_HIP_TRIGGER_UPDATE"; - case SO_HIP_ANCHOR_CHANGE: return "SO_HIP_ANCHOR_CHANGE"; - case SO_HIP_TRIGGER_BEX: return "SO_HIP_TRIGGER_BEX"; - //case SO_HIP_IS_OUR_LSI: return "SO_HIP_IS_OUR_LSI"; - case SO_HIP_GET_PEER_HIT: return "SO_HIP_GET_PEER_HIT"; - case SO_HIP_REGISTER_SAVAHR: return "SO_HIP_REGISTER_SAVAHR"; - case SO_HIP_GET_SAVAHR_IN_KEYS: return "SO_HIP_GET_SAVAHR_IN_KEYS"; - case SO_HIP_GET_SAVAHR_OUT_KEYS: return "SO_HIP_GET_SAVAHR_OUT_KEYS"; - //case SO_HIP_GET_PEER_HIT_BY_LSIS: return "SO_HIP_GET_PEER_HIT_BY_LSIS"; - case SO_HIP_NSUPDATE_ON: return "SO_HIP_NSUPDATE_ON"; - case SO_HIP_NSUPDATE_OFF: return "SO_HIP_NSUPDATE_OFF"; - case SO_HIP_SET_HI3_ON: return "SO_HIP_SET_HI3_ON"; - case SO_HIP_SET_HI3_OFF: return "SO_HIP_SET_HI3_OFF"; - case SO_HIP_HEARTBEAT: return "SO_HIP_HEARTBEAT"; - case SO_HIP_DHT_SERVING_GW: return "SO_HIP_DHT_SERVING_GW"; - case SO_HIP_SET_NAT_PORT: return "SO_HIP_SET_NAT_PORT"; - case SO_HIP_SHOTGUN_ON: return "SO_HIP_SHOTGUN_ON"; - case SO_HIP_SHOTGUN_OFF: return "SO_HIP_SHOTGUN_OFF"; - case SO_HIP_SIGN_BUDDY_X509V3: return "SO_HIP_SIGN_BUDDY_X509V3"; - case SO_HIP_SIGN_BUDDY_SPKI: return "SO_HIP_SIGN_BUDDY_SPKI"; - case SO_HIP_VERIFY_BUDDY_X509V3: return "SO_HIP_VERIFY_BUDDY_X509V3"; - case SO_HIP_VERIFY_BUDDY_SPKI: return "SO_HIP_VERIFY_BUDDY_SPKI"; - case SO_HIP_MAP_ID_TO_ADDR: return "SO_HIP_MAP_ID_TO_ADDR"; - case SO_HIP_OFFER_FULLRELAY: return "SO_HIP_OFFER_FULLRELAY"; - case SO_HIP_CANCEL_FULLRELAY: return "SO_HIP_CANCEL_FULLRELAY"; - case SO_HIP_REINIT_FULLRELAY: return "SO_HIP_REINIT_FULLRELAY"; - case SO_HIP_FIREWALL_START: return "SO_HIP_FIREWALL_START"; - case SO_HIP_MANUAL_UPDATE_PACKET: return "SO_HIP_MANUAL_UPDATE_PACKET"; - default: - return "UNDEFINED"; - } + case SO_HIP_ADD_LOCAL_HI: return "SO_HIP_ADD_LOCAL_HI"; + case SO_HIP_DEL_LOCAL_HI: return "SO_HIP_DEL_LOCAL_HI"; + case SO_HIP_RUN_UNIT_TEST: return "SO_HIP_RUN_UNIT_TEST"; + case SO_HIP_RST: return "SO_HIP_RST"; + case SO_HIP_UNIT_TEST: return "SO_HIP_UNIT_TEST"; + case SO_HIP_BOS: return "SO_HIP_BOS"; + case SO_HIP_NETLINK_DUMMY: return "SO_HIP_NETLINK_DUMMY"; + case SO_HIP_CONF_PUZZLE_NEW: return "SO_HIP_CONF_PUZZLE_NEW"; + case SO_HIP_CONF_PUZZLE_GET: return "SO_HIP_CONF_PUZZLE_GET"; + case SO_HIP_CONF_PUZZLE_SET: return "SO_HIP_CONF_PUZZLE_SET"; + case SO_HIP_CONF_PUZZLE_INC: return "SO_HIP_CONF_PUZZLE_INC"; + case SO_HIP_CONF_PUZZLE_DEC: return "SO_HIP_CONF_PUZZLE_DEC"; + case SO_HIP_SET_OPPORTUNISTIC_MODE: return "SO_HIP_SET_OPPORTUNISTIC_MODE"; + case SO_HIP_SET_BLIND_ON: return "SO_HIP_SET_BLIND_ON"; + case SO_HIP_SET_BLIND_OFF: return "SO_HIP_SET_BLIND_OFF"; + case SO_HIP_DHT_GW: return "SO_HIP_DHT_GW"; + case SO_HIP_SET_DEBUG_ALL: return "SO_HIP_SET_DEBUG_ALL"; + case SO_HIP_SET_DEBUG_MEDIUM: return "SO_HIP_SET_DEBUG_MEDIUM"; + case SO_HIP_SET_DEBUG_NONE: return "SO_HIP_SET_DEBUG_NONE"; + case SO_HIP_MHADDR_ACTIVE: return "SO_HIP_MHADDR_ACTIVE"; + case SO_HIP_MHADDR_LAZY: return "SO_HIP_MHADDR_LAZY"; + case SO_HIP_RESTART: return "SO_HIP_RESTART"; + case SO_HIP_SET_LOCATOR_ON: return "SO_HIP_SET_LOCATOR_ON"; + case SO_HIP_SET_LOCATOR_OFF: return "SO_HIP_SET_LOCATOR_OFF"; + case SO_HIP_DHT_SET: return "SO_HIP_DHT_SET"; + case SO_HIP_DHT_ON: return "SO_HIP_DHT_ON"; + case SO_HIP_DHT_OFF: return "SO_HIP_DHT_OFF"; + case SO_HIP_HIT_TO_IP_ON: return "SO_HIP_HIT_TO_IP_ON"; + case SO_HIP_HIT_TO_IP_OFF: return "SO_HIP_HIT_TO_IP_OFF"; + case SO_HIP_HIT_TO_IP_SET: return "SO_HIP_HIT_TO_IP_SET"; + case SO_HIP_SET_OPPTCP_ON: return "SO_HIP_SET_OPPTCP_ON"; + case SO_HIP_SET_OPPTCP_OFF: return "SO_HIP_SET_OPPTCP_OFF"; + case SO_HIP_OPPTCP_SEND_TCP_PACKET: return "SO_HIP_OPPTCP_SEND_TCP_PACKET"; + case SO_HIP_TRANSFORM_ORDER: return "SO_HIP_TRANSFORM_ORDER"; + case SO_HIP_OFFER_RVS: return "SO_HIP_OFFER_RVS"; + case SO_HIP_CANCEL_RVS: return "SO_HIP_CANCEL_RVS"; + case SO_HIP_REINIT_RVS: return "SO_HIP_REINIT_RVS"; + case SO_HIP_ADD_DEL_SERVER: return "SO_HIP_ADD_DEL_SERVER"; + case SO_HIP_OFFER_HIPRELAY: return "SO_HIP_OFFER_HIPRELAY"; + case SO_HIP_CANCEL_HIPRELAY: return "SO_HIP_CANCEL_HIPRELAY"; + case SO_HIP_REINIT_RELAY: return "SO_HIP_REINIT_RELAY"; + case SO_HIP_ADD_DB_HI: return "SO_HIP_ADD_DB_HI"; + case SO_HIP_FIREWALL_PING: return "SO_HIP_FIREWALL_PING"; + case SO_HIP_FIREWALL_PING_REPLY: return "SO_HIP_FIREWALL_PING_REPLY"; + case SO_HIP_FIREWALL_QUIT: return "SO_HIP_FIREWALL_QUIT"; + case SO_HIP_AGENT_PING: return "SO_HIP_AGENT_PING"; + case SO_HIP_AGENT_PING_REPLY: return "SO_HIP_AGENT_PING_REPLY"; + case SO_HIP_AGENT_QUIT: return "SO_HIP_AGENT_QUIT"; + case SO_HIP_DAEMON_QUIT: return "SO_HIP_DAEMON_QUIT"; + case SO_HIP_I1_REJECT: return "SO_HIP_I1_REJECT"; + case SO_HIP_SET_NAT_PLAIN_UDP: return "SO_HIP_SET_NAT_PLAIN_UDP"; + case SO_HIP_SET_NAT_NONE: return "SO_HIP_SET_NAT_NONE"; + case SO_HIP_SET_HIPPROXY_ON: return "SO_HIP_SET_HIPPROXY_ON"; + case SO_HIP_SET_HIPPROXY_OFF: return "SO_HIP_SET_HIPPROXY_OFF"; + case SO_HIP_GET_PROXY_LOCAL_ADDRESS: return "SO_HIP_GET_PROXY_LOCAL_ADDRESS"; + case SO_HIP_HIPPROXY_STATUS_REQUEST: return "SO_HIP_HIPPROXY_STATUS_REQUEST"; + case SO_HIP_OPPTCP_UNBLOCK_AND_BLACKLIST: return "SO_HIP_OPPTCP_UNBLOCK_AND_BLACKLIST"; + case SO_HIP_FW_BEX_DONE: return "SO_HIP_FW_BEX_DONE"; + case SO_HIP_SET_TCPTIMEOUT_ON: return "SO_HIP_SET_TCPTIMEOUT_ON"; + case SO_HIP_SET_TCPTIMEOUT_OFF: return "SO_HIP_SET_TCPTIMEOUT_OFF"; + case SO_HIP_SET_NAT_ICE_UDP: return "SO_HIP_SET_NAT_ICE_UDP"; + case SO_HIP_IPSEC_ADD_SA: return "SO_HIP_IPSEC_ADD_SA"; + case SO_HIP_USERSPACE_IPSEC: return "SO_HIP_USERSPACE_IPSEC"; + case SO_HIP_ESP_PROT_TFM: return "SO_HIP_ESP_PROT_TFM"; + case SO_HIP_BEX_STORE_UPDATE: return "SO_HIP_BEX_STORE_UPDATE"; + case SO_HIP_TRIGGER_UPDATE: return "SO_HIP_TRIGGER_UPDATE"; + case SO_HIP_ANCHOR_CHANGE: return "SO_HIP_ANCHOR_CHANGE"; + case SO_HIP_TRIGGER_BEX: return "SO_HIP_TRIGGER_BEX"; + //case SO_HIP_IS_OUR_LSI: return "SO_HIP_IS_OUR_LSI"; + case SO_HIP_GET_PEER_HIT: return "SO_HIP_GET_PEER_HIT"; + case SO_HIP_REGISTER_SAVAHR: return "SO_HIP_REGISTER_SAVAHR"; + case SO_HIP_GET_SAVAHR_IN_KEYS: return "SO_HIP_GET_SAVAHR_IN_KEYS"; + case SO_HIP_GET_SAVAHR_OUT_KEYS: return "SO_HIP_GET_SAVAHR_OUT_KEYS"; + //case SO_HIP_GET_PEER_HIT_BY_LSIS: return "SO_HIP_GET_PEER_HIT_BY_LSIS"; + case SO_HIP_NSUPDATE_ON: return "SO_HIP_NSUPDATE_ON"; + case SO_HIP_NSUPDATE_OFF: return "SO_HIP_NSUPDATE_OFF"; + case SO_HIP_SET_HI3_ON: return "SO_HIP_SET_HI3_ON"; + case SO_HIP_SET_HI3_OFF: return "SO_HIP_SET_HI3_OFF"; + case SO_HIP_HEARTBEAT: return "SO_HIP_HEARTBEAT"; + case SO_HIP_DHT_SERVING_GW: return "SO_HIP_DHT_SERVING_GW"; + case SO_HIP_SET_NAT_PORT: return "SO_HIP_SET_NAT_PORT"; + case SO_HIP_SHOTGUN_ON: return "SO_HIP_SHOTGUN_ON"; + case SO_HIP_SHOTGUN_OFF: return "SO_HIP_SHOTGUN_OFF"; + case SO_HIP_SIGN_BUDDY_X509V3: return "SO_HIP_SIGN_BUDDY_X509V3"; + case SO_HIP_SIGN_BUDDY_SPKI: return "SO_HIP_SIGN_BUDDY_SPKI"; + case SO_HIP_VERIFY_BUDDY_X509V3: return "SO_HIP_VERIFY_BUDDY_X509V3"; + case SO_HIP_VERIFY_BUDDY_SPKI: return "SO_HIP_VERIFY_BUDDY_SPKI"; + case SO_HIP_MAP_ID_TO_ADDR: return "SO_HIP_MAP_ID_TO_ADDR"; + case SO_HIP_OFFER_FULLRELAY: return "SO_HIP_OFFER_FULLRELAY"; + case SO_HIP_CANCEL_FULLRELAY: return "SO_HIP_CANCEL_FULLRELAY"; + case SO_HIP_REINIT_FULLRELAY: return "SO_HIP_REINIT_FULLRELAY"; + case SO_HIP_FIREWALL_START: return "SO_HIP_FIREWALL_START"; + case SO_HIP_MANUAL_UPDATE_PACKET: return "SO_HIP_MANUAL_UPDATE_PACKET"; + default: + return "UNDEFINED"; + } } /** @@ -1250,95 +1275,96 @@ * @param param_type parameter type number * @return name of the message type **/ -char* hip_param_type_name(const hip_tlv_type_t param_type){ - switch (param_type) { - case HIP_PARAM_ACK: return "HIP_PARAM_ACK"; - case HIP_PARAM_AGENT_REJECT: return "HIP_PARAM_AGENT_REJECT"; - case HIP_PARAM_BLIND_NONCE: return "HIP_PARAM_BLIND_NONCE"; - case HIP_PARAM_CERT: return "HIP_PARAM_CERT"; - case HIP_PARAM_DH_SHARED_KEY: return "HIP_PARAM_DH_SHARED_KEY"; - case HIP_PARAM_DIFFIE_HELLMAN: return "HIP_PARAM_DIFFIE_HELLMAN"; - case HIP_PARAM_DSA_SIGN_DATA: return "HIP_PARAM_DSA_SIGN_DATA"; - case HIP_PARAM_DST_ADDR: return "HIP_PARAM_DST_ADDR"; - case HIP_PARAM_ECHO_REQUEST: return "HIP_PARAM_ECHO_REQUEST"; - case HIP_PARAM_ECHO_REQUEST_SIGN: return "HIP_PARAM_ECHO_REQUEST_SIGN"; - case HIP_PARAM_ECHO_REQUEST_M: return "HIP_PARAM_ECHO_REQUEST_M"; - case HIP_PARAM_ECHO_RESPONSE: return "HIP_PARAM_ECHO_RESPONSE"; - case HIP_PARAM_ECHO_RESPONSE_SIGN: return "HIP_PARAM_ECHO_RESPONSE_SIGN"; - case HIP_PARAM_ECHO_RESPONSE_M: return "HIP_PARAM_ECHO_RESPONSE_M"; - case HIP_PARAM_EID_ADDR: return "HIP_PARAM_EID_ADDR"; - case HIP_PARAM_EID_ENDPOINT: return "HIP_PARAM_EID_ENDPOINT"; - case HIP_PARAM_EID_IFACE: return "HIP_PARAM_EID_IFACE"; - case HIP_PARAM_EID_SOCKADDR: return "HIP_PARAM_EID_SOCKADDR"; - case HIP_PARAM_ENCAPS_MSG: return "HIP_PARAM_ENCAPS_MSG"; - case HIP_PARAM_ENCRYPTED: return "HIP_PARAM_ENCRYPTED"; - case HIP_PARAM_ESP_INFO: return "HIP_PARAM_ESP_INFO"; - case HIP_PARAM_ESP_TRANSFORM: return "HIP_PARAM_ESP_TRANSFORM"; - case HIP_PARAM_FROM_PEER: return "HIP_PARAM_FROM_PEER"; - case HIP_PARAM_FROM: return "HIP_PARAM_FROM"; - case HIP_PARAM_HA_INFO: return "HIP_PARAM_HA_INFO"; - case HIP_PARAM_HASH_CHAIN_ANCHORS: return "HIP_PARAM_HASH_CHAIN_ANCHORS"; - case HIP_PARAM_HASH_CHAIN_PSIG: return "HIP_PARAM_HASH_CHAIN_PSIG"; - case HIP_PARAM_HASH_CHAIN_VALUE: return "HIP_PARAM_HASH_CHAIN_VALUE"; - case HIP_PARAM_HIP_SIGNATURE2: return "HIP_PARAM_HIP_SIGNATURE2"; - case HIP_PARAM_HIP_SIGNATURE: return "HIP_PARAM_HIP_SIGNATURE"; - case HIP_PARAM_HIP_TRANSFORM: return "HIP_PARAM_HIP_TRANSFORM"; - case HIP_PARAM_HI: return "HIP_PARAM_HI"; - case HIP_PARAM_HIT: return "HIP_PARAM_HIT"; - case HIP_PARAM_HIT_LOCAL: return "HIP_PARAM_HIT_LOCAL"; - case HIP_PARAM_HIT_PEER: return "HIP_PARAM_HIT_PEER"; - case HIP_PARAM_HMAC2: return "HIP_PARAM_HMAC2"; - case HIP_PARAM_HMAC: return "HIP_PARAM_HMAC"; - case HIP_PARAM_HOST_ID: return "HIP_PARAM_HOST_ID"; - case HIP_PARAM_INT: return "HIP_PARAM_INT"; - case HIP_PARAM_IPV6_ADDR: return "HIP_PARAM_IPV6_ADDR"; - case HIP_PARAM_IPV6_ADDR_LOCAL: return "HIP_PARAM_IPV6_ADDR_LOCAL"; - case HIP_PARAM_IPV6_ADDR_PEER: return "HIP_PARAM_IPV6_ADDR_PEER"; - case HIP_PARAM_KEYS: return "HIP_PARAM_KEYS"; - case HIP_PARAM_LOCATOR: return "HIP_PARAM_LOCATOR"; - case HIP_PARAM_NOTIFICATION: return "HIP_PARAM_NOTIFICATION"; - case HIP_PARAM_OPENDHT_GW_INFO: return "HIP_PARAM_OPENDHT_GW_INFO"; - case HIP_PARAM_OPENDHT_SET: return "HIP_PARAM_OPENDHT_SET"; - case HIP_PARAM_PORTPAIR: return "HIP_PARAM_PORTPAIR"; - case HIP_PARAM_PUZZLE: return "HIP_PARAM_PUZZLE"; - case HIP_PARAM_CHALLENGE_REQUEST: return "HIP_PARAM_CHALLENGE_REQUEST"; - case HIP_PARAM_R1_COUNTER: return "HIP_PARAM_R1_COUNTER"; - case HIP_PARAM_REG_FAILED: return "HIP_PARAM_REG_FAILED"; - case HIP_PARAM_REG_FROM: return "HIP_PARAM_REG_FROM"; - case HIP_PARAM_REG_INFO: return "HIP_PARAM_REG_INFO"; - case HIP_PARAM_REG_REQUEST: return "HIP_PARAM_REG_REQUEST"; - case HIP_PARAM_REG_RESPONSE: return "HIP_PARAM_REG_RESPONSE"; - case HIP_PARAM_RELAY_FROM: return "HIP_PARAM_RELAY_FROM"; - case HIP_PARAM_RELAY_HMAC: return "HIP_PARAM_RELAY_HMAC"; - case HIP_PARAM_RELAY_TO: return "HIP_PARAM_RELAY_TO"; - case HIP_PARAM_RVS_HMAC: return "HIP_PARAM_RVS_HMAC"; - case HIP_PARAM_SEQ: return "HIP_PARAM_SEQ"; - case HIP_PARAM_SOLUTION: return "HIP_PARAM_SOLUTION"; - case HIP_PARAM_CHALLENGE_RESPONSE: return "HIP_PARAM_CHALLENGE_RESPONSE"; - case HIP_PARAM_SRC_ADDR: return "HIP_PARAM_SRC_ADDR"; - case HIP_PARAM_TO_PEER: return "HIP_PARAM_TO_PEER"; - case HIP_PARAM_UINT: return "HIP_PARAM_UINT"; - case HIP_PARAM_UNIT_TEST: return "HIP_PARAM_UNIT_TEST"; - case HIP_PARAM_VIA_RVS: return "HIP_PARAM_VIA_RVS"; - case HIP_PARAM_PSEUDO_HIT: return "HIP_PARAM_PSEUDO_HIT"; - case HIP_PARAM_HCHAIN_ANCHOR: return "HIP_PARAM_HCHAIN_ANCHOR"; - case HIP_PARAM_ESP_PROT_TRANSFORMS: return "HIP_PARAM_ESP_PROT_TRANSFORMS"; - case HIP_PARAM_ESP_PROT_ANCHOR: return "HIP_PARAM_ESP_PROT_ANCHOR"; - case HIP_PARAM_ESP_PROT_BRANCH: return "HIP_PARAM_ESP_PROT_BRANCH"; - case HIP_PARAM_ESP_PROT_SECRET: return "HIP_PARAM_ESP_PROT_SECRET"; - case HIP_PARAM_ESP_PROT_ROOT: return "HIP_PARAM_ESP_PROT_ROOT"; - //add by santtu - case HIP_PARAM_NAT_TRANSFORM: return "HIP_PARAM_NAT_TRANSFORM"; - case HIP_PARAM_NAT_PACING: return "HIP_PARAM_NAT_PACING"; - //end add - case HIP_PARAM_LSI: return "HIP_PARAM_LSI"; - case HIP_PARAM_SRC_TCP_PORT: return "HIP_PARAM_SRC_TCP_PORT"; - case HIP_PARAM_DST_TCP_PORT: return "HIP_PARAM_DST_TCP_PORT"; - case HIP_PARAM_STUN: return "HIP_PARAM_STUN"; - case HIP_PARAM_HOSTNAME: return "HIP_PARAM_HOSTNAME"; - //end add - } - return "UNDEFINED"; +char *hip_param_type_name(const hip_tlv_type_t param_type) +{ + switch (param_type) { + case HIP_PARAM_ACK: return "HIP_PARAM_ACK"; + case HIP_PARAM_AGENT_REJECT: return "HIP_PARAM_AGENT_REJECT"; + case HIP_PARAM_BLIND_NONCE: return "HIP_PARAM_BLIND_NONCE"; + case HIP_PARAM_CERT: return "HIP_PARAM_CERT"; + case HIP_PARAM_DH_SHARED_KEY: return "HIP_PARAM_DH_SHARED_KEY"; + case HIP_PARAM_DIFFIE_HELLMAN: return "HIP_PARAM_DIFFIE_HELLMAN"; + case HIP_PARAM_DSA_SIGN_DATA: return "HIP_PARAM_DSA_SIGN_DATA"; + case HIP_PARAM_DST_ADDR: return "HIP_PARAM_DST_ADDR"; + case HIP_PARAM_ECHO_REQUEST: return "HIP_PARAM_ECHO_REQUEST"; + case HIP_PARAM_ECHO_REQUEST_SIGN: return "HIP_PARAM_ECHO_REQUEST_SIGN"; + case HIP_PARAM_ECHO_REQUEST_M: return "HIP_PARAM_ECHO_REQUEST_M"; + case HIP_PARAM_ECHO_RESPONSE: return "HIP_PARAM_ECHO_RESPONSE"; + case HIP_PARAM_ECHO_RESPONSE_SIGN: return "HIP_PARAM_ECHO_RESPONSE_SIGN"; + case HIP_PARAM_ECHO_RESPONSE_M: return "HIP_PARAM_ECHO_RESPONSE_M"; + case HIP_PARAM_EID_ADDR: return "HIP_PARAM_EID_ADDR"; + case HIP_PARAM_EID_ENDPOINT: return "HIP_PARAM_EID_ENDPOINT"; + case HIP_PARAM_EID_IFACE: return "HIP_PARAM_EID_IFACE"; + case HIP_PARAM_EID_SOCKADDR: return "HIP_PARAM_EID_SOCKADDR"; + case HIP_PARAM_ENCAPS_MSG: return "HIP_PARAM_ENCAPS_MSG"; + case HIP_PARAM_ENCRYPTED: return "HIP_PARAM_ENCRYPTED"; + case HIP_PARAM_ESP_INFO: return "HIP_PARAM_ESP_INFO"; + case HIP_PARAM_ESP_TRANSFORM: return "HIP_PARAM_ESP_TRANSFORM"; + case HIP_PARAM_FROM_PEER: return "HIP_PARAM_FROM_PEER"; + case HIP_PARAM_FROM: return "HIP_PARAM_FROM"; + case HIP_PARAM_HA_INFO: return "HIP_PARAM_HA_INFO"; + case HIP_PARAM_HASH_CHAIN_ANCHORS: return "HIP_PARAM_HASH_CHAIN_ANCHORS"; + case HIP_PARAM_HASH_CHAIN_PSIG: return "HIP_PARAM_HASH_CHAIN_PSIG"; + case HIP_PARAM_HASH_CHAIN_VALUE: return "HIP_PARAM_HASH_CHAIN_VALUE"; + case HIP_PARAM_HIP_SIGNATURE2: return "HIP_PARAM_HIP_SIGNATURE2"; + case HIP_PARAM_HIP_SIGNATURE: return "HIP_PARAM_HIP_SIGNATURE"; + case HIP_PARAM_HIP_TRANSFORM: return "HIP_PARAM_HIP_TRANSFORM"; + case HIP_PARAM_HI: return "HIP_PARAM_HI"; + case HIP_PARAM_HIT: return "HIP_PARAM_HIT"; + case HIP_PARAM_HIT_LOCAL: return "HIP_PARAM_HIT_LOCAL"; + case HIP_PARAM_HIT_PEER: return "HIP_PARAM_HIT_PEER"; + case HIP_PARAM_HMAC2: return "HIP_PARAM_HMAC2"; + case HIP_PARAM_HMAC: return "HIP_PARAM_HMAC"; + case HIP_PARAM_HOST_ID: return "HIP_PARAM_HOST_ID"; + case HIP_PARAM_INT: return "HIP_PARAM_INT"; + case HIP_PARAM_IPV6_ADDR: return "HIP_PARAM_IPV6_ADDR"; + case HIP_PARAM_IPV6_ADDR_LOCAL: return "HIP_PARAM_IPV6_ADDR_LOCAL"; + case HIP_PARAM_IPV6_ADDR_PEER: return "HIP_PARAM_IPV6_ADDR_PEER"; + case HIP_PARAM_KEYS: return "HIP_PARAM_KEYS"; + case HIP_PARAM_LOCATOR: return "HIP_PARAM_LOCATOR"; + case HIP_PARAM_NOTIFICATION: return "HIP_PARAM_NOTIFICATION"; + case HIP_PARAM_OPENDHT_GW_INFO: return "HIP_PARAM_OPENDHT_GW_INFO"; + case HIP_PARAM_OPENDHT_SET: return "HIP_PARAM_OPENDHT_SET"; + case HIP_PARAM_PORTPAIR: return "HIP_PARAM_PORTPAIR"; + case HIP_PARAM_PUZZLE: return "HIP_PARAM_PUZZLE"; + case HIP_PARAM_CHALLENGE_REQUEST: return "HIP_PARAM_CHALLENGE_REQUEST"; + case HIP_PARAM_R1_COUNTER: return "HIP_PARAM_R1_COUNTER"; + case HIP_PARAM_REG_FAILED: return "HIP_PARAM_REG_FAILED"; + case HIP_PARAM_REG_FROM: return "HIP_PARAM_REG_FROM"; + case HIP_PARAM_REG_INFO: return "HIP_PARAM_REG_INFO"; + case HIP_PARAM_REG_REQUEST: return "HIP_PARAM_REG_REQUEST"; + case HIP_PARAM_REG_RESPONSE: return "HIP_PARAM_REG_RESPONSE"; + case HIP_PARAM_RELAY_FROM: return "HIP_PARAM_RELAY_FROM"; + case HIP_PARAM_RELAY_HMAC: return "HIP_PARAM_RELAY_HMAC"; + case HIP_PARAM_RELAY_TO: return "HIP_PARAM_RELAY_TO"; + case HIP_PARAM_RVS_HMAC: return "HIP_PARAM_RVS_HMAC"; + case HIP_PARAM_SEQ: return "HIP_PARAM_SEQ"; + case HIP_PARAM_SOLUTION: return "HIP_PARAM_SOLUTION"; + case HIP_PARAM_CHALLENGE_RESPONSE: return "HIP_PARAM_CHALLENGE_RESPONSE"; + case HIP_PARAM_SRC_ADDR: return "HIP_PARAM_SRC_ADDR"; + case HIP_PARAM_TO_PEER: return "HIP_PARAM_TO_PEER"; + case HIP_PARAM_UINT: return "HIP_PARAM_UINT"; + case HIP_PARAM_UNIT_TEST: return "HIP_PARAM_UNIT_TEST"; + case HIP_PARAM_VIA_RVS: return "HIP_PARAM_VIA_RVS"; + case HIP_PARAM_PSEUDO_HIT: return "HIP_PARAM_PSEUDO_HIT"; + case HIP_PARAM_HCHAIN_ANCHOR: return "HIP_PARAM_HCHAIN_ANCHOR"; + case HIP_PARAM_ESP_PROT_TRANSFORMS: return "HIP_PARAM_ESP_PROT_TRANSFORMS"; + case HIP_PARAM_ESP_PROT_ANCHOR: return "HIP_PARAM_ESP_PROT_ANCHOR"; + case HIP_PARAM_ESP_PROT_BRANCH: return "HIP_PARAM_ESP_PROT_BRANCH"; + case HIP_PARAM_ESP_PROT_SECRET: return "HIP_PARAM_ESP_PROT_SECRET"; + case HIP_PARAM_ESP_PROT_ROOT: return "HIP_PARAM_ESP_PROT_ROOT"; + //add by santtu + case HIP_PARAM_NAT_TRANSFORM: return "HIP_PARAM_NAT_TRANSFORM"; + case HIP_PARAM_NAT_PACING: return "HIP_PARAM_NAT_PACING"; + //end add + case HIP_PARAM_LSI: return "HIP_PARAM_LSI"; + case HIP_PARAM_SRC_TCP_PORT: return "HIP_PARAM_SRC_TCP_PORT"; + case HIP_PARAM_DST_TCP_PORT: return "HIP_PARAM_DST_TCP_PORT"; + case HIP_PARAM_STUN: return "HIP_PARAM_STUN"; + case HIP_PARAM_HOSTNAME: return "HIP_PARAM_HOSTNAME"; + //end add + } + return "UNDEFINED"; } /** @@ -1347,31 +1373,32 @@ * * @return zero if the message was ok, or negative error value on error. */ -int hip_check_userspace_msg(const struct hip_common *msg) { - struct hip_tlv_common *current_param = NULL; - int err = 0; - - if (!hip_check_user_msg_len(msg)) { - err = -EMSGSIZE; - HIP_ERROR("bad msg len %d\n", hip_get_msg_total_len(msg)); - goto out; - } - - while((current_param = hip_get_next_param(msg, current_param)) - != NULL) { - if(!hip_check_param_contents_len(msg, current_param)) { - err = -EMSGSIZE; - HIP_ERROR("bad param len\n"); - break; - } else if (!hip_check_userspace_param_type(current_param)) { - err = -EINVAL; - HIP_ERROR("bad param type\n"); - break; - } - } - - out: - return err; +int hip_check_userspace_msg(const struct hip_common *msg) +{ + struct hip_tlv_common *current_param = NULL; + int err = 0; + + if (!hip_check_user_msg_len(msg)) { + err = -EMSGSIZE; + HIP_ERROR("bad msg len %d\n", hip_get_msg_total_len(msg)); + goto out; + } + + while ((current_param = hip_get_next_param(msg, current_param)) + != NULL) { + if (!hip_check_param_contents_len(msg, current_param)) { + err = -EMSGSIZE; + HIP_ERROR("bad param len\n"); + break; + } else if (!hip_check_userspace_param_type(current_param)) { + err = -EINVAL; + HIP_ERROR("bad param type\n"); + break; + } + } + +out: + return err; } /** @@ -1390,41 +1417,41 @@ */ int hip_check_network_param_attributes(const struct hip_tlv_common *param) { - hip_tlv_type_t type = hip_get_param_type(param); - int err = 0; - - _HIP_DEBUG("type=%u\n", type); - - switch(type) { - case HIP_PARAM_HIP_TRANSFORM: - case HIP_PARAM_ESP_TRANSFORM: - { - /* Search for one supported transform */ - hip_transform_suite_t suite; - - _HIP_DEBUG("Checking %s transform\n", - type == HIP_PARAM_HIP_TRANSFORM ? "HIP" : "ESP"); - suite = hip_get_param_transform_suite_id(param, 0); - if (suite == 0) { - HIP_ERROR("Could not find suitable %s transform\n", - type == HIP_PARAM_HIP_TRANSFORM ? "HIP" : "ESP"); - err = -EPROTONOSUPPORT; - } - break; - } - case HIP_PARAM_HOST_ID: - { - uint8_t algo = - hip_get_host_id_algo((struct hip_host_id *) param); - if (algo != HIP_HI_DSA && algo != HIP_HI_RSA) { - err = -EPROTONOSUPPORT; - HIP_ERROR("Host id algo %d not supported\n", algo); - } - break; - } - } - _HIP_DEBUG("err=%d\n", err); - return err; + hip_tlv_type_t type = hip_get_param_type(param); + int err = 0; + + _HIP_DEBUG("type=%u\n", type); + + switch (type) { + case HIP_PARAM_HIP_TRANSFORM: + case HIP_PARAM_ESP_TRANSFORM: + { + /* Search for one supported transform */ + hip_transform_suite_t suite; + + _HIP_DEBUG("Checking %s transform\n", + type == HIP_PARAM_HIP_TRANSFORM ? "HIP" : "ESP"); + suite = hip_get_param_transform_suite_id(param, 0); + if (suite == 0) { + HIP_ERROR("Could not find suitable %s transform\n", + type == HIP_PARAM_HIP_TRANSFORM ? "HIP" : "ESP"); + err = -EPROTONOSUPPORT; + } + break; + } + case HIP_PARAM_HOST_ID: + { + uint8_t algo = + hip_get_host_id_algo((struct hip_host_id *) param); + if (algo != HIP_HI_DSA && algo != HIP_HI_RSA) { + err = -EPROTONOSUPPORT; + HIP_ERROR("Host id algo %d not supported\n", algo); + } + break; + } + } + _HIP_DEBUG("err=%d\n", err); + return err; } /** @@ -1435,61 +1462,61 @@ */ int hip_check_network_msg(const struct hip_common *msg) { - struct hip_tlv_common *current_param = NULL; - hip_tlv_type_t current_param_type = 0, prev_param_type = 0; - int err = 0; - - /* Checksum of the message header is verified in input.c */ - - if (!hip_check_network_msg_type(msg)) { - err = -EINVAL; - HIP_ERROR("bad msg type (%d)\n", hip_get_msg_type(msg)); - goto out; - } - - //check msg length - if (!hip_check_network_msg_len(msg)) { - err = -EMSGSIZE; - HIP_ERROR("bad msg len %d\n", hip_get_msg_total_len(msg)); - goto out; - } - - /* Checking of param types, lengths and ordering. */ - while((current_param = hip_get_next_param(msg, current_param)) - != NULL) { - current_param_type = hip_get_param_type(current_param); - if(!hip_check_param_contents_len(msg, current_param)) { - err = -EMSGSIZE; - HIP_ERROR("bad param len\n"); - break; - } else if (!hip_check_network_param_type(current_param)) { - err = -EINVAL; - HIP_ERROR("bad param type, current param=%u\n", - hip_get_param_type(current_param)); - break; - } else if (current_param_type < prev_param_type && - ((current_param_type < HIP_LOWER_TRANSFORM_TYPE || - current_param_type > HIP_UPPER_TRANSFORM_TYPE) && - (prev_param_type < HIP_LOWER_TRANSFORM_TYPE || - prev_param_type > HIP_UPPER_TRANSFORM_TYPE))) { - /* According to draft-ietf-hip-base-03 parameter type order - * strictly enforced, except for - * HIP_LOWER_TRANSFORM_TYPE - HIP_UPPER_TRANSFORM_TYPE - */ - err = -ENOMSG; - HIP_ERROR("Wrong order of parameters (%d, %d)\n", - prev_param_type, current_param_type); - break; - } else if (hip_check_network_param_attributes(current_param)) { - HIP_ERROR("bad param attributes\n"); - err = -EINVAL; - break; - } - prev_param_type = current_param_type; - } - - out: - return err; + struct hip_tlv_common *current_param = NULL; + hip_tlv_type_t current_param_type = 0, prev_param_type = 0; + int err = 0; + + /* Checksum of the message header is verified in input.c */ + + if (!hip_check_network_msg_type(msg)) { + err = -EINVAL; + HIP_ERROR("bad msg type (%d)\n", hip_get_msg_type(msg)); + goto out; + } + + //check msg length + if (!hip_check_network_msg_len(msg)) { + err = -EMSGSIZE; + HIP_ERROR("bad msg len %d\n", hip_get_msg_total_len(msg)); + goto out; + } + + /* Checking of param types, lengths and ordering. */ + while ((current_param = hip_get_next_param(msg, current_param)) + != NULL) { + current_param_type = hip_get_param_type(current_param); + if (!hip_check_param_contents_len(msg, current_param)) { + err = -EMSGSIZE; + HIP_ERROR("bad param len\n"); + break; + } else if (!hip_check_network_param_type(current_param)) { + err = -EINVAL; + HIP_ERROR("bad param type, current param=%u\n", + hip_get_param_type(current_param)); + break; + } else if (current_param_type < prev_param_type && + ((current_param_type < HIP_LOWER_TRANSFORM_TYPE || + current_param_type > HIP_UPPER_TRANSFORM_TYPE) && + (prev_param_type < HIP_LOWER_TRANSFORM_TYPE || + prev_param_type > HIP_UPPER_TRANSFORM_TYPE))) { + /* According to draft-ietf-hip-base-03 parameter type order + * strictly enforced, except for + * HIP_LOWER_TRANSFORM_TYPE - HIP_UPPER_TRANSFORM_TYPE + */ + err = -ENOMSG; + HIP_ERROR("Wrong order of parameters (%d, %d)\n", + prev_param_type, current_param_type); + break; + } else if (hip_check_network_param_attributes(current_param)) { + HIP_ERROR("bad param attributes\n"); + err = -EINVAL; + break; + } + prev_param_type = current_param_type; + } + +out: + return err; } /** @@ -1514,88 +1541,89 @@ * @see hip_build_param(). * @see hip_build_param_contents(). */ -static int hip_build_generic_param(struct hip_common *msg, const void *parameter_hdr, - hip_tlv_len_t param_hdr_size, const void *contents) +static int hip_build_generic_param(struct hip_common *msg, + const void *parameter_hdr, + hip_tlv_len_t param_hdr_size, + const void *contents) { - const struct hip_tlv_common *param = - (struct hip_tlv_common *) parameter_hdr; - void *src = NULL, *dst = NULL; - int err = 0, size = 0; - void *max_dst = ((void *) msg) + HIP_MAX_PACKET; - - _HIP_DEBUG("\n"); - - if (msg == NULL) { - HIP_ERROR("Message is NULL.\n"); - err = -EFAULT; - goto out; - } - - if (contents == NULL) { - HIP_ERROR("Parameter contents to build is NULL.\n"); - err = -EFAULT; - goto out; - } - - if (param_hdr_size < sizeof(struct hip_tlv_common)) { - HIP_ERROR("Size of the parameter build is too small.\n"); - err = -EMSGSIZE; - goto out; - } - - dst = hip_find_free_param(msg); - if (dst == NULL) { - err = -EMSGSIZE; - HIP_ERROR("The message has no room for new parameters.\n"); - goto out; - } - - _HIP_DEBUG("found free: %d\n", dst - ((void *)msg)); - - if (dst + hip_get_param_total_len(param) > max_dst) { - err = -EMSGSIZE; - _HIP_DEBUG("dst == %d\n",dst); - HIP_ERROR("The parameter to build does not fit in the message "\ - "because if the parameter would be appended to "\ - "the message, maximum HIP packet length would be "\ - "exceeded."\ - "len: %d\n", - hip_get_param_contents_len(param)); - goto out; - } - - /* copy header */ - src = (void *) param; - size = param_hdr_size; - memcpy(dst, src, size); - - /* copy contents */ - dst += param_hdr_size; - src = (void *) contents; - /* Copy the right amount of contents, see jokela draft for TLV - format. For example, this skips the algo in struct hip_sig2 - (which is included in the length), see the - build_param_signature2_contents() function below. */ - size = hip_get_param_contents_len(param) - - (param_hdr_size - sizeof(struct hip_tlv_common)); - memcpy(dst, src, size); - - _HIP_DEBUG("contents copied %d bytes\n", size); - - /* we have to update header length or otherwise hip_find_free_param - will fail when it checks the header length */ - hip_calc_hdr_len(msg); - if (hip_get_msg_total_len(msg) == 0) { - HIP_ERROR("Could not calculate temporary header length.\n"); - err = -EFAULT; - } - - _HIP_DEBUG("dumping msg, len = %d\n", hip_get_msg_total_len(msg)); - _HIP_HEXDUMP("build msg: ", (void *) msg, - hip_get_msg_total_len(msg)); - out: - - return err; + const struct hip_tlv_common *param = (struct hip_tlv_common *) parameter_hdr; + void *src = NULL, *dst = NULL; + int err = 0, size = 0; + void *max_dst = ((void *) msg) + HIP_MAX_PACKET; + + _HIP_DEBUG("\n"); + + if (msg == NULL) { + HIP_ERROR("Message is NULL.\n"); + err = -EFAULT; + goto out; + } + + if (contents == NULL) { + HIP_ERROR("Parameter contents to build is NULL.\n"); + err = -EFAULT; + goto out; + } + + if (param_hdr_size < sizeof(struct hip_tlv_common)) { + HIP_ERROR("Size of the parameter build is too small.\n"); + err = -EMSGSIZE; + goto out; + } + + dst = hip_find_free_param(msg); + if (dst == NULL) { + err = -EMSGSIZE; + HIP_ERROR("The message has no room for new parameters.\n"); + goto out; + } + + _HIP_DEBUG("found free: %d\n", dst - ((void *) msg)); + + if (dst + hip_get_param_total_len(param) > max_dst) { + err = -EMSGSIZE; + _HIP_DEBUG("dst == %d\n", dst); + HIP_ERROR("The parameter to build does not fit in the message " \ + "because if the parameter would be appended to " \ + "the message, maximum HIP packet length would be " \ + "exceeded." \ + "len: %d\n", + hip_get_param_contents_len(param)); + goto out; + } + + /* copy header */ + src = (void *) param; + size = param_hdr_size; + memcpy(dst, src, size); + + /* copy contents */ + dst += param_hdr_size; + src = (void *) contents; + /* Copy the right amount of contents, see jokela draft for TLV + * format. For example, this skips the algo in struct hip_sig2 + * (which is included in the length), see the + * build_param_signature2_contents() function below. */ + size = hip_get_param_contents_len(param) - + (param_hdr_size - sizeof(struct hip_tlv_common)); + memcpy(dst, src, size); + + _HIP_DEBUG("contents copied %d bytes\n", size); + + /* we have to update header length or otherwise hip_find_free_param + * will fail when it checks the header length */ + hip_calc_hdr_len(msg); + if (hip_get_msg_total_len(msg) == 0) { + HIP_ERROR("Could not calculate temporary header length.\n"); + err = -EFAULT; + } + + _HIP_DEBUG("dumping msg, len = %d\n", hip_get_msg_total_len(msg)); + _HIP_HEXDUMP("build msg: ", (void *) msg, + hip_get_msg_total_len(msg)); +out: + + return err; } /** @@ -1617,19 +1645,19 @@ * @see hip_build_param(). */ int hip_build_param_contents(struct hip_common *msg, - const void *contents, - hip_tlv_type_t param_type, - hip_tlv_len_t contents_size) + const void *contents, + hip_tlv_type_t param_type, + hip_tlv_len_t contents_size) { - struct hip_tlv_common param; - hip_set_param_type(¶m, param_type); - hip_set_param_contents_len((struct hip_tlv_common *) ¶m, contents_size); - return hip_build_generic_param(msg, ¶m, - sizeof(struct hip_tlv_common), - contents); + struct hip_tlv_common param; + hip_set_param_type(¶m, param_type); + hip_set_param_contents_len((struct hip_tlv_common *) ¶m, contents_size); + return hip_build_generic_param(msg, + ¶m, + sizeof(struct hip_tlv_common), + contents); } - /** * Appends a complete parameter into a HIP message. * @@ -1654,25 +1682,25 @@ */ int hip_build_param(struct hip_common *msg, const void *tlv_common) { - int err = 0; - void *contents = ((void *) tlv_common) + sizeof(struct hip_tlv_common); - - if (tlv_common == NULL) { - err = -EFAULT; - HIP_ERROR("param null\n"); - goto out; - } - - err = hip_build_param_contents(msg, contents, - hip_get_param_type(tlv_common), - hip_get_param_contents_len(tlv_common)); - _HIP_DEBUG("tlv_common len %d\n", ((struct hip_tlv_common *)tlv_common)->length); - if (err) { - HIP_ERROR("could not build contents (%d)\n", err); - } - - out: - return err; + int err = 0; + void *contents = ((void *) tlv_common) + sizeof(struct hip_tlv_common); + + if (tlv_common == NULL) { + err = -EFAULT; + HIP_ERROR("param null\n"); + goto out; + } + + err = hip_build_param_contents(msg, contents, + hip_get_param_type(tlv_common), + hip_get_param_contents_len(tlv_common)); + _HIP_DEBUG("tlv_common len %d\n", ((struct hip_tlv_common *) tlv_common)->length); + if (err) { + HIP_ERROR("could not build contents (%d)\n", err); + } + +out: + return err; } /** @@ -1681,11 +1709,13 @@ * @param msg user message * @param on 1 if requesting for a response, otherwise 0 */ -void hip_set_msg_response(struct hip_common *msg, uint8_t on) { - if (msg->ver_res == HIP_USER_VER_RES) - msg->control = on; - else - msg->payload_proto = on; +void hip_set_msg_response(struct hip_common *msg, uint8_t on) +{ + if (msg->ver_res == HIP_USER_VER_RES) { + msg->control = on; + } else { + msg->payload_proto = on; + } } /** @@ -1694,9 +1724,9 @@ * @param msg user message * @return 1 if message requires response, other 0 */ -uint8_t hip_get_msg_response(struct hip_common *msg) { - return msg->ver_res == HIP_USER_VER_RES ? msg->control - : msg->payload_proto; +uint8_t hip_get_msg_response(struct hip_common *msg) +{ + return msg->ver_res == HIP_USER_VER_RES ? msg->control : msg->payload_proto; } /** @@ -1717,34 +1747,36 @@ * @return zero on success, or negative on error. */ int hip_build_user_hdr(struct hip_common *msg, hip_hdr_type_t base_type, - hip_hdr_err_t err_val) + hip_hdr_err_t err_val) { - int err = 0; - - _HIP_DEBUG("\n"); - HIP_IFEL(!msg, -EINVAL, "null msg\n"); - - /* build header first and then parameters */ - HIP_ASSERT(hip_get_msg_total_len(msg) == 0); - - /* Use internal message version of header. - * This allows for messages longer than HIP_MAX_NETWORK_PACKET. */ - msg->ver_res = HIP_USER_VER_RES; - - hip_set_msg_type(msg, base_type); - hip_set_msg_err(msg, err_val); - /* Note: final header length is usually calculated by the - last call to build_param() but it is possible to build a - msg with just the header, so we have to calculate the - header length anyway. */ - hip_calc_hdr_len(msg); - - HIP_IFE(hip_get_msg_total_len(msg) == 0, -EMSGSIZE); - HIP_IFEL(!hip_check_user_msg_len(msg), -EMSGSIZE, "hipd build hdr: " \ - "msg len (%d) invalid\n", hip_get_msg_total_len(msg)); - - out_err: - return err; + int err = 0; + + _HIP_DEBUG("\n"); + HIP_IFEL(!msg, -EINVAL, "null msg\n"); + + /* build header first and then parameters */ + HIP_ASSERT(hip_get_msg_total_len(msg) == 0); + + /* Use internal message version of header. + * This allows for messages longer than HIP_MAX_NETWORK_PACKET. */ + msg->ver_res = HIP_USER_VER_RES; + + hip_set_msg_type(msg, base_type); + hip_set_msg_err(msg, err_val); + /* Note: final header length is usually calculated by the + * last call to build_param() but it is possible to build a + * msg with just the header, so we have to calculate the + * header length anyway. */ + hip_calc_hdr_len(msg); + + HIP_IFE(hip_get_msg_total_len(msg) == 0, -EMSGSIZE); + HIP_IFEL(!hip_check_user_msg_len(msg), + -EMSGSIZE, + "hipd build hdr: msg len (%d) invalid\n", + hip_get_msg_total_len(msg)); + +out_err: + return err; } /** @@ -1776,23 +1808,23 @@ * @note Use @b only accessors to hide byte order and size conversion issues! */ void hip_build_network_hdr(struct hip_common *msg, uint8_t type_hdr, - uint16_t control, const struct in6_addr *hit_sender, - const struct in6_addr *hit_receiver) + uint16_t control, const struct in6_addr *hit_sender, + const struct in6_addr *hit_receiver) { - /* build header first and then parameters */ - HIP_ASSERT(hip_get_msg_total_len(msg) == 0); - - msg->payload_proto = IPPROTO_NONE; /* 1 byte, no htons() */ - /* Do not touch the length; it is written by param builders */ - msg->type_hdr = type_hdr; /* 1 byte, no htons() */ - /* version includes the SHIM6 bit */ - msg->ver_res = (HIP_VER_RES << 4) | 1; /* 1 byte, no htons() */ - - msg->control = htons(control); - msg->checksum = htons(0); /* this will be written by xmit */ - - ipv6_addr_copy(&msg->hits, hit_sender ? hit_sender : &in6addr_any); - ipv6_addr_copy(&msg->hitr, hit_receiver ? hit_receiver : &in6addr_any); + /* build header first and then parameters */ + HIP_ASSERT(hip_get_msg_total_len(msg) == 0); + + msg->payload_proto = IPPROTO_NONE; /* 1 byte, no htons() */ + /* Do not touch the length; it is written by param builders */ + msg->type_hdr = type_hdr; /* 1 byte, no htons() */ + /* version includes the SHIM6 bit */ + msg->ver_res = (HIP_VER_RES << 4) | 1; /* 1 byte, no htons() */ + + msg->control = htons(control); + msg->checksum = htons(0); /* this will be written by xmit */ + + ipv6_addr_copy(&msg->hits, hit_sender ? hit_sender : &in6addr_any); + ipv6_addr_copy(&msg->hitr, hit_receiver ? hit_receiver : &in6addr_any); } #ifndef __KERNEL__ @@ -1811,23 +1843,25 @@ * @see hip_write_hmac(). */ int hip_build_param_hmac(struct hip_common *msg, - const struct hip_crypto_key *key, + const struct hip_crypto_key *key, hip_tlv_type_t param_type) { - int err = 0; - struct hip_hmac hmac; - - hip_set_param_type((struct hip_tlv_common *) &hmac, param_type); - hip_calc_generic_param_len((struct hip_tlv_common *) &hmac, sizeof(struct hip_hmac), 0); - - HIP_IFEL(hip_write_hmac(HIP_DIGEST_SHA1_HMAC, key->key, msg, - hip_get_msg_total_len(msg), - hmac.hmac_data), -EFAULT, - "Error while building HMAC\n"); - - err = hip_build_param(msg, &hmac); - out_err: - return err; + int err = 0; + struct hip_hmac hmac; + + hip_set_param_type((struct hip_tlv_common *) &hmac, param_type); + hip_calc_generic_param_len((struct hip_tlv_common *) &hmac, + sizeof(struct hip_hmac), + 0); + + HIP_IFEL(hip_write_hmac(HIP_DIGEST_SHA1_HMAC, key->key, msg, + hip_get_msg_total_len(msg), + hmac.hmac_data), -EFAULT, + "Error while building HMAC\n"); + + err = hip_build_param(msg, &hmac); +out_err: + return err; } /** @@ -1843,38 +1877,40 @@ * @see hip_build_param_hmac_contents() */ int hip_build_param_hmac_contents(struct hip_common *msg, - const struct hip_crypto_key *key) + const struct hip_crypto_key *key) { - - return hip_build_param_hmac(msg, key, HIP_PARAM_HMAC); + return hip_build_param_hmac(msg, key, HIP_PARAM_HMAC); }; int hip_create_msg_pseudo_hmac2(const struct hip_common *msg, - struct hip_common *msg_copy, - struct hip_host_id *host_id) { - struct hip_tlv_common *param = NULL; - int err = 0; - - HIP_HEXDUMP("host id", host_id, - hip_get_param_total_len(host_id)); - - memcpy( msg_copy, msg, sizeof(struct hip_common)); - hip_set_msg_total_len(msg_copy, 0); - hip_zero_msg_checksum(msg_copy); - - /* copy parameters to a temporary buffer to calculate - pseudo-hmac (includes the host id) */ - while((param = hip_get_next_param(msg, param)) && - hip_get_param_type(param) < HIP_PARAM_HMAC2) { - HIP_IFEL(hip_build_param(msg_copy, param), -1, - "Failed to build param\n"); - } - - HIP_IFEL(hip_build_param(msg_copy, host_id), -1, - "Failed to append pseudo host id to R2\n"); - - out_err: - return err; + struct hip_common *msg_copy, + struct hip_host_id *host_id) +{ + struct hip_tlv_common *param = NULL; + int err = 0; + + HIP_HEXDUMP("host id", host_id, + hip_get_param_total_len(host_id)); + + memcpy( msg_copy, msg, sizeof(struct hip_common)); + hip_set_msg_total_len(msg_copy, 0); + hip_zero_msg_checksum(msg_copy); + + /* copy parameters to a temporary buffer to calculate + * pseudo-hmac (includes the host id) */ + while ((param = hip_get_next_param(msg, param)) && + hip_get_param_type(param) < HIP_PARAM_HMAC2) + { + HIP_IFEL(hip_build_param(msg_copy, param), + -1, + "Failed to build param\n"); + } + + HIP_IFEL(hip_build_param(msg_copy, host_id), -1, + "Failed to append pseudo host id to R2\n"); + +out_err: + return err; } /** @@ -1893,35 +1929,39 @@ * @see hip_write_hmac(). */ int hip_build_param_hmac2_contents(struct hip_common *msg, - struct hip_crypto_key *key, - struct hip_host_id *host_id) + struct hip_crypto_key *key, + struct hip_host_id *host_id) { - struct hip_hmac hmac2; - struct hip_common *msg_copy = NULL; - int err = 0; - - HIP_IFEL(!(msg_copy = hip_msg_alloc()), -ENOMEM, "Message alloc\n"); - - _HIP_HEXDUMP("HMAC data", msg_copy, hip_get_msg_total_len(msg_copy)); - _HIP_HEXDUMP("HMAC key\n", key->key, 20); - - HIP_IFEL(hip_create_msg_pseudo_hmac2(msg, msg_copy, host_id), -1, - "pseudo hmac pkt failed\n"); - - hip_set_param_type((struct hip_tlv_common *) &hmac2, HIP_PARAM_HMAC2); - hip_calc_generic_param_len((struct hip_tlv_common *) &hmac2, sizeof(struct hip_hmac), 0); - - HIP_IFEL(hip_write_hmac(HIP_DIGEST_SHA1_HMAC, key->key, msg_copy, - hip_get_msg_total_len(msg_copy), - hmac2.hmac_data), -EFAULT, - "Error while building HMAC\n"); - - err = hip_build_param(msg, &hmac2); - out_err: - if (msg_copy) - HIP_FREE(msg_copy); - - return err; + struct hip_hmac hmac2; + struct hip_common *msg_copy = NULL; + int err = 0; + + HIP_IFEL(!(msg_copy = hip_msg_alloc()), -ENOMEM, "Message alloc\n"); + + _HIP_HEXDUMP("HMAC data", msg_copy, hip_get_msg_total_len(msg_copy)); + _HIP_HEXDUMP("HMAC key\n", key->key, 20); + + HIP_IFEL(hip_create_msg_pseudo_hmac2(msg, msg_copy, host_id), -1, + "pseudo hmac pkt failed\n"); + + hip_set_param_type((struct hip_tlv_common *) &hmac2, HIP_PARAM_HMAC2); + hip_calc_generic_param_len((struct hip_tlv_common *) &hmac2, + sizeof(struct hip_hmac), + 0); + + HIP_IFEL(hip_write_hmac(HIP_DIGEST_SHA1_HMAC, key->key, msg_copy, + hip_get_msg_total_len(msg_copy), + hmac2.hmac_data), + -EFAULT, + "Error while building HMAC\n"); + + err = hip_build_param(msg, &hmac2); +out_err: + if (msg_copy) { + HIP_FREE(msg_copy); + } + + return err; } /** @@ -1937,136 +1977,138 @@ */ u16 hip_checksum_packet(char *data, struct sockaddr *src, struct sockaddr *dst) { - u16 checksum = 0; - unsigned long sum = 0; - int count = 0, length = 0; - unsigned short *p = NULL; /* 16-bit */ - struct pseudo_header pseudoh; - struct pseudo_header6 pseudoh6; - u32 src_network, dst_network; - struct in6_addr *src6, *dst6; - struct hip_common *hiph = (struct hip_common *) data; - - if (src->sa_family == AF_INET) { - /* IPv4 checksum based on UDP-- Section 6.1.2 */ - src_network = ((struct sockaddr_in*)src)->sin_addr.s_addr; - dst_network = ((struct sockaddr_in*)dst)->sin_addr.s_addr; - - memset(&pseudoh, 0, sizeof(struct pseudo_header)); - memcpy(&pseudoh.src_addr, &src_network, 4); - memcpy(&pseudoh.dst_addr, &dst_network, 4); - pseudoh.protocol = IPPROTO_HIP; - length = (hiph->payload_len + 1) * 8; - pseudoh.packet_length = htons(length); - - count = sizeof(struct pseudo_header); /* count always even number */ - p = (unsigned short*) &pseudoh; - } else { - /* IPv6 checksum based on IPv6 pseudo-header */ - src6 = &((struct sockaddr_in6*)src)->sin6_addr; - dst6 = &((struct sockaddr_in6*)dst)->sin6_addr; - - memset(&pseudoh6, 0, sizeof(struct pseudo_header6)); - memcpy(&pseudoh6.src_addr[0], src6, 16); - memcpy(&pseudoh6.dst_addr[0], dst6, 16); - length = (hiph->payload_len + 1) * 8; - pseudoh6.packet_length = htonl(length); - pseudoh6.next_hdr = IPPROTO_HIP; - - count = sizeof(struct pseudo_header6); /* count always even number */ - p = (unsigned short*) &pseudoh6; - } - /* - * this checksum algorithm can be found - * in RFC 1071 section 4.1 - */ - - /* sum the pseudo-header */ - /* count and p are initialized above per protocol */ - while (count > 1) { - sum += *p++; - count -= 2; - } - - /* one's complement sum 16-bit words of data */ - HIP_DEBUG("Checksumming %d bytes of data.\n", length); - count = length; - p = (unsigned short*) data; - while (count > 1) { - sum += *p++; - count -= 2; - } - /* add left-over byte, if any */ - if (count > 0) - sum += (unsigned char)*p; - - /* Fold 32-bit sum to 16 bits */ - while (sum>>16) - sum = (sum & 0xffff) + (sum >> 16); - /* take the one's complement of the sum */ - checksum = ~sum; - - return(checksum); + u16 checksum = 0; + unsigned long sum = 0; + int count = 0, length = 0; + unsigned short *p = NULL; /* 16-bit */ + struct pseudo_header pseudoh; + struct pseudo_header6 pseudoh6; + u32 src_network, dst_network; + struct in6_addr *src6, *dst6; + struct hip_common *hiph = (struct hip_common *) data; + + if (src->sa_family == AF_INET) { + /* IPv4 checksum based on UDP-- Section 6.1.2 */ + src_network = ((struct sockaddr_in *) src)->sin_addr.s_addr; + dst_network = ((struct sockaddr_in *) dst)->sin_addr.s_addr; + + memset(&pseudoh, 0, sizeof(struct pseudo_header)); + memcpy(&pseudoh.src_addr, &src_network, 4); + memcpy(&pseudoh.dst_addr, &dst_network, 4); + pseudoh.protocol = IPPROTO_HIP; + length = (hiph->payload_len + 1) * 8; + pseudoh.packet_length = htons(length); + + count = sizeof(struct pseudo_header); /* count always even number */ + p = (unsigned short *) &pseudoh; + } else { + /* IPv6 checksum based on IPv6 pseudo-header */ + src6 = &((struct sockaddr_in6 *) src)->sin6_addr; + dst6 = &((struct sockaddr_in6 *) dst)->sin6_addr; + + memset(&pseudoh6, 0, sizeof(struct pseudo_header6)); + memcpy(&pseudoh6.src_addr[0], src6, 16); + memcpy(&pseudoh6.dst_addr[0], dst6, 16); + length = (hiph->payload_len + 1) * 8; + pseudoh6.packet_length = htonl(length); + pseudoh6.next_hdr = IPPROTO_HIP; + + count = sizeof(struct pseudo_header6); /* count always even number */ + p = (unsigned short *) &pseudoh6; + } + /* + * this checksum algorithm can be found + * in RFC 1071 section 4.1 + */ + + /* sum the pseudo-header */ + /* count and p are initialized above per protocol */ + while (count > 1) { + sum += *p++; + count -= 2; + } + + /* one's complement sum 16-bit words of data */ + HIP_DEBUG("Checksumming %d bytes of data.\n", length); + count = length; + p = (unsigned short *) data; + while (count > 1) { + sum += *p++; + count -= 2; + } + /* add left-over byte, if any */ + if (count > 0) { + sum += (unsigned char) *p; + } + + /* Fold 32-bit sum to 16 bits */ + while (sum >> 16) { + sum = (sum & 0xffff) + (sum >> 16); + } + /* take the one's complement of the sum */ + checksum = ~sum; + + return checksum; } int hip_verify_network_header(struct hip_common *hip_common, - struct sockaddr *src, struct sockaddr *dst, - int len) + struct sockaddr *src, struct sockaddr *dst, + int len) { - int err = 0, plen, checksum; - - plen = hip_get_msg_total_len(hip_common); - - /* Currently no support for piggybacking */ - HIP_IFEL(len != hip_get_msg_total_len(hip_common), -EINVAL, - "Invalid HIP packet length (%d,%d). Dropping\n", - len, plen); - HIP_IFEL(hip_common->payload_proto != IPPROTO_NONE, -EOPNOTSUPP, - "Protocol in packet (%u) was not IPPROTO_NONE. Dropping\n", - hip_common->payload_proto); - HIP_IFEL(hip_common->ver_res != ((HIP_VER_RES << 4) | 1), -EPROTOTYPE, - "Invalid version in received packet. Dropping\n"); - - HIP_IFEL(!ipv6_addr_is_hit(&hip_common->hits), -EAFNOSUPPORT, - "Received a non-HIT in HIT-source. Dropping\n"); - HIP_IFEL(!ipv6_addr_is_hit(&hip_common->hitr) && - !ipv6_addr_any(&hip_common->hitr), - -EAFNOSUPPORT, - "Received a non-HIT or non NULL in HIT-receiver. Dropping\n"); - - HIP_IFEL(ipv6_addr_any(&hip_common->hits), -EAFNOSUPPORT, - "Received a NULL in HIT-sender. Dropping\n"); - - /** @todo handle the RVS case better. */ - if (ipv6_addr_any(&hip_common->hitr)) { - /* Required for e.g. BOS */ - HIP_DEBUG("Received opportunistic HIT\n"); - } else { + int err = 0, plen, checksum; + + plen = hip_get_msg_total_len(hip_common); + + /* Currently no support for piggybacking */ + HIP_IFEL(len != hip_get_msg_total_len(hip_common), -EINVAL, + "Invalid HIP packet length (%d,%d). Dropping\n", + len, plen); + HIP_IFEL(hip_common->payload_proto != IPPROTO_NONE, -EOPNOTSUPP, + "Protocol in packet (%u) was not IPPROTO_NONE. Dropping\n", + hip_common->payload_proto); + HIP_IFEL(hip_common->ver_res != ((HIP_VER_RES << 4) | 1), -EPROTOTYPE, + "Invalid version in received packet. Dropping\n"); + + HIP_IFEL(!ipv6_addr_is_hit(&hip_common->hits), -EAFNOSUPPORT, + "Received a non-HIT in HIT-source. Dropping\n"); + HIP_IFEL(!ipv6_addr_is_hit(&hip_common->hitr) && + !ipv6_addr_any(&hip_common->hitr), + -EAFNOSUPPORT, + "Received a non-HIT or non NULL in HIT-receiver. Dropping\n"); + + HIP_IFEL(ipv6_addr_any(&hip_common->hits), -EAFNOSUPPORT, + "Received a NULL in HIT-sender. Dropping\n"); + + /** @todo handle the RVS case better. */ + if (ipv6_addr_any(&hip_common->hitr)) { + /* Required for e.g. BOS */ + HIP_DEBUG("Received opportunistic HIT\n"); + } else { #ifdef CONFIG_HIP_RVS - HIP_DEBUG("Received HIT is ours or we are RVS\n"); + HIP_DEBUG("Received HIT is ours or we are RVS\n"); #else - HIP_IFEL(!hip_hidb_hit_is_our(&hip_common->hitr), -EFAULT, - "Receiver HIT is not ours\n"); + HIP_IFEL(!hip_hidb_hit_is_our(&hip_common->hitr), -EFAULT, + "Receiver HIT is not ours\n"); #endif /* CONFIG_HIP_RVS */ - } - - /* Check checksum. */ - HIP_DEBUG("dst port is %d \n", ((struct sockaddr_in *)dst)->sin_port); - if (dst->sa_family == AF_INET && ((struct sockaddr_in *)dst)->sin_port) { - HIP_DEBUG("HIP IPv4 UDP packet: ignoring HIP checksum\n"); - } else { - checksum = hip_common->checksum; - hip_common->checksum = 0; - - HIP_IFEL(hip_checksum_packet((char*)hip_common, src, dst) - !=checksum, - -EBADMSG, "HIP checksum failed.\n"); - - hip_common->checksum = checksum; - } + } + + /* Check checksum. */ + HIP_DEBUG("dst port is %d \n", ((struct sockaddr_in *) dst)->sin_port); + if (dst->sa_family == AF_INET && ((struct sockaddr_in *) dst)->sin_port) { + HIP_DEBUG("HIP IPv4 UDP packet: ignoring HIP checksum\n"); + } else { + checksum = hip_common->checksum; + hip_common->checksum = 0; + + HIP_IFEL(hip_checksum_packet((char *) hip_common, src, dst) + != checksum, + -EBADMSG, "HIP checksum failed.\n"); + + hip_common->checksum = checksum; + } out_err: - return err; + return err; } #endif /* __KERNEL__ */ @@ -2084,53 +2126,54 @@ * Returns: zero on success, or negative on failure */ int hip_build_param_encrypted_aes_sha1(struct hip_common *msg, - struct hip_tlv_common *param) + struct hip_tlv_common *param) { - int rem, err = 0; - struct hip_encrypted_aes_sha1 enc; - int param_len = hip_get_param_total_len(param); - struct hip_tlv_common *common = param; - char *param_padded = NULL; - - hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); - enc.reserved = htonl(0); - memset(&enc.iv, 0, 16); - - /* copy the IV *IF* needed, and then the encrypted data */ - - /* AES block size must be multiple of 16 bytes */ - rem = param_len % 16; - if (rem) { - HIP_DEBUG("Adjusting param size to AES block size\n"); - - param_padded = (char *)HIP_MALLOC(param_len + rem, GFP_KERNEL); - if (!param_padded) { - err = -ENOMEM; - goto out_err; - } - - /* this kind of padding works against Ericsson/OpenSSL - (method 4: RFC2630 method) */ - /* http://www.di-mgt.com.au/cryptopad.html#exampleaes */ - memcpy(param_padded, param, param_len); - memset(param_padded + param_len, rem, rem); - - common = (struct hip_tlv_common *) param_padded; - param_len += rem; - } - - hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - - sizeof(struct hip_tlv_common) + - param_len); - - err = hip_build_generic_param(msg, &enc, sizeof(enc), common); - - out_err: - - if (param_padded) - HIP_FREE(param_padded); - - return err; + int rem, err = 0; + struct hip_encrypted_aes_sha1 enc; + int param_len = hip_get_param_total_len(param); + struct hip_tlv_common *common = param; + char *param_padded = NULL; + + hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); + enc.reserved = htonl(0); + memset(&enc.iv, 0, 16); + + /* copy the IV *IF* needed, and then the encrypted data */ + + /* AES block size must be multiple of 16 bytes */ + rem = param_len % 16; + if (rem) { + HIP_DEBUG("Adjusting param size to AES block size\n"); + + param_padded = (char *) HIP_MALLOC(param_len + rem, GFP_KERNEL); + if (!param_padded) { + err = -ENOMEM; + goto out_err; + } + + /* this kind of padding works against Ericsson/OpenSSL + * (method 4: RFC2630 method) */ + /* http://www.di-mgt.com.au/cryptopad.html#exampleaes */ + memcpy(param_padded, param, param_len); + memset(param_padded + param_len, rem, rem); + + common = (struct hip_tlv_common *) param_padded; + param_len += rem; + } + + hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - + sizeof(struct hip_tlv_common) + + param_len); + + err = hip_build_generic_param(msg, &enc, sizeof(enc), common); + +out_err: + + if (param_padded) { + HIP_FREE(param_padded); + } + + return err; } /** @@ -2152,27 +2195,27 @@ * @return zero for success, or non-zero on error */ int hip_build_param_signature2_contents(struct hip_common *msg, - const void *contents, - hip_tlv_len_t contents_size, - uint8_t algorithm) + const void *contents, + hip_tlv_len_t contents_size, + uint8_t algorithm) { - /* note: if you make changes in this function, make them also in - build_param_signature_contents(), because it is almost the same */ - - int err = 0; - struct hip_sig2 sig2; - - HIP_ASSERT(sizeof(struct hip_sig2) >= sizeof(struct hip_tlv_common)); - - hip_set_param_type((struct hip_tlv_common *) &sig2, HIP_PARAM_HIP_SIGNATURE2); - hip_calc_generic_param_len((struct hip_tlv_common *) &sig2, sizeof(struct hip_sig2), - contents_size); - sig2.algorithm = algorithm; /* algo is 8 bits, no htons */ - - err = hip_build_generic_param(msg, &sig2, - sizeof(struct hip_sig2), contents); - - return err; + /* note: if you make changes in this function, make them also in + * build_param_signature_contents(), because it is almost the same */ + + int err = 0; + struct hip_sig2 sig2; + + HIP_ASSERT(sizeof(struct hip_sig2) >= sizeof(struct hip_tlv_common)); + + hip_set_param_type((struct hip_tlv_common *) &sig2, HIP_PARAM_HIP_SIGNATURE2); + hip_calc_generic_param_len((struct hip_tlv_common *) &sig2, sizeof(struct hip_sig2), + contents_size); + sig2.algorithm = algorithm; /* algo is 8 bits, no htons */ + + err = hip_build_generic_param(msg, &sig2, + sizeof(struct hip_sig2), contents); + + return err; } /** @@ -2190,27 +2233,27 @@ * @return zero for success, or non-zero on error */ int hip_build_param_signature_contents(struct hip_common *msg, - const void *contents, - hip_tlv_len_t contents_size, - uint8_t algorithm) + const void *contents, + hip_tlv_len_t contents_size, + uint8_t algorithm) { - /* note: if you make changes in this function, make them also in - build_param_signature_contents2(), because it is almost the same */ - - int err = 0; - struct hip_sig sig; - - HIP_ASSERT(sizeof(struct hip_sig) >= sizeof(struct hip_tlv_common)); - - hip_set_param_type((struct hip_tlv_common *) &sig, HIP_PARAM_HIP_SIGNATURE); - hip_calc_generic_param_len((struct hip_tlv_common *) &sig, sizeof(struct hip_sig), - contents_size); - sig.algorithm = algorithm; /* algo is 8 bits, no htons */ - - err = hip_build_generic_param(msg, &sig, - sizeof(struct hip_sig), contents); - - return err; + /* note: if you make changes in this function, make them also in + * build_param_signature_contents2(), because it is almost the same */ + + int err = 0; + struct hip_sig sig; + + HIP_ASSERT(sizeof(struct hip_sig) >= sizeof(struct hip_tlv_common)); + + hip_set_param_type((struct hip_tlv_common *) &sig, HIP_PARAM_HIP_SIGNATURE); + hip_calc_generic_param_len((struct hip_tlv_common *) &sig, sizeof(struct hip_sig), + contents_size); + sig.algorithm = algorithm; /* algo is 8 bits, no htons */ + + err = hip_build_generic_param(msg, &sig, + sizeof(struct hip_sig), contents); + + return err; } /** @@ -2224,20 +2267,21 @@ * @return zero for success, or non-zero on error */ int hip_build_param_echo(struct hip_common *msg, void *opaque, int len, - int sign, int request) + int sign, int request) { - struct hip_echo_request ping; - int err; - - if (request) - hip_set_param_type((struct hip_tlv_common *) &ping, sign ? HIP_PARAM_ECHO_REQUEST_SIGN : HIP_PARAM_ECHO_REQUEST); - else - hip_set_param_type((struct hip_tlv_common *) &ping, sign ? HIP_PARAM_ECHO_RESPONSE_SIGN : HIP_PARAM_ECHO_RESPONSE); - - hip_set_param_contents_len((struct hip_tlv_common *) &ping, len); - err = hip_build_generic_param(msg, &ping, sizeof(struct hip_echo_request), - opaque); - return err; + struct hip_echo_request ping; + int err; + + if (request) { + hip_set_param_type((struct hip_tlv_common *) &ping, sign ? HIP_PARAM_ECHO_REQUEST_SIGN : HIP_PARAM_ECHO_REQUEST); + } else { + hip_set_param_type((struct hip_tlv_common *) &ping, sign ? HIP_PARAM_ECHO_RESPONSE_SIGN : HIP_PARAM_ECHO_RESPONSE); + } + + hip_set_param_contents_len((struct hip_tlv_common *) &ping, len); + err = hip_build_generic_param(msg, &ping, sizeof(struct hip_echo_request), + opaque); + return err; } /** @@ -2253,19 +2297,21 @@ int hip_build_param_echo_m(struct hip_common *msg, void *opaque, int len, int request) { - struct hip_echo_request_m ping; - int err; - - if (request) - hip_set_param_type((struct hip_tlv_common *) &ping, HIP_PARAM_ECHO_REQUEST_M); - else - hip_set_param_type((struct hip_tlv_common *) &ping, HIP_PARAM_ECHO_RESPONSE_M); - - hip_set_param_contents_len((struct hip_tlv_common *) &ping, len); - err = hip_build_generic_param(msg, &ping, sizeof(struct hip_echo_request_m), - opaque); - return err; + struct hip_echo_request_m ping; + int err; + + if (request) { + hip_set_param_type((struct hip_tlv_common *) &ping, HIP_PARAM_ECHO_REQUEST_M); + } else { + hip_set_param_type((struct hip_tlv_common *) &ping, HIP_PARAM_ECHO_RESPONSE_M); + } + + hip_set_param_contents_len((struct hip_tlv_common *) &ping, len); + err = hip_build_generic_param(msg, &ping, sizeof(struct hip_echo_request_m), + opaque); + return err; } + #endif /** @@ -2277,22 +2323,22 @@ */ int hip_build_param_r1_counter(struct hip_common *msg, uint64_t generation) { - struct hip_r1_counter r1gen; - int err = 0; - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &r1gen, - sizeof(struct hip_r1_counter) - - sizeof(struct hip_tlv_common)); - /* Type 2 (in R1) or 3 (in I2) */ - hip_set_param_type((struct hip_tlv_common *) &r1gen, HIP_PARAM_R1_COUNTER); - - r1gen.reserved = 0; - - r1gen.generation = hton64(generation); - - err = hip_build_param(msg, &r1gen); - return err; + struct hip_r1_counter r1gen; + int err = 0; + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &r1gen, + sizeof(struct hip_r1_counter) - + sizeof(struct hip_tlv_common)); + /* Type 2 (in R1) or 3 (in I2) */ + hip_set_param_type((struct hip_tlv_common *) &r1gen, HIP_PARAM_R1_COUNTER); + + r1gen.reserved = 0; + + r1gen.generation = hton64(generation); + + err = hip_build_param(msg, &r1gen); + return err; } /** @@ -2308,18 +2354,19 @@ * @see <a href="http://tools.ietf.org/wg/hip/draft-ietf-hip-rvs/draft-ietf-hip-rvs-05.txt";> * draft-ietf-hip-rvs-05</a> section 4.2.2. */ -int hip_build_param_from(struct hip_common *msg, const struct in6_addr *addr, - const in_port_t not_used) +int hip_build_param_from(struct hip_common *msg, + const struct in6_addr *addr, + const in_port_t not_used) { - struct hip_from from; - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) &from, HIP_PARAM_FROM); - memcpy((struct in6_addr *)&from.address, addr, 16); - - hip_calc_generic_param_len((struct hip_tlv_common *) &from, sizeof(struct hip_from), 0); - err = hip_build_param(msg, &from); - return err; + struct hip_from from; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) &from, HIP_PARAM_FROM); + memcpy((struct in6_addr *) &from.address, addr, 16); + + hip_calc_generic_param_len((struct hip_tlv_common *) &from, sizeof(struct hip_from), 0); + err = hip_build_param(msg, &from); + return err; } /** @@ -2333,20 +2380,20 @@ * @return zero on success, or negative error value on error. */ int hip_build_param_relay_from(struct hip_common *msg, const struct in6_addr *addr, - const in_port_t port) + const in_port_t port) { - struct hip_relay_from relay_from; - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) &relay_from, HIP_PARAM_RELAY_FROM); - ipv6_addr_copy((struct in6_addr *)&relay_from.address, addr); - relay_from.port = htons(port); - relay_from.reserved = 0; - relay_from.protocol = HIP_NAT_PROTO_UDP; - hip_calc_generic_param_len((struct hip_tlv_common *) &relay_from, sizeof(relay_from), 0); - err = hip_build_param(msg, &relay_from); - - return err; + struct hip_relay_from relay_from; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) &relay_from, HIP_PARAM_RELAY_FROM); + ipv6_addr_copy((struct in6_addr *) &relay_from.address, addr); + relay_from.port = htons(port); + relay_from.reserved = 0; + relay_from.protocol = HIP_NAT_PROTO_UDP; + hip_calc_generic_param_len((struct hip_tlv_common *) &relay_from, sizeof(relay_from), 0); + err = hip_build_param(msg, &relay_from); + + return err; } /** @@ -2362,18 +2409,18 @@ * draft-ietf-hip-rvs-05</a> section 4.2.3. */ int hip_build_param_via_rvs(struct hip_common *msg, - const struct in6_addr rvs_addresses[]) + const struct in6_addr rvs_addresses[]) { - HIP_DEBUG("hip_build_param_rvs() invoked.\n"); - int err = 0; - struct hip_via_rvs viarvs; + HIP_DEBUG("hip_build_param_rvs() invoked.\n"); + int err = 0; + struct hip_via_rvs viarvs; - hip_set_param_type((struct hip_tlv_common *) &viarvs, HIP_PARAM_VIA_RVS); - hip_calc_generic_param_len((struct hip_tlv_common *) &viarvs, sizeof(struct hip_via_rvs), - sizeof(struct in6_addr)); - err = hip_build_generic_param(msg, &viarvs, sizeof(struct hip_via_rvs), - (void *)rvs_addresses); - return err; + hip_set_param_type((struct hip_tlv_common *) &viarvs, HIP_PARAM_VIA_RVS); + hip_calc_generic_param_len((struct hip_tlv_common *) &viarvs, sizeof(struct hip_via_rvs), + sizeof(struct in6_addr)); + err = hip_build_generic_param(msg, &viarvs, sizeof(struct hip_via_rvs), + (void *) rvs_addresses); + return err; } /** @@ -2389,23 +2436,22 @@ * draft, this is now RELAY_TO. */ int hip_build_param_relay_to(struct hip_common *msg, - const in6_addr_t *addr, - const in_port_t port) + const in6_addr_t *addr, + const in_port_t port) { - struct hip_relay_to relay_to; - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) &relay_to, HIP_PARAM_RELAY_TO); - ipv6_addr_copy((struct in6_addr *)&relay_to.address, addr); - relay_to.port = htons(port); - relay_to.reserved = 0; - relay_to.protocol = HIP_NAT_PROTO_UDP; - - hip_calc_generic_param_len((struct hip_tlv_common *) &relay_to, sizeof(relay_to), 0); - err = hip_build_param(msg, &relay_to); - - return err; - + struct hip_relay_to relay_to; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) &relay_to, HIP_PARAM_RELAY_TO); + ipv6_addr_copy((struct in6_addr *) &relay_to.address, addr); + relay_to.port = htons(port); + relay_to.reserved = 0; + relay_to.protocol = HIP_NAT_PROTO_UDP; + + hip_calc_generic_param_len((struct hip_tlv_common *) &relay_to, sizeof(relay_to), 0); + err = hip_build_param(msg, &relay_to); + + return err; } /* NOTE! Keep this function before REG_REQUEST and REG_RESPONSE parameter @@ -2429,19 +2475,19 @@ * function is not to be called outside this file. */ static inline int hip_reg_param_core(hip_common_t *msg, - void *param, - const uint8_t lifetime, - const uint8_t *type_list, - const int type_count) + void *param, + const uint8_t lifetime, + const uint8_t *type_list, + const int type_count) { - struct hip_reg_request *rreq = (struct hip_reg_request *) param; - - hip_calc_generic_param_len((struct hip_tlv_common *) rreq, sizeof(struct hip_reg_request), - type_count * sizeof(uint8_t)); - rreq->lifetime = lifetime; - - return hip_build_generic_param(msg, rreq, sizeof(struct hip_reg_request), - type_list); + struct hip_reg_request *rreq = (struct hip_reg_request *) param; + + hip_calc_generic_param_len((struct hip_tlv_common *) rreq, sizeof(struct hip_reg_request), + type_count * sizeof(uint8_t)); + rreq->lifetime = lifetime; + + return hip_build_generic_param(msg, rreq, sizeof(struct hip_reg_request), + type_list); } /** @@ -2452,56 +2498,55 @@ * @param service_count number of registration services in @c service_list. * @return zero on success, non-zero otherwise. * @note: gcc gives a weird warning if we use struct srv in the arguments of this function. - Using void pointer as a workaround */ + * Using void pointer as a workaround */ int hip_build_param_reg_info(hip_common_t *msg, - const void *srv_list, - const unsigned int service_count) + const void *srv_list, + const unsigned int service_count) { - int err = 0, i = 0; - const struct hip_srv *service_list = (const struct hip_srv *) srv_list; - struct hip_reg_info reg_info; - uint8_t reg_type[service_count]; - - if(service_count == 0) { - return 0; - } - HIP_DEBUG("Building REG_INFO parameter(s) \n"); - - for( ;i < service_count; i++) { - if(service_list[0].min_lifetime != - service_list[i].min_lifetime || - service_list[0].max_lifetime != - service_list[i].max_lifetime) { - HIP_INFO("Warning! Multiple min and max lifetime "\ - "values for a single REG_INFO parameter "\ - "requested. Using lifetime values from "\ - "service reg_type %d with all services.\n", - service_list[0].reg_type); - break; - } - - } - - for(i = 0; i < service_count; i++) { - reg_type[i] = service_list[i].reg_type; - } - - _HIP_HEXDUMP("reg_type", reg_type, service_count); - - hip_set_param_type((struct hip_tlv_common *) ®_info, HIP_PARAM_REG_INFO); - /* All services should have the same lifetime... */ - reg_info.min_lifetime = service_list[0].min_lifetime; - reg_info.max_lifetime = service_list[0].max_lifetime; - hip_calc_generic_param_len((struct hip_tlv_common *) ®_info, sizeof(struct hip_reg_info), - service_count * sizeof(service_list[0].reg_type)); - - err = hip_build_generic_param( - msg, ®_info, sizeof(struct hip_reg_info), (void *)reg_type); - - _HIP_DEBUG("Added REG_INFO parameter with %u service%s.\n", service_count, - (service_count > 1) ? "s" : ""); - - return err; + int err = 0, i = 0; + const struct hip_srv *service_list = (const struct hip_srv *) srv_list; + struct hip_reg_info reg_info; + uint8_t reg_type[service_count]; + + if (service_count == 0) { + return 0; + } + HIP_DEBUG("Building REG_INFO parameter(s) \n"); + + for (; i < service_count; i++) { + if (service_list[0].min_lifetime != + service_list[i].min_lifetime || + service_list[0].max_lifetime != + service_list[i].max_lifetime) { + HIP_INFO("Warning! Multiple min and max lifetime " \ + "values for a single REG_INFO parameter " \ + "requested. Using lifetime values from " \ + "service reg_type %d with all services.\n", + service_list[0].reg_type); + break; + } + } + + for (i = 0; i < service_count; i++) { + reg_type[i] = service_list[i].reg_type; + } + + _HIP_HEXDUMP("reg_type", reg_type, service_count); + + hip_set_param_type((struct hip_tlv_common *) ®_info, HIP_PARAM_REG_INFO); + /* All services should have the same lifetime... */ + reg_info.min_lifetime = service_list[0].min_lifetime; + reg_info.max_lifetime = service_list[0].max_lifetime; + hip_calc_generic_param_len((struct hip_tlv_common *) ®_info, sizeof(struct hip_reg_info), + service_count * sizeof(service_list[0].reg_type)); + + err = hip_build_generic_param( + msg, ®_info, sizeof(struct hip_reg_info), (void *) reg_type); + + _HIP_DEBUG("Added REG_INFO parameter with %u service%s.\n", service_count, + (service_count > 1) ? "s" : ""); + + return err; } /** @@ -2515,15 +2560,15 @@ * @return zero on success, non-zero otherwise. */ int hip_build_param_reg_request(hip_common_t *msg, const uint8_t lifetime, - const uint8_t *type_list, const int type_count) + const uint8_t *type_list, const int type_count) { - int err = 0; - struct hip_reg_request rreq; - - hip_set_param_type((struct hip_tlv_common *) &rreq, HIP_PARAM_REG_REQUEST); - err = hip_reg_param_core(msg, &rreq, lifetime, type_list, type_count); - - return err; + int err = 0; + struct hip_reg_request rreq; + + hip_set_param_type((struct hip_tlv_common *) &rreq, HIP_PARAM_REG_REQUEST); + err = hip_reg_param_core(msg, &rreq, lifetime, type_list, type_count); + + return err; } /** @@ -2537,15 +2582,15 @@ * @return zero on success, non-zero otherwise. */ int hip_build_param_reg_response(hip_common_t *msg, const uint8_t lifetime, - const uint8_t *type_list, const int type_count) + const uint8_t *type_list, const int type_count) { - int err = 0; - struct hip_reg_response rres; - - hip_set_param_type((struct hip_tlv_common *) &rres, HIP_PARAM_REG_RESPONSE); - err = hip_reg_param_core(msg, &rres, lifetime, type_list, type_count); - - return err; + int err = 0; + struct hip_reg_response rres; + + hip_set_param_type((struct hip_tlv_common *) &rres, HIP_PARAM_REG_RESPONSE); + err = hip_reg_param_core(msg, &rres, lifetime, type_list, type_count); + + return err; } /** @@ -2559,29 +2604,28 @@ * @return zero on success, non-zero otherwise. */ int hip_build_param_reg_failed(struct hip_common *msg, uint8_t failure_type, - uint8_t *type_list, int type_count) + uint8_t *type_list, int type_count) { - int err = 0; - struct hip_reg_failed reg_failed; - - if(type_count == 0) { - return 0; - } - - hip_set_param_type((struct hip_tlv_common *) ®_failed, HIP_PARAM_REG_FAILED); - - reg_failed.failure_type = failure_type; - hip_calc_generic_param_len((struct hip_tlv_common *) ®_failed, sizeof(struct hip_reg_failed), - type_count * sizeof(type_list[0])); - - err = hip_build_generic_param( - msg, ®_failed, sizeof(struct hip_reg_failed), (void *)type_list); - - HIP_DEBUG("Added REG_FAILED parameter with %u service%s.\n", type_count, - (type_count > 1) ? "s" : ""); - - return err; - + int err = 0; + struct hip_reg_failed reg_failed; + + if (type_count == 0) { + return 0; + } + + hip_set_param_type((struct hip_tlv_common *) ®_failed, HIP_PARAM_REG_FAILED); + + reg_failed.failure_type = failure_type; + hip_calc_generic_param_len((struct hip_tlv_common *) ®_failed, sizeof(struct hip_reg_failed), + type_count * sizeof(type_list[0])); + + err = hip_build_generic_param( + msg, ®_failed, sizeof(struct hip_reg_failed), (void *) type_list); + + HIP_DEBUG("Added REG_FAILED parameter with %u service%s.\n", type_count, + (type_count > 1) ? "s" : ""); + + return err; } /** @@ -2600,35 +2644,35 @@ * @return zero for success, or non-zero on error */ int hip_build_param_puzzle(struct hip_common *msg, uint8_t val_K, - uint8_t lifetime, uint32_t opaque, uint64_t random_i) + uint8_t lifetime, uint32_t opaque, uint64_t random_i) { - struct hip_puzzle puzzle; - int err = 0; - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &puzzle, - sizeof(struct hip_puzzle) - - sizeof(struct hip_tlv_common)); - /* Type 2 (in R1) or 3 (in I2) */ - hip_set_param_type((struct hip_tlv_common *) &puzzle, HIP_PARAM_PUZZLE); - - /* only the random_j_k is in host byte order */ - puzzle.K = val_K; - puzzle.lifetime = lifetime; - - // The following line to create random bytes are tried but didn't work! - // get_random_bytes(puzzle.opaque, sizeof(puzzle.opaque)); - puzzle.opaque[0] = opaque & 0xFF; - puzzle.opaque[1] = (opaque & 0xFF00) >> 8; - /* puzzle.opaque[2] = (opaque & 0xFF0000) >> 16; */ - puzzle.I = random_i; + struct hip_puzzle puzzle; + int err = 0; + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &puzzle, + sizeof(struct hip_puzzle) - + sizeof(struct hip_tlv_common)); + /* Type 2 (in R1) or 3 (in I2) */ + hip_set_param_type((struct hip_tlv_common *) &puzzle, HIP_PARAM_PUZZLE); + + /* only the random_j_k is in host byte order */ + puzzle.K = val_K; + puzzle.lifetime = lifetime; + + // The following line to create random bytes are tried but didn't work! + // get_random_bytes(puzzle.opaque, sizeof(puzzle.opaque)); + puzzle.opaque[0] = opaque & 0xFF; + puzzle.opaque[1] = (opaque & 0xFF00) >> 8; + /* puzzle.opaque[2] = (opaque & 0xFF0000) >> 16; */ + puzzle.I = random_i; err = hip_build_generic_param(msg, &puzzle, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&puzzle)); - return err; + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&puzzle)); + return err; +} -} #ifndef __KERNEL__ /** * hip_build_param_challange_request - build and append a HIP challange_request to the message @@ -2646,35 +2690,37 @@ * @return zero for success, or non-zero on error */ #ifdef CONFIG_HIP_MIDAUTH -int hip_build_param_challenge_request( struct hip_common *msg, uint8_t val_K, - uint8_t lifetime, uint8_t *opaque, uint8_t opaque_len) +int hip_build_param_challenge_request(struct hip_common *msg, + uint8_t val_K, + uint8_t lifetime, + uint8_t *opaque, + uint8_t opaque_len) { - struct hip_challenge_request puzzle; - int err = 0; - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &puzzle, - sizeof(struct hip_challenge_request) - - sizeof(struct hip_tlv_common)); - /* Type 2 (in R1) or 3 (in I2) */ - hip_set_param_type((struct hip_tlv_common *) &puzzle, HIP_PARAM_CHALLENGE_REQUEST); - - /* only the random_j_k is in host byte order */ - puzzle.K = val_K; - puzzle.lifetime = lifetime; - memcpy(&puzzle.opaque, opaque, opaque_len); - - err = hip_build_generic_param(msg, &puzzle, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&puzzle)); - - return err; - + struct hip_challenge_request puzzle; + int err = 0; + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &puzzle, + sizeof(struct hip_challenge_request) - + sizeof(struct hip_tlv_common)); + /* Type 2 (in R1) or 3 (in I2) */ + hip_set_param_type((struct hip_tlv_common *) &puzzle, + HIP_PARAM_CHALLENGE_REQUEST); + + /* only the random_j_k is in host byte order */ + puzzle.K = val_K; + puzzle.lifetime = lifetime; + memcpy(&puzzle.opaque, opaque, opaque_len); + + err = hip_build_generic_param(msg, + &puzzle, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&puzzle)); + return err; } + #endif - - /** * hip_build_param_solution - build and append a HIP solution into the message * @param msg the message where the solution is to be appended @@ -2689,26 +2735,27 @@ * @return zero for success, or non-zero on error */ int hip_build_param_solution(struct hip_common *msg, struct hip_puzzle *pz, - uint64_t val_J) + uint64_t val_J) { - struct hip_solution cookie; - int err = 0; - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &cookie, - sizeof(struct hip_solution) - - sizeof(struct hip_tlv_common)); - /* Type 2 (in R1) or 3 (in I2) */ - hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_SOLUTION); - - cookie.J = hton64(val_J); - memcpy(&cookie.K, &pz->K, 12); /* copy: K (1), reserved (1), - opaque (2) and I (8 bytes). */ - cookie.reserved = 0; - err = hip_build_generic_param(msg, &cookie, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&cookie)); - return err; + struct hip_solution cookie; + int err = 0; + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &cookie, + sizeof(struct hip_solution) - + sizeof(struct hip_tlv_common)); + /* Type 2 (in R1) or 3 (in I2) */ + hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_SOLUTION); + + cookie.J = hton64(val_J); + memcpy(&cookie.K, &pz->K, 12); /* copy: K (1), reserved (1), + * opaque (2) and I (8 bytes). */ + cookie.reserved = 0; + err = hip_build_generic_param(msg, + &cookie, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&cookie)); + return err; } /** @@ -2726,29 +2773,31 @@ */ #ifdef CONFIG_HIP_MIDAUTH int hip_build_param_challenge_response(struct hip_common *msg, struct hip_challenge_request *pz, - uint64_t val_J) + uint64_t val_J) { - struct hip_challenge_response cookie; - int err = 0, opaque_len = 0; - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &cookie, - sizeof(struct hip_challenge_response) - - sizeof(struct hip_tlv_common)); - /* Type 2 (in R1) or 3 (in I2) */ - hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_CHALLENGE_RESPONSE); - - cookie.J = hton64(val_J); - cookie.K = pz->K; - cookie.lifetime = pz->K; - opaque_len = (sizeof(pz->opaque) / sizeof(pz->opaque[0])); - memcpy(&cookie.opaque, pz->opaque, opaque_len); - - err = hip_build_generic_param(msg, &cookie, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&cookie)); - return err; + struct hip_challenge_response cookie; + int err = 0, opaque_len = 0; + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &cookie, + sizeof(struct hip_challenge_response) - + sizeof(struct hip_tlv_common)); + /* Type 2 (in R1) or 3 (in I2) */ + hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_CHALLENGE_RESPONSE); + + cookie.J = hton64(val_J); + cookie.K = pz->K; + cookie.lifetime = pz->K; + opaque_len = (sizeof(pz->opaque) / sizeof(pz->opaque[0])); + memcpy(&cookie.opaque, pz->opaque, opaque_len); + + err = hip_build_generic_param(msg, + &cookie, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&cookie)); + return err; } + #endif /** @@ -2767,67 +2816,75 @@ * @return zero on success, or non-zero on error */ int hip_build_param_diffie_hellman_contents(struct hip_common *msg, - uint8_t group_id1, void *pubkey1, hip_tlv_len_t pubkey_len1, - uint8_t group_id2, void *pubkey2, hip_tlv_len_t pubkey_len2) + uint8_t group_id1, + void *pubkey1, + hip_tlv_len_t pubkey_len1, + uint8_t group_id2, + void *pubkey2, + hip_tlv_len_t pubkey_len2) { - int err = 0; - struct hip_diffie_hellman diffie_hellman; - uint8_t *value = NULL, *value_tmp = NULL; - hip_tlv_len_t pubkey_len = pubkey_len1 + sizeof(uint8_t) + - sizeof(uint16_t) + pubkey_len2; - uint16_t tmp_pubkey_len2 = 0; - - - HIP_ASSERT(pubkey_len >= sizeof(struct hip_tlv_common)); - - _HIP_ASSERT(sizeof(struct hip_diffie_hellman) == 5); - - hip_set_param_type((struct hip_tlv_common *) &diffie_hellman, HIP_PARAM_DIFFIE_HELLMAN); - - if(group_id2 != HIP_MAX_DH_GROUP_ID) - pubkey_len = pubkey_len1 + sizeof(uint8_t) + - sizeof(uint16_t) + pubkey_len2; - else - pubkey_len = pubkey_len1; - - /* Allocating memory for the "value" packet */ - HIP_IFEL(!(value = value_tmp = HIP_MALLOC((pubkey_len), GFP_ATOMIC)), - -1, "Failed to alloc memory for value\n"); - - hip_calc_generic_param_len((struct hip_tlv_common *) &diffie_hellman, - sizeof(struct hip_diffie_hellman), - pubkey_len); - diffie_hellman.pub_val.group_id = group_id1; /* 1 byte, no htons() */ - diffie_hellman.pub_val.pub_len = htons(pubkey_len1); - - if(group_id2 != HIP_MAX_DH_GROUP_ID){ - /* Creating "value" by joining the first and second DH values */ - HIP_DEBUG("group_id2 = %d, htons(pubkey_len2)= %d\n", - group_id2, htons(pubkey_len2)); - - memcpy(value_tmp, pubkey1, pubkey_len1); - value_tmp += pubkey_len1; - *value_tmp++ = group_id2; - tmp_pubkey_len2 = htons(pubkey_len2); - memcpy(value_tmp, &tmp_pubkey_len2, sizeof(uint16_t)); - value_tmp += sizeof(uint16_t); - memcpy(value_tmp, pubkey2, pubkey_len2); - }else - memcpy(value_tmp, pubkey1, pubkey_len1); - - err = hip_build_generic_param(msg, &diffie_hellman, - sizeof(struct hip_diffie_hellman), - value); - - _HIP_HEXDUMP("Own DH pubkey: ", pubkey, pubkey_len); - - out_err: - - if (value) - HIP_FREE(value); - - return err; + int err = 0; + struct hip_diffie_hellman diffie_hellman; + uint8_t *value = NULL, *value_tmp = NULL; + hip_tlv_len_t pubkey_len = pubkey_len1 + sizeof(uint8_t) + + sizeof(uint16_t) + pubkey_len2; + uint16_t tmp_pubkey_len2 = 0; + + + HIP_ASSERT(pubkey_len >= sizeof(struct hip_tlv_common)); + + _HIP_ASSERT(sizeof(struct hip_diffie_hellman) == 5); + + hip_set_param_type((struct hip_tlv_common *) &diffie_hellman, HIP_PARAM_DIFFIE_HELLMAN); + + if (group_id2 != HIP_MAX_DH_GROUP_ID) { + pubkey_len = pubkey_len1 + sizeof(uint8_t) + + sizeof(uint16_t) + pubkey_len2; + } else { + pubkey_len = pubkey_len1; + } + + /* Allocating memory for the "value" packet */ + HIP_IFEL(!(value = value_tmp = HIP_MALLOC((pubkey_len), GFP_ATOMIC)), + -1, "Failed to alloc memory for value\n"); + + hip_calc_generic_param_len((struct hip_tlv_common *) &diffie_hellman, + sizeof(struct hip_diffie_hellman), + pubkey_len); + diffie_hellman.pub_val.group_id = group_id1; /* 1 byte, no htons() */ + diffie_hellman.pub_val.pub_len = htons(pubkey_len1); + + if (group_id2 != HIP_MAX_DH_GROUP_ID) { + /* Creating "value" by joining the first and second DH values */ + HIP_DEBUG("group_id2 = %d, htons(pubkey_len2)= %d\n", + group_id2, htons(pubkey_len2)); + + memcpy(value_tmp, pubkey1, pubkey_len1); + value_tmp += pubkey_len1; + *value_tmp++ = group_id2; + tmp_pubkey_len2 = htons(pubkey_len2); + memcpy(value_tmp, &tmp_pubkey_len2, sizeof(uint16_t)); + value_tmp += sizeof(uint16_t); + memcpy(value_tmp, pubkey2, pubkey_len2); + } else { + memcpy(value_tmp, pubkey1, pubkey_len1); + } + + err = hip_build_generic_param(msg, &diffie_hellman, + sizeof(struct hip_diffie_hellman), + value); + + _HIP_HEXDUMP("Own DH pubkey: ", pubkey, pubkey_len); + +out_err: + + if (value) { + HIP_FREE(value); + } + + return err; } + #endif /** * hip_get_transform_max - find out the maximum number of transform suite ids @@ -2837,22 +2894,22 @@ */ uint16_t hip_get_transform_max(hip_tlv_type_t transform_type) { - uint16_t transform_max = 0; - - switch (transform_type) { - case HIP_PARAM_HIP_TRANSFORM: - transform_max = HIP_TRANSFORM_HIP_MAX; - break; - case HIP_PARAM_ESP_TRANSFORM: - transform_max = HIP_TRANSFORM_ESP_MAX; - break; - default: - HIP_ERROR("Unknown transform type %d\n", transform_type); - } - - return transform_max; - + uint16_t transform_max = 0; + + switch (transform_type) { + case HIP_PARAM_HIP_TRANSFORM: + transform_max = HIP_TRANSFORM_HIP_MAX; + break; + case HIP_PARAM_ESP_TRANSFORM: + transform_max = HIP_TRANSFORM_ESP_MAX; + break; + default: + HIP_ERROR("Unknown transform type %d\n", transform_type); + } + + return transform_max; } + /** * hip_build_param_esp_transform - build an HIP or ESP transform * @param msg the message where the parameter will be appended @@ -2865,38 +2922,39 @@ * @return zero on success, or negative on error */ int hip_build_param_esp_transform(struct hip_common *msg, - const hip_transform_suite_t transform_suite[], - const uint16_t transform_count) + const hip_transform_suite_t transform_suite[], + const uint16_t transform_count) { - int err = 0; - uint16_t i; - uint16_t transform_max; - struct hip_esp_transform transform_param; - - transform_max = hip_get_transform_max(HIP_PARAM_ESP_TRANSFORM); - - /* Check that the maximum number of transforms is not overflowed */ - if (transform_max > 0 && transform_count > transform_max) { - err = -E2BIG; - HIP_ERROR("Too many transforms (%d) for type %d.\n", - transform_count, HIP_PARAM_ESP_TRANSFORM); - goto out_err; - } - - transform_param.reserved = 0; - - /* Copy and convert transforms to network byte order. */ - for(i = 0; i < transform_count; i++) { - transform_param.suite_id[i] = htons(transform_suite[i]); - } - - hip_set_param_type((struct hip_tlv_common *) &transform_param, HIP_PARAM_ESP_TRANSFORM); - hip_calc_param_len((struct hip_tlv_common *) &transform_param, - 2+transform_count * sizeof(hip_transform_suite_t)); - err = hip_build_param(msg, &transform_param); - - out_err: - return err; + int err = 0; + uint16_t i; + uint16_t transform_max; + struct hip_esp_transform transform_param; + + transform_max = hip_get_transform_max(HIP_PARAM_ESP_TRANSFORM); + + /* Check that the maximum number of transforms is not overflowed */ + if (transform_max > 0 && transform_count > transform_max) { + err = -E2BIG; + HIP_ERROR("Too many transforms (%d) for type %d.\n", + transform_count, HIP_PARAM_ESP_TRANSFORM); + goto out_err; + } + + transform_param.reserved = 0; + + /* Copy and convert transforms to network byte order. */ + for (i = 0; i < transform_count; i++) { + transform_param.suite_id[i] = htons(transform_suite[i]); + } + + hip_set_param_type((struct hip_tlv_common *) &transform_param, + HIP_PARAM_ESP_TRANSFORM); + hip_calc_param_len((struct hip_tlv_common *) &transform_param, + 2 + transform_count * sizeof(hip_transform_suite_t)); + err = hip_build_param(msg, &transform_param); + +out_err: + return err; } /** @@ -2911,38 +2969,39 @@ * @return zero on success, or negative on error */ int hip_build_param_hip_transform(struct hip_common *msg, - const hip_transform_suite_t transform_suite[], - const uint16_t transform_count) + const hip_transform_suite_t transform_suite[], + const uint16_t transform_count) { - int err = 0; - uint16_t i; - uint16_t transform_max; - struct hip_hip_transform transform_param; - - transform_max = hip_get_transform_max(HIP_PARAM_HIP_TRANSFORM); - - - /* Check that the maximum number of transforms is not overflowed */ - if (transform_max > 0 && transform_count > transform_max) { - err = -E2BIG; - HIP_ERROR("Too many transforms (%d) for type %d.\n", - transform_count, HIP_PARAM_HIP_TRANSFORM); - goto out_err; - } - - - /* Copy and convert transforms to network byte order. */ - for(i = 0; i < transform_count; i++) { - transform_param.suite_id[i] = htons(transform_suite[i]); - } - - hip_set_param_type((struct hip_tlv_common *) &transform_param, HIP_PARAM_HIP_TRANSFORM); - hip_calc_param_len((struct hip_tlv_common *) &transform_param, - transform_count * sizeof(hip_transform_suite_t)); - err = hip_build_param(msg, &transform_param); - - out_err: - return err; + int err = 0; + uint16_t i; + uint16_t transform_max; + struct hip_hip_transform transform_param; + + transform_max = hip_get_transform_max(HIP_PARAM_HIP_TRANSFORM); + + + /* Check that the maximum number of transforms is not overflowed */ + if (transform_max > 0 && transform_count > transform_max) { + err = -E2BIG; + HIP_ERROR("Too many transforms (%d) for type %d.\n", + transform_count, HIP_PARAM_HIP_TRANSFORM); + goto out_err; + } + + + /* Copy and convert transforms to network byte order. */ + for (i = 0; i < transform_count; i++) { + transform_param.suite_id[i] = htons(transform_suite[i]); + } + + hip_set_param_type((struct hip_tlv_common *) &transform_param, + HIP_PARAM_HIP_TRANSFORM); + hip_calc_param_len((struct hip_tlv_common *) &transform_param, + transform_count * sizeof(hip_transform_suite_t)); + err = hip_build_param(msg, &transform_param); + +out_err: + return err; } /** @@ -2953,59 +3012,59 @@ * @return the suite id on transform_tlv on index * @todo Remove index and rename. */ -hip_transform_suite_t hip_get_param_transform_suite_id( - const void *transform_tlv, const uint16_t index) +hip_transform_suite_t hip_get_param_transform_suite_id(const void *transform_tlv, + const uint16_t index) { - /** @todo Why do we have hip_select_esp_transform separately? */ - - /* RFC 5201 chapter 6.9.: - The I2 MUST have a single value in the HIP_TRANSFORM parameter, - which MUST match one of the values offered to the Initiator in - the R1 packet. Does this function check this? - -Lauri 01.08.2008. */ - hip_tlv_type_t type; - uint16_t supported_hip_tf[] = { HIP_HIP_NULL_SHA1, - HIP_HIP_3DES_SHA1, - HIP_HIP_AES_SHA1}; - uint16_t supported_esp_tf[] = { HIP_ESP_NULL_SHA1, - HIP_ESP_3DES_SHA1, - HIP_ESP_AES_SHA1 }; - uint16_t *table = NULL; - uint16_t *tfm; - int table_n = 0, pkt_tfms = 0, i; - - _HIP_DEBUG("tfm len = %d\n", hip_get_param_contents_len(transform_tlv)); - - type = hip_get_param_type(transform_tlv); - if (type == HIP_PARAM_HIP_TRANSFORM) { - table = supported_hip_tf; - table_n = sizeof(supported_hip_tf)/sizeof(uint16_t); - tfm = (void *)transform_tlv+sizeof(struct hip_tlv_common); - pkt_tfms = hip_get_param_contents_len(transform_tlv)/sizeof(uint16_t); - } else if (type == HIP_PARAM_ESP_TRANSFORM) { - table = supported_esp_tf; - table_n = sizeof(supported_esp_tf)/sizeof(uint16_t); - tfm = (void *)transform_tlv+sizeof(struct hip_tlv_common)+sizeof(uint16_t); - pkt_tfms = (hip_get_param_contents_len(transform_tlv)-sizeof(uint16_t))/sizeof(uint16_t); - } else { - HIP_ERROR("Invalid type %u\n", type); - return 0; - } - - for (i = 0; i < pkt_tfms; i++, tfm++) { - int j; - _HIP_DEBUG("testing pkt tfm=%u\n", ntohs(*tfm)); - for (j = 0; j < table_n; j++) { - if (ntohs(*tfm) == table[j]) { - _HIP_DEBUG("found supported tfm %u, pkt tlv index of tfm=%d\n", - table[j], i); - return table[j]; - } - } - } - HIP_ERROR("Usable suite not found.\n"); - - return 0; + /** @todo Why do we have hip_select_esp_transform separately? */ + + /* RFC 5201 chapter 6.9.: + * The I2 MUST have a single value in the HIP_TRANSFORM parameter, + * which MUST match one of the values offered to the Initiator in + * the R1 packet. Does this function check this? + * -Lauri 01.08.2008. */ + hip_tlv_type_t type; + uint16_t supported_hip_tf[] = { HIP_HIP_NULL_SHA1, + HIP_HIP_3DES_SHA1, + HIP_HIP_AES_SHA1}; + uint16_t supported_esp_tf[] = { HIP_ESP_NULL_SHA1, + HIP_ESP_3DES_SHA1, + HIP_ESP_AES_SHA1 }; + uint16_t *table = NULL; + uint16_t *tfm; + int table_n = 0, pkt_tfms = 0, i; + + _HIP_DEBUG("tfm len = %d\n", hip_get_param_contents_len(transform_tlv)); + + type = hip_get_param_type(transform_tlv); + if (type == HIP_PARAM_HIP_TRANSFORM) { + table = supported_hip_tf; + table_n = sizeof(supported_hip_tf) / sizeof(uint16_t); + tfm = (void *) transform_tlv + sizeof(struct hip_tlv_common); + pkt_tfms = hip_get_param_contents_len(transform_tlv) / sizeof(uint16_t); + } else if (type == HIP_PARAM_ESP_TRANSFORM) { + table = supported_esp_tf; + table_n = sizeof(supported_esp_tf) / sizeof(uint16_t); + tfm = (void *) transform_tlv + sizeof(struct hip_tlv_common) + sizeof(uint16_t); + pkt_tfms = (hip_get_param_contents_len(transform_tlv) - sizeof(uint16_t)) / sizeof(uint16_t); + } else { + HIP_ERROR("Invalid type %u\n", type); + return 0; + } + + for (i = 0; i < pkt_tfms; i++, tfm++) { + int j; + _HIP_DEBUG("testing pkt tfm=%u\n", ntohs(*tfm)); + for (j = 0; j < table_n; j++) { + if (ntohs(*tfm) == table[j]) { + _HIP_DEBUG("found supported tfm %u, pkt tlv index of tfm=%d\n", + table[j], i); + return table[j]; + } + } + } + HIP_ERROR("Usable suite not found.\n"); + + return 0; } #ifndef __KERNEL__ @@ -3019,39 +3078,41 @@ * @return 0 on success, otherwise < 0. */ int hip_build_param_locator(struct hip_common *msg, - struct hip_locator_info_addr_item *addresses, - int address_count) + struct hip_locator_info_addr_item *addresses, + int address_count) { - int err = 0; - struct hip_locator *locator_info = NULL; - int addrs_len = address_count * - (sizeof(struct hip_locator_info_addr_item)); - - HIP_IFE(!(locator_info = - malloc(sizeof(struct hip_locator) + addrs_len)), -1); - - hip_set_param_type((struct hip_tlv_common *) locator_info, HIP_PARAM_LOCATOR); - hip_calc_generic_param_len((struct hip_tlv_common *) locator_info, - sizeof(struct hip_locator), - addrs_len); - _HIP_DEBUG("params size=%d\n", sizeof(struct hip_locator) - - sizeof(struct hip_tlv_common) + - addrs_len); - - memcpy(locator_info + 1, addresses, addrs_len); - HIP_IFE(hip_build_param(msg, locator_info), -1); - - _HIP_DEBUG("msgtotlen=%d addrs_len=%d\n", hip_get_msg_total_len(msg), - addrs_len); - //if (addrs_len > 0) - // memcpy((void *)msg+hip_get_msg_total_len(msg)-addrs_len, - // addresses, addrs_len); - - out_err: - if (locator_info) - free(locator_info); - return err; + int err = 0; + struct hip_locator *locator_info = NULL; + int addrs_len = address_count * (sizeof(struct hip_locator_info_addr_item)); + + HIP_IFE(!(locator_info = malloc(sizeof(struct hip_locator) + addrs_len)), -1); + + hip_set_param_type((struct hip_tlv_common *) locator_info, HIP_PARAM_LOCATOR); + + hip_calc_generic_param_len((struct hip_tlv_common *) locator_info, + sizeof(struct hip_locator), + addrs_len); + + _HIP_DEBUG("params size=%d\n", sizeof(struct hip_locator) - + sizeof(struct hip_tlv_common) + + addrs_len); + + memcpy(locator_info + 1, addresses, addrs_len); + HIP_IFE(hip_build_param(msg, locator_info), -1); + + _HIP_DEBUG("msgtotlen=%d addrs_len=%d\n", hip_get_msg_total_len(msg), + addrs_len); + //if (addrs_len > 0) + // memcpy((void *)msg+hip_get_msg_total_len(msg)-addrs_len, + // addresses, addrs_len); + +out_err: + if (locator_info) { + free(locator_info); + } + return err; } + #endif /* !__KERNEL__ */ /** @@ -3070,53 +3131,69 @@ * * @return 0 on success, otherwise < 0. */ -int hip_build_param_keys(struct hip_common *msg, uint16_t operation_id, - uint16_t alg_id, struct in6_addr *addr, - struct in6_addr *hit, struct in6_addr *peer_hit, uint32_t spi, uint32_t spi_old, - uint16_t key_len, struct hip_crypto_key *enc) +int hip_build_param_keys(struct hip_common *msg, + uint16_t operation_id, + uint16_t alg_id, + struct in6_addr *addr, + struct in6_addr *hit, + struct in6_addr *peer_hit, + uint32_t spi, + uint32_t spi_old, + uint16_t key_len, + struct hip_crypto_key *enc) { - int err = 0; - struct hip_keys keys; - - hip_set_param_type((struct hip_tlv_common *) &keys, HIP_PARAM_KEYS); - hip_calc_generic_param_len((struct hip_tlv_common *) &keys, sizeof(struct hip_keys), 0); - - - memcpy((struct in6_addr *)&keys.address, addr, 16); - memcpy((struct in6_addr *)&keys.hit, hit, 16); - memcpy((struct in6_addr *)&keys.peer_hit, peer_hit, 16); - keys.operation = htons(operation_id); - keys.alg_id = htons(alg_id); - keys.spi = htonl(spi); - keys.spi_old = htonl(spi_old); - keys.key_len = htons(key_len); - memcpy(&keys.enc, enc, sizeof(struct hip_crypto_key)); - - err = hip_build_param(msg, &keys); - return err; + int err = 0; + struct hip_keys keys; + + hip_set_param_type((struct hip_tlv_common *) &keys, HIP_PARAM_KEYS); + hip_calc_generic_param_len((struct hip_tlv_common *) &keys, + sizeof(struct hip_keys), + 0); + + + memcpy((struct in6_addr *) &keys.address, addr, 16); + memcpy((struct in6_addr *) &keys.hit, hit, 16); + memcpy((struct in6_addr *) &keys.peer_hit, peer_hit, 16); + keys.operation = htons(operation_id); + keys.alg_id = htons(alg_id); + keys.spi = htonl(spi); + keys.spi_old = htonl(spi_old); + keys.key_len = htons(key_len); + memcpy(&keys.enc, enc, sizeof(struct hip_crypto_key)); + + err = hip_build_param(msg, &keys); + return err; } -int hip_build_param_keys_hdr(struct hip_keys *keys, uint16_t operation_id, - uint16_t alg_id, struct in6_addr *addr, - struct in6_addr *hit, struct in6_addr *peer_hit, uint32_t spi, uint32_t spi_old, - uint16_t key_len, struct hip_crypto_key *enc) +int hip_build_param_keys_hdr(struct hip_keys *keys, + uint16_t operation_id, + uint16_t alg_id, + struct in6_addr *addr, + struct in6_addr *hit, + struct in6_addr *peer_hit, + uint32_t spi, + uint32_t spi_old, + uint16_t key_len, + struct hip_crypto_key *enc) { - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) keys, HIP_PARAM_KEYS); - hip_calc_generic_param_len((struct hip_tlv_common *) keys, sizeof(struct hip_keys), 0); - - memcpy((struct in6_addr *)keys->address, addr, 16); - memcpy((struct in6_addr *)keys->hit, hit, 16); - memcpy((struct in6_addr *)keys->peer_hit, peer_hit, 16); - keys->operation = htons(operation_id); - keys->alg_id = htons(alg_id); - keys->spi = htonl(spi); - keys->spi_old = htonl(spi_old); - keys->key_len = htons(key_len); - memcpy(&keys->enc, enc, sizeof(struct hip_crypto_key)); - - return err; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) keys, HIP_PARAM_KEYS); + hip_calc_generic_param_len((struct hip_tlv_common *) keys, + sizeof(struct hip_keys), + 0); + + memcpy((struct in6_addr *) keys->address, addr, 16); + memcpy((struct in6_addr *) keys->hit, hit, 16); + memcpy((struct in6_addr *) keys->peer_hit, peer_hit, 16); + keys->operation = htons(operation_id); + keys->alg_id = htons(alg_id); + keys->spi = htonl(spi); + keys->spi_old = htonl(spi_old); + keys->key_len = htons(key_len); + memcpy(&keys->enc, enc, sizeof(struct hip_crypto_key)); + + return err; } /** @@ -3128,14 +3205,16 @@ */ int hip_build_param_seq(struct hip_common *msg, uint32_t update_id) { - int err = 0; - struct hip_seq seq; + int err = 0; + struct hip_seq seq; - hip_set_param_type((struct hip_tlv_common *) &seq, HIP_PARAM_SEQ); - hip_calc_generic_param_len((struct hip_tlv_common *) &seq, sizeof(struct hip_seq), 0); - seq.update_id = htonl(update_id); - err = hip_build_param(msg, &seq); - return err; + hip_set_param_type((struct hip_tlv_common *) &seq, HIP_PARAM_SEQ); + hip_calc_generic_param_len((struct hip_tlv_common *) &seq, + sizeof(struct hip_seq), + 0); + seq.update_id = htonl(update_id); + err = hip_build_param(msg, &seq); + return err; } /** @@ -3147,15 +3226,18 @@ */ int hip_build_param_ack(struct hip_common *msg, uint32_t peer_update_id) { - int err = 0; - struct hip_ack ack; + int err = 0; + struct hip_ack ack; - hip_set_param_type((struct hip_tlv_common *) &ack, HIP_PARAM_ACK); - hip_calc_generic_param_len((struct hip_tlv_common *) &ack, sizeof(struct hip_ack), 0); - ack.peer_update_id = htonl(peer_update_id); - err = hip_build_param(msg, &ack); - return err; + hip_set_param_type((struct hip_tlv_common *) &ack, HIP_PARAM_ACK); + hip_calc_generic_param_len((struct hip_tlv_common *) &ack, + sizeof(struct hip_ack), + 0); + ack.peer_update_id = htonl(peer_update_id); + err = hip_build_param(msg, &ack); + return err; } + #ifndef __KERNEL__ /** * hip_build_param_esp_prot_mode - build and append ESP PROT transform parameter @@ -3164,31 +3246,33 @@ * * @return 0 on success, otherwise < 0. */ -int hip_build_param_esp_prot_transform(struct hip_common *msg, int num_transforms, - uint8_t *transforms) +int hip_build_param_esp_prot_transform(struct hip_common *msg, + int num_transforms, + uint8_t *transforms) { - struct esp_prot_preferred_tfms prot_transforms; - int err = 0, i; - - hip_set_param_type((struct hip_tlv_common *) &prot_transforms, HIP_PARAM_ESP_PROT_TRANSFORMS); - - /* note: the length cannot be calculated with calc_param_len() */ - hip_set_param_contents_len((struct hip_tlv_common *) &prot_transforms, (num_transforms + 1) * sizeof(uint8_t)); - - prot_transforms.num_transforms = num_transforms; - HIP_DEBUG("added num_transforms: %u\n", prot_transforms.num_transforms); - - for (i = 0; i < prot_transforms.num_transforms; i++) - { - prot_transforms.transforms[i] = transforms[i]; - HIP_DEBUG("added transform %i: %u\n", i + 1, transforms[i]); - } - - err = hip_build_generic_param(msg, &prot_transforms, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&prot_transforms)); - - return err; + struct esp_prot_preferred_tfms prot_transforms; + int err = 0, i; + + hip_set_param_type((struct hip_tlv_common *) &prot_transforms, + HIP_PARAM_ESP_PROT_TRANSFORMS); + + /* note: the length cannot be calculated with calc_param_len() */ + hip_set_param_contents_len((struct hip_tlv_common *) &prot_transforms, + (num_transforms + 1) * sizeof(uint8_t)); + + prot_transforms.num_transforms = num_transforms; + HIP_DEBUG("added num_transforms: %u\n", prot_transforms.num_transforms); + + for (i = 0; i < prot_transforms.num_transforms; i++) { + prot_transforms.transforms[i] = transforms[i]; + HIP_DEBUG("added transform %i: %u\n", i + 1, transforms[i]); + } + + err = hip_build_generic_param(msg, + &prot_transforms, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&prot_transforms)); + return err; } /** @@ -3201,62 +3285,68 @@ * * @return 0 on success, otherwise < 0. */ -int hip_build_param_esp_prot_anchor(struct hip_common *msg, uint8_t transform, - unsigned char *active_anchor, unsigned char *next_anchor, int hash_length, - int hash_item_length) +int hip_build_param_esp_prot_anchor(struct hip_common *msg, + uint8_t transform, + unsigned char *active_anchor, + unsigned char *next_anchor, + int hash_length, + int hash_item_length) { - int err = 0; - //unsigned char *anchors = NULL; - struct esp_prot_anchor esp_anchor; - - HIP_ASSERT(msg != NULL); - // NULL-active_anchor only allowed for UNUSED-transform - HIP_ASSERT((!transform && !active_anchor) || (transform && active_anchor)); - // next_anchor might be NULL - - // set parameter type - hip_set_param_type((struct hip_tlv_common *) &esp_anchor, HIP_PARAM_ESP_PROT_ANCHOR); - - // set parameter values - esp_anchor.transform = transform; - esp_anchor.hash_item_length = htonl(hash_item_length); - - // distinguish UNUSED from any other case - if (!transform) - { - // send 1 byte of 0 per anchor in UNUSED case - hash_length = 1; - - memset(&esp_anchor.anchors[0], 0, hash_length); - memset(&esp_anchor.anchors[hash_length], 0, hash_length); - - } else - { - memcpy(&esp_anchor.anchors[0], active_anchor, hash_length); - - // send 0 if next_anchor not present - if (next_anchor != NULL) - memcpy(&esp_anchor.anchors[hash_length], next_anchor, hash_length); - else - memset(&esp_anchor.anchors[hash_length], 0, hash_length); - } - - hip_set_param_contents_len((struct hip_tlv_common *) &esp_anchor, sizeof(uint8_t) + sizeof(uint32_t) + - 2 * hash_length); - - err = hip_build_generic_param(msg, &esp_anchor, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&esp_anchor)); - - HIP_DEBUG("added esp protection transform: %u\n", transform); - HIP_DEBUG("added hash item length: %u\n", hash_item_length); - HIP_HEXDUMP("added esp protection active_anchor: ", &esp_anchor.anchors[0], - hash_length); - HIP_HEXDUMP("added esp protection next_anchor: ", - &esp_anchor.anchors[hash_length], hash_length); - - return err; + int err = 0; + //unsigned char *anchors = NULL; + struct esp_prot_anchor esp_anchor; + + HIP_ASSERT(msg != NULL); + // NULL-active_anchor only allowed for UNUSED-transform + HIP_ASSERT((!transform && !active_anchor) || (transform && active_anchor)); + // next_anchor might be NULL + + // set parameter type + hip_set_param_type((struct hip_tlv_common *) &esp_anchor, HIP_PARAM_ESP_PROT_ANCHOR); + + // set parameter values + esp_anchor.transform = transform; + esp_anchor.hash_item_length = htonl(hash_item_length); + + // distinguish UNUSED from any other case + if (!transform) { + // send 1 byte of 0 per anchor in UNUSED case + hash_length = 1; + + memset(&esp_anchor.anchors[0], 0, hash_length); + memset(&esp_anchor.anchors[hash_length], 0, hash_length); + } else { + memcpy(&esp_anchor.anchors[0], active_anchor, hash_length); + + // send 0 if next_anchor not present + if (next_anchor != NULL) { + memcpy(&esp_anchor.anchors[hash_length], next_anchor, hash_length); + } else { + memset(&esp_anchor.anchors[hash_length], 0, hash_length); + } + } + + hip_set_param_contents_len((struct hip_tlv_common *) &esp_anchor, + sizeof(uint8_t) + sizeof(uint32_t) + 2 + * hash_length); + + err = hip_build_generic_param(msg, + &esp_anchor, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&esp_anchor)); + + HIP_DEBUG("added esp protection transform: %u\n", transform); + HIP_DEBUG("added hash item length: %u\n", hash_item_length); + HIP_HEXDUMP("added esp protection active_anchor: ", + &esp_anchor.anchors[0], + hash_length); + HIP_HEXDUMP("added esp protection next_anchor: ", + &esp_anchor.anchors[hash_length], + hash_length); + + return err; } + #endif /** * hip_build_param_unit_test - build and insert an unit test parameter @@ -3269,109 +3359,122 @@ * * @return 0 on success, otherwise < 0. */ -int hip_build_param_unit_test(struct hip_common *msg, uint16_t suiteid, - uint16_t caseid) -{ - int err = 0; - struct hip_unit_test ut; - - hip_set_param_type((struct hip_tlv_common *) &ut, HIP_PARAM_UNIT_TEST); - hip_calc_generic_param_len((struct hip_tlv_common *) &ut, sizeof(struct hip_unit_test), 0); - ut.suiteid = htons(suiteid); - ut.caseid = htons(caseid); - - err = hip_build_param(msg, &ut); - return err; -} - -int hip_build_param_esp_prot_branch(struct hip_common *msg, int anchor_offset, - int branch_length, unsigned char *branch_nodes) -{ - int err = 0; - struct esp_prot_branch branch; - - HIP_ASSERT(msg != NULL); - HIP_ASSERT(anchor_offset >= 0); - HIP_ASSERT(branch_length > 0); - HIP_ASSERT(branch_nodes != NULL); - - // set parameter type - hip_set_param_type((struct hip_tlv_common *) &branch, HIP_PARAM_ESP_PROT_BRANCH); - - // set parameter values - branch.anchor_offset = htonl(anchor_offset); - branch.branch_length = htonl(branch_length); - memcpy(&branch.branch_nodes[0], branch_nodes, branch_length); - - hip_set_param_contents_len((struct hip_tlv_common *) &branch, 2 * sizeof(uint32_t) + branch_length); - - err = hip_build_generic_param(msg, &branch, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&branch)); - - HIP_DEBUG("added esp anchor offset: %u\n", branch.anchor_offset); - HIP_DEBUG("added esp branch length: %u\n", branch.branch_length); - HIP_HEXDUMP("added esp branch: ", &branch.branch_nodes[0], branch_length); - - return err; -} - -int hip_build_param_esp_prot_secret(struct hip_common *msg, int secret_length, - unsigned char *secret) -{ - int err = 0; - struct esp_prot_secret esp_secret; - - HIP_ASSERT(msg != NULL); - HIP_ASSERT(secret_length > 0); - HIP_ASSERT(secret != NULL); - - // set parameter type - hip_set_param_type((struct hip_tlv_common *) &esp_secret, HIP_PARAM_ESP_PROT_SECRET); - - // set parameter values - esp_secret.secret_length = secret_length; - memcpy(&esp_secret.secret[0], secret, secret_length); - - hip_set_param_contents_len((struct hip_tlv_common *) &esp_secret, sizeof(uint8_t) + secret_length); - - err = hip_build_generic_param(msg, &esp_secret, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&esp_secret)); - - HIP_DEBUG("added esp secret length: %u\n", esp_secret.secret_length); - HIP_HEXDUMP("added esp secret: ", &esp_secret.secret[0], secret_length); - - return err; -} - -int hip_build_param_esp_prot_root(struct hip_common *msg, uint8_t root_length, - unsigned char *root) -{ - int err = 0; - struct esp_prot_root esp_root; - - HIP_ASSERT(msg != NULL); - HIP_ASSERT(root_length > 0); - HIP_ASSERT(root != NULL); - - // set parameter type - hip_set_param_type((struct hip_tlv_common *) &esp_root, HIP_PARAM_ESP_PROT_ROOT); - - // set parameter values - esp_root.root_length = root_length; - memcpy(&esp_root.root[0], root, root_length); - - hip_set_param_contents_len((struct hip_tlv_common *) &esp_root, sizeof(uint8_t) + root_length); - - err = hip_build_generic_param(msg, &esp_root, - sizeof(struct hip_tlv_common), - hip_get_param_contents_direct(&esp_root)); - - HIP_DEBUG("added esp root length: %u\n", esp_root.root_length); - HIP_HEXDUMP("added esp root: ", &esp_root.root[0], root_length); - - return err; +int hip_build_param_unit_test(struct hip_common *msg, + uint16_t suiteid, + uint16_t caseid) +{ + int err = 0; + struct hip_unit_test ut; + + hip_set_param_type((struct hip_tlv_common *) &ut, HIP_PARAM_UNIT_TEST); + hip_calc_generic_param_len((struct hip_tlv_common *) &ut, + sizeof(struct hip_unit_test), + 0); + ut.suiteid = htons(suiteid); + ut.caseid = htons(caseid); + + err = hip_build_param(msg, &ut); + return err; +} + +int hip_build_param_esp_prot_branch(struct hip_common *msg, + int anchor_offset, + int branch_length, + unsigned char *branch_nodes) +{ + int err = 0; + struct esp_prot_branch branch; + + HIP_ASSERT(msg != NULL); + HIP_ASSERT(anchor_offset >= 0); + HIP_ASSERT(branch_length > 0); + HIP_ASSERT(branch_nodes != NULL); + + // set parameter type + hip_set_param_type((struct hip_tlv_common *) &branch, HIP_PARAM_ESP_PROT_BRANCH); + + // set parameter values + branch.anchor_offset = htonl(anchor_offset); + branch.branch_length = htonl(branch_length); + memcpy(&branch.branch_nodes[0], branch_nodes, branch_length); + + hip_set_param_contents_len((struct hip_tlv_common *) &branch, 2 + * sizeof(uint32_t) + branch_length); + + err = hip_build_generic_param(msg, + &branch, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&branch)); + + HIP_DEBUG("added esp anchor offset: %u\n", branch.anchor_offset); + HIP_DEBUG("added esp branch length: %u\n", branch.branch_length); + HIP_HEXDUMP("added esp branch: ", &branch.branch_nodes[0], branch_length); + + return err; +} + +int hip_build_param_esp_prot_secret(struct hip_common *msg, + int secret_length, + unsigned char *secret) +{ + int err = 0; + struct esp_prot_secret esp_secret; + + HIP_ASSERT(msg != NULL); + HIP_ASSERT(secret_length > 0); + HIP_ASSERT(secret != NULL); + + // set parameter type + hip_set_param_type((struct hip_tlv_common *) &esp_secret, HIP_PARAM_ESP_PROT_SECRET); + + // set parameter values + esp_secret.secret_length = secret_length; + memcpy(&esp_secret.secret[0], secret, secret_length); + + hip_set_param_contents_len((struct hip_tlv_common *) &esp_secret, + sizeof(uint8_t) + secret_length); + + err = hip_build_generic_param(msg, &esp_secret, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&esp_secret)); + + HIP_DEBUG("added esp secret length: %u\n", esp_secret.secret_length); + HIP_HEXDUMP("added esp secret: ", &esp_secret.secret[0], secret_length); + + return err; +} + +int hip_build_param_esp_prot_root(struct hip_common *msg, + uint8_t root_length, + unsigned char *root) +{ + int err = 0; + struct esp_prot_root esp_root; + + HIP_ASSERT(msg != NULL); + HIP_ASSERT(root_length > 0); + HIP_ASSERT(root != NULL); + + // set parameter type + hip_set_param_type((struct hip_tlv_common *) &esp_root, + HIP_PARAM_ESP_PROT_ROOT); + + // set parameter values + esp_root.root_length = root_length; + memcpy(&esp_root.root[0], root, root_length); + + hip_set_param_contents_len((struct hip_tlv_common *) &esp_root, + sizeof(uint8_t) + root_length); + + err = hip_build_generic_param(msg, + &esp_root, + sizeof(struct hip_tlv_common), + hip_get_param_contents_direct(&esp_root)); + + HIP_DEBUG("added esp root length: %u\n", esp_root.root_length); + HIP_HEXDUMP("added esp root: ", &esp_root.root[0], root_length); + + return err; } /** @@ -3386,26 +3489,33 @@ * * @return zero on success, or negative on failure */ -int hip_build_param_esp_info(struct hip_common *msg, uint16_t keymat_index, - uint32_t old_spi, uint32_t new_spi) +int hip_build_param_esp_info(struct hip_common *msg, + uint16_t keymat_index, + uint32_t old_spi, + uint32_t new_spi) { - int err = 0; - struct hip_esp_info esp_info; - _HIP_DEBUG("Add SPI old: 0x%x (nwbo: 0x%x), new: 0x%x (nwbo: 0x%x)\n", - old_spi, htonl(old_spi), new_spi, htonl(new_spi)); - hip_set_param_type((struct hip_tlv_common *) &esp_info, HIP_PARAM_ESP_INFO); - hip_calc_generic_param_len((struct hip_tlv_common *) &esp_info, sizeof(struct hip_esp_info), 0); - esp_info.reserved = htonl(0); - esp_info.keymat_index = htons(keymat_index); - esp_info.old_spi = htonl(old_spi); - esp_info.new_spi = htonl(new_spi); - _HIP_DEBUG("esp param old: 0x%x , new: 0x%x \n", - esp_info.old_spi, esp_info.new_spi); - - _HIP_DEBUG("keymat index = %d\n", keymat_index); - _HIP_HEXDUMP("esp_info:", &esp_info, sizeof(struct hip_esp_info)); - err = hip_build_param(msg, &esp_info); - return err; + int err = 0; + struct hip_esp_info esp_info; + _HIP_DEBUG("Add SPI old: 0x%x (nwbo: 0x%x), new: 0x%x (nwbo: 0x%x)\n", + old_spi, htonl(old_spi), new_spi, htonl(new_spi)); + hip_set_param_type((struct hip_tlv_common *) &esp_info, HIP_PARAM_ESP_INFO); + + hip_calc_generic_param_len((struct hip_tlv_common *) &esp_info, + sizeof(struct hip_esp_info), + 0); + + esp_info.reserved = htonl(0); + esp_info.keymat_index = htons(keymat_index); + esp_info.old_spi = htonl(old_spi); + esp_info.new_spi = htonl(new_spi); + + _HIP_DEBUG("esp param old: 0x%x , new: 0x%x \n", + esp_info.old_spi, esp_info.new_spi); + _HIP_DEBUG("keymat index = %d\n", keymat_index); + _HIP_HEXDUMP("esp_info:", &esp_info, sizeof(struct hip_esp_info)); + + err = hip_build_param(msg, &esp_info); + return err; } #if 0 @@ -3421,16 +3531,17 @@ */ int hip_build_param_spi(struct hip_common *msg, uint32_t spi) { - int err = 0; - struct hip_spi hspi; - - hip_set_param_type((struct hip_tlv_common *) &hspi, HIP_PARAM_ESP_INFO); - hip_calc_generic_param_len((struct hip_tlv_common *) &hspi, sizeof(struct hip_spi), 0); - hspi.spi = htonl(spi); - - err = hip_build_param(msg, &hspi); - return err; + int err = 0; + struct hip_spi hspi; + + hip_set_param_type((struct hip_tlv_common *) &hspi, HIP_PARAM_ESP_INFO); + hip_calc_generic_param_len((struct hip_tlv_common *) &hspi, sizeof(struct hip_spi), 0); + hspi.spi = htonl(spi); + + err = hip_build_param(msg, &hspi); + return err; } + #endif @@ -3438,11 +3549,11 @@ * */ /*int hip_build_param_encrypted(struct hip_common *msg, - struct hip_tlv_common *param) -{ - //TODO - return 0; -}*/ + * struct hip_tlv_common *param) + * { + * //TODO + * return 0; + * }*/ /** @@ -3458,23 +3569,23 @@ * Returns: zero on success, or negative on failure */ int hip_build_param_encrypted_3des_sha1(struct hip_common *msg, - struct hip_tlv_common *param) + struct hip_tlv_common *param) { - int err = 0; - struct hip_encrypted_3des_sha1 enc; - - hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); - hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - - sizeof(struct hip_tlv_common) + - hip_get_param_total_len(param)); - enc.reserved = htonl(0); - memset(&enc.iv, 0, 8); - - /* copy the IV *IF* needed, and then the encrypted data */ - - err = hip_build_generic_param(msg, &enc, sizeof(enc), param); - - return err; + int err = 0; + struct hip_encrypted_3des_sha1 enc; + + hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); + hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - + sizeof(struct hip_tlv_common) + + hip_get_param_total_len(param)); + enc.reserved = htonl(0); + memset(&enc.iv, 0, 8); + + /* copy the IV *IF* needed, and then the encrypted data */ + + err = hip_build_generic_param(msg, &enc, sizeof(enc), param); + + return err; } /** @@ -3490,113 +3601,122 @@ * Returns: zero on success, or negative on failure */ int hip_build_param_encrypted_null_sha1(struct hip_common *msg, - struct hip_tlv_common *param) + struct hip_tlv_common *param) { - int err = 0; - struct hip_encrypted_null_sha1 enc; - - hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); - hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - - sizeof(struct hip_tlv_common) + - hip_get_param_total_len(param)); - enc.reserved = htonl(0); - - /* copy the IV *IF* needed, and then the encrypted data */ - - err = hip_build_generic_param(msg, &enc, sizeof(enc), param); - - return err; + int err = 0; + struct hip_encrypted_null_sha1 enc; + + hip_set_param_type((struct hip_tlv_common *) &enc, HIP_PARAM_ENCRYPTED); + hip_calc_param_len((struct hip_tlv_common *) &enc, sizeof(enc) - + sizeof(struct hip_tlv_common) + + hip_get_param_total_len(param)); + enc.reserved = htonl(0); + + /* copy the IV *IF* needed, and then the encrypted data */ + + err = hip_build_generic_param(msg, &enc, sizeof(enc), param); + + return err; } void hip_build_param_host_id_hdr(struct hip_host_id *host_id_hdr, - const char *hostname, - hip_tlv_len_t rr_data_len, + const char *hostname, + hip_tlv_len_t rr_data_len, uint8_t algorithm) { - uint16_t hi_len = sizeof(struct hip_host_id_key_rdata) + rr_data_len; - uint16_t fqdn_len; - /* reserve 1 byte for NULL termination */ - if (hostname) - fqdn_len = (strlen(hostname) + 1) & 0x0FFF; - else - fqdn_len = 0; - - host_id_hdr->hi_length = htons(hi_len); - /* length = 12 bits, di_type = 4 bits */ - host_id_hdr->di_type_length = htons(fqdn_len | 0x1000); - /* if the length is 0, then the type should also be zero */ - if (host_id_hdr->di_type_length == ntohs(0x1000)) - host_id_hdr->di_type_length = 0; - - hip_set_param_type((struct hip_tlv_common *) host_id_hdr, HIP_PARAM_HOST_ID); - hip_calc_generic_param_len((struct hip_tlv_common *) host_id_hdr, sizeof(struct hip_host_id), 0); - - host_id_hdr->rdata.flags = htons(0x0202); /* key is for a host */ - - /* RFC 4034 obsoletes RFC 2535 and flags field differ */ - host_id_hdr->rdata.protocol = 0xFF; /* RFC 2535 */ - /* algo is 8 bits, no htons */ - host_id_hdr->rdata.algorithm = algorithm; - - _HIP_DEBUG("hilen=%d totlen=%d contlen=%d\n", - ntohs(host_id_hdr->hi_length), - hip_get_param_contents_len(host_id_hdr), - hip_get_param_total_len(host_id_hdr)); + uint16_t hi_len = sizeof(struct hip_host_id_key_rdata) + rr_data_len; + uint16_t fqdn_len; + /* reserve 1 byte for NULL termination */ + if (hostname) { + fqdn_len = (strlen(hostname) + 1) & 0x0FFF; + } else { + fqdn_len = 0; + } + + host_id_hdr->hi_length = htons(hi_len); + /* length = 12 bits, di_type = 4 bits */ + host_id_hdr->di_type_length = htons(fqdn_len | 0x1000); + /* if the length is 0, then the type should also be zero */ + if (host_id_hdr->di_type_length == ntohs(0x1000)) { + host_id_hdr->di_type_length = 0; + } + + hip_set_param_type((struct hip_tlv_common *) host_id_hdr, HIP_PARAM_HOST_ID); + hip_calc_generic_param_len((struct hip_tlv_common *) host_id_hdr, + sizeof(struct hip_host_id), + 0); + + host_id_hdr->rdata.flags = htons(0x0202); /* key is for a host */ + + /* RFC 4034 obsoletes RFC 2535 and flags field differ */ + host_id_hdr->rdata.protocol = 0xFF; /* RFC 2535 */ + /* algo is 8 bits, no htons */ + host_id_hdr->rdata.algorithm = algorithm; + + _HIP_DEBUG("hilen=%d totlen=%d contlen=%d\n", + ntohs(host_id_hdr->hi_length), + hip_get_param_contents_len(host_id_hdr), + hip_get_param_total_len(host_id_hdr)); } void hip_build_param_host_id_only(struct hip_host_id *host_id, - const void *rr_data, - const char *fqdn) + const void *rr_data, + const char *fqdn) { - unsigned int rr_len = ntohs(host_id->hi_length) - - sizeof(struct hip_host_id_key_rdata); - uint16_t fqdn_len; - - _HIP_DEBUG("hi len: %d\n", ntohs(host_id->hi_length)); - _HIP_DEBUG("Copying %d bytes\n", rr_len); - - memcpy(host_id->key, rr_data, rr_len); - - fqdn_len = ntohs(host_id->di_type_length) & 0x0FFF; - _HIP_DEBUG("fqdn len: %d\n", fqdn_len); - if (fqdn_len) - memcpy(host_id->hostname, fqdn, fqdn_len); + unsigned int rr_len = ntohs(host_id->hi_length) - + sizeof(struct hip_host_id_key_rdata); + uint16_t fqdn_len; + + _HIP_DEBUG("hi len: %d\n", ntohs(host_id->hi_length)); + _HIP_DEBUG("Copying %d bytes\n", rr_len); + + memcpy(host_id->key, rr_data, rr_len); + + fqdn_len = ntohs(host_id->di_type_length) & 0x0FFF; + _HIP_DEBUG("fqdn len: %d\n", fqdn_len); + if (fqdn_len) { + memcpy(host_id->hostname, fqdn, fqdn_len); + } } void hip_build_param_host_id_hdr_priv(struct hip_host_id_priv *host_id_hdr, - const char *hostname, - hip_tlv_len_t rr_data_len, - uint8_t algorithm) + const char *hostname, + hip_tlv_len_t rr_data_len, + uint8_t algorithm) { - uint16_t hi_len = sizeof(struct hip_host_id_key_rdata) + rr_data_len; - uint16_t fqdn_len; - /* reserve 1 byte for NULL termination */ - if (hostname) - fqdn_len = (strlen(hostname) + 1) & 0x0FFF; - else - fqdn_len = 0; - - host_id_hdr->hi_length = htons(hi_len); - /* length = 12 bits, di_type = 4 bits */ - host_id_hdr->di_type_length = htons(fqdn_len | 0x1000); - /* if the length is 0, then the type should also be zero */ - if (host_id_hdr->di_type_length == ntohs(0x1000)) - host_id_hdr->di_type_length = 0; - - hip_set_param_type((struct hip_tlv_common *) host_id_hdr, HIP_PARAM_HOST_ID); - hip_calc_generic_param_len((struct hip_tlv_common *) host_id_hdr, sizeof(struct hip_host_id_priv), 0); - - host_id_hdr->rdata.flags = htons(0x0202); /* key is for a host */ - - /* RFC 4034 obsoletes RFC 2535 and flags field differ */ - host_id_hdr->rdata.protocol = 0xFF; /* RFC 2535 */ - /* algo is 8 bits, no htons */ - host_id_hdr->rdata.algorithm = algorithm; - - _HIP_DEBUG("hilen=%d totlen=%d contlen=%d\n", - ntohs(host_id_hdr->hi_length), - hip_get_param_contents_len(host_id_hdr), - hip_get_param_total_len(host_id_hdr)); + uint16_t hi_len = sizeof(struct hip_host_id_key_rdata) + rr_data_len; + uint16_t fqdn_len; + /* reserve 1 byte for NULL termination */ + if (hostname) { + fqdn_len = (strlen(hostname) + 1) & 0x0FFF; + } else { + fqdn_len = 0; + } + + host_id_hdr->hi_length = htons(hi_len); + /* length = 12 bits, di_type = 4 bits */ + host_id_hdr->di_type_length = htons(fqdn_len | 0x1000); + /* if the length is 0, then the type should also be zero */ + if (host_id_hdr->di_type_length == ntohs(0x1000)) { + host_id_hdr->di_type_length = 0; + } + + hip_set_param_type((struct hip_tlv_common *) host_id_hdr, HIP_PARAM_HOST_ID); + hip_calc_generic_param_len((struct hip_tlv_common *) host_id_hdr, + sizeof(struct hip_host_id_priv), + 0); + + host_id_hdr->rdata.flags = htons(0x0202); /* key is for a host */ + + /* RFC 4034 obsoletes RFC 2535 and flags field differ */ + host_id_hdr->rdata.protocol = 0xFF; /* RFC 2535 */ + /* algo is 8 bits, no htons */ + host_id_hdr->rdata.algorithm = algorithm; + + _HIP_DEBUG("hilen=%d totlen=%d contlen=%d\n", + ntohs(host_id_hdr->hi_length), + hip_get_param_contents_len(host_id_hdr), + hip_get_param_total_len(host_id_hdr)); } /** @@ -3606,90 +3726,93 @@ * */ int hip_build_param_host_id(struct hip_common *msg, - struct hip_host_id *host_id_hdr, - const void *rr_data, - const char *fqdn) + struct hip_host_id *host_id_hdr, + const void *rr_data, + const char *fqdn) { - int err = 0; - hip_build_param_host_id_only(host_id_hdr, rr_data, fqdn); - err = hip_build_param(msg, host_id_hdr); - return err; + int err = 0; + hip_build_param_host_id_only(host_id_hdr, rr_data, fqdn); + err = hip_build_param(msg, host_id_hdr); + return err; } int hip_build_param_hostname(struct hip_common *msg, const char *hostname) { - struct hip_tlv_common param; - size_t namelen; - - hip_set_param_type(¶m, HIP_PARAM_HOSTNAME); - - namelen = strlen(hostname) + 1; - if(namelen > HIP_HOST_ID_HOSTNAME_LEN_MAX) - { - namelen = HIP_HOST_ID_HOSTNAME_LEN_MAX; - } - - hip_set_param_contents_len((struct hip_tlv_common *) ¶m, - namelen); - - return hip_build_generic_param(msg, ¶m, - sizeof(struct hip_tlv_common), hostname); + struct hip_tlv_common param; + size_t namelen; + + hip_set_param_type(¶m, HIP_PARAM_HOSTNAME); + + namelen = strlen(hostname) + 1; + if (namelen > HIP_HOST_ID_HOSTNAME_LEN_MAX) { + namelen = HIP_HOST_ID_HOSTNAME_LEN_MAX; + } + + hip_set_param_contents_len((struct hip_tlv_common *) ¶m, + namelen); + + return hip_build_generic_param(msg, + ¶m, + sizeof(struct hip_tlv_common), + hostname); } -int hip_get_param_host_id_di_type_len(struct hip_host_id *host, char **id, int *len) +int hip_get_param_host_id_di_type_len(struct hip_host_id *host, + char **id, + int *len) { - int type; - static char *debuglist[3] = {"none", "FQDN", "NAI"}; - - type = ntohs(host->di_type_length); - *len = type & 0x0FFF; - type = (type & 0xF000) >> 12; - - if (type > 2) { - HIP_ERROR("Illegal DI-type: %d\n",type); - return -1; - } - - *id = debuglist[type]; - return 0; + int type; + static char *debuglist[3] = {"none", "FQDN", "NAI"}; + + type = ntohs(host->di_type_length); + *len = type & 0x0FFF; + type = (type & 0xF000) >> 12; + + if (type > 2) { + HIP_ERROR("Illegal DI-type: %d\n", type); + return -1; + } + + *id = debuglist[type]; + return 0; } char *hip_get_param_host_id_hostname(struct hip_host_id *hostid) { - return hostid->hostname; + return hostid->hostname; } int hip_build_param_eid_endpoint_from_host_id(struct hip_common *msg, - const struct endpoint_hip *endpoint) + const struct endpoint_hip *endpoint) { - int err = 0; - - HIP_ASSERT(!(endpoint->flags & HIP_ENDPOINT_FLAG_HIT)); - - err = hip_build_param_contents(msg, endpoint, HIP_PARAM_EID_ENDPOINT, - endpoint->length); - return err; + int err = 0; + + HIP_ASSERT(!(endpoint->flags & HIP_ENDPOINT_FLAG_HIT)); + + err = hip_build_param_contents(msg, endpoint, HIP_PARAM_EID_ENDPOINT, + endpoint->length); + return err; } int hip_build_param_eid_endpoint_from_hit(struct hip_common *msg, - const struct endpoint_hip *endpoint) + const struct endpoint_hip *endpoint) { - struct hip_eid_endpoint eid_endpoint; - int err = 0; - - HIP_ASSERT(endpoint->flags & HIP_ENDPOINT_FLAG_HIT); - - hip_set_param_type((struct hip_tlv_common *) &eid_endpoint, HIP_PARAM_EID_ENDPOINT); - - hip_calc_param_len((struct hip_tlv_common *) &eid_endpoint, - sizeof(struct hip_eid_endpoint) - - sizeof (struct hip_tlv_common)); - - memcpy(&eid_endpoint.endpoint, endpoint, sizeof(struct endpoint_hip)); - - err = hip_build_param(msg, &eid_endpoint); - - return err; + struct hip_eid_endpoint eid_endpoint; + int err = 0; + + HIP_ASSERT(endpoint->flags & HIP_ENDPOINT_FLAG_HIT); + + hip_set_param_type((struct hip_tlv_common *) &eid_endpoint, HIP_PARAM_EID_ENDPOINT); + + hip_calc_param_len((struct hip_tlv_common *) &eid_endpoint, + sizeof(struct hip_eid_endpoint) - + sizeof(struct hip_tlv_common)); + + memcpy(&eid_endpoint.endpoint, endpoint, sizeof(struct endpoint_hip)); + + err = hip_build_param(msg, &eid_endpoint); + + return err; } /* @@ -3703,61 +3826,61 @@ * parameter need to be padded in the builder interface. */ int hip_build_param_eid_endpoint(struct hip_common *msg, - const struct endpoint_hip *endpoint) + const struct endpoint_hip *endpoint) { - int err = 0; - - if (endpoint->flags & HIP_ENDPOINT_FLAG_HIT) { - err = hip_build_param_eid_endpoint_from_hit(msg, endpoint); - } else { - err = hip_build_param_eid_endpoint_from_host_id(msg, endpoint); - } - - return err; + int err = 0; + + if (endpoint->flags & HIP_ENDPOINT_FLAG_HIT) { + err = hip_build_param_eid_endpoint_from_hit(msg, endpoint); + } else { + err = hip_build_param_eid_endpoint_from_host_id(msg, endpoint); + } + + return err; } int hip_build_param_eid_iface(struct hip_common *msg, - hip_eid_iface_type_t if_index) + hip_eid_iface_type_t if_index) { - int err = 0; - struct hip_eid_iface param; - - hip_set_param_type((struct hip_tlv_common *) ¶m, HIP_PARAM_EID_IFACE); - hip_calc_generic_param_len((struct hip_tlv_common *) ¶m, sizeof(param), 0); - param.if_index = htons(if_index); - err = hip_build_param(msg, ¶m); - - return err; + int err = 0; + struct hip_eid_iface param; + + hip_set_param_type((struct hip_tlv_common *) ¶m, HIP_PARAM_EID_IFACE); + hip_calc_generic_param_len((struct hip_tlv_common *) ¶m, sizeof(param), 0); + param.if_index = htons(if_index); + err = hip_build_param(msg, ¶m); + + return err; } int hip_build_param_eid_sockaddr(struct hip_common *msg, struct sockaddr *sockaddr, size_t sockaddr_len) { - int err = 0; - _HIP_DEBUG("build family=%d, len=%d\n", sockaddr->sa_family, - sockaddr_len); - err = hip_build_param_contents(msg, sockaddr, HIP_PARAM_EID_SOCKADDR, - sockaddr_len); - return err; + int err = 0; + _HIP_DEBUG("build family=%d, len=%d\n", sockaddr->sa_family, + sockaddr_len); + err = hip_build_param_contents(msg, sockaddr, HIP_PARAM_EID_SOCKADDR, + sockaddr_len); + return err; } int hip_build_param_cert(struct hip_common *msg, uint8_t group, uint8_t count, - uint8_t id, uint8_t type, void *data, size_t size) + uint8_t id, uint8_t type, void *data, size_t size) { - struct hip_cert cert; - int err; - - hip_set_param_type((struct hip_tlv_common *) &cert, HIP_PARAM_CERT); - hip_calc_param_len((struct hip_tlv_common *) &cert, sizeof(struct hip_cert) - - sizeof(struct hip_tlv_common) + size); - cert.cert_group = group; - cert.cert_count = count; - cert.cert_id = id; - cert.cert_type = type; - err = hip_build_generic_param(msg, &cert, sizeof(struct hip_cert), data); - - return err; + struct hip_cert cert; + int err; + + hip_set_param_type((struct hip_tlv_common *) &cert, HIP_PARAM_CERT); + hip_calc_param_len((struct hip_tlv_common *) &cert, sizeof(struct hip_cert) - + sizeof(struct hip_tlv_common) + size); + cert.cert_group = group; + cert.cert_count = count; + cert.cert_id = id; + cert.cert_type = type; + + err = hip_build_generic_param(msg, &cert, sizeof(struct hip_cert), data); + return err; } /** @@ -3773,57 +3896,64 @@ * @return zero on success, or negative on failure */ int hip_build_param_notification(struct hip_common *msg, uint16_t msgtype, - void *data, size_t data_len) + void *data, size_t data_len) { - int err = 0; - struct hip_notification notification; - - hip_set_param_type((struct hip_tlv_common *) ¬ification, HIP_PARAM_NOTIFICATION); - hip_calc_param_len((struct hip_tlv_common *) ¬ification, sizeof(struct hip_notification) - - sizeof(struct hip_tlv_common) + - data_len); - notification.reserved = 0; - notification.msgtype = htons(msgtype); - - err = hip_build_generic_param(msg, ¬ification, - sizeof(struct hip_notification), - data); - return err; + int err = 0; + struct hip_notification notification; + + hip_set_param_type((struct hip_tlv_common *) ¬ification, HIP_PARAM_NOTIFICATION); + hip_calc_param_len((struct hip_tlv_common *) ¬ification, + sizeof(struct hip_notification) + - sizeof(struct hip_tlv_common) + data_len); + notification.reserved = 0; + notification.msgtype = htons(msgtype); + + err = hip_build_generic_param(msg, + ¬ification, + sizeof(struct hip_notification), + data); + return err; } int hip_build_param_blind_nonce(struct hip_common *msg, uint16_t nonce) { - struct hip_blind_nonce param; - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) ¶m, HIP_PARAM_BLIND_NONCE); - hip_calc_generic_param_len((struct hip_tlv_common *) ¶m, sizeof(param), 0); - param.nonce = htons(nonce); - err = hip_build_param(msg, ¶m); - - return err; + struct hip_blind_nonce param; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) ¶m, HIP_PARAM_BLIND_NONCE); + hip_calc_generic_param_len((struct hip_tlv_common *) ¶m, + sizeof(param), + 0); + param.nonce = htons(nonce); + err = hip_build_param(msg, ¶m); + + return err; } -int hip_build_param_heartbeat(struct hip_common *msg, int seconds) { - int err = 0; - struct hip_heartbeat heartbeat; - hip_set_param_type((struct hip_tlv_common *) &heartbeat, HIP_PARAM_HEARTBEAT); - hip_calc_param_len((struct hip_tlv_common *) &heartbeat, sizeof(struct hip_heartbeat) - - sizeof(struct hip_tlv_common)); - memcpy(&heartbeat.heartbeat, &seconds, sizeof(seconds)); - err = hip_build_param(msg, &heartbeat); +int hip_build_param_heartbeat(struct hip_common *msg, int seconds) +{ + int err = 0; + struct hip_heartbeat heartbeat; + hip_set_param_type((struct hip_tlv_common *) &heartbeat, + HIP_PARAM_HEARTBEAT); + hip_calc_param_len((struct hip_tlv_common *) &heartbeat, + sizeof(struct hip_heartbeat) + - sizeof(struct hip_tlv_common)); + memcpy(&heartbeat.heartbeat, &seconds, sizeof(seconds)); + err = hip_build_param(msg, &heartbeat); - return err; + return err; } int hip_build_param_transform_order(struct hip_common *msg, int order) { int err = 0; struct hip_transformation_order transorder; - hip_set_param_type((struct hip_tlv_common *) &transorder, HIP_PARAM_TRANSFORM_ORDER); + hip_set_param_type((struct hip_tlv_common *) &transorder, + HIP_PARAM_TRANSFORM_ORDER); hip_calc_param_len((struct hip_tlv_common *) &transorder, - sizeof(struct hip_transformation_order) - - sizeof(struct hip_tlv_common)); + sizeof(struct hip_transformation_order) + - sizeof(struct hip_tlv_common)); transorder.transorder = order; err = hip_build_param(msg, &transorder); return err; @@ -3833,354 +3963,419 @@ { int err = 0; struct hip_opendht_set name_info; - hip_set_param_type((struct hip_tlv_common *) &name_info, HIP_PARAM_OPENDHT_SET); + hip_set_param_type((struct hip_tlv_common *) &name_info, + HIP_PARAM_OPENDHT_SET); hip_calc_param_len((struct hip_tlv_common *) &name_info, - sizeof(struct hip_opendht_set) - - sizeof(struct hip_tlv_common)); + sizeof(struct hip_opendht_set) + - sizeof(struct hip_tlv_common)); strcpy(name_info.name, name); err = hip_build_param(msg, &name_info); return err; } int hip_build_param_opendht_gw_info(struct hip_common *msg, - struct in6_addr *addr, - uint32_t ttl, - uint16_t port, - char* host_name) + struct in6_addr *addr, + uint32_t ttl, + uint16_t port, + char *host_name) { - int err = 0; - struct hip_opendht_gw_info gw_info; + int err = 0; + struct hip_opendht_gw_info gw_info; - hip_set_param_type((struct hip_tlv_common *) &gw_info, HIP_PARAM_OPENDHT_GW_INFO); - hip_calc_param_len((struct hip_tlv_common *) &gw_info, - sizeof(struct hip_opendht_gw_info) - - sizeof(struct hip_tlv_common)); - gw_info.ttl = ttl; - gw_info.port = htons(port); - //added +1 because the \0 was not being copied at the end of the string - if (host_name != NULL) - memcpy(&gw_info.host_name, host_name, strlen(host_name) + 1); - else - memset(&gw_info.host_name, '\0', sizeof(gw_info.host_name)); - ipv6_addr_copy(&gw_info.addr, addr); - err = hip_build_param(msg, &gw_info); - return err; + hip_set_param_type((struct hip_tlv_common *) &gw_info, + HIP_PARAM_OPENDHT_GW_INFO); + hip_calc_param_len((struct hip_tlv_common *) &gw_info, + sizeof(struct hip_opendht_gw_info) + - sizeof(struct hip_tlv_common)); + gw_info.ttl = ttl; + gw_info.port = htons(port); + //added +1 because the \0 was not being copied at the end of the string + if (host_name != NULL) { + memcpy(&gw_info.host_name, host_name, strlen(host_name) + 1); + } else { + memset(&gw_info.host_name, '\0', sizeof(gw_info.host_name)); + } + ipv6_addr_copy(&gw_info.addr, addr); + err = hip_build_param(msg, &gw_info); + return err; } #ifndef __KERNEL__ -int hip_build_param_cert_spki_info(struct hip_common * msg, - struct hip_cert_spki_info * cert_info) -{ - int err = 0; - struct hip_cert_spki_info local; - memset(&local, '\0', sizeof(struct hip_cert_spki_info)); - memcpy(&local, cert_info, sizeof(struct hip_cert_spki_info)); - hip_set_param_type((struct hip_tlv_common *) &local, HIP_PARAM_CERT_SPKI_INFO); - hip_calc_param_len((struct hip_tlv_common *) &local, - sizeof(struct hip_cert_spki_info) - - sizeof(struct hip_tlv_common)); - _HIP_DEBUG("Param len spki_info %d\n", htons(local.length)); - err = hip_build_param(msg, &local); - return err; -} - -int hip_build_param_cert_x509_req(struct hip_common * msg, - struct in6_addr * addr) -{ - int err = 0; - struct hip_cert_x509_req subj; - - hip_set_param_type((struct hip_tlv_common *) &subj, HIP_PARAM_CERT_X509_REQ); - hip_calc_param_len((struct hip_tlv_common *) &subj, - sizeof(struct hip_cert_x509_req) - - sizeof(struct hip_tlv_common)); - ipv6_addr_copy(&subj.addr, addr); - err = hip_build_param(msg, &subj); - return err; -} - -int hip_build_param_cert_x509_ver(struct hip_common * msg, - char * der, int len) -{ - int err = 0; - struct hip_cert_x509_resp subj; - - hip_set_param_type((struct hip_tlv_common *) &subj, HIP_PARAM_CERT_X509_REQ); - hip_calc_param_len((struct hip_tlv_common *) &subj, - sizeof(struct hip_cert_x509_resp) - - sizeof(struct hip_tlv_common)); - memcpy(&subj.der, der, len); - subj.der_len = len; - err = hip_build_param(msg, &subj); - return err; -} - -int hip_build_param_cert_x509_resp(struct hip_common * msg, - char * der, int len) -{ - int err = 0; - struct hip_cert_x509_resp local; - hip_set_param_type((struct hip_tlv_common *) &local, HIP_PARAM_CERT_X509_RESP); - hip_calc_param_len((struct hip_tlv_common *) &local, - sizeof(struct hip_cert_x509_resp) - - sizeof(struct hip_tlv_common)); - memcpy(&local.der, der, len); - local.der_len = len; - err = hip_build_param(msg, &local); - return err; -} - -int hip_build_param_hip_hdrr_info(struct hip_common * msg, - struct hip_hdrr_info * hdrr_info) -{ - int err = 0; - hip_set_param_type((struct hip_tlv_common *) hdrr_info, HIP_PARAM_HDRR_INFO); - hip_calc_param_len((struct hip_tlv_common *) hdrr_info, - sizeof(struct hip_hdrr_info) - - sizeof(struct hip_tlv_common)); - err = hip_build_param(msg, hdrr_info); - return err; -} - -int hip_build_param_hip_uadb_info(struct hip_common *msg, struct hip_uadb_info *uadb_info) -{ - int err = 0; - hip_set_param_type((struct hip_tlv_common *) uadb_info, HIP_PARAM_UADB_INFO); - hip_calc_param_len((struct hip_tlv_common *) uadb_info, - sizeof(struct hip_uadb_info) - - sizeof(struct hip_tlv_common)); - err = hip_build_param(msg, uadb_info); - return err; +int hip_build_param_cert_spki_info(struct hip_common *msg, + struct hip_cert_spki_info *cert_info) +{ + int err = 0; + struct hip_cert_spki_info local; + memset(&local, '\0', sizeof(struct hip_cert_spki_info)); + memcpy(&local, cert_info, sizeof(struct hip_cert_spki_info)); + hip_set_param_type((struct hip_tlv_common *) &local, + HIP_PARAM_CERT_SPKI_INFO); + hip_calc_param_len((struct hip_tlv_common *) &local, + sizeof(struct hip_cert_spki_info) + - sizeof(struct hip_tlv_common)); + _HIP_DEBUG("Param len spki_info %d\n", htons(local.length)); + err = hip_build_param(msg, &local); + return err; +} + +int hip_build_param_cert_x509_req(struct hip_common *msg, struct in6_addr *addr) +{ + int err = 0; + struct hip_cert_x509_req subj; + + hip_set_param_type((struct hip_tlv_common *) &subj, HIP_PARAM_CERT_X509_REQ); + hip_calc_param_len((struct hip_tlv_common *) &subj, + sizeof(struct hip_cert_x509_req) + - sizeof(struct hip_tlv_common)); + ipv6_addr_copy(&subj.addr, addr); + err = hip_build_param(msg, &subj); + return err; +} + +int hip_build_param_cert_x509_ver(struct hip_common *msg, char *der, int len) +{ + int err = 0; + struct hip_cert_x509_resp subj; + + hip_set_param_type((struct hip_tlv_common *) &subj, HIP_PARAM_CERT_X509_REQ); + hip_calc_param_len((struct hip_tlv_common *) &subj, + sizeof(struct hip_cert_x509_resp) + - sizeof(struct hip_tlv_common)); + memcpy(&subj.der, der, len); + subj.der_len = len; + err = hip_build_param(msg, &subj); + return err; +} + +int hip_build_param_cert_x509_resp(struct hip_common *msg, char *der, int len) +{ + int err = 0; + struct hip_cert_x509_resp local; + hip_set_param_type((struct hip_tlv_common *) &local, + HIP_PARAM_CERT_X509_RESP); + hip_calc_param_len((struct hip_tlv_common *) &local, + sizeof(struct hip_cert_x509_resp) + - sizeof(struct hip_tlv_common)); + memcpy(&local.der, der, len); + local.der_len = len; + err = hip_build_param(msg, &local); + return err; +} + +int hip_build_param_hip_hdrr_info(struct hip_common *msg, + struct hip_hdrr_info *hdrr_info) +{ + int err = 0; + hip_set_param_type((struct hip_tlv_common *) hdrr_info, HIP_PARAM_HDRR_INFO); + hip_calc_param_len((struct hip_tlv_common *) hdrr_info, + sizeof(struct hip_hdrr_info) + - sizeof(struct hip_tlv_common)); + err = hip_build_param(msg, hdrr_info); + return err; +} + +int hip_build_param_hip_uadb_info(struct hip_common *msg, + struct hip_uadb_info *uadb_info) +{ + int err = 0; + hip_set_param_type((struct hip_tlv_common *) uadb_info, HIP_PARAM_UADB_INFO); + hip_calc_param_len((struct hip_tlv_common *) uadb_info, + sizeof(struct hip_uadb_info) + - sizeof(struct hip_tlv_common)); + err = hip_build_param(msg, uadb_info); + return err; } int hip_build_param_hit_to_ip_set(struct hip_common *msg, const char *name) { int err = 0; struct hip_hit_to_ip_set name_info; - hip_set_param_type((struct hip_tlv_common *) &name_info, HIP_PARAM_HIT_TO_IP_SET); + hip_set_param_type((struct hip_tlv_common *) &name_info, + HIP_PARAM_HIT_TO_IP_SET); hip_calc_param_len((struct hip_tlv_common *) &name_info, - sizeof(struct hip_hit_to_ip_set) - - sizeof(struct hip_tlv_common)); + sizeof(struct hip_hit_to_ip_set) + - sizeof(struct hip_tlv_common)); strcpy(name_info.name, name); err = hip_build_param(msg, &name_info); return err; } -int dsa_to_hip_endpoint(DSA *dsa, struct endpoint_hip **endpoint, - se_hip_flags_t endpoint_flags, const char *hostname) -{ - int err = 0; - unsigned char *dsa_key_rr = NULL; - int dsa_key_rr_len; - struct endpoint_hip endpoint_hdr; - - _HIP_DEBUG("dsa_to_hip_endpoint called\n"); - - dsa_key_rr_len = dsa_to_dns_key_rr(dsa, &dsa_key_rr); - if (dsa_key_rr_len <= 0) { - HIP_ERROR("dsa_key_rr_len <= 0\n"); - err = -ENOMEM; - goto out_err; - } - - hip_build_endpoint_hdr(&endpoint_hdr, hostname, endpoint_flags, - HIP_HI_DSA, dsa_key_rr_len); - - *endpoint = malloc(endpoint_hdr.length); - if (!(*endpoint)) { - err = -ENOMEM; - goto out_err; - } - memset(*endpoint, 0, endpoint_hdr.length); - - _HIP_DEBUG("Allocated %d bytes for endpoint\n", endpoint_hdr.length); - hip_build_endpoint(*endpoint, &endpoint_hdr, hostname, - dsa_key_rr, dsa_key_rr_len); - _HIP_HEXDUMP("endpoint contains: ", *endpoint, endpoint_hdr.length); - - out_err: - - if (dsa_key_rr) - free(dsa_key_rr); - - return err; -} - -int rsa_to_hip_endpoint(RSA *rsa, struct endpoint_hip **endpoint, - se_hip_flags_t endpoint_flags, const char *hostname) -{ - int err = 0; - unsigned char *rsa_key_rr = NULL; - int rsa_key_rr_len; - struct endpoint_hip endpoint_hdr; - - HIP_DEBUG("rsa_to_hip_endpoint called\n"); - - rsa_key_rr_len = rsa_to_dns_key_rr(rsa, &rsa_key_rr); - if (rsa_key_rr_len <= 0) { - HIP_ERROR("rsa_key_rr_len <= 0\n"); - err = -ENOMEM; - goto out_err; - } - - hip_build_endpoint_hdr(&endpoint_hdr, hostname, endpoint_flags, - HIP_HI_RSA, rsa_key_rr_len); - - *endpoint = malloc(endpoint_hdr.length); - if (!(*endpoint)) { - err = -ENOMEM; - goto out_err; - } - memset(*endpoint, 0, endpoint_hdr.length); - - _HIP_DEBUG("Allocated %d bytes for endpoint\n", endpoint_hdr.length); - - hip_build_endpoint(*endpoint, &endpoint_hdr, hostname, - rsa_key_rr, rsa_key_rr_len); - - _HIP_HEXDUMP("endpoint contains: ", *endpoint, endpoint_hdr.length); - - out_err: - - if (rsa_key_rr) - free(rsa_key_rr); - - return err; -} +int dsa_to_hip_endpoint(DSA *dsa, + struct endpoint_hip **endpoint, + se_hip_flags_t endpoint_flags, + const char *hostname) +{ + int err = 0; + unsigned char *dsa_key_rr = NULL; + int dsa_key_rr_len; + struct endpoint_hip endpoint_hdr; + + _HIP_DEBUG("dsa_to_hip_endpoint called\n"); + + dsa_key_rr_len = dsa_to_dns_key_rr(dsa, &dsa_key_rr); + if (dsa_key_rr_len <= 0) { + HIP_ERROR("dsa_key_rr_len <= 0\n"); + err = -ENOMEM; + goto out_err; + } + + hip_build_endpoint_hdr(&endpoint_hdr, + hostname, + endpoint_flags, + HIP_HI_DSA, + dsa_key_rr_len); + + *endpoint = malloc(endpoint_hdr.length); + if (!(*endpoint)) { + err = -ENOMEM; + goto out_err; + } + memset(*endpoint, 0, endpoint_hdr.length); + + _HIP_DEBUG("Allocated %d bytes for endpoint\n", endpoint_hdr.length); + hip_build_endpoint(*endpoint, + &endpoint_hdr, + hostname, + dsa_key_rr, + dsa_key_rr_len); + _HIP_HEXDUMP("endpoint contains: ", *endpoint, endpoint_hdr.length); + + out_err: + + if (dsa_key_rr) { + free(dsa_key_rr); + } + + return err; +} + +int rsa_to_hip_endpoint(RSA *rsa, + struct endpoint_hip **endpoint, + se_hip_flags_t endpoint_flags, + const char *hostname) +{ + int err = 0; + unsigned char *rsa_key_rr = NULL; + int rsa_key_rr_len; + struct endpoint_hip endpoint_hdr; + + HIP_DEBUG("rsa_to_hip_endpoint called\n"); + + rsa_key_rr_len = rsa_to_dns_key_rr(rsa, &rsa_key_rr); + if (rsa_key_rr_len <= 0) { + HIP_ERROR("rsa_key_rr_len <= 0\n"); + err = -ENOMEM; + goto out_err; + } + + hip_build_endpoint_hdr(&endpoint_hdr, + hostname, + endpoint_flags, + HIP_HI_RSA, + rsa_key_rr_len); + + *endpoint = malloc(endpoint_hdr.length); + if (!(*endpoint)) { + err = -ENOMEM; + goto out_err; + } + memset(*endpoint, 0, endpoint_hdr.length); + + _HIP_DEBUG("Allocated %d bytes for endpoint\n", endpoint_hdr.length); + + hip_build_endpoint(*endpoint, + &endpoint_hdr, + hostname, + rsa_key_rr, + rsa_key_rr_len); + + _HIP_HEXDUMP("endpoint contains: ", *endpoint, endpoint_hdr.length); + + out_err: + + if (rsa_key_rr) { + free(rsa_key_rr); + } + + return err; +} + #endif int alloc_and_set_host_id_param_hdr(struct hip_host_id **host_id, - unsigned int key_rr_len, - uint8_t algo, - const char *hostname) + unsigned int key_rr_len, + uint8_t algo, + const char *hostname) { - int err = 0; - struct hip_host_id host_id_hdr; - hip_build_param_host_id_hdr(&host_id_hdr, hostname, - key_rr_len, algo); - - *host_id = HIP_MALLOC(hip_get_param_total_len(&host_id_hdr), GFP_ATOMIC); - if (!host_id) { - err = -ENOMEM; - } - - memcpy(*host_id, &host_id_hdr, sizeof(host_id_hdr)); - - return err; + int err = 0; + struct hip_host_id host_id_hdr; + hip_build_param_host_id_hdr(&host_id_hdr, hostname, key_rr_len, algo); + + *host_id = HIP_MALLOC(hip_get_param_total_len(&host_id_hdr), GFP_ATOMIC); + if (!host_id) { + err = -ENOMEM; + } + + memcpy(*host_id, &host_id_hdr, sizeof(host_id_hdr)); + + return err; } int alloc_and_build_param_host_id_only(struct hip_host_id **host_id, - unsigned char *key_rr, int key_rr_len, - int algo, char *hostname) { - int err = 0; - HIP_IFEL(alloc_and_set_host_id_param_hdr(host_id, key_rr_len, algo, - hostname), -1, "alloc\n"); - hip_build_param_host_id_only(*host_id, key_rr, "hostname"); - out_err: - if (err && *host_id) { - *host_id = NULL; - HIP_FREE(host_id); - } - - return err; + unsigned char *key_rr, + int key_rr_len, + int algo, + char *hostname) +{ + int err = 0; + HIP_IFEL(alloc_and_set_host_id_param_hdr(host_id, + key_rr_len, + algo, + hostname), + -1, + "alloc\n"); + + hip_build_param_host_id_only(*host_id, key_rr, "hostname"); + +out_err: + if (err && *host_id) { + *host_id = NULL; + HIP_FREE(host_id); + } + + return err; } #ifndef __KERNEL__ /* Note: public here means that you only have the public key, - not the private */ -int hip_any_key_to_hit(void *any_key, unsigned char *any_key_rr, int hit_type, - hip_hit_t *hit, int is_public, int is_dsa) { - int err = 0, key_rr_len; - unsigned char *key_rr = NULL; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - struct hip_host_id_priv *host_id = NULL; - struct hip_host_id *host_id_pub = NULL; - RSA *rsa_key = (RSA *) any_key; - DSA *dsa_key = (DSA *) any_key; - - memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); - HIP_IFEL(gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1), -1, - "gethostname failed\n"); - - if (is_dsa) { - HIP_IFEL(((key_rr_len = dsa_to_dns_key_rr(dsa_key, &key_rr)) <= 0), -1, - "key_rr_len\n"); - if (is_public) { - HIP_IFEL(!(host_id_pub = malloc(sizeof(struct hip_host_id))), - -ENOMEM, "malloc\n"); - host_id_pub->hi_length = htons(key_rr_len + - sizeof(struct hip_host_id_key_rdata)); - memcpy(&host_id_pub->key, key_rr, key_rr_len); - HIP_IFEL(hip_dsa_host_id_to_hit(host_id_pub, hit, HIP_HIT_TYPE_HASH100), - -1, "conversion from host id to hit failed\n"); - } else { - HIP_IFEL(!(host_id = malloc(sizeof(struct hip_host_id_priv))), - -ENOMEM, "malloc\n"); - host_id->hi_length = htons(key_rr_len + - sizeof(struct hip_host_id_key_rdata)); - memcpy(&host_id->key, key_rr, key_rr_len); - HIP_IFEL(hip_private_dsa_host_id_to_hit(host_id, hit, - HIP_HIT_TYPE_HASH100), - -1, "conversion from host id to hit failed\n"); - } - } else /* rsa */ { - HIP_IFEL(((key_rr_len = rsa_to_dns_key_rr(rsa_key, &key_rr)) <= 0), -1, - "key_rr_len\n"); - if (is_public) { - HIP_IFEL(!(host_id_pub = malloc(sizeof(struct hip_host_id))), - -ENOMEM, "malloc\n"); - host_id_pub->hi_length = htons(key_rr_len + - sizeof(struct hip_host_id_key_rdata)); - memcpy(&host_id_pub->key, key_rr, key_rr_len); - HIP_IFEL(hip_rsa_host_id_to_hit(host_id_pub, hit, HIP_HIT_TYPE_HASH100), - -1, "conversion from host id to hit failed\n"); - } else { - HIP_IFEL(!(host_id = malloc(sizeof(struct hip_host_id_priv))), - -ENOMEM, "malloc\n"); - host_id->hi_length = htons(key_rr_len + - sizeof(struct hip_host_id_key_rdata)); - memcpy(&host_id->key, key_rr, key_rr_len); - HIP_IFEL(hip_private_rsa_host_id_to_hit(host_id, hit, - HIP_HIT_TYPE_HASH100), - -1, "conversion from host id to hit failed\n"); - } - } - - HIP_DEBUG_HIT("hit", hit); - HIP_DEBUG("hi is %s %s\n", (is_public ? "public" : "private"), - (is_dsa ? "dsa" : "rsa")); - - out_err: - - if (key_rr) - HIP_FREE(key_rr); - if (host_id) - HIP_FREE(host_id); - if (host_id_pub) - HIP_FREE(host_id_pub); - - return err; -} - -int hip_public_rsa_to_hit(RSA *rsa_key, unsigned char *rsa, int type, - struct in6_addr *hit) { - return hip_any_key_to_hit(rsa_key, rsa, type, hit, 1, 0); -} - -int hip_private_rsa_to_hit(RSA *rsa_key, unsigned char *rsa, int type, - struct in6_addr *hit) { - return hip_any_key_to_hit(rsa_key, rsa, type, hit, 0, 0); -} - -int hip_public_dsa_to_hit(DSA *dsa_key, unsigned char *dsa, int type, - struct in6_addr *hit) { - return hip_any_key_to_hit(dsa_key, dsa, type, hit, 1, 1); -} - -int hip_private_dsa_to_hit(DSA *dsa_key, unsigned char *dsa, int type, - struct in6_addr *hit) { - return hip_any_key_to_hit(dsa_key, dsa, type, hit, 0, 1); -} + * not the private */ +int hip_any_key_to_hit(void *any_key, + unsigned char *any_key_rr, + int hit_type, + hip_hit_t *hit, + int is_public, + int is_dsa) +{ + int err = 0, key_rr_len; + unsigned char *key_rr = NULL; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + struct hip_host_id_priv *host_id = NULL; + struct hip_host_id *host_id_pub = NULL; + RSA *rsa_key = (RSA *) any_key; + DSA *dsa_key = (DSA *) any_key; + + memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); + HIP_IFEL(gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1), -1, + "gethostname failed\n"); + + if (is_dsa) { + HIP_IFEL(((key_rr_len = dsa_to_dns_key_rr(dsa_key, &key_rr)) <= 0), -1, + "key_rr_len\n"); + if (is_public) { + HIP_IFEL(!(host_id_pub = malloc(sizeof(struct hip_host_id))), + -ENOMEM, "malloc\n"); + host_id_pub->hi_length = htons(key_rr_len + + sizeof(struct hip_host_id_key_rdata)); + memcpy(&host_id_pub->key, key_rr, key_rr_len); + HIP_IFEL(hip_dsa_host_id_to_hit(host_id_pub, hit, HIP_HIT_TYPE_HASH100), + -1, "conversion from host id to hit failed\n"); + } else { + HIP_IFEL(!(host_id = malloc(sizeof(struct hip_host_id_priv))), + -ENOMEM, + "malloc\n"); + + host_id->hi_length = htons(key_rr_len + + sizeof(struct hip_host_id_key_rdata)); + memcpy(&host_id->key, key_rr, key_rr_len); + HIP_IFEL(hip_private_dsa_host_id_to_hit(host_id, hit, + HIP_HIT_TYPE_HASH100), + -1, "conversion from host id to hit failed\n"); + } + } else { /* rsa */ + HIP_IFEL(((key_rr_len = rsa_to_dns_key_rr(rsa_key, &key_rr)) <= 0), -1, + "key_rr_len\n"); + if (is_public) { + HIP_IFEL(!(host_id_pub = malloc(sizeof(struct hip_host_id))), + -ENOMEM, "malloc\n"); + + host_id_pub->hi_length = htons(key_rr_len + + sizeof(struct hip_host_id_key_rdata)); + + memcpy(&host_id_pub->key, key_rr, key_rr_len); + + HIP_IFEL(hip_rsa_host_id_to_hit(host_id_pub, + hit, + HIP_HIT_TYPE_HASH100), + -1, + "conversion from host id to hit failed\n"); + } else { + HIP_IFEL(!(host_id = malloc(sizeof(struct hip_host_id_priv))), + -ENOMEM, + "malloc\n"); + + host_id->hi_length = htons(key_rr_len + + sizeof(struct hip_host_id_key_rdata)); + memcpy(&host_id->key, key_rr, key_rr_len); + + HIP_IFEL(hip_private_rsa_host_id_to_hit(host_id, + hit, + HIP_HIT_TYPE_HASH100), + -1, + "conversion from host id to hit failed\n"); + } + } + + HIP_DEBUG_HIT("hit", hit); + HIP_DEBUG("hi is %s %s\n", (is_public ? "public" : "private"), + (is_dsa ? "dsa" : "rsa")); + +out_err: + + if (key_rr) { + HIP_FREE(key_rr); + } + if (host_id) { + HIP_FREE(host_id); + } + if (host_id_pub) { + HIP_FREE(host_id_pub); + } + + return err; +} + +int hip_public_rsa_to_hit(RSA *rsa_key, + unsigned char *rsa, + int type, + struct in6_addr *hit) +{ + return hip_any_key_to_hit(rsa_key, rsa, type, hit, 1, 0); +} + +int hip_private_rsa_to_hit(RSA *rsa_key, + unsigned char *rsa, + int type, + struct in6_addr *hit) +{ + return hip_any_key_to_hit(rsa_key, rsa, type, hit, 0, 0); +} + +int hip_public_dsa_to_hit(DSA *dsa_key, + unsigned char *dsa, + int type, + struct in6_addr *hit) +{ + return hip_any_key_to_hit(dsa_key, dsa, type, hit, 1, 1); +} + +int hip_private_dsa_to_hit(DSA *dsa_key, + unsigned char *dsa, + int type, + struct in6_addr *hit) +{ + return hip_any_key_to_hit(dsa_key, dsa, type, hit, 0, 1); +} + #endif @@ -4188,30 +4383,31 @@ * * return the amount the locator items(type 1 and 2 are both supproted). * */ -int hip_get_locator_addr_item_count(const struct hip_locator *locator) { - char *address_pointer =(char*) (locator + 1); - int amount = 0; +int hip_get_locator_addr_item_count(const struct hip_locator *locator) +{ + char *address_pointer = (char *) (locator + 1); + int amount = 0; - for(;address_pointer < ((char*)locator) + hip_get_param_contents_len(locator); ) { - if (((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_UDP) { - address_pointer += sizeof(struct hip_locator_info_addr_item2); - amount += 1; - } - else if(((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { - address_pointer += sizeof(struct hip_locator_info_addr_item); - amount += 1; - } - else if(((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { - address_pointer += sizeof(struct hip_locator_info_addr_item); - amount += 1; - } - else - address_pointer += sizeof(struct hip_locator_info_addr_item); - } - return amount; + for (; address_pointer < ((char *) locator) + + hip_get_param_contents_len(locator);) + { + if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_UDP) { + address_pointer += sizeof(struct hip_locator_info_addr_item2); + amount += 1; + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + address_pointer += sizeof(struct hip_locator_info_addr_item); + amount += 1; + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { + address_pointer += sizeof(struct hip_locator_info_addr_item); + amount += 1; + } else { + address_pointer += sizeof(struct hip_locator_info_addr_item); + } + } + return amount; } /** @@ -4222,23 +4418,27 @@ * @param item_list a pointer to the first item in the list * @param index the index of the item in the list */ -union hip_locator_info_addr * hip_get_locator_item(void* item_list, int index){ - int i= 0; - struct hip_locator_info_addr_item *temp; - char *result ; - result = (char*) item_list; - - - for(i=0;i<= index-1;i++){ - temp = (struct hip_locator_info_addr_item*) result; - if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI || - temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6) - result += sizeof(struct hip_locator_info_addr_item); - else - result += sizeof(struct hip_locator_info_addr_item2); - } - _HIP_DEBUG("*****locator %d has offset :%d \n", index, (char*)result - (char*)item_list ); - return (union hip_locator_info_addr *) result; +union hip_locator_info_addr *hip_get_locator_item(void *item_list, int index) +{ + int i = 0; + struct hip_locator_info_addr_item *temp; + char *result; + result = (char *) item_list; + + + for (i = 0; i <= index - 1; i++) { + temp = (struct hip_locator_info_addr_item *) result; + if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI || + temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { + result += sizeof(struct hip_locator_info_addr_item); + } else { + result += sizeof(struct hip_locator_info_addr_item2); + } + } + _HIP_DEBUG("*****locator %d has offset :%d \n", + index, + (char *) result - (char *) item_list); + return (union hip_locator_info_addr *) result; } /** @@ -4250,54 +4450,57 @@ * @param index the index of the item in the list * @note DO NOT GIVE TOO LARGE INDEX */ -struct hip_locator_info_addr_item * hip_get_locator_item_as_one( - struct hip_locator_info_addr_item* item_list, int index){ - - struct hip_locator_info_addr_item * address_pointer; - int i = 0; - struct hip_locator_info_addr_item *item = NULL; +struct hip_locator_info_addr_item *hip_get_locator_item_as_one(struct hip_locator_info_addr_item *item_list, + int index) +{ + struct hip_locator_info_addr_item *address_pointer; + int i = 0; + struct hip_locator_info_addr_item *item = NULL; struct hip_locator_info_addr_item2 *item2 = NULL; address_pointer = item_list; HIP_DEBUG("LOCATOR TYPE %d\n", - ((struct hip_locator_info_addr_item *)address_pointer)->locator_type); + ((struct hip_locator_info_addr_item *) address_pointer)->locator_type); if (index == 0) { - if (((struct hip_locator_info_addr_item *)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_UDP) { - item2 = (struct hip_locator_info_addr_item2 *)address_pointer; - HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *)&item2->address); - } else { - item = (struct hip_locator_info_addr_item *)address_pointer; - HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *)&item->address); - } - return address_pointer; - } - - for(i = 0; i < index; i++) { - if (((struct hip_locator_info_addr_item *)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_UDP) { - address_pointer += sizeof(struct hip_locator_info_addr_item2); - item2 = (struct hip_locator_info_addr_item2 *)address_pointer; - HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *)&item2->address); - } - else if(((struct hip_locator_info_addr_item *)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { - address_pointer += sizeof(struct hip_locator_info_addr_item); - item = (struct hip_locator_info_addr_item *)address_pointer; - HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *)&item->address); - } - else if(((struct hip_locator_info_addr_item *)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { - address_pointer += sizeof(struct hip_locator_info_addr_item); - item = (struct hip_locator_info_addr_item *)address_pointer; - HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *)&item->address); - } - else - address_pointer += sizeof(struct hip_locator_info_addr_item); - } + if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_UDP) { + item2 = (struct hip_locator_info_addr_item2 *) address_pointer; + HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *) &item2->address); + } else { + item = (struct hip_locator_info_addr_item *) address_pointer; + HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *) &item->address); + } + return address_pointer; + } + + for (i = 0; i < index; i++) { + if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_UDP) + { + address_pointer += sizeof(struct hip_locator_info_addr_item2); + item2 = (struct hip_locator_info_addr_item2 *) address_pointer; + HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *) &item2->address); + + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) + { + address_pointer += sizeof(struct hip_locator_info_addr_item); + item = (struct hip_locator_info_addr_item *) address_pointer; + HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *) &item->address); + + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_IPV6) + { + address_pointer += sizeof(struct hip_locator_info_addr_item); + item = (struct hip_locator_info_addr_item *) address_pointer; + HIP_DEBUG_IN6ADDR("LOCATOR", (struct in6_addr *) &item->address); + } else { + address_pointer += sizeof(struct hip_locator_info_addr_item); + } + } return address_pointer; -} +} /** * retreive a IP address from a locator item structure @@ -4305,64 +4508,58 @@ * * @param item a pointer to the item */ -struct in6_addr * hip_get_locator_item_address(void* item){ - - struct hip_locator_info_addr_item *temp; - - - temp = (struct hip_locator_info_addr_item*) item; - if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI){ - return &temp->address; - } else if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6){ - return &temp->address; - } else { - return &((struct hip_locator_info_addr_item2 *)temp)->address; - } - -} - -/** - * retreive a port from a locator item structure - * - * - * @param item a pointer to the item - */ -uint16_t hip_get_locator_item_port(void* item){ - - struct hip_locator_info_addr_item *temp; - - - temp = (struct hip_locator_info_addr_item*) item; - if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI){ - return 0; - } - else { - return ntohs(((struct hip_locator_info_addr_item2 *)temp)->port); - } - -} - - -/** - * retreive a port from a locator item structure - * - * - * @param item a pointer to the item - */ -uint32_t hip_get_locator_item_priority(void* item){ - - struct hip_locator_info_addr_item *temp; - - - temp = (struct hip_locator_info_addr_item*) item; - if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI){ - //todo check the constant value - return HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI_PRIORITY; - } - else { - return ntohl(((struct hip_locator_info_addr_item2 *)temp)->priority); - } - +struct in6_addr *hip_get_locator_item_address(void *item) +{ + struct hip_locator_info_addr_item *temp; + + + temp = (struct hip_locator_info_addr_item *) item; + if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + return &temp->address; + } else if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { + return &temp->address; + } else { + return &((struct hip_locator_info_addr_item2 *) temp)->address; + } +} + +/** + * retreive a port from a locator item structure + * + * + * @param item a pointer to the item + */ +uint16_t hip_get_locator_item_port(void *item) +{ + struct hip_locator_info_addr_item *temp; + + + temp = (struct hip_locator_info_addr_item *) item; + if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + return 0; + } else { + return ntohs(((struct hip_locator_info_addr_item2 *) temp)->port); + } +} + +/** + * retreive a port from a locator item structure + * + * + * @param item a pointer to the item + */ +uint32_t hip_get_locator_item_priority(void *item) +{ + struct hip_locator_info_addr_item *temp; + + + temp = (struct hip_locator_info_addr_item *) item; + if (temp->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + //todo check the constant value + return HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI_PRIORITY; + } else { + return ntohl(((struct hip_locator_info_addr_item2 *) temp)->priority); + } } /** @@ -4378,25 +4575,23 @@ * draft, this is now RELAY_TO. */ int hip_build_param_reg_from(struct hip_common *msg, - const in6_addr_t *addr, - const in_port_t port) + const in6_addr_t *addr, + const in_port_t port) { - - struct hip_reg_from reg_from; - int err = 0; - - hip_set_param_type((struct hip_tlv_common *) ®_from, HIP_PARAM_REG_FROM); - ipv6_addr_copy((struct in6_addr *)®_from.address, addr); - HIP_DEBUG_IN6ADDR("reg_from address is ", ®_from.address); - HIP_DEBUG_IN6ADDR("the given address is ", addr); - reg_from.port = htons(port); - reg_from.reserved = 0; - reg_from.protocol = HIP_NAT_PROTO_UDP; - hip_calc_generic_param_len((struct hip_tlv_common *) ®_from, sizeof(reg_from), 0); - err = hip_build_param(msg, ®_from); - - return err; - + struct hip_reg_from reg_from; + int err = 0; + + hip_set_param_type((struct hip_tlv_common *) ®_from, HIP_PARAM_REG_FROM); + ipv6_addr_copy((struct in6_addr *) ®_from.address, addr); + HIP_DEBUG_IN6ADDR("reg_from address is ", ®_from.address); + HIP_DEBUG_IN6ADDR("the given address is ", addr); + reg_from.port = htons(port); + reg_from.reserved = 0; + reg_from.protocol = HIP_NAT_PROTO_UDP; + hip_calc_generic_param_len((struct hip_tlv_common *) ®_from, sizeof(reg_from), 0); + err = hip_build_param(msg, ®_from); + + return err; } /** @@ -4405,19 +4600,21 @@ * @param msg a pointer to a HIP packet common header * @param port NAT port number * @param param parameter to create. Currently it is either - * HIP_SET_SRC_NAT_PORT or HIP_SET_DST_NAT_PORT - * + * HIP_SET_SRC_NAT_PORT or HIP_SET_DST_NAT_PORT + * * @return zero on success, non-zero otherwise. */ -int hip_build_param_nat_port(hip_common_t *msg, const in_port_t port, hip_tlv_type_t hipparam) +int hip_build_param_nat_port(hip_common_t *msg, + const in_port_t port, + hip_tlv_type_t hipparam) { - int err = 0; - struct hip_port_info nat_port; - - hip_set_param_type((struct hip_tlv_common *) &nat_port, hipparam); - nat_port.port = port; - hip_calc_generic_param_len((struct hip_tlv_common *) &nat_port, sizeof(nat_port), 0); - err = hip_build_param(msg, &nat_port); - - return err; + int err = 0; + struct hip_port_info nat_port; + + hip_set_param_type((struct hip_tlv_common *) &nat_port, hipparam); + nat_port.port = port; + hip_calc_generic_param_len((struct hip_tlv_common *) &nat_port, sizeof(nat_port), 0); + err = hip_build_param(msg, &nat_port); + + return err; } === modified file 'lib/core/builder.c.doxyme' --- lib/core/builder.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/builder.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,7 +45,7 @@ /** - * alloc_and_build_param_host_id_only + * alloc_and_build_param_host_id_only * * * @param host_id @@ -52,36 +53,36 @@ * @param key_rr_len * @param algo * @param hostname - * @return + * @return **/ /** - * alloc_and_set_host_id_param_hdr + * alloc_and_set_host_id_param_hdr * * * @param host_id * @param key_rr_len * @param algo * @param hostname - * @return + * @return **/ /** - * dsa_to_hip_endpoint + * dsa_to_hip_endpoint * * * @param dsa * @param endpoint * @param endpoint_flags * @param hostname - * @return + * @return **/ /** - * hip_any_key_to_hit + * hip_any_key_to_hit * * * @param any_key @@ -90,12 +91,12 @@ * @param hit * @param is_public * @param is_dsa - * @return + * @return **/ /** - * hip_build_endpoint + * hip_build_endpoint * * * @param endpoint @@ -103,12 +104,12 @@ * @param hostname * @param key_rr * @param key_rr_len - * @return + * @return **/ /** - * hip_build_endpoint_hdr + * hip_build_endpoint_hdr * * * @param endpoint_hdr @@ -116,12 +117,12 @@ * @param endpoint_flags * @param host_id_algo * @param rr_data_len - * @return + * @return **/ /** - * hip_build_network_hdr + * hip_build_network_hdr * * * @param msg @@ -129,42 +130,42 @@ * @param control * @param hit_sender * @param hit_receiver - * @return + * @return **/ /** - * hip_build_param + * hip_build_param * * * @param msg * @param tlv_common - * @return + * @return **/ /** - * hip_build_param_ack + * hip_build_param_ack * * * @param msg * @param peer_update_id - * @return + * @return **/ /** - * hip_build_param_blind_nonce + * hip_build_param_blind_nonce * * * @param msg * @param nonce - * @return + * @return **/ /** - * hip_build_param_cert + * hip_build_param_cert * * * @param msg @@ -174,48 +175,48 @@ * @param type * @param data * @param size - * @return - **/ - - -/** - * hip_build_param_cert_spki_info - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_build_param_cert_x509_req - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_build_param_cert_x509_resp - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_build_param_cert_x509_ver - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_build_param_challenge_request + * @return + **/ + + +/** + * hip_build_param_cert_spki_info + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_build_param_cert_x509_req + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_build_param_cert_x509_resp + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_build_param_cert_x509_ver + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_build_param_challenge_request * * * @param msg @@ -223,35 +224,35 @@ * @param lifetime * @param opaque * @param opaque_len - * @return + * @return **/ /** - * hip_build_param_challenge_response + * hip_build_param_challenge_response * * * @param msg * @param pz * @param val_J - * @return + * @return **/ /** - * hip_build_param_contents + * hip_build_param_contents * * * @param msg * @param contents * @param param_type * @param contents_size - * @return + * @return **/ /** - * hip_build_param_diffie_hellman_contents + * hip_build_param_diffie_hellman_contents * * * @param msg @@ -261,12 +262,12 @@ * @param group_id2 * @param pubkey2 * @param pubkey_len2 - * @return + * @return **/ /** - * hip_build_param_echo + * hip_build_param_echo * * * @param msg @@ -274,117 +275,117 @@ * @param len * @param sign * @param request - * @return + * @return **/ /** - * hip_build_param_echo_m + * hip_build_param_echo_m * * * @param msg * @param opaque * @param len * @param request - * @return - **/ - - -/** - * hip_build_param_eid_endpoint - * - * - * @param msg - * @param endpoint - * @return - **/ - - -/** - * hip_build_param_eid_endpoint_from_hit - * - * - * @param msg - * @param endpoint - * @return - **/ - - -/** - * hip_build_param_eid_endpoint_from_host_id - * - * - * @param msg - * @param endpoint - * @return - **/ - - -/** - * hip_build_param_eid_iface + * @return + **/ + + +/** + * hip_build_param_eid_endpoint + * + * + * @param msg + * @param endpoint + * @return + **/ + + +/** + * hip_build_param_eid_endpoint_from_hit + * + * + * @param msg + * @param endpoint + * @return + **/ + + +/** + * hip_build_param_eid_endpoint_from_host_id + * + * + * @param msg + * @param endpoint + * @return + **/ + + +/** + * hip_build_param_eid_iface * * * @param msg * @param if_index - * @return + * @return **/ /** - * hip_build_param_eid_sockaddr + * hip_build_param_eid_sockaddr * * * @param msg * @param sockaddr * @param sockaddr_len - * @return - **/ - - -/** - * hip_build_param_encrypted_3des_sha1 - * - * - * @param msg - * @param param - * @return - **/ - - -/** - * hip_build_param_encrypted_aes_sha1 - * - * - * @param msg - * @param param - * @return - **/ - - -/** - * hip_build_param_encrypted_null_sha1 - * - * - * @param msg - * @param param - * @return - **/ - - -/** - * hip_build_param_esp_info + * @return + **/ + + +/** + * hip_build_param_encrypted_3des_sha1 + * + * + * @param msg + * @param param + * @return + **/ + + +/** + * hip_build_param_encrypted_aes_sha1 + * + * + * @param msg + * @param param + * @return + **/ + + +/** + * hip_build_param_encrypted_null_sha1 + * + * + * @param msg + * @param param + * @return + **/ + + +/** + * hip_build_param_esp_info * * * @param msg * @param keymat_index * @param old_spi * @param new_spi - * @return + * @return **/ /** - * hip_build_param_esp_prot_anchor + * hip_build_param_esp_prot_anchor * * * @param msg @@ -393,174 +394,174 @@ * @param next_anchor * @param hash_length * @param hash_item_length - * @return + * @return **/ /** - * hip_build_param_esp_prot_branch + * hip_build_param_esp_prot_branch * * * @param msg * @param anchor_offset * @param branch_length * @param branch_nodes - * @return + * @return **/ /** - * hip_build_param_esp_prot_root + * hip_build_param_esp_prot_root * * * @param msg * @param root_length * @param root - * @return + * @return **/ /** - * hip_build_param_esp_prot_secret + * hip_build_param_esp_prot_secret * * * @param msg * @param secret_length * @param secret - * @return + * @return **/ /** - * hip_build_param_esp_prot_transform + * hip_build_param_esp_prot_transform * * * @param msg * @param num_transforms * @param transforms - * @return + * @return **/ /** - * hip_build_param_from + * hip_build_param_from * * * @param msg * @param addr * @param not_used - * @return + * @return **/ /** - * hip_build_param_heartbeat + * hip_build_param_heartbeat * * * @param msg * @param seconds - * @return + * @return **/ /** - * hip_build_param_hip_hdrr_info + * hip_build_param_hip_hdrr_info * * * @param autogen.sh - * @return + * @return **/ /** - * hip_build_param_hip_uadb_info + * hip_build_param_hip_uadb_info * * * @param msg * @param uadb_info - * @return + * @return **/ /** - * hip_build_param_hit_to_ip_set + * hip_build_param_hit_to_ip_set * * * @param msg * @param name - * @return + * @return **/ /** - * hip_build_param_hmac + * hip_build_param_hmac * * * @param msg * @param key * @param param_type - * @return + * @return **/ /** - * hip_build_param_hmac2_contents + * hip_build_param_hmac2_contents * * * @param msg * @param key * @param host_id - * @return + * @return **/ /** - * hip_build_param_hmac_contents + * hip_build_param_hmac_contents * * * @param msg * @param key - * @return + * @return **/ /** - * hip_build_param_host_id + * hip_build_param_host_id * * * @param msg * @param host_id_hdr * @param rr_data * @param fqdn - * @return + * @return **/ /** - * hip_build_param_host_id_hdr + * hip_build_param_host_id_hdr * * * @param host_id_hdr * @param hostname * @param rr_data_len * @param algorithm - * @return + * @return **/ /** - * hip_build_param_host_id_only + * hip_build_param_host_id_only * * * @param host_id * @param rr_data * @param fqdn - * @return + * @return **/ /** - * hip_build_param_keys + * hip_build_param_keys * * * @param msg @@ -573,12 +574,12 @@ * @param spi_old * @param key_len * @param enc - * @return + * @return **/ /** - * hip_build_param_keys_hdr + * hip_build_param_keys_hdr * * * @param keys @@ -591,67 +592,67 @@ * @param spi_old * @param key_len * @param enc - * @return + * @return **/ /** - * hip_build_param_locator + * hip_build_param_locator * * * @param msg * @param addresses * @param address_count - * @return + * @return **/ /** - * hip_build_param_nat_pacing + * hip_build_param_nat_pacing * * * @param msg * @param min_ta - * @return + * @return **/ /** - * hip_build_param_nat_port + * hip_build_param_nat_port * * * @param msg * @param port * @param hipparam - * @return + * @return **/ /** - * hip_build_param_nat_transform + * hip_build_param_nat_transform * * * @param msg * @param suite * @param suite_count - * @return + * @return **/ /** - * hip_build_param_notification + * hip_build_param_notification * * * @param msg * @param msgtype * @param data * @param data_len - * @return + * @return **/ /** - * hip_build_param_opendht_gw_info + * hip_build_param_opendht_gw_info * * * @param msg @@ -659,22 +660,22 @@ * @param ttl * @param port * @param host_name - * @return + * @return **/ /** - * hip_build_param_opendht_set + * hip_build_param_opendht_set * * * @param msg * @param name - * @return + * @return **/ /** - * hip_build_param_puzzle + * hip_build_param_puzzle * * * @param msg @@ -682,835 +683,834 @@ * @param lifetime * @param opaque * @param random_i - * @return + * @return **/ /** - * hip_build_param_r1_counter + * hip_build_param_r1_counter * * * @param msg * @param generation - * @return + * @return **/ /** - * hip_build_param_reg_failed + * hip_build_param_reg_failed * * * @param msg * @param failure_type * @param type_list * @param type_count - * @return + * @return **/ /** - * hip_build_param_reg_from + * hip_build_param_reg_from * * * @param msg * @param addr * @param port - * @return + * @return **/ /** - * hip_build_param_reg_info + * hip_build_param_reg_info * * * @param msg * @param srv_list * @param service_count - * @return - **/ - - -/** - * hip_build_param_reg_request - * - * - * @param msg - * @param lifetime - * @param type_list - * @param type_count - * @return - **/ - - -/** - * hip_build_param_reg_response - * - * - * @param msg - * @param lifetime - * @param type_list - * @param type_count - * @return - **/ - - -/** - * hip_build_param_relay_from - * - * - * @param msg - * @param addr - * @param port - * @return - **/ - - -/** - * hip_build_param_relay_to - * - * - * @param msg - * @param addr - * @param port - * @return - **/ - - -/** - * hip_build_param_seq + * @return + **/ + + +/** + * hip_build_param_reg_request + * + * + * @param msg + * @param lifetime + * @param type_list + * @param type_count + * @return + **/ + + +/** + * hip_build_param_reg_response + * + * + * @param msg + * @param lifetime + * @param type_list + * @param type_count + * @return + **/ + + +/** + * hip_build_param_relay_from + * + * + * @param msg + * @param addr + * @param port + * @return + **/ + + +/** + * hip_build_param_relay_to + * + * + * @param msg + * @param addr + * @param port + * @return + **/ + + +/** + * hip_build_param_seq * * * @param msg * @param update_id - * @return - **/ - - -/** - * hip_build_param_signature2_contents - * - * - * @param msg - * @param contents - * @param contents_size - * @param algorithm - * @return - **/ - - -/** - * hip_build_param_signature_contents - * - * - * @param msg - * @param contents - * @param contents_size - * @param algorithm - * @return - **/ - - -/** - * hip_build_param_solution + * @return + **/ + + +/** + * hip_build_param_signature2_contents + * + * + * @param msg + * @param contents + * @param contents_size + * @param algorithm + * @return + **/ + + +/** + * hip_build_param_signature_contents + * + * + * @param msg + * @param contents + * @param contents_size + * @param algorithm + * @return + **/ + + +/** + * hip_build_param_solution * * * @param msg * @param pz * @param val_J - * @return + * @return **/ /** - * hip_build_param_transform + * hip_build_param_transform * * * @param msg * @param transform_type * @param transform_suite[] * @param transform_count - * @return + * @return **/ /** - * hip_build_param_transform_order + * hip_build_param_transform_order * * * @param msg * @param order - * @return + * @return **/ /** - * hip_build_param_unit_test + * hip_build_param_unit_test * * * @param msg * @param suiteid * @param caseid - * @return + * @return **/ /** - * hip_build_param_via_rvs + * hip_build_param_via_rvs * * * @param msg * @param rvs_addresses[] - * @return + * @return **/ /** - * hip_build_user_hdr + * hip_build_user_hdr * * * @param msg * @param base_type * @param err_val - * @return + * @return **/ /** - * hip_calc_generic_param_len + * hip_calc_generic_param_len * * * @param tlv_common * @param tlv_size * @param contents_size - * @return + * @return **/ /** - * hip_calc_hdr_len + * hip_calc_hdr_len * * * @param msg - * @return + * @return **/ /** - * hip_calc_param_len + * hip_calc_param_len * * * @param tlv_common * @param contents_size - * @return - **/ - - -/** - * hip_check_network_msg - * - * - * @param msg - * @return - **/ - - -/** - * hip_check_network_msg_len - * - * - * @param msg - * @return - **/ - - -/** - * hip_check_network_msg_type - * - * - * @param msg - * @return - **/ - - -/** - * hip_check_network_param_attributes - * - * - * @param param - * @return - **/ - - -/** - * hip_check_network_param_type - * - * - * @param param - * @return - **/ - - -/** - * hip_check_param_contents_len - * - * - * @param msg - * @param param - * @return - **/ - - -/** - * hip_check_user_msg_len - * - * - * @param msg - * @return - **/ - - -/** - * hip_check_userspace_msg - * - * - * @param msg - * @return - **/ - - -/** - * hip_check_userspace_param_type - * - * - * @param param - * @return - **/ - - -/** - * hip_checksum_packet + * @return + **/ + + +/** + * hip_check_network_msg + * + * + * @param msg + * @return + **/ + + +/** + * hip_check_network_msg_len + * + * + * @param msg + * @return + **/ + + +/** + * hip_check_network_msg_type + * + * + * @param msg + * @return + **/ + + +/** + * hip_check_network_param_attributes + * + * + * @param param + * @return + **/ + + +/** + * hip_check_network_param_type + * + * + * @param param + * @return + **/ + + +/** + * hip_check_param_contents_len + * + * + * @param msg + * @param param + * @return + **/ + + +/** + * hip_check_user_msg_len + * + * + * @param msg + * @return + **/ + + +/** + * hip_check_userspace_msg + * + * + * @param msg + * @return + **/ + + +/** + * hip_check_userspace_param_type + * + * + * @param param + * @return + **/ + + +/** + * hip_checksum_packet * * * @param data * @param src * @param dst - * @return + * @return **/ /** - * hip_convert_msg_total_len_to_bytes + * hip_convert_msg_total_len_to_bytes * * * @param len - * @return + * @return **/ /** - * hip_create_msg_pseudo_hmac2 + * hip_create_msg_pseudo_hmac2 * * * @param msg * @param msg_copy * @param host_id - * @return + * @return **/ /** - * hip_dh_select_key + * hip_dh_select_key * * * @param dhf - * @return + * @return **/ /** - * hip_dump_msg + * hip_dump_msg * * * @param msg - * @return + * @return **/ /** - * hip_get_host_id_algo + * hip_get_host_id_algo * * * @param host_id - * @return - **/ - - -/** - * hip_get_lifetime_seconds - * - * - * @param lifetime - * @param seconds - * @return - **/ - - -/** - * hip_get_lifetime_value - * - * - * @param seconds - * @param lifetime - * @return - **/ - - -/** - * hip_get_locator_addr_item_count - * - * - * @param locator - * @return - **/ - - -/** - * hip_get_locator_first_addr_item - * - * - * @param locator - * @return - **/ - - -/** - * hip_get_locator_item - * - * - * @param item_list - * @param index - * @return - **/ - - -/** - * hip_get_locator_item_address - * - * - * @param item - * @return - **/ - - -/** - * hip_get_locator_item_as_one - * - * - * @param item_list - * @param index - * @return - **/ - - -/** - * hip_get_locator_item_port - * - * - * @param item - * @return - **/ - - -/** - * hip_get_locator_item_priority - * - * - * @param item - * @return - **/ - - -/** - * hip_get_msg_checksum - * - * - * @param msg - * @return - **/ - - -/** - * hip_get_msg_err - * - * - * @param msg - * @return - **/ - - -/** - * hip_get_msg_response - * - * - * @param msg - * @return - **/ - - -/** - * hip_get_msg_total_len - * - * - * @param msg - * @return - **/ - - -/** - * hip_get_msg_type - * - * - * @param msg - * @return - **/ - - -/** - * hip_get_next_param + * @return + **/ + + +/** + * hip_get_lifetime_seconds + * + * + * @param lifetime + * @param seconds + * @return + **/ + + +/** + * hip_get_lifetime_value + * + * + * @param seconds + * @param lifetime + * @return + **/ + + +/** + * hip_get_locator_addr_item_count + * + * + * @param locator + * @return + **/ + + +/** + * hip_get_locator_first_addr_item + * + * + * @param locator + * @return + **/ + + +/** + * hip_get_locator_item + * + * + * @param item_list + * @param index + * @return + **/ + + +/** + * hip_get_locator_item_address + * + * + * @param item + * @return + **/ + + +/** + * hip_get_locator_item_as_one + * + * + * @param item_list + * @param index + * @return + **/ + + +/** + * hip_get_locator_item_port + * + * + * @param item + * @return + **/ + + +/** + * hip_get_locator_item_priority + * + * + * @param item + * @return + **/ + + +/** + * hip_get_msg_checksum + * + * + * @param msg + * @return + **/ + + +/** + * hip_get_msg_err + * + * + * @param msg + * @return + **/ + + +/** + * hip_get_msg_response + * + * + * @param msg + * @return + **/ + + +/** + * hip_get_msg_total_len + * + * + * @param msg + * @return + **/ + + +/** + * hip_get_msg_type + * + * + * @param msg + * @return + **/ + + +/** + * hip_get_next_param * * * @param msg * @param current_param - * @return + * @return **/ /** - * hip_get_nth_param + * hip_get_nth_param * * * @param msg * @param param_type * @param n - * @return - **/ - - -/** - * hip_get_param - * - * - * @param msg - * @param param_type - * @return - **/ - - -/** - * hip_get_param_contents - * - * - * @param msg - * @param param_type - * @return - **/ - - -/** - * hip_get_param_contents_direct - * - * - * @param tlv_common - * @return - **/ - - -/** - * hip_get_param_contents_len - * - * - * @param tlv_common - * @return - **/ - - -/** - * hip_get_param_host_id_di_type_len + * @return + **/ + + +/** + * hip_get_param + * + * + * @param msg + * @param param_type + * @return + **/ + + +/** + * hip_get_param_contents + * + * + * @param msg + * @param param_type + * @return + **/ + + +/** + * hip_get_param_contents_direct + * + * + * @param tlv_common + * @return + **/ + + +/** + * hip_get_param_contents_len + * + * + * @param tlv_common + * @return + **/ + + +/** + * hip_get_param_host_id_di_type_len * * * @param host * @param libhipandroid * @param len - * @return + * @return **/ /** - * hip_get_param_host_id_hostname + * hip_get_param_host_id_hostname * * * @param hostid - * @return + * @return **/ /** - * hip_get_param_total_len + * hip_get_param_total_len * * * @param tlv_common - * @return + * @return **/ /** - * hip_get_param_transform_suite_id + * hip_get_param_transform_suite_id * * * @param transform_tlv * @param index - * @return + * @return **/ /** - * hip_get_param_type + * hip_get_param_type * * * @param tlv_common - * @return + * @return **/ /** - * hip_get_transform_max + * hip_get_transform_max * * * @param transform_type - * @return - **/ - - -/** - * hip_get_unit_test_case_param_id - * - * - * @param test - * @return - **/ - - -/** - * hip_get_unit_test_suite_param_id - * - * - * @param test - * @return - **/ - - -/** - * hip_host_id_entry_to_endpoint + * @return + **/ + + +/** + * hip_get_unit_test_case_param_id + * + * + * @param test + * @return + **/ + + +/** + * hip_get_unit_test_suite_param_id + * + * + * @param test + * @return + **/ + + +/** + * hip_host_id_entry_to_endpoint * * * @param entry * @param opaq - * @return + * @return **/ /** - * hip_message_type_name + * hip_message_type_name * * * @param msg_type - * @return + * @return **/ /** - * hip_msg_alloc + * hip_msg_alloc * * * @param void - * @return - **/ - - -/** - * hip_msg_free - * - * - * @param msg - * @return - **/ - - -/** - * hip_msg_init - * - * - * @param msg - * @return - **/ - - -/** - * hip_param_type_name + * @return + **/ + + +/** + * hip_msg_free + * + * + * @param msg + * @return + **/ + + +/** + * hip_msg_init + * + * + * @param msg + * @return + **/ + + +/** + * hip_param_type_name * * * @param param_type - * @return - **/ - - -/** - * hip_private_dsa_to_hit - * - * - * @param dsa_key - * @param dsa - * @param type - * @param hit - * @return - **/ - - -/** - * hip_private_rsa_to_hit - * - * - * @param rsa_key - * @param rsa - * @param type - * @param hit - * @return - **/ - - -/** - * hip_public_dsa_to_hit - * - * - * @param dsa_key - * @param dsa - * @param type - * @param hit - * @return - **/ - - -/** - * hip_public_rsa_to_hit - * - * - * @param rsa_key - * @param rsa - * @param type - * @param hit - * @return - **/ - - -/** - * hip_set_msg_checksum + * @return + **/ + + +/** + * hip_private_dsa_to_hit + * + * + * @param dsa_key + * @param dsa + * @param type + * @param hit + * @return + **/ + + +/** + * hip_private_rsa_to_hit + * + * + * @param rsa_key + * @param rsa + * @param type + * @param hit + * @return + **/ + + +/** + * hip_public_dsa_to_hit + * + * + * @param dsa_key + * @param dsa + * @param type + * @param hit + * @return + **/ + + +/** + * hip_public_rsa_to_hit + * + * + * @param rsa_key + * @param rsa + * @param type + * @param hit + * @return + **/ + + +/** + * hip_set_msg_checksum * * * @param msg * @param checksum - * @return + * @return **/ /** - * hip_set_msg_err + * hip_set_msg_err * * * @param msg * @param err - * @return + * @return **/ /** - * hip_set_msg_response + * hip_set_msg_response * * * @param msg * @param on - * @return - **/ - - -/** - * hip_set_msg_total_len - * - * - * @param msg - * @param len - * @return - **/ - - -/** - * hip_set_msg_type - * - * - * @param msg - * @param type - * @return - **/ - - -/** - * hip_set_param_contents_len - * - * - * @param tlv_common - * @param len - * @return - **/ - - -/** - * hip_set_param_type - * - * - * @param tlv_common - * @param type - * @return - **/ - - -/** - * hip_verify_network_header + * @return + **/ + + +/** + * hip_set_msg_total_len + * + * + * @param msg + * @param len + * @return + **/ + + +/** + * hip_set_msg_type + * + * + * @param msg + * @param type + * @return + **/ + + +/** + * hip_set_param_contents_len + * + * + * @param tlv_common + * @param len + * @return + **/ + + +/** + * hip_set_param_type + * + * + * @param tlv_common + * @param type + * @return + **/ + + +/** + * hip_verify_network_header * * * @param hip_common * @param src * @param dst * @param len - * @return + * @return **/ /** - * hip_zero_msg_checksum + * hip_zero_msg_checksum * * * @param msg - * @return + * @return **/ /** - * rsa_to_hip_endpoint + * rsa_to_hip_endpoint * * * @param rsa * @param endpoint * @param endpoint_flags * @param hostname - * @return + * @return **/ - === modified file 'lib/core/builder.h' --- lib/core/builder.h 2010-02-08 15:18:06 +0000 +++ lib/core/builder.h 2010-02-10 23:55:24 +0000 @@ -16,7 +16,7 @@ #endif #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif /* HAVE_CONFIG_H */ #ifdef __KERNEL__ @@ -39,20 +39,32 @@ int hip_build_netlink_dummy_header(struct hip_common *); int hip_build_param_heartbeat(struct hip_common *msg, int seconds); int hip_build_param_transform_order(struct hip_common *msg, int order); -void hip_build_network_hdr(struct hip_common *, uint8_t, uint16_t, - const struct in6_addr *, const struct in6_addr *); -int hip_host_id_hits(hip_ha_t *entry,struct hip_common *msg); +void hip_build_network_hdr(struct hip_common *, + uint8_t, + uint16_t, + const struct in6_addr *, + const struct in6_addr *); +int hip_host_id_hits(hip_ha_t *entry, struct hip_common *msg); int hip_build_param_ack(struct hip_common *, uint32_t); -int hip_build_param_contents(struct hip_common *, const void *, hip_tlv_type_t, +int hip_build_param_contents(struct hip_common *, + const void *, + hip_tlv_type_t, hip_tlv_type_t); int hip_build_param_diffie_hellman_contents(struct hip_common *, - uint8_t, void *, hip_tlv_len_t, - uint8_t, void *, hip_tlv_len_t); + uint8_t, + void *, + hip_tlv_len_t, + uint8_t, + void *, + hip_tlv_len_t); int hip_build_param_echo(struct hip_common *, void *, int, int, int); int hip_build_param_eid_endpoint(struct hip_common *, const struct endpoint_hip *); int hip_build_param_eid_iface(struct hip_common *, hip_eid_iface_type_t); -int hip_build_param_eid_sockaddr(struct hip_common *, struct sockaddr *, size_t); +int + hip_build_param_eid_sockaddr(struct hip_common *, + struct sockaddr *, + size_t); int hip_build_param_encrypted_3des_sha1(struct hip_common *, struct hip_tlv_common *); int hip_build_param_encrypted_aes_sha1(struct hip_common *, @@ -60,99 +72,139 @@ int hip_build_param_encrypted_null_sha1(struct hip_common *, struct hip_tlv_common *); int hip_build_param_esp_info(struct hip_common *, uint16_t, uint32_t, uint32_t); -int hip_build_param_relay_from(struct hip_common *, const struct in6_addr *, - const in_port_t); -int hip_build_param_from(struct hip_common *, const struct in6_addr *, +int hip_build_param_relay_from(struct hip_common *, + const struct in6_addr *, + const in_port_t); +int hip_build_param_from(struct hip_common *, + const struct in6_addr *, const in_port_t); -int hip_build_param_hmac2_contents(struct hip_common *, struct hip_crypto_key *, +int hip_build_param_hmac2_contents(struct hip_common *, + struct hip_crypto_key *, struct hip_host_id *); -int hip_build_param_hmac_contents(struct hip_common *, const struct hip_crypto_key *); +int hip_build_param_hmac_contents(struct hip_common *, + const struct hip_crypto_key *); int hip_create_msg_pseudo_hmac2(const struct hip_common *msg, - struct hip_common *msg_copy, - struct hip_host_id *host_id); -int hip_build_param_hmac(struct hip_common *, const struct hip_crypto_key *, - hip_tlv_type_t); -void hip_build_param_host_id_hdr(struct hip_host_id *host_id_hdr, const char *hostname, - hip_tlv_len_t rr_data_len, uint8_t algorithm); -void hip_build_param_host_id_only(struct hip_host_id *host_id, const void *rr_data, - const char *fqdn); + struct hip_common *msg_copy, + struct hip_host_id *host_id); +int hip_build_param_hmac(struct hip_common *, + const struct hip_crypto_key *, + hip_tlv_type_t); +void hip_build_param_host_id_hdr(struct hip_host_id *host_id_hdr, + const char *hostname, + hip_tlv_len_t rr_data_len, + uint8_t algorithm); +void hip_build_param_host_id_only(struct hip_host_id *host_id, + const void *rr_data, + const char *fqdn); void hip_build_param_host_id_hdr_priv(struct hip_host_id_priv *host_id_hdr, - const char *hostname, - hip_tlv_len_t rr_data_len, - uint8_t algorithm); -int hip_build_param_hostname(struct hip_common*, const char*); -int hip_build_param_keys_hdr(struct hip_keys *, uint16_t, uint16_t, - struct in6_addr *, struct in6_addr *, - struct in6_addr *, uint32_t, uint32_t, uint16_t, + const char *hostname, + hip_tlv_len_t rr_data_len, + uint8_t algorithm); +int hip_build_param_hostname(struct hip_common *, const char *); +int hip_build_param_keys_hdr(struct hip_keys *, + uint16_t, + uint16_t, + struct in6_addr *, + struct in6_addr *, + struct in6_addr *, + uint32_t, + uint32_t, + uint16_t, struct hip_crypto_key *); int hip_build_param_locator(struct hip_common *, - struct hip_locator_info_addr_item *, int); -int hip_build_param_cert(struct hip_common *, uint8_t, uint8_t, uint8_t, - uint8_t, void *, size_t); -int hip_build_param_puzzle(struct hip_common *, uint8_t, uint8_t, uint32_t, uint64_t); + struct hip_locator_info_addr_item *, + int); +int hip_build_param_cert(struct hip_common *, + uint8_t, + uint8_t, + uint8_t, + uint8_t, + void *, + size_t); +int hip_build_param_puzzle(struct hip_common *, + uint8_t, + uint8_t, + uint32_t, + uint64_t); #ifdef CONFIG_HIP_MIDAUTH -int hip_build_param_challenge_request(struct hip_common *, uint8_t, uint8_t, uint8_t *, - uint8_t); +int hip_build_param_challenge_request(struct hip_common *, + uint8_t, + uint8_t, + uint8_t *, + uint8_t); #endif int hip_build_param_r1_counter(struct hip_common *, uint64_t); int hip_build_param_seq(struct hip_common *, uint32_t); -int hip_build_param_signature2_contents(struct hip_common *, const void *, - hip_tlv_len_t, uint8_t); -int hip_build_param_signature_contents(struct hip_common *, const void *, - hip_tlv_len_t, uint8_t); -int hip_build_param_solution(struct hip_common *, struct hip_puzzle *, - uint64_t); +int hip_build_param_signature2_contents(struct hip_common *, + const void *, + hip_tlv_len_t, + uint8_t); +int hip_build_param_signature_contents(struct hip_common *, + const void *, + hip_tlv_len_t, + uint8_t); +int + hip_build_param_solution(struct hip_common *, + struct hip_puzzle *, + uint64_t); #ifdef CONFIG_HIP_MIDAUTH -int hip_build_param_challenge_response(struct hip_common *, struct hip_challenge_request *, - uint64_t); +int hip_build_param_challenge_response(struct hip_common *, + struct hip_challenge_request *, + uint64_t); #endif int hip_build_param(struct hip_common *, const void *); void hip_set_msg_response(struct hip_common *msg, uint8_t on); uint8_t hip_get_msg_response(struct hip_common *msg); int hip_build_param_esp_transform(struct hip_common *, - const hip_transform_suite_t[], const uint16_t); + const hip_transform_suite_t[], + const uint16_t); int hip_build_param_hip_transform(struct hip_common *, - const hip_transform_suite_t[], const uint16_t); + const hip_transform_suite_t[], + const uint16_t); int hip_build_param_unit_test(struct hip_common *, uint16_t, uint16_t); int hip_build_param_via_rvs_nat(struct hip_common *, - const struct hip_in6_addr_port[], const int); + const struct hip_in6_addr_port[], + const int); int hip_build_param_relay_to(struct hip_common *msg, - const in6_addr_t *rvs_addr, - const in_port_t port); + const in6_addr_t *rvs_addr, + const in_port_t port); int hip_build_param_via_rvs(struct hip_common *msg, - const struct in6_addr rvs_addresses[]); -int hip_build_param_cert_spki_info(struct hip_common * msg, - struct hip_cert_spki_info * cert_info); -int hip_build_param_cert_x509_req(struct hip_common *,struct in6_addr *); + const struct in6_addr rvs_addresses[]); +int hip_build_param_cert_spki_info(struct hip_common *msg, + struct hip_cert_spki_info *cert_info); +int hip_build_param_cert_x509_req(struct hip_common *, struct in6_addr *); int hip_build_param_cert_x509_resp(struct hip_common *, char *, int); int hip_build_param_cert_x509_ver(struct hip_common *, char *, int); int hip_build_param_opendht_set(struct hip_common *, const char *); -int hip_build_param_opendht_gw_info(struct hip_common *, struct in6_addr *, - uint32_t, uint16_t, char *); +int hip_build_param_opendht_gw_info(struct hip_common *, + struct in6_addr *, + uint32_t, + uint16_t, + char *); int hip_build_param_hit_to_ip_set(struct hip_common *, const char *); int hip_build_user_hdr(struct hip_common *, hip_hdr_type_t, hip_hdr_err_t); void hip_calc_hdr_len(struct hip_common *); int hip_check_network_msg(const struct hip_common *); int hip_verify_network_header(struct hip_common *hip_common, - struct sockaddr *src, struct sockaddr *dst, - int len); -u16 hip_checksum_packet(char *data, struct sockaddr *src, - struct sockaddr *dst); + struct sockaddr *src, + struct sockaddr *dst, + int len); +u16 hip_checksum_packet(char *data, struct sockaddr *src, struct sockaddr *dst); int hip_check_userspace_msg(const struct hip_common *); int hip_check_userspace_msg_type(const struct hip_common *); void hip_dump_msg(const struct hip_common *); -struct hip_dh_public_value *hip_dh_select_key( - const struct hip_diffie_hellman *); +struct hip_dh_public_value + *hip_dh_select_key(const struct hip_diffie_hellman *); uint8_t hip_get_host_id_algo(const struct hip_host_id *); int hip_get_locator_addr_item_count(const struct hip_locator *); -union hip_locator_info_addr * hip_get_locator_item(void* item_list, int index); +union hip_locator_info_addr *hip_get_locator_item(void *item_list, int index); int hip_get_lifetime_value(time_t seconds, uint8_t *lifetime); int hip_get_lifetime_seconds(uint8_t lifetime, time_t *seconds); int hip_check_network_msg_len(const struct hip_common *msg); -struct hip_locator_info_addr_item *hip_get_locator_first_addr_item( - const struct hip_locator *); +struct hip_locator_info_addr_item + *hip_get_locator_first_addr_item(const struct hip_locator *); hip_hdr_err_t hip_get_msg_err(const struct hip_common *); uint16_t hip_get_msg_total_len(const struct hip_common *); hip_hdr_type_t hip_get_msg_type(const struct hip_common *); @@ -169,11 +221,11 @@ const uint16_t); hip_tlv_type_t hip_get_param_type(const void *); uint16_t hip_get_msg_checksum(struct hip_common *msg); -char* hip_message_type_name(const uint8_t); +char *hip_message_type_name(const uint8_t); struct hip_common *hip_msg_alloc(void); void hip_msg_free(struct hip_common *); void hip_msg_init(struct hip_common *); -char* hip_param_type_name(const hip_tlv_type_t); +char *hip_param_type_name(const hip_tlv_type_t); void hip_set_msg_err(struct hip_common *, hip_hdr_err_t); void hip_set_msg_checksum(struct hip_common *msg, u8 checksum); void hip_set_msg_total_len(struct hip_common *, uint16_t); @@ -182,54 +234,81 @@ void hip_set_param_lsi_value(struct hip_esp_info *, uint32_t); void hip_zero_msg_checksum(struct hip_common *); #ifndef __KERNEL__ -int rsa_to_hip_endpoint(RSA *rsa, struct endpoint_hip **endpoint, - se_hip_flags_t endpoint_flags, const char *hostname); -int dsa_to_hip_endpoint(DSA *dsa, struct endpoint_hip **endpoint, - se_hip_flags_t endpoint_flags, const char *hostname); -int hip_build_param_hip_hdrr_info(struct hip_common * msg, - struct hip_hdrr_info * hdrr_info); +int rsa_to_hip_endpoint(RSA *rsa, + struct endpoint_hip **endpoint, + se_hip_flags_t endpoint_flags, + const char *hostname); +int dsa_to_hip_endpoint(DSA *dsa, + struct endpoint_hip **endpoint, + se_hip_flags_t endpoint_flags, + const char *hostname); +int hip_build_param_hip_hdrr_info(struct hip_common *msg, + struct hip_hdrr_info *hdrr_info); #endif int hip_build_param_hip_uadb_info(struct hip_common *msg, - struct hip_uadb_info *uadb_info); + struct hip_uadb_info *uadb_info); int hip_build_param_reg_info(hip_common_t *msg, - const void *service_list, - const unsigned int service_count); -int hip_build_param_reg_request(hip_common_t *msg, const uint8_t lifetime, - const uint8_t *type_list, const int type_count); -int hip_build_param_reg_response(hip_common_t *msg, const uint8_t lifetime, - const uint8_t *type_list, const int type_count); + const void *service_list, + const unsigned int service_count); +int hip_build_param_reg_request(hip_common_t *msg, + const uint8_t lifetime, + const uint8_t *type_list, + const int type_count); +int hip_build_param_reg_response(hip_common_t *msg, + const uint8_t lifetime, + const uint8_t *type_list, + const int type_count); int hip_build_param_full_relay_hmac_contents(struct hip_common *, - struct hip_crypto_key *); + struct hip_crypto_key *); -int hip_public_rsa_to_hit(RSA *rsa_key, unsigned char *rsa, int type, - struct in6_addr *hit); -int hip_private_rsa_to_hit(RSA *rsa_key, unsigned char *rsa, int type, - struct in6_addr *hit); -int hip_public_dsa_to_hit(DSA *dsa_key, unsigned char *dsa, int type, - struct in6_addr *hit); -int hip_private_dsa_to_hit(DSA *dsa_key, unsigned char *dsa, int type, - struct in6_addr *hit); +int hip_public_rsa_to_hit(RSA *rsa_key, + unsigned char *rsa, + int type, + struct in6_addr *hit); +int hip_private_rsa_to_hit(RSA *rsa_key, + unsigned char *rsa, + int type, + struct in6_addr *hit); +int hip_public_dsa_to_hit(DSA *dsa_key, + unsigned char *dsa, + int type, + struct in6_addr *hit); +int hip_private_dsa_to_hit(DSA *dsa_key, + unsigned char *dsa, + int type, + struct in6_addr *hit); int hip_build_param_nat_pacing(struct hip_common *msg, uint32_t min_ta); - -int hip_build_param_reg_failed(struct hip_common *msg, uint8_t failure_type, - uint8_t *type_list, int type_count); - -int hip_build_param_esp_prot_transform(struct hip_common *msg, int num_transforms, - uint8_t *transforms); -int hip_build_param_esp_prot_anchor(struct hip_common *msg, uint8_t transform, - unsigned char *active_anchor, unsigned char *next_anchor, int hash_length, - int hash_item_length); -int hip_build_param_esp_prot_branch(struct hip_common *msg, int anchor_offset, - int branch_length, unsigned char *branch_nodes); -int hip_build_param_esp_prot_secret(struct hip_common *msg, int secret_length, - unsigned char *secret); -int hip_build_param_esp_prot_root(struct hip_common *msg, uint8_t root_length, - unsigned char *root); + +int hip_build_param_reg_failed(struct hip_common *msg, + uint8_t failure_type, + uint8_t *type_list, + int type_count); + +int hip_build_param_esp_prot_transform(struct hip_common *msg, + int num_transforms, + uint8_t *transforms); +int hip_build_param_esp_prot_anchor(struct hip_common *msg, + uint8_t transform, + unsigned char *active_anchor, + unsigned char *next_anchor, + int hash_length, + int hash_item_length); +int hip_build_param_esp_prot_branch(struct hip_common *msg, + int anchor_offset, + int branch_length, + unsigned char *branch_nodes); +int hip_build_param_esp_prot_secret(struct hip_common *msg, + int secret_length, + unsigned char *secret); +int hip_build_param_esp_prot_root(struct hip_common *msg, + uint8_t root_length, + unsigned char *root); int hip_build_param_reg_from(struct hip_common *msg, - const in6_addr_t *addr, - const in_port_t port); -int hip_build_param_nat_port(hip_common_t *msg, const in_port_t port, - hip_tlv_type_t hipparam); -struct in6_addr * hip_get_locator_item_address(void* item); + const in6_addr_t *addr, + const in_port_t port); +int hip_build_param_nat_port(hip_common_t *msg, + const in_port_t port, + hip_tlv_type_t hipparam); +struct in6_addr *hip_get_locator_item_address(void *item); #endif /* BUILDER_H */ === modified file 'lib/core/builder.h.doxyme' --- lib/core/builder.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/builder.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/builder.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/certtools.c' --- lib/core/certtools.c 2010-02-09 14:08:06 +0000 +++ lib/core/certtools.c 2010-02-10 23:55:24 +0000 @@ -4,10 +4,10 @@ * @author Samu Varjonen */ #include "certtools.h" - + /******************************************************************************* - * FUNCTIONS FOR SPKI * - *******************************************************************************/ +* FUNCTIONS FOR SPKI * +*******************************************************************************/ /** * hip_cert_spki_lib_verify - Function that verifies the signature in @@ -16,344 +16,354 @@ * @param cert points to hip_cert_spki_info that is going to be verified * * @return 0 if signature matches, -1 if error or signature did NOT match - * + * * @note see hip_cert_spki_char2certinfo to convert from wire to hip_cert_spki_info */ -int hip_cert_spki_lib_verify(struct hip_cert_spki_info * cert) { - int err = 0, start = 0, stop = 0, evpret = 0, keylen = 0, algo = 0; - char buf[200]; - - unsigned char sha_digest[21]; - unsigned char *sha_retval; - unsigned char * signature_hash = NULL; - unsigned char * signature_hash_b64 = NULL; - unsigned char * signature_b64 = NULL; - - unsigned char * signature = NULL; - - /** RSA **/ - RSA *rsa = NULL; - unsigned long e_code; - char * e_hex = NULL; - unsigned char * modulus_b64 = NULL; - unsigned char * modulus = NULL; - - /** DSA **/ - DSA *dsa = NULL; - unsigned char * p_bin = NULL, * q_bin = NULL, * g_bin = NULL, * y_bin = NULL; - unsigned char * p_b64 = NULL, * q_b64 = NULL, * g_b64 = NULL, * y_b64 = NULL; - DSA_SIG *dsa_sig; - - /* rules for regular expressions */ - - /* - Rule to get the info if we are using DSA - */ - char dsa_rule[] = "[d][s][a][-][p][k][c][s][1][-][s][h][a][1]"; - - /* - Rule to get the info if we are using RSA - */ - char rsa_rule[] = "[r][s][a][-][p][k][c][s][1][-][s][h][a][1]"; - - /* - Rule to get DSA p - Look for pattern "(p |" and stop when first "|" - anything in base 64 is accepted inbetween - */ - char p_rule[] = "[(][p][ ][|][[A-Za-z0-9+/()#=-]*[|]"; - - /* - Rule to get DSA q - Look for pattern "(q |" and stop when first "|" - anything in base 64 is accepted inbetween - */ - char q_rule[] = "[(][q][ ][|][[A-Za-z0-9+/()#=-]*[|]"; - - /* - Rule to get DSA g - Look for pattern "(g |" and stop when first "|" - anything in base 64 is accepted inbetween - */ - char g_rule[] = "[(][g][ ][|][[A-Za-z0-9+/()#=-]*[|]"; - - /* - Rule to get DSA y / pub_key - Look for pattern "(y |" and stop when first "|" - anything in base 64 is accepted inbetween - */ - char y_rule[] = "[(][y][ ][|][[A-Za-z0-9+/()#=-]*[|]"; - - /* - rule to get the public exponent RSA - Look for the part that says # and after that some hex blob and # - */ - char e_rule[] = "[#][0-9A-Fa-f]*[#]"; - - /* - rule to get the public modulus RSA - Look for the part that starts with '|' and after that anything - that is in base 64 char set and then '|' again - */ - char n_rule[] = "[|][A-Za-z0-9+/()#=-]*[|]"; - - /* - rule to get the signature hash - Look for the similar than the n_rule - */ - char h_rule[] = "[|][A-Za-z0-9+/()#=-]*[|]"; - - /* - rule to get the signature - Look for part that starts ")|" and base 64 blob after it - and stops to '|' char remember to add and subtract 2 from - the indexes below - */ - char s_rule[] = "[)][|][A-Za-z0-9+/()#=-]*[|]"; - - _HIP_DEBUG("\n\n** CONTENTS of public key sequence **\n" - "%s\n\n",cert->public_key); - - /* check the algo DSA or RSA */ - HIP_DEBUG("Verifying\nRunning regexps to identify algo\n"); - start = stop = 0; - algo = hip_cert_regex(dsa_rule, cert->public_key, &start, &stop); - if (algo != -1) { - HIP_DEBUG("Public-key is DSA\n"); - algo = HIP_HI_DSA; - goto algo_check_done; - } - start = stop = 0; - algo = hip_cert_regex(rsa_rule, cert->public_key, &start, &stop); - if (algo != -1) { - HIP_DEBUG("Public-key is RSA\n"); - algo = HIP_HI_RSA; - goto algo_check_done; - } - HIP_DEBUG((1!=1), -1,"Unknown algorithm\n"); - - algo_check_done: - if (algo == HIP_HI_RSA) { - - /* malloc space for new rsa */ - rsa = RSA_new(); - HIP_IFEL(!rsa, -1, "Failed to malloc RSA\n"); - - /* extract the public-key from cert to rsa */ - - /* public exponent first */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(e_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex (exponent)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - e_hex = malloc(stop-start); - HIP_IFEL((!e_hex), -1, "Malloc for e_hex failed\n"); - snprintf((char *)e_hex, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("E_HEX %s\n",e_hex); - - /* public modulus */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(n_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex (modulus)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - modulus_b64 = malloc(stop-start+1); - HIP_IFEL((!modulus_b64), -1, "Malloc for modulus_b64 failed\n"); - memset(modulus_b64, 0, (stop-start+1)); - modulus = malloc(stop-start+1); - HIP_IFEL((!modulus), -1, "Malloc for modulus failed\n"); - memset(modulus, 0, (stop-start+1)); - snprintf((char *)modulus_b64, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("modulus_b64 %s\n",modulus_b64); - - /* put the stuff into the RSA struct */ - BN_hex2bn(&rsa->e, e_hex); - evpret = EVP_DecodeBlock(modulus, modulus_b64, - strlen((char *)modulus_b64)); - - /* EVP returns a multiple of 3 octets, subtract any extra */ - keylen = evpret; - if (keylen % 4 != 0) { - --keylen; - keylen = keylen - keylen % 2; - } - _HIP_DEBUG("keylen = %d (%d bits)\n", keylen, keylen * 8); - signature = malloc(keylen); - HIP_IFEL((!signature), -1, "Malloc for signature failed.\n"); - rsa->n = BN_bin2bn(modulus, keylen, 0); - - _HIP_DEBUG("In verification RSA e=%s\n", BN_bn2hex(rsa->e)); - _HIP_DEBUG("In verification RSA n=%s\n", BN_bn2hex(rsa->n)); - - } else if (algo == HIP_HI_DSA) { - - /* malloc space for new dsa */ - dsa = DSA_new(); - HIP_IFEL(!dsa, -1, "Failed to malloc DSA\n"); - - /* Extract public key from the cert */ - - /* dsa->p */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(p_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex dsa->p\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - p_b64 = malloc(stop-start+1); - HIP_IFEL((!p_b64), -1, "Malloc for p_b64 failed\n"); - memset(p_b64, 0, (stop-start+1)); - p_bin = malloc(stop-start+1); - HIP_IFEL((!p_bin), -1, "Malloc for p_bin failed\n"); - memset(p_bin, 0, (stop-start+1)); - snprintf((char *)p_b64, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("p_b64 %s\n",p_b64); - evpret = EVP_DecodeBlock(p_bin, p_b64, strlen((char *)p_b64)); - - /* dsa->q */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(q_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex dsa->q\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - q_b64 = malloc(stop-start+1); - HIP_IFEL((!q_b64), -1, "Malloc for q_b64 failed\n"); - memset(q_b64, 0, (stop-start+1)); - q_bin = malloc(stop-start+1); - HIP_IFEL((!q_bin), -1, "Malloc for q_bin failed\n"); - memset(q_bin, 0, (stop-start+1)); - snprintf((char *)q_b64, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("q_b64 %s\n",q_b64); - evpret = EVP_DecodeBlock(q_bin, q_b64, strlen((char *)q_b64)); - - /* dsa->g */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(g_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex dsa->g\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - g_b64 = malloc(stop-start+1); - HIP_IFEL((!g_b64), -1, "Malloc for g_b64 failed\n"); - memset(g_b64, 0, (stop-start+1)); - g_bin = malloc(stop-start+1); - HIP_IFEL((!g_bin), -1, "Malloc for g_bin failed\n"); - memset(g_bin, 0, (stop-start+1)); - snprintf((char *)g_b64, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("g_b64 %s\n",g_b64); - evpret = EVP_DecodeBlock(g_bin, g_b64, strlen((char *)g_b64)); - - /* dsa->y */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(y_rule, cert->public_key, &start, &stop), -1, - "Failed to run hip_cert_regex dsa->y\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - y_b64 = malloc(stop-start+1); - HIP_IFEL((!y_b64), -1, "Malloc for y_b64 failed\n"); - memset(y_b64, 0, (stop-start+1)); - y_bin = malloc(stop-start+1); - HIP_IFEL((!y_bin), -1, "Malloc for y_bin failed\n"); - memset(y_bin, 0, (stop-start+1)); - snprintf((char *)y_b64, (stop-start-1), "%s", &cert->public_key[start + 1]); - _HIP_DEBUG("y_b64 %s\n",y_b64); - evpret = EVP_DecodeBlock(y_bin, y_b64, strlen((char *)y_b64)); - - } else HIP_IFEL((1==0), -1, "Unknown algorithm\n"); - - memset(sha_digest, '\0', sizeof(sha_digest)); - /* build sha1 digest that will be signed */ - HIP_IFEL(!(sha_retval = SHA1((unsigned char *)cert->cert, - strlen((char *)cert->cert), sha_digest)), - -1, "SHA1 error when creating digest.\n"); - _HIP_HEXDUMP("SHA1 digest of cert sequence ", sha_digest, 20); - - /* Get the signature hash and compare it to the sha_digest we just made */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(h_rule, cert->signature, &start, &stop), -1, - "Failed to run hip_cert_regex (signature hash)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - signature_hash_b64 = malloc(stop-start+1); - HIP_IFEL((!signature_hash_b64), -1, "Failed to malloc signature_hash_b64\n"); - memset(signature_hash_b64, '\0', (stop-start+1)); - signature_hash = malloc(stop-start+1); - HIP_IFEL((!signature_hash), -1, "Failed to malloc signature_hash\n"); - snprintf((char *)signature_hash_b64, (stop-start-1), "%s", - &cert->signature[start + 1]); - _HIP_DEBUG("SIG HASH B64 %s\n", signature_hash_b64); - evpret = EVP_DecodeBlock(signature_hash, signature_hash_b64, - strlen((char *)signature_hash_b64)); - HIP_IFEL(memcmp(sha_digest, signature_hash, 20), -1, - "Signature hash did not match of the one made from the" - "cert sequence in the certificate\n"); - - /* memset signature and put it into its place */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(s_rule, cert->signature, &start, &stop), -1, - "Failed to run hip_cert_regex (signature)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - signature_b64 = malloc(stop-start+1); - HIP_IFEL((!signature_b64), -1, "Failed to malloc signature_b64\n"); - memset(signature_b64, '\0', keylen); - snprintf((char *)signature_b64, (stop-start-2),"%s", &cert->signature[start + 2]); - _HIP_DEBUG("SIG_B64 %s\n", signature_b64); - if (algo == HIP_HI_DSA) { - signature = malloc(stop-start+1); - HIP_IFEL(!signature, -1, "Failed to malloc signature (dsa)\n"); - } - evpret = EVP_DecodeBlock(signature, signature_b64, - strlen((char *)signature_b64)); - _HIP_HEXDUMP("SIG\n", signature, keylen); - - if (algo == HIP_HI_RSA) { - /* do the verification */ - err = RSA_verify(NID_sha1, sha_digest, SHA_DIGEST_LENGTH, - signature, RSA_size(rsa), rsa); - e_code = ERR_get_error(); - ERR_load_crypto_strings(); - ERR_error_string(e_code ,buf); - - _HIP_DEBUG("***********RSA ERROR*************\n"); - _HIP_DEBUG("RSA_size(rsa) = %d\n",RSA_size(rsa)); - _HIP_DEBUG("Signature length :%d\n",strlen((char *)signature)); - _HIP_DEBUG("Error string :%s\n",buf); - _HIP_DEBUG("LIB error :%s\n",ERR_lib_error_string(e_code)); - _HIP_DEBUG("func error :%s\n",ERR_func_error_string(e_code)); - _HIP_DEBUG("Reason error :%s\n",ERR_reason_error_string(e_code)); - _HIP_DEBUG("***********RSA ERROR*************\n"); - - /* RSA_verify returns 1 if success. */ - cert->success = err == 1 ? 0 : -1; - HIP_IFEL((err = err == 1 ? 0 : -1), -1, "RSA_verify error\n"); - - } else if (algo == HIP_HI_DSA) { - - /* build the signature structure */ - dsa_sig = DSA_SIG_new(); - HIP_IFEL(!dsa_sig, 1, "Failed to allocate DSA_SIG\n"); - dsa_sig->r = BN_bin2bn(&signature[1], DSA_PRIV, NULL); - dsa_sig->s = BN_bin2bn(&signature[1 + DSA_PRIV], DSA_PRIV, NULL); - - /* verify the DSA signature */ - err = DSA_do_verify(sha_digest, SHA_DIGEST_LENGTH, - dsa_sig, dsa) == 0 ? 1 : 0; - - /* DSA_do_verify returns 1 if success. */ - cert->success = err == 1 ? 0 : -1; - HIP_IFEL((err = err == 1 ? 0 : -1), -1, "DSA_do_verify error\n"); - - } else HIP_IFEL((1==0), -1, "Unknown algorithm\n"); +int hip_cert_spki_lib_verify(struct hip_cert_spki_info *cert) +{ + int err = 0, start = 0, stop = 0, evpret = 0, keylen = 0, algo = 0; + char buf[200]; + + unsigned char sha_digest[21]; + unsigned char *sha_retval; + unsigned char *signature_hash = NULL; + unsigned char *signature_hash_b64 = NULL; + unsigned char *signature_b64 = NULL; + + unsigned char *signature = NULL; + + /** RSA **/ + RSA *rsa = NULL; + unsigned long e_code; + char *e_hex = NULL; + unsigned char *modulus_b64 = NULL; + unsigned char *modulus = NULL; + + /** DSA **/ + DSA *dsa = NULL; + unsigned char *p_bin = NULL, *q_bin = NULL, *g_bin = NULL, *y_bin = NULL; + unsigned char *p_b64 = NULL, *q_b64 = NULL, *g_b64 = NULL, *y_b64 = NULL; + DSA_SIG *dsa_sig; + + /* rules for regular expressions */ + + /* + * Rule to get the info if we are using DSA + */ + char dsa_rule[] = "[d][s][a][-][p][k][c][s][1][-][s][h][a][1]"; + + /* + * Rule to get the info if we are using RSA + */ + char rsa_rule[] = "[r][s][a][-][p][k][c][s][1][-][s][h][a][1]"; + + /* + * Rule to get DSA p + * Look for pattern "(p |" and stop when first "|" + * anything in base 64 is accepted inbetween + */ + char p_rule[] = "[(][p][ ][|][[A-Za-z0-9+/()#=-]*[|]"; + + /* + * Rule to get DSA q + * Look for pattern "(q |" and stop when first "|" + * anything in base 64 is accepted inbetween + */ + char q_rule[] = "[(][q][ ][|][[A-Za-z0-9+/()#=-]*[|]"; + + /* + * Rule to get DSA g + * Look for pattern "(g |" and stop when first "|" + * anything in base 64 is accepted inbetween + */ + char g_rule[] = "[(][g][ ][|][[A-Za-z0-9+/()#=-]*[|]"; + + /* + * Rule to get DSA y / pub_key + * Look for pattern "(y |" and stop when first "|" + * anything in base 64 is accepted inbetween + */ + char y_rule[] = "[(][y][ ][|][[A-Za-z0-9+/()#=-]*[|]"; + + /* + * rule to get the public exponent RSA + * Look for the part that says # and after that some hex blob and # + */ + char e_rule[] = "[#][0-9A-Fa-f]*[#]"; + + /* + * rule to get the public modulus RSA + * Look for the part that starts with '|' and after that anything + * that is in base 64 char set and then '|' again + */ + char n_rule[] = "[|][A-Za-z0-9+/()#=-]*[|]"; + + /* + * rule to get the signature hash + * Look for the similar than the n_rule + */ + char h_rule[] = "[|][A-Za-z0-9+/()#=-]*[|]"; + + /* + * rule to get the signature + * Look for part that starts ")|" and base 64 blob after it + * and stops to '|' char remember to add and subtract 2 from + * the indexes below + */ + char s_rule[] = "[)][|][A-Za-z0-9+/()#=-]*[|]"; + + _HIP_DEBUG("\n\n** CONTENTS of public key sequence **\n" + "%s\n\n", cert->public_key); + + /* check the algo DSA or RSA */ + HIP_DEBUG("Verifying\nRunning regexps to identify algo\n"); + start = stop = 0; + algo = hip_cert_regex(dsa_rule, cert->public_key, &start, &stop); + if (algo != -1) { + HIP_DEBUG("Public-key is DSA\n"); + algo = HIP_HI_DSA; + goto algo_check_done; + } + start = stop = 0; + algo = hip_cert_regex(rsa_rule, cert->public_key, &start, &stop); + if (algo != -1) { + HIP_DEBUG("Public-key is RSA\n"); + algo = HIP_HI_RSA; + goto algo_check_done; + } + HIP_DEBUG((1 != 1), -1, "Unknown algorithm\n"); + +algo_check_done: + if (algo == HIP_HI_RSA) { + /* malloc space for new rsa */ + rsa = RSA_new(); + HIP_IFEL(!rsa, -1, "Failed to malloc RSA\n"); + + /* extract the public-key from cert to rsa */ + + /* public exponent first */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(e_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex (exponent)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + e_hex = malloc(stop - start); + HIP_IFEL((!e_hex), -1, "Malloc for e_hex failed\n"); + snprintf((char *) e_hex, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("E_HEX %s\n", e_hex); + + /* public modulus */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(n_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex (modulus)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + modulus_b64 = malloc(stop - start + 1); + HIP_IFEL((!modulus_b64), -1, "Malloc for modulus_b64 failed\n"); + memset(modulus_b64, 0, (stop - start + 1)); + modulus = malloc(stop - start + 1); + HIP_IFEL((!modulus), -1, "Malloc for modulus failed\n"); + memset(modulus, 0, (stop - start + 1)); + snprintf((char *) modulus_b64, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("modulus_b64 %s\n", modulus_b64); + + /* put the stuff into the RSA struct */ + BN_hex2bn(&rsa->e, e_hex); + evpret = EVP_DecodeBlock(modulus, modulus_b64, + strlen((char *) modulus_b64)); + + /* EVP returns a multiple of 3 octets, subtract any extra */ + keylen = evpret; + if (keylen % 4 != 0) { + --keylen; + keylen = keylen - keylen % 2; + } + _HIP_DEBUG("keylen = %d (%d bits)\n", keylen, keylen * 8); + signature = malloc(keylen); + HIP_IFEL((!signature), -1, "Malloc for signature failed.\n"); + rsa->n = BN_bin2bn(modulus, keylen, 0); + + _HIP_DEBUG("In verification RSA e=%s\n", BN_bn2hex(rsa->e)); + _HIP_DEBUG("In verification RSA n=%s\n", BN_bn2hex(rsa->n)); + } else if (algo == HIP_HI_DSA) { + /* malloc space for new dsa */ + dsa = DSA_new(); + HIP_IFEL(!dsa, -1, "Failed to malloc DSA\n"); + + /* Extract public key from the cert */ + + /* dsa->p */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(p_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex dsa->p\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + p_b64 = malloc(stop - start + 1); + HIP_IFEL((!p_b64), -1, "Malloc for p_b64 failed\n"); + memset(p_b64, 0, (stop - start + 1)); + p_bin = malloc(stop - start + 1); + HIP_IFEL((!p_bin), -1, "Malloc for p_bin failed\n"); + memset(p_bin, 0, (stop - start + 1)); + snprintf((char *) p_b64, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("p_b64 %s\n", p_b64); + evpret = EVP_DecodeBlock(p_bin, p_b64, strlen((char *) p_b64)); + + /* dsa->q */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(q_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex dsa->q\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + q_b64 = malloc(stop - start + 1); + HIP_IFEL((!q_b64), -1, "Malloc for q_b64 failed\n"); + memset(q_b64, 0, (stop - start + 1)); + q_bin = malloc(stop - start + 1); + HIP_IFEL((!q_bin), -1, "Malloc for q_bin failed\n"); + memset(q_bin, 0, (stop - start + 1)); + snprintf((char *) q_b64, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("q_b64 %s\n", q_b64); + evpret = EVP_DecodeBlock(q_bin, q_b64, strlen((char *) q_b64)); + + /* dsa->g */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(g_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex dsa->g\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + g_b64 = malloc(stop - start + 1); + HIP_IFEL((!g_b64), -1, "Malloc for g_b64 failed\n"); + memset(g_b64, 0, (stop - start + 1)); + g_bin = malloc(stop - start + 1); + HIP_IFEL((!g_bin), -1, "Malloc for g_bin failed\n"); + memset(g_bin, 0, (stop - start + 1)); + snprintf((char *) g_b64, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("g_b64 %s\n", g_b64); + evpret = EVP_DecodeBlock(g_bin, g_b64, strlen((char *) g_b64)); + + /* dsa->y */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(y_rule, cert->public_key, &start, &stop), -1, + "Failed to run hip_cert_regex dsa->y\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + y_b64 = malloc(stop - start + 1); + HIP_IFEL((!y_b64), -1, "Malloc for y_b64 failed\n"); + memset(y_b64, 0, (stop - start + 1)); + y_bin = malloc(stop - start + 1); + HIP_IFEL((!y_bin), -1, "Malloc for y_bin failed\n"); + memset(y_bin, 0, (stop - start + 1)); + snprintf((char *) y_b64, (stop - start - 1), "%s", &cert->public_key[start + 1]); + _HIP_DEBUG("y_b64 %s\n", y_b64); + evpret = EVP_DecodeBlock(y_bin, y_b64, strlen((char *) y_b64)); + } else {HIP_IFEL((1 == 0), -1, "Unknown algorithm\n"); + } + + memset(sha_digest, '\0', sizeof(sha_digest)); + /* build sha1 digest that will be signed */ + HIP_IFEL(!(sha_retval = SHA1((unsigned char *) cert->cert, + strlen((char *) cert->cert), sha_digest)), + -1, "SHA1 error when creating digest.\n"); + _HIP_HEXDUMP("SHA1 digest of cert sequence ", sha_digest, 20); + + /* Get the signature hash and compare it to the sha_digest we just made */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(h_rule, cert->signature, &start, &stop), -1, + "Failed to run hip_cert_regex (signature hash)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + signature_hash_b64 = malloc(stop - start + 1); + HIP_IFEL((!signature_hash_b64), -1, "Failed to malloc signature_hash_b64\n"); + memset(signature_hash_b64, '\0', (stop - start + 1)); + signature_hash = malloc(stop - start + 1); + HIP_IFEL((!signature_hash), -1, "Failed to malloc signature_hash\n"); + snprintf((char *) signature_hash_b64, (stop - start - 1), "%s", + &cert->signature[start + 1]); + _HIP_DEBUG("SIG HASH B64 %s\n", signature_hash_b64); + evpret = EVP_DecodeBlock(signature_hash, signature_hash_b64, + strlen((char *) signature_hash_b64)); + HIP_IFEL(memcmp(sha_digest, signature_hash, 20), -1, + "Signature hash did not match of the one made from the" + "cert sequence in the certificate\n"); + + /* memset signature and put it into its place */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(s_rule, cert->signature, &start, &stop), -1, + "Failed to run hip_cert_regex (signature)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + signature_b64 = malloc(stop - start + 1); + HIP_IFEL((!signature_b64), -1, "Failed to malloc signature_b64\n"); + memset(signature_b64, '\0', keylen); + snprintf((char *) signature_b64, (stop - start - 2), "%s", &cert->signature[start + 2]); + _HIP_DEBUG("SIG_B64 %s\n", signature_b64); + if (algo == HIP_HI_DSA) { + signature = malloc(stop - start + 1); + HIP_IFEL(!signature, -1, "Failed to malloc signature (dsa)\n"); + } + evpret = EVP_DecodeBlock(signature, signature_b64, + strlen((char *) signature_b64)); + _HIP_HEXDUMP("SIG\n", signature, keylen); + + if (algo == HIP_HI_RSA) { + /* do the verification */ + err = RSA_verify(NID_sha1, sha_digest, SHA_DIGEST_LENGTH, + signature, RSA_size(rsa), rsa); + e_code = ERR_get_error(); + ERR_load_crypto_strings(); + ERR_error_string(e_code, buf); + + _HIP_DEBUG("***********RSA ERROR*************\n"); + _HIP_DEBUG("RSA_size(rsa) = %d\n", RSA_size(rsa)); + _HIP_DEBUG("Signature length :%d\n", strlen((char *) signature)); + _HIP_DEBUG("Error string :%s\n", buf); + _HIP_DEBUG("LIB error :%s\n", ERR_lib_error_string(e_code)); + _HIP_DEBUG("func error :%s\n", ERR_func_error_string(e_code)); + _HIP_DEBUG("Reason error :%s\n", ERR_reason_error_string(e_code)); + _HIP_DEBUG("***********RSA ERROR*************\n"); + + /* RSA_verify returns 1 if success. */ + cert->success = err == 1 ? 0 : -1; + HIP_IFEL((err = err == 1 ? 0 : -1), -1, "RSA_verify error\n"); + } else if (algo == HIP_HI_DSA) { + /* build the signature structure */ + dsa_sig = DSA_SIG_new(); + HIP_IFEL(!dsa_sig, 1, "Failed to allocate DSA_SIG\n"); + dsa_sig->r = BN_bin2bn(&signature[1], DSA_PRIV, NULL); + dsa_sig->s = BN_bin2bn(&signature[1 + DSA_PRIV], DSA_PRIV, NULL); + + /* verify the DSA signature */ + err = DSA_do_verify(sha_digest, SHA_DIGEST_LENGTH, + dsa_sig, dsa) == 0 ? 1 : 0; + + /* DSA_do_verify returns 1 if success. */ + cert->success = err == 1 ? 0 : -1; + HIP_IFEL((err = err == 1 ? 0 : -1), -1, "DSA_do_verify error\n"); + } else {HIP_IFEL((1 == 0), -1, "Unknown algorithm\n"); + } out_err: - if (signature_hash_b64) free(signature_hash_b64); - if (signature_hash) free(signature_hash); - if (modulus_b64) free(modulus_b64); - if (modulus) free(modulus); - if (rsa) RSA_free(rsa); - if (e_hex) free(e_hex); - if (dsa) DSA_free(dsa); - return (err); + if (signature_hash_b64) { + free(signature_hash_b64); + } + if (signature_hash) { + free(signature_hash); + } + if (modulus_b64) { + free(modulus_b64); + } + if (modulus) { + free(modulus); + } + if (rsa) { + RSA_free(rsa); + } + if (e_hex) { + free(e_hex); + } + if (dsa) { + DSA_free(dsa); + } + return err; } -/** - * hip_cert_spki_create_cert - Function to build the create minimal SPKI cert +/** + * hip_cert_spki_create_cert - Function to build the create minimal SPKI cert * - * @param content holds the struct hip_cert_spki_info containing - * the minimal needed information for cert object, - * also contains the char table where the cert object + * @param content holds the struct hip_cert_spki_info containing + * the minimal needed information for cert object, + * also contains the char table where the cert object * is to be stored * @param issuer_type With HIP its HIT * @param issuer HIT in representation encoding 2001:001... @@ -364,149 +374,169 @@ * * @return 0 if ok -1 if error */ -int hip_cert_spki_create_cert(struct hip_cert_spki_info * content, - char * issuer_type, struct in6_addr * issuer, - char * subject_type, struct in6_addr * subject, - time_t * not_before, time_t * not_after) { - int err = 0; - char * tmp_issuer = NULL; - char * tmp_subject = NULL; - char * tmp_before = NULL; - char * tmp_after = NULL; - struct tm *ts = NULL; - char buf_before[80]; - char buf_after[80]; - char present_issuer[41]; - char present_subject[41]; - struct hip_common * msg = NULL; - struct hip_cert_spki_info * returned = NULL; - - /* Malloc needed */ - tmp_issuer = malloc(128); - if (!tmp_issuer) goto out_err; /* Why does this return 0? */ - tmp_subject = malloc(128); - if (!tmp_subject) goto out_err; - tmp_before = malloc(128); - if (!tmp_before) goto out_err; - tmp_after = malloc(128); - if (!tmp_after) goto out_err; - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, - "Malloc for msg failed\n"); - - /* Memset everything */ - HIP_IFEL(!memset(buf_before, '\0', sizeof(buf_before)), -1, - "Failed to memset memory for tmp buffers variables\n"); - HIP_IFEL(!memset(buf_after, '\0', sizeof(buf_after)), -1, - "Failed to memset memory for tmp buffers variables\n"); - HIP_IFEL(!memset(tmp_issuer, '\0', sizeof(tmp_issuer)), -1, - "Failed to memset memory for tmp variables\n"); - HIP_IFEL(!memset(tmp_subject, '\0', sizeof(tmp_subject)), -1, - "Failed to memset memory for tmp variables\n"); - HIP_IFEL(!memset(tmp_before, '\0', sizeof(tmp_before)), -1, - "Failed to memset memory for tmp variables\n"); - HIP_IFEL(!memset(tmp_after, '\0', sizeof(tmp_after)), -1, - "Failed to memset memory for tmp variables\n"); - HIP_IFEL(!memset(present_issuer, '\0', sizeof(present_issuer)), -1, - "Failed to memset memory for tmp variables\n"); - HIP_IFEL(!memset(present_subject, '\0', sizeof(present_subject)), -1, - "Failed to memset memory for tmp variables\n"); - - /* Make needed transforms to the date */ - _HIP_DEBUG("not_before %d not_after %d\n",*not_before,*not_after); - /* Format and print the time, "yyyy-mm-dd hh:mm:ss" - (not-after "1998-04-15_00:00:00") */ - ts = localtime(not_before); - strftime(buf_before, sizeof(buf_before), "%Y-%m-%d_%H:%M:%S", ts); - ts = localtime(not_after); - strftime(buf_after, sizeof(buf_after), "%Y-%m-%d_%H:%M:%S", ts); - _HIP_DEBUG("Not before %s\n", buf_before); - _HIP_DEBUG("Not after %s\n", buf_after); - - sprintf(tmp_before, "(not-before \"%s\")", buf_before); - sprintf(tmp_after, "(not-after \"%s\")", buf_after); - - ipv6_addr_copy(&content->issuer_hit, issuer); - hip_in6_ntop(issuer, present_issuer); - hip_in6_ntop(subject, present_subject); - - sprintf(tmp_issuer, "(hash %s %s)", issuer_type, present_issuer); - sprintf(tmp_subject, "(hash %s %s)", subject_type, present_subject); - - /* Create the cert sequence */ - HIP_IFEL(hip_cert_spki_build_cert(content), -1, - "hip_cert_spki_build_cert failed\n"); - - HIP_IFEL(hip_cert_spki_inject(content, "cert", tmp_after), -1, - "hip_cert_spki_inject failed to inject\n"); - HIP_IFEL(hip_cert_spki_inject(content, "cert", tmp_before), -1, - "hip_cert_spki_inject failed to inject\n"); - HIP_IFEL(hip_cert_spki_inject(content, "cert", "(subject )"), -1, - "hip_cert_spki_inject failed to inject\n"); - HIP_IFEL(hip_cert_spki_inject(content, "subject", tmp_subject), -1, - "hip_cert_spki_inject failed to inject\n"); - HIP_IFEL(hip_cert_spki_inject(content, "cert", "(issuer )"), -1, - "hip_cert_spki_inject failed to inject\n"); - HIP_IFEL(hip_cert_spki_inject(content, "issuer", tmp_issuer), -1, - "hip_cert_spki_inject failed to inject\n"); - - /* Create the signature and the public-key sequences */ - - /* Send the daemon the struct hip_cert_spki_header - containing the cert sequence in content->cert. - As a result you should get the struct back with - public-key and signature fields filled */ - - /* build the msg to be sent to the daemon */ - hip_msg_init(msg); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_SPKI_SIGN, 0), -1, - "Failed to build user header\n"); - HIP_IFEL(hip_build_param_cert_spki_info(msg, content), -1, - "Failed to build cert_info\n"); - /* send and wait */ - HIP_DEBUG("Sending request to sign SPKI cert sequence to " - "daemon and waiting for answer\n"); - hip_send_recv_daemon_info(msg, 0, 0); - - /* get the struct from the message sent back by the daemon */ - _HIP_DUMP_MSG(msg); - HIP_IFEL(!(returned = hip_get_param(msg, HIP_PARAM_CERT_SPKI_INFO)), - -1, "No hip_cert_spki_info struct found from daemons msg\n"); - - _HIP_DEBUG("PUBLIC-KEY\n%s\nCERT\n%s\nSIGNATURE\n%s\n", returned->public_key, - returned->cert, returned->signature); - memcpy(content, returned, sizeof(struct hip_cert_spki_info)); +int hip_cert_spki_create_cert(struct hip_cert_spki_info *content, + char *issuer_type, struct in6_addr *issuer, + char *subject_type, struct in6_addr *subject, + time_t *not_before, time_t *not_after) +{ + int err = 0; + char *tmp_issuer = NULL; + char *tmp_subject = NULL; + char *tmp_before = NULL; + char *tmp_after = NULL; + struct tm *ts = NULL; + char buf_before[80]; + char buf_after[80]; + char present_issuer[41]; + char present_subject[41]; + struct hip_common *msg = NULL; + struct hip_cert_spki_info *returned = NULL; + + /* Malloc needed */ + tmp_issuer = malloc(128); + if (!tmp_issuer) { + goto out_err; /* Why does this return 0? */ + } + tmp_subject = malloc(128); + if (!tmp_subject) { + goto out_err; + } + tmp_before = malloc(128); + if (!tmp_before) { + goto out_err; + } + tmp_after = malloc(128); + if (!tmp_after) { + goto out_err; + } + HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, + "Malloc for msg failed\n"); + + /* Memset everything */ + HIP_IFEL(!memset(buf_before, '\0', sizeof(buf_before)), -1, + "Failed to memset memory for tmp buffers variables\n"); + HIP_IFEL(!memset(buf_after, '\0', sizeof(buf_after)), -1, + "Failed to memset memory for tmp buffers variables\n"); + HIP_IFEL(!memset(tmp_issuer, '\0', sizeof(tmp_issuer)), -1, + "Failed to memset memory for tmp variables\n"); + HIP_IFEL(!memset(tmp_subject, '\0', sizeof(tmp_subject)), -1, + "Failed to memset memory for tmp variables\n"); + HIP_IFEL(!memset(tmp_before, '\0', sizeof(tmp_before)), -1, + "Failed to memset memory for tmp variables\n"); + HIP_IFEL(!memset(tmp_after, '\0', sizeof(tmp_after)), -1, + "Failed to memset memory for tmp variables\n"); + HIP_IFEL(!memset(present_issuer, '\0', sizeof(present_issuer)), -1, + "Failed to memset memory for tmp variables\n"); + HIP_IFEL(!memset(present_subject, '\0', sizeof(present_subject)), -1, + "Failed to memset memory for tmp variables\n"); + + /* Make needed transforms to the date */ + _HIP_DEBUG("not_before %d not_after %d\n", *not_before, *not_after); + /* Format and print the time, "yyyy-mm-dd hh:mm:ss" + * (not-after "1998-04-15_00:00:00") */ + ts = localtime(not_before); + strftime(buf_before, sizeof(buf_before), "%Y-%m-%d_%H:%M:%S", ts); + ts = localtime(not_after); + strftime(buf_after, sizeof(buf_after), "%Y-%m-%d_%H:%M:%S", ts); + _HIP_DEBUG("Not before %s\n", buf_before); + _HIP_DEBUG("Not after %s\n", buf_after); + + sprintf(tmp_before, "(not-before \"%s\")", buf_before); + sprintf(tmp_after, "(not-after \"%s\")", buf_after); + + ipv6_addr_copy(&content->issuer_hit, issuer); + hip_in6_ntop(issuer, present_issuer); + hip_in6_ntop(subject, present_subject); + + sprintf(tmp_issuer, "(hash %s %s)", issuer_type, present_issuer); + sprintf(tmp_subject, "(hash %s %s)", subject_type, present_subject); + + /* Create the cert sequence */ + HIP_IFEL(hip_cert_spki_build_cert(content), -1, + "hip_cert_spki_build_cert failed\n"); + + HIP_IFEL(hip_cert_spki_inject(content, "cert", tmp_after), -1, + "hip_cert_spki_inject failed to inject\n"); + HIP_IFEL(hip_cert_spki_inject(content, "cert", tmp_before), -1, + "hip_cert_spki_inject failed to inject\n"); + HIP_IFEL(hip_cert_spki_inject(content, "cert", "(subject )"), -1, + "hip_cert_spki_inject failed to inject\n"); + HIP_IFEL(hip_cert_spki_inject(content, "subject", tmp_subject), -1, + "hip_cert_spki_inject failed to inject\n"); + HIP_IFEL(hip_cert_spki_inject(content, "cert", "(issuer )"), -1, + "hip_cert_spki_inject failed to inject\n"); + HIP_IFEL(hip_cert_spki_inject(content, "issuer", tmp_issuer), -1, + "hip_cert_spki_inject failed to inject\n"); + + /* Create the signature and the public-key sequences */ + + /* Send the daemon the struct hip_cert_spki_header + * containing the cert sequence in content->cert. + * As a result you should get the struct back with + * public-key and signature fields filled */ + + /* build the msg to be sent to the daemon */ + hip_msg_init(msg); + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_SPKI_SIGN, 0), -1, + "Failed to build user header\n"); + HIP_IFEL(hip_build_param_cert_spki_info(msg, content), -1, + "Failed to build cert_info\n"); + /* send and wait */ + HIP_DEBUG("Sending request to sign SPKI cert sequence to " + "daemon and waiting for answer\n"); + hip_send_recv_daemon_info(msg, 0, 0); + + /* get the struct from the message sent back by the daemon */ + _HIP_DUMP_MSG(msg); + HIP_IFEL(!(returned = hip_get_param(msg, HIP_PARAM_CERT_SPKI_INFO)), + -1, "No hip_cert_spki_info struct found from daemons msg\n"); + + _HIP_DEBUG("PUBLIC-KEY\n%s\nCERT\n%s\nSIGNATURE\n%s\n", returned->public_key, + returned->cert, returned->signature); + memcpy(content, returned, sizeof(struct hip_cert_spki_info)); out_err: - /* free everything malloced */ - if (tmp_before) free(tmp_before); - if (tmp_after) free(tmp_after); - if (tmp_issuer) free(tmp_issuer); - if (tmp_subject) free(tmp_subject); - if (msg) free(msg); - return (err); -} - + /* free everything malloced */ + if (tmp_before) { + free(tmp_before); + } + if (tmp_after) { + free(tmp_after); + } + if (tmp_issuer) { + free(tmp_issuer); + } + if (tmp_subject) { + free(tmp_subject); + } + if (msg) { + free(msg); + } + return err; +} + /** * hip_cert_spki_build_cert - Function to build the basic cert object * of SPKI clears public-key object and signature in - * hip_cert_spki_header - * + * hip_cert_spki_header + * * @param minimal_content holds the struct hip_cert_spki_header - * containing the minimal needed information for + * containing the minimal needed information for * cert object, also contains the char table where * the cert object is to be stored * * @return 0 if ok -1 if error */ -int hip_cert_spki_build_cert(struct hip_cert_spki_info * minimal_content) { - int err = 0; - char needed[] = "(cert )"; - memset(minimal_content->public_key, '\0', sizeof(minimal_content->public_key)); - memset(minimal_content->cert, '\0', sizeof(minimal_content->cert)); - memset(minimal_content->signature, '\0', sizeof(minimal_content->signature)); - sprintf(minimal_content->cert, "%s", needed); +int hip_cert_spki_build_cert(struct hip_cert_spki_info *minimal_content) +{ + int err = 0; + char needed[] = "(cert )"; + memset(minimal_content->public_key, '\0', sizeof(minimal_content->public_key)); + memset(minimal_content->cert, '\0', sizeof(minimal_content->cert)); + memset(minimal_content->signature, '\0', sizeof(minimal_content->signature)); + sprintf(minimal_content->cert, "%s", needed); - return (err); + return err; } /** @@ -514,46 +544,49 @@ * * @param to hip_cert_spki_info containing the char table where to insert * @param after is a char pointer for the regcomp after which the inject happens - * @param what is char pointer of what to + * @param what is char pointer of what to * * @return 0 if ok and negative if error. -1 returned for example when after is NOT found */ -int hip_cert_spki_inject(struct hip_cert_spki_info * to, - char * after, char * what) { - int err = 0, status = 0; - regex_t re; - regmatch_t pm[1]; - char * tmp_cert; +int hip_cert_spki_inject(struct hip_cert_spki_info *to, + char *after, char *what) +{ + int err = 0, status = 0; + regex_t re; + regmatch_t pm[1]; + char *tmp_cert; - _HIP_DEBUG("Before inject:\n%s\n",to->cert); - _HIP_DEBUG("Inserting \"%s\" after \"%s\"\n", what, after); - tmp_cert = malloc(strlen(to->cert) + strlen(what) + 1); - if (!tmp_cert) return(-1); - HIP_IFEL(!memset(tmp_cert, 0, sizeof(tmp_cert)), -1, - "Failed to memset temporary workspace\n"); - /* Compiling the regular expression */ - HIP_IFEL(regcomp(&re, after, REG_EXTENDED), -1, - "Compilation of the regular expression failed\n"); - /* Running the regular expression */ - HIP_IFEL((status = regexec(&re, to->cert, 1, pm, 0)), -1, - "Handling of regular expression failed\n"); - _HIP_DEBUG("Found \"%s\" at %d and it ends at %d\n", - after, pm[0].rm_so, pm[0].rm_eo); - /* Using tmp char table to do the inject (remember the terminators) - first the beginning */ - snprintf(tmp_cert, pm[0].rm_eo + 2, "%s", to->cert); - /* Then the middle part to be injected */ - snprintf(&tmp_cert[pm[0].rm_eo + 1], strlen(what) + 1, "%s", what); - /* then glue back the rest of the original at the end */ - snprintf(&tmp_cert[(pm[0].rm_eo + strlen(what) + 1)], - (strlen(to->cert) - pm[0].rm_eo), "%s", &to->cert[pm[0].rm_eo + 1]); - /* move tmp to the result */ - sprintf(to->cert, "%s", tmp_cert); - _HIP_DEBUG("After inject:\n%s\n",to->cert); + _HIP_DEBUG("Before inject:\n%s\n", to->cert); + _HIP_DEBUG("Inserting \"%s\" after \"%s\"\n", what, after); + tmp_cert = malloc(strlen(to->cert) + strlen(what) + 1); + if (!tmp_cert) { + return -1; + } + HIP_IFEL(!memset(tmp_cert, 0, sizeof(tmp_cert)), -1, + "Failed to memset temporary workspace\n"); + /* Compiling the regular expression */ + HIP_IFEL(regcomp(&re, after, REG_EXTENDED), -1, + "Compilation of the regular expression failed\n"); + /* Running the regular expression */ + HIP_IFEL((status = regexec(&re, to->cert, 1, pm, 0)), -1, + "Handling of regular expression failed\n"); + _HIP_DEBUG("Found \"%s\" at %d and it ends at %d\n", + after, pm[0].rm_so, pm[0].rm_eo); + /* Using tmp char table to do the inject (remember the terminators) + * first the beginning */ + snprintf(tmp_cert, pm[0].rm_eo + 2, "%s", to->cert); + /* Then the middle part to be injected */ + snprintf(&tmp_cert[pm[0].rm_eo + 1], strlen(what) + 1, "%s", what); + /* then glue back the rest of the original at the end */ + snprintf(&tmp_cert[(pm[0].rm_eo + strlen(what) + 1)], + (strlen(to->cert) - pm[0].rm_eo), "%s", &to->cert[pm[0].rm_eo + 1]); + /* move tmp to the result */ + sprintf(to->cert, "%s", tmp_cert); + _HIP_DEBUG("After inject:\n%s\n", to->cert); out_err: - free(tmp_cert); - regfree(&re); - return (err); + free(tmp_cert); + regfree(&re); + return err; } /** @@ -563,56 +596,57 @@ * @param from char pointer to the whole certificate * @param to hip_cert_spki_info containing the char table where to insert * - * @return 0 if ok and negative if error. + * @return 0 if ok and negative if error. */ -int hip_cert_spki_char2certinfo(char * from, struct hip_cert_spki_info * to) { - int err = 0, start = 0, stop = 0; - /* - p_rule looks for string "(public_key " after which there can be - pretty much anything until string "|)))" is encountered. - This is the public-key sequence. - */ - char p_rule[] = "[(]public_key [ A-Za-z0-9+|/()#=-]*[|][)][)][)]"; - /* - c_rule looks for string "(cert " after which there can be - pretty much anything until string '"))' is encountered. - This is the cert sequence. - */ - char c_rule[] = "[(]cert [ A-Za-z0-9+|/():=_\"-]*[\"][)][)]"; //\" is one char - /* - s_rule looks for string "(signature " after which there can be - pretty much anything until string "|))" is encountered. - This is the signature sequence. - */ - char s_rule[] = "[(]signature [ A-Za-z0-9+/|()=]*[|][)][)]"; - - _HIP_DEBUG("FROM %s\n", from); - - /* Look for the public key */ - HIP_IFEL(hip_cert_regex(p_rule, from , &start, &stop), -1, - "Failed to run hip_cert_regex (public-key)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - snprintf(to->public_key, (stop-start) + 1,"%s", &from[start]); - - /* Look for the cert sequence */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(c_rule, from, &start, &stop), -1, - "Failed to run hip_cert_regex (cert)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - snprintf(to->cert, (stop-start) + 1,"%s", &from[start]); - - /* look for the signature sequence */ - start = stop = 0; - HIP_IFEL(hip_cert_regex(s_rule, from, &start, &stop), -1, - "Failed to run hip_cert_regex (signature)\n"); - _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); - snprintf(to->signature, (stop-start) + 1,"%s", &from[start]); - - _HIP_DEBUG("PK %s\nCert %s\nSign %s\n", - to->public_key, to->cert, to->signature); - - out_err: - return(err); +int hip_cert_spki_char2certinfo(char *from, struct hip_cert_spki_info *to) +{ + int err = 0, start = 0, stop = 0; + /* + * p_rule looks for string "(public_key " after which there can be + * pretty much anything until string "|)))" is encountered. + * This is the public-key sequence. + */ + char p_rule[] = "[(]public_key [ A-Za-z0-9+|/()#=-]*[|][)][)][)]"; + /* + * c_rule looks for string "(cert " after which there can be + * pretty much anything until string '"))' is encountered. + * This is the cert sequence. + */ + char c_rule[] = "[(]cert [ A-Za-z0-9+|/():=_\"-]*[\"][)][)]"; //\" is one char + /* + * s_rule looks for string "(signature " after which there can be + * pretty much anything until string "|))" is encountered. + * This is the signature sequence. + */ + char s_rule[] = "[(]signature [ A-Za-z0-9+/|()=]*[|][)][)]"; + + _HIP_DEBUG("FROM %s\n", from); + + /* Look for the public key */ + HIP_IFEL(hip_cert_regex(p_rule, from, &start, &stop), -1, + "Failed to run hip_cert_regex (public-key)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + snprintf(to->public_key, (stop - start) + 1, "%s", &from[start]); + + /* Look for the cert sequence */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(c_rule, from, &start, &stop), -1, + "Failed to run hip_cert_regex (cert)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + snprintf(to->cert, (stop - start) + 1, "%s", &from[start]); + + /* look for the signature sequence */ + start = stop = 0; + HIP_IFEL(hip_cert_regex(s_rule, from, &start, &stop), -1, + "Failed to run hip_cert_regex (signature)\n"); + _HIP_DEBUG("REGEX results from %d to %d\n", start, stop); + snprintf(to->signature, (stop - start) + 1, "%s", &from[start]); + + _HIP_DEBUG("PK %s\nCert %s\nSign %s\n", + to->public_key, to->cert, to->signature); + +out_err: + return err; } /** @@ -621,43 +655,46 @@ * * @param to_verification is the cert to be verified * - * @return 0 if ok and negative if error or unsuccesfull. + * @return 0 if ok and negative if error or unsuccesfull. * * @note use hip_cert_spki_char2certinfo to build the hip_cert_spki_info */ -int hip_cert_spki_send_to_verification(struct hip_cert_spki_info * to_verification) { - int err = 0; - struct hip_common * msg; - struct hip_cert_spki_info * returned; - - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, - "Malloc for msg failed\n"); - hip_msg_init(msg); - /* build the msg to be sent to the daemon */ - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_SPKI_VERIFY, 0), -1, - "Failed to build user header\n"); - HIP_IFEL(hip_build_param_cert_spki_info(msg, to_verification), -1, - "Failed to build cert_info\n"); - - /* send and wait */ - HIP_DEBUG("Sending request to verify SPKI cert to " - "daemon and waiting for answer\n"); - hip_send_recv_daemon_info(msg, 0, 0); - - HIP_IFEL(!(returned = hip_get_param(msg, HIP_PARAM_CERT_SPKI_INFO)), - -1, "No hip_cert_spki_info struct found from daemons msg\n"); - - _HIP_DEBUG("Success = %d (should be 0 if OK\n", returned->success); - memcpy(to_verification, returned, sizeof(struct hip_cert_spki_info)); - - out_err: - if (msg) free(msg); - return (err); +int hip_cert_spki_send_to_verification(struct hip_cert_spki_info *to_verification) +{ + int err = 0; + struct hip_common *msg; + struct hip_cert_spki_info *returned; + + HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, + "Malloc for msg failed\n"); + hip_msg_init(msg); + /* build the msg to be sent to the daemon */ + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_SPKI_VERIFY, 0), -1, + "Failed to build user header\n"); + HIP_IFEL(hip_build_param_cert_spki_info(msg, to_verification), -1, + "Failed to build cert_info\n"); + + /* send and wait */ + HIP_DEBUG("Sending request to verify SPKI cert to " + "daemon and waiting for answer\n"); + hip_send_recv_daemon_info(msg, 0, 0); + + HIP_IFEL(!(returned = hip_get_param(msg, HIP_PARAM_CERT_SPKI_INFO)), + -1, "No hip_cert_spki_info struct found from daemons msg\n"); + + _HIP_DEBUG("Success = %d (should be 0 if OK\n", returned->success); + memcpy(to_verification, returned, sizeof(struct hip_cert_spki_info)); + +out_err: + if (msg) { + free(msg); + } + return err; } -/******************************************************************************* - * FUNCTIONS FOR x509v3 * - *******************************************************************************/ +/****************************************************************************** + * FUNCTIONS FOR x509v3 * + ******************************************************************************/ /** * hip_cert_x509v3_request_certificate - Function that requests for a @@ -665,43 +702,46 @@ * * @param subject is the subjects HIT * - * @param cert is pointer to a buffer to which this function writes the completed cert + * @param cert is pointer to a buffer to which this function writes the completed cert * * @return positive on success negative otherwise - * + * * @note The certificate is given in DER encoding - */ -int hip_cert_x509v3_request_certificate(struct in6_addr * subject, - unsigned char * certificate) { - int err = 0; - struct hip_common * msg; - struct hip_cert_x509_resp * p; - - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, - "Malloc for msg failed\n"); - hip_msg_init(msg); - /* build the msg to be sent to the daemon */ - - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_X509V3_SIGN, 0), -1, - "Failed to build user header\n"); - HIP_IFEL(hip_build_param_cert_x509_req(msg, subject), -1, - "Failed to build cert_info\n"); - /* send and wait */ - HIP_DEBUG("Sending request to sign x509 cert to " - "daemon and waiting for answer\n"); - hip_send_recv_daemon_info(msg, 0, 0); - /* get the struct from the message sent back by the daemon */ - HIP_IFEL(!(p = hip_get_param(msg, HIP_PARAM_CERT_X509_RESP)), -1, - "No name x509 struct found\n"); - _HIP_HEXDUMP("DER:\n", p->der, p->der_len); - _HIP_DEBUG("DER length %d\n", p->der_len); - memcpy(certificate, p->der, p->der_len); - err = p->der_len; - _HIP_DUMP_MSG(msg); - - out_err: - if (msg) free(msg); - return(err); + */ +int hip_cert_x509v3_request_certificate(struct in6_addr *subject, + unsigned char *certificate) +{ + int err = 0; + struct hip_common *msg; + struct hip_cert_x509_resp *p; + + HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, + "Malloc for msg failed\n"); + hip_msg_init(msg); + /* build the msg to be sent to the daemon */ + + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_X509V3_SIGN, 0), -1, + "Failed to build user header\n"); + HIP_IFEL(hip_build_param_cert_x509_req(msg, subject), -1, + "Failed to build cert_info\n"); + /* send and wait */ + HIP_DEBUG("Sending request to sign x509 cert to " + "daemon and waiting for answer\n"); + hip_send_recv_daemon_info(msg, 0, 0); + /* get the struct from the message sent back by the daemon */ + HIP_IFEL(!(p = hip_get_param(msg, HIP_PARAM_CERT_X509_RESP)), -1, + "No name x509 struct found\n"); + _HIP_HEXDUMP("DER:\n", p->der, p->der_len); + _HIP_DEBUG("DER length %d\n", p->der_len); + memcpy(certificate, p->der, p->der_len); + err = p->der_len; + _HIP_DUMP_MSG(msg); + +out_err: + if (msg) { + free(msg); + } + return err; } /** @@ -714,47 +754,52 @@ * @return 0 on success negative otherwise * * @note give the certificate in PEM encoding - */ -int hip_cert_x509v3_request_verification(unsigned char * certificate, int len) { - int err = 0; - struct hip_common * msg; - struct hip_cert_x509_resp * received; - - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, - "Malloc for msg failed\n"); - hip_msg_init(msg); - - _HIP_HEXDUMP("DER DUMP:\n", certificate, len); - _HIP_DEBUG("DER LEN %d\n", len); - - /* build the msg to be sent to the daemon */ - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_X509V3_VERIFY, 0), -1, - "Failed to build user header\n"); - HIP_IFEL(hip_build_param_cert_x509_ver(msg, (char *)certificate, len), -1, - "Failed to build cert_info\n"); - - /* send and wait */ - HIP_DEBUG("Sending request to verify x509 cert to " - "daemon and waiting for answer\n"); - _HIP_DUMP_MSG(msg); - hip_send_recv_daemon_info(msg, 0, 0); - - /* get the struct from the message sent back by the daemon */ - HIP_IFEL(!(received = hip_get_param(msg, HIP_PARAM_CERT_X509_RESP)), -1, - "No x509 struct found\n"); - err = hip_get_msg_err(msg); - if (err == 0) HIP_DEBUG("Verified successfully\n"); - else HIP_DEBUG("Verification failed\n"); - _HIP_DUMP_MSG(msg); - - out_err: - if (msg) free(msg); - return(err); + */ +int hip_cert_x509v3_request_verification(unsigned char *certificate, int len) +{ + int err = 0; + struct hip_common *msg; + struct hip_cert_x509_resp *received; + + HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, + "Malloc for msg failed\n"); + hip_msg_init(msg); + + _HIP_HEXDUMP("DER DUMP:\n", certificate, len); + _HIP_DEBUG("DER LEN %d\n", len); + + /* build the msg to be sent to the daemon */ + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_CERT_X509V3_VERIFY, 0), -1, + "Failed to build user header\n"); + HIP_IFEL(hip_build_param_cert_x509_ver(msg, (char *) certificate, len), -1, + "Failed to build cert_info\n"); + + /* send and wait */ + HIP_DEBUG("Sending request to verify x509 cert to " + "daemon and waiting for answer\n"); + _HIP_DUMP_MSG(msg); + hip_send_recv_daemon_info(msg, 0, 0); + + /* get the struct from the message sent back by the daemon */ + HIP_IFEL(!(received = hip_get_param(msg, HIP_PARAM_CERT_X509_RESP)), -1, + "No x509 struct found\n"); + err = hip_get_msg_err(msg); + if (err == 0) { + HIP_DEBUG("Verified successfully\n"); + } else { HIP_DEBUG("Verification failed\n"); + } + _HIP_DUMP_MSG(msg); + +out_err: + if (msg) { + free(msg); + } + return err; } /******************************************************************************* - * UTILITARY FUNCTIONS * - *******************************************************************************/ +* UTILITARY FUNCTIONS * +*******************************************************************************/ /** @@ -765,18 +810,21 @@ * * @return * X509 or on error NULL is returned */ -X509 * hip_cert_der_to_x509(const unsigned char * der, int length) { - int err = 0; - X509 * cert = NULL; - - _HIP_HEXDUMP("DER:\n", der, length); - _HIP_DEBUG("DER length %d\n", length); - - HIP_IFEL(((cert = d2i_X509(NULL, (BROKEN_SSL_CONST unsigned char**)&der , length)) == NULL), -1, - "Failed to convert cert from DER to internal format\n"); - out_err: - if (err == -1) return NULL; - return cert; +X509 *hip_cert_der_to_x509(const unsigned char *der, int length) +{ + int err = 0; + X509 *cert = NULL; + + _HIP_HEXDUMP("DER:\n", der, length); + _HIP_DEBUG("DER length %d\n", length); + + HIP_IFEL(((cert = d2i_X509(NULL, (BROKEN_SSL_CONST unsigned char **) &der, length)) == NULL), -1, + "Failed to convert cert from DER to internal format\n"); +out_err: + if (err == -1) { + return NULL; + } + return cert; } /** @@ -786,64 +834,70 @@ * * @return *X509 or on error NULL is returned */ -X509 * hip_cert_pem_to_x509(char * pem) { - int err = 0; - BIO *out = NULL; - X509 * cert = NULL; - - _HIP_DEBUG("PEM:\n%s\nLength of PEM %d\n", pem, strlen(pem)); - out = BIO_new_mem_buf(pem, -1); - HIP_IFEL((NULL == (cert = PEM_read_bio_X509(out, NULL, 0, NULL))), -1, - "Cert variable is NULL\n"); - out_err: - - if (out) - { - err = BIO_flush(out); - err = 0; /* We are not interested in the return value here */ - } - if (err == -1) return NULL; - return cert; +X509 *hip_cert_pem_to_x509(char *pem) +{ + int err = 0; + BIO *out = NULL; + X509 *cert = NULL; + + _HIP_DEBUG("PEM:\n%s\nLength of PEM %d\n", pem, strlen(pem)); + out = BIO_new_mem_buf(pem, -1); + HIP_IFEL((NULL == (cert = PEM_read_bio_X509(out, NULL, 0, NULL))), -1, + "Cert variable is NULL\n"); +out_err: + + if (out) { + err = BIO_flush(out); + err = 0; /* We are not interested in the return value here */ + } + if (err == -1) { + return NULL; + } + return cert; } - + /** * hip_cert_read_conf_section - Function that reads configuration * section from HIP_CERT_CONF_PATH, * * @param section_name a char pointer pointing to the name of the section to be retrieved - * @param conf pointer to CONF struct that will point to the default configuration - * - * @return STACK_OF(CONF_VALUE) pointer if ok and NULL if error or unsuccesfull. - * - * @note Remember to open the conf first with hip_cert_open_conf and after done close + * @param conf pointer to CONF struct that will point to the default configuration + * + * @return STACK_OF(CONF_VALUE) pointer if ok and NULL if error or unsuccesfull. + * + * @note Remember to open the conf first with hip_cert_open_conf and after done close * the conf with the hip_cert_free_conf - * + * */ -STACK_OF(CONF_VALUE) * hip_cert_read_conf_section(char * section_name, CONF * conf) { - long err = 0; - int i; - STACK_OF(CONF_VALUE) * sec = NULL; - CONF_VALUE *item; - - _HIP_DEBUG("Started to read cert configuration file\n"); - - /* XXTODO conf is opened and reopened here why -Samu */ - conf = NCONF_new(NCONF_default()); - HIP_IFEL(!NCONF_load(conf, HIP_CERT_CONF_PATH, &err), - -1, "Error opening the configuration file"); - - HIP_IFEL(!(sec = NCONF_get_section(conf, section_name)), -1, - "Section %s was not in the configuration (%s)\n", - section_name,HIP_CERT_CONF_PATH); - - for (i = 0; i < sk_CONF_VALUE_num(sec); i++) { - item = (void*)sk_CONF_VALUE_value(sec, i); - _HIP_DEBUG("Sec: %s, Key; %s, Val %s\n", - item->section, item->name, item->value); - } +STACK_OF(CONF_VALUE) * hip_cert_read_conf_section(char *section_name, + CONF * conf) +{ + long err = 0; + int i; + STACK_OF(CONF_VALUE) * sec = NULL; + CONF_VALUE *item; + + _HIP_DEBUG("Started to read cert configuration file\n"); + + /* XXTODO conf is opened and reopened here why -Samu */ + conf = NCONF_new(NCONF_default()); + HIP_IFEL(!NCONF_load(conf, HIP_CERT_CONF_PATH, &err), + -1, "Error opening the configuration file"); + + HIP_IFEL(!(sec = NCONF_get_section(conf, section_name)), -1, + "Section %s was not in the configuration (%s)\n", + section_name, HIP_CERT_CONF_PATH); + + for (i = 0; i < sk_CONF_VALUE_num(sec); i++) { + item = (void *) sk_CONF_VALUE_value(sec, i); + _HIP_DEBUG("Sec: %s, Key; %s, Val %s\n", + item->section, item->name, item->value); + } out_err: - if (err == -1) return NULL; - return sec; + if (err == -1) { + return NULL; + } + return sec; } /** @@ -851,31 +905,37 @@ * * @param void * - * @return CONF pointer if ok and NULL if error or unsuccesfull. + * @return CONF pointer if ok and NULL if error or unsuccesfull. */ -CONF * hip_cert_open_conf(void) { - long err = 0; - CONF *conf = NULL; - - _HIP_DEBUG("Started to read cert configuration file\n"); - - conf = NCONF_new(NCONF_default()); - HIP_IFEL(!NCONF_load(conf, HIP_CERT_CONF_PATH, &err), - -1, "Error opening the configuration file"); +CONF *hip_cert_open_conf(void) +{ + long err = 0; + CONF *conf = NULL; + + _HIP_DEBUG("Started to read cert configuration file\n"); + + conf = NCONF_new(NCONF_default()); + HIP_IFEL(!NCONF_load(conf, HIP_CERT_CONF_PATH, &err), + -1, "Error opening the configuration file"); out_err: - if (err == -1) return NULL; - return conf; + if (err == -1) { + return NULL; + } + return conf; } /** * hip_cert_free_conf - Function that frees the memory of a allocated configuration * - * @param CONF pointer to the to be freed configuration + * @param CONF pointer to the to be freed configuration * - * @return void + * @return void */ -void hip_cert_free_conf(CONF * conf) { - if (conf) NCONF_free(conf); +void hip_cert_free_conf(CONF *conf) +{ + if (conf) { + NCONF_free(conf); + } } /** @@ -886,43 +946,43 @@ * @param start will store the start point of the found substr * @param stop will store the end point of the found substr * - * @return 0 if ok and negative if error. - * + * @return 0 if ok and negative if error. + * * @note Be carefull with the what so you get what you want :) */ -int hip_cert_regex(char * what, char * from, int * start, int * stop) { - int err = 0, status = 0; - regex_t re; - regmatch_t answer[1]; - - *start = *stop = 0; - - /* Compiling the regular expression */ - HIP_IFEL(regcomp(&re, what, REG_EXTENDED), -1, - "Compilation of the regular expression failed\n"); - /* Running the regular expression */ - // TODO this might need to be an error!? - // this needs to be separated to found, not found, and error -Samu - if ((status = regexec(&re, from, 1, answer, 0))) - { - _HIP_DEBUG("No match for regexp or failed to run it\n"); - err = -1; - goto out_err; - } - - _HIP_DEBUG("Found \"%s\" at %d and it ends at %d\n", - what, answer[0].rm_so, answer[0].rm_eo); - - *start = answer[0].rm_so; - *stop = answer[0].rm_eo; - - /* Just for debugging do NOT leave these 2 lines uncommented */ - /* - int i = 0; - for (i = answer[0].rm_so; i < answer[0].rm_eo; i++) HIP_DEBUG("%c", from[i]); - HIP_DEBUG("\n"); - */ - out_err: - regfree(&re); - return (err); +int hip_cert_regex(char *what, char *from, int *start, int *stop) +{ + int err = 0, status = 0; + regex_t re; + regmatch_t answer[1]; + + *start = *stop = 0; + + /* Compiling the regular expression */ + HIP_IFEL(regcomp(&re, what, REG_EXTENDED), -1, + "Compilation of the regular expression failed\n"); + /* Running the regular expression */ + // TODO this might need to be an error!? + // this needs to be separated to found, not found, and error -Samu + if ((status = regexec(&re, from, 1, answer, 0))) { + _HIP_DEBUG("No match for regexp or failed to run it\n"); + err = -1; + goto out_err; + } + + _HIP_DEBUG("Found \"%s\" at %d and it ends at %d\n", + what, answer[0].rm_so, answer[0].rm_eo); + + *start = answer[0].rm_so; + *stop = answer[0].rm_eo; + + /* Just for debugging do NOT leave these 2 lines uncommented */ + /* + * int i = 0; + * for (i = answer[0].rm_so; i < answer[0].rm_eo; i++) HIP_DEBUG("%c", from[i]); + * HIP_DEBUG("\n"); + */ +out_err: + regfree(&re); + return err; } === modified file 'lib/core/certtools.c.doxyme' --- lib/core/certtools.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/certtools.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,118 +45,117 @@ /** - * hip_cert_der_to_x509 - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_free_conf - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_open_conf + * hip_cert_der_to_x509 + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_free_conf + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_open_conf * * * @param void - * @return - **/ - - -/** - * hip_cert_pem_to_x509 - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_regex - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_build_cert - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_char2certinfo - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_create_cert - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_inject - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_lib_verify - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_spki_send_to_verification - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_x509v3_request_certificate - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_cert_x509v3_request_verification - * - * - * @param autogen.sh - * @return - **/ - + * @return + **/ + + +/** + * hip_cert_pem_to_x509 + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_regex + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_build_cert + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_char2certinfo + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_create_cert + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_inject + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_lib_verify + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_spki_send_to_verification + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_x509v3_request_certificate + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_cert_x509v3_request_verification + * + * + * @param autogen.sh + * @return + **/ === modified file 'lib/core/certtools.h' --- lib/core/certtools.h 2010-01-19 09:28:42 +0000 +++ lib/core/certtools.h 2010-02-10 23:55:24 +0000 @@ -3,7 +3,7 @@ /** @file * A header file for certtools.c - * + * * Certificate building, parseing and verification functions. * * @author Samu Varjonen @@ -32,7 +32,7 @@ #include "hashtable.h" /** Defines **/ -#define HIP_CERT_CONF_PATH HIPL_SYSCONFDIR"hip_cert.cnf" +#define HIP_CERT_CONF_PATH HIPL_SYSCONFDIR "hip_cert.cnf" /* Needed if the configuration file for certs did not exist */ #define HIP_CERT_INIT_DAYS 10 @@ -41,14 +41,14 @@ /** Struct used to deliver the minimal needed information to build SPKI cert **/ struct hip_cert_spki_info { - hip_tlv_type_t type; - hip_tlv_len_t length; - char public_key[768]; - char cert[224]; - char signature[768]; - struct in6_addr issuer_hit; - /* 0 if succesfully verified otherwise negative */ - uint32_t success; + hip_tlv_type_t type; + hip_tlv_len_t length; + char public_key[768]; + char cert[224]; + char signature[768]; + struct in6_addr issuer_hit; + /* 0 if succesfully verified otherwise negative */ + uint32_t success; }; /** SPKI cert related functions **/ @@ -60,18 +60,18 @@ int hip_cert_spki_build_cert(struct hip_cert_spki_info *); int hip_cert_spki_inject(struct hip_cert_spki_info *, char *, char *); int hip_cert_spki_construct_keys(HIP_HASHTABLE *, hip_hit_t *, RSA *); -int hip_cert_spki_char2certinfo(char *,struct hip_cert_spki_info *); +int hip_cert_spki_char2certinfo(char *, struct hip_cert_spki_info *); int hip_cert_spki_send_to_verification(struct hip_cert_spki_info *); /** x509v3 cert related functions **/ int hip_cert_x509v3_request_certificate(struct in6_addr *, unsigned char *); int hip_cert_x509v3_request_verification(unsigned char *, int); - + /** Utilitary functions **/ -X509 * hip_cert_der_to_x509(const unsigned char *, int); -X509 * hip_cert_pem_to_x509(char *); +X509 *hip_cert_der_to_x509(const unsigned char *, int); +X509 *hip_cert_pem_to_x509(char *); STACK_OF(CONF_VALUE) * hip_cert_read_conf_section(char *, CONF *); -CONF * hip_cert_open_conf(void); +CONF *hip_cert_open_conf(void); void hip_cert_free_conf(CONF *); int hip_cert_regex(char *, char *, int *, int *); === modified file 'lib/core/certtools.h.doxyme' --- lib/core/certtools.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/certtools.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/certtools.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/common_defines.h' --- lib/core/common_defines.h 2010-01-19 09:28:42 +0000 +++ lib/core/common_defines.h 2010-02-10 23:55:24 +0000 @@ -10,37 +10,37 @@ #include <stdint.h> /* maximum packet size of a packet to be sent on the wire */ -#define MAX_PACKET_SIZE 1500 +#define MAX_PACKET_SIZE 1500 /* see bug id 595 * * @note if you want to make this smaller, you have to change also * /proc/sys/net/ipv6/conf/default/mtu, but it will have a * negative impact on non-HIP IPv6 connectivity. */ -#define MIN_HIP_MTU 1280 +#define MIN_HIP_MTU 1280 /* change this when support for a cipher with bigger block size is added */ -#define CIPHER_BLOCK_SIZE AES_BLOCK_SIZE +#define CIPHER_BLOCK_SIZE AES_BLOCK_SIZE /* IP version translation from IPv4 to IPv6 takes another 20 bytes */ -#define IPV4_TO_IPV6 (sizeof(struct ip6_hdr) - sizeof(struct ip)) +#define IPV4_TO_IPV6 (sizeof(struct ip6_hdr) - sizeof(struct ip)) /* max. ESP padding as defined in RFC ??? * * @note this allows to hide the actual payload length */ -#define MAX_ESP_PADDING 255 +#define MAX_ESP_PADDING 255 /* this is the the max. ESP padding as needed by the cipher * * @note calculated as max. block-size - 1 */ -#define CIPHER_ESP_PADDING CIPHER_BLOCK_SIZE - 1 +#define CIPHER_ESP_PADDING CIPHER_BLOCK_SIZE - 1 /* in the max packet size case we don't want to use any padding * -> the payload should fill the whole last block */ -#define NO_ESP_PADDING 0 +#define NO_ESP_PADDING 0 /* if we do IP version translation from IPv4 to IPv6 we get another IPV4_TO_IPV6 * bytes. Consider this in the last block. */ -#define OPTIMAL_ESP_PADDING CIPHER_BLOCK_SIZE - (IPV4_TO_IPV6 % CIPHER_BLOCK_SIZE) +#define OPTIMAL_ESP_PADDING CIPHER_BLOCK_SIZE - (IPV4_TO_IPV6 % CIPHER_BLOCK_SIZE) /* change this if you want to use another padding */ -#define ESP_PADDING OPTIMAL_ESP_PADDING +#define ESP_PADDING OPTIMAL_ESP_PADDING /* overhead added by encapsulating the application packet in * an ESP packet @@ -50,29 +50,27 @@ * @note additional space for possible IP4 -> IPv6 conversion, UDP encapsulation, * ESP header, max. initialization vector for a cipher, max. allowed padding, * ESP tail, ESP authentication part */ -#define BEET_OVERHEAD IPV4_TO_IPV6 \ - + sizeof(struct udphdr) + sizeof(struct hip_esp) \ - + AES_BLOCK_SIZE + ESP_PADDING \ - + sizeof(struct hip_esp_tail) + EVP_MAX_MD_SIZE +#define BEET_OVERHEAD IPV4_TO_IPV6 \ + + sizeof(struct udphdr) + sizeof(struct hip_esp) \ + + AES_BLOCK_SIZE + ESP_PADDING \ + + sizeof(struct hip_esp_tail) + EVP_MAX_MD_SIZE /* maximum allowed packet size coming from the application */ -#define HIP_MTU MAX_PACKET_SIZE - (BEET_OVERHEAD) +#define HIP_MTU MAX_PACKET_SIZE - (BEET_OVERHEAD) -#define HIP_HIT_DEV_MTU HIP_MTU >= MIN_HIP_MTU ? HIP_MTU : MIN_HIP_MTU +#define HIP_HIT_DEV_MTU HIP_MTU >= MIN_HIP_MTU ? HIP_MTU : MIN_HIP_MTU /*********** ESP structures *************/ -struct hip_esp -{ - uint32_t esp_spi; - uint32_t esp_seq; +struct hip_esp { + uint32_t esp_spi; + uint32_t esp_seq; } __attribute__ ((packed)); -struct hip_esp_tail -{ - uint8_t esp_padlen; - uint8_t esp_next; +struct hip_esp_tail { + uint8_t esp_padlen; + uint8_t esp_next; } __attribute__ ((packed)); #endif /* COMMON_DEFINES_H_ */ === modified file 'lib/core/common_defines.h.doxyme' --- lib/core/common_defines.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/common_defines.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/common_defines.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/debug.c' --- lib/core/debug.c 2010-02-08 15:18:06 +0000 +++ lib/core/debug.c 2010-02-10 23:55:24 +0000 @@ -15,7 +15,7 @@ * PERROR("socket"); * HEXDUMP("foobar", data, len); *</pre> - * + * * Adjusting of log types and format dynamically. (there really should not be a * reason to call these in the code, because default settings should be * reasonable) @@ -24,7 +24,7 @@ * hip_set_logtype(LOGTYPE_STDERR); // set logging output to stderr * hip_set_logfmt(LOGFMT_SHORT); // set short logging format *</pre> - * + * * @todo debug messages should not be compiled at all in a production release * @todo set_log{type|format}(XX_DEFAULT) * @todo locking (is it really needed?) @@ -53,8 +53,8 @@ /* must be in the same order as enum debug_level (straight mapping) */ const int debug2syslog_map[] = { LOG_ALERT, - LOG_ERR, - LOG_INFO, + LOG_ERR, + LOG_INFO, LOG_DEBUG }; /* must be in the same order as enum debug_level (straight mapping) */ @@ -66,137 +66,145 @@ * here and it should not be used. */ #ifdef CONFIG_HIP_DEBUG -static enum logtype_t logtype = LOGTYPE_STDERR; +static enum logtype_t logtype = LOGTYPE_STDERR; #else -static enum logtype_t logtype = LOGTYPE_SYSLOG; +static enum logtype_t logtype = LOGTYPE_SYSLOG; #endif /* CONFIG_HIP_DEBUG */ #ifdef HIP_LOGFMT_LONG -static enum logfmt_t logfmt = LOGFMT_LONG; +static enum logfmt_t logfmt = LOGFMT_LONG; #else -static enum logfmt_t logfmt = LOGFMT_SHORT; +static enum logfmt_t logfmt = LOGFMT_SHORT; #endif /* HIP_LONGFMT */ static enum logdebug_t logdebug = LOGDEBUG_ALL; /** * @brief Sets logging to stderr or syslog. - * - * Defines where HIP daemon DEBUG, INFO, ERROR etc. messages are printed. - * + * + * Defines where HIP daemon DEBUG, INFO, ERROR etc. messages are printed. + * * @param new_logtype the type of logging output, either LOGTYPE_STDERR or * LOGTYPE_SYSLOG */ -void hip_set_logtype(int new_logtype) { - logtype = new_logtype; +void hip_set_logtype(int new_logtype) +{ + logtype = new_logtype; } /** * @brief Sets the formatting of log output. * - * Defines whether the messages should include file name and line number or not. - * + * Defines whether the messages should include file name and line number or not. + * * @param new_logfmt the format of the log output, either LOGFMT_SHORT or * LOGFMT_LONG */ -void hip_set_logfmt(int new_logfmt) { - logfmt = new_logfmt; +void hip_set_logfmt(int new_logfmt) +{ + logfmt = new_logfmt; } /** * @brief Selects what logging messages to display. - * + * * @param new_logdebug either LOGDEBUG_ALL, LOGDEBUG_MEDIUM or LOGDEBUG_NONE * @return always zero. */ -int hip_set_logdebug(int new_logdebug) { - logdebug = new_logdebug; - return 0; +int hip_set_logdebug(int new_logdebug) +{ + logdebug = new_logdebug; + return 0; } - /** - * hip_set_auto_logdebug - The libraries read from hipd configuration file what + * hip_set_auto_logdebug - The libraries read from hipd configuration file what * logging messages to display * @param name pointer that contains the name of the hipd configuration file. * @return zero on success, or negative error value on error. * */ -int hip_set_auto_logdebug(const char *cfile){ - int err = 0, i, len; - FILE *hip_config = NULL; - - List list; - char *c, line[128], *fname, *args[64], *comment; - - if (!strcmp(cfile, "default")) - fname = HIPL_CONFIG_FILE; - else - fname = (char *) cfile; - - HIP_IFEL(!(hip_config = fopen(fname, "r")), -1, - "Error: can't open config file %s.\n", fname); - - while(err == 0 && fgets(line, sizeof(line), hip_config) != NULL) { - - /* Remove whitespace */ - c = line; - while (*c == ' ' || *c == '\t') - c++; - - /* Line is a comment or empty */ - if (c[0] =='#' || c[0] =='\n' || c[0] == '\0') - continue; - - /* If line is not a "debug" command, skip it */ - if (strncmp(c, "debug", 5)) - continue; - - /* Terminate before (the first) trailing comment */ - comment = strchr(c, '#'); - if (comment) - *comment = '\0'; - - /* replace \n with \0 */ - c[strlen(c) - 1] = '\0'; - - /* split the line into an array of strings and feed it - recursively to hipconf */ - initlist(&list); - extractsubstrings(c, &list); - len = length(&list); - for(i = 0; i < len; i++) { - /* the list is backwards ordered */ - args[len - i - 1] = getitem(&list, i); - } - - if(len != 2) - HIP_IFEL(1, -EINVAL, "Wrong amount of arguments. Usage:\ndebug all|medium|none\n"); - - if (!strcmp("all", args[1])) { - HIP_IFEL(hip_set_logdebug(LOGDEBUG_ALL), -1, "Error setting the debug parameter."); - HIP_INFO("Displaying all debugging messages\n"); - } else if (!strcmp("medium", args[1])) { - HIP_IFEL(hip_set_logdebug(LOGDEBUG_MEDIUM), -1, "Error setting the debug parameter."); - HIP_INFO("Displaying ERROR and INFO debugging messages\n"); - } else if (!strcmp("none", args[1])) { - HIP_IFEL(hip_set_logdebug(LOGDEBUG_NONE), -1, "Error setting the debug parameter."); - HIP_INFO("Displaying no debugging messages\n"); - } else - HIP_IFEL(1, -EINVAL, "Unknown argument\n"); - - destroy(&list); - } - - out_err: - if (hip_config) - fclose(hip_config); - - return err; - +int hip_set_auto_logdebug(const char *cfile) +{ + int err = 0, i, len; + FILE *hip_config = NULL; + + List list; + char *c, line[128], *fname, *args[64], *comment; + + if (!strcmp(cfile, "default")) { + fname = HIPL_CONFIG_FILE; + } else { + fname = (char *) cfile; + } + + HIP_IFEL(!(hip_config = fopen(fname, "r")), -1, + "Error: can't open config file %s.\n", fname); + + while (err == 0 && fgets(line, sizeof(line), hip_config) != NULL) { + /* Remove whitespace */ + c = line; + while (*c == ' ' || *c == '\t') { + c++; + } + + /* Line is a comment or empty */ + if (c[0] == '#' || c[0] == '\n' || c[0] == '\0') { + continue; + } + + /* If line is not a "debug" command, skip it */ + if (strncmp(c, "debug", 5)) { + continue; + } + + /* Terminate before (the first) trailing comment */ + comment = strchr(c, '#'); + if (comment) { + *comment = '\0'; + } + + /* replace \n with \0 */ + c[strlen(c) - 1] = '\0'; + + /* split the line into an array of strings and feed it + * recursively to hipconf */ + initlist(&list); + extractsubstrings(c, &list); + len = length(&list); + for (i = 0; i < len; i++) { + /* the list is backwards ordered */ + args[len - i - 1] = getitem(&list, i); + } + + if (len != 2) { + HIP_IFEL(1, -EINVAL, "Wrong amount of arguments. Usage:\ndebug all|medium|none\n"); + } + + if (!strcmp("all", args[1])) { + HIP_IFEL(hip_set_logdebug(LOGDEBUG_ALL), -1, "Error setting the debug parameter."); + HIP_INFO("Displaying all debugging messages\n"); + } else if (!strcmp("medium", args[1])) { + HIP_IFEL(hip_set_logdebug(LOGDEBUG_MEDIUM), -1, "Error setting the debug parameter."); + HIP_INFO("Displaying ERROR and INFO debugging messages\n"); + } else if (!strcmp("none", args[1])) { + HIP_IFEL(hip_set_logdebug(LOGDEBUG_NONE), -1, "Error setting the debug parameter."); + HIP_INFO("Displaying no debugging messages\n"); + } else { + HIP_IFEL(1, -EINVAL, "Unknown argument\n"); + } + + destroy(&list); + } + +out_err: + if (hip_config) { + fclose(hip_config); + } + + return err; } - /** * hip_handle_log_error - handle errors generated by log handling * @param logtype the type of the log that generated the error (LOGTYPE_STDERR or @@ -206,14 +214,15 @@ * be to e.g. exit). * */ -void hip_handle_log_error(int logtype) { - fprintf(stderr, "log (type=%d) failed, ignoring\n", logtype); +void hip_handle_log_error(int logtype) +{ + fprintf(stderr, "log (type=%d) failed, ignoring\n", logtype); } /** * hip_vlog - "multiplexer" for correctly outputting all debug messages * @param debug_level the urgency of the message (DEBUG_LEVEL_XX) - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param fmt the output format of the debug message as in printf(3) @@ -223,73 +232,81 @@ * debugging functions. */ void hip_vlog(int debug_level, const char *file, const int line, - const char *function, const char *fmt, va_list args) { - char syslog_msg[DEBUG_MSG_MAX_LEN] = ""; - int syslog_level = debug2syslog_map[debug_level]; - char prefix[DEBUG_PREFIX_MAX] = "\0"; - int printed = 0; + const char *function, const char *fmt, va_list args) +{ + char syslog_msg[DEBUG_MSG_MAX_LEN] = ""; + int syslog_level = debug2syslog_map[debug_level]; + char prefix[DEBUG_PREFIX_MAX] = "\0"; + int printed = 0; - if (logfmt == LOGFMT_LONG) { - /* note: printed is not absolutely necessary to check in this case; - worst case is that filename or line number could be shortened */ - printed = snprintf(prefix, DEBUG_PREFIX_MAX, "%s(%s:%d@%s)", - debug_prefix[debug_level], file, line, function); - } else { - /* LOGFMT_SHORT: no prefix */ - } - - switch(logtype) { - case LOGTYPE_NOLOG: - break; - case LOGTYPE_STDERR: - if (strlen(prefix) > 0) { - printed = fprintf(stderr, "%s: ", prefix); - if (printed < 0) - goto err; + if (logfmt == LOGFMT_LONG) { + /* note: printed is not absolutely necessary to check in this case; + * worst case is that filename or line number could be shortened */ + printed = snprintf(prefix, DEBUG_PREFIX_MAX, "%s(%s:%d@%s)", + debug_prefix[debug_level], file, line, function); } else { - /* LOGFMT_SHORT: no prefix */ - } - - printed = vfprintf(stderr, fmt, args); - if (printed < 0) - goto err; - break; - case LOGTYPE_SYSLOG: - openlog(NULL, SYSLOG_OPT, SYSLOG_FACILITY); - printed = vsnprintf(syslog_msg, DEBUG_MSG_MAX_LEN, fmt, args); - syslog(syslog_level|SYSLOG_FACILITY, "%s %s", prefix, syslog_msg); - /* the result of vsnprintf depends on glibc version; handle them both - (note about barriers: printed has \0 excluded, - DEBUG_MSG_MAX_LEN has \0 included) */ - if (printed < 0 || printed > DEBUG_MSG_MAX_LEN - 1) { - syslog(syslog_level|SYSLOG_FACILITY, - "%s", "previous msg was truncated!!!"); - } - closelog(); - break; - default: - printed = fprintf(stderr, "hip_vlog(): undefined logtype: %d", logtype); - exit(1); - } - - /* logging was succesful */ - return; - - err: - hip_handle_log_error(logtype); - + /* LOGFMT_SHORT: no prefix */ + } + + switch (logtype) { + case LOGTYPE_NOLOG: + break; + case LOGTYPE_STDERR: + if (strlen(prefix) > 0) { + printed = fprintf(stderr, "%s: ", prefix); + if (printed < 0) { + goto err; + } + } else { + /* LOGFMT_SHORT: no prefix */ + } + + printed = vfprintf(stderr, fmt, args); + if (printed < 0) { + goto err; + } + break; + case LOGTYPE_SYSLOG: + openlog(NULL, SYSLOG_OPT, SYSLOG_FACILITY); + printed = vsnprintf(syslog_msg, DEBUG_MSG_MAX_LEN, fmt, args); + syslog(syslog_level | SYSLOG_FACILITY, "%s %s", prefix, syslog_msg); + /* the result of vsnprintf depends on glibc version; handle them both + * (note about barriers: printed has \0 excluded, + * DEBUG_MSG_MAX_LEN has \0 included) */ + if (printed < 0 || printed > DEBUG_MSG_MAX_LEN - 1) { + syslog(syslog_level | SYSLOG_FACILITY, + "%s", "previous msg was truncated!!!"); + } + closelog(); + break; + default: + printed = fprintf(stderr, "hip_vlog(): undefined logtype: %d", logtype); + exit(1); + } + + /* logging was succesful */ + return; + +err: + hip_handle_log_error(logtype); } -void hip_print_str(int debug_level, const char *file, int line, const char *function, const char *fmt, ...) +void hip_print_str(int debug_level, + const char *file, + int line, + const char *function, + const char *fmt, + ...) { - va_list args; - va_start(args, fmt); - if ((debug_level == DEBUG_LEVEL_INFO && logdebug != LOGDEBUG_NONE) || - (debug_level == DEBUG_LEVEL_DEBUG && logdebug == LOGDEBUG_ALL) || - (debug_level == DEBUG_LEVEL_ERROR && logdebug != LOGDEBUG_NONE) || - (debug_level == DEBUG_LEVEL_DIE)) - hip_vlog(debug_level, file, line, function, fmt, args); - va_end(args); + va_list args; + va_start(args, fmt); + if ((debug_level == DEBUG_LEVEL_INFO && logdebug != LOGDEBUG_NONE) || + (debug_level == DEBUG_LEVEL_DEBUG && logdebug == LOGDEBUG_ALL) || + (debug_level == DEBUG_LEVEL_ERROR && logdebug != LOGDEBUG_NONE) || + (debug_level == DEBUG_LEVEL_DIE)) { + hip_vlog(debug_level, file, line, function, fmt, args); + } + va_end(args); } /** @@ -300,7 +317,7 @@ * than the current debug level. * @param debug_group the debug group which has to be matched * @param debug_level the debug level of the debug output - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param fmt the output format of the debug message as in printf(3) @@ -310,21 +327,22 @@ * use the HIP_DEBUG_GL macro instead. */ void hip_debug_gl(int debug_group, int debug_level, - const char *file, int line, - const char *function, const char *fmt, ...) { - if(debug_level <= HIP_DEBUG_LEVEL && - (HIP_DEBUG_GROUP == HIP_DEBUG_GROUP_ALL || - debug_group == HIP_DEBUG_GROUP) && logdebug == LOGDEBUG_ALL) { - va_list args; - va_start(args, fmt); - hip_vlog(DEBUG_LEVEL_DEBUG, file, line, function, fmt, args); - va_end(args); - } + const char *file, int line, + const char *function, const char *fmt, ...) +{ + if (debug_level <= HIP_DEBUG_LEVEL && + (HIP_DEBUG_GROUP == HIP_DEBUG_GROUP_ALL || + debug_group == HIP_DEBUG_GROUP) && logdebug == LOGDEBUG_ALL) { + va_list args; + va_start(args, fmt); + hip_vlog(DEBUG_LEVEL_DEBUG, file, line, function, fmt, args); + va_end(args); + } } /** * hip_die - output a fatal error and exit - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param fmt the output format of the debug message as in printf(3) @@ -334,18 +352,18 @@ * use the HIP_DIE macro instead. */ void hip_die(const char *file, int line, const char *function, - const char *fmt, ...) { - va_list args; - va_start(args, fmt); - hip_print_str(DEBUG_LEVEL_DIE, file, line, function, fmt, args); - va_end(args); - exit(1); + const char *fmt, ...) +{ + va_list args; + va_start(args, fmt); + hip_print_str(DEBUG_LEVEL_DIE, file, line, function, fmt, args); + va_end(args); + exit(1); } - /** * hip_error - output an error message (high level) - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param fmt the output format of the debug message as in printf(3) @@ -355,18 +373,19 @@ * use the HIP_ERROR macro instead. */ void hip_error(const char *file, int line, const char *function, - const char *fmt, ...) { - if ( logdebug != LOGDEBUG_NONE ){ - va_list args; - va_start(args, fmt); - hip_vlog(DEBUG_LEVEL_ERROR, file, line, function, fmt, args); - va_end(args); - } + const char *fmt, ...) +{ + if (logdebug != LOGDEBUG_NONE) { + va_list args; + va_start(args, fmt); + hip_vlog(DEBUG_LEVEL_ERROR, file, line, function, fmt, args); + va_end(args); + } } /** * hip_perror_wrapper - a wrapper for perror(3) style calls - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param s the string as in perror(3) @@ -376,16 +395,17 @@ * debug module, use the HIP_PERROR macro instead. */ void hip_perror_wrapper(const char *file, int line, const char *function, - const char *s) { - hip_error(file, line, function, "%s%s\n", s, strerror(errno)); + const char *s) +{ + hip_error(file, line, function, "%s%s\n", s, strerror(errno)); } /** * Prints a hexdump starting from address @c str of length @c len. Do not call * this function from the outside of the debug module, use the HIP_HEXDUMP macro * instead. - * - * @param file the file from where the debug call was made + * + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param prefix the prefix string will printed before the hexdump @@ -393,185 +413,186 @@ * @param len the length of the data to be hexdumped */ void hip_hexdump(const char *file, int line, const char *function, - const char *prefix, const void *str, int len) { - int hexdump_max_size = 0; - int hexdump_count = 0; - char *hexdump = NULL; - int hexdump_written = 0; - int hexdump_index = 0; - int char_index = 0; - - hexdump_max_size = len * 2 + 1; - hexdump_count = hexdump_max_size; - - hexdump = (char *) calloc(hexdump_max_size, sizeof(char)); - if (hexdump == NULL) { - HIP_DIE("hexdump memory allocation failed\n"); - } - if(len == 0){ - /* Removed this error message to keep hexdump quiet in - HIP_DUMP_MSG for zero length padding. Lauri 22.09.2006 */ - //HIP_ERROR("hexdump length was 0\n"); - }else{ - do { - /* note: if you change the printing format, adjust also hexdump_count! */ - hexdump_written = snprintf((char *) (hexdump + hexdump_index), - hexdump_count, "%02x", - (unsigned char)(*(((unsigned char *)str) + char_index))); - if (hexdump_written < 0 || hexdump_written > hexdump_max_size - 1) { - free(hexdump); - HIP_DIE("hexdump msg too long(%d)", hexdump_written); - } else { - hexdump_count -= hexdump_written; - HIP_ASSERT(hexdump_count >=0); - hexdump_index += hexdump_written; - HIP_ASSERT(hexdump_index + hexdump_count == hexdump_max_size); - } - char_index++; - } while(char_index < len); - - hip_print_str(DEBUG_LEVEL_DEBUG, file, line, function, "%s0x%s\n", prefix, hexdump); - } - - free(hexdump); - + const char *prefix, const void *str, int len) +{ + int hexdump_max_size = 0; + int hexdump_count = 0; + char *hexdump = NULL; + int hexdump_written = 0; + int hexdump_index = 0; + int char_index = 0; + + hexdump_max_size = len * 2 + 1; + hexdump_count = hexdump_max_size; + + hexdump = (char *) calloc(hexdump_max_size, sizeof(char)); + if (hexdump == NULL) { + HIP_DIE("hexdump memory allocation failed\n"); + } + if (len == 0) { + /* Removed this error message to keep hexdump quiet in + * HIP_DUMP_MSG for zero length padding. Lauri 22.09.2006 */ + //HIP_ERROR("hexdump length was 0\n"); + } else { + do { + /* note: if you change the printing format, adjust also hexdump_count! */ + hexdump_written + = snprintf((char *) (hexdump + hexdump_index), + hexdump_count, + "%02x", + (unsigned char) (*(((unsigned char *) str) + + char_index))); + if (hexdump_written < 0 || hexdump_written > hexdump_max_size - 1) { + free(hexdump); + HIP_DIE("hexdump msg too long(%d)", hexdump_written); + } else { + hexdump_count -= hexdump_written; + HIP_ASSERT(hexdump_count >= 0); + hexdump_index += hexdump_written; + HIP_ASSERT(hexdump_index + hexdump_count == hexdump_max_size); + } + char_index++; + } while (char_index < len); + + hip_print_str(DEBUG_LEVEL_DEBUG, file, line, function, "%s0x%s\n", prefix, hexdump); + } + + free(hexdump); } - /** * Example of the output: * 13 88 94 64 0d b9 89 ff f3 cc 4c a1 80 11 05 94 ...d......L..... * 6c 3c 00 00 01 01 08 0a 00 10 a2 58 00 0f 98 30 l<.........X.... */ int hip_hexdump_parsed(const char *file, int line, const char *function, - const char *prefix, const void *str, int len) + const char *prefix, const void *str, int len) { - int hexdump_total_size = 0; - int hexdump_count = 0; - int hexdump_written = 0; - int hexdump_index = 0; - int char_index = 0; - char *hexdump = NULL; - - int bytes_per_line = 16; - char space = ' '; - char nonascii = '.'; - char * asciidump = NULL; - int lines = 0; - int line_index = 0; - - int pad_length = 0; - int pad_start_position = 0; - - // Count lines - if (len % 16 == 0) - lines = (int) len / 16; - else - lines = (int) len / 16 + 1; - - hexdump_total_size = lines * 4 * bytes_per_line + 1; // one byte requires 4 bytes in the output (two for hex, one for ascii and one space) - pad_start_position = len * 3 + ((lines - 1) * bytes_per_line) + 1; - hexdump_count = hexdump_total_size; - pad_length = (hexdump_total_size - bytes_per_line) - pad_start_position; - - hexdump = (char *) calloc(hexdump_total_size, sizeof(char)); - asciidump = (char *) calloc((bytes_per_line + 2), sizeof(char)); - - _HIP_DEBUG("hexdump_total_size: %d, pad_start_position: %d, pad_length: %d\n", - hexdump_total_size, pad_start_position, pad_length); - if (hexdump == NULL || asciidump == NULL) { - HIP_DIE("memory allocation failed\n"); - } - - if(len > 0) { - while(char_index < len) { - - // Write the character in hex - hexdump_written = snprintf((char *) (hexdump + hexdump_index), - hexdump_count, "%02x", (unsigned char)(*(((unsigned char *)str) + char_index))); - if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { - free(hexdump); - HIP_DIE("hexdump msg too long(%d)", hexdump_written); - } - char written = (unsigned char)(*(((unsigned char *)str) + char_index)); - - // Write space between - hexdump_index += hexdump_written; - hexdump_count -= hexdump_written; - hexdump_written = snprintf((char *) (hexdump + hexdump_index), - hexdump_count, "%c", space); - if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { - free(hexdump); - free(asciidump); - HIP_DIE("hexdump msg too long(%d)", hexdump_written); - } - hexdump_count -= hexdump_written; - HIP_ASSERT(hexdump_count >=0); - hexdump_index += hexdump_written; - HIP_ASSERT(hexdump_index + hexdump_count == hexdump_total_size); - - // Wite the character in ascii to asciidump line - if (written > 32 && written < 127) - memset(asciidump + line_index, written, 1); - else - memset(asciidump + line_index, nonascii, 1); - line_index++; - /* If line is full or input is all read, copy data to hexdump */ - if (line_index >= 16 || (char_index + 1) == len) { - // Add padding - _HIP_DEBUG("Line ready\n"); - if ((char_index + 1) == len && pad_length > 0 - && ((hexdump_index + line_index + pad_length) < hexdump_total_size)) - { - char * padding = (char *) calloc(pad_length + 1, sizeof(char)); - _HIP_DEBUG("Creating padding for the last line... \n"); - _HIP_DEBUG("hexdump_index: %d, line_index: %d\n", hexdump_index, line_index); - memset(padding, ' ', pad_length); - memset(padding + pad_length, '\0', 1); - hexdump_written = snprintf((char *) (hexdump + hexdump_index), - hexdump_count, "%s", padding); - if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { - free(hexdump); - free(asciidump); - free(padding); - HIP_DIE("hexdump msg too long(%d)", hexdump_written); - } - hexdump_index += hexdump_written; - hexdump_count -= hexdump_written; - free(padding); - } - memset(asciidump + line_index, '\n', 1); - memset(asciidump + line_index + 1, '\0', 1); - hexdump_written = snprintf((char *) (hexdump + hexdump_index), - hexdump_count, "%s", asciidump); - if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { - free(hexdump); - free(asciidump); - HIP_DIE("hexdump msg too long(%d)", hexdump_written); - } - hexdump_index += hexdump_written; - hexdump_count -= hexdump_written; - line_index = 0; - memset(asciidump, 0, bytes_per_line + 2); - } - char_index++; - } - hip_print_str(DEBUG_LEVEL_DEBUG, file, line, function, "%s%s\n", prefix, hexdump); - } - else { - HIP_ERROR("hexdump length was 0\n"); - } - - free(hexdump); - free(asciidump); - - return 0; + int hexdump_total_size = 0; + int hexdump_count = 0; + int hexdump_written = 0; + int hexdump_index = 0; + int char_index = 0; + char *hexdump = NULL; + + int bytes_per_line = 16; + char space = ' '; + char nonascii = '.'; + char *asciidump = NULL; + int lines = 0; + int line_index = 0; + + int pad_length = 0; + int pad_start_position = 0; + + // Count lines + if (len % 16 == 0) { + lines = (int) len / 16; + } else { + lines = (int) len / 16 + 1; + } + + // one byte requires 4 bytes in the output (two for hex, one for ascii and one space) + hexdump_total_size = lines * 4 * bytes_per_line + 1; + pad_start_position = len * 3 + ((lines - 1) * bytes_per_line) + 1; + hexdump_count = hexdump_total_size; + pad_length = (hexdump_total_size - bytes_per_line) - pad_start_position; + + hexdump = (char *) calloc(hexdump_total_size, sizeof(char)); + asciidump = (char *) calloc((bytes_per_line + 2), sizeof(char)); + + _HIP_DEBUG("hexdump_total_size: %d, pad_start_position: %d, pad_length: %d\n", + hexdump_total_size, pad_start_position, pad_length); + if (hexdump == NULL || asciidump == NULL) { + HIP_DIE("memory allocation failed\n"); + } + + if (len > 0) { + while (char_index < len) { + // Write the character in hex + hexdump_written = snprintf((char *) (hexdump + hexdump_index), + hexdump_count, "%02x", (unsigned char) (*(((unsigned char *) str) + char_index))); + if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { + free(hexdump); + HIP_DIE("hexdump msg too long(%d)", hexdump_written); + } + char written = (unsigned char) (*(((unsigned char *) str) + char_index)); + + // Write space between + hexdump_index += hexdump_written; + hexdump_count -= hexdump_written; + hexdump_written = snprintf((char *) (hexdump + hexdump_index), + hexdump_count, "%c", space); + if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { + free(hexdump); + free(asciidump); + HIP_DIE("hexdump msg too long(%d)", hexdump_written); + } + hexdump_count -= hexdump_written; + HIP_ASSERT(hexdump_count >= 0); + hexdump_index += hexdump_written; + HIP_ASSERT(hexdump_index + hexdump_count == hexdump_total_size); + + // Wite the character in ascii to asciidump line + if (written > 32 && written < 127) { + memset(asciidump + line_index, written, 1); + } else { + memset(asciidump + line_index, nonascii, 1); + } + line_index++; + /* If line is full or input is all read, copy data to hexdump */ + if (line_index >= 16 || (char_index + 1) == len) { + // Add padding + _HIP_DEBUG("Line ready\n"); + if ((char_index + 1) == len && pad_length > 0 + && ((hexdump_index + line_index + pad_length) < hexdump_total_size)) { + char *padding = (char *) calloc(pad_length + 1, sizeof(char)); + _HIP_DEBUG("Creating padding for the last line... \n"); + _HIP_DEBUG("hexdump_index: %d, line_index: %d\n", hexdump_index, line_index); + memset(padding, ' ', pad_length); + memset(padding + pad_length, '\0', 1); + hexdump_written = snprintf((char *) (hexdump + hexdump_index), + hexdump_count, "%s", padding); + if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { + free(hexdump); + free(asciidump); + free(padding); + HIP_DIE("hexdump msg too long(%d)", hexdump_written); + } + hexdump_index += hexdump_written; + hexdump_count -= hexdump_written; + free(padding); + } + memset(asciidump + line_index, '\n', 1); + memset(asciidump + line_index + 1, '\0', 1); + hexdump_written = snprintf((char *) (hexdump + hexdump_index), + hexdump_count, "%s", asciidump); + if (hexdump_written < 0 || hexdump_written > hexdump_total_size - 1) { + free(hexdump); + free(asciidump); + HIP_DIE("hexdump msg too long(%d)", hexdump_written); + } + hexdump_index += hexdump_written; + hexdump_count -= hexdump_written; + line_index = 0; + memset(asciidump, 0, bytes_per_line + 2); + } + char_index++; + } + hip_print_str(DEBUG_LEVEL_DEBUG, file, line, function, "%s%s\n", prefix, hexdump); + } else { + HIP_ERROR("hexdump length was 0\n"); + } + + free(hexdump); + free(asciidump); + + return 0; } - /** * hip_print_sockaddr - print a socket address structure - * @param file the file from where the debug call was made + * @param file the file from where the debug call was made * @param line the line of the debug call in the source file * @param function the name of function where the debug call is located * @param prefix the prefix string will printed before the sockaddr @@ -580,146 +601,148 @@ * * Do not call this function from the outside of the debug module, use the * HIP_DEBUG_SOCKADDR macro instead. Currently this function supports - * only INET and INET6 addresses. + * only INET and INET6 addresses. */ void hip_print_sockaddr(const char *file, int line, const char *function, - const char *prefix, - const struct sockaddr *sockaddr) { - char *default_str = "<unknown>"; - int maxlen; - void *addr; - int family = sockaddr->sa_family; - char addr_str[INET6_ADDRSTRLEN+1]; - - switch (family) { - case AF_INET: - maxlen = INET_ADDRSTRLEN; - addr = &(((struct sockaddr_in *) sockaddr)->sin_addr); - break; - case AF_INET6: - maxlen = INET6_ADDRSTRLEN; - addr = &(((struct sockaddr_in6 *) sockaddr)->sin6_addr); - break; - default: - maxlen = 0; - } - - if (maxlen == 0) { - memcpy(addr_str, default_str, strlen(default_str) + 1); - } else { - if (!inet_ntop(family, addr, addr_str, maxlen)) { - HIP_ERROR("inet_ntop"); - return; - } - } - if (prefix) - HIP_DEBUG("%s: %s\n", prefix, addr_str); - else - HIP_DEBUG("%s\n", addr_str); + const char *prefix, + const struct sockaddr *sockaddr) +{ + char *default_str = "<unknown>"; + int maxlen; + void *addr; + int family = sockaddr->sa_family; + char addr_str[INET6_ADDRSTRLEN + 1]; + + switch (family) { + case AF_INET: + maxlen = INET_ADDRSTRLEN; + addr = &(((struct sockaddr_in *) sockaddr)->sin_addr); + break; + case AF_INET6: + maxlen = INET6_ADDRSTRLEN; + addr = &(((struct sockaddr_in6 *) sockaddr)->sin6_addr); + break; + default: + maxlen = 0; + } + + if (maxlen == 0) { + memcpy(addr_str, default_str, strlen(default_str) + 1); + } else { + if (!inet_ntop(family, addr, addr_str, maxlen)) { + HIP_ERROR("inet_ntop"); + return; + } + } + if (prefix) { + HIP_DEBUG("%s: %s\n", prefix, addr_str); + } else { + HIP_DEBUG("%s\n", addr_str); + } } void hip_print_lsi(int debug_level, const char *file, int line, const char *function, - const char *str, const struct in_addr *lsi) + const char *str, const struct in_addr *lsi) { - char dst[INET_ADDRSTRLEN]; - inet_ntop(AF_INET, lsi, dst, sizeof(dst)); - hip_print_str(debug_level, file, line, function, "%s: %s\n", str, dst); + char dst[INET_ADDRSTRLEN]; + inet_ntop(AF_INET, lsi, dst, sizeof(dst)); + hip_print_str(debug_level, file, line, function, "%s: %s\n", str, dst); } + /** * hip_print_hit - print a HIT * @param str string to be printed before the HIT * @param hit the HIT to be printed */ void hip_print_hit(int debug_level, const char *file, int line, const char *function, - const char *str, const struct in6_addr *hit) + const char *str, const struct in6_addr *hit) { - if(hit == NULL) { - HIP_DEBUG("%s: NULL\n", str); - return; - } - else { - char dst[INET6_ADDRSTRLEN]; - - if (IN6_IS_ADDR_V4MAPPED(hit)) { - struct in_addr in_addr; - IPV6_TO_IPV4_MAP(hit, &in_addr); - hip_print_lsi(debug_level, file, line, function, str, &in_addr); - } else { - hip_in6_ntop(hit, dst); - hip_print_str(debug_level, file, line, function, "%s: %s\n", str, dst); - } - return; - } + if (hit == NULL) { + HIP_DEBUG("%s: NULL\n", str); + return; + } else { + char dst[INET6_ADDRSTRLEN]; + + if (IN6_IS_ADDR_V4MAPPED(hit)) { + struct in_addr in_addr; + IPV6_TO_IPV4_MAP(hit, &in_addr); + hip_print_lsi(debug_level, file, line, function, str, &in_addr); + } else { + hip_in6_ntop(hit, dst); + hip_print_str(debug_level, file, line, function, "%s: %s\n", str, dst); + } + return; + } } /* THIS ONE WORKS -SAMU */ -void hip_print_locator_addresses(struct hip_common * in_msg) { +void hip_print_locator_addresses(struct hip_common *in_msg) +{ struct hip_locator *locator; - struct hip_locator_info_addr_item *item = NULL; + struct hip_locator_info_addr_item *item = NULL; struct hip_locator_info_addr_item2 *item2 = NULL; - char *address_pointer; - + char *address_pointer; + _HIP_DUMP_MSG(in_msg); - locator = hip_get_param((struct hip_common *)in_msg, + locator = hip_get_param((struct hip_common *) in_msg, HIP_PARAM_LOCATOR); - if (locator) { - address_pointer =(char*) (locator + 1); - - for(;address_pointer < ((char*)locator) + hip_get_param_contents_len(locator); ) { - if (((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_UDP) { - item2 = (struct hip_locator_info_addr_item2 *)address_pointer; - HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *)&item2->address); - HIP_DEBUG("Locator address offset is %d\n", address_pointer - (char*) (locator + 1)); - address_pointer += sizeof(struct hip_locator_info_addr_item2); - } - else if(((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { - item = (struct hip_locator_info_addr_item *)address_pointer; - HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *)&item->address); - address_pointer += sizeof(struct hip_locator_info_addr_item); - } - else if(((struct hip_locator_info_addr_item*)address_pointer)->locator_type - == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { - item = (struct hip_locator_info_addr_item *)address_pointer; - HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *)&item->address); - address_pointer += sizeof(struct hip_locator_info_addr_item); - } - else - address_pointer += sizeof(struct hip_locator_info_addr_item); - } + if (locator) { + address_pointer = (char *) (locator + 1); + + for (; address_pointer < ((char *) locator) + hip_get_param_contents_len(locator); ) { + if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_UDP) { + item2 = (struct hip_locator_info_addr_item2 *) address_pointer; + HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *) &item2->address); + HIP_DEBUG("Locator address offset is %d\n", address_pointer - (char *) (locator + 1)); + address_pointer += sizeof(struct hip_locator_info_addr_item2); + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + item = (struct hip_locator_info_addr_item *) address_pointer; + HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *) &item->address); + address_pointer += sizeof(struct hip_locator_info_addr_item); + } else if (((struct hip_locator_info_addr_item *) address_pointer)->locator_type + == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { + item = (struct hip_locator_info_addr_item *) address_pointer; + HIP_DEBUG_HIT("LOCATOR", (struct in6_addr *) &item->address); + address_pointer += sizeof(struct hip_locator_info_addr_item); + } else { + address_pointer += sizeof(struct hip_locator_info_addr_item); + } + } } } void hip_print_peer_addresses_to_be_added(hip_ha_t *entry) { - hip_list_t *item = NULL, *tmp = NULL; - struct hip_peer_addr_list_item *addr; - int i = 0; - - HIP_DEBUG("All the addresses in the peer_addr_list_to_be_added list:\n"); - if (entry->peer_addr_list_to_be_added == NULL) - return; - - list_for_each_safe(item, tmp, entry->peer_addr_list_to_be_added, i) - { - addr = (struct hip_peer_addr_list_item *)list_entry(item); - HIP_DEBUG_HIT("Peer address", &addr->address); - } + hip_list_t *item = NULL, *tmp = NULL; + struct hip_peer_addr_list_item *addr; + int i = 0; + + HIP_DEBUG("All the addresses in the peer_addr_list_to_be_added list:\n"); + if (entry->peer_addr_list_to_be_added == NULL) { + return; + } + + list_for_each_safe(item, tmp, entry->peer_addr_list_to_be_added, i) + { + addr = (struct hip_peer_addr_list_item *) list_entry(item); + HIP_DEBUG_HIT("Peer address", &addr->address); + } } void hip_print_addresses_to_send_update_request(hip_ha_t *ha) { - hip_list_t *item = NULL, *tmp = NULL; - struct in6_addr *address; - int i = 0; + hip_list_t *item = NULL, *tmp = NULL; + struct in6_addr *address; + int i = 0; - HIP_DEBUG("Addresses to send update:\n"); - list_for_each_safe(item, tmp, ha->addresses_to_send_echo_request, i) { - address = (struct in6_addr *)list_entry(item); - HIP_DEBUG_IN6ADDR("", address); - } + HIP_DEBUG("Addresses to send update:\n"); + list_for_each_safe(item, tmp, ha->addresses_to_send_echo_request, i) { + address = (struct in6_addr *) list_entry(item); + HIP_DEBUG_IN6ADDR("", address); + } } //add by santtu @@ -729,59 +752,53 @@ * @param hit the HIT to be printed */ void hip_print_locator(int debug_level, const char *file, int line, const char *function, - const char *str, const struct hip_locator *locator) + const char *str, const struct hip_locator *locator) { - /* XXTRASHXX Totally useless does anything but what it is supposed to do -SAMU */ - int n_addrs = 0, i = 0; - struct hip_locator_info_addr_item *first_address_item = NULL, - *locator_address_item = NULL; - struct hip_locator_info_addr_item2 * locator_address_item2 = NULL; - /* locator = hip_get_param((struct hip_common *)in_msg, - HIP_PARAM_LOCATOR);*/ - if (locator) { - HIP_DEBUG("%s: \n", str); - - n_addrs = hip_get_locator_addr_item_count(locator); - HIP_DEBUG("there are %d locator items \n", n_addrs); - first_address_item = hip_get_locator_first_addr_item(locator); - - for (i = 0; i < n_addrs; i++) { - locator_address_item = (struct hip_locator_info_addr_item *) - hip_get_locator_item(first_address_item, i); - _HIP_HEXDUMP("LOC HEX", &locator_address_item[i], - sizeof(struct hip_locator_info_addr_item)); - HIP_DEBUG("locator items index %d, type is %d \n", i, - locator_address_item->locator_type ); - if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { - - HIP_INFO_HIT("locator", - (struct in6_addr *)&locator_address_item->address); - _HIP_HEXDUMP("Should be in6_addr", - &locator_address_item[i].address, - sizeof(struct in6_addr)); - - } - if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { - - HIP_INFO_HIT("LOCATOR from ESP SPI(type 1)", - (struct in6_addr *)&locator_address_item->address); - _HIP_HEXDUMP("Should be in6_addr", - &locator_address_item[i].address, - sizeof(struct in6_addr)); - - } - if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_UDP) { - locator_address_item2 = (struct hip_locator_info_addr_item2 *) locator_address_item; - HIP_INFO_HIT("LOCATOR from UDP", - (struct in6_addr *)&locator_address_item2->address); - HIP_DEBUG("LOCATOR port for UDP: %d\n", ntohs(locator_address_item2->port)); - _HIP_HEXDUMP("Should be in6_addr", - &locator_address_item[i].address, - sizeof(struct in6_addr)); - - } - } - } + int n_addrs = 0, i = 0; + struct hip_locator_info_addr_item *first_address_item = NULL, + *locator_address_item = NULL; + struct hip_locator_info_addr_item2 *locator_address_item2 = NULL; + /* locator = hip_get_param((struct hip_common *)in_msg, + * HIP_PARAM_LOCATOR);*/ + if (locator) { + HIP_DEBUG("%s: \n", str); + + n_addrs = hip_get_locator_addr_item_count(locator); + HIP_DEBUG("there are %d locator items \n", n_addrs); + first_address_item = hip_get_locator_first_addr_item(locator); + + for (i = 0; i < n_addrs; i++) { + locator_address_item = (struct hip_locator_info_addr_item *) + hip_get_locator_item(first_address_item, i); + _HIP_HEXDUMP("LOC HEX", &locator_address_item[i], + sizeof(struct hip_locator_info_addr_item)); + HIP_DEBUG("locator items index %d, type is %d \n", i, + locator_address_item->locator_type ); + if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_IPV6) { + HIP_INFO_HIT("locator", + (struct in6_addr *) &locator_address_item->address); + _HIP_HEXDUMP("Should be in6_addr", + &locator_address_item[i].address, + sizeof(struct in6_addr)); + } + if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI) { + HIP_INFO_HIT("LOCATOR from ESP SPI(type 1)", + (struct in6_addr *) &locator_address_item->address); + _HIP_HEXDUMP("Should be in6_addr", + &locator_address_item[i].address, + sizeof(struct in6_addr)); + } + if (locator_address_item->locator_type == HIP_LOCATOR_LOCATOR_TYPE_UDP) { + locator_address_item2 = (struct hip_locator_info_addr_item2 *) locator_address_item; + HIP_INFO_HIT("LOCATOR from UDP", + (struct in6_addr *) &locator_address_item2->address); + HIP_DEBUG("LOCATOR port for UDP: %d\n", ntohs(locator_address_item2->port)); + _HIP_HEXDUMP("Should be in6_addr", + &locator_address_item[i].address, + sizeof(struct in6_addr)); + } + } + } } === modified file 'lib/core/debug.c.doxyme' --- lib/core/debug.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/debug.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,7 +45,7 @@ /** - * hip_debug_gl + * hip_debug_gl * * * @param debug_group @@ -54,96 +55,96 @@ * @param function * @param fmt * @param ... - * @return - **/ - - -/** - * hip_die - * - * - * @param file - * @param line - * @param function - * @param fmt - * @param ... - * @return - **/ - - -/** - * hip_error - * - * - * @param file - * @param line - * @param function - * @param fmt - * @param ... - * @return - **/ - - -/** - * hip_handle_log_error + * @return + **/ + + +/** + * hip_die + * + * + * @param file + * @param line + * @param function + * @param fmt + * @param ... + * @return + **/ + + +/** + * hip_error + * + * + * @param file + * @param line + * @param function + * @param fmt + * @param ... + * @return + **/ + + +/** + * hip_handle_log_error * * * @param logtype - * @return - **/ - - -/** - * hip_hexdump - * - * - * @param file - * @param line - * @param function - * @param prefix - * @param str - * @param len - * @return - **/ - - -/** - * hip_hexdump_parsed - * - * - * @param file - * @param line - * @param function - * @param prefix - * @param str - * @param len - * @return - **/ - - -/** - * hip_perror_wrapper + * @return + **/ + + +/** + * hip_hexdump + * + * + * @param file + * @param line + * @param function + * @param prefix + * @param str + * @param len + * @return + **/ + + +/** + * hip_hexdump_parsed + * + * + * @param file + * @param line + * @param function + * @param prefix + * @param str + * @param len + * @return + **/ + + +/** + * hip_perror_wrapper * * * @param file * @param line * @param function * @param tools - * @return + * @return **/ /** - * hip_print_addresses_to_send_update_request + * hip_print_addresses_to_send_update_request * * * @param ha - * @return + * @return **/ /** - * hip_print_hit + * hip_print_hit * * * @param debug_level @@ -152,12 +153,12 @@ * @param function * @param str * @param hit - * @return + * @return **/ /** - * hip_print_locator + * hip_print_locator * * * @param debug_level @@ -166,21 +167,21 @@ * @param function * @param str * @param locator - * @return + * @return **/ /** - * hip_print_locator_addresses + * hip_print_locator_addresses * * * @param autogen.sh - * @return + * @return **/ /** - * hip_print_lsi + * hip_print_lsi * * * @param debug_level @@ -189,21 +190,21 @@ * @param function * @param str * @param lsi - * @return + * @return **/ /** - * hip_print_peer_addresses_to_be_added + * hip_print_peer_addresses_to_be_added * * * @param entry - * @return + * @return **/ /** - * hip_print_sockaddr + * hip_print_sockaddr * * * @param file @@ -211,12 +212,12 @@ * @param function * @param prefix * @param sockaddr - * @return + * @return **/ /** - * hip_print_str + * hip_print_str * * * @param debug_level @@ -225,48 +226,48 @@ * @param function * @param fmt * @param ... - * @return + * @return **/ /** - * hip_set_auto_logdebug + * hip_set_auto_logdebug * * * @param cfile - * @return + * @return **/ /** - * hip_set_logdebug + * hip_set_logdebug * * * @param new_logdebug - * @return + * @return **/ /** - * hip_set_logfmt + * hip_set_logfmt * * * @param new_logfmt - * @return + * @return **/ /** - * hip_set_logtype + * hip_set_logtype * * * @param new_logtype - * @return + * @return **/ /** - * hip_vlog + * hip_vlog * * * @param debug_level @@ -275,6 +276,5 @@ * @param function * @param fmt * @param args - * @return + * @return **/ - === modified file 'lib/core/debug.h' --- lib/core/debug.h 2010-02-08 15:18:06 +0000 +++ lib/core/debug.h 2010-02-10 23:55:24 +0000 @@ -21,7 +21,7 @@ #define DEBUG_PREFIX_MAX 64 /* stderror: includes prefix, separator, msg and \0 - syslog: includes msg and \0 */ + * syslog: includes msg and \0 */ #define DEBUG_MSG_MAX_LEN 1024 #define SYSLOG_OPT (LOG_PID) @@ -37,7 +37,7 @@ #define HIP_ERROR(...) hip_print_str(DEBUG_LEVEL_ERROR, __FILE__, __LINE__, __FUNCTION__, __VA_ARGS__) #define HIP_DIE(...) hip_die(__FILE__, __LINE__, __FUNCTION__, __VA_ARGS__) #define HIP_PERROR(s) hip_perror_wrapper(__FILE__, __LINE__, __FUNCTION__, s) -#define HIP_ASSERT(s) { if (!(s)) HIP_DIE("assertion failed\n"); } +#define HIP_ASSERT(s) { if (!(s)) {HIP_DIE("assertion failed\n"); }} /** @} */ /** @@ -47,60 +47,60 @@ #ifdef CONFIG_HIP_DEBUG #define HIP_DEBUG(...) hip_print_str(DEBUG_LEVEL_DEBUG, __FILE__, __LINE__, __FUNCTION__, __VA_ARGS__) #define HIP_HEXDUMP(prefix, str, len) \ - hip_hexdump(__FILE__, __LINE__, __FUNCTION__, prefix, str, len) + hip_hexdump(__FILE__, __LINE__, __FUNCTION__, prefix, str, len) #define HIP_DUMP_PACKET(prefix, str, len) \ - hip_hexdump_parsed(__FILE__, __LINE__, __FUNCTION__, prefix, str, len) + hip_hexdump_parsed(__FILE__, __LINE__, __FUNCTION__, prefix, str, len) #define HIP_DEBUG_SOCKADDR(prefix, sockaddr) \ - hip_print_sockaddr(__FILE__, __LINE__, __FUNCTION__, prefix, sockaddr) + hip_print_sockaddr(__FILE__, __LINE__, __FUNCTION__, prefix, sockaddr) #define HIP_DUMP_MSG(msg) { hip_print_str(DEBUG_LEVEL_DEBUG, __FILE__, __LINE__, __FUNCTION__, " dump: \n"); hip_dump_msg(msg); } #define HIP_DEBUG_GL(debug_group, debug_level, ...) \ - hip_debug_gl( debug_group, debug_level, __FILE__, __LINE__, __FUNCTION__, __VA_ARGS__) + hip_debug_gl( debug_group, debug_level, __FILE__, __LINE__, __FUNCTION__, __VA_ARGS__) #else -#define HIP_DEBUG(...) do {} while(0) -#define HIP_HEXDUMP(prefix, str, len) do {} while(0) -#define HIP_DUMP_PACKET(prefix, str, len) do {} while(0) -#define HIP_DEBUG_SOCKADDR(prefix, sockaddr) do {} while(0) -#define HIP_DUMP_MSG(msg) do {} while(0) -#define HIP_DEBUG_GL(debug_group, debug_level, ...) do {} while(0) +#define HIP_DEBUG(...) do {} while (0) +#define HIP_HEXDUMP(prefix, str, len) do {} while (0) +#define HIP_DUMP_PACKET(prefix, str, len) do {} while (0) +#define HIP_DEBUG_SOCKADDR(prefix, sockaddr) do {} while (0) +#define HIP_DUMP_MSG(msg) do {} while (0) +#define HIP_DEBUG_GL(debug_group, debug_level, ...) do {} while (0) #endif #ifdef CONFIG_HIP_DEMO #define HIP_DEMO(...) printf(__VA_ARGS__); #else -#define HIP_DEMO(...) do{} while(0) +#define HIP_DEMO(...) do {} while (0) #endif /** @} */ /* Debug groups define groups of debug messages which belong to the - same logical part of hip. Debug messages can be enabled or disabled more - finegrained by only printing messages which belong to a debug group */ -# define HIP_DEBUG_GROUP_ALL 770 -# define HIP_DEBUG_GROUP_DEFAULT 771 -# define HIP_DEBUG_GROUP_ADAPT 772 -# define HIP_DEBUG_GROUP_INIT 773 -# define HIP_DEBUG_GROUP_MSG 774 + * same logical part of hip. Debug messages can be enabled or disabled more + * finegrained by only printing messages which belong to a debug group */ +# define HIP_DEBUG_GROUP_ALL 770 +# define HIP_DEBUG_GROUP_DEFAULT 771 +# define HIP_DEBUG_GROUP_ADAPT 772 +# define HIP_DEBUG_GROUP_INIT 773 +# define HIP_DEBUG_GROUP_MSG 774 /* Current debug group */ # define HIP_DEBUG_GROUP HIP_DEBUG_GROUP_INIT /* Debug messages are divided into several levels. Severe errors - or abnormal conditions are the lowest level. Higher levels are - considered as less severe or less important. The highest level means - every debug message which matches the current switch is printed. - The highest debug level number must be assigned to HIP_DEBUG_ALL*/ -# define HIP_DEBUG_LEVEL_ERRORS 0 -# define HIP_DEBUG_LEVEL_IMPORTANT 10 -# define HIP_DEBUG_LEVEL_INFORMATIVE 20 -# define HIP_DEBUG_LEVEL_DEFAULT 30 -# define HIP_DEBUG_LEVEL_ALL 40 + * or abnormal conditions are the lowest level. Higher levels are + * considered as less severe or less important. The highest level means + * every debug message which matches the current switch is printed. + * The highest debug level number must be assigned to HIP_DEBUG_ALL*/ +# define HIP_DEBUG_LEVEL_ERRORS 0 +# define HIP_DEBUG_LEVEL_IMPORTANT 10 +# define HIP_DEBUG_LEVEL_INFORMATIVE 20 +# define HIP_DEBUG_LEVEL_DEFAULT 30 +# define HIP_DEBUG_LEVEL_ALL 40 # define HIP_DEBUG_LEVEL HIP_DEBUG_LEVEL_ALL /* differentiate between die(), error() and debug() error levels */ enum debug_level { DEBUG_LEVEL_DIE, DEBUG_LEVEL_ERROR, DEBUG_LEVEL_INFO, - DEBUG_LEVEL_DEBUG, DEBUG_LEVEL_MAX }; + DEBUG_LEVEL_DEBUG, DEBUG_LEVEL_MAX }; #define HIP_INFO_HIT(str, hit) hip_print_hit(DEBUG_LEVEL_INFO, __FILE__, __LINE__, __FUNCTION__, str, hit) #define HIP_INFO_IN6ADDR(str, in6) hip_print_hit(DEBUG_LEVEL_INFO, __FILE__, __LINE__, __FUNCTION__, str, in6) @@ -113,19 +113,19 @@ #define HIP_DEBUG_INADDR(str, in) hip_print_lsi(DEBUG_LEVEL_DEBUG, __FILE__, __LINE__, __FUNCTION__, str, in) /* these are used for disabling a debugging command temporarily */ -#define _HIP_DEBUG(...) do {} while(0) -#define _HIP_INFO(...) do {} while(0) -#define _HIP_ERROR(...) do {} while(0) -#define _HIP_DIE(...) do {} while(0) -#define _HIP_HEXDUMP(prefix, str, len) do {} while(0) -#define _HIP_DUMP_MSG(msg) do {} while(0) -#define _HIP_PERROR(s) do {} while(0) -#define _HIP_ASSERT(s) do {} while(0) -#define _HIP_DEBUG_HIT(str, hit) do {} while(0) -#define _HIP_DEBUG_IN6ADDR(str, hit) do {} while(0) -#define _HIP_DEBUG_LSI(str, lsi) do {} while(0) -#define _HIP_DEBUG_INADDR(str, in) do {} while(0) -#define _HIP_DEBUG_SOCKADDR(a,b ) do {} while(0) +#define _HIP_DEBUG(...) do {} while (0) +#define _HIP_INFO(...) do {} while (0) +#define _HIP_ERROR(...) do {} while (0) +#define _HIP_DIE(...) do {} while (0) +#define _HIP_HEXDUMP(prefix, str, len) do {} while (0) +#define _HIP_DUMP_MSG(msg) do {} while (0) +#define _HIP_PERROR(s) do {} while (0) +#define _HIP_ASSERT(s) do {} while (0) +#define _HIP_DEBUG_HIT(str, hit) do {} while (0) +#define _HIP_DEBUG_IN6ADDR(str, hit) do {} while (0) +#define _HIP_DEBUG_LSI(str, lsi) do {} while (0) +#define _HIP_DEBUG_INADDR(str, in) do {} while (0) +#define _HIP_DEBUG_SOCKADDR(a, b ) do {} while (0) enum logtype_t { LOGTYPE_NOLOG, LOGTYPE_SYSLOG, LOGTYPE_STDERR }; enum logfmt_t { LOGFMT_SHORT, LOGFMT_LONG }; @@ -137,29 +137,75 @@ int hip_set_auto_logdebug(const char *cfile); /* Don't use the functions below directly; use the corresponding macros - instead */ + * instead */ void hip_handle_log_error(int logtype); -void hip_vlog(int debug_level, const char *file, int line, - const char *function, const char *fmt, va_list args); -void hip_info(const char *file, int line, const char *function, - const char *fmt, ...); -void hip_die(const char *file, int line, const char *function, - const char *fmt, ...); -void hip_error(const char *file, int line, const char *function, - const char *fmt, ...); -void hip_perror_wrapper(const char *file, int line, const char *function, - const char *s); -void hip_hexdump(const char *file, int line, const char *function, - const char *prefix, const void *str, int len); -void hip_print_packet(const char *file, int line, const char *function, - const char *prefix, const void *str, int len); -void hip_print_sockaddr(const char *file, int line, const char *function, - const char *prefix, - const struct sockaddr *sockaddr); -void hip_print_hit(int debug_level, const char *file, int line, const char *function, const char *str, const struct in6_addr *hit); -void hip_print_str(int debug_level, const char *file, int line, const char *function, const char *fmt, ...); -void hip_debug_gl(int debug_group, int debug_level, const char *file, int line, const char *function, const char *fmt, ...); -void hip_print_lsi(int debug_level, const char *file, int line, const char *function, const char *str, const struct in_addr *lsi); +void hip_vlog(int debug_level, + const char *file, + int line, + const char *function, + const char *fmt, + va_list args); +void hip_info(const char *file, + int line, + const char *function, + const char *fmt, + ...); +void hip_die(const char *file, + int line, + const char *function, + const char *fmt, + ...); +void hip_error(const char *file, + int line, + const char *function, + const char *fmt, + ...); +void hip_perror_wrapper(const char *file, + int line, + const char *function, + const char *s); +void hip_hexdump(const char *file, + int line, + const char *function, + const char *prefix, + const void *str, + int len); +void hip_print_packet(const char *file, + int line, + const char *function, + const char *prefix, + const void *str, + int len); +void hip_print_sockaddr(const char *file, + int line, + const char *function, + const char *prefix, + const struct sockaddr *sockaddr); +void hip_print_hit(int debug_level, + const char *file, + int line, + const char *function, + const char *str, + const struct in6_addr *hit); +void hip_print_str(int debug_level, + const char *file, + int line, + const char *function, + const char *fmt, + ...); +void hip_debug_gl(int debug_group, + int debug_level, + const char *file, + int line, + const char *function, + const char *fmt, + ...); +void hip_print_lsi(int debug_level, + const char *file, + int line, + const char *function, + const char *str, + const struct in_addr *lsi); /** @@ -192,8 +238,12 @@ void hip_print_locator_addresses(struct hip_common *); void hip_print_peer_addresses_to_be_added(hip_ha_t *); void hip_print_peer_addresses(hip_ha_t *); -void hip_print_locator(int debug_level, const char *file, int line, - const char *function, const char *str, const struct hip_locator *locator); +void hip_print_locator(int debug_level, + const char *file, + int line, + const char *function, + const char *str, + const struct hip_locator *locator); void hip_print_addresses_to_send_update_request(hip_ha_t *); #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) @@ -206,27 +256,28 @@ */ static inline const char *hip_state_str(unsigned int state) { - const char *str = "UNKNOWN"; - static const char *states[] = - { - "NONE", // 0 - "UNASSOCIATED", // 1 - "I1-SENT", // 2 - "I2-SENT", // 3 - "R2-SENT", // 4 - "ESTABLISHED", // 5 - "UNKNOWN", // 6 is not currently used. - "FAILED", // 7 - "CLOSING", // 8 - "CLOSED", // 9 - "FILTERING" // 10 - }; - if (state < ARRAY_SIZE(states)) - str = states[state]; - else - HIP_ERROR("invalid state %u\n", state); + const char *str = "UNKNOWN"; + static const char *states[] = + { + "NONE", // 0 + "UNASSOCIATED", // 1 + "I1-SENT", // 2 + "I2-SENT", // 3 + "R2-SENT", // 4 + "ESTABLISHED", // 5 + "UNKNOWN", // 6 is not currently used. + "FAILED", // 7 + "CLOSING", // 8 + "CLOSED", // 9 + "FILTERING" // 10 + }; + if (state < ARRAY_SIZE(states)) { + str = states[state]; + } else { + HIP_ERROR("invalid state %u\n", state); + } - return str; + return str; } #endif /* DEBUG_H */ === modified file 'lib/core/debug.h.doxyme' --- lib/core/debug.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/debug.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/debug.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/esp_prot_common.c' --- lib/core/esp_prot_common.c 2010-01-19 09:28:42 +0000 +++ lib/core/esp_prot_common.c 2010-02-10 23:55:24 +0000 @@ -24,25 +24,24 @@ * @param transform the ESP protection extension transform to be checked * @return index in the preferred_transforms array, -1 if no match found */ -int esp_prot_check_transform(const int num_transforms, const uint8_t *preferred_transforms, - const uint8_t transform) +int esp_prot_check_transform(const int num_transforms, + const uint8_t *preferred_transforms, + const uint8_t transform) { - int err = -1, i; - - // check if local preferred transforms contain passed transform - for (i = 0; i < num_transforms; i++) - { - if (preferred_transforms[i] == transform) - { - HIP_DEBUG("transform found in preferred transforms\n"); - - err = i; - goto out_err; - } - } - - HIP_DEBUG("transform NOT found in local preferred transforms\n"); - - out_err: - return err; + int err = -1, i; + + // check if local preferred transforms contain passed transform + for (i = 0; i < num_transforms; i++) { + if (preferred_transforms[i] == transform) { + HIP_DEBUG("transform found in preferred transforms\n"); + + err = i; + goto out_err; + } + } + + HIP_DEBUG("transform NOT found in local preferred transforms\n"); + +out_err: + return err; } === modified file 'lib/core/esp_prot_common.h' --- lib/core/esp_prot_common.h 2010-01-19 09:28:42 +0000 +++ lib/core/esp_prot_common.h 2010-02-10 23:55:24 +0000 @@ -19,22 +19,23 @@ #include <inttypes.h> /* the maximum numbers for arrays used for the different modes */ -#define MAX_NUM_TRANSFORMS 10 -#define MAX_NUM_PARALLEL_HCHAINS 10 -#define HCSTORE_MAX_HCHAINS_PER_ITEM 100 -#define MAX_HTREE_DEPTH 20 -#define MAX_RING_BUFFER_SIZE 128 +#define MAX_NUM_TRANSFORMS 10 +#define MAX_NUM_PARALLEL_HCHAINS 10 +#define HCSTORE_MAX_HCHAINS_PER_ITEM 100 +#define MAX_HTREE_DEPTH 20 +#define MAX_RING_BUFFER_SIZE 128 /* this is a special purpose transform representing no hash token to be used */ -#define ESP_PROT_TFM_UNUSED 0 -#define ESP_PROT_TFM_PLAIN 1 -#define ESP_PROT_TFM_PARALLEL 2 -#define ESP_PROT_TFM_CUMULATIVE 3 -#define ESP_PROT_TFM_PARA_CUMUL 4 -#define ESP_PROT_TFM_TREE 5 -#define ESP_PROT_TFM_TREE_CHAIN 6 +#define ESP_PROT_TFM_UNUSED 0 +#define ESP_PROT_TFM_PLAIN 1 +#define ESP_PROT_TFM_PARALLEL 2 +#define ESP_PROT_TFM_CUMULATIVE 3 +#define ESP_PROT_TFM_PARA_CUMUL 4 +#define ESP_PROT_TFM_TREE 5 +#define ESP_PROT_TFM_TREE_CHAIN 6 -int esp_prot_check_transform(const int num_transforms, const uint8_t *preferred_transforms, - const uint8_t transform); +int esp_prot_check_transform(const int num_transforms, + const uint8_t *preferred_transforms, + const uint8_t transform); #endif /*EXT_ESP_PROT_COMMON_H_*/ === modified file 'lib/core/getendpointinfo.c' --- lib/core/getendpointinfo.c 2010-02-08 15:18:06 +0000 +++ lib/core/getendpointinfo.c 2010-02-10 23:55:24 +0000 @@ -51,374 +51,383 @@ // needed due to missing system inlcude for openWRT #ifndef HOST_NAME_MAX -#define HOST_NAME_MAX 64 +#define HOST_NAME_MAX 64 #endif int convert_port_string_to_number(const char *servname, in_port_t *port) { - int err = 0; - struct servent *servent; - long int strtol_port; + int err = 0; + struct servent *servent; + long int strtol_port; - servent = getservbyname(servname, NULL); - if (servent) { - *port = ntohs(servent->s_port); - } else { - /* Try strtol if getservbyname fails, e.g. if the servname is "12345". */ - strtol_port = strtol(servname, NULL, 0); - if (strtol_port == LONG_MIN || strtol_port == LONG_MAX || - strtol_port <= 0) { - HIP_PERROR("strtol failed:"); - err = EEI_NONAME; - goto out_err; + servent = getservbyname(servname, NULL); + if (servent) { + *port = ntohs(servent->s_port); + } else { + /* Try strtol if getservbyname fails, e.g. if the servname is "12345". */ + strtol_port = strtol(servname, NULL, 0); + if (strtol_port == LONG_MIN || strtol_port == LONG_MAX || + strtol_port <= 0) { + HIP_PERROR("strtol failed:"); + err = EEI_NONAME; + goto out_err; + } + *port = strtol_port; } - *port = strtol_port; - } - - out_err: - - endservent(); - - return err; - + +out_err: + + endservent(); + + return err; } + #if 0 -char* hip_in6_ntop(const struct in6_addr *in6, char *buf) +char *hip_in6_ntop(const struct in6_addr *in6, char *buf) { - if (!buf) - return NULL; - sprintf(buf, - "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", - ntohs(in6->s6_addr16[0]), ntohs(in6->s6_addr16[1]), - ntohs(in6->s6_addr16[2]), ntohs(in6->s6_addr16[3]), - ntohs(in6->s6_addr16[4]), ntohs(in6->s6_addr16[5]), - ntohs(in6->s6_addr16[6]), ntohs(in6->s6_addr16[7])); - return buf; + if (!buf) { + return NULL; + } + sprintf(buf, + "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", + ntohs(in6->s6_addr16[0]), ntohs(in6->s6_addr16[1]), + ntohs(in6->s6_addr16[2]), ntohs(in6->s6_addr16[3]), + ntohs(in6->s6_addr16[4]), ntohs(in6->s6_addr16[5]), + ntohs(in6->s6_addr16[6]), ntohs(in6->s6_addr16[7])); + return buf; } + #endif int setmyeid(struct sockaddr_eid *my_eid, - const char *servname, - const struct endpoint *endpoint, - const struct if_nameindex *ifaces) + const char *servname, + const struct endpoint *endpoint, + const struct if_nameindex *ifaces) { - int err = 0; - struct hip_common *msg = NULL; - struct if_nameindex *iface; - struct hip_sockaddr_eid *sa_eid; - struct endpoint_hip *ep_hip = (struct endpoint_hip *) endpoint; - in_port_t port; - int socket_fd = 0; - unsigned int len = 0; - - if (ep_hip->family != PF_HIP) { - HIP_ERROR("Only HIP endpoints are supported\n"); - err = EAI_FAMILY; - goto out_err; - } - - _HIP_HEXDUMP("host_id in endpoint: ", &ep_hip->id.host_id, - hip_get_param_total_len(&ep_hip->id.host_id)); - - msg = hip_msg_alloc(); - if (!msg) { - err = EEI_MEMORY; - goto out_err; - } - - if (servname == NULL || strlen(servname) == 0) { - port = 0; /* Ephemeral port */ - goto skip_port_conversion; - } - - err = convert_port_string_to_number(servname, &port); - if (err) { - HIP_ERROR("Port conversion failed (%d)\n", err); - goto out_err; - } - - skip_port_conversion: - - /* Handler emphemeral port number */ - if (port == 0) { - while (port < 1024) /* XX FIXME: CHECK UPPER BOUNDARY */ - port = rand(); - } - - HIP_DEBUG("port=%d\n", port); - - hip_build_user_hdr(msg, SO_HIP_SET_MY_EID, 0); - - err = hip_build_param_eid_endpoint(msg, ep_hip); - if (err) { - err = EEI_MEMORY; - goto out_err; - } - - if(hip_host_id_contains_private_key((struct hip_host_id *)&ep_hip->id.host_id)){ - - HIP_DEBUG("Private key found from hip_host_id\n"); - - err = hip_private_host_id_to_hit(&ep_hip->id.host_id, &ep_hip->id.hit, - HIP_HIT_TYPE_HASH100); - if (err) { - HIP_ERROR("Failed to calculate HIT from private HI."); - goto out_err; - } - } - /* Only public key*/ - else { - - HIP_DEBUG("Public key found from hip_host_id\n"); - - /*Generate HIT from the public HI */ - err = hip_host_id_to_hit((struct hip_host_id *)&ep_hip->id.host_id, &ep_hip->id.hit, - HIP_HIT_TYPE_HASH100); - - if (err) { - HIP_ERROR("Failed to calculate HIT from public key."); - goto out_err; - } - } - - HIP_DEBUG_HIT("Calculated HIT from hip_host_id", &ep_hip->id.hit); - - err = hip_build_param_contents(msg, (void *) &ep_hip->id.hit, HIP_PARAM_HIT, - sizeof(struct in6_addr)); - if (err) { - HIP_ERROR("Build param hit failed: %s\n", strerror(err)); - goto out_err; - } - - /*Currently ifaces is NULL, so this for loop is skipped*/ - for(iface = (struct if_nameindex *) ifaces; - iface && iface->if_index != 0; iface++) { - err = hip_build_param_eid_iface(msg, iface->if_index); - if (err) { - err = EEI_MEMORY; - goto out_err; - } - } + int err = 0; + struct hip_common *msg = NULL; + struct if_nameindex *iface; + struct hip_sockaddr_eid *sa_eid; + struct endpoint_hip *ep_hip = (struct endpoint_hip *) endpoint; + in_port_t port; + int socket_fd = 0; + unsigned int len = 0; + + if (ep_hip->family != PF_HIP) { + HIP_ERROR("Only HIP endpoints are supported\n"); + err = EAI_FAMILY; + goto out_err; + } + + _HIP_HEXDUMP("host_id in endpoint: ", &ep_hip->id.host_id, + hip_get_param_total_len(&ep_hip->id.host_id)); + + msg = hip_msg_alloc(); + if (!msg) { + err = EEI_MEMORY; + goto out_err; + } + + if (servname == NULL || strlen(servname) == 0) { + port = 0; /* Ephemeral port */ + goto skip_port_conversion; + } + + err = convert_port_string_to_number(servname, &port); + if (err) { + HIP_ERROR("Port conversion failed (%d)\n", err); + goto out_err; + } + +skip_port_conversion: + + /* Handler emphemeral port number */ + if (port == 0) { + while (port < 1024) { /* XX FIXME: CHECK UPPER BOUNDARY */ + port = rand(); + } + } + + HIP_DEBUG("port=%d\n", port); + + hip_build_user_hdr(msg, SO_HIP_SET_MY_EID, 0); + + err = hip_build_param_eid_endpoint(msg, ep_hip); + if (err) { + err = EEI_MEMORY; + goto out_err; + } + + if (hip_host_id_contains_private_key((struct hip_host_id *) &ep_hip->id.host_id)) { + HIP_DEBUG("Private key found from hip_host_id\n"); + + err = hip_private_host_id_to_hit(&ep_hip->id.host_id, &ep_hip->id.hit, + HIP_HIT_TYPE_HASH100); + if (err) { + HIP_ERROR("Failed to calculate HIT from private HI."); + goto out_err; + } + } + /* Only public key*/ + else { + HIP_DEBUG("Public key found from hip_host_id\n"); + + /*Generate HIT from the public HI */ + err = hip_host_id_to_hit((struct hip_host_id *) &ep_hip->id.host_id, &ep_hip->id.hit, + HIP_HIT_TYPE_HASH100); + + if (err) { + HIP_ERROR("Failed to calculate HIT from public key."); + goto out_err; + } + } + + HIP_DEBUG_HIT("Calculated HIT from hip_host_id", &ep_hip->id.hit); + + err = hip_build_param_contents(msg, (void *) &ep_hip->id.hit, HIP_PARAM_HIT, + sizeof(struct in6_addr)); + if (err) { + HIP_ERROR("Build param hit failed: %s\n", strerror(err)); + goto out_err; + } + + /*Currently ifaces is NULL, so this for loop is skipped*/ + for (iface = (struct if_nameindex *) ifaces; + iface && iface->if_index != 0; iface++) { + err = hip_build_param_eid_iface(msg, iface->if_index); + if (err) { + err = EEI_MEMORY; + goto out_err; + } + } #if 0 //hip_recv_daemon_info returns currently -1, temporary solution is shown below. - err = hip_recv_daemon_info(msg, 0); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Failed to recv msg\n"); - goto out_err; - } + err = hip_recv_daemon_info(msg, 0); + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Failed to recv msg\n"); + goto out_err; + } #endif - /*Laura*********************/ - //hip_send_daemon_info(msg_HIT); // for app. specified HIs - _HIP_DEBUG("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n calling socket..\n\n\n"); - socket_fd = socket(PF_HIP, SOCK_STREAM, 0); - if(socket_fd == -1){ - HIP_ERROR("Couldn't create socket\n"); - err = -1; - goto out_err; - } - _HIP_DEBUG("\n\n\n\n\n\n\n\n\n\n great no error..\n\n\n"); - - len = hip_get_msg_total_len(msg); - err = getsockopt(socket_fd, IPPROTO_HIP, SO_HIP_SOCKET_OPT, (void *)msg, &len); - - if (err) { - HIP_ERROR("getsockopt failed\n"); - goto out_err; - } - - /***************************/ - /* getsockopt wrote the corresponding EID into the message, use it */ - - err = hip_get_msg_err(msg); - if (err) { - err = EEI_SYSTEM; - goto out_err; - } - - sa_eid = hip_get_param_contents(msg, HIP_PARAM_EID_SOCKADDR); - if (!sa_eid) { - err = EEI_SYSTEM; - goto out_err; - } - - memcpy(my_eid, sa_eid, sizeof(struct sockaddr_eid)); - - /* Fill the port number also because the HIP module did not fill it */ - my_eid->eid_port = htons(port); - - HIP_DEBUG("eid val=%d, port=%d\n", htons(my_eid->eid_val), - htons(my_eid->eid_port)); - - HIP_DEBUG("\n"); - - out_err: - - if (msg) - hip_msg_free(msg); - - return err; + /*Laura*********************/ + //hip_send_daemon_info(msg_HIT); // for app. specified HIs + _HIP_DEBUG("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n calling socket..\n\n\n"); + socket_fd = socket(PF_HIP, SOCK_STREAM, 0); + if (socket_fd == -1) { + HIP_ERROR("Couldn't create socket\n"); + err = -1; + goto out_err; + } + _HIP_DEBUG("\n\n\n\n\n\n\n\n\n\n great no error..\n\n\n"); + + len = hip_get_msg_total_len(msg); + err = getsockopt(socket_fd, IPPROTO_HIP, SO_HIP_SOCKET_OPT, (void *) msg, &len); + + if (err) { + HIP_ERROR("getsockopt failed\n"); + goto out_err; + } + + /***************************/ + /* getsockopt wrote the corresponding EID into the message, use it */ + + err = hip_get_msg_err(msg); + if (err) { + err = EEI_SYSTEM; + goto out_err; + } + + sa_eid = hip_get_param_contents(msg, HIP_PARAM_EID_SOCKADDR); + if (!sa_eid) { + err = EEI_SYSTEM; + goto out_err; + } + + memcpy(my_eid, sa_eid, sizeof(struct sockaddr_eid)); + + /* Fill the port number also because the HIP module did not fill it */ + my_eid->eid_port = htons(port); + + HIP_DEBUG("eid val=%d, port=%d\n", htons(my_eid->eid_val), + htons(my_eid->eid_port)); + + HIP_DEBUG("\n"); + +out_err: + + if (msg) { + hip_msg_free(msg); + } + + return err; } int setpeereid(struct sockaddr_eid *peer_eid, - const char *servname, - const struct endpoint *endpoint, - const struct addrinfo *addrinfo) + const char *servname, + const struct endpoint *endpoint, + const struct addrinfo *addrinfo) { - int err = 0; - struct hip_common *msg = NULL, *msg_mapping; - struct addrinfo *addr; - struct sockaddr_eid *sa_eid; - in_port_t port = 0; - struct endpoint_hip *ep_hip = (struct endpoint_hip *) endpoint; - int socket_fd = 0; - unsigned int msg_len = 0; - - HIP_DEBUG("\n"); - - if (endpoint->family != PF_HIP) { - HIP_ERROR("Only HIP endpoints are supported\n"); - err = EAI_FAMILY; - goto out_err; - } + int err = 0; + struct hip_common *msg = NULL, *msg_mapping; + struct addrinfo *addr; + struct sockaddr_eid *sa_eid; + in_port_t port = 0; + struct endpoint_hip *ep_hip = (struct endpoint_hip *) endpoint; + int socket_fd = 0; + unsigned int msg_len = 0; + + HIP_DEBUG("\n"); + + if (endpoint->family != PF_HIP) { + HIP_ERROR("Only HIP endpoints are supported\n"); + err = EAI_FAMILY; + goto out_err; + } #ifdef CONFIG_HIP_DEBUG - { - - if (ep_hip->flags & HIP_ENDPOINT_FLAG_HIT) { - _HIP_HEXDUMP("setpeereid hit: ", &ep_hip->id.hit, - sizeof(struct in6_addr)); - } else { - _HIP_HEXDUMP("setpeereid hi: ", &ep_hip->id.host_id, - hip_get_param_total_len(&ep_hip->id.host_id)); + { + if (ep_hip->flags & HIP_ENDPOINT_FLAG_HIT) { + _HIP_HEXDUMP("setpeereid hit: ", &ep_hip->id.hit, + sizeof(struct in6_addr)); + } else { + _HIP_HEXDUMP("setpeereid hi: ", &ep_hip->id.host_id, + hip_get_param_total_len(&ep_hip->id.host_id)); + } } - } #endif - msg = hip_msg_alloc(); - if (!msg) { - err = EEI_MEMORY; - goto out_err; - } - - if (servname != NULL) { - err = convert_port_string_to_number(servname, &port); + msg = hip_msg_alloc(); + if (!msg) { + err = EEI_MEMORY; + goto out_err; + } + + if (servname != NULL) { + err = convert_port_string_to_number(servname, &port); + if (err) { + HIP_ERROR("Port conversion failed (%d)\n", err); + goto out_err; + } + } + + HIP_DEBUG("port=%d\n", port); + + hip_build_user_hdr(msg, SO_HIP_SET_PEER_EID, 0); + + err = hip_build_param_eid_endpoint(msg, (struct endpoint_hip *) endpoint); if (err) { - HIP_ERROR("Port conversion failed (%d)\n", err); - goto out_err; + err = EEI_MEMORY; + goto out_err; } - } - - HIP_DEBUG("port=%d\n", port); - - hip_build_user_hdr(msg, SO_HIP_SET_PEER_EID, 0); - - err = hip_build_param_eid_endpoint(msg, (struct endpoint_hip *) endpoint); - if (err) { - err = EEI_MEMORY; - goto out_err; - } #if 0 //hip_recv_daemon_info returns currently -1, temporary solution is shown below. - err = hip_recv_daemon_info(msg, 0); - if (err) { - err = EEI_SYSTEM; - goto out_err; - } + err = hip_recv_daemon_info(msg, 0); + if (err) { + err = EEI_SYSTEM; + goto out_err; + } #endif - /*Revove this part after hip_recv_daemon has beem implemented (2.3.2006 Laura)*/ - - /* Send HIT-IP mapping to the daemon.********************************/ - - msg_mapping = hip_msg_alloc(); - if (!msg_mapping) { - err = EEI_MEMORY; - goto out_err; - } - - /* Is it possible that there are several public HITs for the peer (/etc/hip/hosts)? - * Do we send all possible mappings to the daemon? - */ - for(addr = (struct addrinfo *) addrinfo; addr; addr = addr->ai_next) { - struct sockaddr_in6 *sock_addr_ipv6; - struct in6_addr ipv6_addr; - - if(addr->ai_family != AF_INET6) - continue; - - sock_addr_ipv6 = (struct sockaddr_in6 *)addrinfo->ai_addr; - ipv6_addr = sock_addr_ipv6->sin6_addr; - - HIP_DEBUG("Adding HIP-IP mapping: "); - HIP_DEBUG_IN6ADDR("HIT", (struct in6_addr *) &ep_hip->id.hit); - HIP_DEBUG_IN6ADDR("IP", &ipv6_addr); - - hip_msg_init(msg_mapping); - hip_build_user_hdr(msg_mapping, SO_HIP_ADD_PEER_MAP_HIT_IP, 0); - err = hip_build_param_contents(msg_mapping, (void *) &ep_hip->id.hit, HIP_PARAM_HIT, - sizeof(struct in6_addr)); - - if (err) { - HIP_ERROR("build param hit failed: %s\n", strerror(err)); - goto out_err; - } - - err = hip_build_param_contents(msg_mapping, (void *) &ipv6_addr, HIP_PARAM_IPV6_ADDR, - sizeof(struct in6_addr)); - - if (err) { - HIP_ERROR("build param ipv6 failed: %s\n", strerror(err)); - goto out_err; - } - - hip_send_recv_daemon_info(msg_mapping, 0, 0); - } - free(msg_mapping); - - /**************************************/ - - - /* Type of the socket? Does it matter?*/ - socket_fd = socket(PF_HIP, SOCK_STREAM, 0); - if(socket_fd == -1){ - HIP_ERROR("Couldn't create socket\n"); - err = -1; - goto out_err; - } - - msg_len = hip_get_msg_total_len(msg); - err = getsockopt(socket_fd, IPPROTO_HIP, SO_HIP_SOCKET_OPT, (void *)msg, &msg_len); - if(err) { - HIP_ERROR("getsockopt failed\n"); + /*Revove this part after hip_recv_daemon has beem implemented (2.3.2006 Laura)*/ + + /* Send HIT-IP mapping to the daemon.********************************/ + + msg_mapping = hip_msg_alloc(); + if (!msg_mapping) { + err = EEI_MEMORY; + goto out_err; + } + + /* Is it possible that there are several public HITs for the peer (/etc/hip/hosts)? + * Do we send all possible mappings to the daemon? + */ + for (addr = (struct addrinfo *) addrinfo; addr; addr = addr->ai_next) { + struct sockaddr_in6 *sock_addr_ipv6; + struct in6_addr ipv6_addr; + + if (addr->ai_family != AF_INET6) { + continue; + } + + sock_addr_ipv6 = (struct sockaddr_in6 *) addrinfo->ai_addr; + ipv6_addr = sock_addr_ipv6->sin6_addr; + + HIP_DEBUG("Adding HIP-IP mapping: "); + HIP_DEBUG_IN6ADDR("HIT", (struct in6_addr *) &ep_hip->id.hit); + HIP_DEBUG_IN6ADDR("IP", &ipv6_addr); + + hip_msg_init(msg_mapping); + hip_build_user_hdr(msg_mapping, SO_HIP_ADD_PEER_MAP_HIT_IP, 0); + err = hip_build_param_contents(msg_mapping, (void *) &ep_hip->id.hit, HIP_PARAM_HIT, + sizeof(struct in6_addr)); + + if (err) { + HIP_ERROR("build param hit failed: %s\n", strerror(err)); + goto out_err; + } + + err = hip_build_param_contents(msg_mapping, + (void *) &ipv6_addr, + HIP_PARAM_IPV6_ADDR, + sizeof(struct in6_addr)); + + if (err) { + HIP_ERROR("build param ipv6 failed: %s\n", strerror(err)); + goto out_err; + } + + hip_send_recv_daemon_info(msg_mapping, 0, 0); + } + free(msg_mapping); + + /**************************************/ + + + /* Type of the socket? Does it matter?*/ + socket_fd = socket(PF_HIP, SOCK_STREAM, 0); + if (socket_fd == -1) { + HIP_ERROR("Couldn't create socket\n"); + err = -1; + goto out_err; + } + + msg_len = hip_get_msg_total_len(msg); + err = getsockopt(socket_fd, + IPPROTO_HIP, + SO_HIP_SOCKET_OPT, + (void *) msg, + &msg_len); + if (err) { + HIP_ERROR("getsockopt failed\n"); + close(socket_fd); + goto out_err; + } + close(socket_fd); - goto out_err; - } - - close(socket_fd); - /***************************************************************************/ - - /* The HIP module wrote the eid into the msg. Let's use it. */ - - sa_eid = hip_get_param_contents(msg, HIP_PARAM_EID_SOCKADDR); - if (!sa_eid) { - err = EEI_SYSTEM; - goto out_err; - } - - memcpy(peer_eid, sa_eid, sizeof(struct sockaddr_eid)); - - /* Fill the port number also because the HIP module did not fill it */ - peer_eid->eid_port = htons(port); - - out_err: - - if (msg) - hip_msg_free(msg); - - return err; + /***************************************************************************/ + + /* The HIP module wrote the eid into the msg. Let's use it. */ + + sa_eid = hip_get_param_contents(msg, HIP_PARAM_EID_SOCKADDR); + if (!sa_eid) { + err = EEI_SYSTEM; + goto out_err; + } + + memcpy(peer_eid, sa_eid, sizeof(struct sockaddr_eid)); + + /* Fill the port number also because the HIP module did not fill it */ + peer_eid->eid_port = htons(port); + +out_err: + + if (msg) { + hip_msg_free(msg); + } + + return err; } /* @@ -428,100 +437,105 @@ * Are application specified identities always anonymous? */ int load_hip_endpoint_pem(const char *filename, - struct endpoint **endpoint) + struct endpoint **endpoint) { - int err = 0, algo = 0; - char first_key_line[30]; - DSA *dsa = NULL; - RSA *rsa = NULL; - FILE* fp; - - *endpoint = NULL; - - /* check the algorithm from PEM format private key */ - fp = fopen(filename, "rb"); - if (!fp) { - HIP_ERROR("Couldn't open key file %s for reading\n", filename); - err = -ENOMEM; - goto out_err; - } - else - HIP_DEBUG("open key file %s for reading\n", filename); - if( fgets(first_key_line,30,fp) != NULL ) { - HIP_ERROR("Cannot read from key file %s\n, filename"); - } - //read first line. - _HIP_DEBUG("1st key line: %s", first_key_line); - fclose(fp); - - if(findsubstring(first_key_line, "RSA")) - algo = HIP_HI_RSA; - else if(findsubstring(first_key_line, "DSA")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",filename); - err = -ENOMEM; - goto out_err; - } - - if(algo == HIP_HI_RSA) - err = load_rsa_private_key(filename, &rsa); - else - err = load_dsa_private_key(filename, &dsa); - if (err) { - HIP_ERROR("Failed to load private key %s (%d)\n",filename, err); - goto out_err; - } - - // XX FIX: host_id_hdr->rdata.flags = htons(0x0200); /* key is for a host */ - if(algo == HIP_HI_RSA) - err = rsa_to_hip_endpoint(rsa, (struct endpoint_hip **) endpoint, - HIP_ENDPOINT_FLAG_ANON, ""); - else - err = dsa_to_hip_endpoint(dsa, (struct endpoint_hip **) endpoint, - HIP_ENDPOINT_FLAG_ANON, ""); - if (err) { - HIP_ERROR("Failed to convert private key to HIP endpoint (%d)\n", err); - goto out_err; - } - - out_err: - - if (dsa) - DSA_free(dsa); - if (rsa) - RSA_free(rsa); - if (err && *endpoint) - free(*endpoint); - - return err; + int err = 0, algo = 0; + char first_key_line[30]; + DSA *dsa = NULL; + RSA *rsa = NULL; + FILE *fp; + + *endpoint = NULL; + + /* check the algorithm from PEM format private key */ + fp = fopen(filename, "rb"); + if (!fp) { + HIP_ERROR("Couldn't open key file %s for reading\n", filename); + err = -ENOMEM; + goto out_err; + } else { + HIP_DEBUG("open key file %s for reading\n", filename); + } + if (fgets(first_key_line, 30, fp) != NULL) { + HIP_ERROR("Cannot read from key file %s\n, filename"); + } + //read first line. + _HIP_DEBUG("1st key line: %s", first_key_line); + fclose(fp); + + if (findsubstring(first_key_line, "RSA")) { + algo = HIP_HI_RSA; + } else if (findsubstring(first_key_line, "DSA")) { + algo = HIP_HI_DSA; + } else { + HIP_ERROR("Wrong kind of key file: %s\n", filename); + err = -ENOMEM; + goto out_err; + } + + if (algo == HIP_HI_RSA) { + err = load_rsa_private_key(filename, &rsa); + } else { + err = load_dsa_private_key(filename, &dsa); + } + if (err) { + HIP_ERROR("Failed to load private key %s (%d)\n", filename, err); + goto out_err; + } + + // XX FIX: host_id_hdr->rdata.flags = htons(0x0200); /* key is for a host */ + if (algo == HIP_HI_RSA) { + err = rsa_to_hip_endpoint(rsa, (struct endpoint_hip **) endpoint, + HIP_ENDPOINT_FLAG_ANON, ""); + } else { + err = dsa_to_hip_endpoint(dsa, (struct endpoint_hip **) endpoint, + HIP_ENDPOINT_FLAG_ANON, ""); + } + if (err) { + HIP_ERROR("Failed to convert private key to HIP endpoint (%d)\n", err); + goto out_err; + } + +out_err: + + if (dsa) { + DSA_free(dsa); + } + if (rsa) { + RSA_free(rsa); + } + if (err && *endpoint) { + free(*endpoint); + } + + return err; } void free_endpointinfo(struct addrinfo *res) { - struct addrinfo *tmp; - - HIP_DEBUG("\n"); - - while(res) { - - if (res->ai_addr) - free(res->ai_addr); - - if (res->ai_canonname) - free(res->ai_canonname); - - HIP_DEBUG("Freeing res\n"); - - /* Save the next pointer from the data structure before the data - structure is freed. */ - tmp = res; - res = tmp->ai_next; - - /* The outermost data structure must be freed last. */ - free(tmp); - } - + struct addrinfo *tmp; + + HIP_DEBUG("\n"); + + while (res) { + if (res->ai_addr) { + free(res->ai_addr); + } + + if (res->ai_canonname) { + free(res->ai_canonname); + } + + HIP_DEBUG("Freeing res\n"); + + /* Save the next pointer from the data structure before the data + * structure is freed. */ + tmp = res; + res = tmp->ai_next; + + /* The outermost data structure must be freed last. */ + free(tmp); + } } /** @@ -548,204 +562,214 @@ * @return zero on success, or negative error value on failure */ int get_localhost_endpointinfo(const char *basename, - const char *servname, - struct addrinfo *hints, - struct addrinfo **res) + const char *servname, + struct addrinfo *hints, + struct addrinfo **res) { - int err = 0, algo = 0; - DSA *dsa = NULL; - RSA *rsa = NULL; - struct endpoint_hip *endpoint_hip = NULL; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - struct if_nameindex *ifaces = NULL; - FILE* fp; - const char *pub_suffix = "_pub"; - - *res = NULL; - - _HIP_DEBUG("glhepi\n"); - HIP_ASSERT(hints); - - // XX TODO: check flags? - memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); - err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); - if (err) { - HIP_ERROR("gethostname failed (%d)\n", err); - err = EEI_NONAME; - goto out_err; - } - - /* select between anonymous/public HI based on the file name */ - if(!findsubstring(basename, pub_suffix)) - hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; - - /* System specific HIs should be added into the kernel with the - HIP_HI_REUSE_ANY flag set. We set the flag - (specific for setmyeid) 'wrongly' here - because this way we make the HIs readable by all processes. - This function calls setmyeid() internally.. */ - hints->ai_flags |= HIP_HI_REUSE_ANY; - - /*Support for HITs (14.3.06 Laura)*/ - hints->ai_flags |= HIP_ENDPOINT_FLAG_HIT; - - /* check the algorithm from PEM format key */ - fp = fopen(basename, "rb"); - if (!fp) { - HIP_ERROR("Couldn't open key file %s for reading\n", basename); - err = -ENOMEM; - goto out_err; - } - - /*Laura 10.4. - fgets(first_key_line,30,fp); //read first line. - HIP_DEBUG("1st key line: %s",first_key_line); - fclose(fp); - - if(findsubstring(first_key_line, "RSA")) - algo = HIP_HI_RSA; - else if(findsubstring(first_key_line, "DSA")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",basename); - err = -ENOMEM; - goto out_err; - }*/ - - HIP_DEBUG("Debug1\n"); - - - if(findsubstring(basename, "rsa")) - algo = HIP_HI_RSA; - else if(findsubstring(basename, "dsa")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",basename); - err = -ENOMEM; - goto out_err; - } - - HIP_DEBUG("Debug2: basename %s\n", basename); - - /* Only private keys are handled. */ - if(algo == HIP_HI_RSA) - err = load_rsa_public_key(basename, &rsa); - //err = load_rsa_private_key(basename, &rsa); - else - err = load_dsa_public_key(basename, &dsa); + int err = 0, algo = 0; + DSA *dsa = NULL; + RSA *rsa = NULL; + struct endpoint_hip *endpoint_hip = NULL; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + struct if_nameindex *ifaces = NULL; + FILE *fp; + const char *pub_suffix = "_pub"; + + *res = NULL; + + _HIP_DEBUG("glhepi\n"); + HIP_ASSERT(hints); + + // XX TODO: check flags? + memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); + err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); + if (err) { + HIP_ERROR("gethostname failed (%d)\n", err); + err = EEI_NONAME; + goto out_err; + } + + /* select between anonymous/public HI based on the file name */ + if (!findsubstring(basename, pub_suffix)) { + hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; + } + + /* System specific HIs should be added into the kernel with the + * HIP_HI_REUSE_ANY flag set. We set the flag + * (specific for setmyeid) 'wrongly' here + * because this way we make the HIs readable by all processes. + * This function calls setmyeid() internally.. */ + hints->ai_flags |= HIP_HI_REUSE_ANY; + + /*Support for HITs (14.3.06 Laura)*/ + hints->ai_flags |= HIP_ENDPOINT_FLAG_HIT; + + /* check the algorithm from PEM format key */ + fp = fopen(basename, "rb"); + if (!fp) { + HIP_ERROR("Couldn't open key file %s for reading\n", basename); + err = -ENOMEM; + goto out_err; + } + + /*Laura 10.4. + * fgets(first_key_line,30,fp); //read first line. + * HIP_DEBUG("1st key line: %s",first_key_line); + * fclose(fp); + * + * if(findsubstring(first_key_line, "RSA")) + * algo = HIP_HI_RSA; + * else if(findsubstring(first_key_line, "DSA")) + * algo = HIP_HI_DSA; + * else { + * HIP_ERROR("Wrong kind of key file: %s\n",basename); + * err = -ENOMEM; + * goto out_err; + * }*/ + + HIP_DEBUG("Debug1\n"); + + + if (findsubstring(basename, "rsa")) { + algo = HIP_HI_RSA; + } else if (findsubstring(basename, "dsa")) { + algo = HIP_HI_DSA; + } else { + HIP_ERROR("Wrong kind of key file: %s\n", basename); + err = -ENOMEM; + goto out_err; + } + + HIP_DEBUG("Debug2: basename %s\n", basename); + + /* Only private keys are handled. */ + if (algo == HIP_HI_RSA) { + err = load_rsa_public_key(basename, &rsa); + } + //err = load_rsa_private_key(basename, &rsa); + else { + err = load_dsa_public_key(basename, &dsa); + } //err = load_dsa_private_key(basename, &dsa); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Loading of private key %s failed\n", basename); - goto out_err; - } - - HIP_DEBUG("Debug3\n"); - - if(algo == HIP_HI_RSA) - err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); - else - err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); - if (err) { - HIP_ERROR("Failed to allocate and build endpoint.\n"); - err = EEI_SYSTEM; - goto out_err; - } - - HIP_DEBUG("Debug4\n"); - - _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, - hip_get_param_total_len(&endpoint_hip->id.host_id)); - - _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Loading of private key %s failed\n", basename); + goto out_err; + } + + HIP_DEBUG("Debug3\n"); + + if (algo == HIP_HI_RSA) { + err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); + } else { + err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); + } + if (err) { + HIP_ERROR("Failed to allocate and build endpoint.\n"); + err = EEI_SYSTEM; + goto out_err; + } + + HIP_DEBUG("Debug4\n"); + + _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, + hip_get_param_total_len(&endpoint_hip->id.host_id)); + + _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); #if 0 /* XX FIXME */ - ifaces = if_nameindex(); - if (ifaces == NULL || (ifaces->if_index == 0)) { - HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); - err = 1; - goto out_err; - } + ifaces = if_nameindex(); + if (ifaces == NULL || (ifaces->if_index == 0)) { + HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); + err = 1; + goto out_err; + } #endif - *res = calloc(1, sizeof(struct addrinfo)); - if (!*res) { - err = EEI_MEMORY; - goto out_err; - } - - (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); - if (!(*res)->ai_addr) { - err = EEI_MEMORY; - goto out_err; - } - - if (hints->ai_flags & AI_CANONNAME) { - int len = strlen(hostname) + 1; - if (len > 1) { - (*res)->ai_canonname = malloc(len); - if (!((*res)->ai_canonname)) { - err = EEI_MEMORY; - goto out_err; - } - memcpy((*res)->ai_canonname, hostname, len); - } - } + *res = calloc(1, sizeof(struct addrinfo)); + if (!*res) { + err = EEI_MEMORY; + goto out_err; + } + + (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); + if (!(*res)->ai_addr) { + err = EEI_MEMORY; + goto out_err; + } + + if (hints->ai_flags & AI_CANONNAME) { + int len = strlen(hostname) + 1; + if (len > 1) { + (*res)->ai_canonname = malloc(len); + if (!((*res)->ai_canonname)) { + err = EEI_MEMORY; + goto out_err; + } + memcpy((*res)->ai_canonname, hostname, len); + } + } // err = setmyeid(((struct sockaddr_eid *) (*res)->ai_addr), servname, // (struct endpoint *) endpoint_hip, ifaces); - if (err) { - HIP_ERROR("Failed to set up my EID (%d)\n", err); - err = EEI_SYSTEM; - goto out_err; - } + if (err) { + HIP_ERROR("Failed to set up my EID (%d)\n", err); + err = EEI_SYSTEM; + goto out_err; + } #ifdef CONFIG_HIP_DEBUG - { - struct sockaddr_eid *eid = (struct sockaddr_eid *) (*res)->ai_addr; - HIP_DEBUG("eid family=%d value=%d\n", eid->eid_family, - ntohs(eid->eid_val)); - } + { + struct sockaddr_eid *eid = (struct sockaddr_eid *) (*res)->ai_addr; + HIP_DEBUG("eid family=%d value=%d\n", eid->eid_family, + ntohs(eid->eid_val)); + } #endif - (*res)->ai_flags = 0; /* FIXME: what about anonymous identities? */ - (*res)->ai_family = PF_HIP; - (*res)->ai_socktype = hints->ai_socktype; - (*res)->ai_protocol = hints->ai_protocol; - (*res)->ai_addrlen = sizeof(struct sockaddr_eid); - /* ai_addr has already been set */ - /* canonname has already been set */ - (*res)->ai_next = NULL; /* only one local HI currently supported */ - - out_err: - - if (rsa) - RSA_free(rsa); - - if (dsa) - DSA_free(dsa); - - if (endpoint_hip) - free(endpoint_hip); - - if (ifaces) - if_freenameindex(ifaces); - - /* Free allocated memory on error. Nullify the result in case the - caller tries to deallocate the result twice with free_endpointinfo. */ - if (err) { - if (*res) { - if ((*res)->ai_addr) - free((*res)->ai_addr); - if ((*res)->ai_canonname) - free((*res)->ai_canonname); - - free(*res); - *res = NULL; - } - } - - return err; + (*res)->ai_flags = 0; /* FIXME: what about anonymous identities? */ + (*res)->ai_family = PF_HIP; + (*res)->ai_socktype = hints->ai_socktype; + (*res)->ai_protocol = hints->ai_protocol; + (*res)->ai_addrlen = sizeof(struct sockaddr_eid); + /* ai_addr has already been set */ + /* canonname has already been set */ + (*res)->ai_next = NULL; /* only one local HI currently supported */ + +out_err: + + if (rsa) { + RSA_free(rsa); + } + + if (dsa) { + DSA_free(dsa); + } + + if (endpoint_hip) { + free(endpoint_hip); + } + + if (ifaces) { + if_freenameindex(ifaces); + } + + /* Free allocated memory on error. Nullify the result in case the + * caller tries to deallocate the result twice with free_endpointinfo. */ + if (err) { + if (*res) { + if ((*res)->ai_addr) { + free((*res)->ai_addr); + } + if ((*res)->ai_canonname) { + free((*res)->ai_canonname); + } + + free(*res); + *res = NULL; + } + } + + return err; } /** @@ -763,307 +787,317 @@ * @todo: this function is outdated; query for SO_HIP_GET_HA_INFO instead * */ -int get_hipd_peer_list(const char *nodename, const char *servname, - const struct addrinfo *hints, - struct addrinfo **res, int alt_flag) +int get_hipd_peer_list(const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res, + int alt_flag) { - int err = 0; - struct hip_common *msg = NULL; - unsigned int *count, *acount; - struct hip_host_id *host_id; - hip_hit_t *hit; - struct in6_addr *addr; - int i, j; - struct addrinfo *einfo = NULL; - char *fqdn_str; - int nodename_str_len = 0; - int fqdn_str_len = 0; - struct addrinfo *previous_einfo = NULL; - /* Only HITs are supported, so endpoint_hip is statically allocated */ - struct endpoint_hip endpoint_hip; - struct addrinfo ai_hints, *ai_tail, *ai_res = NULL; - char hit_str[46]; - - if (!alt_flag) - *res = NULL; /* The NULL value is used in the loop below. */ - - HIP_DEBUG("\n"); - HIP_ASSERT(hints); - - if (nodename != NULL) - nodename_str_len = strlen(nodename); - - memset(&ai_hints, 0, sizeof(struct addrinfo)); - /* ai_hints.ai_flags = hints->ai_flags; */ - /* Family should be AF_ANY but currently the HIP module supports only IPv6. - In any case, the family cannot be copied directly from hints, because - it contains PF_HIP. */ - ai_hints.ai_family = AF_INET6; - ai_hints.ai_socktype = hints->ai_socktype; - ai_hints.ai_protocol = hints->ai_protocol; - - /* The getaddrinfo is called only once and the results are copied in each - element of the endpointinfo linked lists. */ - err = getaddrinfo(NULL, servname, &ai_hints, &ai_res); - if (err) { - HIP_ERROR("getaddrinfo failed: %s", gai_strerror(err)); - goto out_err; - } - - /* Call the kernel to get the list of known peer addresses */ - msg = hip_msg_alloc(); - if (!msg) { - err = EEI_MEMORY; - goto out_err; - } - - /* Build the message header */ - err = hip_build_user_hdr(msg, SO_HIP_GET_PEER_LIST, 0); - if (err) { - err = EEI_MEMORY; - goto out_err; - } - - /* Call the kernel */ - err = hip_send_recv_daemon_info(msg, 0, 0); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Failed to recv msg\n"); - goto out_err; - } - - /* getsockopt wrote the peer list into the message, now process it - * Format is: - <unsigned integer> - Number of entries - [<host id> - Host identifier - <hit> - HIT - <unsigned integer> - Number of addresses - [<ipv6 address> - IPv6 address - ...] - ...] - */ - err = hip_get_msg_err(msg); - if (err) { - err = EEI_SYSTEM; - goto out_err; - } - - /* Get count of entries in peer list */ - count = hip_get_param_contents(msg, HIP_PARAM_UINT); - if (!count) { - err = EEI_SYSTEM; - goto out_err; - } - - for (i = 0; i < *count; i++) { - /* Get the next peer HOST ID */ - host_id = hip_get_param(msg, HIP_PARAM_HOST_ID); - if (!host_id) { - HIP_ERROR("no host identity pubkey in response\n"); - err = EEI_SYSTEM; - goto out_err; - } - - /* Extract the peer hostname, and determine its length */ - fqdn_str = hip_get_param_host_id_hostname(host_id); - fqdn_str_len = strlen(fqdn_str); - - /* Get the peer HIT */ - hit = (hip_hit_t *) hip_get_param_contents(msg, HIP_PARAM_HIT); - if (!hit) { - HIP_ERROR("no hit in response\n"); - err = EEI_SYSTEM; - goto out_err; - } - - /* Get the number of addresses */ - acount = hip_get_param_contents(msg, HIP_PARAM_UINT); - if (!acount) { - err = EEI_SYSTEM; - goto out_err; - } - - /* Parse the hit into text form for comparison below */ - hip_in6_ntop((const struct in6_addr *)&hit, hit_str); - - /* Check if the nodename or the endpoint in the hints matches the - scanned entries. */ - if (nodename_str_len && (fqdn_str_len == nodename_str_len) && - (strcmp(fqdn_str, nodename) == 0)) { - /* XX FIX: foobar should match to foobar.org, depending on resolv.conf */ - HIP_DEBUG("Nodename match\n"); - } else if(hints->ai_addrlen && hints->ai_addr && - (strlen(hit_str) == hints->ai_addrlen) && - (strcmp(hit_str, (char *) hints->ai_addr) == 0)) { - HIP_DEBUG("Endpoint match\n"); - } else if (!nodename_str_len) { - HIP_DEBUG("Null nodename, returning as matched\n"); - } else { - /* Not matched, so skip the addresses in the kernel response */ - for (j = 0; j < *acount; j++) { - addr = (struct in6_addr *)hip_get_param_contents(msg, - HIP_PARAM_IPV6_ADDR); - if (!addr) { - HIP_ERROR("no ip addr in response\n"); - err = EEI_SYSTEM; - goto out_err; - } - } - continue; - } - - /* Allocate a new endpointinfo */ - einfo = calloc(1, sizeof(struct addrinfo)); - if (!einfo) { - err = EEI_MEMORY; - goto out_err; - } - - /* Allocate a new endpoint */ - einfo->ai_addr = calloc(1, sizeof(struct sockaddr_eid)); - if (!einfo->ai_addr) { - err = EEI_MEMORY; - goto out_err; - } - - /* Copy the name if the flag is set */ - if (hints->ai_flags & AI_CANONNAME) { - einfo->ai_canonname = malloc(fqdn_str_len + 1); - if (!(einfo->ai_canonname)) { - err = EEI_MEMORY; - goto out_err; - } - HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); - strcpy(einfo->ai_canonname, fqdn_str); - /* XX FIX: we should append the domain name if it does not exist */ - } - - _HIP_DEBUG("*** %p %p\n", einfo, previous_einfo); - - HIP_ASSERT(einfo); /* Assertion 1 */ - - /* Allocate and fill the HI. Note that here we are assuming that the - endpoint is really a HIT. The following assertion checks that we are - dealing with a HIT. Change the memory allocations and other code when - HIs are really supported. */ - - memset(&endpoint_hip, 0, sizeof(struct endpoint_hip)); - endpoint_hip.family = PF_HIP; - - /* Only HITs are supported, so endpoint_hip is not dynamically allocated - and sizeof(endpoint_hip) is enough */ - endpoint_hip.length = sizeof(struct endpoint_hip); - endpoint_hip.flags = HIP_ENDPOINT_FLAG_HIT; - memcpy(&endpoint_hip.id.hit, hit, sizeof(struct in6_addr)); - - _HIP_HEXDUMP("peer HIT: ", &endpoint_hip.id.hit, sizeof(struct in6_addr)); - - HIP_ASSERT(einfo && einfo->ai_addr); /* Assertion 2 */ - - /* Now replace the addresses that we got from getaddrinfo in the ai_res - structure, with the entries from the kernel. If there are not enough - entries already present, allocate and fill new ones */ - ai_tail = ai_res; - for (j = 0; j < *acount; j++, ai_tail = ai_tail->ai_next) { - addr = (struct in6_addr *) hip_get_param_contents(msg, - HIP_PARAM_IPV6_ADDR); - if (!addr) { - HIP_ERROR("no ip addr in response\n"); - err = EEI_SYSTEM; - goto out_err; - } - - /* Should we always include our entries, even if there are none? */ - if (!ai_res) continue; - - if (!ai_tail) { - /* We ran out of entries, so copy the first one so we get the - flags and other info*/ - ai_tail = malloc(sizeof(struct addrinfo)); - memcpy(ai_tail, ai_res, sizeof(struct addrinfo)); - ai_tail->ai_addr = malloc(sizeof(struct sockaddr_in6)); - memcpy(ai_tail->ai_addr, ai_res->ai_addr,sizeof(struct sockaddr_in6)); - ai_tail->ai_canonname = malloc(strlen(ai_res->ai_canonname)+1); - strcpy(ai_tail->ai_canonname, ai_res->ai_canonname); - } - - /* Now, save the address from the kernel */ - memcpy(&(((struct sockaddr_in6 *)ai_tail->ai_addr)->sin6_addr), addr, - sizeof(struct in6_addr)); - } - - /* Call the kernel for the peer eid */ - err = setpeereid((struct sockaddr_eid *) einfo->ai_addr, servname, - (struct endpoint *) &endpoint_hip, ai_res); - if (err) { - HIP_ERROR("association failed (%d): %s\n", err); - goto out_err; - } - - /* Fill the rest of the fields in the einfo */ - einfo->ai_flags = hints->ai_flags; - einfo->ai_family = PF_HIP; - einfo->ai_socktype = hints->ai_socktype; - einfo->ai_protocol = hints->ai_protocol; - einfo->ai_addrlen = sizeof(struct sockaddr_eid); - - /* The einfo structure has been filled now. Now, append it to the linked - list. */ - - /* Set res point to the first memory allocation, so that the starting - point of the linked list will not be forgotten. The res will be set - only once because on the next iteration of the loop it will non-null. */ - if (!*res) - *res = einfo; - - HIP_ASSERT(einfo && einfo->ai_addr && *res); /* 3 */ - - /* Link the previous endpoint info structure to this new one. */ - if (previous_einfo) { - previous_einfo->ai_next = einfo; - } - - /* Store a pointer to this einfo so that we can link this einfo to the - following einfo on the next iteration. */ - previous_einfo = einfo; - - HIP_ASSERT(einfo && einfo->ai_addr && *res && - previous_einfo == einfo); /* 4 */ - } - - HIP_DEBUG("Kernel list scanning ended\n"); - - out_err: - - if (ai_res) - freeaddrinfo(ai_res); - - if (msg) - hip_msg_free(msg); - - /* Free all of the reserved memory on error */ - if (err) { - /* Assertions 1, 2 and 3: einfo has not been linked to *res and - it has to be freed separately. In English: free only einfo - if it has not been linked into the *res list */ - if (einfo && previous_einfo != einfo) { - if (einfo->ai_addr) - free(einfo->ai_addr); - if (einfo->ai_canonname) - free(einfo->ai_canonname); - free(einfo); - } - - /* Assertion 4: einfo has been linked into the *res. Free all of the - *res list elements (einfo does not need be freed separately). */ - if (*res) { - free_endpointinfo(*res); - /* In case the caller of tries to free the res again */ - *res = NULL; - } - } - - return err; + int err = 0; + struct hip_common *msg = NULL; + unsigned int *count, *acount; + struct hip_host_id *host_id; + hip_hit_t *hit; + struct in6_addr *addr; + int i, j; + struct addrinfo *einfo = NULL; + char *fqdn_str; + int nodename_str_len = 0; + int fqdn_str_len = 0; + struct addrinfo *previous_einfo = NULL; + /* Only HITs are supported, so endpoint_hip is statically allocated */ + struct endpoint_hip endpoint_hip; + struct addrinfo ai_hints, *ai_tail, *ai_res = NULL; + char hit_str[46]; + + if (!alt_flag) { + *res = NULL; /* The NULL value is used in the loop below. */ + } + HIP_DEBUG("\n"); + HIP_ASSERT(hints); + + if (nodename != NULL) { + nodename_str_len = strlen(nodename); + } + + memset(&ai_hints, 0, sizeof(struct addrinfo)); + /* ai_hints.ai_flags = hints->ai_flags; */ + /* Family should be AF_ANY but currently the HIP module supports only IPv6. + * In any case, the family cannot be copied directly from hints, because + * it contains PF_HIP. */ + ai_hints.ai_family = AF_INET6; + ai_hints.ai_socktype = hints->ai_socktype; + ai_hints.ai_protocol = hints->ai_protocol; + + /* The getaddrinfo is called only once and the results are copied in each + * element of the endpointinfo linked lists. */ + err = getaddrinfo(NULL, servname, &ai_hints, &ai_res); + if (err) { + HIP_ERROR("getaddrinfo failed: %s", gai_strerror(err)); + goto out_err; + } + + /* Call the kernel to get the list of known peer addresses */ + msg = hip_msg_alloc(); + if (!msg) { + err = EEI_MEMORY; + goto out_err; + } + + /* Build the message header */ + err = hip_build_user_hdr(msg, SO_HIP_GET_PEER_LIST, 0); + if (err) { + err = EEI_MEMORY; + goto out_err; + } + + /* Call the kernel */ + err = hip_send_recv_daemon_info(msg, 0, 0); + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Failed to recv msg\n"); + goto out_err; + } + + /* getsockopt wrote the peer list into the message, now process it + * Format is: + * <unsigned integer> - Number of entries + * [<host id> - Host identifier + * <hit> - HIT + * <unsigned integer> - Number of addresses + * [<ipv6 address> - IPv6 address + * ...] + * ...] + */ + err = hip_get_msg_err(msg); + if (err) { + err = EEI_SYSTEM; + goto out_err; + } + + /* Get count of entries in peer list */ + count = hip_get_param_contents(msg, HIP_PARAM_UINT); + if (!count) { + err = EEI_SYSTEM; + goto out_err; + } + + for (i = 0; i < *count; i++) { + /* Get the next peer HOST ID */ + host_id = hip_get_param(msg, HIP_PARAM_HOST_ID); + if (!host_id) { + HIP_ERROR("no host identity pubkey in response\n"); + err = EEI_SYSTEM; + goto out_err; + } + + /* Extract the peer hostname, and determine its length */ + fqdn_str = hip_get_param_host_id_hostname(host_id); + fqdn_str_len = strlen(fqdn_str); + + /* Get the peer HIT */ + hit = (hip_hit_t *) hip_get_param_contents(msg, HIP_PARAM_HIT); + if (!hit) { + HIP_ERROR("no hit in response\n"); + err = EEI_SYSTEM; + goto out_err; + } + + /* Get the number of addresses */ + acount = hip_get_param_contents(msg, HIP_PARAM_UINT); + if (!acount) { + err = EEI_SYSTEM; + goto out_err; + } + + /* Parse the hit into text form for comparison below */ + hip_in6_ntop((const struct in6_addr *) &hit, hit_str); + + /* Check if the nodename or the endpoint in the hints matches the + * scanned entries. */ + if (nodename_str_len && (fqdn_str_len == nodename_str_len) && + (strcmp(fqdn_str, nodename) == 0)) { + /* XX FIX: foobar should match to foobar.org, depending on resolv.conf */ + HIP_DEBUG("Nodename match\n"); + } else if (hints->ai_addrlen && hints->ai_addr && + (strlen(hit_str) == hints->ai_addrlen) && + (strcmp(hit_str, (char *) hints->ai_addr) == 0)) { + HIP_DEBUG("Endpoint match\n"); + } else if (!nodename_str_len) { + HIP_DEBUG("Null nodename, returning as matched\n"); + } else { + /* Not matched, so skip the addresses in the kernel response */ + for (j = 0; j < *acount; j++) { + addr = (struct in6_addr *) hip_get_param_contents(msg, + HIP_PARAM_IPV6_ADDR); + if (!addr) { + HIP_ERROR("no ip addr in response\n"); + err = EEI_SYSTEM; + goto out_err; + } + } + continue; + } + + /* Allocate a new endpointinfo */ + einfo = calloc(1, sizeof(struct addrinfo)); + if (!einfo) { + err = EEI_MEMORY; + goto out_err; + } + + /* Allocate a new endpoint */ + einfo->ai_addr = calloc(1, sizeof(struct sockaddr_eid)); + if (!einfo->ai_addr) { + err = EEI_MEMORY; + goto out_err; + } + + /* Copy the name if the flag is set */ + if (hints->ai_flags & AI_CANONNAME) { + einfo->ai_canonname = malloc(fqdn_str_len + 1); + if (!(einfo->ai_canonname)) { + err = EEI_MEMORY; + goto out_err; + } + HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); + strcpy(einfo->ai_canonname, fqdn_str); + /* XX FIX: we should append the domain name if it does not exist */ + } + + _HIP_DEBUG("*** %p %p\n", einfo, previous_einfo); + + HIP_ASSERT(einfo); /* Assertion 1 */ + + /* Allocate and fill the HI. Note that here we are assuming that the + * endpoint is really a HIT. The following assertion checks that we are + * dealing with a HIT. Change the memory allocations and other code when + * HIs are really supported. */ + + memset(&endpoint_hip, 0, sizeof(struct endpoint_hip)); + endpoint_hip.family = PF_HIP; + + /* Only HITs are supported, so endpoint_hip is not dynamically allocated + * and sizeof(endpoint_hip) is enough */ + endpoint_hip.length = sizeof(struct endpoint_hip); + endpoint_hip.flags = HIP_ENDPOINT_FLAG_HIT; + memcpy(&endpoint_hip.id.hit, hit, sizeof(struct in6_addr)); + + _HIP_HEXDUMP("peer HIT: ", &endpoint_hip.id.hit, sizeof(struct in6_addr)); + + HIP_ASSERT(einfo && einfo->ai_addr); /* Assertion 2 */ + + /* Now replace the addresses that we got from getaddrinfo in the ai_res + * structure, with the entries from the kernel. If there are not enough + * entries already present, allocate and fill new ones */ + ai_tail = ai_res; + for (j = 0; j < *acount; j++, ai_tail = ai_tail->ai_next) { + addr = (struct in6_addr *) hip_get_param_contents(msg, + HIP_PARAM_IPV6_ADDR); + if (!addr) { + HIP_ERROR("no ip addr in response\n"); + err = EEI_SYSTEM; + goto out_err; + } + + /* Should we always include our entries, even if there are none? */ + if (!ai_res) { + continue; + } + + if (!ai_tail) { + /* We ran out of entries, so copy the first one so we get the + * flags and other info*/ + ai_tail = malloc(sizeof(struct addrinfo)); + memcpy(ai_tail, ai_res, sizeof(struct addrinfo)); + ai_tail->ai_addr = malloc(sizeof(struct sockaddr_in6)); + memcpy(ai_tail->ai_addr, ai_res->ai_addr, sizeof(struct sockaddr_in6)); + ai_tail->ai_canonname = malloc(strlen(ai_res->ai_canonname) + 1); + strcpy(ai_tail->ai_canonname, ai_res->ai_canonname); + } + + /* Now, save the address from the kernel */ + memcpy(&(((struct sockaddr_in6 *) ai_tail->ai_addr)->sin6_addr), addr, + sizeof(struct in6_addr)); + } + + /* Call the kernel for the peer eid */ + err = setpeereid((struct sockaddr_eid *) einfo->ai_addr, servname, + (struct endpoint *) &endpoint_hip, ai_res); + if (err) { + HIP_ERROR("association failed (%d): %s\n", err); + goto out_err; + } + + /* Fill the rest of the fields in the einfo */ + einfo->ai_flags = hints->ai_flags; + einfo->ai_family = PF_HIP; + einfo->ai_socktype = hints->ai_socktype; + einfo->ai_protocol = hints->ai_protocol; + einfo->ai_addrlen = sizeof(struct sockaddr_eid); + + /* The einfo structure has been filled now. Now, append it to the linked + * list. */ + + /* Set res point to the first memory allocation, so that the starting + * point of the linked list will not be forgotten. The res will be set + * only once because on the next iteration of the loop it will non-null. */ + if (!*res) { + *res = einfo; + } + + HIP_ASSERT(einfo && einfo->ai_addr && *res); /* 3 */ + + /* Link the previous endpoint info structure to this new one. */ + if (previous_einfo) { + previous_einfo->ai_next = einfo; + } + + /* Store a pointer to this einfo so that we can link this einfo to the + * following einfo on the next iteration. */ + previous_einfo = einfo; + + HIP_ASSERT(einfo && einfo->ai_addr && *res && + previous_einfo == einfo); /* 4 */ + } + + HIP_DEBUG("Kernel list scanning ended\n"); + +out_err: + + if (ai_res) { + freeaddrinfo(ai_res); + } + + if (msg) { + hip_msg_free(msg); + } + + /* Free all of the reserved memory on error */ + if (err) { + /* Assertions 1, 2 and 3: einfo has not been linked to *res and + * it has to be freed separately. In English: free only einfo + * if it has not been linked into the *res list */ + if (einfo && previous_einfo != einfo) { + if (einfo->ai_addr) { + free(einfo->ai_addr); + } + if (einfo->ai_canonname) { + free(einfo->ai_canonname); + } + free(einfo); + } + + /* Assertion 4: einfo has been linked into the *res. Free all of the + *res list elements (einfo does not need be freed separately). */ + if (*res) { + free_endpointinfo(*res); + /* In case the caller of tries to free the res again */ + *res = NULL; + } + } + + return err; } /** @@ -1080,736 +1114,754 @@ * */ int get_peer_endpointinfo(const char *hostsfile, - const char *nodename, - const char *servname, - const struct addrinfo *hints, - struct addrinfo **res) + const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res) { - int err = 0, match_found = 0; - unsigned int fqdn_str_len = 0; - FILE *hosts = NULL; - char fqdn_str[HOST_NAME_MAX]; - struct addrinfo *einfo = NULL; - struct addrinfo ai_hints, *ai_res = NULL; - struct addrinfo *previous_einfo = NULL; - /* Only HITs are supported, so endpoint_hip is statically allocated */ - struct endpoint_hip endpoint_hip; - struct in6_addr hit; - List mylist; - - *res = NULL; /* The NULL value is used in the loop below. */ - - HIP_DEBUG("\n"); - - HIP_ASSERT(nodename); - HIP_ASSERT(hints); - - hosts = fopen(hostsfile, "r"); - if (!hosts) { - err = EEI_SYSTEM; - HIP_ERROR("Failed to open %s\n", hostsfile); - goto out_err; - } - - memset(&ai_hints, 0, sizeof(struct addrinfo)); - ai_hints.ai_flags = hints->ai_flags; - /* Family should be AF_ANY but currently the HIP module supports only IPv6. - In any case, the family cannot be copied directly from hints, because - it contains PF_HIP. */ - ai_hints.ai_family = AF_INET6; - ai_hints.ai_socktype = hints->ai_socktype; - ai_hints.ai_protocol = hints->ai_protocol; - - /* The getaddrinfo is called only once and the results are copied in each - element of the endpointinfo linked lists. */ - err = getaddrinfo(nodename, servname, &ai_hints, &ai_res); - if (err) { - HIP_ERROR("getaddrinfo failed: %s\n", gai_strerror(err)); - goto fallback; - } - - /*! \todo check and handle flags here */ - - HIP_ASSERT(!*res); /* Pre-loop invariable */ - - //HIP_IFEL(err, -1, "Failed to map id to hostname\n"); - - memset(fqdn_str, 0, sizeof(fqdn_str)); - if (inet_pton(AF_INET6, nodename, &hit) > 0) { - _HIP_DEBUG("Nodename is numerical address\n"); - err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &hit, fqdn_str) && - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &hit, fqdn_str)); - } else { - strncpy(fqdn_str, nodename, HOST_NAME_MAX); - } - fqdn_str_len = strlen(fqdn_str); - - if (!err && (!hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_hostname_to_hit_from_hosts, - fqdn_str, &hit) || - !hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_hostname_to_hit_from_hosts, - fqdn_str, &hit))) - /* create endpointinfo structure for every HIT */ - { - einfo = calloc(1, sizeof(struct addrinfo)); - - HIP_IFE(!einfo, EEI_MEMORY); - - einfo->ai_addr = calloc(1, sizeof(struct sockaddr_eid)); - HIP_IFE(!einfo->ai_addr, EEI_MEMORY); - - if (hints->ai_flags & AI_CANONNAME) { - einfo->ai_canonname = malloc(fqdn_str_len + 1); - HIP_IFE(!einfo->ai_canonname, EEI_MEMORY); - HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); - strcpy(einfo->ai_canonname, fqdn_str); - /* XX FIX: we should append the domain name if it does not exist */ - } - - _HIP_DEBUG("*** %p %p\n", einfo, previous_einfo); - - HIP_ASSERT(einfo); /* Assertion 1 */ - - /* Allocate and fill the HI. Note that here we are assuming that the - endpoint is really a HIT. The following assertion checks that we are - dealing with a HIT. Change the memory allocations and other code when - HIs are really supported. */ - //THIS ISN'T TRUE ALWAYS: _HIP_ASSERT(hi_str_len == 4 * 8 + 7 * 1); - - memset(&endpoint_hip, 0, sizeof(struct endpoint_hip)); - endpoint_hip.family = PF_HIP; - - /* Only HITs are supported, so endpoint_hip is not dynamically allocated - and sizeof(endpoint_hip) is enough */ - endpoint_hip.length = sizeof(struct endpoint_hip); - endpoint_hip.flags = HIP_ENDPOINT_FLAG_HIT; - - ipv6_addr_copy(&endpoint_hip.id.hit, &hit); - - HIP_ASSERT(einfo && einfo->ai_addr); /* Assertion 2 */ - - err = setpeereid((struct sockaddr_eid *) einfo->ai_addr, servname, - (struct endpoint *) &endpoint_hip, ai_res); - if (err) { - HIP_ERROR("association failed (%d): %s\n", err); - goto out_err; - } - - /* Fill the rest of the fields in the einfo */ - einfo->ai_flags = hints->ai_flags; - einfo->ai_family = PF_HIP; - einfo->ai_socktype = hints->ai_socktype; - einfo->ai_protocol = hints->ai_protocol; - einfo->ai_addrlen = sizeof(struct sockaddr_eid); - - /* The einfo structure has been filled now. Now, append it to the linked - list. */ - - /* Set res point to the first memory allocation, so that the starting - point of the linked list will not be forgotten. The res will be set - only once because on the next iteration of the loop it will non-null. - */ - if (!*res) - *res = einfo; - - HIP_ASSERT(einfo && einfo->ai_addr && *res); /* 3 */ - - /* Link the previous endpoint info structure to this new one. */ - if (previous_einfo) { - previous_einfo->ai_next = einfo; - } - - /* Store a pointer to this einfo so that we can link this einfo to the - following einfo on the next iteration. */ - previous_einfo = einfo; - - HIP_ASSERT(einfo && einfo->ai_addr && *res && - previous_einfo == einfo); /* 4 */ - destroy(&mylist); - } - - _HIP_DEBUG("Scanning ended\n"); - - - fallback: + int err = 0, match_found = 0; + unsigned int fqdn_str_len = 0; + FILE *hosts = NULL; + char fqdn_str[HOST_NAME_MAX]; + struct addrinfo *einfo = NULL; + struct addrinfo ai_hints, *ai_res = NULL; + struct addrinfo *previous_einfo = NULL; + /* Only HITs are supported, so endpoint_hip is statically allocated */ + struct endpoint_hip endpoint_hip; + struct in6_addr hit; + List mylist; + + *res = NULL; /* The NULL value is used in the loop below. */ + + HIP_DEBUG("\n"); + + HIP_ASSERT(nodename); + HIP_ASSERT(hints); + + hosts = fopen(hostsfile, "r"); + if (!hosts) { + err = EEI_SYSTEM; + HIP_ERROR("Failed to open %s\n", hostsfile); + goto out_err; + } + + memset(&ai_hints, 0, sizeof(struct addrinfo)); + ai_hints.ai_flags = hints->ai_flags; + /* Family should be AF_ANY but currently the HIP module supports only IPv6. + * In any case, the family cannot be copied directly from hints, because + * it contains PF_HIP. */ + ai_hints.ai_family = AF_INET6; + ai_hints.ai_socktype = hints->ai_socktype; + ai_hints.ai_protocol = hints->ai_protocol; + + /* The getaddrinfo is called only once and the results are copied in each + * element of the endpointinfo linked lists. */ + err = getaddrinfo(nodename, servname, &ai_hints, &ai_res); + if (err) { + HIP_ERROR("getaddrinfo failed: %s\n", gai_strerror(err)); + goto fallback; + } + + /*! \todo check and handle flags here */ + + HIP_ASSERT(!*res); /* Pre-loop invariable */ + + //HIP_IFEL(err, -1, "Failed to map id to hostname\n"); + + memset(fqdn_str, 0, sizeof(fqdn_str)); + if (inet_pton(AF_INET6, nodename, &hit) > 0) { + _HIP_DEBUG("Nodename is numerical address\n"); + err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &hit, fqdn_str) && + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &hit, fqdn_str)); + } else { + strncpy(fqdn_str, nodename, HOST_NAME_MAX); + } + fqdn_str_len = strlen(fqdn_str); + + if (!err && (!hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_hostname_to_hit_from_hosts, + fqdn_str, &hit) || + !hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_hostname_to_hit_from_hosts, + fqdn_str, &hit))) { + /* create endpointinfo structure for every HIT */ + einfo = calloc(1, sizeof(struct addrinfo)); + + HIP_IFE(!einfo, EEI_MEMORY); + + einfo->ai_addr = calloc(1, sizeof(struct sockaddr_eid)); + HIP_IFE(!einfo->ai_addr, EEI_MEMORY); + + if (hints->ai_flags & AI_CANONNAME) { + einfo->ai_canonname = malloc(fqdn_str_len + 1); + HIP_IFE(!einfo->ai_canonname, EEI_MEMORY); + HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); + strcpy(einfo->ai_canonname, fqdn_str); + /* XX FIX: we should append the domain name if it does not exist */ + } + + _HIP_DEBUG("*** %p %p\n", einfo, previous_einfo); + + HIP_ASSERT(einfo); /* Assertion 1 */ + + /* Allocate and fill the HI. Note that here we are assuming that the + * endpoint is really a HIT. The following assertion checks that we are + * dealing with a HIT. Change the memory allocations and other code when + * HIs are really supported. */ + //THIS ISN'T TRUE ALWAYS: _HIP_ASSERT(hi_str_len == 4 * 8 + 7 * 1); + + memset(&endpoint_hip, 0, sizeof(struct endpoint_hip)); + endpoint_hip.family = PF_HIP; + + /* Only HITs are supported, so endpoint_hip is not dynamically allocated + * and sizeof(endpoint_hip) is enough */ + endpoint_hip.length = sizeof(struct endpoint_hip); + endpoint_hip.flags = HIP_ENDPOINT_FLAG_HIT; + + ipv6_addr_copy(&endpoint_hip.id.hit, &hit); + + HIP_ASSERT(einfo && einfo->ai_addr); /* Assertion 2 */ + + err = setpeereid((struct sockaddr_eid *) einfo->ai_addr, servname, + (struct endpoint *) &endpoint_hip, ai_res); + if (err) { + HIP_ERROR("association failed (%d): %s\n", err); + goto out_err; + } + + /* Fill the rest of the fields in the einfo */ + einfo->ai_flags = hints->ai_flags; + einfo->ai_family = PF_HIP; + einfo->ai_socktype = hints->ai_socktype; + einfo->ai_protocol = hints->ai_protocol; + einfo->ai_addrlen = sizeof(struct sockaddr_eid); + + /* The einfo structure has been filled now. Now, append it to the linked + * list. */ + + /* Set res point to the first memory allocation, so that the starting + * point of the linked list will not be forgotten. The res will be set + * only once because on the next iteration of the loop it will non-null. + */ + if (!*res) { + *res = einfo; + } + + HIP_ASSERT(einfo && einfo->ai_addr && *res); /* 3 */ + + /* Link the previous endpoint info structure to this new one. */ + if (previous_einfo) { + previous_einfo->ai_next = einfo; + } + + /* Store a pointer to this einfo so that we can link this einfo to the + * following einfo on the next iteration. */ + previous_einfo = einfo; + + HIP_ASSERT(einfo && einfo->ai_addr && *res && + previous_einfo == einfo); /* 4 */ + destroy(&mylist); + } + + _HIP_DEBUG("Scanning ended\n"); + + +fallback: #if 0 /* XX FIXME: the function below does not work */ - /* If no entries are found, fallback on the kernel's list */ - if (!*res) { - HIP_DEBUG("No entries found, querying hipd for entries\n"); - err = get_hipd_peer_list(nodename, servname, hints, res, 1); + /* If no entries are found, fallback on the kernel's list */ + if (!*res) { + HIP_DEBUG("No entries found, querying hipd for entries\n"); + err = get_hipd_peer_list(nodename, servname, hints, res, 1); + if (err) { + HIP_ERROR("Failed to get kernel peer list (%d)\n", err); + goto out_err; + } + HIP_DEBUG("Done with hipd entries\n"); + if (*res) { + match_found = 1; + } + } +#endif + + HIP_ASSERT(err == 0); + + if (!match_found) { + err = EEI_NONAME; + } + +out_err: + + if (ai_res) { + freeaddrinfo(ai_res); + } + + if (hosts) { + fclose(hosts); + } + + /* Free all of the reserved memory on error */ if (err) { - HIP_ERROR("Failed to get kernel peer list (%d)\n", err); - goto out_err; - } - HIP_DEBUG("Done with hipd entries\n"); - if (*res) { - match_found = 1; - } - } -#endif - - HIP_ASSERT(err == 0); - - if (!match_found) { - err = EEI_NONAME; - } - - out_err: - - if (ai_res) - freeaddrinfo(ai_res); - - if (hosts) - fclose(hosts); - - /* Free all of the reserved memory on error */ - if (err) { - /* Assertions 1, 2 and 3: einfo has not been linked to *res and - it has to be freed separately. In English: free only einfo - if it has not been linked into the *res list */ - if (einfo && previous_einfo != einfo) { - if (einfo->ai_addr) - free(einfo->ai_addr); - if (einfo->ai_canonname) - free(einfo->ai_canonname); - free(einfo); - } - - /* Assertion 4: einfo has been linked into the *res. Free all of the - *res list elements (einfo does not need be freed separately). */ - if (*res) { - free_endpointinfo(*res); - /* In case the caller of tries to free the res again */ - *res = NULL; - } - } - return err; + /* Assertions 1, 2 and 3: einfo has not been linked to *res and + * it has to be freed separately. In English: free only einfo + * if it has not been linked into the *res list */ + if (einfo && previous_einfo != einfo) { + if (einfo->ai_addr) { + free(einfo->ai_addr); + } + if (einfo->ai_canonname) { + free(einfo->ai_canonname); + } + free(einfo); + } + + /* Assertion 4: einfo has been linked into the *res. Free all of the + *res list elements (einfo does not need be freed separately). */ + if (*res) { + free_endpointinfo(*res); + /* In case the caller of tries to free the res again */ + *res = NULL; + } + } + return err; } int getendpointinfo(const char *nodename, const char *servname, - const struct addrinfo *hints, - struct addrinfo **res) + const struct addrinfo *hints, + struct addrinfo **res) { - int err = 0; - struct addrinfo modified_hints; - struct addrinfo *first, *current, *new; - char *filenamebase = NULL; - int filenamebase_len, ret, i; - List list; - - initlist(&list); - - /* Only HIP is currently supported */ - if (hints && hints->ai_family != PF_HIP) { - err = -EAI_FAMILY; - HIP_ERROR("Only HIP is currently supported\n"); - goto err_out; - } - /* XX:TODO Check flag values from hints!!! - E.g. EI_HI_ANY* should cause the resolver to output only a single socket - address containing an ED that would be received using the corresponding - HIP_HI_*ANY macro. EI_ANON flag causes the resolver to return only local - anonymous ids. - */ - - if (hints) { - memcpy(&modified_hints, hints, sizeof(struct addrinfo)); - } else { - /* No hints given, assign default hints */ - memset(&modified_hints, 0, sizeof(struct addrinfo)); - modified_hints.ai_family = PF_HIP; - } - /* getaddrinfo has been modified to support the legacy HIP API and this - ensures that the legacy API does not do anything funny */ - modified_hints.ai_flags |= AI_HIP_NATIVE; - - /* Note about the hints: the hints is overloaded with AI_XX and EI_XX flags. - We make the (concious and lazy) decision not to separate them into - different flags and assume that both getendpointinfo and getaddrinfo - can survive the overloaded flags. The AI_XX and EI_XX in netdb.h have - distinct values, so this should be ok. */ + int err = 0; + struct addrinfo modified_hints; + struct addrinfo *first, *current, *new; + char *filenamebase = NULL; + int filenamebase_len, ret, i; + List list; + + initlist(&list); + + /* Only HIP is currently supported */ + if (hints && hints->ai_family != PF_HIP) { + err = -EAI_FAMILY; + HIP_ERROR("Only HIP is currently supported\n"); + goto err_out; + } + /* XX:TODO Check flag values from hints!!! + * E.g. EI_HI_ANY* should cause the resolver to output only a single socket + * address containing an ED that would be received using the corresponding + * HIP_HI_*ANY macro. EI_ANON flag causes the resolver to return only local + * anonymous ids. + */ + + if (hints) { + memcpy(&modified_hints, hints, sizeof(struct addrinfo)); + } else { + /* No hints given, assign default hints */ + memset(&modified_hints, 0, sizeof(struct addrinfo)); + modified_hints.ai_family = PF_HIP; + } + /* getaddrinfo has been modified to support the legacy HIP API and this + * ensures that the legacy API does not do anything funny */ + modified_hints.ai_flags |= AI_HIP_NATIVE; + + /* Note about the hints: the hints is overloaded with AI_XX and EI_XX flags. + * We make the (concious and lazy) decision not to separate them into + * different flags and assume that both getendpointinfo and getaddrinfo + * can survive the overloaded flags. The AI_XX and EI_XX in netdb.h have + * distinct values, so this should be ok. */ #if 0 /* the function below should be reimplemented */ - /* Check for kernel list request */ - if (modified_hints.ai_flags & AI_KERNEL_LIST) { - err = get_hipd_peer_list(nodename, servname, &modified_hints, res, 0); - goto err_out; - } + /* Check for kernel list request */ + if (modified_hints.ai_flags & AI_KERNEL_LIST) { + err = get_hipd_peer_list(nodename, servname, &modified_hints, res, 0); + goto err_out; + } #endif - if (nodename == NULL) { - *res = calloc(1, sizeof(struct addrinfo)); - if (!*res) { - err = EEI_MEMORY; - goto err_out; - } - - /*DEFAULT_CONFIG_DIR = /etc/hip/*/ - findkeyfiles(DEFAULT_CONFIG_DIR, &list); - - /* allocate the first endpointinfo - and then link the others to it */ - - filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + - strlen(getitem(&list,0)) + 1; - - filenamebase = malloc(filenamebase_len); - if (!filenamebase) { - HIP_ERROR("Couldn't allocate file name\n"); - err = -ENOMEM; - goto err_out; - } - ret = snprintf(filenamebase, filenamebase_len, "%s/%s", - DEFAULT_CONFIG_DIR, - getitem(&list,0)); - if (ret <= 0) { - err = -EINVAL; - goto err_out; - } - err = get_localhost_endpointinfo(filenamebase, servname, - &modified_hints, &first); - - free(filenamebase); - current = first; - - for(i=1; i<length(&list); i++) { - _HIP_DEBUG ("%s\n", getitem(&list,i)); - - filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + - strlen(getitem(&list,i)) + 1; - - filenamebase = malloc(filenamebase_len); - if (!filenamebase) { - HIP_ERROR("Couldn't allocate file name\n"); - err = -ENOMEM; - goto err_out; - } - - ret = snprintf(filenamebase, filenamebase_len, "%s/%s", - DEFAULT_CONFIG_DIR, - getitem(&list,i)); - if (ret <= 0) { - err = -EINVAL; - goto err_out; - } - - err = get_localhost_endpointinfo(filenamebase, servname, - &modified_hints, &new); - if (err) { - HIP_ERROR("get_localhost_endpointinfo() failed\n"); - goto err_out; - } - - current->ai_next = new; - current = new; - - } - - *res = first; - - } else { + if (nodename == NULL) { + *res = calloc(1, sizeof(struct addrinfo)); + if (!*res) { + err = EEI_MEMORY; + goto err_out; + } + + /*DEFAULT_CONFIG_DIR = /etc/hip/*/ + findkeyfiles(DEFAULT_CONFIG_DIR, &list); + + /* allocate the first endpointinfo + * and then link the others to it */ + + filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + + strlen(getitem(&list, 0)) + 1; + + filenamebase = malloc(filenamebase_len); + if (!filenamebase) { + HIP_ERROR("Couldn't allocate file name\n"); + err = -ENOMEM; + goto err_out; + } + ret = snprintf(filenamebase, filenamebase_len, "%s/%s", + DEFAULT_CONFIG_DIR, + getitem(&list, 0)); + if (ret <= 0) { + err = -EINVAL; + goto err_out; + } + err = get_localhost_endpointinfo(filenamebase, servname, + &modified_hints, &first); + + free(filenamebase); + current = first; + + for (i = 1; i < length(&list); i++) { + _HIP_DEBUG("%s\n", getitem(&list, i)); + + filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + + strlen(getitem(&list, i)) + 1; + + filenamebase = malloc(filenamebase_len); + if (!filenamebase) { + HIP_ERROR("Couldn't allocate file name\n"); + err = -ENOMEM; + goto err_out; + } + + ret = snprintf(filenamebase, filenamebase_len, "%s/%s", + DEFAULT_CONFIG_DIR, + getitem(&list, i)); + if (ret <= 0) { + err = -EINVAL; + goto err_out; + } + + err = get_localhost_endpointinfo(filenamebase, servname, + &modified_hints, &new); + if (err) { + HIP_ERROR("get_localhost_endpointinfo() failed\n"); + goto err_out; + } + + current->ai_next = new; + current = new; + } + + *res = first; + } else { #ifdef CONFIG_HIP_AGENT - /* Communicate the name and port output to the agent - synchronously with netlink. First send the name + port - and then wait for answer (select). The agent filters - or modifies the list. The agent implements get_peer_endpointinfo - with some filtering. */ + /* Communicate the name and port output to the agent + * synchronously with netlink. First send the name + port + * and then wait for answer (select). The agent filters + * or modifies the list. The agent implements get_peer_endpointinfo + * with some filtering. */ #endif /* add #elseif */ - err = (get_peer_endpointinfo(HIPL_HOSTS_FILE, nodename, servname, - &modified_hints, res) && - get_peer_endpointinfo(HOSTS_FILE, nodename, servname, - &modified_hints, res)); - } - - err_out: - - if(filenamebase) - free(filenamebase); - if(length(&list)>0) - destroy(&list); - - return err; + err = (get_peer_endpointinfo(HIPL_HOSTS_FILE, nodename, servname, + &modified_hints, res) && + get_peer_endpointinfo(HOSTS_FILE, nodename, servname, + &modified_hints, res)); + } + +err_out: + + if (filenamebase) { + free(filenamebase); + } + if (length(&list) > 0) { + destroy(&list); + } + + return err; } const char *gepi_strerror(int errcode) { - return "HIP native resolver failed"; /* XX FIXME */ + return "HIP native resolver failed"; /* XX FIXME */ } - int get_localhost_endpoint_no_setmyeid(const char *basename, - const char *servname, - struct addrinfo *hints, - struct addrinfo **res, - struct hip_lhi *lhi) + const char *servname, + struct addrinfo *hints, + struct addrinfo **res, + struct hip_lhi *lhi) { - int err = 0, algo = 0; - DSA *dsa = NULL; - RSA *rsa = NULL; - unsigned char *key_rr = NULL; - int key_rr_len = 0; - struct endpoint_hip *endpoint_hip = NULL; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - struct if_nameindex *ifaces = NULL; - const char *pub_suffix = "_pub"; - - *res = NULL; - - _HIP_DEBUG("get_localhost_endpoint()\n"); - HIP_ASSERT(hints); - - // XX TODO: check flags? - memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); - err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); - if (err) { - HIP_ERROR("gethostname failed (%d)\n", err); - err = EEI_NONAME; - goto out_err; - } - - /* System specific HIs should be added into the kernel with the - HIP_HI_REUSE_ANY flag set, because this way we make the HIs - readable by all processes. This function calls setmyeid() internally.. */ - hints->ai_flags |= HIP_HI_REUSE_ANY; - - /* select between anonymous/public HI based on the file name */ - if(!findsubstring(basename, pub_suffix)) { - hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; - HIP_DEBUG("Anonymous HI\n"); - } else { - HIP_DEBUG("Published HI\n"); - } - - if(findsubstring(basename, "rsa")) - algo = HIP_HI_RSA; - else if(findsubstring(basename, "dsa")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",basename); - err = -ENOMEM; - goto out_err; - } - - if(algo == HIP_HI_RSA) - //modified according Laura's suggestion - // err = load_rsa_private_key(basename, &rsa); - err = load_rsa_public_key(basename, &rsa); - else - //err = load_dsa_private_key(basename, &dsa); - err = load_dsa_public_key(basename, &dsa); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Loading of private key %s failed\n", basename); - goto out_err; - } - - if(algo == HIP_HI_RSA) - err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); - else - err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); - if (err) { - HIP_ERROR("Failed to allocate and build endpoint.\n"); - err = EEI_SYSTEM; - goto out_err; - } - - _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, - hip_get_param_total_len(&endpoint_hip->id.host_id)); - - _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); - - if(algo == HIP_HI_RSA) { - key_rr_len = rsa_to_dns_key_rr(rsa, &key_rr); - if (key_rr_len <= 0) { - HIP_ERROR("rsa_key_rr_len <= 0\n"); - err = -EFAULT; - goto out_err; - } - // err = hip_private_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); - err = hip_public_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); - if (err) { - HIP_ERROR("Conversion from RSA to HIT failed\n"); - goto out_err; - } - _HIP_HEXDUMP("Calculated RSA HIT: ", &lhi->hit, - sizeof(struct in6_addr)); - } else { - key_rr_len = dsa_to_dns_key_rr(dsa, &key_rr); - if (key_rr_len <= 0) { - HIP_ERROR("dsa_key_rr_len <= 0\n"); - err = -EFAULT; - goto out_err; - } - //err = hip_private_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); - err = hip_public_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); - if (err) { - HIP_ERROR("Conversion from DSA to HIT failed\n"); - goto out_err; - } - _HIP_HEXDUMP("Calculated DSA HIT: ", &lhi->hit, - sizeof(struct in6_addr)); - } + int err = 0, algo = 0; + DSA *dsa = NULL; + RSA *rsa = NULL; + unsigned char *key_rr = NULL; + int key_rr_len = 0; + struct endpoint_hip *endpoint_hip = NULL; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + struct if_nameindex *ifaces = NULL; + const char *pub_suffix = "_pub"; + + *res = NULL; + + _HIP_DEBUG("get_localhost_endpoint()\n"); + HIP_ASSERT(hints); + + // XX TODO: check flags? + memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); + err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); + if (err) { + HIP_ERROR("gethostname failed (%d)\n", err); + err = EEI_NONAME; + goto out_err; + } + + /* System specific HIs should be added into the kernel with the + * HIP_HI_REUSE_ANY flag set, because this way we make the HIs + * readable by all processes. This function calls setmyeid() internally.. */ + hints->ai_flags |= HIP_HI_REUSE_ANY; + + /* select between anonymous/public HI based on the file name */ + if (!findsubstring(basename, pub_suffix)) { + hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; + HIP_DEBUG("Anonymous HI\n"); + } else { + HIP_DEBUG("Published HI\n"); + } + + if (findsubstring(basename, "rsa")) { + algo = HIP_HI_RSA; + } else if (findsubstring(basename, "dsa")) { + algo = HIP_HI_DSA; + } else { + HIP_ERROR("Wrong kind of key file: %s\n", basename); + err = -ENOMEM; + goto out_err; + } + + if (algo == HIP_HI_RSA) { + //modified according Laura's suggestion + // err = load_rsa_private_key(basename, &rsa); + err = load_rsa_public_key(basename, &rsa); + } else { + //err = load_dsa_private_key(basename, &dsa); + err = load_dsa_public_key(basename, &dsa); + } + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Loading of private key %s failed\n", basename); + goto out_err; + } + + if (algo == HIP_HI_RSA) { + err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); + } else { + err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); + } + if (err) { + HIP_ERROR("Failed to allocate and build endpoint.\n"); + err = EEI_SYSTEM; + goto out_err; + } + + _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, + hip_get_param_total_len(&endpoint_hip->id.host_id)); + + _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); + + if (algo == HIP_HI_RSA) { + key_rr_len = rsa_to_dns_key_rr(rsa, &key_rr); + if (key_rr_len <= 0) { + HIP_ERROR("rsa_key_rr_len <= 0\n"); + err = -EFAULT; + goto out_err; + } + // err = hip_private_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); + err = hip_public_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); + if (err) { + HIP_ERROR("Conversion from RSA to HIT failed\n"); + goto out_err; + } + _HIP_HEXDUMP("Calculated RSA HIT: ", &lhi->hit, + sizeof(struct in6_addr)); + } else { + key_rr_len = dsa_to_dns_key_rr(dsa, &key_rr); + if (key_rr_len <= 0) { + HIP_ERROR("dsa_key_rr_len <= 0\n"); + err = -EFAULT; + goto out_err; + } + //err = hip_private_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); + err = hip_public_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); + if (err) { + HIP_ERROR("Conversion from DSA to HIT failed\n"); + goto out_err; + } + _HIP_HEXDUMP("Calculated DSA HIT: ", &lhi->hit, + sizeof(struct in6_addr)); + } #if 0 /* XX FIXME */ - ifaces = if_nameindex(); - if (ifaces == NULL || (ifaces->if_index == 0)) { - HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); - err = 1; - goto out_err; - } + ifaces = if_nameindex(); + if (ifaces == NULL || (ifaces->if_index == 0)) { + HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); + err = 1; + goto out_err; + } #endif - *res = calloc(1, sizeof(struct addrinfo)); - if (!*res) { - err = EEI_MEMORY; - goto out_err; - } - - (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); - if (!(*res)->ai_addr) { - err = EEI_MEMORY; - goto out_err; - } - - if (hints->ai_flags & AI_CANONNAME) { - int len = strlen(hostname) + 1; - if (len > 1) { - (*res)->ai_canonname = malloc(len); - if (!((*res)->ai_canonname)) { - err = EEI_MEMORY; - goto out_err; - } - memcpy((*res)->ai_canonname, hostname, len); - } - } - - out_err: - - if (rsa) - RSA_free(rsa); - - if (dsa) - DSA_free(dsa); - - if (endpoint_hip) - free(endpoint_hip); - - if (ifaces) - if_freenameindex(ifaces); - - if (key_rr) - free(key_rr); - - return err; + *res = calloc(1, sizeof(struct addrinfo)); + if (!*res) { + err = EEI_MEMORY; + goto out_err; + } + + (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); + if (!(*res)->ai_addr) { + err = EEI_MEMORY; + goto out_err; + } + + if (hints->ai_flags & AI_CANONNAME) { + int len = strlen(hostname) + 1; + if (len > 1) { + (*res)->ai_canonname = malloc(len); + if (!((*res)->ai_canonname)) { + err = EEI_MEMORY; + goto out_err; + } + memcpy((*res)->ai_canonname, hostname, len); + } + } + +out_err: + + if (rsa) { + RSA_free(rsa); + } + + if (dsa) { + DSA_free(dsa); + } + + if (endpoint_hip) { + free(endpoint_hip); + } + + if (ifaces) { + if_freenameindex(ifaces); + } + + if (key_rr) { + free(key_rr); + } + + return err; } int get_localhost_endpoint(const char *basename, - const char *servname, - struct addrinfo *hints, - struct addrinfo **res, - struct hip_lhi *lhi) + const char *servname, + struct addrinfo *hints, + struct addrinfo **res, + struct hip_lhi *lhi) { - int err = 0, algo = 0; - DSA *dsa = NULL; - RSA *rsa = NULL; - unsigned char *key_rr = NULL; - int key_rr_len = 0; - struct endpoint_hip *endpoint_hip = NULL; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - struct if_nameindex *ifaces = NULL; - const char *pub_suffix = "_pub"; - - *res = NULL; - - _HIP_DEBUG("get_localhost_endpoint()\n"); - HIP_ASSERT(hints); - - // XX TODO: check flags? - memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); - err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); - if (err) { - HIP_ERROR("gethostname failed (%d)\n", err); - err = EEI_NONAME; - goto out_err; - } - - /* System specific HIs should be added into the kernel with the - HIP_HI_REUSE_ANY flag set, because this way we make the HIs - readable by all processes. This function calls setmyeid() internally.. */ - hints->ai_flags |= HIP_HI_REUSE_ANY; - - /* select between anonymous/public HI based on the file name */ - if(!findsubstring(basename, pub_suffix)) - hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; - - /* check the algorithm from PEM format key */ - /* Bing, replace the following code: - fp = fopen(basename, "rb"); - if (!fp) { - HIP_ERROR("Couldn't open key file %s for reading\n", basename); - err = -ENOMEM; - goto out_err; - } - fgets(first_key_line,30,fp); //read first line. - _HIP_DEBUG("1st key line: %s",first_key_line); - fclose(fp); - - if(findsubstring(first_key_line, "RSA")) - algo = HIP_HI_RSA; - else if(findsubstring(first_key_line, "DSA")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",basename); - err = -ENOMEM; - goto out_err; - } - */ - /*Bing, the following code is used instead of the above code*/ - if(findsubstring(basename, "rsa")) - algo = HIP_HI_RSA; - else if(findsubstring(basename, "dsa")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Wrong kind of key file: %s\n",basename); - err = -ENOMEM; - goto out_err; - } - - if(algo == HIP_HI_RSA) - //modified according Laura's suggestion - // err = load_rsa_private_key(basename, &rsa); - err = load_rsa_public_key(basename, &rsa); - else - //err = load_dsa_private_key(basename, &dsa); - err = load_dsa_public_key(basename, &dsa); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Loading of private key %s failed\n", basename); - goto out_err; - } - - if(algo == HIP_HI_RSA) - err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); - else - err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); - if (err) { - HIP_ERROR("Failed to allocate and build endpoint.\n"); - err = EEI_SYSTEM; - goto out_err; - } - - _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, - hip_get_param_total_len(&endpoint_hip->id.host_id)); - - - _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); - - if(algo == HIP_HI_RSA) { - key_rr_len = rsa_to_dns_key_rr(rsa, &key_rr); - if (key_rr_len <= 0) { - HIP_ERROR("rsa_key_rr_len <= 0\n"); - err = -EFAULT; - goto out_err; - } - // err = hip_private_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); - err = hip_public_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); - if (err) { - HIP_ERROR("Conversion from RSA to HIT failed\n"); - goto out_err; - } - _HIP_HEXDUMP("Calculated RSA HIT: ", &lhi->hit, - sizeof(struct in6_addr)); - } else { - key_rr_len = dsa_to_dns_key_rr(dsa, &key_rr); - if (key_rr_len <= 0) { - HIP_ERROR("dsa_key_rr_len <= 0\n"); - err = -EFAULT; - goto out_err; - } - //err = hip_private_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); - err = hip_public_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); - if (err) { - HIP_ERROR("Conversion from DSA to HIT failed\n"); - goto out_err; - } - _HIP_HEXDUMP("Calculated DSA HIT: ", &lhi->hit, - sizeof(struct in6_addr)); - } + int err = 0, algo = 0; + DSA *dsa = NULL; + RSA *rsa = NULL; + unsigned char *key_rr = NULL; + int key_rr_len = 0; + struct endpoint_hip *endpoint_hip = NULL; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + struct if_nameindex *ifaces = NULL; + const char *pub_suffix = "_pub"; + + *res = NULL; + + _HIP_DEBUG("get_localhost_endpoint()\n"); + HIP_ASSERT(hints); + + // XX TODO: check flags? + memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); + err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); + if (err) { + HIP_ERROR("gethostname failed (%d)\n", err); + err = EEI_NONAME; + goto out_err; + } + + /* System specific HIs should be added into the kernel with the + * HIP_HI_REUSE_ANY flag set, because this way we make the HIs + * readable by all processes. This function calls setmyeid() internally.. */ + hints->ai_flags |= HIP_HI_REUSE_ANY; + + /* select between anonymous/public HI based on the file name */ + if (!findsubstring(basename, pub_suffix)) { + hints->ai_flags |= HIP_ENDPOINT_FLAG_ANON; + } + + /* check the algorithm from PEM format key */ + /* Bing, replace the following code: + * fp = fopen(basename, "rb"); + * if (!fp) { + * HIP_ERROR("Couldn't open key file %s for reading\n", basename); + * err = -ENOMEM; + * goto out_err; + * } + * fgets(first_key_line,30,fp); //read first line. + * _HIP_DEBUG("1st key line: %s",first_key_line); + * fclose(fp); + * + * if(findsubstring(first_key_line, "RSA")) + * algo = HIP_HI_RSA; + * else if(findsubstring(first_key_line, "DSA")) + * algo = HIP_HI_DSA; + * else { + * HIP_ERROR("Wrong kind of key file: %s\n",basename); + * err = -ENOMEM; + * goto out_err; + * } + */ + /*Bing, the following code is used instead of the above code*/ + if (findsubstring(basename, "rsa")) { + algo = HIP_HI_RSA; + } else if (findsubstring(basename, "dsa")) { + algo = HIP_HI_DSA; + } else { + HIP_ERROR("Wrong kind of key file: %s\n", basename); + err = -ENOMEM; + goto out_err; + } + + if (algo == HIP_HI_RSA) { + //modified according Laura's suggestion + // err = load_rsa_private_key(basename, &rsa); + err = load_rsa_public_key(basename, &rsa); + } else { + //err = load_dsa_private_key(basename, &dsa); + err = load_dsa_public_key(basename, &dsa); + } + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Loading of private key %s failed\n", basename); + goto out_err; + } + + if (algo == HIP_HI_RSA) { + err = rsa_to_hip_endpoint(rsa, &endpoint_hip, hints->ai_flags, hostname); + } else { + err = dsa_to_hip_endpoint(dsa, &endpoint_hip, hints->ai_flags, hostname); + } + if (err) { + HIP_ERROR("Failed to allocate and build endpoint.\n"); + err = EEI_SYSTEM; + goto out_err; + } + + _HIP_HEXDUMP("host identity in endpoint: ", &endpoint_hip->id.host_id, + hip_get_param_total_len(&endpoint_hip->id.host_id)); + + + _HIP_HEXDUMP("hip endpoint: ", endpoint_hip, endpoint_hip->length); + + if (algo == HIP_HI_RSA) { + key_rr_len = rsa_to_dns_key_rr(rsa, &key_rr); + if (key_rr_len <= 0) { + HIP_ERROR("rsa_key_rr_len <= 0\n"); + err = -EFAULT; + goto out_err; + } + // err = hip_private_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); + err = hip_public_rsa_to_hit(rsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); + if (err) { + HIP_ERROR("Conversion from RSA to HIT failed\n"); + goto out_err; + } + _HIP_HEXDUMP("Calculated RSA HIT: ", &lhi->hit, + sizeof(struct in6_addr)); + } else { + key_rr_len = dsa_to_dns_key_rr(dsa, &key_rr); + if (key_rr_len <= 0) { + HIP_ERROR("dsa_key_rr_len <= 0\n"); + err = -EFAULT; + goto out_err; + } + //err = hip_private_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH120, &lhi->hit); + err = hip_public_dsa_to_hit(dsa, key_rr, HIP_HIT_TYPE_HASH100, &lhi->hit); + if (err) { + HIP_ERROR("Conversion from DSA to HIT failed\n"); + goto out_err; + } + _HIP_HEXDUMP("Calculated DSA HIT: ", &lhi->hit, + sizeof(struct in6_addr)); + } #if 0 /* XX FIXME */ - ifaces = if_nameindex(); - if (ifaces == NULL || (ifaces->if_index == 0)) { - HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); - err = 1; - goto out_err; - } + ifaces = if_nameindex(); + if (ifaces == NULL || (ifaces->if_index == 0)) { + HIP_ERROR("%s\n", (ifaces == NULL) ? "Iface error" : "No ifaces."); + err = 1; + goto out_err; + } #endif - *res = calloc(1, sizeof(struct addrinfo)); - if (!*res) { - err = EEI_MEMORY; - goto out_err; - } - - (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); - if (!(*res)->ai_addr) { - err = EEI_MEMORY; - goto out_err; - } - - if (hints->ai_flags & AI_CANONNAME) { - int len = strlen(hostname) + 1; - if (len > 1) { - (*res)->ai_canonname = malloc(len); - if (!((*res)->ai_canonname)) { - err = EEI_MEMORY; - goto out_err; - } - memcpy((*res)->ai_canonname, hostname, len); - } - } - - err = setmyeid(((struct sockaddr_eid *) (*res)->ai_addr), servname, - (struct endpoint *) endpoint_hip, ifaces); - if (err) { - HIP_ERROR("Failed to set up my EID (%d)\n", err); - err = EEI_SYSTEM; - goto out_err; - } + *res = calloc(1, sizeof(struct addrinfo)); + if (!*res) { + err = EEI_MEMORY; + goto out_err; + } + + (*res)->ai_addr = malloc(sizeof(struct sockaddr_eid)); + if (!(*res)->ai_addr) { + err = EEI_MEMORY; + goto out_err; + } + + if (hints->ai_flags & AI_CANONNAME) { + int len = strlen(hostname) + 1; + if (len > 1) { + (*res)->ai_canonname = malloc(len); + if (!((*res)->ai_canonname)) { + err = EEI_MEMORY; + goto out_err; + } + memcpy((*res)->ai_canonname, hostname, len); + } + } + + err = setmyeid(((struct sockaddr_eid *) (*res)->ai_addr), servname, + (struct endpoint *) endpoint_hip, ifaces); + if (err) { + HIP_ERROR("Failed to set up my EID (%d)\n", err); + err = EEI_SYSTEM; + goto out_err; + } #ifdef CONFIG_HIP_DEBUG - { - //struct sockaddr_eid *eid = (struct sockaddr_eid *) (*res)->ai_addr; - _HIP_DEBUG("eid family=%d value=%d\n", eid->eid_family, - ntohs(eid->eid_val)); - } + { + //struct sockaddr_eid *eid = (struct sockaddr_eid *) (*res)->ai_addr; + _HIP_DEBUG("eid family=%d value=%d\n", eid->eid_family, + ntohs(eid->eid_val)); + } #endif - out_err: - - if (rsa) - RSA_free(rsa); - - if (dsa) - DSA_free(dsa); - - if (endpoint_hip) - free(endpoint_hip); - - if (ifaces) - if_freenameindex(ifaces); - - if (key_rr) - free(key_rr); - - return err; +out_err: + + if (rsa) { + RSA_free(rsa); + } + + if (dsa) { + DSA_free(dsa); + } + + if (endpoint_hip) { + free(endpoint_hip); + } + + if (ifaces) { + if_freenameindex(ifaces); + } + + if (key_rr) { + free(key_rr); + } + + return err; } /** @@ -1824,371 +1876,376 @@ * @todo: rewrite the function to actually return a list * */ -int get_local_hits(const char *servname, struct gaih_addrtuple **adr) { - int err = 0, i; - struct hip_lhi hit; - char *filenamebase = NULL; - int filenamebase_len, ret; - struct addrinfo modified_hints; - struct addrinfo *new = NULL; - //struct hip_common *msg; - //struct in6_addr *hiphit; - //struct hip_tlv_common *det; - List list; - - _HIP_DEBUG("\n"); - - /* assign default hints */ - memset(&modified_hints, 0, sizeof(struct addrinfo)); - modified_hints.ai_family = PF_HIP; - - initlist(&list); - /* find key files from /etc/hosts */ - /* or */ - /* find key files from /etc/hip */ - findkeyfiles(DEFAULT_CONFIG_DIR, &list); - _HIP_DEBUG("LEN:%d\n",length(&list)); - - //hip_build_user_hdr(&msg,HIP_PARAM_IPV6_ADDR, sizeof(struct addrinfo)); - for(i=0; i<length(&list); i++) { - - _HIP_DEBUG("%s\n",getitem(&list,i)); - filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + - strlen(getitem(&list,i)) + 1; - - filenamebase = malloc(filenamebase_len); - HIP_IFEL(!filenamebase, -ENOMEM, "Couldn't allocate file name\n"); - - ret = snprintf(filenamebase, filenamebase_len, "%s/%s", - DEFAULT_CONFIG_DIR, - getitem(&list,i)); - HIP_IFE(ret <= 0, -EINVAL); - - // get_localhost_endpoint(filenamebase, servname, - // &modified_hints, &new, &hit); - get_localhost_endpoint_no_setmyeid(filenamebase, servname, - &modified_hints, &new, &hit); - - _HIP_DEBUG_HIT("Got HIT: ", &hit.hit); - - if (*adr == NULL) { - *adr = malloc(sizeof(struct gaih_addrtuple)); - (*adr)->scopeid = 0; - } - (*adr)->next = NULL; - (*adr)->family = AF_INET6; - memcpy((*adr)->addr, &hit.hit, sizeof(struct in6_addr)); - adr = &((*adr)->next); // for opp mode -miika - - free(filenamebase); - free(new->ai_canonname); - free(new->ai_addr); - free(new); - } - - filenamebase = NULL; - //new = NULL; - - out_err: - if(filenamebase) - free(filenamebase); - //if(new) +int get_local_hits(const char *servname, struct gaih_addrtuple **adr) +{ + int err = 0, i; + struct hip_lhi hit; + char *filenamebase = NULL; + int filenamebase_len, ret; + struct addrinfo modified_hints; + struct addrinfo *new = NULL; + //struct hip_common *msg; + //struct in6_addr *hiphit; + //struct hip_tlv_common *det; + List list; + + _HIP_DEBUG("\n"); + + /* assign default hints */ + memset(&modified_hints, 0, sizeof(struct addrinfo)); + modified_hints.ai_family = PF_HIP; + + initlist(&list); + /* find key files from /etc/hosts */ + /* or */ + /* find key files from /etc/hip */ + findkeyfiles(DEFAULT_CONFIG_DIR, &list); + _HIP_DEBUG("LEN:%d\n", length(&list)); + + //hip_build_user_hdr(&msg,HIP_PARAM_IPV6_ADDR, sizeof(struct addrinfo)); + for (i = 0; i < length(&list); i++) { + _HIP_DEBUG("%s\n", getitem(&list, i)); + filenamebase_len = strlen(DEFAULT_CONFIG_DIR) + 1 + + strlen(getitem(&list, i)) + 1; + + filenamebase = malloc(filenamebase_len); + HIP_IFEL(!filenamebase, -ENOMEM, "Couldn't allocate file name\n"); + + ret = snprintf(filenamebase, filenamebase_len, "%s/%s", + DEFAULT_CONFIG_DIR, + getitem(&list, i)); + HIP_IFE(ret <= 0, -EINVAL); + + // get_localhost_endpoint(filenamebase, servname, + // &modified_hints, &new, &hit); + get_localhost_endpoint_no_setmyeid(filenamebase, servname, + &modified_hints, &new, &hit); + + _HIP_DEBUG_HIT("Got HIT: ", &hit.hit); + + if (*adr == NULL) { + *adr = malloc(sizeof(struct gaih_addrtuple)); + (*adr)->scopeid = 0; + } + (*adr)->next = NULL; + (*adr)->family = AF_INET6; + memcpy((*adr)->addr, &hit.hit, sizeof(struct in6_addr)); + adr = &((*adr)->next); // for opp mode -miika + + free(filenamebase); + free(new->ai_canonname); + free(new->ai_addr); + free(new); + } + + filenamebase = NULL; + //new = NULL; + +out_err: + if (filenamebase) { + free(filenamebase); + } + //if(new) //free(new); - if(list.head) - destroy(&list); - - return err; - + if (list.head) { + destroy(&list); + } + + return err; } int get_peer_addrinfo_hit(const char *hostsfile, - const char *nodename, - const char *servname, - const struct addrinfo *hints, - struct addrinfo **res) + const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res) { - int err = 0; - unsigned int fqdn_str_len = 0; - char fqdn_str[HOST_NAME_MAX]; - struct in6_addr hit; - struct sockaddr_hip *addr; - - HIP_DEBUG("Called, nodename: %s\n", nodename); - *res = NULL; - memset(fqdn_str, 0, sizeof(fqdn_str)); - - if (inet_pton(AF_INET6, nodename, &hit) > 0) { - HIP_DEBUG("Nodename is numerical address\n"); - if (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, &hit, fqdn_str)) - { - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, &hit, fqdn_str); - } - } else { - strncpy(fqdn_str, nodename, HOST_NAME_MAX); - - HIP_IFEL(hip_for_each_hosts_file_line(hostsfile, - hip_map_first_hostname_to_hit_from_hosts, fqdn_str, &hit), -1, - "Couldn't map nodename to HIT\n"); - } - - fqdn_str_len = strlen(fqdn_str); - - (*res) = calloc(1, sizeof(struct addrinfo)); - HIP_IFE(!(*res), EEI_MEMORY); - (*res)->ai_addr = calloc(1, sizeof(struct sockaddr_hip)); - HIP_IFE(!(*res)->ai_addr, EEI_MEMORY); - - if (hints->ai_flags & AI_CANONNAME) { - (*res)->ai_canonname = malloc(fqdn_str_len + 1); - HIP_IFE(!(*res)->ai_canonname, EEI_MEMORY); - HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); - strcpy((*res)->ai_canonname, fqdn_str); - /* XX FIX: we should append the domain name if it does not exist */ - } - - addr = (struct sockaddr_hip *)(*res)->ai_addr; - memcpy(&addr->ship_hit, &hit, sizeof(hit)); - - (*res)->ai_flags = hints->ai_flags; - (*res)->ai_family = PF_HIP; - (*res)->ai_socktype = hints->ai_socktype; - (*res)->ai_protocol = hints->ai_protocol; - (*res)->ai_addrlen = sizeof(struct sockaddr_hip); - - out_err: - - if (err && *res) { - if((*res)->ai_addr) - free((*res)->ai_addr); - if((*res)->ai_canonname) - free((*res)->ai_canonname); - free(*res); - *res = NULL; - } - - return err; + int err = 0; + unsigned int fqdn_str_len = 0; + char fqdn_str[HOST_NAME_MAX]; + struct in6_addr hit; + struct sockaddr_hip *addr; + + HIP_DEBUG("Called, nodename: %s\n", nodename); + *res = NULL; + memset(fqdn_str, 0, sizeof(fqdn_str)); + + if (inet_pton(AF_INET6, nodename, &hit) > 0) { + HIP_DEBUG("Nodename is numerical address\n"); + if (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, &hit, fqdn_str)) { + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, &hit, fqdn_str); + } + } else { + strncpy(fqdn_str, nodename, HOST_NAME_MAX); + + HIP_IFEL(hip_for_each_hosts_file_line(hostsfile, + hip_map_first_hostname_to_hit_from_hosts, fqdn_str, &hit), -1, + "Couldn't map nodename to HIT\n"); + } + + fqdn_str_len = strlen(fqdn_str); + + (*res) = calloc(1, sizeof(struct addrinfo)); + HIP_IFE(!(*res), EEI_MEMORY); + (*res)->ai_addr = calloc(1, sizeof(struct sockaddr_hip)); + HIP_IFE(!(*res)->ai_addr, EEI_MEMORY); + + if (hints->ai_flags & AI_CANONNAME) { + (*res)->ai_canonname = malloc(fqdn_str_len + 1); + HIP_IFE(!(*res)->ai_canonname, EEI_MEMORY); + HIP_ASSERT(strlen(fqdn_str) == fqdn_str_len); + strcpy((*res)->ai_canonname, fqdn_str); + /* XX FIX: we should append the domain name if it does not exist */ + } + + addr = (struct sockaddr_hip *) (*res)->ai_addr; + memcpy(&addr->ship_hit, &hit, sizeof(hit)); + + (*res)->ai_flags = hints->ai_flags; + (*res)->ai_family = PF_HIP; + (*res)->ai_socktype = hints->ai_socktype; + (*res)->ai_protocol = hints->ai_protocol; + (*res)->ai_addrlen = sizeof(struct sockaddr_hip); + +out_err: + + if (err && *res) { + if ((*res)->ai_addr) { + free((*res)->ai_addr); + } + if ((*res)->ai_canonname) { + free((*res)->ai_canonname); + } + free(*res); + *res = NULL; + } + + return err; } /* getendpointfo() modified for sockaddr_hip instead of sockaddr_eid */ int get_hit_addrinfo(const char *nodename, const char *servname, - const struct addrinfo *hints, - struct addrinfo **res) + const struct addrinfo *hints, + struct addrinfo **res) { - int err = 0; - struct addrinfo modified_hints; - struct addrinfo *current = NULL; - - struct sockaddr_hip *sock_hip; - struct hip_tlv_common *current_param = NULL; - hip_tlv_type_t param_type = 0; - struct hip_hit_info *info = NULL; - struct hip_common *msg; - - *res = NULL; - - if (hints) { - memcpy(&modified_hints, hints, sizeof(struct addrinfo)); - } else { - memset(&modified_hints, 0, sizeof(struct addrinfo)); - modified_hints.ai_family = PF_HIP; - } - - if (!nodename) { /* Query local hits from daemon */ - - HIP_IFE(!(msg = hip_msg_alloc()), -ENOMEM); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HITS, 0), -1, - "Failed to build message to daemon\n"); - HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, - "Failed to receive message from daemon\n"); - - while((current_param = hip_get_next_param(msg, current_param)) != NULL) { - param_type = hip_get_param_type(current_param); - if (param_type == HIP_PARAM_HIT_INFO){ - if(!current) { - *res = calloc(1, sizeof(struct addrinfo)); - HIP_IFE(!*res, -ENOMEM); - current = *res; - } else { - current->ai_next = calloc(1, sizeof(struct addrinfo)); - HIP_IFE(!current->ai_next, -ENOMEM); - current = current->ai_next; - } - - sock_hip = calloc(1, sizeof(struct sockaddr_hip)); - HIP_IFE(!sock_hip, -ENOMEM); - info = (struct hip_hit_info *) - hip_get_param_contents_direct(current_param); - memcpy(&sock_hip->ship_hit , &info->lhi.hit, sizeof(struct in6_addr)); - - current->ai_addr = (struct sockaddr *)sock_hip; - current->ai_family = PF_HIP; - current->ai_socktype = hints->ai_socktype; - current->ai_protocol = hints->ai_protocol; - current->ai_addrlen = sizeof(struct sockaddr_hip); - } - } - - } else if (!strcmp(nodename, "0.0.0.0")) { - - (*res) = calloc(1, sizeof(struct addrinfo)); - (*res)->ai_addr = calloc(1, sizeof(struct sockaddr_hip)); - (*res)->ai_family = PF_HIP; - (*res)->ai_socktype = hints->ai_socktype; - (*res)->ai_protocol = hints->ai_protocol; - (*res)->ai_addrlen = sizeof(struct sockaddr_hip); - - } else { - - err = (get_peer_addrinfo_hit(HIPL_HOSTS_FILE, nodename, servname, - &modified_hints, res) && - get_peer_addrinfo_hit(HOSTS_FILE, nodename, servname, - &modified_hints, res)); - } - out_err: - - return err; + int err = 0; + struct addrinfo modified_hints; + struct addrinfo *current = NULL; + + struct sockaddr_hip *sock_hip; + struct hip_tlv_common *current_param = NULL; + hip_tlv_type_t param_type = 0; + struct hip_hit_info *info = NULL; + struct hip_common *msg; + + *res = NULL; + + if (hints) { + memcpy(&modified_hints, hints, sizeof(struct addrinfo)); + } else { + memset(&modified_hints, 0, sizeof(struct addrinfo)); + modified_hints.ai_family = PF_HIP; + } + + if (!nodename) { /* Query local hits from daemon */ + HIP_IFE(!(msg = hip_msg_alloc()), -ENOMEM); + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HITS, 0), -1, + "Failed to build message to daemon\n"); + HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, + "Failed to receive message from daemon\n"); + + while ((current_param = hip_get_next_param(msg, current_param)) != NULL) { + param_type = hip_get_param_type(current_param); + if (param_type == HIP_PARAM_HIT_INFO) { + if (!current) { + *res = calloc(1, sizeof(struct addrinfo)); + HIP_IFE(!*res, -ENOMEM); + current = *res; + } else { + current->ai_next = calloc(1, sizeof(struct addrinfo)); + HIP_IFE(!current->ai_next, -ENOMEM); + current = current->ai_next; + } + + sock_hip = calloc(1, sizeof(struct sockaddr_hip)); + HIP_IFE(!sock_hip, -ENOMEM); + info = (struct hip_hit_info *) + hip_get_param_contents_direct(current_param); + memcpy(&sock_hip->ship_hit, &info->lhi.hit, sizeof(struct in6_addr)); + + current->ai_addr = (struct sockaddr *) sock_hip; + current->ai_family = PF_HIP; + current->ai_socktype = hints->ai_socktype; + current->ai_protocol = hints->ai_protocol; + current->ai_addrlen = sizeof(struct sockaddr_hip); + } + } + } else if (!strcmp(nodename, "0.0.0.0")) { + (*res) = calloc(1, sizeof(struct addrinfo)); + (*res)->ai_addr = calloc(1, sizeof(struct sockaddr_hip)); + (*res)->ai_family = PF_HIP; + (*res)->ai_socktype = hints->ai_socktype; + (*res)->ai_protocol = hints->ai_protocol; + (*res)->ai_addrlen = sizeof(struct sockaddr_hip); + } else { + err = (get_peer_addrinfo_hit(HIPL_HOSTS_FILE, nodename, servname, + &modified_hints, res) && + get_peer_addrinfo_hit(HOSTS_FILE, nodename, servname, + &modified_hints, res)); + } +out_err: + + return err; } - int get_addrinfo_from_key(const char *basename, - const char *servname, - struct addrinfo *hints, - struct addrinfo **res) + const char *servname, + struct addrinfo *hints, + struct addrinfo **res) { - int err = 0, algo = 0, anon = 0; - DSA *dsa = NULL; - RSA *rsa = NULL; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - FILE* fp; - struct sockaddr_hip *sock_hip; - - *res = NULL; - - HIP_ASSERT(hints); - - if (hints->ai_flags & AI_CANONNAME) { - memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); - err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); - if (err) { - HIP_ERROR("gethostname failed (%d)\n", err); - err = EEI_NONAME; - goto out_err; - } - } - - if(!findsubstring(basename, DEFAULT_PUB_HI_FILE_NAME_SUFFIX)) - anon = HIP_ENDPOINT_FLAG_ANON; - - fp = fopen(basename, "rb"); - if (!fp) { - HIP_ERROR("Couldn't open key file %s for reading\n", basename); - err = -ENOMEM; - goto out_err; - } - - if(findsubstring(basename, "rsa")) - algo = HIP_HI_RSA; - else if(findsubstring(basename, "dsa")) - algo = HIP_HI_DSA; - else { - HIP_ERROR("Key file not RSA or DSA: %s\n",basename); - err = -ENOMEM; - goto out_err; - } - - HIP_DEBUG("basename %s\n", basename); - - if(algo == HIP_HI_RSA) - err = load_rsa_public_key(basename, &rsa); - else - err = load_dsa_public_key(basename, &dsa); - if (err) { - err = EEI_SYSTEM; - HIP_ERROR("Loading of key %s failed\n", basename); - goto out_err; - } - - *res = calloc(1, sizeof(struct addrinfo)); - if (!*res) { - err = EEI_MEMORY; - goto out_err; - } - - (*res)->ai_addr = malloc(sizeof(struct sockaddr_hip)); - if (!(*res)->ai_addr) { - err = EEI_MEMORY; - goto out_err; - } - - sock_hip = (struct sockaddr_hip *)(*res)->ai_addr; - if (algo == HIP_HI_RSA) - err = hip_public_rsa_to_hit(rsa, NULL, anon, &sock_hip->ship_hit); - else - err = hip_public_dsa_to_hit(dsa, NULL, anon, &sock_hip->ship_hit); - - if (err) { - HIP_ERROR("Failed to get HIT from key.\n"); - err = EEI_SYSTEM; - goto out_err; - } - - if (hints->ai_flags & AI_CANONNAME) { - int len = strlen(hostname) + 1; - if (len > 1) { - (*res)->ai_canonname = malloc(len); - if (!((*res)->ai_canonname)) { - err = EEI_MEMORY; - goto out_err; - } - memcpy((*res)->ai_canonname, hostname, len); - } - } - - (*res)->ai_flags = 0; - (*res)->ai_family = PF_HIP; - (*res)->ai_socktype = hints->ai_socktype; - (*res)->ai_protocol = hints->ai_protocol; - (*res)->ai_addrlen = sizeof(struct sockaddr_hip); - /* ai_addr, ai_canonname already set */ - - out_err: - - if (rsa) - RSA_free(rsa); - if (dsa) - DSA_free(dsa); - - if (err && *res) { - if ((*res)->ai_addr) - free((*res)->ai_addr); - if ((*res)->ai_canonname) - free((*res)->ai_canonname); - free(*res); + int err = 0, algo = 0, anon = 0; + DSA *dsa = NULL; + RSA *rsa = NULL; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + FILE *fp; + struct sockaddr_hip *sock_hip; + *res = NULL; - } - - return err; + + HIP_ASSERT(hints); + + if (hints->ai_flags & AI_CANONNAME) { + memset(hostname, 0, HIP_HOST_ID_HOSTNAME_LEN_MAX); + err = gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1); + if (err) { + HIP_ERROR("gethostname failed (%d)\n", err); + err = EEI_NONAME; + goto out_err; + } + } + + if (!findsubstring(basename, DEFAULT_PUB_HI_FILE_NAME_SUFFIX)) { + anon = HIP_ENDPOINT_FLAG_ANON; + } + + fp = fopen(basename, "rb"); + if (!fp) { + HIP_ERROR("Couldn't open key file %s for reading\n", basename); + err = -ENOMEM; + goto out_err; + } + + if (findsubstring(basename, "rsa")) { + algo = HIP_HI_RSA; + } else if (findsubstring(basename, "dsa")) { + algo = HIP_HI_DSA; + } else { + HIP_ERROR("Key file not RSA or DSA: %s\n", basename); + err = -ENOMEM; + goto out_err; + } + + HIP_DEBUG("basename %s\n", basename); + + if (algo == HIP_HI_RSA) { + err = load_rsa_public_key(basename, &rsa); + } else { + err = load_dsa_public_key(basename, &dsa); + } + if (err) { + err = EEI_SYSTEM; + HIP_ERROR("Loading of key %s failed\n", basename); + goto out_err; + } + + *res = calloc(1, sizeof(struct addrinfo)); + if (!*res) { + err = EEI_MEMORY; + goto out_err; + } + + (*res)->ai_addr = malloc(sizeof(struct sockaddr_hip)); + if (!(*res)->ai_addr) { + err = EEI_MEMORY; + goto out_err; + } + + sock_hip = (struct sockaddr_hip *) (*res)->ai_addr; + if (algo == HIP_HI_RSA) { + err = hip_public_rsa_to_hit(rsa, NULL, anon, &sock_hip->ship_hit); + } else { + err = hip_public_dsa_to_hit(dsa, NULL, anon, &sock_hip->ship_hit); + } + + if (err) { + HIP_ERROR("Failed to get HIT from key.\n"); + err = EEI_SYSTEM; + goto out_err; + } + + if (hints->ai_flags & AI_CANONNAME) { + int len = strlen(hostname) + 1; + if (len > 1) { + (*res)->ai_canonname = malloc(len); + if (!((*res)->ai_canonname)) { + err = EEI_MEMORY; + goto out_err; + } + memcpy((*res)->ai_canonname, hostname, len); + } + } + + (*res)->ai_flags = 0; + (*res)->ai_family = PF_HIP; + (*res)->ai_socktype = hints->ai_socktype; + (*res)->ai_protocol = hints->ai_protocol; + (*res)->ai_addrlen = sizeof(struct sockaddr_hip); + /* ai_addr, ai_canonname already set */ + +out_err: + + if (rsa) { + RSA_free(rsa); + } + if (dsa) { + DSA_free(dsa); + } + + if (err && *res) { + if ((*res)->ai_addr) { + free((*res)->ai_addr); + } + if ((*res)->ai_canonname) { + free((*res)->ai_canonname); + } + free(*res); + *res = NULL; + } + + return err; } int get_sockaddr_hip_from_key(const char *filename, struct sockaddr_hip **hit) { - int err = 0; - struct addrinfo hints; - struct addrinfo *res = NULL; - - memset(&hints, 0, sizeof(hints)); - - err = get_addrinfo_from_key(filename, NULL, &hints, &res); - if (err) - goto out_err; - - *hit = (struct sockaddr_hip *)res->ai_addr; - - out_err: - if (res) - free(res); - return err; + int err = 0; + struct addrinfo hints; + struct addrinfo *res = NULL; + + memset(&hints, 0, sizeof(hints)); + + err = get_addrinfo_from_key(filename, NULL, &hints, &res); + if (err) { + goto out_err; + } + + *hit = (struct sockaddr_hip *) res->ai_addr; + +out_err: + if (res) { + free(res); + } + return err; } === modified file 'lib/core/getendpointinfo.c.doxyme' --- lib/core/getendpointinfo.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/getendpointinfo.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,47 +45,47 @@ /** - * convert_port_string_to_number + * convert_port_string_to_number * * * @param servname * @param port - * @return + * @return **/ /** - * free_endpointinfo + * free_endpointinfo * * * @param res - * @return + * @return **/ /** - * gepi_strerror + * gepi_strerror * * * @param errcode - * @return + * @return **/ /** - * get_addrinfo_from_key + * get_addrinfo_from_key * * * @param basename * @param servname * @param hints * @param res - * @return + * @return **/ /** - * get_hipd_peer_list + * get_hipd_peer_list * * * @param nodename @@ -92,148 +93,147 @@ * @param hints * @param res * @param alt_flag - * @return + * @return **/ /** - * get_hit_addrinfo + * get_hit_addrinfo * * * @param nodename * @param servname * @param hints * @param res - * @return + * @return **/ /** - * get_local_hits + * get_local_hits * * * @param servname * @param adr - * @return - **/ - - -/** - * get_localhost_endpoint - * - * - * @param basename - * @param servname - * @param hints - * @param res - * @param lhi - * @return - **/ - - -/** - * get_localhost_endpoint_no_setmyeid - * - * - * @param basename - * @param servname - * @param hints - * @param res - * @param lhi - * @return - **/ - - -/** - * get_localhost_endpointinfo - * - * - * @param basename - * @param servname - * @param hints - * @param res - * @return - **/ - - -/** - * get_peer_addrinfo_hit - * - * - * @param hostsfile - * @param nodename - * @param servname - * @param hints - * @param res - * @return - **/ - - -/** - * get_peer_endpointinfo - * - * - * @param hostsfile - * @param nodename - * @param servname - * @param hints - * @param res - * @return - **/ - - -/** - * get_sockaddr_hip_from_key + * @return + **/ + + +/** + * get_localhost_endpoint + * + * + * @param basename + * @param servname + * @param hints + * @param res + * @param lhi + * @return + **/ + + +/** + * get_localhost_endpoint_no_setmyeid + * + * + * @param basename + * @param servname + * @param hints + * @param res + * @param lhi + * @return + **/ + + +/** + * get_localhost_endpointinfo + * + * + * @param basename + * @param servname + * @param hints + * @param res + * @return + **/ + + +/** + * get_peer_addrinfo_hit + * + * + * @param hostsfile + * @param nodename + * @param servname + * @param hints + * @param res + * @return + **/ + + +/** + * get_peer_endpointinfo + * + * + * @param hostsfile + * @param nodename + * @param servname + * @param hints + * @param res + * @return + **/ + + +/** + * get_sockaddr_hip_from_key * * * @param filename * @param hit - * @return + * @return **/ /** - * getendpointinfo + * getendpointinfo * * * @param nodename * @param servname * @param hints * @param res - * @return + * @return **/ /** - * load_hip_endpoint_pem + * load_hip_endpoint_pem * * * @param filename * @param endpoint - * @return + * @return **/ /** - * setmyeid + * setmyeid * * * @param my_eid * @param servname * @param endpoint * @param ifaces - * @return + * @return **/ /** - * setpeereid + * setpeereid * * * @param peer_eid * @param servname * @param endpoint * @param addrinfo - * @return + * @return **/ - === modified file 'lib/core/getendpointinfo.h' --- lib/core/getendpointinfo.h 2010-01-19 11:26:32 +0000 +++ lib/core/getendpointinfo.h 2010-02-10 23:55:24 +0000 @@ -11,70 +11,70 @@ #include "lib/tool/lutil.h" -# define AI_HIP 0x0800 /* Return only HIT addresses */ -# define AI_HIP_NATIVE 0x1000 /* For getaddrinfo internal use only */ -# define AI_RENDEZVOUS XX_FIX_ME /* The address belongs to rendezvous */ -# define AI_KERNEL_LIST 0x2000 /* Return the list of kernel addresses */ -# define AI_CHK_KERNEL 0x4000 /* Check kernel list of addresses */ -# define AI_NODHT 0x8000 /* Check kernel list of addresses */ +# define AI_HIP 0x0800 /* Return only HIT addresses */ +# define AI_HIP_NATIVE 0x1000 /* For getaddrinfo internal use only */ +# define AI_RENDEZVOUS XX_FIX_ME /* The address belongs to rendezvous */ +# define AI_KERNEL_LIST 0x2000 /* Return the list of kernel addresses */ +# define AI_CHK_KERNEL 0x4000 /* Check kernel list of addresses */ +# define AI_NODHT 0x8000 /* Check kernel list of addresses */ /* XX TODO: begin these flags from where the AI_XX ends */ -# define EI_PASSIVE 0x0001 /* Socket address is intended for `bind'. */ -# define EI_CANONNAME 0x0002 /* Request for canonical name. */ -# define EI_ANON XX_FIX_ME /* Return only anonymous endpoints */ -# define EI_NOLOCATORS XX_FIX_ME /* Do not resolve IP addresses */ -# define EI_FALLBACK XX_FIX_ME /* Fall back to plain TCP/IP is ok */ +# define EI_PASSIVE 0x0001 /* Socket address is intended for `bind'. */ +# define EI_CANONNAME 0x0002 /* Request for canonical name. */ +# define EI_ANON XX_FIX_ME /* Return only anonymous endpoints */ +# define EI_NOLOCATORS XX_FIX_ME /* Do not resolve IP addresses */ +# define EI_FALLBACK XX_FIX_ME /* Fall back to plain TCP/IP is ok */ /* Error values for `getendpointinfo' function */ /* XX TODO: Are these really needed (they are the same with getaddrinfo)? */ /* # define EEI_BADFLAGS -1 /\* Invalid value for `ai_flags' field. *\/ */ -# define EEI_NONAME -2 /* NAME or SERVICE is unknown. */ -# define EEI_AGAIN -3 /* Temporary failure in name resolution. */ -# define EEI_FAIL -4 /* Non-recoverable failure in name res. */ -# define EEI_NODATA -5 /* No address associated with NAME. */ -# define EEI_FAMILY -6 /* `ai_family' not supported. */ -# define EEI_SOCKTYPE -7 /* `ai_socktype' not supported. */ -# define EEI_SERVICE -8 /* SERVICE not supported for `ai_socktype'. */ -# define EEI_ADDRFAMILY -9 /* Address family for NAME not supported. */ -# define EEI_MEMORY -10 /* Memory allocation failure. */ -# define EEI_SYSTEM -11 /* System error returned in `errno'. */ +# define EEI_NONAME -2 /* NAME or SERVICE is unknown. */ +# define EEI_AGAIN -3 /* Temporary failure in name resolution. */ +# define EEI_FAIL -4 /* Non-recoverable failure in name res. */ +# define EEI_NODATA -5 /* No address associated with NAME. */ +# define EEI_FAMILY -6 /* `ai_family' not supported. */ +# define EEI_SOCKTYPE -7 /* `ai_socktype' not supported. */ +# define EEI_SERVICE -8 /* SERVICE not supported for `ai_socktype'. */ +# define EEI_ADDRFAMILY -9 /* Address family for NAME not supported. */ +# define EEI_MEMORY -10 /* Memory allocation failure. */ +# define EEI_SYSTEM -11 /* System error returned in `errno'. */ /* # ifdef __USE_GNU */ -# define EEI_INPROGRESS -100 /* Processing request in progress. */ -# define EEI_CANCELED -101 /* Request canceled. */ -# define EEI_NOTCANCELED -102 /* Request not canceled. */ -# define EEI_ALLDONE -103 /* All requests done. */ -# define EEI_INTR -104 /* Interrupted by a signal. */ +# define EEI_INPROGRESS -100 /* Processing request in progress. */ +# define EEI_CANCELED -101 /* Request canceled. */ +# define EEI_NOTCANCELED -102 /* Request not canceled. */ +# define EEI_ALLDONE -103 /* All requests done. */ +# define EEI_INTR -104 /* Interrupted by a signal. */ /* # endif */ /* The terminating \0 is excluded from STR_MAX */ -#define GEPI_HI_STR_MAX "46" /* Max number of chars in HI string */ -#define GEPI_HI_STR_VAL_MAX 46 -#define GEPI_FQDN_STR_MAX "255" /* Max number of chars in FQDN string */ -#define GEPI_FQDN_STR_VAL_MAX 255 +#define GEPI_HI_STR_MAX "46" /* Max number of chars in HI string */ +#define GEPI_HI_STR_VAL_MAX 46 +#define GEPI_FQDN_STR_MAX "255" /* Max number of chars in FQDN string */ +#define GEPI_FQDN_STR_VAL_MAX 255 // TODO PF_MAX ?? -#define PF_HIP 32 /* Host Identity Protocol */ +#define PF_HIP 32 /* Host Identity Protocol */ int load_hip_endpoint_pem(const char *filename, - struct endpoint **endpoint); + struct endpoint **endpoint); int setmyeid(struct sockaddr_eid *my_eid, - const char *servname, - const struct endpoint *endpoint, - const struct if_nameindex *ifaces); + const char *servname, + const struct endpoint *endpoint, + const struct if_nameindex *ifaces); const char *gepi_strerror(int errcode); /* Translate the name of a service name to a set of identifiers and locators.*/ -extern int getendpointinfo (const char *, - const char *, - const struct addrinfo *, - struct addrinfo **); +extern int getendpointinfo(const char *, + const char *, + const struct addrinfo *, + struct addrinfo **); /* Free `endpointinfo' structure ei including associated storage. */ -extern void free_endpointinfo (struct addrinfo *); +extern void free_endpointinfo(struct addrinfo *); int get_local_hits(const char *servname, struct gaih_addrtuple **adr); === modified file 'lib/core/getendpointinfo.h.doxyme' --- lib/core/getendpointinfo.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/getendpointinfo.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/getendpointinfo.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/hashchain.c' --- lib/core/hashchain.c 2010-01-19 09:28:42 +0000 +++ lib/core/hashchain.c 2010-02-10 23:55:24 +0000 @@ -21,7 +21,7 @@ #include "ife.h" /* these are not needed and therefore not implemented - right now but they should be used where necessary */ + * right now but they should be used where necessary */ #define HCHAIN_LOCK(lock_id) #define HCHAIN_UNLOCK(lock_id) @@ -29,45 +29,37 @@ * * @param hash_chain the hash chain to be printed */ -void hchain_print(const hash_chain_t * hash_chain) +void hchain_print(const hash_chain_t *hash_chain) { - int i; - - if (hash_chain) - { - HIP_DEBUG("Hash chain: %p\n", hash_chain); - - if(hash_chain->current_index < hash_chain->hchain_length) - { - HIP_HEXDUMP("currrent element: ", hchain_element_by_index(hash_chain, hash_chain->current_index), - hash_chain->hash_length); - } else - { - HIP_DEBUG(" -- hash chain not in use -- \n"); - } - - HIP_DEBUG("Remaining elements: %d\n", hchain_get_num_remaining(hash_chain)); - HIP_DEBUG(" - Contents:\n"); - - for (i = 0; i < hash_chain->hchain_length; i++) - { - if (i < hash_chain->current_index) - { - HIP_DEBUG("(+) element %i:\n", i + 1); - - } else - { - HIP_DEBUG("(-) element %i:\n", i + 1); - } - - HIP_HEXDUMP("\t", hchain_element_by_index(hash_chain, i), - hash_chain->hash_length); - } - - } else - { - HIP_DEBUG("Given hash chain was NULL!\n"); - } + int i; + + if (hash_chain) { + HIP_DEBUG("Hash chain: %p\n", hash_chain); + + if (hash_chain->current_index < hash_chain->hchain_length) { + HIP_HEXDUMP("currrent element: ", + hchain_element_by_index(hash_chain, hash_chain->current_index), + hash_chain->hash_length); + } else { + HIP_DEBUG(" -- hash chain not in use -- \n"); + } + + HIP_DEBUG("Remaining elements: %d\n", hchain_get_num_remaining(hash_chain)); + HIP_DEBUG(" - Contents:\n"); + + for (i = 0; i < hash_chain->hchain_length; i++) { + if (i < hash_chain->current_index) { + HIP_DEBUG("(+) element %i:\n", i + 1); + } else { + HIP_DEBUG("(-) element %i:\n", i + 1); + } + + HIP_HEXDUMP("\t", hchain_element_by_index(hash_chain, i), + hash_chain->hash_length); + } + } else { + HIP_DEBUG("Given hash chain was NULL!\n"); + } } /** checks if a hash is verifiable by a hash chain @@ -81,59 +73,61 @@ * @param secret_length length og the secret * @return hash distance if the hash authentication was successful, 0 otherwise */ -int hchain_verify(const unsigned char * current_hash, const unsigned char * last_hash, - const hash_function_t hash_function, const int hash_length, const int tolerance, - const unsigned char *secret, const int secret_length) +int hchain_verify(const unsigned char *current_hash, + const unsigned char *last_hash, + const hash_function_t hash_function, + const int hash_length, + const int tolerance, + const unsigned char *secret, + const int secret_length) { - /* stores intermediate hash results and allow to concat - * with a secret at each step */ - unsigned char buffer[MAX_HASH_LENGTH + secret_length]; - int err = 0, i; - - HIP_ASSERT(current_hash != NULL && last_hash != NULL); - HIP_ASSERT(hash_function != NULL); - HIP_ASSERT(hash_length > 0 && tolerance >= 0); - - // init buffer with the hash we want to verify - memcpy(buffer, current_hash, hash_length); - - if (secret && secret_length > 0) - { - HIP_HEXDUMP("secret: ", secret, secret_length); - } - - _HIP_HEXDUMP("comparing given hash: ", buffer, hash_length); - _HIP_DEBUG("\t<->\n"); - _HIP_HEXDUMP("last known hash: ", last_hash, hash_length); - - for(i = 1; i <= tolerance; i++) - { - _HIP_DEBUG("Calculating round %i:\n", i); - - // add the secret - if (secret != NULL && secret_length > 0) - memcpy(&buffer[hash_length], secret, secret_length); - - hash_function(buffer, hash_length + secret_length, buffer); - - _HIP_HEXDUMP("comparing buffer: ", buffer, hash_length); - _HIP_DEBUG("\t<->\n"); - _HIP_HEXDUMP("last known hash: ", last_hash, hash_length); - - // compare the elements - if(!(memcmp(buffer, last_hash, hash_length))) - { - HIP_DEBUG("hash verfied\n"); - - err = i; - goto out_err; - } - } - - HIP_DEBUG("no matches found within tolerance: %i!\n", tolerance); - - out_err: - return err; + /* stores intermediate hash results and allow to concat + * with a secret at each step */ + unsigned char buffer[MAX_HASH_LENGTH + secret_length]; + int err = 0, i; + + HIP_ASSERT(current_hash != NULL && last_hash != NULL); + HIP_ASSERT(hash_function != NULL); + HIP_ASSERT(hash_length > 0 && tolerance >= 0); + + // init buffer with the hash we want to verify + memcpy(buffer, current_hash, hash_length); + + if (secret && secret_length > 0) { + HIP_HEXDUMP("secret: ", secret, secret_length); + } + + _HIP_HEXDUMP("comparing given hash: ", buffer, hash_length); + _HIP_DEBUG("\t<->\n"); + _HIP_HEXDUMP("last known hash: ", last_hash, hash_length); + + for (i = 1; i <= tolerance; i++) { + _HIP_DEBUG("Calculating round %i:\n", i); + + // add the secret + if (secret != NULL && secret_length > 0) { + memcpy(&buffer[hash_length], secret, secret_length); + } + + hash_function(buffer, hash_length + secret_length, buffer); + + _HIP_HEXDUMP("comparing buffer: ", buffer, hash_length); + _HIP_DEBUG("\t<->\n"); + _HIP_HEXDUMP("last known hash: ", last_hash, hash_length); + + // compare the elements + if (!(memcmp(buffer, last_hash, hash_length))) { + HIP_DEBUG("hash verfied\n"); + + err = i; + goto out_err; + } + } + + HIP_DEBUG("no matches found within tolerance: %i!\n", tolerance); + +out_err: + return err; } /** creates a new hash chain @@ -145,91 +139,88 @@ * @param link_tree the link tree, if HHL is used * @return pointer to the newly created hash chain, NULL on error */ -hash_chain_t * hchain_create(const hash_function_t hash_function, const int hash_length, - const int hchain_length, const int hchain_hierarchy, hash_tree_t *link_tree) +hash_chain_t *hchain_create(const hash_function_t hash_function, + const int hash_length, + const int hchain_length, + const int hchain_hierarchy, + hash_tree_t *link_tree) { - hash_chain_t *hchain = NULL; - /* the hash function output might be longer than needed - * allocate enough memory for the hash function output - * - * @note we also allow a concatenation with the link tree root and the jump chain element here */ - unsigned char hash_value[3 * MAX_HASH_LENGTH]; - int hash_data_length = 0; - int i, err = 0; - - HIP_ASSERT(hash_function != NULL); - // make sure that the hash we want to use is smaller than the max output - HIP_ASSERT(hash_length > 0 && hash_length <= MAX_HASH_LENGTH); - HIP_ASSERT(hchain_length > 0); - HIP_ASSERT(!(hchain_hierarchy == 0 && link_tree)); - - // allocate memory for a new hash chain - HIP_IFEL(!(hchain = (hash_chain_t *) malloc(sizeof(hash_chain_t))), -1, - "failed to allocate memory\n"); - memset(hchain, 0, sizeof(hash_chain_t)); - - // allocate memory for the hash chain elements - HIP_IFEL(!(hchain->elements = (unsigned char *) malloc(hash_length * hchain_length)), -1, - "failed to allocate memory\n"); - memset(hchain->elements, 0, hash_length * hchain_length); - - // set the link tree if we are using different hierarchies - if (link_tree) - { - hchain->link_tree = link_tree; - hash_data_length = 2 * hash_length; - - } else - { - hchain->link_tree = NULL; - hash_data_length = hash_length; - } - - for (i = 0; i < hchain_length; i++) - { - if (i > 0) - { - // (input, input_length, output) -> output_length == 20 - HIP_IFEL(!(hash_function(hash_value, hash_data_length, hash_value)), -1, - "failed to calculate hash\n"); - // only consider highest bytes of digest with length of actual element - memcpy( &hchain->elements[i * hash_length], hash_value, hash_length); - } else - { - // random bytes as seed -> need a copy in hash_value for further computations - HIP_IFEL(RAND_bytes(hash_value, hash_length) <= 0, -1, - "failed to get random bytes for source element\n"); - - memcpy(&hchain->elements[i * hash_length], hash_value, hash_length); - } - - /* concatenate used part of the calculated hash with the link tree root */ - if (link_tree) - { - memcpy(&hash_value[hash_length], link_tree->root, link_tree->node_length); - } - - _HIP_HEXDUMP("element created: ", &hchain->elements[i], hash_length); - } - - hchain->hash_function = hash_function; - hchain->hash_length = hash_length; - hchain->hchain_length = hchain_length; - hchain->current_index = hchain_length; - hchain->hchain_hierarchy = hchain_hierarchy; - - HIP_DEBUG("Hash-chain with %i elements of length %i created!\n", hchain_length, - hash_length); - - out_err: - if (err) - { - // hchain was fully created - hchain_free(hchain); - hchain = NULL; - } - - return hchain; + hash_chain_t *hchain = NULL; + /* the hash function output might be longer than needed + * allocate enough memory for the hash function output + * + * @note we also allow a concatenation with the link tree root and the jump chain element here */ + unsigned char hash_value[3 * MAX_HASH_LENGTH]; + int hash_data_length = 0; + int i, err = 0; + + HIP_ASSERT(hash_function != NULL); + // make sure that the hash we want to use is smaller than the max output + HIP_ASSERT(hash_length > 0 && hash_length <= MAX_HASH_LENGTH); + HIP_ASSERT(hchain_length > 0); + HIP_ASSERT(!(hchain_hierarchy == 0 && link_tree)); + + // allocate memory for a new hash chain + HIP_IFEL(!(hchain = (hash_chain_t *) malloc(sizeof(hash_chain_t))), -1, + "failed to allocate memory\n"); + memset(hchain, 0, sizeof(hash_chain_t)); + + // allocate memory for the hash chain elements + HIP_IFEL(!(hchain->elements = (unsigned char *) malloc(hash_length * hchain_length)), + -1, + "failed to allocate memory\n"); + memset(hchain->elements, 0, hash_length * hchain_length); + + // set the link tree if we are using different hierarchies + if (link_tree) { + hchain->link_tree = link_tree; + hash_data_length = 2 * hash_length; + } else { + hchain->link_tree = NULL; + hash_data_length = hash_length; + } + + for (i = 0; i < hchain_length; i++) { + if (i > 0) { + // (input, input_length, output) -> output_length == 20 + HIP_IFEL(!(hash_function(hash_value, hash_data_length, hash_value)), -1, + "failed to calculate hash\n"); + // only consider highest bytes of digest with length of actual element + memcpy( &hchain->elements[i * hash_length], hash_value, hash_length); + } else { + // random bytes as seed -> need a copy in hash_value for further computations + HIP_IFEL(RAND_bytes(hash_value, hash_length) <= 0, -1, + "failed to get random bytes for source element\n"); + + memcpy(&hchain->elements[i * hash_length], hash_value, hash_length); + } + + /* concatenate used part of the calculated hash with the link tree root */ + if (link_tree) { + memcpy(&hash_value[hash_length], link_tree->root, link_tree->node_length); + } + + _HIP_HEXDUMP("element created: ", &hchain->elements[i], hash_length); + } + + hchain->hash_function = hash_function; + hchain->hash_length = hash_length; + hchain->hchain_length = hchain_length; + hchain->current_index = hchain_length; + hchain->hchain_hierarchy = hchain_hierarchy; + + HIP_DEBUG("Hash-chain with %i elements of length %i created!\n", + hchain_length, + hash_length); + +out_err: + if (err) { + // hchain was fully created + hchain_free(hchain); + hchain = NULL; + } + + return hchain; } /* getter function for the hash chain anchor element @@ -237,11 +228,11 @@ * @param hash_chain hash chain from which the anchor should be returned * @return anchor element of the given hash chain */ -unsigned char * hchain_get_anchor(const hash_chain_t *hash_chain) +unsigned char *hchain_get_anchor(const hash_chain_t *hash_chain) { - HIP_ASSERT(hash_chain); + HIP_ASSERT(hash_chain); - return hchain_element_by_index(hash_chain, hash_chain->hchain_length - 1); + return hchain_element_by_index(hash_chain, hash_chain->hchain_length - 1); } /* getter function for the hash chain seed element @@ -249,11 +240,11 @@ * @param hash_chain hash chain from which the seed should be returned * @return seed element of the given hash chain */ -unsigned char * hchain_get_seed(const hash_chain_t *hash_chain) +unsigned char *hchain_get_seed(const hash_chain_t *hash_chain) { - HIP_ASSERT(hash_chain); + HIP_ASSERT(hash_chain); - return hchain_element_by_index(hash_chain, 0); + return hchain_element_by_index(hash_chain, 0); } /* getter function for a specific element of the given hash chain @@ -262,32 +253,30 @@ * @param index index to the hash chain element * @return element of the given hash chain */ -unsigned char * hchain_element_by_index(const hash_chain_t *hash_chain, const int index) +unsigned char *hchain_element_by_index(const hash_chain_t *hash_chain, const int index) { - unsigned char *element = NULL; - int err = 0; - - HIP_ASSERT(hash_chain); - - if (index >= 0 && index < hash_chain->hchain_length) - { - element = &hash_chain->elements[index * hash_chain->hash_length]; - - } else - { - HIP_ERROR("Element from uninited hash chain or out-of-bound element requested!"); - - err = -1; - goto out_err; - } - - HIP_HEXDUMP("Hash chain element: ", element, hash_chain->hash_length); - - out_err: - if (err) - element = NULL; - - return element; + unsigned char *element = NULL; + int err = 0; + + HIP_ASSERT(hash_chain); + + if (index >= 0 && index < hash_chain->hchain_length) { + element = &hash_chain->elements[index * hash_chain->hash_length]; + } else { + HIP_ERROR("Element from uninited hash chain or out-of-bound element requested!"); + + err = -1; + goto out_err; + } + + HIP_HEXDUMP("Hash chain element: ", element, hash_chain->hash_length); + +out_err: + if (err) { + element = NULL; + } + + return element; } /* setter function for a specific index of the given hash chain @@ -298,14 +287,14 @@ */ int hchain_set_current_index(hash_chain_t *hash_chain, const int index) { - int err = 0; - - HIP_ASSERT(hash_chain); - HIP_ASSERT(index >= 0 && index <= hash_chain->hchain_length); - - hash_chain->current_index = index; - - return err; + int err = 0; + + HIP_ASSERT(hash_chain); + HIP_ASSERT(index >= 0 && index <= hash_chain->hchain_length); + + hash_chain->current_index = index; + + return err; } /** returns the next element of the hash chain but does not advance the current element @@ -315,13 +304,13 @@ * @param hash_chain the hash chain * @return next element of the hash chain or NULL if the hash chain reached boundary */ -unsigned char * hchain_next(const hash_chain_t *hash_chain) +unsigned char *hchain_next(const hash_chain_t *hash_chain) { - unsigned char *element = NULL; - - element = hchain_element_by_index(hash_chain, hash_chain->current_index - 1); - - return element; + unsigned char *element = NULL; + + element = hchain_element_by_index(hash_chain, hash_chain->current_index - 1); + + return element; } /** returns the previous element of the hash chain but does not advance the current element @@ -330,13 +319,13 @@ * @param hash_chain given hash chain * @return previous element of the hash chain or NULL if the hash chain reached boundary */ -unsigned char * hchain_previous(const hash_chain_t * hash_chain) +unsigned char *hchain_previous(const hash_chain_t *hash_chain) { - unsigned char *element = NULL; - - element = hchain_element_by_index(hash_chain, hash_chain->current_index + 1); - - return element; + unsigned char *element = NULL; + + element = hchain_element_by_index(hash_chain, hash_chain->current_index + 1); + + return element; } /** returns the current element of the hash chain but does not advance the current element @@ -345,13 +334,13 @@ * @param hash_chain given hash chain * @return current element of the hash chain or NULL if the hash chain reached boundary */ -unsigned char * hchain_current(const hash_chain_t *hash_chain) +unsigned char *hchain_current(const hash_chain_t *hash_chain) { - unsigned char *element = NULL; - - element = hchain_element_by_index(hash_chain, hash_chain->current_index); - - return element; + unsigned char *element = NULL; + + element = hchain_element_by_index(hash_chain, hash_chain->current_index); + + return element; } /** removes and returns the next element from the hash chain advances current element pointer @@ -359,18 +348,18 @@ * @param hash_chain hash chain which has to be popped * @return pointer to the next hashchain element or NULL if the hash chain is depleted */ -unsigned char * hchain_pop(hash_chain_t * hash_chain) +unsigned char *hchain_pop(hash_chain_t *hash_chain) { - unsigned char *element = NULL; - - HIP_ASSERT(hash_chain); - - HCHAIN_LOCK(&hash_chain); - element = hchain_next(hash_chain); - hash_chain->current_index--; - HCHAIN_UNLOCK(&hash_chain); - - return element; + unsigned char *element = NULL; + + HIP_ASSERT(hash_chain); + + HCHAIN_LOCK(&hash_chain); + element = hchain_next(hash_chain); + hash_chain->current_index--; + HCHAIN_UNLOCK(&hash_chain); + + return element; } /** returns the previous element from the hash chain and decreases current element pointer @@ -378,18 +367,18 @@ * @param hash_chain hash chain which has to be popped * @return pointer to the previous hashchain element or NULL if the hash chain is depleted */ -unsigned char * hchain_push(hash_chain_t * hash_chain) +unsigned char *hchain_push(hash_chain_t *hash_chain) { - unsigned char *element = NULL; - - HIP_ASSERT(hash_chain); - - HCHAIN_LOCK(&hash_chain); - element = hchain_previous(hash_chain); - hash_chain->current_index++; - HCHAIN_UNLOCK(&hash_chain); - - return element; + unsigned char *element = NULL; + + HIP_ASSERT(hash_chain); + + HCHAIN_LOCK(&hash_chain); + element = hchain_previous(hash_chain); + hash_chain->current_index++; + HCHAIN_UNLOCK(&hash_chain); + + return element; } /** resets the pointer to the current element @@ -399,11 +388,11 @@ */ int hchain_reset(hash_chain_t *hash_chain) { - int err = 0; - - hash_chain->current_index = hash_chain->hchain_length; - - return err; + int err = 0; + + hash_chain->current_index = hash_chain->hchain_length; + + return err; } /** delete hash chain and free memory @@ -413,22 +402,22 @@ */ int hchain_free(hash_chain_t *hash_chain) { - int err = 0; - - if(hash_chain) - { - htree_free(hash_chain->link_tree); - hash_chain->link_tree = NULL; - - if (hash_chain->elements) - free(hash_chain->elements); - - free(hash_chain); - } - - HIP_DEBUG("all hash-chain elements and dependencies freed\n"); - - return err; + int err = 0; + + if (hash_chain) { + htree_free(hash_chain->link_tree); + hash_chain->link_tree = NULL; + + if (hash_chain->elements) { + free(hash_chain->elements); + } + + free(hash_chain); + } + + HIP_DEBUG("all hash-chain elements and dependencies freed\n"); + + return err; } /** accessor function which returns the number of remaining hash chain elements @@ -436,7 +425,7 @@ * @param hash_chain the hash chain * @return number of remaining elements */ -int hchain_get_num_remaining(const hash_chain_t * hash_chain) +int hchain_get_num_remaining(const hash_chain_t *hash_chain) { - return hash_chain->current_index; + return hash_chain->current_index; } === modified file 'lib/core/hashchain.h' --- lib/core/hashchain.h 2010-02-06 15:19:35 +0000 +++ lib/core/hashchain.h 2010-02-10 23:55:24 +0000 @@ -28,47 +28,55 @@ /* hash function used for the creation and verification of the hash chain */ #ifndef CONFIG_HIP_MAEMO -typedef unsigned char * (*hash_function_t)(const unsigned char *, size_t, - unsigned char *); +typedef unsigned char * (*hash_function_t)(const unsigned char *, + size_t, + unsigned char *); #else /* The maemo environment uses a different version of the OpenSSL library */ -typedef unsigned char * (*hash_function_t)(const unsigned char *, unsigned long, - unsigned char *); +typedef unsigned char * (*hash_function_t)(const unsigned char *, + unsigned long, + unsigned char *); #endif -typedef struct hash_chain -{ - /* pointer to the hash-function used to create and verify the hchain - * - * @note params: (in_buffer, in_length, out_buffer) - * @note out_buffer should be size MAX_HASH_LENGTH */ - hash_function_t hash_function; - int hash_length; /* length of the hashes, of which the hchain consist */ - int hchain_length; /* number of initial elements in the hash-chain */ - int hchain_hierarchy; /* hierarchy this hchain belongs to */ - int current_index; /* index to currently revealed element for hchain traversal*/ - unsigned char * elements; /* array containing the elements of the hash chain*/ - hash_tree_t *link_tree; /* pointer to a hash tree for linking hchains */ +typedef struct hash_chain { + /* pointer to the hash-function used to create and verify the hchain + * + * @note params: (in_buffer, in_length, out_buffer) + * @note out_buffer should be size MAX_HASH_LENGTH */ + hash_function_t hash_function; + int hash_length; /* length of the hashes, of which the hchain consist */ + int hchain_length; /* number of initial elements in the hash-chain */ + int hchain_hierarchy; /* hierarchy this hchain belongs to */ + int current_index; /* index to currently revealed element for hchain traversal*/ + unsigned char * elements; /* array containing the elements of the hash chain*/ + hash_tree_t * link_tree; /* pointer to a hash tree for linking hchains */ } hash_chain_t; - -void hchain_print(const hash_chain_t * hash_chain); -int hchain_verify(const unsigned char * current_hash, const unsigned char * last_hash, - const hash_function_t hash_function, const int hash_length, const int tolerance, - const unsigned char *secret, const int secret_length); -hash_chain_t * hchain_create(const hash_function_t hash_function, const int hash_length, - const int hchain_length, const int hchain_hierarchy, hash_tree_t *link_tree); -unsigned char * hchain_get_anchor(const hash_chain_t *hash_chain); -unsigned char * hchain_get_seed(const hash_chain_t *hash_chain); -unsigned char * hchain_element_by_index(const hash_chain_t *hash_chain, const int index); -unsigned char * hchain_next(const hash_chain_t *hash_chain); -unsigned char * hchain_previous(const hash_chain_t * hash_chain); +void hchain_print(const hash_chain_t *hash_chain); +int hchain_verify(const unsigned char *current_hash, + const unsigned char *last_hash, + const hash_function_t hash_function, + const int hash_length, + const int tolerance, + const unsigned char *secret, + const int secret_length); +hash_chain_t *hchain_create(const hash_function_t hash_function, + const int hash_length, + const int hchain_length, + const int hchain_hierarchy, + hash_tree_t *link_tree); +unsigned char *hchain_get_anchor(const hash_chain_t *hash_chain); +unsigned char *hchain_get_seed(const hash_chain_t *hash_chain); +unsigned char *hchain_element_by_index(const hash_chain_t *hash_chain, + const int index); +unsigned char *hchain_next(const hash_chain_t *hash_chain); +unsigned char *hchain_previous(const hash_chain_t *hash_chain); int hchain_set_current_index(hash_chain_t *hash_chain, const int index); -unsigned char * hchain_current(const hash_chain_t *hash_chain); -unsigned char * hchain_pop(hash_chain_t * hash_chain); -unsigned char * hchain_push(hash_chain_t * hash_chain); +unsigned char *hchain_current(const hash_chain_t *hash_chain); +unsigned char *hchain_pop(hash_chain_t *hash_chain); +unsigned char *hchain_push(hash_chain_t *hash_chain); int hchain_reset(hash_chain_t *hash_chain); int hchain_free(hash_chain_t *hash_chain); -int hchain_get_num_remaining(const hash_chain_t * hash_chain); +int hchain_get_num_remaining(const hash_chain_t *hash_chain); #endif /*HASH_CHAIN_H*/ === modified file 'lib/core/hashchain_store.c' --- lib/core/hashchain_store.c 2010-01-19 09:28:42 +0000 +++ lib/core/hashchain_store.c 2010-02-10 23:55:24 +0000 @@ -24,7 +24,7 @@ */ static void hcstore_free_hchain(void *hchain) { - hchain_free((hash_chain_t *) hchain); + hchain_free((hash_chain_t *) hchain); } /** helper function to free a hash tree @@ -33,7 +33,7 @@ */ static void hcstore_free_htree(void *htree) { - htree_free((hash_tree_t *) htree); + htree_free((hash_tree_t *) htree); } /** initializes a new hash item store @@ -43,46 +43,44 @@ * @param refill_threshold the threshold below which a hierarchy level will be refilled * @return always returns 0 */ -int hcstore_init(hchain_store_t *hcstore, const int num_hchains_per_item, const double refill_threshold) +int hcstore_init(hchain_store_t *hcstore, + const int num_hchains_per_item, + const double refill_threshold) { - int err = 0, i, j, g, h; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(num_hchains_per_item >= 0); - HIP_ASSERT(refill_threshold >= 0 && refill_threshold <= 1); - - // set global values - hcstore->num_hchains_per_item = num_hchains_per_item; - hcstore->refill_threshold = refill_threshold; - - hcstore->num_functions = 0; - - for (i = 0; i < MAX_FUNCTIONS; i++) - { - hcstore->hash_functions[i] = NULL; - hcstore->num_hash_lengths[i] = 0; - - for (j = 0; j < MAX_NUM_HASH_LENGTH; j++) - { - hcstore->hash_lengths[i][j] = 0; - hcstore->hchain_shelves[i][j].num_hchain_lengths = 0; - - for (g = 0; g < MAX_NUM_HCHAIN_LENGTH; g++) - { - hcstore->hchain_shelves[i][j].hchain_lengths[g] = 0; - hcstore->hchain_shelves[i][j].num_hierarchies[g] = 0; - - for (h = 0; h < MAX_NUM_HIERARCHIES; h++) - { - hip_ll_init(&hcstore->hchain_shelves[i][j].hchains[g][h]); - } - } - } - } - - HIP_DEBUG("hash-chain store initialized\n"); - - return err; + int err = 0, i, j, g, h; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(num_hchains_per_item >= 0); + HIP_ASSERT(refill_threshold >= 0 && refill_threshold <= 1); + + // set global values + hcstore->num_hchains_per_item = num_hchains_per_item; + hcstore->refill_threshold = refill_threshold; + + hcstore->num_functions = 0; + + for (i = 0; i < MAX_FUNCTIONS; i++) { + hcstore->hash_functions[i] = NULL; + hcstore->num_hash_lengths[i] = 0; + + for (j = 0; j < MAX_NUM_HASH_LENGTH; j++) { + hcstore->hash_lengths[i][j] = 0; + hcstore->hchain_shelves[i][j].num_hchain_lengths = 0; + + for (g = 0; g < MAX_NUM_HCHAIN_LENGTH; g++) { + hcstore->hchain_shelves[i][j].hchain_lengths[g] = 0; + hcstore->hchain_shelves[i][j].num_hierarchies[g] = 0; + + for (h = 0; h < MAX_NUM_HIERARCHIES; h++) { + hip_ll_init(&hcstore->hchain_shelves[i][j].hchains[g][h]); + } + } + } + } + + HIP_DEBUG("hash-chain store initialized\n"); + + return err; } /** un-initializes a hash structure store @@ -92,44 +90,38 @@ */ void hcstore_uninit(hchain_store_t *hcstore, const int use_hash_trees) { - int i, j, g, h; - - HIP_ASSERT(hcstore != NULL); - - hcstore->num_functions = 0; - - for (i = 0; i < MAX_FUNCTIONS; i++) - { - hcstore->hash_functions[i] = NULL; - hcstore->num_hash_lengths[i] = 0; - - for (j = 0; j < MAX_NUM_HASH_LENGTH; j++) - { - hcstore->hash_lengths[i][j] = 0; - hcstore->hchain_shelves[i][j].num_hchain_lengths = 0; - - for (g = 0; g < MAX_NUM_HCHAIN_LENGTH; g++) - { - hcstore->hchain_shelves[i][j].hchain_lengths[g] = 0; - hcstore->hchain_shelves[i][j].num_hierarchies[g] = 0; - - for (h = 0; h < MAX_NUM_HIERARCHIES; h++) - { - if (use_hash_trees) - { - hip_ll_uninit(&hcstore->hchain_shelves[i][j].hchains[g][h], - hcstore_free_htree); - } else - { - hip_ll_uninit(&hcstore->hchain_shelves[i][j].hchains[g][h], - hcstore_free_hchain); - } - } - } - } - } - - HIP_DEBUG("hash-chain store uninitialized\n"); + int i, j, g, h; + + HIP_ASSERT(hcstore != NULL); + + hcstore->num_functions = 0; + + for (i = 0; i < MAX_FUNCTIONS; i++) { + hcstore->hash_functions[i] = NULL; + hcstore->num_hash_lengths[i] = 0; + + for (j = 0; j < MAX_NUM_HASH_LENGTH; j++) { + hcstore->hash_lengths[i][j] = 0; + hcstore->hchain_shelves[i][j].num_hchain_lengths = 0; + + for (g = 0; g < MAX_NUM_HCHAIN_LENGTH; g++) { + hcstore->hchain_shelves[i][j].hchain_lengths[g] = 0; + hcstore->hchain_shelves[i][j].num_hierarchies[g] = 0; + + for (h = 0; h < MAX_NUM_HIERARCHIES; h++) { + if (use_hash_trees) { + hip_ll_uninit(&hcstore->hchain_shelves[i][j].hchains[g][h], + hcstore_free_htree); + } else { + hip_ll_uninit(&hcstore->hchain_shelves[i][j].hchains[g][h], + hcstore_free_hchain); + } + } + } + } + } + + HIP_DEBUG("hash-chain store uninitialized\n"); } /** registers a new hash function for utilization in the store @@ -139,38 +131,37 @@ * @return returns the index to the hash function in the store, * -1 if MAX_FUNCTIONS is reached */ -int hcstore_register_function(hchain_store_t *hcstore, const hash_function_t hash_function) +int hcstore_register_function(hchain_store_t *hcstore, + const hash_function_t hash_function) { - int err = 0, i; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(hash_function != NULL); - - // first check that there's still some space left - HIP_IFEL(hcstore->num_functions == MAX_FUNCTIONS, -1, - "space for function-storage is full\n"); - - // also check if the function is already stored - for (i = 0; i < hcstore->num_functions; i++) - { - if (hcstore->hash_functions[i] == hash_function) - { - HIP_DEBUG("hchain store already contains this function\n"); - - err = i; - goto out_err; - } - } - - // store the hash-function - err = hcstore->num_functions; - hcstore->hash_functions[hcstore->num_functions] = hash_function; - hcstore->num_functions++; - - HIP_DEBUG("hash function successfully registered\n"); - - out_err: - return err; + int err = 0, i; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(hash_function != NULL); + + // first check that there's still some space left + HIP_IFEL(hcstore->num_functions == MAX_FUNCTIONS, -1, + "space for function-storage is full\n"); + + // also check if the function is already stored + for (i = 0; i < hcstore->num_functions; i++) { + if (hcstore->hash_functions[i] == hash_function) { + HIP_DEBUG("hchain store already contains this function\n"); + + err = i; + goto out_err; + } + } + + // store the hash-function + err = hcstore->num_functions; + hcstore->hash_functions[hcstore->num_functions] = hash_function; + hcstore->num_functions++; + + HIP_DEBUG("hash function successfully registered\n"); + +out_err: + return err; } /** registers a new hash length for utilization in the store @@ -182,40 +173,37 @@ * -1 if MAX_NUM_HASH_LENGTH is reached */ int hcstore_register_hash_length(hchain_store_t *hcstore, const int function_id, - const int hash_length) + const int hash_length) { - int err = 0, i; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length > 0); - - // first check that there's still some space left - HIP_IFEL(hcstore->num_hash_lengths[function_id] == MAX_NUM_HASH_LENGTH, -1, - "space for hash_length-storage is full\n"); - - // also check if the hash length is already stored for this function - for (i = 0; i < hcstore->num_hash_lengths[function_id]; i++) - { - if (hcstore->hash_lengths[function_id][i] == hash_length) - { - HIP_DEBUG("hchain store already contains this hash length\n"); - - err = i; - goto out_err; - } - } - - // store the hash length - err = hcstore->num_hash_lengths[function_id]; - hcstore->hash_lengths[function_id][hcstore->num_hash_lengths[function_id]] = - hash_length; - hcstore->num_hash_lengths[function_id]++; - - HIP_DEBUG("hash length successfully registered\n"); - - out_err: - return err; + int err = 0, i; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length > 0); + + // first check that there's still some space left + HIP_IFEL(hcstore->num_hash_lengths[function_id] == MAX_NUM_HASH_LENGTH, -1, + "space for hash_length-storage is full\n"); + + // also check if the hash length is already stored for this function + for (i = 0; i < hcstore->num_hash_lengths[function_id]; i++) { + if (hcstore->hash_lengths[function_id][i] == hash_length) { + HIP_DEBUG("hchain store already contains this hash length\n"); + + err = i; + goto out_err; + } + } + + // store the hash length + err = hcstore->num_hash_lengths[function_id]; + hcstore->hash_lengths[function_id][hcstore->num_hash_lengths[function_id]] = hash_length; + hcstore->num_hash_lengths[function_id]++; + + HIP_DEBUG("hash length successfully registered\n"); + +out_err: + return err; } /** registers a new hash structure length for utilization in the store @@ -227,46 +215,46 @@ * @return returns the index to the hash structure length in the store, * -1 if MAX_NUM_HCHAIN_LENGTH is reached */ -int hcstore_register_hash_item_length(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hitem_length) +int hcstore_register_hash_item_length(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hitem_length) { - int err = 0, i; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length_id >= 0 - && hash_length_id < hcstore->num_hash_lengths[function_id]); - HIP_ASSERT(hitem_length > 0); - - // first check that there's still some space left - HIP_IFEL(hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths - == MAX_NUM_HCHAIN_LENGTH, -1, "space for hchain_length-storage is full\n"); - - // also check if the hash length is already stored for this function - for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. - num_hchain_lengths; i++) - { - if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] - == hitem_length) - { - HIP_DEBUG("hchain store already contains this hchain length\n"); - - err = i; - goto out_err; - } - } - - // store the hchain length - err = hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths; - hcstore->hchain_shelves[function_id][hash_length_id]. - hchain_lengths[hcstore->hchain_shelves[function_id][hash_length_id]. - num_hchain_lengths] = hitem_length; - hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths++; - - HIP_DEBUG("hchain length successfully registered\n"); - - out_err: - return err; + int err = 0, i; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length_id >= 0 + && hash_length_id < hcstore->num_hash_lengths[function_id]); + HIP_ASSERT(hitem_length > 0); + + // first check that there's still some space left + HIP_IFEL(hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths + == MAX_NUM_HCHAIN_LENGTH, -1, "space for hchain_length-storage is full\n"); + + // also check if the hash length is already stored for this function + for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. + num_hchain_lengths; i++) { + if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] + == hitem_length) { + HIP_DEBUG("hchain store already contains this hchain length\n"); + + err = i; + goto out_err; + } + } + + // store the hchain length + err = hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths; + hcstore->hchain_shelves[function_id][hash_length_id]. + hchain_lengths[hcstore->hchain_shelves[function_id][hash_length_id]. + num_hchain_lengths] = hitem_length; + hcstore->hchain_shelves[function_id][hash_length_id].num_hchain_lengths++; + + HIP_DEBUG("hchain length successfully registered\n"); + +out_err: + return err; } /** registers additional hierarchy levels for utilization in the store @@ -277,52 +265,53 @@ * @param hitem_length hash length to be added * @return returns the hierarchy count, -1 if MAX_NUM_HIERARCHIES is reached */ -int hcstore_register_hash_item_hierarchy(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hitem_length, const int addtional_hierarchies) +int hcstore_register_hash_item_hierarchy(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hitem_length, + const int addtional_hierarchies) { - int item_offset = -1; - int err = 0, i; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length_id >= 0 - && hash_length_id < hcstore->num_hash_lengths[function_id]); - HIP_ASSERT(hitem_length > 0); - HIP_ASSERT(addtional_hierarchies > 0); - - // first find the correct hchain item - for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. - num_hchain_lengths; i++) - { - if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] - == hitem_length) - { - // set item_offset - item_offset = i; - - break; - } - } - - // handle unregistered hchain length - HIP_IFEL(item_offset < 0, -1, "hchain with unregistered hchain length requested\n"); - - // first check that there's still enough space left - HIP_IFEL(hcstore->hchain_shelves[function_id][hash_length_id]. - num_hierarchies[item_offset] + addtional_hierarchies > - MAX_NUM_HIERARCHIES, -1, - "insufficient space in hchain_hierarchies-storage\n"); - - // add hierarchies - hcstore->hchain_shelves[function_id][hash_length_id]. - num_hierarchies[item_offset] += addtional_hierarchies; - err = hcstore->hchain_shelves[function_id][hash_length_id]. - num_hierarchies[item_offset]; - - HIP_DEBUG("additional hchain hierarchies successfully registered\n"); - - out_err: - return err; + int item_offset = -1; + int err = 0, i; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length_id >= 0 + && hash_length_id < hcstore->num_hash_lengths[function_id]); + HIP_ASSERT(hitem_length > 0); + HIP_ASSERT(addtional_hierarchies > 0); + + // first find the correct hchain item + for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. + num_hchain_lengths; i++) { + if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] + == hitem_length) { + // set item_offset + item_offset = i; + + break; + } + } + + // handle unregistered hchain length + HIP_IFEL(item_offset < 0, -1, "hchain with unregistered hchain length requested\n"); + + // first check that there's still enough space left + HIP_IFEL(hcstore->hchain_shelves[function_id][hash_length_id]. + num_hierarchies[item_offset] + addtional_hierarchies > + MAX_NUM_HIERARCHIES, -1, + "insufficient space in hchain_hierarchies-storage\n"); + + // add hierarchies + hcstore->hchain_shelves[function_id][hash_length_id]. + num_hierarchies[item_offset] += addtional_hierarchies; + err = hcstore->hchain_shelves[function_id][hash_length_id]. + num_hierarchies[item_offset]; + + HIP_DEBUG("additional hchain hierarchies successfully registered\n"); + +out_err: + return err; } /** helper function to refill the store @@ -336,157 +325,164 @@ * @param use_hash_trees indicates whether hash chains or hash trees are stored * @return number of created hash structures, -1 in case of an error */ -static int hcstore_fill_item(hchain_store_t *hcstore, const int hash_func_id, const int hash_length_id, - const int hchain_length_id, const int hierarchy_level, const int update_higher_level, - const int use_hash_trees) +static int hcstore_fill_item(hchain_store_t *hcstore, + const int hash_func_id, + const int hash_length_id, + const int hchain_length_id, + const int hierarchy_level, + const int update_higher_level, + const int use_hash_trees) { - hash_chain_t *hchain = NULL; - hash_tree_t *htree = NULL; - hash_tree_t *link_tree = NULL; - hash_function_t hash_function = NULL; - int hash_length = 0, hchain_length = 0; - int create_hchains = 0; - hash_chain_t *tmp_hchain = NULL; - hash_tree_t *tmp_htree = NULL; - unsigned char *root = NULL; - int root_length = 0; - int err = 0, i, j; - - // set necessary parameters - hash_function = hcstore->hash_functions[hash_func_id]; - hash_length = hcstore->hash_lengths[hash_func_id][hash_length_id]; - hchain_length = hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchain_lengths[hchain_length_id]; - - // how many hchains are missing to fill up the item again - create_hchains = hcstore->num_hchains_per_item - - hip_ll_get_size(&hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level]); - - // only update if we reached the threshold or higher level update - if ((create_hchains >= hcstore->refill_threshold * hcstore->num_hchains_per_item) || - update_higher_level) - { - if (hierarchy_level > 0) - { - /* if we refill a higher level, first make sure the lower levels - * are full */ - HIP_IFEL((err = hcstore_fill_item(hcstore, hash_func_id, hash_length_id, - hchain_length_id, hierarchy_level - 1, 1, use_hash_trees)) < 0, -1, - "failed to fill item\n"); - } - - // create one hchain at a time - for (i = 0; i < create_hchains; i++) - { - // hierarchy level 0 does not use any link trees - link_tree = NULL; - root = NULL; - root_length = 0; - - if (hierarchy_level > 0) - { - // right now the trees only support hashes of 20 bytes - HIP_ASSERT(hash_length == 20); - - // create a link tree for each hchain on level > 0 - link_tree = htree_init(hcstore->num_hchains_per_item, hash_length, - hash_length, hash_length, NULL, 0); - htree_add_random_secrets(link_tree); - - // lower items should be full by now - HIP_ASSERT(hip_ll_get_size( - &hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level - 1]) == - hcstore->num_hchains_per_item); - - // add the anchors of the next lower level as data - for (j = 0; j < hcstore->num_hchains_per_item; j++) - { - if (use_hash_trees) - { - tmp_htree = (hash_tree_t *) hip_ll_get( - &hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level - 1], j); - - htree_add_data(link_tree, tmp_htree->root, - hash_length); - } else - { - tmp_hchain = (hash_chain_t *) hip_ll_get( - &hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level - 1], j); - - htree_add_data(link_tree, hchain_get_anchor(tmp_hchain), - hash_length); - } - } - - // calculate the tree - htree_calc_nodes(link_tree, htree_leaf_generator, - htree_node_generator, NULL); - } - - if (use_hash_trees) - { - // create a new htree - HIP_IFEL(!(htree = htree_init(hchain_length, hash_length, - hash_length, 0, link_tree, hierarchy_level)), -1, - "failed to alloc memory or to init htree\n"); - HIP_IFEL(htree_add_random_data(htree, hchain_length), -1, - "failed to add random secrets\n"); - - // calculate the tree - HIP_IFEL(htree_calc_nodes(htree, htree_leaf_generator, - htree_node_generator, NULL), -1, - "failed to calculate tree nodes\n"); - - // add it as last element to have some circulation - HIP_IFEL(hip_ll_add_last( - &hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level], htree), -1, - "failed to store new htree\n"); - } - else { - // create a new hchain - HIP_IFEL(!(hchain = hchain_create(hash_function, hash_length, - hchain_length, hierarchy_level, link_tree)), -1, - "failed to create new hchain\n"); - - // add it as last element to have some circulation - HIP_IFEL(hip_ll_add_last( - &hcstore->hchain_shelves[hash_func_id][hash_length_id]. - hchains[hchain_length_id][hierarchy_level], hchain), -1, - "failed to store new hchain\n"); - } + hash_chain_t *hchain = NULL; + hash_tree_t *htree = NULL; + hash_tree_t *link_tree = NULL; + hash_function_t hash_function = NULL; + int hash_length = 0, hchain_length = 0; + int create_hchains = 0; + hash_chain_t *tmp_hchain = NULL; + hash_tree_t *tmp_htree = NULL; + unsigned char *root = NULL; + int root_length = 0; + int err = 0, i, j; + + // set necessary parameters + hash_function = hcstore->hash_functions[hash_func_id]; + hash_length = hcstore->hash_lengths[hash_func_id][hash_length_id]; + hchain_length = hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchain_lengths[hchain_length_id]; + + // how many hchains are missing to fill up the item again + create_hchains = hcstore->num_hchains_per_item + - hip_ll_get_size(&hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level]); + + // only update if we reached the threshold or higher level update + if ((create_hchains >= hcstore->refill_threshold * hcstore->num_hchains_per_item) || + update_higher_level) { + if (hierarchy_level > 0) { + /* if we refill a higher level, first make sure the lower levels + * are full */ + HIP_IFEL((err = hcstore_fill_item(hcstore, + hash_func_id, + hash_length_id, + hchain_length_id, + hierarchy_level - 1, + 1, + use_hash_trees)) < 0, + -1, + "failed to fill item\n"); + } + + // create one hchain at a time + for (i = 0; i < create_hchains; i++) { + // hierarchy level 0 does not use any link trees + link_tree = NULL; + root = NULL; + root_length = 0; + + if (hierarchy_level > 0) { + // right now the trees only support hashes of 20 bytes + HIP_ASSERT(hash_length == 20); + + // create a link tree for each hchain on level > 0 + link_tree = htree_init(hcstore->num_hchains_per_item, hash_length, + hash_length, hash_length, NULL, 0); + htree_add_random_secrets(link_tree); + + // lower items should be full by now + HIP_ASSERT(hip_ll_get_size( + &hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level - 1]) == + hcstore->num_hchains_per_item); + + // add the anchors of the next lower level as data + for (j = 0; j < hcstore->num_hchains_per_item; j++) { + if (use_hash_trees) { + tmp_htree = (hash_tree_t *) hip_ll_get( + &hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level - 1], j); + + htree_add_data(link_tree, tmp_htree->root, + hash_length); + } else { + tmp_hchain = (hash_chain_t *) hip_ll_get( + &hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level - 1], j); + + htree_add_data(link_tree, hchain_get_anchor(tmp_hchain), + hash_length); + } + } + + // calculate the tree + htree_calc_nodes(link_tree, htree_leaf_generator, + htree_node_generator, NULL); + } + + if (use_hash_trees) { + // create a new htree + HIP_IFEL(!(htree = htree_init(hchain_length, + hash_length, + hash_length, + 0, + link_tree, + hierarchy_level)), + -1, + "failed to alloc memory or to init htree\n"); + HIP_IFEL(htree_add_random_data(htree, hchain_length), + -1, + "failed to add random secrets\n"); + + // calculate the tree + HIP_IFEL(htree_calc_nodes(htree, + htree_leaf_generator, + htree_node_generator, + NULL), + -1, + "failed to calculate tree nodes\n"); + + // add it as last element to have some circulation + HIP_IFEL(hip_ll_add_last( + &hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level], htree), -1, + "failed to store new htree\n"); + } else { + // create a new hchain + HIP_IFEL(!(hchain = hchain_create(hash_function, hash_length, + hchain_length, hierarchy_level, link_tree)), -1, + "failed to create new hchain\n"); + + // add it as last element to have some circulation + HIP_IFEL(hip_ll_add_last( + &hcstore->hchain_shelves[hash_func_id][hash_length_id]. + hchains[hchain_length_id][hierarchy_level], hchain), -1, + "failed to store new hchain\n"); + } // useful for testing #if 0 - if (hchain->link_tree) - { - /* if the next_hchain has got a link_tree, we need its root for - * the verification of the next_hchain's elements */ - root = htree_get_root(hchain->link_tree, &root_length); - } + if (hchain->link_tree) { + /* if the next_hchain has got a link_tree, we need its root for + * the verification of the next_hchain's elements */ + root = htree_get_root(hchain->link_tree, &root_length); + } - if (!hchain_verify(hchain->source_element->hash, - hchain->anchor_element->hash, hash_function, - hash_length, hchain->hchain_length, - root, root_length)) - { - HIP_DEBUG("failed to verify next_hchain\n"); - } + if (!hchain_verify(hchain->source_element->hash, + hchain->anchor_element->hash, hash_function, + hash_length, hchain->hchain_length, + root, root_length)) { + HIP_DEBUG("failed to verify next_hchain\n"); + } #endif - - } - - err += create_hchains; - } - - HIP_DEBUG("created %i hchains on hierarchy level %i\n", err, hierarchy_level); - - out_err: - return err; + } + + err += create_hchains; + } + + HIP_DEBUG("created %i hchains on hierarchy level %i\n", err, hierarchy_level); + +out_err: + return err; } /** refills the store in case it contains less than ITEM_THRESHOLD * MAX_HCHAINS_PER_ITEM @@ -498,31 +494,27 @@ */ int hcstore_refill(hchain_store_t *hcstore, const int use_hash_trees) { - int err = 0, i, j, g, h; - - HIP_ASSERT(hcstore != NULL); - - /* go through the store setting up information necessary for creating a new - * hchain in the respective item */ - for (i = 0; i < hcstore->num_functions; i++) - { - for (j = 0; j < hcstore->num_hash_lengths[i]; j++) - { - for (g = 0; g < hcstore->hchain_shelves[i][j].num_hchain_lengths; g++) - { - for (h = 0; h < hcstore->hchain_shelves[i][j].num_hierarchies[g]; h++) - { - HIP_IFEL((err = hcstore_fill_item(hcstore, i, j, g, h, 0, use_hash_trees)) < 0, - -1, "failed to refill hchain_store\n"); - } - } - } - } - - HIP_DEBUG("total amount of created hash-chains: %i\n", err); - - out_err: - return err; + int err = 0, i, j, g, h; + + HIP_ASSERT(hcstore != NULL); + + /* go through the store setting up information necessary for creating a new + * hchain in the respective item */ + for (i = 0; i < hcstore->num_functions; i++) { + for (j = 0; j < hcstore->num_hash_lengths[i]; j++) { + for (g = 0; g < hcstore->hchain_shelves[i][j].num_hchain_lengths; g++) { + for (h = 0; h < hcstore->hchain_shelves[i][j].num_hierarchies[g]; h++) { + HIP_IFEL((err = hcstore_fill_item(hcstore, i, j, g, h, 0, use_hash_trees)) < 0, + -1, "failed to refill hchain_store\n"); + } + } + } + } + + HIP_DEBUG("total amount of created hash-chains: %i\n", err); + +out_err: + return err; } /** gets a stored hash structure with the provided properties @@ -533,60 +525,59 @@ * @param hchain_length length of the hash structure * @return pointer to the hash structure, NULL in case of an error or no such structure */ -void * hcstore_get_hash_item(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hchain_length) +void *hcstore_get_hash_item(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hchain_length) { - // inited to invalid values - int item_offset = -1; - void *stored_item = NULL; - int hierarchy_level = 0; - int err = 0, i; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length_id >= 0 - && hash_length_id < hcstore->num_hash_lengths[function_id]); - HIP_ASSERT(hchain_length > 0); - - // first find the correct hchain item - for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. - num_hchain_lengths; i++) - { - if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] - == hchain_length) - { - // set item_offset - item_offset = i; - - break; - } - } - - // handle unregistered hchain length or hierarchy - HIP_IFEL(item_offset < 0, -1, - "hchain with unregistered hchain length or hierarchy level requested\n"); - - // this exclusively returns a hchain from the highest hierarchy level - hierarchy_level = hcstore->hchain_shelves[function_id][hash_length_id]. - num_hierarchies[item_offset] - 1; - - HIP_DEBUG("hierarchy_level: %i\n", hierarchy_level); - - HIP_IFEL(!(stored_item = hip_ll_del_first(&hcstore->hchain_shelves[function_id] - [hash_length_id].hchains[item_offset][hierarchy_level], NULL)), -1, - "no hchain available\n"); - - out_err: - if (err) - { - // TODO modify this to support htrees - //if (stored_hchain) - // hchain_free(stored_hchain); - - stored_item = NULL; - } - - return stored_item; + // inited to invalid values + int item_offset = -1; + void *stored_item = NULL; + int hierarchy_level = 0; + int err = 0, i; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length_id >= 0 + && hash_length_id < hcstore->num_hash_lengths[function_id]); + HIP_ASSERT(hchain_length > 0); + + // first find the correct hchain item + for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. + num_hchain_lengths; i++) { + if (hcstore->hchain_shelves[function_id][hash_length_id].hchain_lengths[i] + == hchain_length) { + // set item_offset + item_offset = i; + + break; + } + } + + // handle unregistered hchain length or hierarchy + HIP_IFEL(item_offset < 0, -1, + "hchain with unregistered hchain length or hierarchy level requested\n"); + + // this exclusively returns a hchain from the highest hierarchy level + hierarchy_level = hcstore->hchain_shelves[function_id][hash_length_id]. + num_hierarchies[item_offset] - 1; + + HIP_DEBUG("hierarchy_level: %i\n", hierarchy_level); + + HIP_IFEL(!(stored_item = hip_ll_del_first(&hcstore->hchain_shelves[function_id] + [hash_length_id].hchains[item_offset][hierarchy_level], NULL)), -1, + "no hchain available\n"); + +out_err: + if (err) { + // TODO modify this to support htrees + //if (stored_hchain) + // hchain_free(stored_hchain); + + stored_item = NULL; + } + + return stored_item; } /** gets a stored hash structure for the provided anchor element @@ -599,91 +590,91 @@ * @param use_hash_trees indicates whether hash chains or hash trees are stored * @return pointer to the hash structure, NULL in case of an error or no such structure */ -void * hcstore_get_item_by_anchor(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hierarchy_level, const unsigned char *anchor, const int use_hash_trees) +void *hcstore_get_item_by_anchor(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hierarchy_level, + const unsigned char *anchor, + const int use_hash_trees) { - int hash_length = 0; - hash_chain_t *hchain = NULL; - hash_tree_t *htree = NULL; - void *stored_item = NULL; - int err = 0, i, j; - - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length_id >= 0 - && hash_length_id < hcstore->num_hash_lengths[function_id]); - HIP_ASSERT(hierarchy_level >= 0); - HIP_ASSERT(anchor != NULL); - - hash_length = hcstore_get_hash_length(hcstore, function_id, hash_length_id); - - HIP_ASSERT(hash_length > 0); - - HIP_HEXDUMP("searching item with anchor: ", anchor, hash_length); - - for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. - num_hchain_lengths; i++) - { - // look for the anchor at each hchain_length with the respective hierarchy level - HIP_ASSERT(hierarchy_level < hcstore->hchain_shelves[function_id][hash_length_id]. - num_hierarchies[i]); - - for (j = 0; j < hip_ll_get_size(&hcstore->hchain_shelves[function_id] - [hash_length_id].hchains[i][hierarchy_level]); j++) - { - stored_item = hip_ll_get(&hcstore-> - hchain_shelves[function_id][hash_length_id]. - hchains[i][hierarchy_level], j); - - if (use_hash_trees) - { - htree = (hash_tree_t *)stored_item; - - if (!memcmp(anchor, htree->root, hash_length)) - { - stored_item = hip_ll_del(&hcstore-> - hchain_shelves[function_id][hash_length_id]. - hchains[i][hierarchy_level], j, NULL); - - HIP_DEBUG("hash-tree matching the anchor found\n"); - //hchain_print(stored_hchain); - - goto out_err; - } - } else - { - hchain = (hash_chain_t *)stored_item; - - if (!memcmp(anchor, hchain_get_anchor(hchain), hash_length)) - { - stored_item = hip_ll_del(&hcstore-> - hchain_shelves[function_id][hash_length_id]. - hchains[i][hierarchy_level], j, NULL); - - HIP_DEBUG("hash-chain matching the anchor found\n"); - //hchain_print(stored_hchain); - - goto out_err; - } - } - } - } - - HIP_ERROR("hash-chain matching the anchor NOT found\n"); - stored_item = NULL; - err = -1; - - out_err: - if (err) - { - // TODO modify this to support htrees - //if (stored_item) - // hchain_free(stored_hchain); - - stored_item = NULL; - } - - return stored_item; + int hash_length = 0; + hash_chain_t *hchain = NULL; + hash_tree_t *htree = NULL; + void *stored_item = NULL; + int err = 0, i, j; + + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length_id >= 0 + && hash_length_id < hcstore->num_hash_lengths[function_id]); + HIP_ASSERT(hierarchy_level >= 0); + HIP_ASSERT(anchor != NULL); + + hash_length = hcstore_get_hash_length(hcstore, function_id, hash_length_id); + + HIP_ASSERT(hash_length > 0); + + HIP_HEXDUMP("searching item with anchor: ", anchor, hash_length); + + for (i = 0; i < hcstore->hchain_shelves[function_id][hash_length_id]. + num_hchain_lengths; i++) { + // look for the anchor at each hchain_length with the respective hierarchy level + HIP_ASSERT(hierarchy_level < hcstore->hchain_shelves[function_id][hash_length_id]. + num_hierarchies[i]); + + for (j = 0; j < hip_ll_get_size(&hcstore->hchain_shelves[function_id] + [hash_length_id].hchains[i][hierarchy_level]); j++) { + stored_item = hip_ll_get(&hcstore-> + hchain_shelves[function_id][hash_length_id]. + hchains[i][hierarchy_level], j); + + if (use_hash_trees) { + htree = (hash_tree_t *) stored_item; + + if (!memcmp(anchor, htree->root, hash_length)) { + stored_item = + hip_ll_del(&hcstore-> + hchain_shelves[function_id][hash_length_id]. + hchains[i][hierarchy_level], + j, + NULL); + + HIP_DEBUG("hash-tree matching the anchor found\n"); + //hchain_print(stored_hchain); + + goto out_err; + } + } else { + hchain = (hash_chain_t *) stored_item; + + if (!memcmp(anchor, hchain_get_anchor(hchain), hash_length)) { + stored_item = hip_ll_del(&hcstore-> + hchain_shelves[function_id][hash_length_id]. + hchains[i][hierarchy_level], j, NULL); + + HIP_DEBUG("hash-chain matching the anchor found\n"); + //hchain_print(stored_hchain); + + goto out_err; + } + } + } + } + + HIP_ERROR("hash-chain matching the anchor NOT found\n"); + stored_item = NULL; + err = -1; + +out_err: + if (err) { + // TODO modify this to support htrees + //if (stored_item) + // hchain_free(stored_hchain); + + stored_item = NULL; + } + + return stored_item; } /** gets a pointer to the hash function for a given index @@ -692,12 +683,13 @@ * @param function_id index of the hash function * @return pointer to the hash function, NULL if no such hash function */ -hash_function_t hcstore_get_hash_function(hchain_store_t *hcstore, const int function_id) +hash_function_t hcstore_get_hash_function(hchain_store_t *hcstore, + const int function_id) { - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - return hcstore->hash_functions[function_id]; + return hcstore->hash_functions[function_id]; } /** gets the hash length for a given index @@ -707,12 +699,14 @@ * @param hash_length_id index of the hash length * @return the hash length, 0 if no such hash length */ -int hcstore_get_hash_length(hchain_store_t *hcstore, const int function_id, const int hash_length_id) +int hcstore_get_hash_length(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id) { - HIP_ASSERT(hcstore != NULL); - HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); - HIP_ASSERT(hash_length_id >= 0 - && hash_length_id < hcstore->num_hash_lengths[function_id]); + HIP_ASSERT(hcstore != NULL); + HIP_ASSERT(function_id >= 0 && function_id < hcstore->num_functions); + HIP_ASSERT(hash_length_id >= 0 + && hash_length_id < hcstore->num_hash_lengths[function_id]); - return hcstore->hash_lengths[function_id][hash_length_id]; + return hcstore->hash_lengths[function_id][hash_length_id]; } === modified file 'lib/core/hashchain_store.h' --- lib/core/hashchain_store.h 2010-01-19 09:28:42 +0000 +++ lib/core/hashchain_store.h 2010-02-10 23:55:24 +0000 @@ -21,65 +21,80 @@ /* max amount of different hash-functions that can be stored */ -#define MAX_FUNCTIONS 5 +#define MAX_FUNCTIONS 5 /* max amount of different hash lengths that can be stored */ -#define MAX_NUM_HASH_LENGTH 5 +#define MAX_NUM_HASH_LENGTH 5 /* this includes the BEX-item */ -#define MAX_NUM_HCHAIN_LENGTH 5 +#define MAX_NUM_HCHAIN_LENGTH 5 // max number of hierarchies for which hchains can be linked -#define MAX_NUM_HIERARCHIES 100 - - -typedef struct hchain_shelf -{ - /* number of different hchain lengths currently used for this - * (hash-function, hash_length)-combination */ - int num_hchain_lengths; - /* the different hchain lengths */ - int hchain_lengths[MAX_NUM_HCHAIN_LENGTH]; - /* number of hierarchies in this shelf */ - int num_hierarchies[MAX_NUM_HCHAIN_LENGTH]; - /* hchains with the respective hchain length */ - hip_ll_t hchains[MAX_NUM_HCHAIN_LENGTH][MAX_NUM_HIERARCHIES]; +#define MAX_NUM_HIERARCHIES 100 + + +typedef struct hchain_shelf { + /* number of different hchain lengths currently used for this + * (hash-function, hash_length)-combination */ + int num_hchain_lengths; + /* the different hchain lengths */ + int hchain_lengths[MAX_NUM_HCHAIN_LENGTH]; + /* number of hierarchies in this shelf */ + int num_hierarchies[MAX_NUM_HCHAIN_LENGTH]; + /* hchains with the respective hchain length */ + hip_ll_t hchains[MAX_NUM_HCHAIN_LENGTH][MAX_NUM_HIERARCHIES]; } hchain_shelf_t; -typedef struct hchain_store -{ - /* determines at which volume a store item should be refilled */ - double refill_threshold; - /* number of hash structures stored per item, when it is full */ - int num_hchains_per_item; - /* amount of currently used hash-functions */ - int num_functions; - /* pointer to the hash-function used to create and verify the hchain - * - * @note params: (in_buffer, in_length, out_buffer) - * @note out_buffer should be size MAX_HASH_LENGTH */ - hash_function_t hash_functions[MAX_FUNCTIONS]; - /* amount of different hash_lengths per hash-function */ - int num_hash_lengths[MAX_FUNCTIONS]; - /* length of the hashes, of which the respective hchain items consist */ - int hash_lengths[MAX_FUNCTIONS][MAX_NUM_HASH_LENGTH]; - /* contains hchains and meta-information about how to process them */ - hchain_shelf_t hchain_shelves[MAX_FUNCTIONS][MAX_NUM_HASH_LENGTH]; +typedef struct hchain_store { + /* determines at which volume a store item should be refilled */ + double refill_threshold; + /* number of hash structures stored per item, when it is full */ + int num_hchains_per_item; + /* amount of currently used hash-functions */ + int num_functions; + /* pointer to the hash-function used to create and verify the hchain + * + * @note params: (in_buffer, in_length, out_buffer) + * @note out_buffer should be size MAX_HASH_LENGTH */ + hash_function_t hash_functions[MAX_FUNCTIONS]; + /* amount of different hash_lengths per hash-function */ + int num_hash_lengths[MAX_FUNCTIONS]; + /* length of the hashes, of which the respective hchain items consist */ + int hash_lengths[MAX_FUNCTIONS][MAX_NUM_HASH_LENGTH]; + /* contains hchains and meta-information about how to process them */ + hchain_shelf_t hchain_shelves[MAX_FUNCTIONS][MAX_NUM_HASH_LENGTH]; } hchain_store_t; - -int hcstore_init(hchain_store_t *hcstore, const int num_hchains_per_item, const double refill_threshold); +int hcstore_init(hchain_store_t *hcstore, + const int num_hchains_per_item, + const double refill_threshold); void hcstore_uninit(hchain_store_t *hcstore, const int use_hash_trees); -int hcstore_register_function(hchain_store_t *hcstore, const hash_function_t hash_function); -int hcstore_register_hash_length(hchain_store_t *hcstore, const int function_id, - const int hash_length); -int hcstore_register_hash_item_length(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hitem_length); -int hcstore_register_hash_item_hierarchy(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hitem_length, const int addtional_hierarchies); +int hcstore_register_function(hchain_store_t *hcstore, + const hash_function_t hash_function); +int hcstore_register_hash_length(hchain_store_t *hcstore, + const int function_id, + const int hash_length); +int hcstore_register_hash_item_length(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hitem_length); +int hcstore_register_hash_item_hierarchy(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hitem_length, + const int addtional_hierarchies); int hcstore_refill(hchain_store_t *hcstore, const int use_hash_trees); -void * hcstore_get_hash_item(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hchain_length); -void * hcstore_get_item_by_anchor(hchain_store_t *hcstore, const int function_id, - const int hash_length_id, const int hierarchy_level, const unsigned char *anchor, const int use_hash_trees); -hash_function_t hcstore_get_hash_function(hchain_store_t *hcstore, const int function_id); -int hcstore_get_hash_length(hchain_store_t *hcstore, const int function_id, const int hash_length_id); +void *hcstore_get_hash_item(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hchain_length); +void *hcstore_get_item_by_anchor(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id, + const int hierarchy_level, + const unsigned char *anchor, + const int use_hash_trees); +hash_function_t hcstore_get_hash_function(hchain_store_t *hcstore, + const int function_id); +int hcstore_get_hash_length(hchain_store_t *hcstore, + const int function_id, + const int hash_length_id); #endif /* HASHCHAIN_STORE_H */ === modified file 'lib/core/hashtable.c' --- lib/core/hashtable.c 2010-01-19 09:28:42 +0000 +++ lib/core/hashtable.c 2010-02-10 23:55:24 +0000 @@ -4,49 +4,48 @@ LHASH_OF(HIP_HT) * hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, LHASH_COMP_FN_TYPE cmpfunc) { - return (LHASH_OF(HIP_HT) *) lh_new(hashfunc, cmpfunc); + return (LHASH_OF(HIP_HT) *)lh_new(hashfunc, cmpfunc); } #else /* not HIPL_OPENSSL_100 */ -HIP_HASHTABLE * hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, - LHASH_COMP_FN_TYPE cmpfunc) +HIP_HASHTABLE *hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, + LHASH_COMP_FN_TYPE cmpfunc) { - return (HIP_HASHTABLE *) lh_new(hashfunc, cmpfunc); + return (HIP_HASHTABLE *) lh_new(hashfunc, cmpfunc); } #endif /* HIPL_OPENSSL_100 */ void hip_ht_uninit(void *head) { - lh_free(head); + lh_free(head); } void *hip_ht_find(void *head, void *data) { - return lh_retrieve((LHASH100_CAST *) head, data); + return lh_retrieve((LHASH100_CAST *) head, data); } int hip_ht_add(void *head, void *data) { - if (lh_insert((LHASH100_CAST *) head, data)) { - HIP_DEBUG("hash replace did not occur\n"); - } - return 0; + if (lh_insert((LHASH100_CAST *) head, data)) { + HIP_DEBUG("hash replace did not occur\n"); + } + return 0; } void *hip_ht_delete(void *head, void *data) { - return lh_delete((LHASH100_CAST *) head, data); + return lh_delete((LHASH100_CAST *) head, data); } void hip_ht_doall(void *head, LHASH_DOALL_FN_TYPE func) { - lh_doall((LHASH100_CAST *) head, func); + lh_doall((LHASH100_CAST *) head, func); } void hip_ht_doall_arg(void *head, LHASH_DOALL_ARG_FN_TYPE func, void *arg) { - lh_doall_arg((LHASH100_CAST *) head, func, arg); + lh_doall_arg((LHASH100_CAST *) head, func, arg); } - === modified file 'lib/core/hashtable.c.doxyme' --- lib/core/hashtable.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hashtable.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,50 +45,49 @@ /** - * hip_ht_add - * - * - * @param head - * @param data - * @return - **/ - - -/** - * hip_ht_delete - * - * - * @param head - * @param data - * @return - **/ - - -/** - * hip_ht_find - * - * - * @param head - * @param data - * @return - **/ - - -/** - * hip_ht_init + * hip_ht_add + * + * + * @param head + * @param data + * @return + **/ + + +/** + * hip_ht_delete + * + * + * @param head + * @param data + * @return + **/ + + +/** + * hip_ht_find + * + * + * @param head + * @param data + * @return + **/ + + +/** + * hip_ht_init * * * @param hashfunc * @param cmpfunc - * @return + * @return **/ /** - * hip_ht_uninit + * hip_ht_uninit * * * @param head - * @return + * @return **/ - === modified file 'lib/core/hashtable.h' --- lib/core/hashtable.h 2010-01-19 09:28:42 +0000 +++ lib/core/hashtable.h 2010-02-10 23:55:24 +0000 @@ -11,14 +11,14 @@ #define HIP_LHASHTABLE_H /* OpenSSL 1.0.0 introduced backwards incompatible changes to the lhash. - These backwards compatibility hacks can be removed when all platforms - support OpenSSL 1.0.0 by default. */ + * These backwards compatibility hacks can be removed when all platforms + * support OpenSSL 1.0.0 by default. */ #ifdef LHASH_OF #define HIPL_OPENSSL_100 #endif /* LHASH_OF */ #undef MIN_NODES -#define MIN_NODES 16 +#define MIN_NODES 16 #define HIP_LOCK_HT(hash) #define HIP_UNLOCK_HT(hash) @@ -32,7 +32,7 @@ #define LHASH100_CAST _LHASH -typedef DECLARE_LHASH_OF(HIP_HT) hip_ht_common; +typedef DECLARE_LHASH_OF (HIP_HT) hip_ht_common; typedef hip_ht_common HIP_HASHTABLE; LHASH_OF(HIP_HT) * hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, LHASH_COMP_FN_TYPE cmpfunc); @@ -41,7 +41,7 @@ #define LHASH100_CAST void -#define LHASH_OF(type) struct lhash_st_##type +#define LHASH_OF(type) struct lhash_st_ ## type #define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; } #undef IMPLEMENT_LHASH_HASH_FN @@ -50,32 +50,31 @@ #undef IMPLEMENT_LHASH_DOALL_ARG_FN #define IMPLEMENT_LHASH_HASH_FN(name, o_type) \ - unsigned long name##_LHASH_HASH(const void *arg) { \ - const o_type *a = arg; \ - return name##_hash(a); } + unsigned long name ## _LHASH_HASH(const void *arg) { \ + const o_type *a = arg; \ + return name ## _hash(a); } #define IMPLEMENT_LHASH_COMP_FN(name, o_type) \ - int name##_LHASH_COMP(const void *arg1, const void *arg2) { \ - const o_type *a = arg1; \ - const o_type *b = arg2; \ - return name##_cmp(a,b); } + int name ## _LHASH_COMP(const void *arg1, const void *arg2) { \ + const o_type *a = arg1; \ + const o_type *b = arg2; \ + return name ## _cmp(a, b); } #define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \ - void name##_LHASH_DOALL(void *arg) { \ - o_type *a = arg; \ - name##_doall(a); } + void name ## _LHASH_DOALL(void *arg) { \ + o_type *a = arg; \ + name ## _doall(a); } #define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ - void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ - o_type *a = arg1; \ - a_type *b = arg2; \ - name##_doall_arg(a, b); } -typedef DECLARE_LHASH_OF(HIP_HT) hip_ht_common; + void name ## _LHASH_DOALL_ARG(void *arg1, void *arg2) { \ + o_type *a = arg1; \ + a_type *b = arg2; \ + name ## _doall_arg(a, b); } +typedef DECLARE_LHASH_OF (HIP_HT) hip_ht_common; typedef LHASH HIP_HASHTABLE; -HIP_HASHTABLE * hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, - LHASH_COMP_FN_TYPE cmpfunc); +HIP_HASHTABLE *hip_ht_init(LHASH_HASH_FN_TYPE hashfunc, + LHASH_COMP_FN_TYPE cmpfunc); #endif -void hip_ht_doall(void *head, LHASH_DOALL_FN_TYPE func); +void hip_ht_doall(void *head, LHASH_DOALL_FN_TYPE func); void hip_ht_doall_arg(void *head, LHASH_DOALL_ARG_FN_TYPE func, void *arg); #endif /* LHASHTABLE_H */ - === modified file 'lib/core/hashtable.h.doxyme' --- lib/core/hashtable.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hashtable.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/hashtable.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/hashtree.c' --- lib/core/hashtree.c 2010-01-19 09:28:42 +0000 +++ lib/core/hashtree.c 2010-02-10 23:55:24 +0000 @@ -28,7 +28,7 @@ */ double log_x(const int base, const double value) { - return log(value) / log(base); + return log(value) / log(base); } /** creates an empty hash tree. @@ -41,13 +41,17 @@ * @param hierarchy_level the hierarchy level of the created hash tree * @return pointer to the inited tree, NULL in case of an error. */ -hash_tree_t* htree_init(const int num_data_blocks, const int max_data_length, const int node_length, - const int secret_length, hash_tree_t *link_tree, const int hierarchy_level) +hash_tree_t *htree_init(const int num_data_blocks, + const int max_data_length, + const int node_length, + const int secret_length, + hash_tree_t *link_tree, + const int hierarchy_level) { hash_tree_t *tree = NULL; - int tmp_length = 0; - int err = 0, i; - double log = 0.0; + int tmp_length = 0; + int err = 0, i; + double log = 0.0; HIP_ASSERT(num_data_blocks > 0); HIP_ASSERT(max_data_length > 0); @@ -55,91 +59,84 @@ // allocate the memory for the tree - HIP_IFEL(!(tree = (hash_tree_t *) malloc(sizeof(hash_tree_t))), -1, "failed to allocate memory\n"); + HIP_IFEL(!(tree = (hash_tree_t *) malloc(sizeof(hash_tree_t))), + -1, + "failed to allocate memory\n"); bzero(tree, sizeof(hash_tree_t)); // check here whether leaf_set_size is a power of 2 and compute correct value if it is not log = log_x(2, num_data_blocks); - if (num_data_blocks == 1) - { - tree->leaf_set_size = 2; - - } else if (floor(log) != ceil(log)) - { - tree->leaf_set_size = pow(2, ceil(log)); - - } else - { - tree->leaf_set_size = num_data_blocks; + if (num_data_blocks == 1) { + tree->leaf_set_size = 2; + } else if (floor(log) != ceil(log)) { + tree->leaf_set_size = pow(2, ceil(log)); + } else { + tree->leaf_set_size = num_data_blocks; } HIP_DEBUG("num_data_blocks: %i\n", num_data_blocks); HIP_DEBUG("tree->leaf_set_size: %i\n", tree->leaf_set_size); - HIP_IFEL(!(tree->data = (unsigned char *) malloc(max_data_length * tree->leaf_set_size)), -1, - "failed to allocate memory\n"); + HIP_IFEL(!(tree->data = (unsigned char *) malloc(max_data_length * tree->leaf_set_size)), + -1, + "failed to allocate memory\n"); // a binary tree with n leafs has got 2n-1 total nodes - HIP_IFEL(!(tree->nodes = (unsigned char *) malloc(node_length * tree->leaf_set_size * 2)), -1, - "failed to allocate memory\n"); + HIP_IFEL(!(tree->nodes = (unsigned char *) malloc(node_length * tree->leaf_set_size * 2)), + -1, + "failed to allocate memory\n"); // if link_tree is set, overwrite secret_length - if (link_tree) - { - HIP_DEBUG("link_tree set\n"); - - tmp_length = link_tree->node_length; - - } else - { - tmp_length = secret_length; - } + if (link_tree) { + HIP_DEBUG("link_tree set\n"); + + tmp_length = link_tree->node_length; + } else { + tmp_length = secret_length; + } // init array elements to 0 bzero(tree->data, max_data_length * tree->leaf_set_size); bzero(tree->nodes, node_length * tree->leaf_set_size * 2); - tree->is_open = 1; - tree->data_position = 0; + tree->is_open = 1; + tree->data_position = 0; tree->num_data_blocks = num_data_blocks; tree->max_data_length = max_data_length; - tree->node_length = node_length; - tree->secret_length = tmp_length; - tree->depth = ceil(log_x(2, tree->leaf_set_size)); + tree->node_length = node_length; + tree->secret_length = tmp_length; + tree->depth = ceil(log_x(2, tree->leaf_set_size)); // set the link tree - tree->link_tree = link_tree; - tree->hierarchy_level = hierarchy_level; + tree->link_tree = link_tree; + tree->hierarchy_level = hierarchy_level; HIP_DEBUG("tree->depth: %i\n", tree->depth); - tree->root = NULL; + tree->root = NULL; // now we can init the secret array - if (secret_length > 0) - { - HIP_IFEL(!(tree->secrets = (unsigned char *) malloc(secret_length * tree->leaf_set_size)), -1, - "failed to allocate memory\n"); - - if (link_tree) - { - // add the root as secret for each leaf - for (i = 0; i < num_data_blocks; i++) - { - HIP_IFEL(htree_add_secret(tree, link_tree->root, secret_length, i), -1, - "failed to add linking root as secrets\n"); - } - - bzero(&tree->secrets[num_data_blocks * secret_length], secret_length * (tree->leaf_set_size - num_data_blocks)); - - } else - { - bzero(tree->secrets, secret_length * tree->leaf_set_size); - } - } - - out_err: - if (err) - { - htree_free(tree); - } + if (secret_length > 0) { + HIP_IFEL(!(tree->secrets = (unsigned char *) malloc(secret_length * tree->leaf_set_size)), + -1, + "failed to allocate memory\n"); + + if (link_tree) { + // add the root as secret for each leaf + for (i = 0; i < num_data_blocks; i++) { + HIP_IFEL(htree_add_secret(tree, link_tree->root, secret_length, i), + -1, + "failed to add linking root as secrets\n"); + } + + bzero(&tree->secrets[num_data_blocks * secret_length], + secret_length * (tree->leaf_set_size - num_data_blocks)); + } else { + bzero(tree->secrets, secret_length * tree->leaf_set_size); + } + } + +out_err: + if (err) { + htree_free(tree); + } return tree; } @@ -150,37 +147,41 @@ */ void htree_free(hash_tree_t *tree) { - if (tree) - { - htree_free(tree->link_tree); - - if (tree->nodes) - free(tree->nodes); - if (tree->data) - free(tree->data); - if (tree->secrets) - free(tree->secrets); - - free(tree); - } - - tree = NULL; + if (tree) { + htree_free(tree->link_tree); + + if (tree->nodes) { + free(tree->nodes); + } + if (tree->data) { + free(tree->data); + } + if (tree->secrets) { + free(tree->secrets); + } + + free(tree); + } + + tree = NULL; } /** adds a data item to the tree. * * @param tree pointer to the tree - * @param data data to be added + * @param data data to be added * @param data_length length of the data item * @return always 0 */ -int htree_add_data(hash_tree_t *tree, const unsigned char *data, const int data_length) +int htree_add_data(hash_tree_t *tree, + const unsigned char *data, + const int data_length) { - int err = 0; + int err = 0; - HIP_ASSERT(tree != NULL); - HIP_ASSERT(data != NULL); - HIP_ASSERT(data_length > 0 && data_length <= tree->max_data_length); + HIP_ASSERT(tree != NULL); + HIP_ASSERT(data != NULL); + HIP_ASSERT(data_length > 0 && data_length <= tree->max_data_length); HIP_ASSERT(tree->is_open > 0); HIP_ASSERT(tree->data_position >= 0 && tree->data_position < tree->num_data_blocks); @@ -194,22 +195,21 @@ HIP_DEBUG("added data block\n"); // close the tree, if it is full - if(tree->data_position == tree->num_data_blocks) - { - HIP_DEBUG("tree is full! closing...\n"); - - // fill up unused leaf nodes - if (tree->num_data_blocks < tree->leaf_set_size) - { - HIP_IFEL(htree_add_random_data(tree, tree->leaf_set_size - tree->num_data_blocks), 1, - "failed to fill unused leaf nodes\n"); - } - - tree->is_open = 0; + if (tree->data_position == tree->num_data_blocks) { + HIP_DEBUG("tree is full! closing...\n"); + + // fill up unused leaf nodes + if (tree->num_data_blocks < tree->leaf_set_size) { + HIP_IFEL(htree_add_random_data(tree, tree->leaf_set_size - tree->num_data_blocks), + 1, + "failed to fill unused leaf nodes\n"); + } + + tree->is_open = 0; tree->data_position = 0; } - out_err: +out_err: return err; } @@ -221,33 +221,32 @@ */ int htree_add_random_data(hash_tree_t *tree, const int num_random_blocks) { - HIP_ASSERT(tree != NULL); - HIP_ASSERT(num_random_blocks > 0); + HIP_ASSERT(tree != NULL); + HIP_ASSERT(num_random_blocks > 0); HIP_ASSERT(tree->is_open > 0); HIP_ASSERT(tree->data_position + num_random_blocks <= tree->leaf_set_size); // add num_random_blocks random data to the data-array RAND_bytes(&tree->data[tree->data_position * tree->max_data_length], - num_random_blocks * tree->max_data_length); + num_random_blocks * tree->max_data_length); // move to next free position tree->data_position += num_random_blocks; HIP_DEBUG("added %i random data block(s)\n", num_random_blocks); // close the tree, if it is full - if(tree->data_position >= tree->num_data_blocks) - { + if (tree->data_position >= tree->num_data_blocks) { HIP_DEBUG("tree is full! closing...\n"); - // fill up unused leaf nodes - if (tree->num_data_blocks < tree->leaf_set_size) - { - RAND_bytes(&tree->data[tree->data_position * tree->max_data_length], - (tree->leaf_set_size - tree->data_position) * tree->max_data_length); - - HIP_DEBUG("added %i leaf slots as padding\n", tree->leaf_set_size - tree->data_position); - } - - tree->is_open = 0; + // fill up unused leaf nodes + if (tree->num_data_blocks < tree->leaf_set_size) { + RAND_bytes(&tree->data[tree->data_position * tree->max_data_length], + (tree->leaf_set_size - tree->data_position) * tree->max_data_length); + + HIP_DEBUG("added %i leaf slots as padding\n", + tree->leaf_set_size - tree->data_position); + } + + tree->is_open = 0; tree->data_position = 0; } @@ -257,17 +256,20 @@ /** adds a secret to the tree. * * @param tree pointer to the tree - * @param secret the secret to be added + * @param secret the secret to be added * @param secret_length length of the secret * @param secret_index position of the secret in the leaf set * @return always 0 */ -int htree_add_secret(hash_tree_t *tree, const unsigned char *secret, const int secret_length, const int secret_index) +int htree_add_secret(hash_tree_t *tree, + const unsigned char *secret, + const int secret_length, + const int secret_index) { - HIP_ASSERT(tree != NULL); - HIP_ASSERT(secret != NULL); - HIP_ASSERT(secret_length == tree->secret_length); - HIP_ASSERT(secret_index >= 0 && secret_index < tree->num_data_blocks); + HIP_ASSERT(tree != NULL); + HIP_ASSERT(secret != NULL); + HIP_ASSERT(secret_length == tree->secret_length); + HIP_ASSERT(secret_index >= 0 && secret_index < tree->num_data_blocks); HIP_ASSERT(tree->is_open > 0); memcpy(&tree->secrets[secret_index * secret_length], secret, secret_length); @@ -283,17 +285,17 @@ */ int htree_add_random_secrets(hash_tree_t *tree) { - int err = 0; - - HIP_ASSERT(tree != NULL); - HIP_ASSERT(tree->secrets != NULL); - HIP_ASSERT(tree->secret_length > 0); - - // add num_random_blocks random data to the data-array - RAND_bytes(&tree->secrets[0], - tree->num_data_blocks * tree->secret_length); - - HIP_DEBUG("random secrets added\n"); + int err = 0; + + HIP_ASSERT(tree != NULL); + HIP_ASSERT(tree->secrets != NULL); + HIP_ASSERT(tree->secret_length > 0); + + // add num_random_blocks random data to the data-array + RAND_bytes(&tree->secrets[0], + tree->num_data_blocks * tree->secret_length); + + HIP_DEBUG("random secrets added\n"); return err; } @@ -307,35 +309,37 @@ * @param gen_args arguments for the generators * @return 0 on success, -1 otherwise */ -int htree_calc_nodes(hash_tree_t *tree, const htree_leaf_gen_t leaf_gen, - const htree_node_gen_t node_gen, const htree_gen_args_t *gen_args) +int htree_calc_nodes(hash_tree_t *tree, + const htree_leaf_gen_t leaf_gen, + const htree_node_gen_t node_gen, + const htree_gen_args_t *gen_args) { - int level_width = 0, i, err = 0; - // first leaf to be used when calculating next tree level in bytes - int source_index = 0; - int target_index = 0; + int level_width = 0, i, err = 0; + // first leaf to be used when calculating next tree level in bytes + int source_index = 0; + int target_index = 0; unsigned char *secret = NULL; - HIP_ASSERT(tree != NULL); - HIP_ASSERT(tree->is_open == 0); - HIP_ASSERT(tree->data_position == 0); + HIP_ASSERT(tree != NULL); + HIP_ASSERT(tree->is_open == 0); + HIP_ASSERT(tree->data_position == 0); /* traverse all data blocks and create the leafs */ HIP_DEBUG("computing leaf nodes: %i\n", tree->leaf_set_size); - for(i = 0; i < tree->leaf_set_size; i++) - { - _HIP_DEBUG("calling leaf generator function...\n"); - - // only use secrets if they are defined - if (tree->secret_length > 0) - secret = &tree->secrets[i * tree->secret_length]; - - // input: i-th data block -> output as i-th node-array element - HIP_IFEL(leaf_gen(&tree->data[i * tree->max_data_length], tree->max_data_length, - secret, tree->secret_length, - &tree->nodes[i * tree->node_length], gen_args), - -1, "failed to calculate leaf hashes\n"); + for (i = 0; i < tree->leaf_set_size; i++) { + _HIP_DEBUG("calling leaf generator function...\n"); + + // only use secrets if they are defined + if (tree->secret_length > 0) { + secret = &tree->secrets[i * tree->secret_length]; + } + + // input: i-th data block -> output as i-th node-array element + HIP_IFEL(leaf_gen(&tree->data[i * tree->max_data_length], tree->max_data_length, + secret, tree->secret_length, + &tree->nodes[i * tree->node_length], gen_args), + -1, "failed to calculate leaf hashes\n"); } /* compute hashes on all other levels */ @@ -345,50 +349,49 @@ level_width = tree->leaf_set_size; // based on the current level, we are calculating the nodes for the next level - while(level_width > 1) - { - HIP_DEBUG("calculating nodes: %i\n", level_width / 2); + while (level_width > 1) { + HIP_DEBUG("calculating nodes: %i\n", level_width / 2); /* set the target for the this level directly behind the * already calculated nodes of the previous level */ target_index = source_index + (level_width * tree->node_length); /* we always handle two elements at once */ - for(i = 0; i < level_width; i += 2) - { - _HIP_DEBUG("calling node generator function...\n"); - - HIP_IFEL(node_gen(&tree->nodes[source_index + (i * tree->node_length)], - &tree->nodes[source_index + ((i + 1) * tree->node_length)], - tree->node_length, - &tree->nodes[target_index + ((i / 2) * tree->node_length)], - gen_args), -1, - "failed to calculate hashes of intermediate nodes\n"); - - // this means we're calculating the root node - if (level_width == 2) - tree->root = &tree->nodes[target_index + ((i / 2) * tree->node_length)]; + for (i = 0; i < level_width; i += 2) { + _HIP_DEBUG("calling node generator function...\n"); + + HIP_IFEL(node_gen(&tree->nodes[source_index + (i * tree->node_length)], + &tree->nodes[source_index + ((i + 1) * tree->node_length)], + tree->node_length, + &tree->nodes[target_index + ((i / 2) * tree->node_length)], + gen_args), -1, + "failed to calculate hashes of intermediate nodes\n"); + + // this means we're calculating the root node + if (level_width == 2) { + tree->root = &tree->nodes[target_index + ((i / 2) * tree->node_length)]; + } } // next level has got half the elements - level_width = level_width / 2; + level_width = level_width / 2; /* use target index of this level as new source field */ source_index = target_index; } - out_err: +out_err: return err; } /** gets the number of remaining elements in the tee - * + * * @param tree given tree * @return number of remaining elements */ int htree_get_num_remaining(const hash_tree_t *tree) { - return tree->num_data_blocks - tree->data_position; + return tree->num_data_blocks - tree->data_position; } /** checks if the hash tree contains further unrevealed data items @@ -398,7 +401,7 @@ */ int htree_has_more_data(const hash_tree_t *tree) { - return tree->data_position < tree->num_data_blocks; + return tree->data_position < tree->num_data_blocks; } /** gets the offset of the next unrevealed data item @@ -410,13 +413,13 @@ */ int htree_get_next_data_offset(hash_tree_t *tree) { - int data_offset = 0; - - data_offset = tree->data_position; - - tree->data_position++; - - return data_offset; + int data_offset = 0; + + data_offset = tree->data_position; + + tree->data_position++; + + return data_offset; } /** gets the elements of the verification branch from a computed tree @@ -427,22 +430,24 @@ * @param branch_length destination buffer length, returns used space * @return buffer containing the branch nodes, NULL on error */ -unsigned char * htree_get_branch(const hash_tree_t *tree, const int data_index, unsigned char * nodes, - int *branch_length) +unsigned char *htree_get_branch(const hash_tree_t *tree, + const int data_index, + unsigned char *nodes, + int *branch_length) { - int tree_level = 0; - int level_width = 0; - int source_index = 0; - int sibling_offset = 0; - int tmp_index = 0; - unsigned char * branch_nodes = NULL; - int err = 0; + int tree_level = 0; + int level_width = 0; + int source_index = 0; + int sibling_offset = 0; + int tmp_index = 0; + int err = 0; + unsigned char *branch_nodes = NULL; HIP_ASSERT(tree != NULL); HIP_ASSERT(data_index >= 0 && data_index < tree->num_data_blocks); // use local (unconst) variable for tree traversal - tmp_index = data_index; + tmp_index = data_index; // branch includes all elements excluding the root *branch_length = tree->depth * tree->node_length; @@ -450,41 +455,40 @@ HIP_DEBUG("tree->depth: %i\n", tree->depth); // use provided buffer, if available; else alloc - if (!nodes) - branch_nodes = (unsigned char *) malloc(*branch_length); - else - branch_nodes = nodes; + if (!nodes) { + branch_nodes = (unsigned char *) malloc(*branch_length); + } else { + branch_nodes = nodes; + } // traverse bottom up level_width = tree->leaf_set_size; // don't include root - while (level_width > 1) - { - HIP_DEBUG("level_width: %i\n", level_width); + while (level_width > 1) { + HIP_DEBUG("level_width: %i\n", level_width); - // for an uneven data_index the previous node is the sibling, else the next - sibling_offset = tmp_index & 1 ? -1 : 1; + // for an uneven data_index the previous node is the sibling, else the next + sibling_offset = tmp_index & 1 ? -1 : 1; // copy branch-node from node-array to buffer memcpy(&branch_nodes[tree_level * tree->node_length], &tree->nodes[source_index + - ((tmp_index + sibling_offset) * tree->node_length)], + ((tmp_index + sibling_offset) * tree->node_length)], tree->node_length); // proceed by one level source_index += level_width * tree->node_length; - level_width = level_width >> 1; - tmp_index = tmp_index >> 1; + level_width = level_width >> 1; + tmp_index = tmp_index >> 1; tree_level++; } _HIP_HEXDUMP("verification branch: ", branch_nodes, tree->depth * tree->node_length); - if (err) - { - free(branch_nodes); - branch_nodes = NULL; + if (err) { + free(branch_nodes); + branch_nodes = NULL; } return branch_nodes; @@ -497,16 +501,17 @@ * @param data_length length of the returned data item * @return pointer to the data item, NULL in case of an error */ -const unsigned char* htree_get_data(const hash_tree_t *tree, const int data_index, - int *data_length) +const unsigned char *htree_get_data(const hash_tree_t *tree, + const int data_index, + int *data_length) { - HIP_ASSERT(tree != NULL); - HIP_ASSERT(data_index >= 0 && data_index < tree->num_data_blocks); - HIP_ASSERT(data_length != NULL); - - *data_length = tree->max_data_length; - - return &tree->data[data_index * tree->max_data_length]; + HIP_ASSERT(tree != NULL); + HIP_ASSERT(data_index >= 0 && data_index < tree->num_data_blocks); + HIP_ASSERT(data_length != NULL); + + *data_length = tree->max_data_length; + + return &tree->data[data_index * tree->max_data_length]; } /** gets the secret at the specified position @@ -516,19 +521,21 @@ * @param secret_length length of the returned secret * @return pointer to the secret, NULL in case of an error */ -const unsigned char* htree_get_secret(const hash_tree_t *tree, const int secret_index, - int *secret_length) +const unsigned char *htree_get_secret(const hash_tree_t *tree, + const int secret_index, + int *secret_length) { - HIP_ASSERT(tree != NULL); - HIP_ASSERT(secret_index >= 0 && secret_index < tree->num_data_blocks); - HIP_ASSERT(secret_length != NULL); - - *secret_length = tree->secret_length; - - if (tree->secret_length > 0) - return &tree->secrets[secret_index * tree->secret_length]; - else - return NULL; + HIP_ASSERT(tree != NULL); + HIP_ASSERT(secret_index >= 0 && secret_index < tree->num_data_blocks); + HIP_ASSERT(secret_length != NULL); + + *secret_length = tree->secret_length; + + if (tree->secret_length > 0) { + return &tree->secrets[secret_index * tree->secret_length]; + } else { + return NULL; + } } /** gets the root node of the hash tree @@ -537,16 +544,17 @@ * @param root_length length of the returned root element * @return pointer to the root element, NULL in case of an error */ -const unsigned char* htree_get_root(const hash_tree_t *tree, int *root_length) +const unsigned char *htree_get_root(const hash_tree_t *tree, int *root_length) { - HIP_ASSERT(tree != NULL); - - if (tree->root) - *root_length = tree->node_length; - else - *root_length = 0; - - return tree->root; + HIP_ASSERT(tree != NULL); + + if (tree->root) { + *root_length = tree->node_length; + } else { + *root_length = 0; + } + + return tree->root; } /** checks the data item and an verification branch against the root @@ -565,19 +573,25 @@ * @param gen_args arguments for the generators * @return 0 if successful, 1 if invalid, -1 in case of an error */ -int htree_verify_branch(const unsigned char *root, const int root_length, - const unsigned char *branch_nodes, const uint32_t branch_length, - const unsigned char *verify_data, const int data_length, const uint32_t data_index, - const unsigned char *secret, const int secret_length, - const htree_leaf_gen_t leaf_gen, const htree_node_gen_t node_gen, - const htree_gen_args_t *gen_args) +int htree_verify_branch(const unsigned char *root, + const int root_length, + const unsigned char *branch_nodes, + const uint32_t branch_length, + const unsigned char *verify_data, + const int data_length, + const uint32_t data_index, + const unsigned char *secret, + const int secret_length, + const htree_leaf_gen_t leaf_gen, + const htree_node_gen_t node_gen, + const htree_gen_args_t *gen_args) { /* space for two nodes to be hashed together */ unsigned char buffer[2 * root_length]; - int num_nodes = 0; + int num_nodes = 0; int sibling_offset = 0; - int tmp_index = 0; - int err = 0, i; + int tmp_index = 0; + int err = 0, i; HIP_ASSERT(root != NULL); HIP_ASSERT(root_length > 0); @@ -587,8 +601,9 @@ HIP_ASSERT(data_length > 0); HIP_ASSERT(data_index >= 0); - if (secret_length > 0) - HIP_ASSERT(secret != NULL); + if (secret_length > 0) { + HIP_ASSERT(secret != NULL); + } // use local (unconst) variable for tree traversal tmp_index = data_index; @@ -600,63 +615,55 @@ _HIP_DEBUG("data_length: %i\n", data_length); _HIP_HEXDUMP("verify_data: ", verify_data, data_length); _HIP_DEBUG("branch_length: %i\n", branch_length); - _HIP_HEXDUMP("verify_data: ", branch_nodes, branch_length); + _HIP_HEXDUMP("verify_data: ", branch_nodes, branch_length); // +1 as we have to calculate the leaf too - for(i = 0; i < num_nodes + 1; i++) - { + for (i = 0; i < num_nodes + 1; i++) { HIP_DEBUG("round %i\n", i); // determines where to put the sibling in the buffer sibling_offset = tmp_index & 1 ? 0 : 1; /* in first round we have to calculate the leaf */ - if (i > 0) - { + if (i > 0) { /* hash previous buffer and overwrite partially */ HIP_IFEL(node_gen(&buffer[0], &buffer[root_length], root_length, - &buffer[(1 - sibling_offset) * root_length], gen_args), - -1, "failed to calculate node hash\n"); - - } else - { + &buffer[(1 - sibling_offset) * root_length], gen_args), + -1, "failed to calculate node hash\n"); + } else { /* hash data in order to derive the hash tree leaf */ HIP_IFEL(leaf_gen(verify_data, data_length, secret, secret_length, - &buffer[(1 - sibling_offset) * root_length], gen_args), -1, - "failed to calculate leaf hash\n"); + &buffer[(1 - sibling_offset) * root_length], gen_args), -1, + "failed to calculate leaf hash\n"); } - if (i < num_nodes) - { - // copy i-th branch node to the free slot in the buffer - memcpy(&buffer[sibling_offset * root_length], &branch_nodes[i * root_length], - root_length); + if (i < num_nodes) { + // copy i-th branch node to the free slot in the buffer + memcpy(&buffer[sibling_offset * root_length], &branch_nodes[i * root_length], + root_length); - // proceed to next level - tmp_index = tmp_index / 2; + // proceed to next level + tmp_index = tmp_index / 2; } HIP_HEXDUMP("buffer slot 1: ", &buffer[0], root_length); - HIP_HEXDUMP("buffer slot 2: ", &buffer[root_length], root_length); + HIP_HEXDUMP("buffer slot 2: ", &buffer[root_length], root_length); } HIP_HEXDUMP("calculated root: ", &buffer[(1 - sibling_offset) * root_length], - root_length); + root_length); HIP_HEXDUMP("stored root: ", root, root_length); - // check if the calculated root matches the stored one - if(!memcmp(&buffer[(1 - sibling_offset) * root_length], root, root_length)) - { + // check if the calculated root matches the stored one + if (!memcmp(&buffer[(1 - sibling_offset) * root_length], root, root_length)) { HIP_DEBUG("branch successfully verified\n"); - - } else - { - HIP_DEBUG("branch invalid\n"); - - err = 1; + } else { + HIP_DEBUG("branch invalid\n"); + + err = 1; } - out_err: +out_err: return err; } @@ -670,34 +677,34 @@ * @param gen_args arguments for the generator * @return always 0 */ -int htree_leaf_generator(const unsigned char *data, const int data_length, - const unsigned char *secret, const int secret_length, - unsigned char *dst_buffer, const htree_gen_args_t *gen_args) +int htree_leaf_generator(const unsigned char *data, + const int data_length, + const unsigned char *secret, + const int secret_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args) { - int err = 0; - unsigned char buffer[data_length + secret_length]; - const unsigned char *hash_data = NULL; - int hash_data_length = 0; - - if (secret && secret_length > 0) - { - memcpy(&buffer[0], data, data_length); - memcpy(&buffer[data_length], secret, secret_length); - - hash_data = buffer; - hash_data_length = data_length + secret_length; - - } else - { - hash_data = data; - hash_data_length = data_length; - } - - HIP_IFEL(!SHA1(hash_data, hash_data_length, dst_buffer), -1, - "failed to calculate hash\n"); - - out_err: - return err; + int err = 0; + unsigned char buffer[data_length + secret_length]; + const unsigned char *hash_data = NULL; + int hash_data_length = 0; + + if (secret && secret_length > 0) { + memcpy(&buffer[0], data, data_length); + memcpy(&buffer[data_length], secret, secret_length); + + hash_data = buffer; + hash_data_length = data_length + secret_length; + } else { + hash_data = data; + hash_data_length = data_length; + } + + HIP_IFEL(!SHA1(hash_data, hash_data_length, dst_buffer), -1, + "failed to calculate hash\n"); + +out_err: + return err; } /** generates an intermediate node from two hash tree nodes @@ -712,18 +719,21 @@ * NOTE: the calling function has to ensure that left and right node are in * subsequent memory blocks */ -int htree_node_generator(const unsigned char *left_node, const unsigned char *right_node, - const int node_length, unsigned char *dst_buffer, const htree_gen_args_t *gen_args) +int htree_node_generator(const unsigned char *left_node, + const unsigned char *right_node, + const int node_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args) { - int err = 0; - - /* the calling function has to ensure that left and right node are in - * subsequent memory blocks */ - HIP_IFEL(!SHA1(left_node, 2 * node_length, dst_buffer), -1, - "failed to calculate hash\n"); - - out_err: - return err; + int err = 0; + + /* the calling function has to ensure that left and right node are in + * subsequent memory blocks */ + HIP_IFEL(!SHA1(left_node, 2 * node_length, dst_buffer), -1, + "failed to calculate hash\n"); + +out_err: + return err; } /** prints the data set @@ -738,10 +748,10 @@ HIP_DEBUG("printing data blocks...\n"); - for(i = 0; i < tree->num_data_blocks; i++) - { - HIP_HEXDUMP("data block: ", &tree->data[i * tree->max_data_length], - tree->max_data_length); + for (i = 0; i < tree->num_data_blocks; i++) { + HIP_HEXDUMP("data block: ", + &tree->data[i * tree->max_data_length], + tree->max_data_length); } } @@ -751,10 +761,10 @@ */ void htree_print_nodes(const hash_tree_t *tree) { - int level_width = 0; + int level_width = 0; int target_index = 0; int source_index = 0; - int i = 0; + int i = 0; HIP_ASSERT(tree != NULL); @@ -762,19 +772,19 @@ HIP_DEBUG("printing hash tree nodes...\n"); - while (level_width > 0) - { + while (level_width > 0) { i++; HIP_DEBUG("printing level %i:\n", i); target_index = source_index + (level_width * tree->node_length); - for(i = 0; i < level_width; i++){ - HIP_HEXDUMP("node: ", &tree->nodes[source_index + (i * tree->node_length)], - tree->node_length); + for (i = 0; i < level_width; i++) { + HIP_HEXDUMP("node: ", + &tree->nodes[source_index + (i * tree->node_length)], + tree->node_length); } source_index = target_index; - level_width = level_width / 2; + level_width = level_width / 2; } } === modified file 'lib/core/hashtree.h' --- lib/core/hashtree.h 2010-01-19 09:28:42 +0000 +++ lib/core/hashtree.h 2010-02-10 23:55:24 +0000 @@ -18,85 +18,114 @@ #include <inttypes.h> /* arguments for the generator functionms */ -typedef struct htree_gen_args -{ - int index; +typedef struct htree_gen_args { + int index; } htree_gen_args_t; /** leaf generator function pointer * * NOTE: if you need additional arguments here, add them to the gen_args struct */ -typedef int (*htree_leaf_gen_t) (const unsigned char *data, const int data_length, - const unsigned char *secret, const int secret_length, - unsigned char *dst_buffer, const htree_gen_args_t *gen_args); +typedef int (*htree_leaf_gen_t)(const unsigned char *data, + const int data_length, + const unsigned char *secret, + const int secret_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args); /** node generator function pointer * * NOTE: if you need additional arguments here, add them to the gen_args struct */ -typedef int (*htree_node_gen_t) (const unsigned char *left_node, const unsigned char *right_node, - const int node_length, unsigned char *dst_buffer, - const htree_gen_args_t *gen_args); - -typedef struct hash_tree -{ - // data variables - int leaf_set_size; /* maximum number of data blocks to be stored in the tree */ - int num_data_blocks; /* number of data blocks to be verified with the tree */ - int max_data_length; /* max length for a single leaf element */ - unsigned char *data; /* array containing the data to be validated with the tree */ - int secret_length; /* length of the secret */ - unsigned char *secrets; /* individual secrets to be revealed with each data block */ - - struct hash_tree *link_tree; - int hierarchy_level; - - // tree elements variables - int node_length; /* length of a single node element */ - unsigned char *nodes; /* array containing the nodes of the tree */ - unsigned char *root; /* the root of the tree -> points into nodes-array */ - - // management variables - int depth; /* depth of the tree */ - int data_position; /* index of the next free leaf */ - int is_open; /* can one enter new entries? - This is only true if the nodes have not been - computed yet. */ +typedef int (*htree_node_gen_t)(const unsigned char *left_node, + const unsigned char *right_node, + const int node_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args); + +typedef struct hash_tree { + // data variables + int leaf_set_size; /* maximum number of data blocks to be stored in the tree */ + int num_data_blocks; /* number of data blocks to be verified with the tree */ + int max_data_length; /* max length for a single leaf element */ + unsigned char * data; /* array containing the data to be validated with the tree */ + int secret_length; /* length of the secret */ + unsigned char * secrets; /* individual secrets to be revealed with each data block */ + + struct hash_tree *link_tree; + int hierarchy_level; + + // tree elements variables + int node_length; /* length of a single node element */ + unsigned char * nodes; /* array containing the nodes of the tree */ + unsigned char * root; /* the root of the tree -> points into nodes-array */ + + // management variables + int depth; /* depth of the tree */ + int data_position; /* index of the next free leaf */ + int is_open; /* can one enter new entries? + * This is only true if the nodes have not been + * computed yet. */ } hash_tree_t; - double log_x(const int base, const double value); -hash_tree_t* htree_init(const int num_data_blocks, const int max_data_length, const int node_length, - const int secret_length, hash_tree_t *link_tree, const int hierarchy_level); +hash_tree_t *htree_init(const int num_data_blocks, + const int max_data_length, + const int node_length, + const int secret_length, + hash_tree_t *link_tree, + const int hierarchy_level); void htree_free(hash_tree_t *tree); -int htree_add_data(hash_tree_t *tree, const unsigned char *data, const int data_length); +int htree_add_data(hash_tree_t *tree, + const unsigned char *data, + const int data_length); int htree_add_random_data(hash_tree_t *tree, const int num_random_blocks); -int htree_add_secret(hash_tree_t *tree, const unsigned char *secret, const int secret_length, const int secret_index); +int htree_add_secret(hash_tree_t *tree, + const unsigned char *secret, + const int secret_length, + const int secret_index); int htree_add_random_secrets(hash_tree_t *tree); -int htree_calc_nodes(hash_tree_t *tree, const htree_leaf_gen_t leaf_gen, - const htree_node_gen_t node_gen, const htree_gen_args_t *gen_args); +int htree_calc_nodes(hash_tree_t *tree, + const htree_leaf_gen_t leaf_gen, + const htree_node_gen_t node_gen, + const htree_gen_args_t *gen_args); int htree_get_num_remaining(const hash_tree_t *tree); int htree_has_more_data(const hash_tree_t *tree); int htree_get_next_data_offset(hash_tree_t *tree); -unsigned char * htree_get_branch(const hash_tree_t *tree, const int data_index, unsigned char * nodes, - int *branch_length); -const unsigned char* htree_get_data(const hash_tree_t *tree, const int data_index, - int *data_length); -const unsigned char* htree_get_secret(const hash_tree_t *tree, const int secret_index, - int *secret_length); -const unsigned char* htree_get_root(const hash_tree_t *tree, int *root_length); -int htree_verify_branch(const unsigned char *root, const int root_length, - const unsigned char *branch_nodes, const uint32_t branch_length, - const unsigned char *verify_data, const int data_length, const uint32_t data_index, - const unsigned char *secret, const int secret_length, - const htree_leaf_gen_t leaf_gen, const htree_node_gen_t node_gen, - const htree_gen_args_t *gen_args); -int htree_leaf_generator(const unsigned char *data, const int data_length, - const unsigned char *secret, const int secret_length, - unsigned char *dst_buffer, const htree_gen_args_t *gen_args); -int htree_node_generator(const unsigned char *left_node, const unsigned char *right_node, - const int node_length, unsigned char *dst_buffer, const htree_gen_args_t *gen_args); +unsigned char *htree_get_branch(const hash_tree_t *tree, + const int data_index, + unsigned char *nodes, + int *branch_length); +const unsigned char *htree_get_data(const hash_tree_t *tree, + const int data_index, + int *data_length); +const unsigned char *htree_get_secret(const hash_tree_t *tree, + const int secret_index, + int *secret_length); +const unsigned char *htree_get_root(const hash_tree_t *tree, int *root_length); +int htree_verify_branch(const unsigned char *root, + const int root_length, + const unsigned char *branch_nodes, + const uint32_t branch_length, + const unsigned char *verify_data, + const int data_length, + const uint32_t data_index, + const unsigned char *secret, + const int secret_length, + const htree_leaf_gen_t leaf_gen, + const htree_node_gen_t node_gen, + const htree_gen_args_t *gen_args); +int htree_leaf_generator(const unsigned char *data, + const int data_length, + const unsigned char *secret, + const int secret_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args); +int htree_node_generator(const unsigned char *left_node, + const unsigned char *right_node, + const int node_length, + unsigned char *dst_buffer, + const htree_gen_args_t *gen_args); void htree_print_data(const hash_tree_t *tree); void htree_print_nodes(const hash_tree_t *tree); === modified file 'lib/core/hip_capability.c' --- lib/core/hip_capability.c 2010-01-19 12:03:04 +0000 +++ lib/core/hip_capability.c 2010-02-10 23:55:24 +0000 @@ -1,4 +1,3 @@ - #ifdef HAVE_CONFIG_H #include "config.h" #endif /* HAVE_CONFIG_H */ @@ -8,7 +7,7 @@ /* Note: OpenWRT has to use <linux/capability.h> */ #include <linux/capability.h> int capget(cap_user_header_t header, cap_user_data_t data); -int capset(cap_user_header_t header, const cap_user_data_t data); +int capset(cap_user_header_t header, const cap_user_data_t data); #else #include <sys/capability.h> #endif /* CONFIG_HIP_ALTSEP */ @@ -30,109 +29,111 @@ #define USER_HIPD "hipd" #endif /* CONFIG_HIP_PRIVSEP */ -int hip_user_to_uid(char *name) { - int uid = -1; +int hip_user_to_uid(char *name) +{ + int uid = -1; #ifndef CONFIG_HIP_OPENWRT - int i; - struct passwd *pwp = NULL, pw; - char buf[4096]; + int i; + struct passwd *pwp = NULL, pw; + char buf[4096]; - setpwent(); - while (1) { - i = getpwent_r(&pw, buf, sizeof(buf), &pwp); - if (i) - break; - _HIP_DEBUG("%s (%d)\tHOME %s\tSHELL %s\n", pwp->pw_name, - pwp->pw_uid, pwp->pw_dir, pwp->pw_shell); - if (!strcmp(pwp->pw_name, name)) { - uid = pwp->pw_uid; - break; - } - } - endpwent(); + setpwent(); + while (1) { + i = getpwent_r(&pw, buf, sizeof(buf), &pwp); + if (i) { + break; + } + _HIP_DEBUG("%s (%d)\tHOME %s\tSHELL %s\n", pwp->pw_name, + pwp->pw_uid, pwp->pw_dir, pwp->pw_shell); + if (!strcmp(pwp->pw_name, name)) { + uid = pwp->pw_uid; + break; + } + } + endpwent(); #endif - return uid; + return uid; } #ifdef CONFIG_HIP_ALTSEP -#define _LINUX_CAPABILITY_VERSION_HIPL 0x19980330 +#define _LINUX_CAPABILITY_VERSION_HIPL 0x19980330 -#define _LINUX_CAPABILITY_VERSION_HIPL 0x19980330 +#define _LINUX_CAPABILITY_VERSION_HIPL 0x19980330 /* * Note: this function does not go well with valgrind */ -int hip_set_lowcapability(int run_as_sudo) { - int err = 0; +int hip_set_lowcapability(int run_as_sudo) +{ + int err = 0; #ifdef CONFIG_HIP_PRIVSEP - uid_t uid; - //struct __user_cap_header_struct header; - //struct __user_cap_data_struct data; - struct __user_cap_header_struct header; - struct __user_cap_data_struct data; - - header.pid=0; - header.version = _LINUX_CAPABILITY_VERSION_HIPL; - data.effective = data.permitted = data.inheritable = 0; - - /* openwrt code */ - - HIP_IFEL(prctl(PR_SET_KEEPCAPS, 1), -1, "prctl err\n"); - - HIP_DEBUG("Now PR_SET_KEEPCAPS=%d\n", prctl(PR_GET_KEEPCAPS)); + uid_t uid; + //struct __user_cap_header_struct header; + //struct __user_cap_data_struct data; + struct __user_cap_header_struct header; + struct __user_cap_data_struct data; + + header.pid = 0; + header.version = _LINUX_CAPABILITY_VERSION_HIPL; + data.effective = data.permitted = data.inheritable = 0; + + /* openwrt code */ + + HIP_IFEL(prctl(PR_SET_KEEPCAPS, 1), -1, "prctl err\n"); + + HIP_DEBUG("Now PR_SET_KEEPCAPS=%d\n", prctl(PR_GET_KEEPCAPS)); #ifndef CONFIG_HIP_OPENWRT - uid = hip_user_to_uid(USER_NOBODY); + uid = hip_user_to_uid(USER_NOBODY); #else - /* todo: hardcode the uid for a suitable user for openwrt */ - uid = -1; + /* todo: hardcode the uid for a suitable user for openwrt */ + uid = -1; #endif - HIP_IFEL((uid < 0), -1, - "Error while retrieving USER 'nobody' uid\n"); - HIP_IFEL(capget(&header, &data), -1, - "error while retrieving capabilities through capget()\n"); - HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", - data.effective, data.permitted, data.inheritable); - - //ruid=nobody_pswd->pw_uid; - //euid=nobody_pswd->pw_uid; - - HIP_DEBUG("Before setreuid(,) UID=%d and EFF_UID=%d\n", - getuid(), geteuid()); - - /* openwrt code */ - - HIP_IFEL(setreuid(uid, uid), -1, "setruid failed\n"); - - HIP_DEBUG("After setreuid(,) UID=%d and EFF_UID=%d\n", - getuid(), geteuid()); - HIP_IFEL(capget(&header, &data), -1, - "error while retrieving capabilities through 'capget()'\n"); - - HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", - data.effective,data.permitted, data.inheritable); - HIP_DEBUG ("Going to clear all capabilities except the ones needed\n"); - data.effective = data.permitted = data.inheritable = 0; - // for CAP_NET_RAW capability - data.effective |= (1 <<CAP_NET_RAW ); - data.permitted |= (1 <<CAP_NET_RAW ); - // for CAP_NET_ADMIN capability - data.effective |= (1 <<CAP_NET_ADMIN ); - data.permitted |= (1 <<CAP_NET_ADMIN ); - - /* openwrt code */ - HIP_IFEL(capset(&header, &data), -1, - "error in capset (do you have capabilities kernel module?)"); - HIP_DEBUG("UID=%d EFF_UID=%d\n", getuid(), geteuid()); - HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", - data.effective, data.permitted, data.inheritable); + HIP_IFEL((uid < 0), -1, + "Error while retrieving USER 'nobody' uid\n"); + HIP_IFEL(capget(&header, &data), -1, + "error while retrieving capabilities through capget()\n"); + HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", + data.effective, data.permitted, data.inheritable); + + //ruid=nobody_pswd->pw_uid; + //euid=nobody_pswd->pw_uid; + + HIP_DEBUG("Before setreuid(,) UID=%d and EFF_UID=%d\n", + getuid(), geteuid()); + + /* openwrt code */ + + HIP_IFEL(setreuid(uid, uid), -1, "setruid failed\n"); + + HIP_DEBUG("After setreuid(,) UID=%d and EFF_UID=%d\n", + getuid(), geteuid()); + HIP_IFEL(capget(&header, &data), -1, + "error while retrieving capabilities through 'capget()'\n"); + + HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", + data.effective, data.permitted, data.inheritable); + HIP_DEBUG("Going to clear all capabilities except the ones needed\n"); + data.effective = data.permitted = data.inheritable = 0; + // for CAP_NET_RAW capability + data.effective |= (1 << CAP_NET_RAW); + data.permitted |= (1 << CAP_NET_RAW); + // for CAP_NET_ADMIN capability + data.effective |= (1 << CAP_NET_ADMIN); + data.permitted |= (1 << CAP_NET_ADMIN); + + /* openwrt code */ + HIP_IFEL(capset(&header, &data), -1, + "error in capset (do you have capabilities kernel module?)"); + HIP_DEBUG("UID=%d EFF_UID=%d\n", getuid(), geteuid()); + HIP_DEBUG("effective=%u, permitted = %u, inheritable=%u\n", + data.effective, data.permitted, data.inheritable); #endif /* CONFIG_HIP_PRIVSEP */ - out_err: - return err; - +out_err: + return err; } #else /* ! ALTSEP */ @@ -140,80 +141,82 @@ /* * Note: this function does not go well with valgrind */ -int hip_set_lowcapability(int run_as_sudo) { - int err = 0; +int hip_set_lowcapability(int run_as_sudo) +{ + int err = 0; #ifdef CONFIG_HIP_PRIVSEP - uid_t uid = -1; - cap_value_t cap_list[] = {CAP_NET_RAW, CAP_NET_ADMIN }; - int ncap_list = 2; - cap_t cap_p = NULL; - char *cap_s = NULL; - char *name = NULL; - - /* @todo: does this work when you start hipd as root (without sudo) */ - - if (run_as_sudo) { - HIP_IFEL(!(name = getenv("SUDO_USER")), -1, - "Failed to determine current username\n"); - } else { - /* Check if user "hipd" exists if it does use it - otherwise use "nobody" */ - if (hip_user_to_uid(USER_HIPD) >= 0) - name = USER_HIPD; - else if (hip_user_to_uid(USER_NOBODY) >= 0) - name = USER_NOBODY; - else - HIP_IFEL(1, -1, "System does not have nobody account\n"); - } - - HIP_IFEL(prctl(PR_SET_KEEPCAPS, 1), -1, "prctl err\n"); - - HIP_DEBUG("Now PR_SET_KEEPCAPS=%d\n", prctl(PR_GET_KEEPCAPS)); - - uid = hip_user_to_uid(name); - HIP_IFEL((uid < 0), -1, - "Error while retrieving USER '%s' uid\n", name); - - HIP_IFEL(!(cap_p = cap_get_proc()), -1, - "Error getting capabilities\n"); - HIP_DEBUG("cap_p %s\n", cap_s = cap_to_text(cap_p, NULL)); - /* It would be better to use #if DEBUG */ - if (cap_s != NULL) { - cap_free(cap_s); - cap_s = NULL; - } - - HIP_DEBUG("Before setreuid UID=%d and EFF_UID=%d\n", - getuid(), geteuid()); - - HIP_IFEL(setreuid(uid,uid), -1, "setruid failed\n"); - - HIP_DEBUG("After setreuid UID=%d and EFF_UID=%d\n", - getuid(), geteuid()); - - HIP_DEBUG ("Going to clear all capabilities except the ones needed\n"); - HIP_IFEL(cap_clear(cap_p)<0, -1, "Error clearing capabilities\n"); - - HIP_IFEL(cap_set_flag(cap_p, CAP_EFFECTIVE, ncap_list, cap_list, CAP_SET)<0, - -1, "Error setting capability flags\n"); - HIP_IFEL(cap_set_flag(cap_p, CAP_PERMITTED, ncap_list, cap_list, CAP_SET)<0, - -1, "Error setting capability flags\n"); - HIP_IFEL(cap_set_proc(cap_p)<0, -1, "Error modifying capabilities\n"); - HIP_DEBUG("UID=%d EFF_UID=%d\n", getuid(), geteuid()); - HIP_DEBUG("cap_p %s\n", cap_s = cap_to_text(cap_p, NULL)); - /* It would be better to use #if DEBUG */ - if (cap_s != NULL) { - cap_free(cap_s); - cap_s = NULL; - } + uid_t uid = -1; + cap_value_t cap_list[] = {CAP_NET_RAW, CAP_NET_ADMIN }; + int ncap_list = 2; + cap_t cap_p = NULL; + char *cap_s = NULL; + char *name = NULL; + + /* @todo: does this work when you start hipd as root (without sudo) */ + + if (run_as_sudo) { + HIP_IFEL(!(name = getenv("SUDO_USER")), -1, + "Failed to determine current username\n"); + } else { + /* Check if user "hipd" exists if it does use it + * otherwise use "nobody" */ + if (hip_user_to_uid(USER_HIPD) >= 0) { + name = USER_HIPD; + } else if (hip_user_to_uid(USER_NOBODY) >= 0) { + name = USER_NOBODY; + } else { + HIP_IFEL(1, -1, "System does not have nobody account\n"); + } + } + + HIP_IFEL(prctl(PR_SET_KEEPCAPS, 1), -1, "prctl err\n"); + + HIP_DEBUG("Now PR_SET_KEEPCAPS=%d\n", prctl(PR_GET_KEEPCAPS)); + + uid = hip_user_to_uid(name); + HIP_IFEL((uid < 0), -1, + "Error while retrieving USER '%s' uid\n", name); + + HIP_IFEL(!(cap_p = cap_get_proc()), -1, + "Error getting capabilities\n"); + HIP_DEBUG("cap_p %s\n", cap_s = cap_to_text(cap_p, NULL)); + /* It would be better to use #if DEBUG */ + if (cap_s != NULL) { + cap_free(cap_s); + cap_s = NULL; + } + + HIP_DEBUG("Before setreuid UID=%d and EFF_UID=%d\n", + getuid(), geteuid()); + + HIP_IFEL(setreuid(uid, uid), -1, "setruid failed\n"); + + HIP_DEBUG("After setreuid UID=%d and EFF_UID=%d\n", + getuid(), geteuid()); + + HIP_DEBUG("Going to clear all capabilities except the ones needed\n"); + HIP_IFEL(cap_clear(cap_p) < 0, -1, "Error clearing capabilities\n"); + + HIP_IFEL(cap_set_flag(cap_p, CAP_EFFECTIVE, ncap_list, cap_list, CAP_SET) < 0, + -1, "Error setting capability flags\n"); + HIP_IFEL(cap_set_flag(cap_p, CAP_PERMITTED, ncap_list, cap_list, CAP_SET) < 0, + -1, "Error setting capability flags\n"); + HIP_IFEL(cap_set_proc(cap_p) < 0, -1, "Error modifying capabilities\n"); + HIP_DEBUG("UID=%d EFF_UID=%d\n", getuid(), geteuid()); + HIP_DEBUG("cap_p %s\n", cap_s = cap_to_text(cap_p, NULL)); + /* It would be better to use #if DEBUG */ + if (cap_s != NULL) { + cap_free(cap_s); + cap_s = NULL; + } out_err: - cap_free(cap_p); + cap_free(cap_p); #endif /* CONFIG_HIP_PRIVSEP */ - return err; - + return err; } + #endif === modified file 'lib/core/hip_capability.c.doxyme' --- lib/core/hip_capability.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hip_capability.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,19 +45,18 @@ /** - * hip_set_lowcapability + * hip_set_lowcapability * * * @param run_as_sudo - * @return + * @return **/ /** - * hip_user_to_uid + * hip_user_to_uid * * * @param name - * @return + * @return **/ - === modified file 'lib/core/hip_capability.h' --- lib/core/hip_capability.h 2010-01-19 09:28:42 +0000 +++ lib/core/hip_capability.h 2010-02-10 23:55:24 +0000 @@ -1,6 +1,6 @@ /** @file * The header for hip_capability.c. - * + * * @author Tobias Heer <heer@xxxxxxxxxxxxxxxxx> (header file only) * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. */ === modified file 'lib/core/hip_capability.h.doxyme' --- lib/core/hip_capability.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hip_capability.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/capability.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/hip_statistics.c' --- lib/core/hip_statistics.c 2010-01-19 09:28:42 +0000 +++ lib/core/hip_statistics.c 2010-02-10 23:55:24 +0000 @@ -5,123 +5,136 @@ static uint64_t timeval_to_uint64(const struct timeval *timeval) { - HIP_ASSERT(timeval != NULL); - - /* convert values to microseconds and add */ - return ((timeval->tv_sec * STATS_IN_USECS) + timeval->tv_usec); -} - -static double calc_avg(const statistics_data_t *statistics_data, const double scaling_factor) -{ - double avg = 0.0; - - HIP_ASSERT(statistics_data != NULL); - HIP_ASSERT(scaling_factor > 0); - - if (statistics_data->num_items >= 1) - { - avg = (statistics_data->added_values / scaling_factor) - / statistics_data->num_items; - } - - return avg; -} - -static double calc_std_dev(const statistics_data_t *statistics_data, const double scaling_factor) -{ - double std_dev = 0.0; - double sum1 = 0.0, sum2 = 0.0; - - HIP_ASSERT(statistics_data != NULL); - - if (statistics_data->num_items >= 1) - { - sum1 = (double)statistics_data->added_values / statistics_data->num_items; - sum2 = (double)statistics_data->added_squared_values - / statistics_data->num_items; - - std_dev = sqrt(sum2 - (sum1 * sum1)); - } - - return std_dev / scaling_factor; + HIP_ASSERT(timeval != NULL); + + /* convert values to microseconds and add */ + return (timeval->tv_sec * STATS_IN_USECS) + timeval->tv_usec; +} + +static double calc_avg(const statistics_data_t *statistics_data, + const double scaling_factor) +{ + double avg = 0.0; + + HIP_ASSERT(statistics_data != NULL); + HIP_ASSERT(scaling_factor > 0); + + if (statistics_data->num_items >= 1) { + avg = (statistics_data->added_values / scaling_factor) + / statistics_data->num_items; + } + + return avg; +} + +static double calc_std_dev(const statistics_data_t *statistics_data, + const double scaling_factor) +{ + double std_dev = 0.0; + double sum1 = 0.0, sum2 = 0.0; + + HIP_ASSERT(statistics_data != NULL); + + if (statistics_data->num_items >= 1) { + sum1 = (double) statistics_data->added_values / statistics_data->num_items; + sum2 = (double) statistics_data->added_squared_values + / statistics_data->num_items; + + std_dev = sqrt(sum2 - (sum1 * sum1)); + } + + return std_dev / scaling_factor; } uint64_t calc_timeval_diff(const struct timeval *timeval_start, - const struct timeval *timeval_end) + const struct timeval *timeval_end) { - struct timeval rel_timeval; - - HIP_ASSERT(timeval_start != NULL); - HIP_ASSERT(timeval_end != NULL); - - // check that timeval_high really is higher - if ((timeval_end->tv_sec > timeval_start->tv_sec) && (timeval_end->tv_usec > timeval_start->tv_usec)) { - rel_timeval.tv_sec = timeval_end->tv_sec - timeval_start->tv_sec; - rel_timeval.tv_usec = timeval_end->tv_usec - timeval_start->tv_usec; - } - else { - rel_timeval.tv_sec = 0; - rel_timeval.tv_usec = 0; - } - - return timeval_to_uint64(&rel_timeval); + struct timeval rel_timeval; + + HIP_ASSERT(timeval_start != NULL); + HIP_ASSERT(timeval_end != NULL); + + // check that timeval_high really is higher + if ((timeval_end->tv_sec > timeval_start->tv_sec) && + (timeval_end->tv_usec > timeval_start->tv_usec)) + { + rel_timeval.tv_sec = timeval_end->tv_sec - timeval_start->tv_sec; + rel_timeval.tv_usec = timeval_end->tv_usec - timeval_start->tv_usec; + } else { + rel_timeval.tv_sec = 0; + rel_timeval.tv_usec = 0; + } + + return timeval_to_uint64(&rel_timeval); } -int add_statistics_item(statistics_data_t *statistics_data, const uint64_t item_value) +int add_statistics_item(statistics_data_t *statistics_data, + const uint64_t item_value) { - int err = 0; - - HIP_ASSERT(statistics_data != NULL); - - HIP_IFEL(!(statistics_data->num_items < statistics_data->num_items + 1), -1, - "value exceeds data type range\n"); - statistics_data->num_items++; - - HIP_IFEL(!(statistics_data->added_values < statistics_data->added_values + item_value), -1, - "value exceeds data type range\n") - statistics_data->added_values += item_value; - - - HIP_IFEL(!(statistics_data->added_squared_values < statistics_data->added_squared_values + item_value * item_value), -1, - "value exceeds data type range\n"); - statistics_data->added_squared_values += item_value * item_value; - - if (item_value > statistics_data->max_value) { - statistics_data->max_value = item_value; - } - - if (item_value < statistics_data->min_value || - statistics_data->min_value == 0.0) { - statistics_data->min_value = item_value; - } - - out_err: - if (err) { - HIP_DEBUG("resetting statistics\n"); - - statistics_data->num_items = 0; - statistics_data->added_values = 0; - statistics_data->added_squared_values = 0; - } - - return err; + int err = 0; + + HIP_ASSERT(statistics_data != NULL); + + HIP_IFEL(!(statistics_data->num_items < statistics_data->num_items + 1), -1, + "value exceeds data type range\n"); + statistics_data->num_items++; + + HIP_IFEL(!(statistics_data->added_values < statistics_data->added_values + item_value), + -1, + "value exceeds data type range\n") + statistics_data->added_values += item_value; + + + HIP_IFEL(!(statistics_data->added_squared_values < statistics_data->added_squared_values + item_value * item_value), + -1, + "value exceeds data type range\n"); + statistics_data->added_squared_values += item_value * item_value; + + if (item_value > statistics_data->max_value) { + statistics_data->max_value = item_value; + } + + if (item_value < statistics_data->min_value || + statistics_data->min_value == 0.0) { + statistics_data->min_value = item_value; + } + +out_err: + if (err) { + HIP_DEBUG("resetting statistics\n"); + + statistics_data->num_items = 0; + statistics_data->added_values = 0; + statistics_data->added_squared_values = 0; + } + + return err; } /* only returns values for non-NULL pointers */ -void calc_statistics(const statistics_data_t *statistics_data, uint32_t *num_items, - double *min, double *max, double *avg, double *std_dev, - double scaling_factor) +void calc_statistics(const statistics_data_t *statistics_data, + uint32_t *num_items, + double *min, + double *max, + double *avg, + double *std_dev, + double scaling_factor) { - HIP_ASSERT(statistics_data != NULL); + HIP_ASSERT(statistics_data != NULL); - if (num_items) - *num_items = statistics_data->num_items; - if (min) - *min = statistics_data->min_value / scaling_factor; - if (max) - *max = statistics_data->max_value / scaling_factor; - if (avg) - *avg = calc_avg(statistics_data, scaling_factor); - if (std_dev) - *std_dev = calc_std_dev(statistics_data, scaling_factor); + if (num_items) { + *num_items = statistics_data->num_items; + } + if (min) { + *min = statistics_data->min_value / scaling_factor; + } + if (max) { + *max = statistics_data->max_value / scaling_factor; + } + if (avg) { + *avg = calc_avg(statistics_data, scaling_factor); + } + if (std_dev) { + *std_dev = calc_std_dev(statistics_data, scaling_factor); + } } === modified file 'lib/core/hip_statistics.c.doxyme' --- lib/core/hip_statistics.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hip_statistics.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,27 +45,27 @@ /** - * add_statistics_item + * add_statistics_item * * * @param statistics_data * @param item_value - * @return + * @return **/ /** - * calc_avg + * calc_avg * * * @param statistics_data * @param scaling_factor - * @return + * @return **/ /** - * calc_statistics + * calc_statistics * * * @param statistics_data @@ -74,35 +75,34 @@ * @param avg * @param std_dev * @param scaling_factor - * @return + * @return **/ /** - * calc_std_dev + * calc_std_dev * * * @param statistics_data * @param scaling_factor - * @return + * @return **/ /** - * calc_timeval_diff + * calc_timeval_diff * * * @param timeval_start * @param timeval_end - * @return + * @return **/ /** - * timeval_to_uint64 + * timeval_to_uint64 * * * @param timeval - * @return + * @return **/ - === modified file 'lib/core/hip_statistics.h' --- lib/core/hip_statistics.h 2010-02-08 15:18:06 +0000 +++ lib/core/hip_statistics.h 2010-02-10 23:55:24 +0000 @@ -4,22 +4,27 @@ #include <stdlib.h> #include <inttypes.h> -#define STATS_IN_MSECS 1000 -#define STATS_IN_USECS 1000000 +#define STATS_IN_MSECS 1000 +#define STATS_IN_USECS 1000000 -typedef struct statistics_data -{ - uint32_t num_items; - uint64_t added_values; - uint64_t added_squared_values; - uint64_t min_value; - uint64_t max_value; +typedef struct statistics_data { + uint32_t num_items; + uint64_t added_values; + uint64_t added_squared_values; + uint64_t min_value; + uint64_t max_value; } statistics_data_t; uint64_t calc_timeval_diff(const struct timeval *timeval_start, - const struct timeval *timeval_end); -int add_statistics_item(statistics_data_t *statistics_data, const uint64_t item_value); -void calc_statistics(const statistics_data_t *statistics_data, uint32_t *num_items, - double *min, double *max, double *avg, double *std_dev, double scaling_factor); + const struct timeval *timeval_end); +int add_statistics_item(statistics_data_t *statistics_data, + const uint64_t item_value); +void calc_statistics(const statistics_data_t *statistics_data, + uint32_t *num_items, + double *min, + double *max, + double *avg, + double *std_dev, + double scaling_factor); #endif /* HIP_STATISTICS_H_ */ === modified file 'lib/core/hip_statistics.h.doxyme' --- lib/core/hip_statistics.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/hip_statistics.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/hip_statistics.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/icomm.h' --- lib/core/icomm.h 2010-02-08 15:18:06 +0000 +++ lib/core/icomm.h 2010-02-10 23:55:24 +0000 @@ -12,12 +12,12 @@ #include "protodefs.h" /* Use this port to send asynchronous/unidirectional messages - from hipd to hipfw */ + * from hipd to hipfw */ #define HIP_FIREWALL_PORT 971 /* Use this port to send messages from hipd to agent */ #define HIP_AGENT_PORT 972 /* Use this port to send synchronous/bidirectional (request-response) - messages from hipd to firewall*/ + * messages from hipd to firewall*/ #define HIP_DAEMON_LOCAL_PORT 973 #define HIP_FIREWALL_SYNC_PORT 974 @@ -36,7 +36,7 @@ * @todo Should socket option values 1 - 64 be renumbered starting from 65? * @{ */ -#define HIP_SO_ANY_MIN 1 +#define HIP_SO_ANY_MIN 1 #define SO_HIP_ADD_PEER_MAP_HIT_IP 2 #define SO_HIP_DEL_PEER_MAP_HIT_IP 3 /* slot free */ @@ -47,15 +47,15 @@ #define SO_HIP_QUERY_OPPORTUNISTIC_MODE 9 #define SO_HIP_ANSWER_OPPORTUNISTIC_MODE_QUERY 10 /* slot free */ -#define SO_HIP_QUERY_IP_HIT_MAPPING 12 -#define SO_HIP_ANSWER_IP_HIT_MAPPING_QUERY 13 -#define SO_HIP_GET_PEER_HIT 14 +#define SO_HIP_QUERY_IP_HIT_MAPPING 12 +#define SO_HIP_ANSWER_IP_HIT_MAPPING_QUERY 13 +#define SO_HIP_GET_PEER_HIT 14 /* free slot */ -#define SO_HIP_DEFAULT_HIT 16 +#define SO_HIP_DEFAULT_HIT 16 #define SO_HIP_GET_PEER_LIST 17 /* Free slots here */ #define SO_HIP_GET_HITS 21 -#define SO_HIP_GET_HA_INFO 22 +#define SO_HIP_GET_HA_INFO 22 #define SO_HIP_DHT_SERVING_GW 24 /* free slot */ #define SO_HIP_GET_LSI_PEER 26 @@ -64,16 +64,16 @@ /* inclusive */ #define SO_HIP_PING 32 #define SO_HIP_TRIGGER_BEX 33 -#define SO_HIP_MAP_ID_TO_ADDR 34 -#define SO_HIP_LSI_TO_HIT 35 -#define HIP_SO_ANY_MAX 63 +#define SO_HIP_MAP_ID_TO_ADDR 34 +#define SO_HIP_LSI_TO_HIT 35 +#define HIP_SO_ANY_MAX 63 /** @addtogroup hip_so * HIP socket options. * @{ */ -#define HIP_SO_ROOT_MIN 64 +#define HIP_SO_ROOT_MIN 64 #define SO_HIP_ADD_LOCAL_HI 65 #define SO_HIP_DEL_LOCAL_HI 66 #define SO_HIP_RUN_UNIT_TEST 67 @@ -92,31 +92,31 @@ #define SO_HIP_SET_BLIND_OFF 80 /** Socket option for hipconf to change the used gateway with OpenDHT */ #define SO_HIP_DHT_GW 81 -#define SO_HIP_SET_DEBUG_ALL 82 -#define SO_HIP_SET_DEBUG_MEDIUM 83 -#define SO_HIP_SET_DEBUG_NONE 84 +#define SO_HIP_SET_DEBUG_ALL 82 +#define SO_HIP_SET_DEBUG_MEDIUM 83 +#define SO_HIP_SET_DEBUG_NONE 84 /** Socket option for hipconf to ask about the used gateway with OpenDHT */ #define SO_HIP_LOCATOR_GET 85 -#define SO_HIP_MHADDR_ACTIVE 86 -#define SO_HIP_MHADDR_LAZY 87 +#define SO_HIP_MHADDR_ACTIVE 86 +#define SO_HIP_MHADDR_LAZY 87 /** Socket option for hipconf to restart daemon. */ -#define SO_HIP_RESTART 88 +#define SO_HIP_RESTART 88 #define SO_HIP_SET_LOCATOR_ON 89 #define SO_HIP_SET_LOCATOR_OFF 90 #define SO_HIP_DHT_SET 91 #define SO_HIP_DHT_ON 92 #define SO_HIP_DHT_OFF 93 -#define SO_HIP_SET_OPPTCP_ON 94 -#define SO_HIP_SET_OPPTCP_OFF 95 -#define SO_HIP_SET_HI3_ON 96 -#define SO_HIP_SET_HI3_OFF 97 -#define SO_HIP_RESET_FIREWALL_DB 98 +#define SO_HIP_SET_OPPTCP_ON 94 +#define SO_HIP_SET_OPPTCP_OFF 95 +#define SO_HIP_SET_HI3_ON 96 +#define SO_HIP_SET_HI3_OFF 97 +#define SO_HIP_RESET_FIREWALL_DB 98 -#define SO_HIP_OPPTCP_SEND_TCP_PACKET 99 +#define SO_HIP_OPPTCP_SEND_TCP_PACKET 99 #define SO_HIP_TRANSFORM_ORDER 100 /** Socket option for the server to offer the RVS service. (server side) */ -#define SO_HIP_OFFER_RVS 101 +#define SO_HIP_OFFER_RVS 101 /** Socket option for the server to cancel the RVS service. (server side) */ #define SO_HIP_CANCEL_RVS 102 /** Socket option for the server to reinit the RVS service. (server side) */ @@ -127,10 +127,10 @@ */ #define SO_HIP_ADD_DEL_SERVER 104 /** Socket option for the server to offer the HIP relay service. (server - side) */ + * side) */ #define SO_HIP_OFFER_HIPRELAY 106 /** Socket option for the server to cancel the HIP relay service. (server - side) */ + * side) */ #define SO_HIP_CANCEL_HIPRELAY 107 /** Socket option for hipconf to reinit the HIP relay service. (server side) */ #define SO_HIP_REINIT_RELAY 108 @@ -147,12 +147,12 @@ #define SO_HIP_SET_NAT_PLAIN_UDP 129 #define SO_HIP_SET_NAT_NONE 130 #define SO_HIP_SET_NAT_OFF SO_HIP_SET_NAT_NONE // XX FIXME: REMOVE -#define SO_HIP_SET_HIPPROXY_ON 131 -#define SO_HIP_SET_HIPPROXY_OFF 132 -#define SO_HIP_GET_PROXY_LOCAL_ADDRESS 133 -#define SO_HIP_HIPPROXY_STATUS_REQUEST 134 +#define SO_HIP_SET_HIPPROXY_ON 131 +#define SO_HIP_SET_HIPPROXY_OFF 132 +#define SO_HIP_GET_PROXY_LOCAL_ADDRESS 133 +#define SO_HIP_HIPPROXY_STATUS_REQUEST 134 #define SO_HIP_OPPTCP_UNBLOCK_AND_BLACKLIST 135 -#define SO_HIP_IPSEC_ADD_SA 136 +#define SO_HIP_IPSEC_ADD_SA 136 #define SO_HIP_SET_TCPTIMEOUT_ON 137 #define SO_HIP_SET_TCPTIMEOUT_OFF 138 #define SO_HIP_SET_NAT_ICE_UDP 139 @@ -161,18 +161,18 @@ #define SO_HIP_CERT_SPKI_VERIFY 142 #define SO_HIP_CERT_X509V3_SIGN 143 #define SO_HIP_CERT_X509V3_VERIFY 144 -#define SO_HIP_USERSPACE_IPSEC 145 -#define SO_HIP_ESP_PROT_TFM 146 -#define SO_HIP_BEX_STORE_UPDATE 147 +#define SO_HIP_USERSPACE_IPSEC 145 +#define SO_HIP_ESP_PROT_TFM 146 +#define SO_HIP_BEX_STORE_UPDATE 147 // free slot -#define SO_HIP_TRIGGER_UPDATE 149 +#define SO_HIP_TRIGGER_UPDATE 149 #define SO_HIP_FW_UPDATE_DB 152 #define SO_HIP_IPSEC_DELETE_SA 153 -#define SO_HIP_IPSEC_FLUSH_ALL_SA 154 -#define SO_HIP_ANCHOR_CHANGE 155 +#define SO_HIP_IPSEC_FLUSH_ALL_SA 154 +#define SO_HIP_ANCHOR_CHANGE 155 /* free slot */ #define SO_HIP_FW_BEX_DONE 157 -#define SO_HIP_RESTART_DUMMY_INTERFACE 158 +#define SO_HIP_RESTART_DUMMY_INTERFACE 158 #define SO_HIP_VERIFY_DHT_HDRR_RESP 159 /* free slots */ #define SO_HIP_BUDDIES_ON 162 @@ -196,30 +196,30 @@ #define SO_HIP_HIT_TO_IP_OFF 181 #define SO_HIP_HIT_TO_IP_ON 182 #define SO_HIP_HIT_TO_IP_SET 183 -#define SO_HIP_SET_NAT_PORT 184 +#define SO_HIP_SET_NAT_PORT 184 #define SO_HIP_SHOTGUN_ON 185 #define SO_HIP_SHOTGUN_OFF 186 #define SO_HIP_SIGN_BUDDY_X509V3 187 #define SO_HIP_SIGN_BUDDY_SPKI 188 #define SO_HIP_VERIFY_BUDDY_X509V3 189 #define SO_HIP_VERIFY_BUDDY_SPKI 190 -#define SO_HIP_OFFER_FULLRELAY 191 -#define SO_HIP_CANCEL_FULLRELAY 192 -#define SO_HIP_REINIT_FULLRELAY 193 -#define SO_HIP_FIREWALL_START 194 +#define SO_HIP_OFFER_FULLRELAY 191 +#define SO_HIP_CANCEL_FULLRELAY 192 +#define SO_HIP_REINIT_FULLRELAY 193 +#define SO_HIP_FIREWALL_START 194 #define SO_HIP_SET_DATAPACKET_MODE_ON 195 #define SO_HIP_SET_DATAPACKET_MODE_OFF 196 #define SO_HIP_BUILD_HOST_ID_SIGNATURE_DATAPACKET 197 #define SO_HIP_MANUAL_UPDATE_PACKET 198 /** Socket option for hipconf to set handover mode, hard or soft. */ -#define SO_HIP_HANDOVER_HARD 199 -#define SO_HIP_HANDOVER_SOFT 200 -#define SO_HIP_FIREWALL_STATUS 201 -#define SO_HIP_FW_FLUSH_SYS_OPP_HIP 202 +#define SO_HIP_HANDOVER_HARD 199 +#define SO_HIP_HANDOVER_SOFT 200 +#define SO_HIP_FIREWALL_STATUS 201 +#define SO_HIP_FW_FLUSH_SYS_OPP_HIP 202 /** @} */ /* inclusive */ -#define HIP_SO_ROOT_MAX 255 +#define HIP_SO_ROOT_MAX 255 #define SO_HIP_SET_NAT_ON SO_HIP_SET_NAT_PLAIN_UDP #define FLUSH_HA_INFO_DB 1 @@ -228,17 +228,17 @@ /****** FIREWALL ******/ // the states of the connections as kept in the firewall -#define FIREWALL_STATE_BEX_DEFAULT -1 //default entry -#define FIREWALL_STATE_BEX_NOT_SUPPORTED 0 //detected lack of HIP support at peer -#define FIREWALL_STATE_BEX_ESTABLISHED 1 //detected HIP support at peer +#define FIREWALL_STATE_BEX_DEFAULT -1 //default entry +#define FIREWALL_STATE_BEX_NOT_SUPPORTED 0 //detected lack of HIP support at peer +#define FIREWALL_STATE_BEX_ESTABLISHED 1 //detected HIP support at peer //definition of firewall db records -struct firewall_hl{ - struct in6_addr ip_peer; - hip_lsi_t lsi; - hip_hit_t hit_our; - hip_hit_t hit_peer; - int bex_state; +struct firewall_hl { + struct in6_addr ip_peer; + hip_lsi_t lsi; + hip_hit_t hit_our; + hip_hit_t hit_peer; + int bex_state; }; typedef struct firewall_hl firewall_hl_t; typedef struct hip_hadb_user_info_state firewall_cache_hl_t; @@ -246,16 +246,14 @@ /*----Firewall cache----*/ /*Values for the port cache of the firewall*/ -#define FIREWALL_PORT_CACHE_IPV6_TRAFFIC 1 -#define FIREWALL_PORT_CACHE_IPV4_TRAFFIC 3 -#define FIREWALL_PORT_CACHE_KEY_LENGTH 20 +#define FIREWALL_PORT_CACHE_IPV6_TRAFFIC 1 +#define FIREWALL_PORT_CACHE_IPV4_TRAFFIC 3 +#define FIREWALL_PORT_CACHE_KEY_LENGTH 20 -struct firewall_port_cache_hl -{ - char port_and_protocol[FIREWALL_PORT_CACHE_KEY_LENGTH]; //key - int traffic_type; //value +struct firewall_port_cache_hl { + char port_and_protocol[FIREWALL_PORT_CACHE_KEY_LENGTH]; //key + int traffic_type; //value }; typedef struct firewall_port_cache_hl firewall_port_cache_hl_t; #endif /* _HIP_ICOMM */ - === modified file 'lib/core/icomm.h.doxyme' --- lib/core/icomm.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/icomm.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/icomm.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/ife.h' --- lib/core/ife.h 2010-02-08 15:18:06 +0000 +++ lib/core/ife.h 2010-02-10 23:55:24 +0000 @@ -3,13 +3,13 @@ #define GOTO_OUT -3 /** A generic HIP error. This should be a value whose value does not overlap - with the global errno values. */ + * with the global errno values. */ #define EHIP 500 /** A generic error value for getaddrinfo() error since the negated library - error values overlap ernno values. */ + * error values overlap ernno values. */ #define EHADDRINFO 501 -/** +/** * @addtogroup ife * @{ */ @@ -24,12 +24,12 @@ * @param eval Set variable called 'err' to this value. */ #define HIP_IFE(func, eval) \ -{ \ - if (func) { \ - err = eval; \ - goto out_err; \ - } \ -} + { \ + if (func) { \ + err = eval; \ + goto out_err; \ + } \ + } /** * Use this macro to detect failures and exit function in case @@ -41,59 +41,58 @@ * @param eval Set variable called 'err' to this value. * @param args Arguments for HIP_ERROR(), use like with printf(). */ -#define HIP_IFEL(func, eval, args...) \ -{ \ - if (func) { \ - HIP_ERROR(args); \ - err = eval; \ - goto out_err; \ - } \ -} +#define HIP_IFEL(func, eval, args ...) \ + { \ + if (func) { \ + HIP_ERROR(args); \ + err = eval; \ + goto out_err; \ + } \ + } #define HIP_IFEB(func, eval, finally) \ -{ \ - if (func) { \ - err = eval; \ - finally;\ - goto out_err; \ - } else {\ - finally;\ - }\ -} - -#define HIP_IFEBL(func, eval, finally, args...) \ -{ \ - if (func) { \ - HIP_ERROR(args); \ - err = eval; \ - finally;\ - goto out_err; \ - } else {\ - finally;\ - }\ -} - -#define HIP_IFEBL2(func, eval, finally, args...) \ -{ \ - if (func) { \ - HIP_ERROR(args); \ - err = eval; \ - finally;\ - }\ -} + { \ + if (func) { \ + err = eval; \ + finally; \ + goto out_err; \ + } else { \ + finally; \ + } \ + } + +#define HIP_IFEBL(func, eval, finally, args ...) \ + { \ + if (func) { \ + HIP_ERROR(args); \ + err = eval; \ + finally; \ + goto out_err; \ + } else { \ + finally; \ + } \ + } + +#define HIP_IFEBL2(func, eval, finally, args ...) \ + { \ + if (func) { \ + HIP_ERROR(args); \ + err = eval; \ + finally; \ + } \ + } /** * HIP_IFCS takes a pointer and an command to execute and executes the * @c command if @c condition is @b not NULL. - */ -#define HIP_IFCS(condition, consequence)\ - if( condition ) { \ - consequence ; \ - } else { \ - HIP_DEBUG("No state information found.\n"); \ - } + */ +#define HIP_IFCS(condition, consequence) \ + if (condition) { \ + consequence; \ + } else { \ + HIP_DEBUG("No state information found.\n"); \ + } /** @} */ #endif /* _HIP_IFE */ - === modified file 'lib/core/ife.h.doxyme' --- lib/core/ife.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/ife.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/ife.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/kerncompat.h' --- lib/core/kerncompat.h 2010-01-19 09:28:42 +0000 +++ lib/core/kerncompat.h 2010-02-10 23:55:24 +0000 @@ -13,16 +13,17 @@ #include <string.h> typedef struct { } rwlock_t; -typedef uint8_t u8; -typedef uint16_t u16; -typedef uint32_t u32; -typedef struct { volatile int counter; } atomic_t; +typedef uint8_t u8; +typedef uint16_t u16; +typedef uint32_t u32; +typedef struct { volatile int counter; +} atomic_t; typedef struct { - /** @todo Is empty. */ + /** @todo Is empty. */ } spinlock_t; struct list_head { - struct list_head *next, *prev; + struct list_head *next, *prev; }; #ifndef IPPROTO_HIP @@ -38,7 +39,7 @@ #define hton64(i) (i) #define ntoh64(i) (i) #else - #define hton64(i) ( ((__u64)(htonl((i) & 0xffffffff)) << 32) | htonl(((i) >> 32) & 0xffffffff ) ) + #define hton64(i) (((__u64) (htonl((i) & 0xffffffff)) << 32) | htonl(((i) >> 32) & 0xffffffff )) #define ntoh64 hton64 #endif @@ -49,22 +50,22 @@ #define jiffies random() #define atomic_inc(x) \ - (++(*x).counter) + (++(*x).counter) #define atomic_read(x) \ - ((*x).counter) + ((*x).counter) #define atomic_dec_and_test(x) \ - (--((*x).counter) == 0) + (--((*x).counter) == 0) #define atomic_set(x, v) \ - ((*x).counter = v) + ((*x).counter = v) /* XX FIX: implement the locking for userspace properly */ -#define read_lock_irqsave(a,b) do {} while(0) -#define spin_unlock_irqrestore(a,b) do {} while(0) -#define write_lock_irqsave(a,b) do {} while(0) -#define write_unlock_irqrestore(a,b) do {} while(0) -#define read_unlock_irqrestore(a,b) do {} while(0) +#define read_lock_irqsave(a, b) do {} while (0) +#define spin_unlock_irqrestore(a, b) do {} while (0) +#define write_lock_irqsave(a, b) do {} while (0) +#define write_unlock_irqrestore(a, b) do {} while (0) +#define read_unlock_irqrestore(a, b) do {} while (0) #endif /* __HIP_KERN_COMPATIBILITY__ */ === modified file 'lib/core/kerncompat.h.doxyme' --- lib/core/kerncompat.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/kerncompat.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/kerncompat.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/linkedlist.c' --- lib/core/linkedlist.c 2010-02-06 15:19:35 +0000 +++ lib/core/linkedlist.c 2010-02-10 23:55:24 +0000 @@ -1,6 +1,6 @@ /** @file * This file defines a linked list for storing pointers. - * + * * @author Lauri Silvennoinen * @note Distributed under <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>. * @see linkedlist.h for usage instructions. @@ -13,188 +13,191 @@ void hip_ll_init(hip_ll_t *linkedlist) { - if(linkedlist != NULL) { - linkedlist->head = NULL; - linkedlist->element_count = 0; - } + if (linkedlist != NULL) { + linkedlist->head = NULL; + linkedlist->element_count = 0; + } } void hip_ll_uninit(hip_ll_t *linkedlist, free_elem_fn_t free_element) { - if(linkedlist == NULL || linkedlist->head == NULL) - return; - - hip_ll_node_t *pointer = NULL; - - /* Free the node currently at list head and move the next item to list - head. Continue this until the item at list head is NULL. If - free_element() is non-NULL we also free the memory allocated for the - actual element. */ - if(free_element != NULL) { - while(linkedlist->head != NULL) { - pointer = linkedlist->head->next; - free_element(linkedlist->head->ptr); - free(linkedlist->head); - linkedlist->head = pointer; - } - } else { - while(linkedlist->head != NULL) { - pointer = linkedlist->head->next; - free(linkedlist->head); - linkedlist->head = pointer; - } - } - - linkedlist->element_count = 0; + if (linkedlist == NULL || linkedlist->head == NULL) { + return; + } + + hip_ll_node_t *pointer = NULL; + + /* Free the node currently at list head and move the next item to list + * head. Continue this until the item at list head is NULL. If + * free_element() is non-NULL we also free the memory allocated for the + * actual element. */ + if (free_element != NULL) { + while (linkedlist->head != NULL) { + pointer = linkedlist->head->next; + free_element(linkedlist->head->ptr); + free(linkedlist->head); + linkedlist->head = pointer; + } + } else { + while (linkedlist->head != NULL) { + pointer = linkedlist->head->next; + free(linkedlist->head); + linkedlist->head = pointer; + } + } + + linkedlist->element_count = 0; } unsigned int hip_ll_get_size(const hip_ll_t *linkedlist) { - if(linkedlist == NULL) - return 0; - - return linkedlist->element_count; + if (linkedlist == NULL) { + return 0; + } + + return linkedlist->element_count; } int hip_ll_add(hip_ll_t *linkedlist, const unsigned int index, void *ptr) { - if (linkedlist == NULL || ptr == NULL) - return -1; - - hip_ll_node_t *newnode = NULL, *pointer = NULL; - unsigned int current_index = 0; - - if ((newnode = - (hip_ll_node_t*) malloc(sizeof(hip_ll_node_t))) == NULL) { - HIP_ERROR("Error on allocating memory for a linked list node.\n"); - return -1; - } - - newnode->ptr = ptr; - pointer = linkedlist->head; - - /* Item to add is the first item of the list or it is to be added as the - first one. */ - if(pointer == NULL || index == 0) { - newnode->next = pointer; - linkedlist->head = newnode; - linkedlist->element_count++; - } - /* There exist at least one element in the list and the new element is - not to be added as the first one. */ - else { - hip_ll_node_t *previous = pointer; - - /* Loop until "pointer" is at the last item. */ - while(pointer->next != NULL) { - - previous = pointer; - pointer = pointer->next; - current_index++; - - /* We have reached the target index and the index is not - the index of the last item in the list. */ - if(current_index == index) { - - newnode->next = pointer; - previous->next = newnode; - linkedlist->element_count++; - return 0; - } - } - /* The node is to be added as the last item of the list. */ - newnode->next = NULL; - pointer->next = newnode; - linkedlist->element_count++; - } - - return 0; + if (linkedlist == NULL || ptr == NULL) { + return -1; + } + + hip_ll_node_t *newnode = NULL, *pointer = NULL; + unsigned int current_index = 0; + + if ((newnode = + (hip_ll_node_t *) malloc(sizeof(hip_ll_node_t))) == NULL) { + HIP_ERROR("Error on allocating memory for a linked list node.\n"); + return -1; + } + + newnode->ptr = ptr; + pointer = linkedlist->head; + + /* Item to add is the first item of the list or it is to be added as the + * first one. */ + if (pointer == NULL || index == 0) { + newnode->next = pointer; + linkedlist->head = newnode; + linkedlist->element_count++; + } + /* There exist at least one element in the list and the new element is + * not to be added as the first one. */ + else { + hip_ll_node_t *previous = pointer; + + /* Loop until "pointer" is at the last item. */ + while (pointer->next != NULL) { + previous = pointer; + pointer = pointer->next; + current_index++; + + /* We have reached the target index and the index is not + * the index of the last item in the list. */ + if (current_index == index) { + newnode->next = pointer; + previous->next = newnode; + linkedlist->element_count++; + return 0; + } + } + /* The node is to be added as the last item of the list. */ + newnode->next = NULL; + pointer->next = newnode; + linkedlist->element_count++; + } + + return 0; } -void *hip_ll_del(hip_ll_t *linkedlist, const unsigned int index, - free_elem_fn_t free_element) +void *hip_ll_del(hip_ll_t *linkedlist, const unsigned int index, + free_elem_fn_t free_element) { - if(linkedlist == NULL || linkedlist->head == NULL) { - return NULL; - } else if(index > (linkedlist->element_count -1)) { - return NULL; - } - - hip_ll_node_t *pointer = NULL, *previous = NULL; - void *ptr = NULL; - unsigned int current_index = 0; - - if(index == 0) { - ptr = linkedlist->head->ptr; - pointer = linkedlist->head->next; - if(free_element != NULL) { - free_element(ptr); - ptr = NULL; - } - free(linkedlist->head); - linkedlist->head = pointer; - linkedlist->element_count--; - return ptr; - } - - pointer = previous = linkedlist->head; - - while(pointer->next != NULL) { - previous = pointer; - pointer = pointer->next; - current_index++; - - /* We have reached the target index. */ - if(current_index == index) { - if(pointer == NULL) { - previous->next = NULL; - } else { - previous->next = pointer->next; - } - ptr = pointer->ptr; - if(free_element != NULL) { - free_element(ptr); - ptr = NULL; - } - free(pointer); - linkedlist->element_count--; - break; - } - } - - return ptr; + if (linkedlist == NULL || linkedlist->head == NULL) { + return NULL; + } else if (index > (linkedlist->element_count - 1)) { + return NULL; + } + + hip_ll_node_t *pointer = NULL, *previous = NULL; + void *ptr = NULL; + unsigned int current_index = 0; + + if (index == 0) { + ptr = linkedlist->head->ptr; + pointer = linkedlist->head->next; + if (free_element != NULL) { + free_element(ptr); + ptr = NULL; + } + free(linkedlist->head); + linkedlist->head = pointer; + linkedlist->element_count--; + return ptr; + } + + pointer = previous = linkedlist->head; + + while (pointer->next != NULL) { + previous = pointer; + pointer = pointer->next; + current_index++; + + /* We have reached the target index. */ + if (current_index == index) { + if (pointer == NULL) { + previous->next = NULL; + } else { + previous->next = pointer->next; + } + ptr = pointer->ptr; + if (free_element != NULL) { + free_element(ptr); + ptr = NULL; + } + free(pointer); + linkedlist->element_count--; + break; + } + } + + return ptr; } void *hip_ll_get(hip_ll_t *linkedlist, const unsigned int index) { - if(linkedlist == NULL || linkedlist->head == NULL) { - return NULL; - } else if(index > (linkedlist->element_count -1)) { - return NULL; - } - - hip_ll_node_t *pointer = linkedlist->head; - unsigned int current_index = 0; - - while(pointer != NULL) { - if(current_index == index) { - break; - } - - pointer = pointer->next; - current_index++; - } - - return pointer->ptr; + if (linkedlist == NULL || linkedlist->head == NULL) { + return NULL; + } else if (index > (linkedlist->element_count - 1)) { + return NULL; + } + + hip_ll_node_t *pointer = linkedlist->head; + unsigned int current_index = 0; + + while (pointer != NULL) { + if (current_index == index) { + break; + } + + pointer = pointer->next; + current_index++; + } + + return pointer->ptr; } hip_ll_node_t *hip_ll_iterate(const hip_ll_t *linkedlist, - hip_ll_node_t *current) + hip_ll_node_t *current) { - if(linkedlist == NULL) - return NULL; - if(current == NULL) - return linkedlist->head; - - return current->next; + if (linkedlist == NULL) { + return NULL; + } + if (current == NULL) { + return linkedlist->head; + } + + return current->next; } === modified file 'lib/core/linkedlist.c.doxyme' --- lib/core/linkedlist.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/linkedlist.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,71 +45,70 @@ /** - * hip_ll_add + * hip_ll_add * * * @param linkedlist * @param index * @param ptr - * @return + * @return **/ /** - * hip_ll_del + * hip_ll_del * * * @param linkedlist * @param index * @param free_element - * @return + * @return **/ /** - * hip_ll_get + * hip_ll_get * * * @param linkedlist * @param index - * @return - **/ - - -/** - * hip_ll_get_size - * - * - * @param linkedlist - * @return - **/ - - -/** - * hip_ll_init - * - * - * @param linkedlist - * @return - **/ - - -/** - * hip_ll_iterate + * @return + **/ + + +/** + * hip_ll_get_size + * + * + * @param linkedlist + * @return + **/ + + +/** + * hip_ll_init + * + * + * @param linkedlist + * @return + **/ + + +/** + * hip_ll_iterate * * * @param linkedlist * @param current - * @return + * @return **/ /** - * hip_ll_uninit + * hip_ll_uninit * * * @param linkedlist * @param free_element - * @return + * @return **/ - === modified file 'lib/core/linkedlist.h' --- lib/core/linkedlist.h 2010-02-06 15:19:35 +0000 +++ lib/core/linkedlist.h 2010-02-10 23:55:24 +0000 @@ -22,16 +22,16 @@ #define HIP_LL_H /** Linked list node. */ -typedef struct hip_ll_node{ - void *ptr; /**< A pointer to node payload data. */ - struct hip_ll_node *next; /**< A pointer to next node. */ -}hip_ll_node_t; +typedef struct hip_ll_node { + void * ptr; /**< A pointer to node payload data. */ + struct hip_ll_node *next; /**< A pointer to next node. */ +} hip_ll_node_t; /** Linked list. */ -typedef struct{ - unsigned int element_count; /**< Total number of nodes in the list. */ - hip_ll_node_t *head; /**< A pointer to the first node of the list. */ -}hip_ll_t; +typedef struct { + unsigned int element_count; /**< Total number of nodes in the list. */ + hip_ll_node_t *head; /**< A pointer to the first node of the list. */ +} hip_ll_t; /** Linked list element memory deallocator function pointer. */ typedef void (*free_elem_fn_t)(void *ptr); @@ -42,7 +42,7 @@ * does nothing. * * @param linkedlist the list to init. - */ + */ void hip_ll_init(hip_ll_t *linkedlist); /** @@ -57,7 +57,7 @@ * <li>When @c free_element is <b>NULL</b> the memory allocated for the elements * is not freed, but only the nodes are freed.</li> * </ul> - * + * * @param linkedlist the list to uninitialize. * @param free_element a function pointer to a function for freeing the memory * allocated for an element stored in a node. @@ -66,7 +66,7 @@ * the memory allocated for the elements manually before * invoking this function, and then call this function with * NULL as @c free_element. - */ + */ void hip_ll_uninit(hip_ll_t *linkedlist, free_elem_fn_t free_element); /** @@ -74,7 +74,7 @@ * * @param linkedlist the list whose node count is to be returned. * @return number of nodes in the list. - */ + */ unsigned int hip_ll_get_size(const hip_ll_t *linkedlist); /** @@ -82,14 +82,14 @@ * parameter @c linkedlist with payload data @c ptr. If there are less than * (<code>index -1</code>) elements in the list, the element will be added as * the last element of the list. - * + * * <b>Example:</b> - * + * * <code>hip_ll_add(&mylist, 2, mydata);</code> will add @c mydata as the * third item of the list when there are more than two elements in @c mylist. * When there are less than two items in the list @c mydata will be added as * the last element of @c mylist. - * + * * @param linkedlist the list where to add the new node. * @param index the list index where to store the node. Indexing starts * from zero. @@ -112,7 +112,7 @@ */ static inline int hip_ll_add_first(hip_ll_t *linkedlist, void *ptr) { - return hip_ll_add(linkedlist, 0, ptr); + return hip_ll_add(linkedlist, 0, ptr); } /** @@ -127,7 +127,7 @@ */ static inline int hip_ll_add_last(hip_ll_t *linkedlist, void *ptr) { - return hip_ll_add(linkedlist, linkedlist->element_count, ptr); + return hip_ll_add(linkedlist, linkedlist->element_count, ptr); } /** @@ -154,7 +154,7 @@ * the list @c linkedlist itself is NULL. */ void *hip_ll_del(hip_ll_t *linkedlist, const unsigned int index, - free_elem_fn_t free_element); + free_elem_fn_t free_element); /** @@ -177,9 +177,9 @@ * @c linkedlist itself is NULL. */ static inline void *hip_ll_del_first(hip_ll_t *linkedlist, - free_elem_fn_t free_element) + free_elem_fn_t free_element) { - return hip_ll_del(linkedlist, 0, free_element); + return hip_ll_del(linkedlist, 0, free_element); } /** @@ -202,10 +202,10 @@ * @c linkedlist itself is NULL. */ static inline void *hip_ll_del_last(hip_ll_t *linkedlist, - free_elem_fn_t free_element) + free_elem_fn_t free_element) { - return hip_ll_del(linkedlist, linkedlist->element_count - 1, - free_element); + return hip_ll_del(linkedlist, linkedlist->element_count - 1, + free_element); } /** @@ -213,7 +213,7 @@ * stored in node at @c index. When there are less than (<code>index -1</code>) * nodes in the list, no action will be taken. * - * @param linkedlist the linked list from where to retrieve the element. + * @param linkedlist the linked list from where to retrieve the element. * @param index the list index of the @c node from where the element is to * be retrieved. Indexing starts from zero. * @return the next element or NULL if the list end has been reached @@ -230,10 +230,10 @@ * <pre> * hip_ll_node_t *iter = NULL; * while((iter = hip_ll_iterate(&list, iter)) != NULL) { - * ... Do stuff with iter ... - * } + * ... Do stuff with iter ... + * } * </pre> - * + * * @param linkedlist the linked list from where to retrieve the node. * @param current the current node or NULL if the first node from the list * is to be retrieved. @@ -244,6 +244,6 @@ * hip_ll_uninit() for deleting nodes and elements. */ hip_ll_node_t *hip_ll_iterate(const hip_ll_t *linkedlist, - hip_ll_node_t *current); + hip_ll_node_t *current); #endif /* HIP_LL_H */ === modified file 'lib/core/linkedlist.h.doxyme' --- lib/core/linkedlist.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/linkedlist.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/linkedlist.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/list.h' --- lib/core/list.h 2010-01-19 09:28:42 +0000 +++ lib/core/list.h 2010-02-10 23:55:24 +0000 @@ -7,8 +7,8 @@ typedef LHASH_NODE hip_list_t; /* OpenSSL 1.0.0 introduced backwards incompatible changes to the lhash. - These backwards compatibility hacks can be removed when all platforms - support OpenSSL 1.0.0 by default. */ + * These backwards compatibility hacks can be removed when all platforms + * support OpenSSL 1.0.0 by default. */ #ifdef LHASH_OF #ifndef HIPL_OPENSSL_100 #define HIPL_OPENSSL_100 @@ -29,7 +29,7 @@ * @param head the head for your list. */ #ifdef HIPL_OPENSSL_100 -#define list_find(entry, head) lh_retrieve((_LHASH *)head, entry) +#define list_find(entry, head) lh_retrieve((_LHASH *) head, entry) #else #define list_find(entry, head) lh_retrieve(head, entry) #endif @@ -41,8 +41,8 @@ * @param member the name of the list_struct within the struct. */ #define list_for_each(pos, head, counter) \ - for ((counter = ((struct lhash_st *)(head))->num_nodes - 1); counter >= 0; counter--) \ - for (pos = ((struct lhash_st *)(head))->b[counter]; pos != NULL; pos = pos->next) + for ((counter = ((struct lhash_st *) (head))->num_nodes - 1); counter >= 0; counter--) \ + for (pos = ((struct lhash_st *) (head))->b[counter]; pos != NULL; pos = pos->next) /** * list_for_each_safe @@ -52,9 +52,9 @@ * @param member the name of the list_struct within the struct. */ #define list_for_each_safe(pos, iter, head, counter) \ - for ((counter = (((struct lhash_st *) (head)))->num_nodes - 1); counter >= 0; counter--) \ - for (pos = (((struct lhash_st *)(head)))->b[counter], (iter = pos ? pos->next : NULL); \ - pos != NULL; pos = iter, (iter = pos ? pos->next : NULL)) + for ((counter = (((struct lhash_st *) (head)))->num_nodes - 1); counter >= 0; counter--) \ + for (pos = (((struct lhash_st *) (head)))->b[counter], (iter = pos ? pos->next : NULL); \ + pos != NULL; pos = iter, (iter = pos ? pos->next : NULL)) /** * list_add - add a new entry === modified file 'lib/core/list.h.doxyme' --- lib/core/list.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/list.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/list.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/message.c' --- lib/core/message.c 2010-01-19 09:28:42 +0000 +++ lib/core/message.c 2010-02-10 23:55:24 +0000 @@ -22,351 +22,367 @@ * @return Number of bytes received on success or a negative error value on * error. */ -int hip_peek_recv_total_len(int socket, int encap_hdr_size, unsigned long timeout) -{ - int bytes = 0, err = 0, flags = MSG_PEEK; - unsigned long timeout_left = timeout; - int hdr_size = encap_hdr_size + sizeof(struct hip_common); - char *msg = NULL; - hip_common_t *hip_hdr = NULL; - struct timespec ts; - - ts.tv_sec = 0; - ts.tv_nsec = 100000000; - - /* We're using system call here add thus reseting errno. */ - errno = 0; - - msg = (char *)malloc(hdr_size); - HIP_IFEL(!msg, -ENOMEM, "Error allocating memory.\n"); - - /* Make sure the socket does not block (bug id 806) */ - if (timeout >= 0) - flags |= MSG_DONTWAIT; - - do { - errno = 0; - nanosleep(&ts, NULL); - bytes = recv(socket, msg, hdr_size, flags); - timeout_left -= ts.tv_nsec; - _HIP_DEBUG("tol=%ld, ts=%ld, bytes=%d errno=%d\n", - timeout_left, ts.tv_nsec, bytes, errno); - } while (timeout_left > 0 && errno == EAGAIN && bytes < 0); - - if(bytes < 0) { - HIP_ERROR("recv() peek error (is hipd running?)\n"); - err = -EAGAIN; - goto out_err; - } else if (bytes < hdr_size) { - HIP_ERROR("Packet payload is smaller than HIP header. Dropping.\n"); - /* Read and discard the datagram */ - recv(socket, msg, 0, 0); - err = -bytes; - goto out_err; - } - - hip_hdr = (struct hip_common *) (msg + encap_hdr_size); - bytes = hip_get_msg_total_len(hip_hdr); - - if(bytes == 0) { - HIP_ERROR("HIP message is of zero length. Dropping.\n"); - recv(socket, msg, 0, 0); - err = -EBADMSG; - errno = EBADMSG; - goto out_err; - } - - /* The maximum possible length value is equal to HIP_MAX_PACKET. - if(bytes > HIP_MAX_PACKET) { - HIP_ERROR("HIP message max length exceeded. Dropping.\n"); - recv(socket, msg, 0, 0); - err = -EMSGSIZE; - errno = EMSGSIZE; - goto out_err; - } */ - - bytes += encap_hdr_size; - - out_err: - if (msg != NULL) - free(msg); - - if (err) - return err; - - return bytes; -} - -int hip_daemon_connect(int hip_user_sock) { - int err = 0; - struct sockaddr_in6 daemon_addr; - // We're using system call here add thus reseting errno. - errno = 0; - - memset(&daemon_addr, 0, sizeof(daemon_addr)); - daemon_addr.sin6_family = AF_INET6; - daemon_addr.sin6_port = htons(HIP_DAEMON_LOCAL_PORT); - daemon_addr.sin6_addr = in6addr_loopback; - - HIP_IFEL(connect(hip_user_sock, (struct sockaddr *) &daemon_addr, - sizeof(daemon_addr)), -1, - "connection to daemon failed\n"); - - out_err: - - return err; -} - -int hip_daemon_bind_socket(int socket, struct sockaddr *sa) { - int err = 0, port = 0, on = 1; - struct sockaddr_in6 *addr = (struct sockaddr_in6 *) sa; - - HIP_ASSERT(addr->sin6_family == AF_INET6); - - errno = 0; - - if (setsockopt(socket, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) { - HIP_DEBUG ("Failed to set socket option SO_REUSEADDR %s \n", strerror(errno)); - } - - if (addr->sin6_port) { - HIP_DEBUG("Bind to fixed port %d\n", addr->sin6_port); - err = bind(socket,(struct sockaddr *)addr, - sizeof(struct sockaddr_in6)); - err = -errno; - goto out_err; - } - - /* try to bind first to a priviledged port and then to ephemeral */ - port = 1000; - while (port++ < 61000) { - _HIP_DEBUG("trying bind() to port %d\n", port); - addr->sin6_port = htons(port); - err = bind(socket,(struct sockaddr *)addr, - hip_sockaddr_len(addr)); - if (err == -1) { - if (errno == EACCES) { - /* Ephemeral ports: - /proc/sys/net/ipv4/ip_local_port_range */ - _HIP_DEBUG("Skipping to ephemeral range\n"); - port = 32768; - errno = 0; - err = 0; - } else if (errno == EADDRINUSE) { - _HIP_DEBUG("Port %d in use, skip\n", port); - errno = 0; - err = 0; - } else { - HIP_ERROR("Error %d bind() wasn't succesful\n", - errno); - err = -1; - goto out_err; - } - } - else { - _HIP_DEBUG("Bind() to port %d successful\n", port); - goto out_err; - } - } - - if (port == 61000) { - HIP_ERROR("All privileged ports were occupied\n"); - err = -1; - } - - out_err: - return err; +int hip_peek_recv_total_len(int socket, + int encap_hdr_size, + unsigned long timeout) +{ + int bytes = 0, err = 0, flags = MSG_PEEK; + unsigned long timeout_left = timeout; + int hdr_size = encap_hdr_size + sizeof(struct hip_common); + char *msg = NULL; + hip_common_t *hip_hdr = NULL; + struct timespec ts; + + ts.tv_sec = 0; + ts.tv_nsec = 100000000; + + /* We're using system call here add thus reseting errno. */ + errno = 0; + + msg = (char *) malloc(hdr_size); + HIP_IFEL(!msg, -ENOMEM, "Error allocating memory.\n"); + + /* Make sure the socket does not block (bug id 806) */ + if (timeout >= 0) { + flags |= MSG_DONTWAIT; + } + + do { + errno = 0; + nanosleep(&ts, NULL); + bytes = recv(socket, msg, hdr_size, flags); + timeout_left -= ts.tv_nsec; + _HIP_DEBUG("tol=%ld, ts=%ld, bytes=%d errno=%d\n", + timeout_left, ts.tv_nsec, bytes, errno); + } while (timeout_left > 0 && errno == EAGAIN && bytes < 0); + + if (bytes < 0) { + HIP_ERROR("recv() peek error (is hipd running?)\n"); + err = -EAGAIN; + goto out_err; + } else if (bytes < hdr_size) { + HIP_ERROR("Packet payload is smaller than HIP header. Dropping.\n"); + /* Read and discard the datagram */ + recv(socket, msg, 0, 0); + err = -bytes; + goto out_err; + } + + hip_hdr = (struct hip_common *) (msg + encap_hdr_size); + bytes = hip_get_msg_total_len(hip_hdr); + + if (bytes == 0) { + HIP_ERROR("HIP message is of zero length. Dropping.\n"); + recv(socket, msg, 0, 0); + err = -EBADMSG; + errno = EBADMSG; + goto out_err; + } + + /* The maximum possible length value is equal to HIP_MAX_PACKET. + * if(bytes > HIP_MAX_PACKET) { + * HIP_ERROR("HIP message max length exceeded. Dropping.\n"); + * recv(socket, msg, 0, 0); + * err = -EMSGSIZE; + * errno = EMSGSIZE; + * goto out_err; + * } */ + + bytes += encap_hdr_size; + +out_err: + if (msg != NULL) { + free(msg); + } + + if (err) { + return err; + } + + return bytes; +} + +int hip_daemon_connect(int hip_user_sock) +{ + int err = 0; + struct sockaddr_in6 daemon_addr; + // We're using system call here add thus reseting errno. + errno = 0; + + memset(&daemon_addr, 0, sizeof(daemon_addr)); + daemon_addr.sin6_family = AF_INET6; + daemon_addr.sin6_port = htons(HIP_DAEMON_LOCAL_PORT); + daemon_addr.sin6_addr = in6addr_loopback; + + HIP_IFEL(connect(hip_user_sock, (struct sockaddr *) &daemon_addr, + sizeof(daemon_addr)), -1, + "connection to daemon failed\n"); + +out_err: + + return err; +} + +int hip_daemon_bind_socket(int socket, struct sockaddr *sa) +{ + int err = 0, port = 0, on = 1; + struct sockaddr_in6 *addr = (struct sockaddr_in6 *) sa; + + HIP_ASSERT(addr->sin6_family == AF_INET6); + + errno = 0; + + if (setsockopt(socket, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1) { + HIP_DEBUG("Failed to set socket option SO_REUSEADDR %s \n", + strerror(errno)); + } + + if (addr->sin6_port) { + HIP_DEBUG("Bind to fixed port %d\n", addr->sin6_port); + err = bind(socket, (struct sockaddr *) addr, + sizeof(struct sockaddr_in6)); + err = -errno; + goto out_err; + } + + /* try to bind first to a priviledged port and then to ephemeral */ + port = 1000; + while (port++ < 61000) { + _HIP_DEBUG("trying bind() to port %d\n", port); + addr->sin6_port = htons(port); + err = bind(socket, (struct sockaddr *) addr, + hip_sockaddr_len(addr)); + if (err == -1) { + if (errno == EACCES) { + /* Ephemeral ports: + * /proc/sys/net/ipv4/ip_local_port_range */ + _HIP_DEBUG("Skipping to ephemeral range\n"); + port = 32768; + errno = 0; + err = 0; + } else if (errno == EADDRINUSE) { + _HIP_DEBUG("Port %d in use, skip\n", port); + errno = 0; + err = 0; + } else { + HIP_ERROR("Error %d bind() wasn't succesful\n", + errno); + err = -1; + goto out_err; + } + } else { + _HIP_DEBUG("Bind() to port %d successful\n", port); + goto out_err; + } + } + + if (port == 61000) { + HIP_ERROR("All privileged ports were occupied\n"); + err = -1; + } + +out_err: + return err; } /* do not call this function directly, use hip_send_recv_daemon_info instead */ int hip_sendto_hipd(int socket, struct hip_common *msg, int len) { - /* Variables. */ - struct sockaddr_in6 sock_addr; - int n = -1, alen; - - memset(&sock_addr, 0, sizeof(sock_addr)); - sock_addr.sin6_family = AF_INET6; - sock_addr.sin6_port = htons(HIP_DAEMON_LOCAL_PORT); - sock_addr.sin6_addr = in6addr_loopback; - - alen = sizeof(sock_addr); - - HIP_DEBUG("Sending user message %d to HIPD on socket %d\n", - hip_get_msg_type(msg), socket); - - n = sendto(socket, msg, /*hip_get_msg_total_len(msg)*/ len, MSG_NOSIGNAL, - (struct sockaddr *)&sock_addr, alen); - HIP_DEBUG("Sent %d bytes\n", n); - - return n; + /* Variables. */ + struct sockaddr_in6 sock_addr; + int n = -1, alen; + + memset(&sock_addr, 0, sizeof(sock_addr)); + sock_addr.sin6_family = AF_INET6; + sock_addr.sin6_port = htons(HIP_DAEMON_LOCAL_PORT); + sock_addr.sin6_addr = in6addr_loopback; + + alen = sizeof(sock_addr); + + HIP_DEBUG("Sending user message %d to HIPD on socket %d\n", + hip_get_msg_type(msg), socket); + + n = sendto(socket, msg, /*hip_get_msg_total_len(msg)*/ len, MSG_NOSIGNAL, + (struct sockaddr *) &sock_addr, alen); + HIP_DEBUG("Sent %d bytes\n", n); + + return n; } /* * Don't call this function directly. Use hip_send_recv_daemon_info instead */ -int hip_send_recv_daemon_info_internal(struct hip_common *msg, int opt_socket) { - - int hip_user_sock = 0, err = 0, n = 0, len = 0; - struct sockaddr_in6 addr; - uint8_t msg_type_old, msg_type_new; - - msg_type_old = hip_get_msg_type(msg); - - // We're using system call here and thus reseting errno. - errno = 0; - - if (opt_socket) { - hip_user_sock = opt_socket; - } else { - HIP_IFE(((hip_user_sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0), EHIP); - - memset(&addr, 0, sizeof(addr)); - addr.sin6_family = AF_INET6; - addr.sin6_addr = in6addr_loopback; - - HIP_IFEL(hip_daemon_bind_socket(hip_user_sock, - (struct sockaddr *) &addr), -1, - "bind failed\n"); - /* Connect to hipd. Otherwise e.g. "hipconf get ha all" - blocks when hipd is not running. */ - HIP_IFEL(hip_daemon_connect(hip_user_sock), -1, - "connect failed\n"); - } - - if ((len = hip_get_msg_total_len(msg)) < 0) { - err = -EBADMSG; - goto out_err; - } - - /* Require a response from hipd */ - hip_set_msg_response(msg, 1); - - n = hip_sendto_hipd(hip_user_sock, msg, len); - if (n < len) { - HIP_ERROR("Could not send message to daemon.\n"); - err = -ECOMM; - goto out_err; - } - - HIP_DEBUG("Waiting to receive daemon info.\n"); - - if((len = hip_peek_recv_total_len(hip_user_sock, 0, HIP_DEFAULT_MSG_TIMEOUT)) < 0) { - err = len; - goto out_err; - } - - n = recv(hip_user_sock, msg, len, 0); - - /* You have a message synchronization problem if you see this error. */ - msg_type_new = hip_get_msg_type(msg); - HIP_IFEL((msg_type_new != msg_type_old), -1, - "Message sync problem. Expected %d, got %d\n", - msg_type_old, msg_type_new); - - HIP_DEBUG("%d bytes received from HIP daemon\n", n); - - if (n == 0) { - HIP_INFO("The HIP daemon has performed an "\ - "orderly shutdown.\n"); - // Note. This is not an error condition, thus we return zero. - goto out_err; - } else if(n < sizeof(struct hip_common)) { - HIP_ERROR("Could not receive message from daemon.\n"); - goto out_err; - } - - if (hip_get_msg_err(msg)) { - HIP_ERROR("HIP message contained an error.\n"); - err = -EHIP; - } - - _HIP_DEBUG("Message received successfully\n"); - - out_err: - - if (!opt_socket && hip_user_sock) - close(hip_user_sock); - - return err; -} - -int hip_send_recv_daemon_info(struct hip_common *msg, int send_only, int opt_socket) { - int hip_user_sock = 0, err = 0, n, len; - struct sockaddr_in6 addr; - - if (!send_only) - return hip_send_recv_daemon_info_internal(msg, opt_socket); - - if (opt_socket) { - hip_user_sock = opt_socket; - } else { - HIP_IFE(((hip_user_sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0), -1); - memset(&addr, 0, sizeof(addr)); - addr.sin6_family = AF_INET6; - addr.sin6_addr = in6addr_loopback; - - HIP_IFEL(hip_daemon_bind_socket(hip_user_sock, - (struct sockaddr *) &addr), -1, - "bind failed\n"); - HIP_IFEL(hip_daemon_connect(hip_user_sock), -1, - "connect failed\n"); - } - - len = hip_get_msg_total_len(msg); - n = send(hip_user_sock, msg, len, 0); - - if (n < len) { - HIP_ERROR("Could not send message to daemon.\n"); - err = -1; - goto out_err; - } - - out_err: - if (!opt_socket && hip_user_sock) - close(hip_user_sock); - - return err; -} - -int hip_recv_daemon_info(struct hip_common *msg, uint16_t info_type) { - /** @todo required by the native HIP API */ - /* Call first send_daemon_info with info_type and then recvfrom */ - return -1; +int hip_send_recv_daemon_info_internal(struct hip_common *msg, int opt_socket) +{ + int hip_user_sock = 0, err = 0, n = 0, len = 0; + struct sockaddr_in6 addr; + uint8_t msg_type_old, msg_type_new; + + msg_type_old = hip_get_msg_type(msg); + + // We're using system call here and thus reseting errno. + errno = 0; + + if (opt_socket) { + hip_user_sock = opt_socket; + } else { + HIP_IFE(((hip_user_sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0), EHIP); + + memset(&addr, 0, sizeof(addr)); + addr.sin6_family = AF_INET6; + addr.sin6_addr = in6addr_loopback; + + HIP_IFEL(hip_daemon_bind_socket(hip_user_sock, + (struct sockaddr *) &addr), -1, + "bind failed\n"); + /* Connect to hipd. Otherwise e.g. "hipconf get ha all" + * blocks when hipd is not running. */ + HIP_IFEL(hip_daemon_connect(hip_user_sock), -1, + "connect failed\n"); + } + + if ((len = hip_get_msg_total_len(msg)) < 0) { + err = -EBADMSG; + goto out_err; + } + + /* Require a response from hipd */ + hip_set_msg_response(msg, 1); + + n = hip_sendto_hipd(hip_user_sock, msg, len); + if (n < len) { + HIP_ERROR("Could not send message to daemon.\n"); + err = -ECOMM; + goto out_err; + } + + HIP_DEBUG("Waiting to receive daemon info.\n"); + + if ((len = hip_peek_recv_total_len(hip_user_sock, 0, HIP_DEFAULT_MSG_TIMEOUT)) < 0) { + err = len; + goto out_err; + } + + n = recv(hip_user_sock, msg, len, 0); + + /* You have a message synchronization problem if you see this error. */ + msg_type_new = hip_get_msg_type(msg); + HIP_IFEL((msg_type_new != msg_type_old), -1, + "Message sync problem. Expected %d, got %d\n", + msg_type_old, msg_type_new); + + HIP_DEBUG("%d bytes received from HIP daemon\n", n); + + if (n == 0) { + HIP_INFO("The HIP daemon has performed an " \ + "orderly shutdown.\n"); + // Note. This is not an error condition, thus we return zero. + goto out_err; + } else if (n < sizeof(struct hip_common)) { + HIP_ERROR("Could not receive message from daemon.\n"); + goto out_err; + } + + if (hip_get_msg_err(msg)) { + HIP_ERROR("HIP message contained an error.\n"); + err = -EHIP; + } + + _HIP_DEBUG("Message received successfully\n"); + +out_err: + + if (!opt_socket && hip_user_sock) { + close(hip_user_sock); + } + + return err; +} + +int hip_send_recv_daemon_info(struct hip_common *msg, + int send_only, + int opt_socket) +{ + int hip_user_sock = 0, err = 0, n, len; + struct sockaddr_in6 addr; + + if (!send_only) { + return hip_send_recv_daemon_info_internal(msg, opt_socket); + } + + if (opt_socket) { + hip_user_sock = opt_socket; + } else { + HIP_IFE(((hip_user_sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0), -1); + memset(&addr, 0, sizeof(addr)); + addr.sin6_family = AF_INET6; + addr.sin6_addr = in6addr_loopback; + + HIP_IFEL(hip_daemon_bind_socket(hip_user_sock, + (struct sockaddr *) &addr), -1, + "bind failed\n"); + HIP_IFEL(hip_daemon_connect(hip_user_sock), -1, + "connect failed\n"); + } + + len = hip_get_msg_total_len(msg); + n = send(hip_user_sock, msg, len, 0); + + if (n < len) { + HIP_ERROR("Could not send message to daemon.\n"); + err = -1; + goto out_err; + } + +out_err: + if (!opt_socket && hip_user_sock) { + close(hip_user_sock); + } + + return err; +} + +int hip_recv_daemon_info(struct hip_common *msg, uint16_t info_type) +{ + /** @todo required by the native HIP API */ + /* Call first send_daemon_info with info_type and then recvfrom */ + return -1; } int hip_read_user_control_msg(int socket, struct hip_common *hip_msg, - struct sockaddr_in6 *saddr) + struct sockaddr_in6 *saddr) { - int err = 0, bytes = 0, total; - socklen_t len; - - memset(saddr, 0, sizeof(*saddr)); - - len = sizeof(*saddr); - - HIP_IFEL(((total = hip_peek_recv_total_len(socket, 0, HIP_DEFAULT_MSG_TIMEOUT)) <= 0), -1, - "recv peek failed\n"); - - _HIP_DEBUG("msg total length = %d\n", total); - - /** @todo Compiler warning; - warning: pointer targets in passing argument 6 of 'recvfrom' - differ in signedness. */ - HIP_IFEL(((bytes = recvfrom(socket, hip_msg, total, 0, - (struct sockaddr *) saddr, - &len)) != total), -1, "recv\n"); - - HIP_DEBUG("received user message from local port %d\n", - ntohs(saddr->sin6_port)); - _HIP_DEBUG("read_user_control_msg recv len=%d\n", len); - _HIP_HEXDUMP("recv saddr ", saddr, sizeof(struct sockaddr_un)); - _HIP_DEBUG("read %d bytes succesfully\n", bytes); - out_err: - if (bytes < 0 || err) - HIP_PERROR("perror: "); - - return err; + int err = 0, bytes = 0, total; + socklen_t len; + + memset(saddr, 0, sizeof(*saddr)); + + len = sizeof(*saddr); + + HIP_IFEL(((total = hip_peek_recv_total_len(socket, 0, HIP_DEFAULT_MSG_TIMEOUT)) <= 0), + -1, + "recv peek failed\n"); + + _HIP_DEBUG("msg total length = %d\n", total); + + /** @todo Compiler warning; + * warning: pointer targets in passing argument 6 of 'recvfrom' + * differ in signedness. */ + HIP_IFEL(((bytes = recvfrom(socket, hip_msg, total, 0, + (struct sockaddr *) saddr, + &len)) != total), -1, "recv\n"); + + HIP_DEBUG("received user message from local port %d\n", + ntohs(saddr->sin6_port)); + _HIP_DEBUG("read_user_control_msg recv len=%d\n", len); + _HIP_HEXDUMP("recv saddr ", saddr, sizeof(struct sockaddr_un)); + _HIP_DEBUG("read %d bytes succesfully\n", bytes); +out_err: + if (bytes < 0 || err) { + HIP_PERROR("perror: "); + } + + return err; } /* Moved function doxy descriptor to the header file. Lauri 11.03.2008 */ @@ -376,169 +392,174 @@ hip_portpair_t *msg_info, int encap_hdr_size, int is_ipv4) { - struct sockaddr_storage addr_from, addr_to; - struct sockaddr_in *addr_from4 = ((struct sockaddr_in *) &addr_from); - struct sockaddr_in6 *addr_from6 = - ((struct sockaddr_in6 *) &addr_from); - struct cmsghdr *cmsg; - struct msghdr msg; - union { - struct in_pktinfo *pktinfo_in4; - struct inet6_pktinfo *pktinfo_in6; - } pktinfo; - struct iovec iov; - char cbuff[CMSG_SPACE(256)]; - int err = 0, len; - int cmsg_level, cmsg_type; - - HIP_ASSERT(saddr); - HIP_ASSERT(daddr); - - HIP_DEBUG("hip_read_control_msg_all() invoked.\n"); - - HIP_IFEL(((len = hip_peek_recv_total_len(socket, encap_hdr_size, HIP_DEFAULT_MSG_TIMEOUT))<= 0), - -1, "Bad packet length (%d)\n", len); - - memset(msg_info, 0, sizeof(hip_portpair_t)); - memset(&msg, 0, sizeof(msg)); - memset(cbuff, 0, sizeof(cbuff)); - memset(&addr_to, 0, sizeof(addr_to)); - - /* setup message header with control and receive buffers */ - msg.msg_name = &addr_from; - msg.msg_namelen = sizeof(struct sockaddr_storage); - msg.msg_iov = &iov; - msg.msg_iovlen = 1; - - memset(cbuff, 0, sizeof(cbuff)); - msg.msg_control = cbuff; - msg.msg_controllen = sizeof(cbuff); - msg.msg_flags = 0; - - iov.iov_len = len; - iov.iov_base = hip_msg; - - pktinfo.pktinfo_in4 = NULL; - - len = recvmsg(socket, &msg, 0); - - HIP_IFEL((len < 0), -1, "ICMP%s error: errno=%d, %s\n", - (is_ipv4 ? "v4" : "v6"), errno, strerror(errno)); - - cmsg_level = (is_ipv4) ? IPPROTO_IP : IPPROTO_IPV6; - cmsg_type = (is_ipv4) ? IP_PKTINFO : IPV6_2292PKTINFO; - - /* destination address comes from ancillary data passed - * with msg due to IPV6_PKTINFO socket option */ - for (cmsg=CMSG_FIRSTHDR(&msg); cmsg; cmsg=CMSG_NXTHDR(&msg,cmsg)){ - if ((cmsg->cmsg_level == cmsg_level) && - (cmsg->cmsg_type == cmsg_type)) { - /* The structure is a union, so this fills also the - pktinfo_in6 pointer */ - pktinfo.pktinfo_in4 = - (struct in_pktinfo*)CMSG_DATA(cmsg); - break; - } - } - - /* If this fails, change IPV6_2292PKTINFO to IPV6_PKTINFO in - hip_init_raw_sock_v6 */ - HIP_IFEL(!pktinfo.pktinfo_in4, -1, - "Could not determine dst addr, dropping\n"); - - /* UDP port numbers */ - if (is_ipv4 && encap_hdr_size == HIP_UDP_ZERO_BYTES_LEN) { - HIP_DEBUG("hip_read_control_msg_all() source port = %d\n", - ntohs(addr_from4->sin_port)); - msg_info->src_port = ntohs(addr_from4->sin_port); - /* Destination port is known from the bound socket. */ - msg_info->dst_port = hip_get_local_nat_udp_port(); - } - - /* IPv4 addresses */ - if (is_ipv4) { - struct sockaddr_in *addr_to4 = (struct sockaddr_in *) &addr_to; - IPV4_TO_IPV6_MAP(&addr_from4->sin_addr, saddr); - IPV4_TO_IPV6_MAP(&pktinfo.pktinfo_in4->ipi_addr, - daddr); - addr_to4->sin_family = AF_INET; - addr_to4->sin_addr = pktinfo.pktinfo_in4->ipi_addr; - addr_to4->sin_port = msg_info->dst_port; - } else /* IPv6 addresses */ { - struct sockaddr_in6 *addr_to6 = - (struct sockaddr_in6 *) &addr_to; - memcpy(saddr, &addr_from6->sin6_addr, - sizeof(struct in6_addr)); - memcpy(daddr, &pktinfo.pktinfo_in6->ipi6_addr, - sizeof(struct in6_addr)); - addr_to6->sin6_family = AF_INET6; - ipv6_addr_copy(&addr_to6->sin6_addr, daddr); - } + struct sockaddr_storage addr_from, addr_to; + struct sockaddr_in *addr_from4 = ((struct sockaddr_in *) &addr_from); + struct sockaddr_in6 *addr_from6 = ((struct sockaddr_in6 *) &addr_from); + struct cmsghdr *cmsg = NULL; + struct msghdr msg; + union { + struct in_pktinfo * pktinfo_in4; + struct inet6_pktinfo *pktinfo_in6; + } pktinfo; + struct iovec iov; + char cbuff[CMSG_SPACE(256)]; + int err = 0, len; + int cmsg_level, cmsg_type; + + HIP_ASSERT(saddr); + HIP_ASSERT(daddr); + + HIP_DEBUG("hip_read_control_msg_all() invoked.\n"); + + HIP_IFEL(((len = hip_peek_recv_total_len(socket, encap_hdr_size, HIP_DEFAULT_MSG_TIMEOUT)) <= 0), + -1, "Bad packet length (%d)\n", len); + + memset(msg_info, 0, sizeof(hip_portpair_t)); + memset(&msg, 0, sizeof(msg)); + memset(cbuff, 0, sizeof(cbuff)); + memset(&addr_to, 0, sizeof(addr_to)); + + /* setup message header with control and receive buffers */ + msg.msg_name = &addr_from; + msg.msg_namelen = sizeof(struct sockaddr_storage); + msg.msg_iov = &iov; + msg.msg_iovlen = 1; + + memset(cbuff, 0, sizeof(cbuff)); + msg.msg_control = cbuff; + msg.msg_controllen = sizeof(cbuff); + msg.msg_flags = 0; + + iov.iov_len = len; + iov.iov_base = hip_msg; + + pktinfo.pktinfo_in4 = NULL; + + len = recvmsg(socket, &msg, 0); + + HIP_IFEL((len < 0), -1, "ICMP%s error: errno=%d, %s\n", + (is_ipv4 ? "v4" : "v6"), errno, strerror(errno)); + + cmsg_level = (is_ipv4) ? IPPROTO_IP : IPPROTO_IPV6; + cmsg_type = (is_ipv4) ? IP_PKTINFO : IPV6_2292PKTINFO; + + /* destination address comes from ancillary data passed + * with msg due to IPV6_PKTINFO socket option */ + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if ((cmsg->cmsg_level == cmsg_level) && + (cmsg->cmsg_type == cmsg_type)) { + /* The structure is a union, so this fills also the + * pktinfo_in6 pointer */ + pktinfo.pktinfo_in4 = + (struct in_pktinfo *) CMSG_DATA(cmsg); + break; + } + } + + /* If this fails, change IPV6_2292PKTINFO to IPV6_PKTINFO in + * hip_init_raw_sock_v6 */ + HIP_IFEL(!pktinfo.pktinfo_in4, -1, + "Could not determine dst addr, dropping\n"); + + /* UDP port numbers */ + if (is_ipv4 && encap_hdr_size == HIP_UDP_ZERO_BYTES_LEN) { + HIP_DEBUG("hip_read_control_msg_all() source port = %d\n", + ntohs(addr_from4->sin_port)); + msg_info->src_port = ntohs(addr_from4->sin_port); + /* Destination port is known from the bound socket. */ + msg_info->dst_port = hip_get_local_nat_udp_port(); + } + + /* IPv4 addresses */ + if (is_ipv4) { + struct sockaddr_in *addr_to4 = (struct sockaddr_in *) &addr_to; + IPV4_TO_IPV6_MAP(&addr_from4->sin_addr, saddr); + IPV4_TO_IPV6_MAP(&pktinfo.pktinfo_in4->ipi_addr, + daddr); + addr_to4->sin_family = AF_INET; + addr_to4->sin_addr = pktinfo.pktinfo_in4->ipi_addr; + addr_to4->sin_port = msg_info->dst_port; + } else { /* IPv6 addresses */ + struct sockaddr_in6 *addr_to6 = + (struct sockaddr_in6 *) &addr_to; + memcpy(saddr, &addr_from6->sin6_addr, + sizeof(struct in6_addr)); + memcpy(daddr, &pktinfo.pktinfo_in6->ipi6_addr, + sizeof(struct in6_addr)); + addr_to6->sin6_family = AF_INET6; + ipv6_addr_copy(&addr_to6->sin6_addr, daddr); + } //added by santtu - if (hip_read_control_msg_plugin_handler(hip_msg,len, saddr,msg_info->src_port)) - goto out_err; + if (hip_read_control_msg_plugin_handler(hip_msg, len, saddr, msg_info->src_port)) { + goto out_err; + } //endadd - if (is_ipv4 && (encap_hdr_size == IPV4_HDR_SIZE)) {/* raw IPv4, !UDP */ - /* For some reason, the IPv4 header is always included. - Let's remove it here. */ - memmove(hip_msg, ((char *)hip_msg) + IPV4_HDR_SIZE, - HIP_MAX_PACKET - IPV4_HDR_SIZE); - } else if (is_ipv4 && encap_hdr_size == HIP_UDP_ZERO_BYTES_LEN) { - /* remove 32-bits of zeroes between UDP and HIP headers */ - memmove(hip_msg, ((char *)hip_msg) + HIP_UDP_ZERO_BYTES_LEN, - HIP_MAX_PACKET - HIP_UDP_ZERO_BYTES_LEN); - } - - HIP_IFEL(hip_verify_network_header(hip_msg, - (struct sockaddr *) &addr_from, - (struct sockaddr *) &addr_to, - len - encap_hdr_size), -1, - "verifying network header failed\n"); - - - - if (saddr) - HIP_DEBUG_IN6ADDR("src", saddr); - if (daddr) - HIP_DEBUG_IN6ADDR("dst", daddr); - - out_err: - return err; + if (is_ipv4 && (encap_hdr_size == IPV4_HDR_SIZE)) { /* raw IPv4, !UDP */ + /* For some reason, the IPv4 header is always included. + * Let's remove it here. */ + memmove(hip_msg, ((char *) hip_msg) + IPV4_HDR_SIZE, + HIP_MAX_PACKET - IPV4_HDR_SIZE); + } else if (is_ipv4 && encap_hdr_size == HIP_UDP_ZERO_BYTES_LEN) { + /* remove 32-bits of zeroes between UDP and HIP headers */ + memmove(hip_msg, ((char *) hip_msg) + HIP_UDP_ZERO_BYTES_LEN, + HIP_MAX_PACKET - HIP_UDP_ZERO_BYTES_LEN); + } + + HIP_IFEL(hip_verify_network_header(hip_msg, + (struct sockaddr *) &addr_from, + (struct sockaddr *) &addr_to, + len - encap_hdr_size), -1, + "verifying network header failed\n"); + + + + if (saddr) { + HIP_DEBUG_IN6ADDR("src", saddr); + } + if (daddr) { + HIP_DEBUG_IN6ADDR("dst", daddr); + } + +out_err: + return err; } int hip_read_control_msg_v6(int socket, struct hip_common *hip_msg, - struct in6_addr *saddr, - struct in6_addr *daddr, + struct in6_addr *saddr, + struct in6_addr *daddr, hip_portpair_t *msg_info, int encap_hdr_size) { - return hip_read_control_msg_all(socket, hip_msg, saddr, - daddr, msg_info, encap_hdr_size, 0); + return hip_read_control_msg_all(socket, hip_msg, saddr, + daddr, msg_info, encap_hdr_size, 0); } int hip_read_control_msg_v4(int socket, struct hip_common *hip_msg, - struct in6_addr *saddr, - struct in6_addr *daddr, - hip_portpair_t *msg_info, - int encap_hdr_size) + struct in6_addr *saddr, + struct in6_addr *daddr, + hip_portpair_t *msg_info, + int encap_hdr_size) { - return hip_read_control_msg_all(socket, hip_msg, saddr, - daddr, msg_info, encap_hdr_size, 1); + return hip_read_control_msg_all(socket, hip_msg, saddr, + daddr, msg_info, encap_hdr_size, 1); } /* TODO Can this function be removed? */ -int hip_read_control_msg_plugin_handler(void* msg, int len, in6_addr_t * src_addr,in_port_t port) +int hip_read_control_msg_plugin_handler(void *msg, + int len, + in6_addr_t *src_addr, + in_port_t port) { - int err = 0; + int err = 0; #if 0 - //handle stun msg - if (hip_external_ice_receive_pkt_all(msg, len, src_addr,port)) { - err = 1; - goto out_err; - } + //handle stun msg + if (hip_external_ice_receive_pkt_all(msg, len, src_addr, port)) { + err = 1; + goto out_err; + } out_err: #endif - return err; + return err; } === modified file 'lib/core/message.c.doxyme' --- lib/core/message.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/message.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,37 +45,37 @@ /** - * hip_daemon_bind_socket + * hip_daemon_bind_socket * * * @param socket * @param sa - * @return + * @return **/ /** - * hip_daemon_connect + * hip_daemon_connect * * * @param hip_user_sock - * @return + * @return **/ /** - * hip_peek_recv_total_len + * hip_peek_recv_total_len * * * @param socket * @param encap_hdr_size * @param timeout - * @return + * @return **/ /** - * hip_read_control_msg_all + * hip_read_control_msg_all * * * @param socket @@ -84,98 +85,97 @@ * @param msg_info * @param encap_hdr_size * @param is_ipv4 - * @return + * @return **/ /** - * hip_read_control_msg_plugin_handler + * hip_read_control_msg_plugin_handler * * * @param msg * @param len * @param autogen.sh - * @return - **/ - - -/** - * hip_read_control_msg_v4 - * - * - * @param socket - * @param hip_msg - * @param saddr - * @param daddr - * @param msg_info - * @param encap_hdr_size - * @return - **/ - - -/** - * hip_read_control_msg_v6 - * - * - * @param socket - * @param hip_msg - * @param saddr - * @param daddr - * @param msg_info - * @param encap_hdr_size - * @return - **/ - - -/** - * hip_read_user_control_msg - * - * - * @param socket - * @param hip_msg - * @param saddr - * @return - **/ - - -/** - * hip_recv_daemon_info + * @return + **/ + + +/** + * hip_read_control_msg_v4 + * + * + * @param socket + * @param hip_msg + * @param saddr + * @param daddr + * @param msg_info + * @param encap_hdr_size + * @return + **/ + + +/** + * hip_read_control_msg_v6 + * + * + * @param socket + * @param hip_msg + * @param saddr + * @param daddr + * @param msg_info + * @param encap_hdr_size + * @return + **/ + + +/** + * hip_read_user_control_msg + * + * + * @param socket + * @param hip_msg + * @param saddr + * @return + **/ + + +/** + * hip_recv_daemon_info * * * @param msg * @param info_type - * @return + * @return **/ /** - * hip_send_recv_daemon_info + * hip_send_recv_daemon_info * * * @param msg * @param send_only * @param opt_socket - * @return + * @return **/ /** - * hip_send_recv_daemon_info_internal + * hip_send_recv_daemon_info_internal * * * @param msg * @param opt_socket - * @return + * @return **/ /** - * hip_sendto_hipd + * hip_sendto_hipd * * * @param socket * @param msg * @param len - * @return + * @return **/ - === modified file 'lib/core/message.h' --- lib/core/message.h 2010-01-19 11:26:32 +0000 +++ lib/core/message.h 2010-02-10 23:55:24 +0000 @@ -1,6 +1,6 @@ /** @file * A header file for message.c. - * + * * @author Miika Komu <miika_iki.fi> * @author Bing Zhou <bingzhou_cc.hut.fi> * @version 1.0 @@ -32,8 +32,8 @@ * * @param socket a socket file descriptor. * @param encap_hdr_size . - * @return - */ + * @return + */ int hip_peek_recv_total_len(int socket, int encap_hdr_size, unsigned long timeout); /** @@ -61,7 +61,7 @@ /** * . * - * @param msg a pointer to a HIP message. + * @param msg a pointer to a HIP message. * @param only_send . * @return . */ @@ -70,7 +70,7 @@ /** * . * - * @param msg a pointer to a HIP message. + * @param msg a pointer to a HIP message. * @param info_type . * @return . */ @@ -80,18 +80,19 @@ * . * * @param socket a socket file descriptor. - * @param hip_msg a pointer to a HIP message. + * @param hip_msg a pointer to a HIP message. * @param saddr a pointer to an IPv6 source address socket * structure. * @return . */ -int hip_read_user_control_msg(int socket, struct hip_common *hip_msg, - struct sockaddr_in6 *saddr); +int hip_read_user_control_msg(int socket, + struct hip_common *hip_msg, + struct sockaddr_in6 *saddr); /** * Prepares a @c hip_common struct based on information received from a socket. - * + * * Prepares a @c hip_common struct, allocates memory for buffers and nested * structs. Receives a message from socket and fills the @c hip_common struct * with the values from this message. @@ -108,56 +109,63 @@ * @param daddr a pointer to a buffer where to put the destination IP * address of the received message (if @c read_addr is set * to 1). - * @param msg_info a pointer to a buffer where to put the source and + * @param msg_info a pointer to a buffer where to put the source and * destination ports of the received message. * @param encap_hdr_size size of encapsulated header in bytes. * @param is_ipv4 a boolean value to indicate whether message is received * on IPv4. * @return -1 in case of an error, 0 otherwise. */ -int hip_read_control_msg_all(int socket, struct hip_common *hip_msg, +int hip_read_control_msg_all(int socket, + struct hip_common *hip_msg, struct in6_addr *saddr, struct in6_addr *daddr, hip_portpair_t *msg_info, - int encap_hdr_size, int is_ipv4 - ); + int encap_hdr_size, + int is_ipv4); /** * Reads an IPv6 control message. * * @param socket a socket file descriptor. - * @param hip_msg a pointer to a HIP message. + * @param hip_msg a pointer to a HIP message. * @param saddr source IPv6 address. * @param daddr destination IPv6 address. * @param msg_info transport layer source and destination port numbers. * @param encap_hdr_size . * @return . */ -int hip_read_control_msg_v6(int socket, struct hip_common *hip_msg, - struct in6_addr *saddr, - struct in6_addr *daddr, +int hip_read_control_msg_v6(int socket, + struct hip_common *hip_msg, + struct in6_addr *saddr, + struct in6_addr *daddr, hip_portpair_t *msg_info, int encap_hdr_size); /** * Reads an IPv4 control message. * * @param socket a socket file descriptor. - * @param hip_msg a pointer to a HIP message. + * @param hip_msg a pointer to a HIP message. * @param saddr source IPv4 address. * @param daddr destination IPv4 address. * @param msg_info transport layer source and destination port numbers. * @param encap_hdr_size . * @return . */ -int hip_read_control_msg_v4(int socket, struct hip_common *hip_msg, - struct in6_addr *saddr, - struct in6_addr *daddr, - hip_portpair_t *msg_info, - int encap_hdr_size); - -int hip_sendto(int sock, const struct hip_common *msg, - const struct sockaddr_in6 *dst); - -int hip_read_control_msg_plugin_handler(void* msg, int len, in6_addr_t * src_addr,in_port_t port); +int hip_read_control_msg_v4(int socket, + struct hip_common *hip_msg, + struct in6_addr *saddr, + struct in6_addr *daddr, + hip_portpair_t *msg_info, + int encap_hdr_size); + +int hip_sendto(int sock, + const struct hip_common *msg, + const struct sockaddr_in6 *dst); + +int hip_read_control_msg_plugin_handler(void *msg, + int len, + in6_addr_t *src_addr, + in_port_t port); #endif /* HIP_MESSAGE_H */ === modified file 'lib/core/message.h.doxyme' --- lib/core/message.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/message.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/message.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/misc.c' --- lib/core/misc.c 2010-02-08 21:28:25 +0000 +++ lib/core/misc.c 2010-02-10 23:55:24 +0000 @@ -18,7 +18,7 @@ // needed due to missing system inlcude for openWRT #ifndef HOST_NAME_MAX -#define HOST_NAME_MAX 64 +#define HOST_NAME_MAX 64 #endif /* Definitions */ @@ -29,7 +29,7 @@ /** Port numbers for NAT traversal of hip control packets. */ in_port_t hip_local_nat_udp_port = HIP_NAT_UDP_PORT; -in_port_t hip_peer_nat_udp_port = HIP_NAT_UDP_PORT; +in_port_t hip_peer_nat_udp_port = HIP_NAT_UDP_PORT; #ifdef CONFIG_HIP_OPPORTUNISTIC /** @@ -43,32 +43,35 @@ * href="http://hipl.hiit.fi/hipl/thesis_teresa_finez.pdf";>T. Finez, * Backwards Compatibility Experimentation with Host Identity Protocol * and Legacy Software and Networks , final project, December 2008</a> - + * */ int hip_opportunistic_ipv6_to_hit(const struct in6_addr *ip, - struct in6_addr *hit, - int hit_type){ - int err = 0; - u8 digest[HIP_AH_SHA_LEN]; - char *key = (char *) (ip); - unsigned int key_len = sizeof(struct in6_addr); - - HIP_IFE(hit_type != HIP_HIT_TYPE_HASH100, -ENOSYS); - _HIP_HEXDUMP("key", key, key_len); - HIP_IFEL((err = hip_build_digest(HIP_DIGEST_SHA1, key, key_len, digest)), err, - "Building of digest failed\n"); - - memcpy(hit, digest + (HIP_AH_SHA_LEN - sizeof(struct in6_addr)), - sizeof(struct in6_addr)); - - hit->s6_addr32[3] = 0; // this separates phit from normal hit - - set_hit_prefix(hit); - - out_err: - - return err; + struct in6_addr *hit, + int hit_type) +{ + int err = 0; + u8 digest[HIP_AH_SHA_LEN]; + char *key = (char *) (ip); + unsigned int key_len = sizeof(struct in6_addr); + + HIP_IFE(hit_type != HIP_HIT_TYPE_HASH100, -ENOSYS); + _HIP_HEXDUMP("key", key, key_len); + HIP_IFEL((err = hip_build_digest(HIP_DIGEST_SHA1, key, key_len, digest)), + err, + "Building of digest failed\n"); + + memcpy(hit, digest + (HIP_AH_SHA_LEN - sizeof(struct in6_addr)), + sizeof(struct in6_addr)); + + hit->s6_addr32[3] = 0; // this separates phit from normal hit + + set_hit_prefix(hit); + +out_err: + + return err; } + #endif //CONFIG_HIP_OPPORTUNISTIC @@ -85,46 +88,47 @@ * @return 1 if t1 is equal or later than t2, else 0. */ int hip_timeval_diff(const struct timeval *t1, - const struct timeval *t2, - struct timeval *result){ - struct timeval _t1, _t2; - _t1 = *t1; - _t2 = *t2; - - if (_t1.tv_usec < _t2.tv_usec) { - int nsec = (_t2.tv_usec - _t1.tv_usec) / 1000000 + 1; - _t2.tv_usec -= 1000000 * nsec; - _t2.tv_sec += nsec; - } - if (_t1.tv_usec - _t2.tv_usec > 1000000) { - int nsec = (_t1.tv_usec - _t2.tv_usec) / 1000000; - _t2.tv_usec += 1000000 * nsec; - _t2.tv_sec -= nsec; - } - - result->tv_sec = _t2.tv_sec - _t1.tv_sec; - result->tv_usec = _t2.tv_usec - _t1.tv_usec; - - return _t1.tv_sec >= _t2.tv_sec; -} - - -int hip_convert_hit_to_str(const hip_hit_t *hit, const char *prefix, char *hit_str) -{ - int err = 0; - - HIP_ASSERT(hit); - - memset(hit_str, 0, INET6_ADDRSTRLEN); - err = !hip_in6_ntop(hit, hit_str); - - if (prefix) { - memcpy(hit_str + strlen(hit_str), prefix, strlen(prefix)); - } - - return err; -} - + const struct timeval *t2, + struct timeval *result) +{ + struct timeval _t1, _t2; + _t1 = *t1; + _t2 = *t2; + + if (_t1.tv_usec < _t2.tv_usec) { + int nsec = (_t2.tv_usec - _t1.tv_usec) / 1000000 + 1; + _t2.tv_usec -= 1000000 * nsec; + _t2.tv_sec += nsec; + } + if (_t1.tv_usec - _t2.tv_usec > 1000000) { + int nsec = (_t1.tv_usec - _t2.tv_usec) / 1000000; + _t2.tv_usec += 1000000 * nsec; + _t2.tv_sec -= nsec; + } + + result->tv_sec = _t2.tv_sec - _t1.tv_sec; + result->tv_usec = _t2.tv_usec - _t1.tv_usec; + + return _t1.tv_sec >= _t2.tv_sec; +} + +int hip_convert_hit_to_str(const hip_hit_t *hit, + const char *prefix, + char *hit_str) +{ + int err = 0; + + HIP_ASSERT(hit); + + memset(hit_str, 0, INET6_ADDRSTRLEN); + err = !hip_in6_ntop(hit, hit_str); + + if (prefix) { + memcpy(hit_str + strlen(hit_str), prefix, strlen(prefix)); + } + + return err; +} /* * function maxof() @@ -134,27 +138,28 @@ * out: Returns the integer with the largest value from the * list provided. */ -int maxof(int num_args, ...){ - int max, i, a; - va_list ap; +int maxof(int num_args, ...) +{ + int max, i, a; + va_list ap; - va_start(ap, num_args); - max = va_arg(ap, int); - for (i = 2; i <= num_args; i++) { - if ((a = va_arg(ap, int)) > max) - max = a; + va_start(ap, num_args); + max = va_arg(ap, int); + for (i = 2; i <= num_args; i++) { + if ((a = va_arg(ap, int)) > max) { + max = a; } - va_end(ap); - return(max); + } + va_end(ap); + return max; } - int hip_lsi_are_equal(const hip_lsi_t *lsi1, - const hip_lsi_t *lsi2){ - return (ipv4_addr_cmp(lsi1, lsi2) == 0); + const hip_lsi_t *lsi2) +{ + return ipv4_addr_cmp(lsi1, lsi2) == 0; } - /** * hip_hit_is_bigger - compare two HITs * @param hit1 the first HIT to be compared @@ -163,73 +168,78 @@ * @return 1 if hit1 was bigger than hit2, or else 0 */ int hip_hit_is_bigger(const struct in6_addr *hit1, - const struct in6_addr *hit2){ - return (ipv6_addr_cmp(hit1, hit2) > 0); + const struct in6_addr *hit2) +{ + return ipv6_addr_cmp(hit1, hit2) > 0; } - int hip_hit_are_equal(const struct in6_addr *hit1, - const struct in6_addr *hit2){ - return (ipv6_addr_cmp(hit1, hit2) == 0); + const struct in6_addr *hit2) +{ + return ipv6_addr_cmp(hit1, hit2) == 0; } - /* * return value: 0 = match, >0 means non-match, -1 = error */ -int hip_id_type_match(const struct in6_addr *id, int id_type) { - int ret = 0, is_lsi = 0, is_hit = 0; - hip_lsi_t lsi; - - if (ipv6_addr_is_hit(id)) { - is_hit = 1; - } else if (IN6_IS_ADDR_V4MAPPED(id)) { - IPV6_TO_IPV4_MAP(id, &lsi); - if (IS_LSI32(lsi.s_addr)) - is_lsi = 1; - } - - HIP_ASSERT(!(is_lsi && is_hit)); - - if (id_type == HIP_ID_TYPE_HIT) - ret = (is_hit ? 1 : 0); - else if (id_type == HIP_ID_TYPE_LSI) - ret = (is_lsi ? 1 : 0); - else - ret = ((is_hit || is_lsi) ? 0 : 1); - - return ret; +int hip_id_type_match(const struct in6_addr *id, int id_type) +{ + int ret = 0, is_lsi = 0, is_hit = 0; + hip_lsi_t lsi; + + if (ipv6_addr_is_hit(id)) { + is_hit = 1; + } else if (IN6_IS_ADDR_V4MAPPED(id)) { + IPV6_TO_IPV4_MAP(id, &lsi); + if (IS_LSI32(lsi.s_addr)) { + is_lsi = 1; + } + } + + HIP_ASSERT(!(is_lsi && is_hit)); + + if (id_type == HIP_ID_TYPE_HIT) { + ret = (is_hit ? 1 : 0); + } else if (id_type == HIP_ID_TYPE_LSI) { + ret = (is_lsi ? 1 : 0); + } else { + ret = ((is_hit || is_lsi) ? 0 : 1); + } + + return ret; } -char* hip_in6_ntop(const struct in6_addr *in6, char *buf){ - if (!buf) - return NULL; - sprintf(buf, - "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", - ntohs(in6->s6_addr16[0]), ntohs(in6->s6_addr16[1]), - ntohs(in6->s6_addr16[2]), ntohs(in6->s6_addr16[3]), - ntohs(in6->s6_addr16[4]), ntohs(in6->s6_addr16[5]), - ntohs(in6->s6_addr16[6]), ntohs(in6->s6_addr16[7])); - return buf; +char *hip_in6_ntop(const struct in6_addr *in6, char *buf) +{ + if (!buf) { + return NULL; + } + sprintf(buf, + "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", + ntohs(in6->s6_addr16[0]), ntohs(in6->s6_addr16[1]), + ntohs(in6->s6_addr16[2]), ntohs(in6->s6_addr16[3]), + ntohs(in6->s6_addr16[4]), ntohs(in6->s6_addr16[5]), + ntohs(in6->s6_addr16[6]), ntohs(in6->s6_addr16[7])); + return buf; } unsigned long hip_hash_generic(const void *ptr) { - unsigned long hash = (unsigned long)(*((uint32_t *)ptr)); - return (hash % ULONG_MAX); + unsigned long hash = (unsigned long) (*((uint32_t *) ptr)); + return hash % ULONG_MAX; } int hip_match_generic(const void *ptr1, const void *ptr2) { - return (ptr1 != ptr2); + return ptr1 != ptr2; } /** - * Returns a generic linked list based on the hash table implementation. + * Returns a generic linked list based on the hash table implementation. */ HIP_HASHTABLE *hip_linked_list_init() { - return (HIP_HASHTABLE *)hip_ht_init(hip_hash_generic, hip_match_generic); + return (HIP_HASHTABLE *) hip_ht_init(hip_hash_generic, hip_match_generic); } /** @@ -239,36 +249,36 @@ * * Returns value in range: 0 <= x < range */ -unsigned long hip_hash_hit(const void *ptr){ - uint8_t hash[HIP_AH_SHA_LEN]; - - hip_build_digest(HIP_DIGEST_SHA1, ptr + sizeof(uint16_t), - 7 * sizeof(uint16_t), hash); - //hip_build_digest(HIP_DIGEST_SHA1, ptr, sizeof(hip_hit_t), hash); - - return *((unsigned long *)hash); -} - - -int hip_match_hit(const void *ptr1, const void *ptr2){ - return (hip_hash_hit(ptr1) != hip_hash_hit(ptr2)); -} - +unsigned long hip_hash_hit(const void *ptr) +{ + uint8_t hash[HIP_AH_SHA_LEN]; + + hip_build_digest(HIP_DIGEST_SHA1, ptr + sizeof(uint16_t), + 7 * sizeof(uint16_t), hash); + //hip_build_digest(HIP_DIGEST_SHA1, ptr, sizeof(hip_hit_t), hash); + + return *((unsigned long *) hash); +} + +int hip_match_hit(const void *ptr1, const void *ptr2) +{ + return hip_hash_hit(ptr1) != hip_hash_hit(ptr2); +} /* -unsigned long hip_hidb_hash(const void *ptr){ - hip_hit_t *hit = &(((struct hip_host_id_entry *) ptr)->lhi.hit); - unsigned long hash; - - hip_build_digest(HIP_DIGEST_SHA1, hit, sizeof(hip_hit_t), &hash); - - return hash; -} - -int hip_hidb_match(const void *ptr1, const void *ptr2){ - return (hip_hidb_hash(ptr1) != hip_hidb_hash(ptr2)); -} -*/ + * unsigned long hip_hidb_hash(const void *ptr){ + * hip_hit_t *hit = &(((struct hip_host_id_entry *) ptr)->lhi.hit); + * unsigned long hash; + * + * hip_build_digest(HIP_DIGEST_SHA1, hit, sizeof(hip_hit_t), &hash); + * + * return hash; + * } + * + * int hip_hidb_match(const void *ptr1, const void *ptr2){ + * return (hip_hidb_hash(ptr1) != hip_hidb_hash(ptr2)); + * } + */ @@ -279,50 +289,50 @@ * @return the encryption key length based on the chosen transform, * otherwise < 0 on error. */ -int hip_enc_key_length(int tid){ - int ret = -1; - - switch(tid) { - case HIP_ESP_AES_SHA1: - ret = 16; - break; - case HIP_ESP_3DES_SHA1: - ret = 24; - break; - case HIP_ESP_NULL_SHA1: - case HIP_ESP_NULL_NULL: - ret = 0; - break; - default: - HIP_ERROR("unknown tid=%d\n", tid); - HIP_ASSERT(0); - break; - } - - return ret; -} - - -int hip_hmac_key_length(int tid){ - int ret = -1; - switch(tid) { - case HIP_ESP_AES_SHA1: - case HIP_ESP_3DES_SHA1: - case HIP_ESP_NULL_SHA1: - ret = 20; - break; - case HIP_ESP_NULL_NULL: - ret = 0; - break; - default: - HIP_ERROR("unknown tid=%d\n", tid); - HIP_ASSERT(0); - break; - } - - return ret; -} - +int hip_enc_key_length(int tid) +{ + int ret = -1; + + switch (tid) { + case HIP_ESP_AES_SHA1: + ret = 16; + break; + case HIP_ESP_3DES_SHA1: + ret = 24; + break; + case HIP_ESP_NULL_SHA1: + case HIP_ESP_NULL_NULL: + ret = 0; + break; + default: + HIP_ERROR("unknown tid=%d\n", tid); + HIP_ASSERT(0); + break; + } + + return ret; +} + +int hip_hmac_key_length(int tid) +{ + int ret = -1; + switch (tid) { + case HIP_ESP_AES_SHA1: + case HIP_ESP_3DES_SHA1: + case HIP_ESP_NULL_SHA1: + ret = 20; + break; + case HIP_ESP_NULL_NULL: + ret = 0; + break; + default: + HIP_ERROR("unknown tid=%d\n", tid); + HIP_ASSERT(0); + break; + } + + return ret; +} /** * hip_transform_key_length - get transform key length of a transform @@ -331,29 +341,29 @@ * @return the transform key length based on the chosen transform, * otherwise < 0 on error. */ -int hip_transform_key_length(int tid){ - int ret = -1; - - switch(tid) { - case HIP_HIP_AES_SHA1: - ret = 16; - break; - case HIP_HIP_3DES_SHA1: - ret = 24; - break; - case HIP_HIP_NULL_SHA1: // XX FIXME: SHOULD BE NULL_SHA1? - ret = 0; - break; - default: - HIP_ERROR("unknown tid=%d\n", tid); - HIP_ASSERT(0); - break; - } - - return ret; +int hip_transform_key_length(int tid) +{ + int ret = -1; + + switch (tid) { + case HIP_HIP_AES_SHA1: + ret = 16; + break; + case HIP_HIP_3DES_SHA1: + ret = 24; + break; + case HIP_HIP_NULL_SHA1: // XX FIXME: SHOULD BE NULL_SHA1? + ret = 0; + break; + default: + HIP_ERROR("unknown tid=%d\n", tid); + HIP_ASSERT(0); + break; + } + + return ret; } - /** * hip_auth_key_length_esp - get authentication key length of a transform * @param tid transform @@ -361,30 +371,30 @@ * @return the authentication key length based on the chosen transform. * otherwise < 0 on error. */ -int hip_auth_key_length_esp(int tid){ - int ret = -1; - - switch(tid) { - case HIP_ESP_AES_SHA1: - //ret = 16; - //break; - case HIP_ESP_NULL_SHA1: - case HIP_ESP_3DES_SHA1: - ret = 20; - break; - case HIP_ESP_NULL_NULL: - ret = 0; - break; - default: - HIP_ERROR("unknown tid=%d\n", tid); - HIP_ASSERT(0); - break; - } - - return ret; +int hip_auth_key_length_esp(int tid) +{ + int ret = -1; + + switch (tid) { + case HIP_ESP_AES_SHA1: + //ret = 16; + //break; + case HIP_ESP_NULL_SHA1: + case HIP_ESP_3DES_SHA1: + ret = 20; + break; + case HIP_ESP_NULL_NULL: + ret = 0; + break; + default: + HIP_ERROR("unknown tid=%d\n", tid); + HIP_ASSERT(0); + break; + } + + return ret; } - /** * hip_select_hip_transform - select a HIP transform to use * @param ht HIP_TRANSFORM payload where the transform is selected from @@ -392,51 +402,51 @@ * @return the first acceptable Transform-ID, otherwise < 0 if no * acceptable transform was found. The return value is in host byte order. */ -hip_transform_suite_t hip_select_hip_transform(struct hip_hip_transform *ht){ - hip_transform_suite_t tid = 0; - int i; - int length; - hip_transform_suite_t *suggestion; - - length = ntohs(ht->length); - suggestion = (hip_transform_suite_t *) &ht->suite_id[0]; - - if ( (length >> 1) > 6) { - HIP_ERROR("Too many transforms (%d)\n", length >> 1); - goto out; - } - - for (i=0; i<length; i++) { - switch(ntohs(*suggestion)) { - - case HIP_HIP_AES_SHA1: - case HIP_HIP_3DES_SHA1: - case HIP_HIP_NULL_SHA1: - tid = ntohs(*suggestion); - goto out; - break; - - default: - /* Specs don't say what to do when unknown are found. - * We ignore. - */ - HIP_ERROR("Unknown HIP suite id suggestion (%u)\n", - ntohs(*suggestion)); - break; - } - suggestion++; - } - - out: - if(tid == 0) - HIP_ERROR("None HIP transforms accepted\n"); - else - HIP_DEBUG("Chose HIP transform: %d\n", tid); - - return tid; +hip_transform_suite_t hip_select_hip_transform(struct hip_hip_transform *ht) +{ + hip_transform_suite_t tid = 0; + int i; + int length; + hip_transform_suite_t *suggestion; + + length = ntohs(ht->length); + suggestion = (hip_transform_suite_t *) &ht->suite_id[0]; + + if ((length >> 1) > 6) { + HIP_ERROR("Too many transforms (%d)\n", length >> 1); + goto out; + } + + for (i = 0; i < length; i++) { + switch (ntohs(*suggestion)) { + case HIP_HIP_AES_SHA1: + case HIP_HIP_3DES_SHA1: + case HIP_HIP_NULL_SHA1: + tid = ntohs(*suggestion); + goto out; + break; + + default: + /* Specs don't say what to do when unknown are found. + * We ignore. + */ + HIP_ERROR("Unknown HIP suite id suggestion (%u)\n", + ntohs(*suggestion)); + break; + } + suggestion++; + } + +out: + if (tid == 0) { + HIP_ERROR("None HIP transforms accepted\n"); + } else { + HIP_DEBUG("Chose HIP transform: %d\n", tid); + } + + return tid; } - /** * hip_select_esp_transform - select an ESP transform to use * @param ht ESP_TRANSFORM payload where the transform is selected from @@ -444,154 +454,158 @@ * @return the first acceptable Suite-ID. otherwise < 0 if no * acceptable Suite-ID was found. */ -hip_transform_suite_t hip_select_esp_transform(struct hip_esp_transform *ht){ - hip_transform_suite_t tid = 0; - int i; - int length; - hip_transform_suite_t *suggestion; - - length = hip_get_param_contents_len(ht); - suggestion = (uint16_t*) &ht->suite_id[0]; - - if (length > sizeof(struct hip_esp_transform) - - sizeof(struct hip_common)) { - HIP_ERROR("Too many transforms\n"); - goto out; - } - - for (i=0; i<length; i++) { - switch(ntohs(*suggestion)) { - - case HIP_ESP_AES_SHA1: - case HIP_ESP_NULL_NULL: - case HIP_ESP_3DES_SHA1: - case HIP_ESP_NULL_SHA1: - tid = ntohs(*suggestion); - goto out; - break; - default: - /* Specs don't say what to do when unknowns are found. - * We ignore. - */ - HIP_ERROR("Unknown ESP suite id suggestion (%u)\n", - ntohs(*suggestion)); - break; - } - suggestion++; - } - - out: - HIP_DEBUG("Took ESP transform %d\n", tid); - - if(tid == 0) - HIP_ERROR("Faulty ESP transform\n"); - - return tid; +hip_transform_suite_t hip_select_esp_transform(struct hip_esp_transform *ht) +{ + hip_transform_suite_t tid = 0; + int i; + int length; + hip_transform_suite_t *suggestion; + + length = hip_get_param_contents_len(ht); + suggestion = (uint16_t *) &ht->suite_id[0]; + + if (length > sizeof(struct hip_esp_transform) - + sizeof(struct hip_common)) { + HIP_ERROR("Too many transforms\n"); + goto out; + } + + for (i = 0; i < length; i++) { + switch (ntohs(*suggestion)) { + case HIP_ESP_AES_SHA1: + case HIP_ESP_NULL_NULL: + case HIP_ESP_3DES_SHA1: + case HIP_ESP_NULL_SHA1: + tid = ntohs(*suggestion); + goto out; + break; + default: + /* Specs don't say what to do when unknowns are found. + * We ignore. + */ + HIP_ERROR("Unknown ESP suite id suggestion (%u)\n", + ntohs(*suggestion)); + break; + } + suggestion++; + } + +out: + HIP_DEBUG("Took ESP transform %d\n", tid); + + if (tid == 0) { + HIP_ERROR("Faulty ESP transform\n"); + } + + return tid; } #ifndef __KERNEL__ u16 ipv4_checksum(u8 protocol, u8 src[], u8 dst[], u8 data[], u16 len) { - - u16 word16; - u32 sum; - u16 i; - - //initialize sum to zero - sum=0; - - // make 16 bit words out of every two adjacent 8 bit words and - // calculate the sum of all 16 vit words - for (i=0;i<len;i=i+2){ - word16 =((((u16)(data[i]<<8)))&0xFF00)+(((u16)data[i+1])&0xFF); - sum = sum + (unsigned long)word16; - } - // add the TCP pseudo header which contains: - // the IP source and destination addresses, - for (i=0;i<4;i=i+2){ - word16 =((src[i]<<8)&0xFF00)+(src[i+1]&0xFF); - sum=sum+word16; - } - for (i=0;i<4;i=i+2) - { - word16 =((dst[i]<<8)&0xFF00)+(dst[i+1]&0xFF); - sum=sum+word16; - } - // the protocol number and the length of the TCP packet - sum = sum + protocol + len; - - // keep only the last 16 bits of the 32 bit calculated sum and add the carries - while (sum>>16) - sum = (sum & 0xFFFF)+(sum >> 16); - - // Take the one's complement of sum - sum = ~sum; - return (htons((unsigned short) sum)); + u16 word16; + u32 sum; + u16 i; + + //initialize sum to zero + sum = 0; + + // make 16 bit words out of every two adjacent 8 bit words and + // calculate the sum of all 16 vit words + for (i = 0; i < len; i = i + 2) { + word16 = ((((u16) (data[i] << 8))) & 0xFF00) + (((u16) data[i + 1]) & 0xFF); + sum = sum + (unsigned long) word16; + } + // add the TCP pseudo header which contains: + // the IP source and destination addresses, + for (i = 0; i < 4; i = i + 2) { + word16 = ((src[i] << 8) & 0xFF00) + (src[i + 1] & 0xFF); + sum = sum + word16; + } + for (i = 0; i < 4; i = i + 2) { + word16 = ((dst[i] << 8) & 0xFF00) + (dst[i + 1] & 0xFF); + sum = sum + word16; + } + // the protocol number and the length of the TCP packet + sum = sum + protocol + len; + + // keep only the last 16 bits of the 32 bit calculated sum and add the carries + while (sum >> 16) { + sum = (sum & 0xFFFF) + (sum >> 16); + } + + // Take the one's complement of sum + sum = ~sum; + return htons((unsigned short) sum); } -int convert_string_to_address_v4(const char *str, struct in_addr *ip){ - int ret = 0, err = 0; +int convert_string_to_address_v4(const char *str, struct in_addr *ip) +{ + int ret = 0, err = 0; - ret = inet_pton(AF_INET, str, ip); - HIP_IFEL((ret < 0 && errno == EAFNOSUPPORT), -1, - "inet_pton: not a valid address family\n"); - HIP_IFEL((ret == 0), -1, - "inet_pton: %s: not a valid network address\n", str); - out_err: - return err; + ret = inet_pton(AF_INET, str, ip); + HIP_IFEL((ret < 0 && errno == EAFNOSUPPORT), -1, + "inet_pton: not a valid address family\n"); + HIP_IFEL((ret == 0), -1, + "inet_pton: %s: not a valid network address\n", str); +out_err: + return err; } int convert_string_to_address(const char *str, - struct in6_addr *ip6){ - int ret = 0, err = 0; - struct in_addr ip4; - - ret = inet_pton(AF_INET6, str, ip6); - HIP_IFEL((ret < 0 && errno == EAFNOSUPPORT), -1, - "\"%s\" is not of valid address family.\n", str); - if (ret > 0) { - /* IPv6 address conversion was ok */ - _HIP_DEBUG_IN6ADDR("Converted IPv6", ip6); - goto out_err; - } - - /* Might be an ipv4 address (ret == 0). Lets catch it here. */ - err = convert_string_to_address_v4(str, &ip4); - if (err) - goto out_err; - - IPV4_TO_IPV6_MAP(&ip4, ip6); - HIP_DEBUG("Mapped v4 to v6.\n"); - HIP_DEBUG_IN6ADDR("mapped v6", ip6); - - out_err: - return err; + struct in6_addr *ip6) +{ + int ret = 0, err = 0; + struct in_addr ip4; + + ret = inet_pton(AF_INET6, str, ip6); + HIP_IFEL((ret < 0 && errno == EAFNOSUPPORT), -1, + "\"%s\" is not of valid address family.\n", str); + if (ret > 0) { + /* IPv6 address conversion was ok */ + _HIP_DEBUG_IN6ADDR("Converted IPv6", ip6); + goto out_err; + } + + /* Might be an ipv4 address (ret == 0). Lets catch it here. */ + err = convert_string_to_address_v4(str, &ip4); + if (err) { + goto out_err; + } + + IPV4_TO_IPV6_MAP(&ip4, ip6); + HIP_DEBUG("Mapped v4 to v6.\n"); + HIP_DEBUG_IN6ADDR("mapped v6", ip6); + +out_err: + return err; } - /* the lengths are in bits */ int khi_encode(unsigned char *orig, int orig_len, - unsigned char *encoded, - int encoded_len){ - BIGNUM *bn = NULL; - int err = 0, shift = (orig_len - encoded_len) / 2, - len = encoded_len / 8 + ((encoded_len % 8) ? 1 : 0); - - HIP_IFEL((encoded_len > orig_len), -1, "len mismatch\n"); - HIP_IFEL((!(bn = BN_bin2bn(orig, orig_len / 8, NULL))), -1, - "BN_bin2bn\n"); - HIP_IFEL(!BN_rshift(bn, bn, shift), -1, "BN_lshift\n"); - HIP_IFEL(!BN_mask_bits(bn, encoded_len), -1, - "BN_mask_bits\n"); - HIP_IFEL((bn2bin_safe(bn, encoded, len) != len), -1, - "BN_bn2bin_safe\n"); - - _HIP_HEXDUMP("encoded: ", encoded, len); - - out_err: - if(bn) - BN_free(bn); - return err; + unsigned char *encoded, + int encoded_len) +{ + BIGNUM *bn = NULL; + int err = 0, shift = (orig_len - encoded_len) / 2, + len = encoded_len / 8 + ((encoded_len % 8) ? 1 : 0); + + HIP_IFEL((encoded_len > orig_len), -1, "len mismatch\n"); + HIP_IFEL((!(bn = BN_bin2bn(orig, orig_len / 8, NULL))), -1, + "BN_bin2bn\n"); + HIP_IFEL(!BN_rshift(bn, bn, shift), -1, "BN_lshift\n"); + HIP_IFEL(!BN_mask_bits(bn, encoded_len), -1, + "BN_mask_bits\n"); + HIP_IFEL((bn2bin_safe(bn, encoded, len) != len), -1, + "BN_bn2bin_safe\n"); + + _HIP_HEXDUMP("encoded: ", encoded, len); + +out_err: + if (bn) { + BN_free(bn); + } + return err; } /** @@ -606,181 +620,182 @@ * @return zero on success, negative otherwise. */ int hip_dsa_host_id_to_hit(const struct hip_host_id *host_id, - struct in6_addr *hit, int hit_type) + struct in6_addr *hit, int hit_type) { - int err = 0; - u8 digest[HIP_AH_SHA_LEN]; - u8 *key_rr = (u8 *) host_id->key; /* skip the header */ - /* hit excludes rdata but it is included in hi_length; - subtract rdata */ - unsigned int key_rr_len = ntohs(host_id->hi_length) - - sizeof(struct hip_host_id_key_rdata); - u8 *khi_data = NULL; - u8 khi_context_id[] = HIP_KHI_CONTEXT_ID_INIT; - int khi_data_len = key_rr_len + sizeof(khi_context_id); - int khi_index = 0; - - _HIP_DEBUG("key_rr_len=%u\n", key_rr_len); - HIP_IFE(hit_type != HIP_HIT_TYPE_HASH100, -ENOSYS); - _HIP_HEXDUMP("key_rr", key_rr, key_rr_len); - - /* Hash Input := Context ID | Input */ - khi_data = HIP_MALLOC(khi_data_len, 0); - khi_index = 0; - memcpy(khi_data + khi_index, khi_context_id, sizeof(khi_context_id)); - khi_index += sizeof(khi_context_id); - memcpy(khi_data + khi_index, key_rr, key_rr_len); - khi_index += key_rr_len; - - HIP_ASSERT(khi_index == khi_data_len); - - _HIP_HEXDUMP("khi data", khi_data, khi_data_len); - - /* Hash := SHA1( Expand( Hash Input ) ) */ - HIP_IFEL((err = hip_build_digest(HIP_DIGEST_SHA1, khi_data, - khi_data_len, digest)), err, - "Building of digest failed\n"); - - _HIP_HEXDUMP("digest", digest, sizeof(digest)); - - memset(hit, 0, sizeof(hip_hit_t)); - HIP_IFEL(khi_encode(digest, sizeof(digest) * 8, - ((u8 *) hit) + 3, - sizeof(hip_hit_t) * 8 - HIP_HIT_PREFIX_LEN), - -1, "encoding failed\n"); - - _HIP_DEBUG_HIT("HIT before prefix: ", hit); - set_hit_prefix(hit); - _HIP_DEBUG_HIT("HIT after prefix: ", hit); - - out_err: - if (khi_data) - HIP_FREE(khi_data); - - return err; + int err = 0; + u8 digest[HIP_AH_SHA_LEN]; + u8 *key_rr = (u8 *) host_id->key; /* skip the header */ + /* hit excludes rdata but it is included in hi_length; + * subtract rdata */ + unsigned int key_rr_len = ntohs(host_id->hi_length) - + sizeof(struct hip_host_id_key_rdata); + u8 *khi_data = NULL; + u8 khi_context_id[] = HIP_KHI_CONTEXT_ID_INIT; + int khi_data_len = key_rr_len + sizeof(khi_context_id); + int khi_index = 0; + + _HIP_DEBUG("key_rr_len=%u\n", key_rr_len); + HIP_IFE(hit_type != HIP_HIT_TYPE_HASH100, -ENOSYS); + _HIP_HEXDUMP("key_rr", key_rr, key_rr_len); + + /* Hash Input := Context ID | Input */ + khi_data = HIP_MALLOC(khi_data_len, 0); + khi_index = 0; + memcpy(khi_data + khi_index, khi_context_id, sizeof(khi_context_id)); + khi_index += sizeof(khi_context_id); + memcpy(khi_data + khi_index, key_rr, key_rr_len); + khi_index += key_rr_len; + + HIP_ASSERT(khi_index == khi_data_len); + + _HIP_HEXDUMP("khi data", khi_data, khi_data_len); + + /* Hash := SHA1( Expand( Hash Input ) ) */ + HIP_IFEL((err = hip_build_digest(HIP_DIGEST_SHA1, khi_data, + khi_data_len, digest)), err, + "Building of digest failed\n"); + + _HIP_HEXDUMP("digest", digest, sizeof(digest)); + + memset(hit, 0, sizeof(hip_hit_t)); + HIP_IFEL(khi_encode(digest, sizeof(digest) * 8, + ((u8 *) hit) + 3, + sizeof(hip_hit_t) * 8 - HIP_HIT_PREFIX_LEN), + -1, "encoding failed\n"); + + _HIP_DEBUG_HIT("HIT before prefix: ", hit); + set_hit_prefix(hit); + _HIP_DEBUG_HIT("HIT after prefix: ", hit); + +out_err: + if (khi_data) { + HIP_FREE(khi_data); + } + + return err; } - int hip_host_id_to_hit(const struct hip_host_id *host_id, - struct in6_addr *hit, - int hit_type){ - int algo = hip_get_host_id_algo(host_id); - int err = 0; - - if (algo == HIP_HI_DSA) { - err = hip_dsa_host_id_to_hit(host_id, hit, hit_type); - } else if (algo == HIP_HI_RSA) { - err = hip_rsa_host_id_to_hit(host_id, hit, hit_type); - } else { - err = -ENOSYS; - } - - return err; + struct in6_addr *hit, + int hit_type) +{ + int algo = hip_get_host_id_algo(host_id); + int err = 0; + + if (algo == HIP_HI_DSA) { + err = hip_dsa_host_id_to_hit(host_id, hit, hit_type); + } else if (algo == HIP_HI_RSA) { + err = hip_rsa_host_id_to_hit(host_id, hit, hit_type); + } else { + err = -ENOSYS; + } + + return err; } - int hip_private_dsa_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, - int hit_type){ - int err = 0; - struct hip_host_id *host_id_pub = NULL; - int contents_len; - int total_len; - - contents_len = hip_get_param_contents_len(host_id); - total_len = hip_get_param_total_len(host_id); - - /*! \todo add an extra check for the T val */ - - HIP_IFEL(contents_len <= 20, -EMSGSIZE, "Host id too short\n"); - - /* Allocate enough space for host id; there will be 20 bytes extra - to avoid hassle with padding. */ - host_id_pub = (struct hip_host_id *)HIP_MALLOC(total_len, GFP_KERNEL); - HIP_IFE(!host_id_pub, -EFAULT); - memset(host_id_pub, 0, total_len); - - memcpy(host_id_pub, host_id, - sizeof(struct hip_tlv_common) + contents_len - DSA_PRIV); - - host_id_pub->hi_length = htons(ntohs(host_id_pub->hi_length) - DSA_PRIV); - hip_set_param_contents_len((struct hip_tlv_common*) host_id_pub, contents_len - DSA_PRIV); - - _HIP_HEXDUMP("extracted pubkey", host_id_pub, - hip_get_param_total_len(host_id_pub)); - - if ( (err = hip_dsa_host_id_to_hit(host_id_pub, hit, hit_type)) ) { - HIP_ERROR("Failed to convert HI to HIT.\n"); - goto out_err; - } - - out_err: - - if (host_id_pub) { - HIP_FREE(host_id_pub); - } - - return err; + struct in6_addr *hit, + int hit_type) +{ + int err = 0; + struct hip_host_id *host_id_pub = NULL; + int contents_len; + int total_len; + + contents_len = hip_get_param_contents_len(host_id); + total_len = hip_get_param_total_len(host_id); + + /*! \todo add an extra check for the T val */ + + HIP_IFEL(contents_len <= 20, -EMSGSIZE, "Host id too short\n"); + + /* Allocate enough space for host id; there will be 20 bytes extra + * to avoid hassle with padding. */ + host_id_pub = (struct hip_host_id *) HIP_MALLOC(total_len, GFP_KERNEL); + HIP_IFE(!host_id_pub, -EFAULT); + memset(host_id_pub, 0, total_len); + + memcpy(host_id_pub, host_id, + sizeof(struct hip_tlv_common) + contents_len - DSA_PRIV); + + host_id_pub->hi_length = htons(ntohs(host_id_pub->hi_length) - DSA_PRIV); + hip_set_param_contents_len((struct hip_tlv_common *) host_id_pub, + contents_len - DSA_PRIV); + + _HIP_HEXDUMP("extracted pubkey", host_id_pub, + hip_get_param_total_len(host_id_pub)); + + if ((err = hip_dsa_host_id_to_hit(host_id_pub, hit, hit_type))) { + HIP_ERROR("Failed to convert HI to HIT.\n"); + goto out_err; + } + +out_err: + + if (host_id_pub) { + HIP_FREE(host_id_pub); + } + + return err; } - int hip_private_rsa_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, - int hit_type){ - int err = 0; - struct hip_host_id host_id_pub; - int rsa_pub_len, rsa_priv_len; - struct hip_rsa_keylen keylen; - - /* Length of the private part of the RSA key d + p + q - is twice the length of the public modulus. - dmp1 + dmq1 + iqmp is another 1.5 times */ - - hip_get_rsa_keylen(host_id, &keylen, 1); - rsa_pub_len = keylen.e_len + keylen.e + keylen.n; - rsa_priv_len = keylen.n * 7 / 2; - - memcpy(&host_id_pub, host_id, sizeof(host_id_pub) - - sizeof(host_id_pub.key) - sizeof(host_id_pub.hostname)); - - host_id_pub.hi_length = - htons(ntohs(host_id_pub.hi_length) - rsa_priv_len); - memcpy(host_id_pub.key, host_id->key, rsa_pub_len); - - _HIP_HEXDUMP("extracted pubkey", &host_id_pub, - hip_get_param_total_len(host_id_pub)); - - if ( (err = hip_rsa_host_id_to_hit(&host_id_pub, hit, hit_type)) ) { - HIP_ERROR("Failed to convert HI to HIT.\n"); - goto out_err; - } - - out_err: - - return err; + struct in6_addr *hit, + int hit_type) +{ + int err = 0; + struct hip_host_id host_id_pub; + int rsa_pub_len, rsa_priv_len; + struct hip_rsa_keylen keylen; + + /* Length of the private part of the RSA key d + p + q + * is twice the length of the public modulus. + * dmp1 + dmq1 + iqmp is another 1.5 times */ + + hip_get_rsa_keylen(host_id, &keylen, 1); + rsa_pub_len = keylen.e_len + keylen.e + keylen.n; + rsa_priv_len = keylen.n * 7 / 2; + + memcpy(&host_id_pub, host_id, sizeof(host_id_pub) + - sizeof(host_id_pub.key) - sizeof(host_id_pub.hostname)); + + host_id_pub.hi_length = + htons(ntohs(host_id_pub.hi_length) - rsa_priv_len); + memcpy(host_id_pub.key, host_id->key, rsa_pub_len); + + _HIP_HEXDUMP("extracted pubkey", &host_id_pub, + hip_get_param_total_len(host_id_pub)); + + if ((err = hip_rsa_host_id_to_hit(&host_id_pub, hit, hit_type))) { + HIP_ERROR("Failed to convert HI to HIT.\n"); + goto out_err; + } + +out_err: + + return err; } - int hip_private_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, - int hit_type){ - int algo = hip_get_host_id_algo((struct hip_host_id *)host_id); - int err = 0; - - if (algo == HIP_HI_DSA) { - err = hip_private_dsa_host_id_to_hit(host_id, hit, - hit_type); - } else if (algo == HIP_HI_RSA) { - err = hip_private_rsa_host_id_to_hit(host_id, hit, - hit_type); - } else { - err = -ENOSYS; - } - - return err; + struct in6_addr *hit, + int hit_type) +{ + int algo = hip_get_host_id_algo((struct hip_host_id *) host_id); + int err = 0; + + if (algo == HIP_HI_DSA) { + err = hip_private_dsa_host_id_to_hit(host_id, hit, + hit_type); + } else if (algo == HIP_HI_RSA) { + err = hip_private_rsa_host_id_to_hit(host_id, hit, + hit_type); + } else { + err = -ENOSYS; + } + + return err; } - /** * check_and_create_dir - check and create a directory * @param dirname the name of the directory @@ -790,23 +805,23 @@ */ int check_and_create_dir(char *dirname, mode_t mode) { - int err = 0; - struct stat dir_stat; - - HIP_INFO("dirname=%s mode=%o\n", dirname, mode); - err = stat(dirname, &dir_stat); - if (err && errno == ENOENT) { /* no such file or directory */ - err = mkdir(dirname, mode); - if (err) { - HIP_ERROR("mkdir %s failed: %s\n", dirname, - strerror(errno)); - } - } else if (err) { - HIP_ERROR("stat %s failed: %s\n", dirname, - strerror(errno)); - } - - return err; + int err = 0; + struct stat dir_stat; + + HIP_INFO("dirname=%s mode=%o\n", dirname, mode); + err = stat(dirname, &dir_stat); + if (err && errno == ENOENT) { /* no such file or directory */ + err = mkdir(dirname, mode); + if (err) { + HIP_ERROR("mkdir %s failed: %s\n", dirname, + strerror(errno)); + } + } else if (err) { + HIP_ERROR("stat %s failed: %s\n", dirname, + strerror(errno)); + } + + return err; } /** @@ -818,529 +833,535 @@ */ int check_and_create_file(char *filename, mode_t mode) { - int err = 0, fd = 0; - struct stat file_stat; - - HIP_INFO("filename=%s mode=%o\n", filename, mode); - err = stat(filename, &file_stat); - if (err && errno == ENOENT) { /* no such file or file */ - fd = open(filename, O_RDWR | O_CREAT, 0644); - if (fd < 0) { - HIP_ERROR("creating file %s failed: %s\n", filename, - strerror(errno)); - } - } else { - fd = open(filename, O_RDWR); - if (fd < 0) { - HIP_ERROR("opening file %s failed: %s\n", filename, - strerror(errno)); - } - } - - return fd; -} - -int hip_host_id_contains_private_key(struct hip_host_id *host_id){ - uint16_t len = hip_get_param_contents_len(host_id); - u8 *buf = (u8 *) host_id->key; - u8 t = *buf; - - return len >= 3 * (64 + 8 * t) + 2 * 20; /* PQGXY 3*(64+8*t) + 2*20 */ -} - - -void change_key_file_perms(char *filenamebase){ - char *pubfilename = NULL; - int pubfilename_len; - - pubfilename_len = - strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1; - pubfilename = malloc(pubfilename_len); - if (!pubfilename) { - HIP_ERROR("malloc(%d) failed\n", pubfilename_len); - goto out_err; - } - - /* check retval */ - snprintf(pubfilename, pubfilename_len, "%s%s", filenamebase, - DEFAULT_PUB_FILE_SUFFIX); - - chmod(filenamebase, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP); - chmod(pubfilename, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH); - - out_err: - if (pubfilename) - HIP_FREE(pubfilename); - - return; -} - -int hip_serialize_host_id_action(struct hip_common *msg, int action, int anon, - int use_default, const char *hi_fmt, - const char *hi_file, int rsa_key_bits, - int dsa_key_bits) -{ - int err = 0, dsa_key_rr_len = 0, rsa_key_rr_len = 0; - int dsa_pub_key_rr_len = 0, rsa_pub_key_rr_len = 0; - hip_hdr_type_t numeric_action = 0; - char addrstr[INET6_ADDRSTRLEN], hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - char *dsa_filenamebase = NULL, *rsa_filenamebase = NULL; - char *dsa_filenamebase_pub = NULL, *rsa_filenamebase_pub = NULL; - unsigned char *dsa_key_rr = NULL, *rsa_key_rr = NULL; - unsigned char *dsa_pub_key_rr = NULL, *rsa_pub_key_rr = NULL; - DSA *dsa_key = NULL, *dsa_pub_key = NULL; - RSA *rsa_key = NULL, *rsa_pub_key = NULL; - struct hip_lhi rsa_lhi, dsa_lhi, rsa_pub_lhi, dsa_pub_lhi; - struct hip_host_id *dsa_host_id = NULL, *rsa_host_id = NULL; - struct hip_host_id *dsa_pub_host_id = NULL, *rsa_pub_host_id = NULL; - struct endpoint_hip *endpoint_dsa_hip = NULL; - struct endpoint_hip *endpoint_dsa_pub_hip = NULL; - struct endpoint_hip *endpoint_rsa_hip = NULL; - struct endpoint_hip *endpoint_rsa_pub_hip = NULL; - - - if (action == ACTION_ADD) - numeric_action = SO_HIP_ADD_LOCAL_HI; - - if ( (err = hip_build_user_hdr(msg, numeric_action, 0)) ) { - HIP_ERROR("build hdr error %d\n", err); - goto out_err; - } - - memset(addrstr, '\0', INET6_ADDRSTRLEN); - memset(hostname, '\0', HIP_HOST_ID_HOSTNAME_LEN_MAX); - - if ( (err = -gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1)) ) { - HIP_ERROR("Failed to get hostname. Err is (%d).\n", err); - goto out_err; - } - - HIP_INFO("Using hostname: %s\n", hostname); - - HIP_IFEL((!use_default && strcmp(hi_fmt, "rsa") && strcmp(hi_fmt, "dsa")), - -ENOSYS, "Only RSA and DSA keys are supported\n"); - - /* Set filenamebase (depending on whether the user supplied a - filenamebase or not) */ - if (!use_default) { - if(!strcmp(hi_fmt, "dsa")) { - dsa_filenamebase = malloc(strlen(hi_file) + 1); - HIP_IFEL(!dsa_filenamebase, -ENOMEM, - "Could not allocate DSA filename.\n"); - memcpy(dsa_filenamebase, hi_file, strlen(hi_file)); - } else /*rsa*/ { - rsa_filenamebase = malloc(strlen(hi_file) + 1); - HIP_IFEL(!rsa_filenamebase, -ENOMEM, - "Could not allocate RSA filename.\n"); - memcpy(rsa_filenamebase, hi_file, strlen(hi_file)); - } - } else { /* create dynamically default filenamebase */ - int rsa_filenamebase_len = 0, dsa_filenamebase_len = 0, ret = 0; - - HIP_INFO("No key file given, using default.\n"); - - /* Default_config_dir/default_host_dsa_key_file_base/ - default_anon_hi_file_name_suffix\0 */ - /* Creation of default keys is called with hi_fmt = NULL, - adding is called separately for DSA, RSA anon and RSA pub */ - if (hi_fmt == NULL || !strcmp(hi_fmt, "dsa")) { - dsa_filenamebase_len = - strlen(DEFAULT_CONFIG_DIR) + strlen("/") + - strlen(DEFAULT_HOST_DSA_KEY_FILE_BASE) + 1; - dsa_filenamebase = malloc(HOST_ID_FILENAME_MAX_LEN); - HIP_IFEL(!dsa_filenamebase, -ENOMEM, - "Could not allocate DSA filename.\n"); - - ret = snprintf(dsa_filenamebase, - dsa_filenamebase_len + - strlen(DEFAULT_ANON_HI_FILE_NAME_SUFFIX), - "%s/%s%s", - DEFAULT_CONFIG_DIR, - DEFAULT_HOST_DSA_KEY_FILE_BASE, - DEFAULT_ANON_HI_FILE_NAME_SUFFIX); - HIP_IFE(ret <= 0, -EINVAL); - - dsa_filenamebase_pub = malloc(HOST_ID_FILENAME_MAX_LEN); - HIP_IFEL(!dsa_filenamebase_pub, -ENOMEM, - "Could not allocate DSA (pub) filename.\n"); - - ret = snprintf(dsa_filenamebase_pub, - HOST_ID_FILENAME_MAX_LEN, "%s/%s%s", - DEFAULT_CONFIG_DIR, - DEFAULT_HOST_DSA_KEY_FILE_BASE, - DEFAULT_PUB_HI_FILE_NAME_SUFFIX); - HIP_IFE(ret <= 0, -EINVAL); - - HIP_DEBUG("Using dsa (anon hi) filenamebase: %s\n", - dsa_filenamebase); - HIP_DEBUG("Using dsa (pub hi) filenamebase: %s\n", - dsa_filenamebase_pub); - } - - if (hi_fmt == NULL || !strcmp(hi_fmt, "rsa")) { - rsa_filenamebase_len = - strlen(DEFAULT_CONFIG_DIR) + strlen("/") + - strlen(DEFAULT_HOST_RSA_KEY_FILE_BASE) + 1; - - if (anon || hi_fmt == NULL) { - rsa_filenamebase = - malloc(HOST_ID_FILENAME_MAX_LEN); - HIP_IFEL(!rsa_filenamebase, -ENOMEM, - "Could not allocate RSA filename.\n"); - - ret = snprintf( - rsa_filenamebase, - HOST_ID_FILENAME_MAX_LEN, "%s/%s%s", - DEFAULT_CONFIG_DIR, - DEFAULT_HOST_RSA_KEY_FILE_BASE, - DEFAULT_ANON_HI_FILE_NAME_SUFFIX); - - HIP_IFE(ret <= 0, -EINVAL); - - HIP_DEBUG("Using RSA (anon HI) filenamebase: "\ - "%s.\n", rsa_filenamebase); - } - - if (!anon || hi_fmt == NULL) { - rsa_filenamebase_pub = - malloc(HOST_ID_FILENAME_MAX_LEN); - HIP_IFEL(!rsa_filenamebase_pub, -ENOMEM, - "Could not allocate RSA (pub) "\ - "filename.\n"); - - ret = snprintf( - rsa_filenamebase_pub, - rsa_filenamebase_len + - strlen(DEFAULT_PUB_HI_FILE_NAME_SUFFIX), - "%s/%s%s", DEFAULT_CONFIG_DIR, - DEFAULT_HOST_RSA_KEY_FILE_BASE, - DEFAULT_PUB_HI_FILE_NAME_SUFFIX); - - HIP_IFE(ret <= 0, -EINVAL); - - HIP_DEBUG("Using RSA (pub HI) filenamebase: "\ - "%s\n", rsa_filenamebase_pub); - } - } - } - - switch(action) { - case ACTION_NEW: - /* Default directory is created only in "hipconf new default hi" */ - if (use_default) { - if ( (err = check_and_create_dir(DEFAULT_CONFIG_DIR, - DEFAULT_CONFIG_DIR_MODE)) ) - { - HIP_ERROR("Could not create default directory.\n"); - goto out_err; - } - } else if (!use_default) { - - if (!strcmp(hi_fmt, "dsa")) { - dsa_key = create_dsa_key(dsa_key_bits); - HIP_IFEL(!dsa_key, -EINVAL, - "Creation of DSA key failed.\n"); - if ( (err = save_dsa_private_key(dsa_filenamebase, dsa_key)) ) { - HIP_ERROR("Saving of DSA key failed.\n"); - goto out_err; - } - } else { /*RSA*/ - rsa_key = create_rsa_key(rsa_key_bits); - HIP_IFEL(!rsa_key, -EINVAL, - "Creation of RSA key failed.\n"); - if ( (err = save_rsa_private_key(rsa_filenamebase, rsa_key)) ) { - HIP_ERROR("Saving of RSA key failed.\n"); - goto out_err; - } - } - HIP_DEBUG("Key saved.\n"); - break; - } - - /* Using default */ - dsa_key = create_dsa_key(dsa_key_bits); - HIP_IFEL(!dsa_key, -EINVAL, - "Creation of DSA key failed.\n"); - - dsa_pub_key = create_dsa_key(dsa_key_bits); - HIP_IFEL(!dsa_pub_key, -EINVAL, - "Creation of public DSA key failed.\n"); - - rsa_key = create_rsa_key(rsa_key_bits); - HIP_IFEL(!rsa_key, -EINVAL, - "Creation of RSA key failed.\n"); - - rsa_pub_key = create_rsa_key(rsa_key_bits); - HIP_IFEL(!dsa_pub_key, -EINVAL, - "Creation of public RSA key failed.\n"); - - if ( (err = save_dsa_private_key(dsa_filenamebase, dsa_key)) ) { - HIP_ERROR("Saving of DSA key failed.\n"); - goto out_err; - } - - if ( (err = save_dsa_private_key(dsa_filenamebase_pub,dsa_pub_key)) ) { - HIP_ERROR("Saving of public DSA key failed.\n"); - goto out_err; - } - - if ( (err = save_rsa_private_key(rsa_filenamebase, rsa_key)) ) { - HIP_ERROR("Saving of RSA key failed.\n"); - goto out_err; - } - - if ( (err = save_rsa_private_key(rsa_filenamebase_pub,rsa_pub_key)) ) { - HIP_ERROR("Saving of public RSA key failed.\n"); - goto out_err; - } - - break; - - case ACTION_ADD: + int err = 0, fd = 0; + struct stat file_stat; + + HIP_INFO("filename=%s mode=%o\n", filename, mode); + err = stat(filename, &file_stat); + if (err && errno == ENOENT) { /* no such file or file */ + fd = open(filename, O_RDWR | O_CREAT, 0644); + if (fd < 0) { + HIP_ERROR("creating file %s failed: %s\n", filename, + strerror(errno)); + } + } else { + fd = open(filename, O_RDWR); + if (fd < 0) { + HIP_ERROR("opening file %s failed: %s\n", filename, + strerror(errno)); + } + } + + return fd; +} + +int hip_host_id_contains_private_key(struct hip_host_id *host_id) +{ + uint16_t len = hip_get_param_contents_len(host_id); + u8 *buf = (u8 *) host_id->key; + u8 t = *buf; + + return len >= 3 * (64 + 8 * t) + 2 * 20; /* PQGXY 3*(64+8*t) + 2*20 */ +} + +void change_key_file_perms(char *filenamebase) +{ + char *pubfilename = NULL; + int pubfilename_len; + + pubfilename_len = + strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1; + pubfilename = malloc(pubfilename_len); + if (!pubfilename) { + HIP_ERROR("malloc(%d) failed\n", pubfilename_len); + goto out_err; + } + + /* check retval */ + snprintf(pubfilename, pubfilename_len, "%s%s", filenamebase, + DEFAULT_PUB_FILE_SUFFIX); + + chmod(filenamebase, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); + chmod(pubfilename, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH); + +out_err: + if (pubfilename) { + HIP_FREE(pubfilename); + } + + return; +} + +int hip_serialize_host_id_action(struct hip_common *msg, + int action, + int anon, + int use_default, + const char *hi_fmt, + const char *hi_file, + int rsa_key_bits, + int dsa_key_bits) +{ + int err = 0, dsa_key_rr_len = 0, rsa_key_rr_len = 0; + int dsa_pub_key_rr_len = 0, rsa_pub_key_rr_len = 0; + hip_hdr_type_t numeric_action = 0; + char addrstr[INET6_ADDRSTRLEN], hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + char *dsa_filenamebase = NULL, *rsa_filenamebase = NULL; + char *dsa_filenamebase_pub = NULL, *rsa_filenamebase_pub = NULL; + unsigned char *dsa_key_rr = NULL, *rsa_key_rr = NULL; + unsigned char *dsa_pub_key_rr = NULL, *rsa_pub_key_rr = NULL; + DSA *dsa_key = NULL, *dsa_pub_key = NULL; + RSA *rsa_key = NULL, *rsa_pub_key = NULL; + struct hip_lhi rsa_lhi, dsa_lhi, rsa_pub_lhi, dsa_pub_lhi; + struct hip_host_id *dsa_host_id = NULL, *rsa_host_id = NULL; + struct hip_host_id *dsa_pub_host_id = NULL, *rsa_pub_host_id = NULL; + struct endpoint_hip *endpoint_dsa_hip = NULL; + struct endpoint_hip *endpoint_dsa_pub_hip = NULL; + struct endpoint_hip *endpoint_rsa_hip = NULL; + struct endpoint_hip *endpoint_rsa_pub_hip = NULL; + + if (action == ACTION_ADD) { + numeric_action = SO_HIP_ADD_LOCAL_HI; + } + + if ((err = hip_build_user_hdr(msg, numeric_action, 0))) { + HIP_ERROR("build hdr error %d\n", err); + goto out_err; + } + + memset(addrstr, '\0', INET6_ADDRSTRLEN); + memset(hostname, '\0', HIP_HOST_ID_HOSTNAME_LEN_MAX); + + if ((err = -gethostname(hostname, HIP_HOST_ID_HOSTNAME_LEN_MAX - 1))) { + HIP_ERROR("Failed to get hostname. Err is (%d).\n", err); + goto out_err; + } + + HIP_INFO("Using hostname: %s\n", hostname); + + HIP_IFEL((!use_default && strcmp(hi_fmt, "rsa") && strcmp(hi_fmt, "dsa")), + -ENOSYS, "Only RSA and DSA keys are supported\n"); + + /* Set filenamebase (depending on whether the user supplied a + * filenamebase or not) */ if (!use_default) { - if (!strcmp(hi_fmt, "dsa")) { - if ( (err = load_dsa_private_key(dsa_filenamebase, &dsa_key)) ) { - HIP_ERROR("Loading of the DSA key failed\n"); - goto out_err; - } - dsa_key_rr_len = dsa_to_dns_key_rr(dsa_key, &dsa_key_rr); - HIP_IFEL(dsa_key_rr_len <= 0, -EFAULT, "dsa_key_rr_len <= 0\n"); - - if ( (err = dsa_to_hip_endpoint(dsa_key, &endpoint_dsa_hip, - anon ? HIP_ENDPOINT_FLAG_ANON : 0, hostname)) ) - { - HIP_ERROR("Failed to allocate and build DSA endpoint.\n"); - goto out_err; - } - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_dsa_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - - } else { /*RSA*/ - if ( (err = load_rsa_private_key(rsa_filenamebase, &rsa_key)) ) { - HIP_ERROR("Loading of the RSA key failed\n"); - goto out_err; - } - rsa_key_rr_len = rsa_to_dns_key_rr(rsa_key, &rsa_key_rr); - HIP_IFEL(rsa_key_rr_len <= 0, -EFAULT, "rsa_key_rr_len <= 0\n"); - - if ( (err = rsa_to_hip_endpoint(rsa_key, &endpoint_rsa_hip, - anon ? HIP_ENDPOINT_FLAG_ANON : 0, hostname)) ) - { - HIP_ERROR("Failed to allocate and build RSA endpoint.\n"); - goto out_err; - } - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_rsa_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - - } - goto skip_host_id; - } - - /* using default */ - - HIP_IFEL(hi_fmt == NULL, -1, "Key type is null.\n"); + if (!strcmp(hi_fmt, "dsa")) { + dsa_filenamebase = malloc(strlen(hi_file) + 1); + HIP_IFEL(!dsa_filenamebase, -ENOMEM, + "Could not allocate DSA filename.\n"); + memcpy(dsa_filenamebase, hi_file, strlen(hi_file)); + } else { /*rsa*/ + rsa_filenamebase = malloc(strlen(hi_file) + 1); + HIP_IFEL(!rsa_filenamebase, -ENOMEM, + "Could not allocate RSA filename.\n"); + memcpy(rsa_filenamebase, hi_file, strlen(hi_file)); + } + } else { /* create dynamically default filenamebase */ + int rsa_filenamebase_len = 0, dsa_filenamebase_len = 0, ret = 0; + + HIP_INFO("No key file given, using default.\n"); + + /* Default_config_dir/default_host_dsa_key_file_base/ + * default_anon_hi_file_name_suffix\0 */ + /* Creation of default keys is called with hi_fmt = NULL, + * adding is called separately for DSA, RSA anon and RSA pub */ + if (hi_fmt == NULL || !strcmp(hi_fmt, "dsa")) { + dsa_filenamebase_len = + strlen(DEFAULT_CONFIG_DIR) + strlen("/") + + strlen(DEFAULT_HOST_DSA_KEY_FILE_BASE) + 1; + dsa_filenamebase = malloc(HOST_ID_FILENAME_MAX_LEN); + HIP_IFEL(!dsa_filenamebase, -ENOMEM, + "Could not allocate DSA filename.\n"); + + ret = snprintf(dsa_filenamebase, + dsa_filenamebase_len + + strlen(DEFAULT_ANON_HI_FILE_NAME_SUFFIX), + "%s/%s%s", + DEFAULT_CONFIG_DIR, + DEFAULT_HOST_DSA_KEY_FILE_BASE, + DEFAULT_ANON_HI_FILE_NAME_SUFFIX); + + HIP_IFE(ret <= 0, -EINVAL); + + dsa_filenamebase_pub = malloc(HOST_ID_FILENAME_MAX_LEN); + HIP_IFEL(!dsa_filenamebase_pub, -ENOMEM, + "Could not allocate DSA (pub) filename.\n"); + + ret = snprintf(dsa_filenamebase_pub, + HOST_ID_FILENAME_MAX_LEN, "%s/%s%s", + DEFAULT_CONFIG_DIR, + DEFAULT_HOST_DSA_KEY_FILE_BASE, + DEFAULT_PUB_HI_FILE_NAME_SUFFIX); + + HIP_IFE(ret <= 0, -EINVAL); + + HIP_DEBUG("Using dsa (anon hi) filenamebase: %s\n", + dsa_filenamebase); + HIP_DEBUG("Using dsa (pub hi) filenamebase: %s\n", + dsa_filenamebase_pub); + } + + if (hi_fmt == NULL || !strcmp(hi_fmt, "rsa")) { + rsa_filenamebase_len = + strlen(DEFAULT_CONFIG_DIR) + strlen("/") + + strlen(DEFAULT_HOST_RSA_KEY_FILE_BASE) + 1; + + if (anon || hi_fmt == NULL) { + rsa_filenamebase = + malloc(HOST_ID_FILENAME_MAX_LEN); + HIP_IFEL(!rsa_filenamebase, -ENOMEM, + "Could not allocate RSA filename.\n"); + + ret = snprintf( + rsa_filenamebase, + HOST_ID_FILENAME_MAX_LEN, "%s/%s%s", + DEFAULT_CONFIG_DIR, + DEFAULT_HOST_RSA_KEY_FILE_BASE, + DEFAULT_ANON_HI_FILE_NAME_SUFFIX); + + HIP_IFE(ret <= 0, -EINVAL); + + HIP_DEBUG("Using RSA (anon HI) filenamebase: " \ + "%s.\n", rsa_filenamebase); + } + + if (!anon || hi_fmt == NULL) { + rsa_filenamebase_pub = + malloc(HOST_ID_FILENAME_MAX_LEN); + HIP_IFEL(!rsa_filenamebase_pub, -ENOMEM, + "Could not allocate RSA (pub) " \ + "filename.\n"); + + ret = snprintf( + rsa_filenamebase_pub, + rsa_filenamebase_len + + strlen(DEFAULT_PUB_HI_FILE_NAME_SUFFIX), + "%s/%s%s", DEFAULT_CONFIG_DIR, + DEFAULT_HOST_RSA_KEY_FILE_BASE, + DEFAULT_PUB_HI_FILE_NAME_SUFFIX); + + HIP_IFE(ret <= 0, -EINVAL); + + HIP_DEBUG("Using RSA (pub HI) filenamebase: " \ + "%s\n", rsa_filenamebase_pub); + } + } + } + + switch (action) { + case ACTION_NEW: + /* Default directory is created only in "hipconf new default hi" */ + if (use_default) { + if ((err = check_and_create_dir(DEFAULT_CONFIG_DIR, + DEFAULT_CONFIG_DIR_MODE))) { + HIP_ERROR("Could not create default directory.\n"); + goto out_err; + } + } else if (!use_default) { + if (!strcmp(hi_fmt, "dsa")) { + dsa_key = create_dsa_key(dsa_key_bits); + HIP_IFEL(!dsa_key, -EINVAL, + "Creation of DSA key failed.\n"); + if ((err = save_dsa_private_key(dsa_filenamebase, dsa_key))) { + HIP_ERROR("Saving of DSA key failed.\n"); + goto out_err; + } + } else { /*RSA*/ + rsa_key = create_rsa_key(rsa_key_bits); + HIP_IFEL(!rsa_key, -EINVAL, + "Creation of RSA key failed.\n"); + if ((err = save_rsa_private_key(rsa_filenamebase, rsa_key))) { + HIP_ERROR("Saving of RSA key failed.\n"); + goto out_err; + } + } + HIP_DEBUG("Key saved.\n"); + break; + } + + /* Using default */ + dsa_key = create_dsa_key(dsa_key_bits); + HIP_IFEL(!dsa_key, -EINVAL, + "Creation of DSA key failed.\n"); + + dsa_pub_key = create_dsa_key(dsa_key_bits); + HIP_IFEL(!dsa_pub_key, -EINVAL, + "Creation of public DSA key failed.\n"); + + rsa_key = create_rsa_key(rsa_key_bits); + HIP_IFEL(!rsa_key, -EINVAL, + "Creation of RSA key failed.\n"); + + rsa_pub_key = create_rsa_key(rsa_key_bits); + HIP_IFEL(!dsa_pub_key, -EINVAL, + "Creation of public RSA key failed.\n"); + + if ((err = save_dsa_private_key(dsa_filenamebase, dsa_key))) { + HIP_ERROR("Saving of DSA key failed.\n"); + goto out_err; + } + + if ((err = save_dsa_private_key(dsa_filenamebase_pub, dsa_pub_key))) { + HIP_ERROR("Saving of public DSA key failed.\n"); + goto out_err; + } + + if ((err = save_rsa_private_key(rsa_filenamebase, rsa_key))) { + HIP_ERROR("Saving of RSA key failed.\n"); + goto out_err; + } + + if ((err = save_rsa_private_key(rsa_filenamebase_pub, rsa_pub_key))) { + HIP_ERROR("Saving of public RSA key failed.\n"); + goto out_err; + } + + break; + + case ACTION_ADD: + if (!use_default) { + if (!strcmp(hi_fmt, "dsa")) { + if ((err = load_dsa_private_key(dsa_filenamebase, &dsa_key))) { + HIP_ERROR("Loading of the DSA key failed\n"); + goto out_err; + } + dsa_key_rr_len = dsa_to_dns_key_rr(dsa_key, &dsa_key_rr); + HIP_IFEL(dsa_key_rr_len <= 0, -EFAULT, "dsa_key_rr_len <= 0\n"); + + if ((err = dsa_to_hip_endpoint(dsa_key, &endpoint_dsa_hip, + anon ? HIP_ENDPOINT_FLAG_ANON : 0, hostname))) { + HIP_ERROR("Failed to allocate and build DSA endpoint.\n"); + goto out_err; + } + if ((err = hip_build_param_eid_endpoint(msg, endpoint_dsa_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + } else { /*RSA*/ + if ((err = load_rsa_private_key(rsa_filenamebase, &rsa_key))) { + HIP_ERROR("Loading of the RSA key failed\n"); + goto out_err; + } + rsa_key_rr_len = rsa_to_dns_key_rr(rsa_key, &rsa_key_rr); + HIP_IFEL(rsa_key_rr_len <= 0, -EFAULT, "rsa_key_rr_len <= 0\n"); + + if ((err = rsa_to_hip_endpoint(rsa_key, &endpoint_rsa_hip, + anon ? HIP_ENDPOINT_FLAG_ANON : 0, hostname))) { + HIP_ERROR("Failed to allocate and build RSA endpoint.\n"); + goto out_err; + } + if ((err = hip_build_param_eid_endpoint(msg, endpoint_rsa_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + } + goto skip_host_id; + } + + /* using default */ + + HIP_IFEL(hi_fmt == NULL, -1, "Key type is null.\n"); + + if (!strcmp(hi_fmt, "dsa")) { + if ((err = load_dsa_private_key(dsa_filenamebase, &dsa_key))) { + HIP_ERROR("Loading of the DSA key failed\n"); + goto out_err; + } + + dsa_key_rr_len = dsa_to_dns_key_rr(dsa_key, &dsa_key_rr); + HIP_IFEL(dsa_key_rr_len <= 0, -EFAULT, "dsa_key_rr_len <= 0\n"); + + if ((err = dsa_to_hip_endpoint(dsa_key, &endpoint_dsa_hip, + HIP_ENDPOINT_FLAG_ANON, hostname))) { + HIP_ERROR("Failed to allocate and build DSA endpoint (anon).\n"); + goto out_err; + } + + if ((err = hip_private_dsa_to_hit(dsa_key, dsa_key_rr, + HIP_HIT_TYPE_HASH100, &dsa_lhi.hit))) { + HIP_ERROR("Conversion from DSA to HIT failed\n"); + goto out_err; + } + + if ((err = load_dsa_private_key(dsa_filenamebase_pub, &dsa_pub_key))) { + HIP_ERROR("Loading of the DSA key (pub) failed\n"); + goto out_err; + } + + dsa_pub_key_rr_len = dsa_to_dns_key_rr(dsa_pub_key, &dsa_pub_key_rr); + HIP_IFEL(dsa_pub_key_rr_len <= 0, -EFAULT, "dsa_pub_key_rr_len <= 0\n"); + + HIP_DEBUG_HIT("DSA HIT", &dsa_lhi.hit); + + if ((err = hip_private_dsa_to_hit(dsa_pub_key, dsa_pub_key_rr, + HIP_HIT_TYPE_HASH100, &dsa_pub_lhi.hit))) { + HIP_ERROR("Conversion from DSA to HIT failed\n"); + goto out_err; + } + HIP_DEBUG_HIT("DSA HIT", &dsa_pub_lhi.hit); + + if ((err = dsa_to_hip_endpoint(dsa_pub_key, + &endpoint_dsa_pub_hip, 0, hostname))) { + HIP_ERROR("Failed to allocate and build DSA endpoint (pub).\n"); + goto out_err; + } + } else if (anon) { /* rsa anon */ + if ((err = load_rsa_private_key(rsa_filenamebase, &rsa_key))) { + HIP_ERROR("Loading of the RSA key failed\n"); + goto out_err; + } + + rsa_key_rr_len = rsa_to_dns_key_rr(rsa_key, &rsa_key_rr); + HIP_IFEL(rsa_key_rr_len <= 0, -EFAULT, "rsa_key_rr_len <= 0\n"); + + if ((err = rsa_to_hip_endpoint(rsa_key, &endpoint_rsa_hip, + HIP_ENDPOINT_FLAG_ANON, hostname))) { + HIP_ERROR("Failed to allocate and build RSA endpoint (anon).\n"); + goto out_err; + } + + if ((err = hip_private_rsa_to_hit(rsa_key, rsa_key_rr, + HIP_HIT_TYPE_HASH100, &rsa_lhi.hit))) { + HIP_ERROR("Conversion from RSA to HIT failed\n"); + goto out_err; + } + HIP_DEBUG_HIT("RSA HIT", &rsa_lhi.hit); + } else { /* rsa pub */ + if ((err = load_rsa_private_key(rsa_filenamebase_pub, &rsa_pub_key))) { + HIP_ERROR("Loading of the RSA key (pub) failed\n"); + goto out_err; + } + + rsa_pub_key_rr_len = rsa_to_dns_key_rr(rsa_pub_key, &rsa_pub_key_rr); + HIP_IFEL(rsa_pub_key_rr_len <= 0, -EFAULT, "rsa_pub_key_rr_len <= 0\n"); + + if ((err = rsa_to_hip_endpoint(rsa_pub_key, + &endpoint_rsa_pub_hip, 0, hostname))) { + HIP_ERROR("Failed to allocate and build RSA endpoint (pub).\n"); + goto out_err; + } + + if ((err = hip_private_rsa_to_hit(rsa_pub_key, rsa_pub_key_rr, + HIP_HIT_TYPE_HASH100, &rsa_pub_lhi.hit))) { + HIP_ERROR("Conversion from RSA to HIT failed\n"); + goto out_err; + } + HIP_DEBUG_HIT("RSA HIT", &rsa_pub_lhi.hit); + } + + break; + } /* end switch */ + + if (numeric_action == 0) { + goto skip_msg; + } if (!strcmp(hi_fmt, "dsa")) { - if ( (err = load_dsa_private_key(dsa_filenamebase, &dsa_key)) ) { - HIP_ERROR("Loading of the DSA key failed\n"); - goto out_err; - } - - dsa_key_rr_len = dsa_to_dns_key_rr(dsa_key, &dsa_key_rr); - HIP_IFEL(dsa_key_rr_len <= 0, -EFAULT, "dsa_key_rr_len <= 0\n"); - - if ( (err = dsa_to_hip_endpoint(dsa_key, &endpoint_dsa_hip, - HIP_ENDPOINT_FLAG_ANON, hostname)) ) - { - HIP_ERROR("Failed to allocate and build DSA endpoint (anon).\n"); - goto out_err; - } - - if ( (err = hip_private_dsa_to_hit(dsa_key, dsa_key_rr, - HIP_HIT_TYPE_HASH100, &dsa_lhi.hit)) ) - { - HIP_ERROR("Conversion from DSA to HIT failed\n"); - goto out_err; - } - - if ( (err = load_dsa_private_key(dsa_filenamebase_pub, &dsa_pub_key)) ) { - HIP_ERROR("Loading of the DSA key (pub) failed\n"); - goto out_err; - } - - dsa_pub_key_rr_len = dsa_to_dns_key_rr(dsa_pub_key, &dsa_pub_key_rr); - HIP_IFEL(dsa_pub_key_rr_len <= 0, -EFAULT, "dsa_pub_key_rr_len <= 0\n"); - - HIP_DEBUG_HIT("DSA HIT", &dsa_lhi.hit); - - if ( (err = hip_private_dsa_to_hit(dsa_pub_key, dsa_pub_key_rr, - HIP_HIT_TYPE_HASH100, &dsa_pub_lhi.hit)) ) - { - HIP_ERROR("Conversion from DSA to HIT failed\n"); - goto out_err; - } - HIP_DEBUG_HIT("DSA HIT", &dsa_pub_lhi.hit); - - if ( (err = dsa_to_hip_endpoint(dsa_pub_key, - &endpoint_dsa_pub_hip, 0, hostname)) ) - { - HIP_ERROR("Failed to allocate and build DSA endpoint (pub).\n"); - goto out_err; - } - - } else if (anon) { /* rsa anon */ - - if ( (err = load_rsa_private_key(rsa_filenamebase, &rsa_key)) ) { - HIP_ERROR("Loading of the RSA key failed\n"); - goto out_err; - } - - rsa_key_rr_len = rsa_to_dns_key_rr(rsa_key, &rsa_key_rr); - HIP_IFEL(rsa_key_rr_len <= 0, -EFAULT, "rsa_key_rr_len <= 0\n"); - - if ( (err = rsa_to_hip_endpoint(rsa_key, &endpoint_rsa_hip, - HIP_ENDPOINT_FLAG_ANON, hostname)) ) - { - HIP_ERROR("Failed to allocate and build RSA endpoint (anon).\n"); - goto out_err; - } - - if ( (err = hip_private_rsa_to_hit(rsa_key, rsa_key_rr, - HIP_HIT_TYPE_HASH100, &rsa_lhi.hit)) ) - { - HIP_ERROR("Conversion from RSA to HIT failed\n"); - goto out_err; - } - HIP_DEBUG_HIT("RSA HIT", &rsa_lhi.hit); - - } else { /* rsa pub */ - - if ( (err = load_rsa_private_key(rsa_filenamebase_pub, &rsa_pub_key)) ) - { - HIP_ERROR("Loading of the RSA key (pub) failed\n"); - goto out_err; - } - - rsa_pub_key_rr_len = rsa_to_dns_key_rr(rsa_pub_key, &rsa_pub_key_rr); - HIP_IFEL(rsa_pub_key_rr_len <= 0, -EFAULT, "rsa_pub_key_rr_len <= 0\n"); - - if ( (err = rsa_to_hip_endpoint(rsa_pub_key, - &endpoint_rsa_pub_hip, 0, hostname)) ) - { - HIP_ERROR("Failed to allocate and build RSA endpoint (pub).\n"); - goto out_err; - } - - if ( (err = hip_private_rsa_to_hit(rsa_pub_key, rsa_pub_key_rr, - HIP_HIT_TYPE_HASH100, &rsa_pub_lhi.hit)) ) - { - HIP_ERROR("Conversion from RSA to HIT failed\n"); - goto out_err; - } - HIP_DEBUG_HIT("RSA HIT", &rsa_pub_lhi.hit); - - } - - break; - } /* end switch */ - - if (numeric_action == 0) - goto skip_msg; - - if (!strcmp(hi_fmt, "dsa")) { - - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_dsa_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_dsa_pub_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - - } else if (anon) { - - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_rsa_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - - } else { - - if ( (err = hip_build_param_eid_endpoint(msg, endpoint_rsa_pub_hip)) ) { - HIP_ERROR("Building of host id failed\n"); - goto out_err; - } - - } - - skip_host_id: - skip_msg: - - out_err: - if (dsa_filenamebase != NULL) - change_key_file_perms(dsa_filenamebase); - if (rsa_filenamebase != NULL) - change_key_file_perms(rsa_filenamebase); - if (dsa_filenamebase_pub != NULL) - change_key_file_perms(dsa_filenamebase_pub); - if (rsa_filenamebase_pub != NULL) - change_key_file_perms(rsa_filenamebase_pub); - - if (dsa_host_id) - free(dsa_host_id); - if (dsa_pub_host_id) - free(dsa_pub_host_id); - if (rsa_host_id) - free(rsa_host_id); - if (rsa_pub_host_id) - free(rsa_pub_host_id); - if (dsa_key) - DSA_free(dsa_key); - if (rsa_key) - RSA_free(rsa_key); - if (dsa_pub_key) - DSA_free(dsa_pub_key); - if (rsa_pub_key) - RSA_free(rsa_pub_key); - if (dsa_key_rr) - free(dsa_key_rr); - if (rsa_key_rr) - free(rsa_key_rr); - if (dsa_pub_key_rr) - free(dsa_pub_key_rr); - if (rsa_pub_key_rr) - free(rsa_pub_key_rr); - if (dsa_filenamebase) - free(dsa_filenamebase); - if (rsa_filenamebase) - free(rsa_filenamebase); - if (dsa_filenamebase_pub) - free(dsa_filenamebase_pub); - if (rsa_filenamebase_pub) - free(rsa_filenamebase_pub); - if (endpoint_dsa_hip) - free(endpoint_dsa_hip); - if (endpoint_rsa_hip) - free(endpoint_rsa_hip); - if (endpoint_dsa_pub_hip) - free(endpoint_dsa_pub_hip); - if (endpoint_rsa_pub_hip) - free(endpoint_rsa_pub_hip); - - return err; + if ((err = hip_build_param_eid_endpoint(msg, endpoint_dsa_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + if ((err = hip_build_param_eid_endpoint(msg, endpoint_dsa_pub_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + } else if (anon) { + if ((err = hip_build_param_eid_endpoint(msg, endpoint_rsa_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + } else { + if ((err = hip_build_param_eid_endpoint(msg, endpoint_rsa_pub_hip))) { + HIP_ERROR("Building of host id failed\n"); + goto out_err; + } + } + +skip_host_id: +skip_msg: + +out_err: + if (dsa_filenamebase != NULL) { + change_key_file_perms(dsa_filenamebase); + } + if (rsa_filenamebase != NULL) { + change_key_file_perms(rsa_filenamebase); + } + if (dsa_filenamebase_pub != NULL) { + change_key_file_perms(dsa_filenamebase_pub); + } + if (rsa_filenamebase_pub != NULL) { + change_key_file_perms(rsa_filenamebase_pub); + } + + if (dsa_host_id) { + free(dsa_host_id); + } + if (dsa_pub_host_id) { + free(dsa_pub_host_id); + } + if (rsa_host_id) { + free(rsa_host_id); + } + if (rsa_pub_host_id) { + free(rsa_pub_host_id); + } + if (dsa_key) { + DSA_free(dsa_key); + } + if (rsa_key) { + RSA_free(rsa_key); + } + if (dsa_pub_key) { + DSA_free(dsa_pub_key); + } + if (rsa_pub_key) { + RSA_free(rsa_pub_key); + } + if (dsa_key_rr) { + free(dsa_key_rr); + } + if (rsa_key_rr) { + free(rsa_key_rr); + } + if (dsa_pub_key_rr) { + free(dsa_pub_key_rr); + } + if (rsa_pub_key_rr) { + free(rsa_pub_key_rr); + } + if (dsa_filenamebase) { + free(dsa_filenamebase); + } + if (rsa_filenamebase) { + free(rsa_filenamebase); + } + if (dsa_filenamebase_pub) { + free(dsa_filenamebase_pub); + } + if (rsa_filenamebase_pub) { + free(rsa_filenamebase_pub); + } + if (endpoint_dsa_hip) { + free(endpoint_dsa_hip); + } + if (endpoint_rsa_hip) { + free(endpoint_rsa_hip); + } + if (endpoint_dsa_pub_hip) { + free(endpoint_dsa_pub_hip); + } + if (endpoint_rsa_pub_hip) { + free(endpoint_rsa_pub_hip); + } + + return err; } void get_random_bytes(void *buf, int n) { - RAND_bytes(buf, n); + RAND_bytes(buf, n); } - /** * hip_build_digest - calculate a digest over given data * @param type the type of digest, e.g. "sha1" @@ -1353,29 +1374,30 @@ * * @return 0 on success, otherwise < 0. */ -int hip_build_digest(const int type, const void *in, int in_len, void *out){ - SHA_CTX sha; - MD5_CTX md5; - - switch(type) { - case HIP_DIGEST_SHA1: - SHA1_Init(&sha); - SHA1_Update(&sha, in, in_len); - SHA1_Final(out, &sha); - break; - - case HIP_DIGEST_MD5: - MD5_Init(&md5); - MD5_Update(&md5, in, in_len); - MD5_Final(out, &md5); - break; - - default: - HIP_ERROR("Unknown digest: %x\n",type); - return -EFAULT; - } - - return 0; +int hip_build_digest(const int type, const void *in, int in_len, void *out) +{ + SHA_CTX sha; + MD5_CTX md5; + + switch (type) { + case HIP_DIGEST_SHA1: + SHA1_Init(&sha); + SHA1_Update(&sha, in, in_len); + SHA1_Final(out, &sha); + break; + + case HIP_DIGEST_MD5: + MD5_Init(&md5); + MD5_Update(&md5, in, in_len); + MD5_Final(out, &md5); + break; + + default: + HIP_ERROR("Unknown digest: %x\n", type); + return -EFAULT; + } + + return 0; } /** @@ -1390,107 +1412,110 @@ * DNS KEY RR is stored at dsa_key_rr. On error function returns negative * and sets dsa_key_rr to NULL. */ -int dsa_to_dns_key_rr(DSA *dsa, unsigned char **dsa_key_rr){ - int err = 0; - int dsa_key_rr_len = -1; - signed char t; /* in units of 8 bytes */ - unsigned char *p; - int key_len; - - HIP_ASSERT(dsa != NULL); /* should not happen */ - - *dsa_key_rr = NULL; - - _HIP_DEBUG("numbytes p=%d\n", BN_num_bytes(dsa->p)); - _HIP_DEBUG("numbytes q=%d\n", BN_num_bytes(dsa->q)); - _HIP_DEBUG("numbytes g=%d\n", BN_num_bytes(dsa->g)); - _HIP_DEBUG("numbytes pubkey=%d\n", BN_num_bytes(dsa->pub_key)); // shouldn't this be NULL also? - - /* notice that these functions allocate memory */ - _HIP_DEBUG("p=%s\n", BN_bn2hex(dsa->p)); - _HIP_DEBUG("q=%s\n", BN_bn2hex(dsa->q)); - _HIP_DEBUG("g=%s\n", BN_bn2hex(dsa->g)); - _HIP_DEBUG("pubkey=%s\n", BN_bn2hex(dsa->pub_key)); - - /* ***** is use of BN_num_bytes ok ? ***** */ - t = (BN_num_bytes(dsa->p) - 64) / 8; - HIP_IFEL((t < 0 || t > 8), -EINVAL, - "Invalid RSA key length %d bits\n", (64 + t * 8) * 8); - _HIP_DEBUG("t=%d\n", t); - - /* RFC 2536 section 2 */ - /* - Field Size - ----- ---- - T 1 octet - Q 20 octets - P 64 + T*8 octets - G 64 + T*8 octets - Y 64 + T*8 octets - [ X 20 optional octets (private key hack) ] - - */ - key_len = 64 + t * 8; - dsa_key_rr_len = 1 + DSA_PRIV + 3 * key_len; - - if (dsa->priv_key) { - dsa_key_rr_len += DSA_PRIV; /* private key hack */ - _HIP_DEBUG("Private key included\n"); - } else { - _HIP_DEBUG("No private key\n"); - } - - _HIP_DEBUG("dsa key rr len = %d\n", dsa_key_rr_len); - *dsa_key_rr = malloc(dsa_key_rr_len); - HIP_IFEL(!*dsa_key_rr, -ENOMEM, "Malloc for *dsa_key_rr failed\n"); - memset(*dsa_key_rr, 0, dsa_key_rr_len); - - p = *dsa_key_rr; - - /* set T */ - memset(p, t, 1); // XX FIX: WTF MEMSET? - p++; - _HIP_HEXDUMP("DSA KEY RR after T:", *dsa_key_rr, p - *dsa_key_rr); - - /* add given dsa_param to the *dsa_key_rr */ - - bn2bin_safe(dsa->q, p, DSA_PRIV); - p += DSA_PRIV; - _HIP_HEXDUMP("DSA KEY RR after Q:", *dsa_key_rr, p-*dsa_key_rr); - - bn2bin_safe(dsa->p, p, key_len); - p += key_len; - _HIP_HEXDUMP("DSA KEY RR after P:", *dsa_key_rr, p-*dsa_key_rr); - - bn2bin_safe(dsa->g, p, key_len); - p += key_len; - _HIP_HEXDUMP("DSA KEY RR after G:", *dsa_key_rr, p-*dsa_key_rr); - - bn2bin_safe(dsa->pub_key, p, key_len); - p += key_len; - _HIP_HEXDUMP("DSA KEY RR after Y:", *dsa_key_rr, p-*dsa_key_rr); - - if(dsa->priv_key){ - bn2bin_safe(dsa->priv_key, p, DSA_PRIV); - _HIP_HEXDUMP("DSA KEY RR after X:", *dsa_key_rr, p-*dsa_key_rr); - } - - out_err: - - if (err) { - if (*dsa_key_rr) - free(*dsa_key_rr); - return err; - } - else - return dsa_key_rr_len; +int dsa_to_dns_key_rr(DSA *dsa, unsigned char **dsa_key_rr) +{ + int err = 0; + int dsa_key_rr_len = -1; + signed char t; /* in units of 8 bytes */ + unsigned char *p = NULL; + int key_len; + + HIP_ASSERT(dsa != NULL); /* should not happen */ + + *dsa_key_rr = NULL; + + _HIP_DEBUG("numbytes p=%d\n", BN_num_bytes(dsa->p)); + _HIP_DEBUG("numbytes q=%d\n", BN_num_bytes(dsa->q)); + _HIP_DEBUG("numbytes g=%d\n", BN_num_bytes(dsa->g)); + // shouldn't this be NULL also? + _HIP_DEBUG("numbytes pubkey=%d\n", BN_num_bytes(dsa->pub_key)); + + + /* notice that these functions allocate memory */ + _HIP_DEBUG("p=%s\n", BN_bn2hex(dsa->p)); + _HIP_DEBUG("q=%s\n", BN_bn2hex(dsa->q)); + _HIP_DEBUG("g=%s\n", BN_bn2hex(dsa->g)); + _HIP_DEBUG("pubkey=%s\n", BN_bn2hex(dsa->pub_key)); + + /* ***** is use of BN_num_bytes ok ? ***** */ + t = (BN_num_bytes(dsa->p) - 64) / 8; + HIP_IFEL((t < 0 || t > 8), -EINVAL, + "Invalid RSA key length %d bits\n", (64 + t * 8) * 8); + _HIP_DEBUG("t=%d\n", t); + + /* RFC 2536 section 2 */ + /* + * Field Size + * ----- ---- + * T 1 octet + * Q 20 octets + * P 64 + T*8 octets + * G 64 + T*8 octets + * Y 64 + T*8 octets + * [ X 20 optional octets (private key hack) ] + * + */ + key_len = 64 + t * 8; + dsa_key_rr_len = 1 + DSA_PRIV + 3 * key_len; + + if (dsa->priv_key) { + dsa_key_rr_len += DSA_PRIV; /* private key hack */ + _HIP_DEBUG("Private key included\n"); + } else { + _HIP_DEBUG("No private key\n"); + } + + _HIP_DEBUG("dsa key rr len = %d\n", dsa_key_rr_len); + *dsa_key_rr = malloc(dsa_key_rr_len); + HIP_IFEL(!*dsa_key_rr, -ENOMEM, "Malloc for *dsa_key_rr failed\n"); + memset(*dsa_key_rr, 0, dsa_key_rr_len); + + p = *dsa_key_rr; + + /* set T */ + memset(p, t, 1); // XX FIX: WTF MEMSET? + p++; + _HIP_HEXDUMP("DSA KEY RR after T:", *dsa_key_rr, p - *dsa_key_rr); + + /* add given dsa_param to the *dsa_key_rr */ + + bn2bin_safe(dsa->q, p, DSA_PRIV); + p += DSA_PRIV; + _HIP_HEXDUMP("DSA KEY RR after Q:", *dsa_key_rr, p - *dsa_key_rr); + + bn2bin_safe(dsa->p, p, key_len); + p += key_len; + _HIP_HEXDUMP("DSA KEY RR after P:", *dsa_key_rr, p - *dsa_key_rr); + + bn2bin_safe(dsa->g, p, key_len); + p += key_len; + _HIP_HEXDUMP("DSA KEY RR after G:", *dsa_key_rr, p - *dsa_key_rr); + + bn2bin_safe(dsa->pub_key, p, key_len); + p += key_len; + _HIP_HEXDUMP("DSA KEY RR after Y:", *dsa_key_rr, p - *dsa_key_rr); + + if (dsa->priv_key) { + bn2bin_safe(dsa->priv_key, p, DSA_PRIV); + _HIP_HEXDUMP("DSA KEY RR after X:", *dsa_key_rr, p - *dsa_key_rr); + } + +out_err: + + if (err) { + if (*dsa_key_rr) { + free(*dsa_key_rr); + } + return err; + } else { + return dsa_key_rr_len; + } } - /** * rsa_to_dns_key_rr - This is a new version of the function above. This function * assumes that RSA given as a parameter is always public (Laura/10.4.2006) - Creates DNS KEY RR record from host RSA public key + * Creates DNS KEY RR record from host RSA public key * @param rsa the RSA structure from where the KEY RR record is to be created * @param rsa_key_rr where the resultin KEY RR is stored * @@ -1501,87 +1526,89 @@ * DNS KEY RR is stored at rsa_key_rr. On error function returns negative * and sets rsa_key_rr to NULL. */ -int rsa_to_dns_key_rr(RSA *rsa, unsigned char **rsa_key_rr){ - int err = 0; - int rsa_key_rr_len = -1; - unsigned char *c; - int public = -1; - int e_len_bytes = 1; - int e_len, key_len; - - HIP_ASSERT(rsa != NULL); // should not happen - - *rsa_key_rr = NULL; - - e_len = BN_num_bytes(rsa->e); - key_len = RSA_size(rsa); - - /* RFC 3110 limits e to 4096 bits */ - HIP_IFEL(e_len > 512, -EINVAL, "Invalid rsa->e length %d bytes\n", e_len); - if (e_len > 255) - e_len_bytes = 3; - - /* let's check if the RSA key is public or private - private exponent is NULL in public keys */ - if(rsa->d == NULL) { - public = 1; - rsa_key_rr_len = e_len_bytes + e_len + key_len; - - /* - See RFC 2537 for flags, protocol and algorithm and check RFC 3110 for - the RSA public key part ( 1-3 octets defining length of the exponent, - exponent is as many octets as the length defines and the modulus is - all the rest of the bytes). - */ - - } else{ - public = 0; - rsa_key_rr_len = e_len_bytes + e_len + key_len * 9 / 2; - } - - *rsa_key_rr = malloc(rsa_key_rr_len); - HIP_IFEL(!*rsa_key_rr, -ENOMEM, "Malloc for *rsa_key_rr failed\n"); - memset(*rsa_key_rr, 0, rsa_key_rr_len); - - c = *rsa_key_rr; - - if (e_len_bytes == 1) { - *c = (unsigned char) e_len; - } - c++; /* If e_len is more than one byte, first byte is 0. */ - if (e_len_bytes == 3) { - *c = htons((u16) e_len); - c += 2; - } - - bn2bin_safe(rsa->e, c, e_len); - c += e_len; - bn2bin_safe(rsa->n, c, key_len); - c += key_len; - - if(!public){ - bn2bin_safe(rsa->d, c, key_len); - c += key_len; - bn2bin_safe(rsa->p, c, key_len / 2); - c += key_len / 2; - bn2bin_safe(rsa->q, c, key_len / 2); - c += key_len / 2; - bn2bin_safe(rsa->dmp1, c, key_len / 2); - c += key_len / 2; - bn2bin_safe(rsa->dmq1, c, key_len / 2); - c += key_len / 2; - bn2bin_safe(rsa->iqmp, c, key_len / 2); - } - - out_err: - - if (err) { - if (*rsa_key_rr) - free(*rsa_key_rr); - return err; - } - - return rsa_key_rr_len; +int rsa_to_dns_key_rr(RSA *rsa, unsigned char **rsa_key_rr) +{ + int err = 0; + int rsa_key_rr_len = -1; + unsigned char *c = NULL; + int public = -1; + int e_len_bytes = 1; + int e_len, key_len; + + HIP_ASSERT(rsa != NULL); // should not happen + + *rsa_key_rr = NULL; + + e_len = BN_num_bytes(rsa->e); + key_len = RSA_size(rsa); + + /* RFC 3110 limits e to 4096 bits */ + HIP_IFEL(e_len > 512, -EINVAL, "Invalid rsa->e length %d bytes\n", e_len); + if (e_len > 255) { + e_len_bytes = 3; + } + + /* let's check if the RSA key is public or private + * private exponent is NULL in public keys */ + if (rsa->d == NULL) { + public = 1; + rsa_key_rr_len = e_len_bytes + e_len + key_len; + + /* + * See RFC 2537 for flags, protocol and algorithm and check RFC 3110 for + * the RSA public key part ( 1-3 octets defining length of the exponent, + * exponent is as many octets as the length defines and the modulus is + * all the rest of the bytes). + */ + } else { + public = 0; + rsa_key_rr_len = e_len_bytes + e_len + key_len * 9 / 2; + } + + *rsa_key_rr = malloc(rsa_key_rr_len); + HIP_IFEL(!*rsa_key_rr, -ENOMEM, "Malloc for *rsa_key_rr failed\n"); + memset(*rsa_key_rr, 0, rsa_key_rr_len); + + c = *rsa_key_rr; + + if (e_len_bytes == 1) { + *c = (unsigned char) e_len; + } + c++; /* If e_len is more than one byte, first byte is 0. */ + if (e_len_bytes == 3) { + *c = htons((u16) e_len); + c += 2; + } + + bn2bin_safe(rsa->e, c, e_len); + c += e_len; + bn2bin_safe(rsa->n, c, key_len); + c += key_len; + + if (!public) { + bn2bin_safe(rsa->d, c, key_len); + c += key_len; + bn2bin_safe(rsa->p, c, key_len / 2); + c += key_len / 2; + bn2bin_safe(rsa->q, c, key_len / 2); + c += key_len / 2; + bn2bin_safe(rsa->dmp1, c, key_len / 2); + c += key_len / 2; + bn2bin_safe(rsa->dmq1, c, key_len / 2); + c += key_len / 2; + bn2bin_safe(rsa->iqmp, c, key_len / 2); + } + +out_err: + + if (err) { + if (*rsa_key_rr) { + free(*rsa_key_rr); + } + return err; + } + + return rsa_key_rr_len; } /** @@ -1597,175 +1624,174 @@ * NULL if the cast fails. */ -void *hip_cast_sa_addr(const struct sockaddr *sa) { - - if(sa == NULL){ - return NULL; - } - - switch(sa->sa_family) { - case AF_INET: - return &(((struct sockaddr_in *) sa)->sin_addr); - case AF_INET6: - return &(((struct sockaddr_in6 *) sa)->sin6_addr); - default: - return NULL; - } -} - -int hip_sockaddr_is_v6_mapped(struct sockaddr *sa) { - int family = sa->sa_family; - - HIP_ASSERT(family == AF_INET || family == AF_INET6); - if (family != AF_INET6) - return 0; - else - return IN6_IS_ADDR_V4MAPPED((struct in6_addr *)hip_cast_sa_addr(sa)); -} - -int hip_sockaddr_len(const void *sockaddr) { - struct sockaddr *sa = (struct sockaddr *) sockaddr; - int len; - - switch(sa->sa_family) { - case AF_INET: - len = sizeof(struct sockaddr_in); - break; - case AF_INET6: - len = sizeof(struct sockaddr_in6); - break; - case AF_UNIX: - len = sizeof(struct sockaddr_un); - break; - default: - len = 0; - } - return len; -} - - -int hip_sa_addr_len(void *sockaddr){ - struct sockaddr *sa = (struct sockaddr *) sockaddr; - int len; - - switch(sa->sa_family){ - case AF_INET: - len = 4; - break; - case AF_INET6: - len = 16; - break; - default: - len = 0; - } - return len; -} - +void *hip_cast_sa_addr(const struct sockaddr *sa) +{ + if (sa == NULL) { + return NULL; + } + + switch (sa->sa_family) { + case AF_INET: + return &(((struct sockaddr_in *) sa)->sin_addr); + case AF_INET6: + return &(((struct sockaddr_in6 *) sa)->sin6_addr); + default: + return NULL; + } +} + +int hip_sockaddr_is_v6_mapped(struct sockaddr *sa) +{ + int family = sa->sa_family; + + HIP_ASSERT(family == AF_INET || family == AF_INET6); + if (family != AF_INET6) { + return 0; + } else { + return IN6_IS_ADDR_V4MAPPED((struct in6_addr *) hip_cast_sa_addr(sa)); + } +} + +int hip_sockaddr_len(const void *sockaddr) +{ + struct sockaddr *sa = (struct sockaddr *) sockaddr; + int len; + + switch (sa->sa_family) { + case AF_INET: + len = sizeof(struct sockaddr_in); + break; + case AF_INET6: + len = sizeof(struct sockaddr_in6); + break; + case AF_UNIX: + len = sizeof(struct sockaddr_un); + break; + default: + len = 0; + } + return len; +} + +int hip_sa_addr_len(void *sockaddr) +{ + struct sockaddr *sa = (struct sockaddr *) sockaddr; + int len; + + switch (sa->sa_family) { + case AF_INET: + len = 4; + break; + case AF_INET6: + len = 16; + break; + default: + len = 0; + } + return len; +} /* conversion function from in6_addr to sockaddr_storage * * NOTE: sockaddr too small to store sockaddr_in6 */ void hip_addr_to_sockaddr(struct in6_addr *addr, struct sockaddr_storage *sa) { - memset(sa, 0, sizeof(struct sockaddr_storage)); - - if (IN6_IS_ADDR_V4MAPPED(addr)) { - struct sockaddr_in *in = (struct sockaddr_in *) sa; - in->sin_family = AF_INET; - IPV6_TO_IPV4_MAP(addr, &in->sin_addr); - } else { - struct sockaddr_in6 *in6 = (struct sockaddr_in6 *) sa; - in6->sin6_family = AF_INET6; - ipv6_addr_copy(&in6->sin6_addr, addr); - } -} - - -int hip_remove_lock_file(char *filename){ - return unlink(filename); -} - - -int hip_create_lock_file(char *filename, int killold) { - - int err = 0, fd = 0, old_pid = 0, new_pid_str_len = 0; - char old_pid_str[64], new_pid_str[64]; - int pid_set = 0; /* the pid was read successfully */ - memset(old_pid_str, 0, sizeof(old_pid_str)); - memset(new_pid_str, 0, sizeof(new_pid_str)); - - /* New pid */ - snprintf(new_pid_str, sizeof(new_pid_str)-1, "%d\n", getpid()); - new_pid_str_len = strlen(new_pid_str); - HIP_IFEL((new_pid_str_len <= 0), -1, "pID length error.\n"); - - /* Read old pid */ - fd = HIP_CREATE_FILE(filename); - HIP_IFEL((fd <= 0), -1, "opening lock file failed\n"); - - /* FIXME: This is possibly unsafe: the pid is read from the file without checking - * file permissions and the process with the number is simply killed. - * THIS COULD BE USED TO ATTACK THE SYSTEM - */ - pid_set = read(fd, old_pid_str, sizeof(old_pid_str) - 1); - old_pid = atoi(old_pid_str); - - if (lockf(fd, F_TLOCK, 0) < 0) - { - HIP_IFEL(!killold, -12, - "\nHIP daemon already running with pid %d\n" - "Give: -k option to kill old daemon.\n", old_pid); - - HIP_INFO("\nDaemon is already running with pid %d\n" - "-k option given, terminating old one...\n", old_pid); - /* Erase the old lock file to avoid having multiple pids - in the file */ - if( lockf(fd, F_ULOCK, 0) == -1) { - HIP_ERROR("Cannot unlock pid lock."); - - } - - close(fd); - HIP_IFEL(hip_remove_lock_file(filename), -1, - "Removing lock file failed.\n"); - - /* fd = open(filename, O_RDWR | O_CREAT, 0644); */ - fd = open(filename, O_RDWR | O_CREAT | O_TRUNC, 0644); - - /* Don't close file descriptor because new started process is - running. */ - HIP_IFEL((fd <= 0), -1, "Opening lock file failed.\n"); - HIP_IFEL(lockf(fd, F_TLOCK, 0), -1, "Lock attempt failed.\n"); - if (pid_set){ - err = kill(old_pid, SIGKILL); - } - if (err != 0) { - HIP_ERROR("\nError when trying to send signal SIGKILL "\ - "process identified by process identifier "\ - "%d.\n", old_pid); - HIP_PERROR("errno after kill() is: "); - } - } - /* else if (killold) - { - lseek(fd,0,SEEK_SET); - write(fd, new_pid_str, new_pid_str_len); - system("NEW_PID=$(sudo awk NR==1 /var/lock/hipd.lock)"); - system("OLD_PID=$(/bin/pidof -o $NEW_PID hipd)"); - system("kill -9 $OLD_PID"); - } */ - - lseek(fd, 0, SEEK_SET); - - HIP_IFEL((write(fd, new_pid_str, new_pid_str_len) != new_pid_str_len), - -1, "Writing new process identifier failed.\n"); - - out_err: - if (err == -12) { - exit(0); - } - - return err; + memset(sa, 0, sizeof(struct sockaddr_storage)); + + if (IN6_IS_ADDR_V4MAPPED(addr)) { + struct sockaddr_in *in = (struct sockaddr_in *) sa; + in->sin_family = AF_INET; + IPV6_TO_IPV4_MAP(addr, &in->sin_addr); + } else { + struct sockaddr_in6 *in6 = (struct sockaddr_in6 *) sa; + in6->sin6_family = AF_INET6; + ipv6_addr_copy(&in6->sin6_addr, addr); + } +} + +int hip_remove_lock_file(char *filename) +{ + return unlink(filename); +} + +int hip_create_lock_file(char *filename, int killold) +{ + int err = 0, fd = 0, old_pid = 0, new_pid_str_len = 0; + char old_pid_str[64], new_pid_str[64]; + int pid_set = 0; /* the pid was read successfully */ + memset(old_pid_str, 0, sizeof(old_pid_str)); + memset(new_pid_str, 0, sizeof(new_pid_str)); + + /* New pid */ + snprintf(new_pid_str, sizeof(new_pid_str) - 1, "%d\n", getpid()); + new_pid_str_len = strlen(new_pid_str); + HIP_IFEL((new_pid_str_len <= 0), -1, "pID length error.\n"); + + /* Read old pid */ + fd = HIP_CREATE_FILE(filename); + HIP_IFEL((fd <= 0), -1, "opening lock file failed\n"); + + /* FIXME: This is possibly unsafe: the pid is read from the file without checking + * file permissions and the process with the number is simply killed. + * THIS COULD BE USED TO ATTACK THE SYSTEM + */ + pid_set = read(fd, old_pid_str, sizeof(old_pid_str) - 1); + old_pid = atoi(old_pid_str); + + if (lockf(fd, F_TLOCK, 0) < 0) { + HIP_IFEL(!killold, -12, + "\nHIP daemon already running with pid %d\n" + "Give: -k option to kill old daemon.\n", old_pid); + + HIP_INFO("\nDaemon is already running with pid %d\n" + "-k option given, terminating old one...\n", old_pid); + /* Erase the old lock file to avoid having multiple pids + * in the file */ + if (lockf(fd, F_ULOCK, 0) == -1) { + HIP_ERROR("Cannot unlock pid lock."); + } + + close(fd); + HIP_IFEL(hip_remove_lock_file(filename), -1, + "Removing lock file failed.\n"); + + /* fd = open(filename, O_RDWR | O_CREAT, 0644); */ + fd = open(filename, O_RDWR | O_CREAT | O_TRUNC, 0644); + + /* Don't close file descriptor because new started process is + * running. */ + HIP_IFEL((fd <= 0), -1, "Opening lock file failed.\n"); + HIP_IFEL(lockf(fd, F_TLOCK, 0), -1, "Lock attempt failed.\n"); + if (pid_set) { + err = kill(old_pid, SIGKILL); + } + if (err != 0) { + HIP_ERROR("\nError when trying to send signal SIGKILL " \ + "process identified by process identifier " \ + "%d.\n", old_pid); + HIP_PERROR("errno after kill() is: "); + } + } + /* else if (killold) + * { + * lseek(fd,0,SEEK_SET); + * write(fd, new_pid_str, new_pid_str_len); + * system("NEW_PID=$(sudo awk NR==1 /var/lock/hipd.lock)"); + * system("OLD_PID=$(/bin/pidof -o $NEW_PID hipd)"); + * system("kill -9 $OLD_PID"); + * } */ + + lseek(fd, 0, SEEK_SET); + + HIP_IFEL((write(fd, new_pid_str, new_pid_str_len) != new_pid_str_len), + -1, "Writing new process identifier failed.\n"); + +out_err: + if (err == -12) { + exit(0); + } + + return err; } /** @@ -1781,143 +1807,145 @@ * odds are 1/2^64 to try 0, I don't see the point in improving this now. */ uint64_t hip_solve_puzzle(void *puzzle_or_solution, - struct hip_common *hdr, - int mode){ - uint64_t mask = 0; - uint64_t randval = 0; - uint64_t maxtries = 0; - uint64_t digest = 0; - u8 cookie[48]; - int err = 0; - union { - struct hip_puzzle pz; - struct hip_solution sl; - } *u; - - HIP_HEXDUMP("puzzle", puzzle_or_solution, - (mode == HIP_VERIFY_PUZZLE ? sizeof(struct hip_solution) : sizeof(struct hip_puzzle))); - - _HIP_DEBUG("\n"); - /* pre-create cookie */ - u = puzzle_or_solution; - - _HIP_DEBUG("current hip_cookie_max_k_r1=%d\n", max_k); - HIP_IFEL(u->pz.K > HIP_PUZZLE_MAX_K, 0, - "Cookie K %u is higher than we are willing to calculate" - " (current max K=%d)\n", u->pz.K, HIP_PUZZLE_MAX_K); - - mask = hton64((1ULL << u->pz.K) - 1); - memcpy(cookie, (u8 *)&(u->pz.I), sizeof(uint64_t)); - - HIP_DEBUG("(u->pz.I: 0x%llx\n", u->pz.I); - - if (mode == HIP_VERIFY_PUZZLE) { - ipv6_addr_copy((hip_hit_t *)(cookie+8), &hdr->hits); - ipv6_addr_copy((hip_hit_t *)(cookie+24), &hdr->hitr); - //randval = ntoh64(u->sl.J); - randval = u->sl.J; - _HIP_DEBUG("u->sl.J: 0x%llx\n", randval); - maxtries = 1; - } else if (mode == HIP_SOLVE_PUZZLE) { - ipv6_addr_copy((hip_hit_t *)(cookie+8), &hdr->hitr); - ipv6_addr_copy((hip_hit_t *)(cookie+24), &hdr->hits); - maxtries = 1ULL << (u->pz.K + 3); - get_random_bytes(&randval, sizeof(u_int64_t)); - } else { - HIP_IFEL(1, 0, "Unknown mode: %d\n", mode); - } - - HIP_DEBUG("K=%u, maxtries (with k+2)=%llu\n", u->pz.K, maxtries); - /* while loops should work even if the maxtries is unsigned - * if maxtries = 1 ---> while(1 > 0) [maxtries == 0 now]... - * the next round while (0 > 0) [maxtries > 0 now] - */ - while(maxtries-- > 0) { - u8 sha_digest[HIP_AH_SHA_LEN]; - - /* must be 8 */ - memcpy(cookie + 40, (u8*) &randval, sizeof(uint64_t)); - - hip_build_digest(HIP_DIGEST_SHA1, cookie, 48, sha_digest); - - /* copy the last 8 bytes for checking */ - memcpy(&digest, sha_digest + 12, sizeof(uint64_t)); - - /* now, in order to be able to do correctly the bitwise - * AND-operation we have to remember that little endian - * processors will interpret the digest and mask reversely. - * digest is the last 64 bits of the sha1-digest.. how that is - * ordered in processors registers etc.. does not matter to us. - * If the last 64 bits of the sha1-digest is - * 0x12345678DEADBEEF, whether we have 0xEFBEADDE78563412 - * doesn't matter because the mask matters... if the mask is - * 0x000000000000FFFF (or in other endianness - * 0xFFFF000000000000). Either ways... the result is - * 0x000000000000BEEF or 0xEFBE000000000000, which the cpu - * interprets as 0xBEEF. The mask is converted to network byte - * order (above). - */ - if ((digest & mask) == 0) { - _HIP_DEBUG("*** Puzzle solved ***: 0x%llx\n",randval); - _HIP_HEXDUMP("digest", sha_digest, HIP_AH_SHA_LEN); - _HIP_HEXDUMP("cookie", cookie, sizeof(cookie)); - return randval; - } - - /* It seems like the puzzle was not correctly solved */ - HIP_IFEL(mode == HIP_VERIFY_PUZZLE, 0, "Puzzle incorrect\n"); - randval++; - } - - HIP_ERROR("Could not solve the puzzle, no solution found\n"); - out_err: - return err; + struct hip_common *hdr, + int mode) +{ + uint64_t mask = 0; + uint64_t randval = 0; + uint64_t maxtries = 0; + uint64_t digest = 0; + u8 cookie[48]; + int err = 0; + union { + struct hip_puzzle pz; + struct hip_solution sl; + } *u; + + HIP_HEXDUMP("puzzle", puzzle_or_solution, + (mode == HIP_VERIFY_PUZZLE ? sizeof(struct hip_solution) : + sizeof(struct hip_puzzle))); + + _HIP_DEBUG("\n"); + /* pre-create cookie */ + u = puzzle_or_solution; + + _HIP_DEBUG("current hip_cookie_max_k_r1=%d\n", max_k); + HIP_IFEL(u->pz.K > HIP_PUZZLE_MAX_K, 0, + "Cookie K %u is higher than we are willing to calculate" + " (current max K=%d)\n", u->pz.K, HIP_PUZZLE_MAX_K); + + mask = hton64((1ULL << u->pz.K) - 1); + memcpy(cookie, (u8 *) &(u->pz.I), sizeof(uint64_t)); + + HIP_DEBUG("(u->pz.I: 0x%llx\n", u->pz.I); + + if (mode == HIP_VERIFY_PUZZLE) { + ipv6_addr_copy((hip_hit_t *) (cookie + 8), &hdr->hits); + ipv6_addr_copy((hip_hit_t *) (cookie + 24), &hdr->hitr); + //randval = ntoh64(u->sl.J); + randval = u->sl.J; + _HIP_DEBUG("u->sl.J: 0x%llx\n", randval); + maxtries = 1; + } else if (mode == HIP_SOLVE_PUZZLE) { + ipv6_addr_copy((hip_hit_t *) (cookie + 8), &hdr->hitr); + ipv6_addr_copy((hip_hit_t *) (cookie + 24), &hdr->hits); + maxtries = 1ULL << (u->pz.K + 3); + get_random_bytes(&randval, sizeof(u_int64_t)); + } else { + HIP_IFEL(1, 0, "Unknown mode: %d\n", mode); + } + + HIP_DEBUG("K=%u, maxtries (with k+2)=%llu\n", u->pz.K, maxtries); + /* while loops should work even if the maxtries is unsigned + * if maxtries = 1 ---> while(1 > 0) [maxtries == 0 now]... + * the next round while (0 > 0) [maxtries > 0 now] + */ + while (maxtries-- > 0) { + u8 sha_digest[HIP_AH_SHA_LEN]; + + /* must be 8 */ + memcpy(cookie + 40, (u8 *) &randval, sizeof(uint64_t)); + + hip_build_digest(HIP_DIGEST_SHA1, cookie, 48, sha_digest); + + /* copy the last 8 bytes for checking */ + memcpy(&digest, sha_digest + 12, sizeof(uint64_t)); + + /* now, in order to be able to do correctly the bitwise + * AND-operation we have to remember that little endian + * processors will interpret the digest and mask reversely. + * digest is the last 64 bits of the sha1-digest.. how that is + * ordered in processors registers etc.. does not matter to us. + * If the last 64 bits of the sha1-digest is + * 0x12345678DEADBEEF, whether we have 0xEFBEADDE78563412 + * doesn't matter because the mask matters... if the mask is + * 0x000000000000FFFF (or in other endianness + * 0xFFFF000000000000). Either ways... the result is + * 0x000000000000BEEF or 0xEFBE000000000000, which the cpu + * interprets as 0xBEEF. The mask is converted to network byte + * order (above). + */ + if ((digest & mask) == 0) { + _HIP_DEBUG("*** Puzzle solved ***: 0x%llx\n", randval); + _HIP_HEXDUMP("digest", sha_digest, HIP_AH_SHA_LEN); + _HIP_HEXDUMP("cookie", cookie, sizeof(cookie)); + return randval; + } + + /* It seems like the puzzle was not correctly solved */ + HIP_IFEL(mode == HIP_VERIFY_PUZZLE, 0, "Puzzle incorrect\n"); + randval++; + } + + HIP_ERROR("Could not solve the puzzle, no solution found\n"); +out_err: + return err; } #ifdef CONFIG_HIP_MIDAUTH -int hip_solve_puzzle_m(struct hip_common *out, struct hip_common *in, hip_ha_t *entry) +int hip_solve_puzzle_m(struct hip_common *out, + struct hip_common *in, + hip_ha_t *entry) { - struct hip_challenge_request *pz; - struct hip_puzzle tmp; - uint64_t solution; - int err = 0; - uint8_t digist[HIP_AH_SHA_LEN]; - - - pz = hip_get_param(in, HIP_PARAM_CHALLENGE_REQUEST); - while (pz) { - if (hip_get_param_type(pz) != HIP_PARAM_CHALLENGE_REQUEST) - break; - - HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, pz->opaque, 24, digist) < 0, - -1, "Building of SHA1 Random seed I failed\n"); - tmp.type = pz->type; - tmp.length = pz->length; - tmp.K = pz->K; - tmp.lifetime = pz->lifetime; - tmp.opaque[0] = tmp.opaque[1] = 0; - tmp.I = *digist & 0x40; //truncate I to 8 byte length - - HIP_IFEL((solution = entry->hadb_misc_func->hip_solve_puzzle( - &tmp, in, HIP_SOLVE_PUZZLE)) == 0, - -EINVAL, "Solving of puzzle failed\n"); - - HIP_IFEL(hip_build_param_challenge_response(out, pz, ntoh64(solution)) < 0, -1, "Error while creating solution_m reply parameter\n"); - pz = (struct hip_challenge_request *) hip_get_next_param(in, - (struct hip_tlv_common *) pz); - } + struct hip_challenge_request *pz; + struct hip_puzzle tmp; + uint64_t solution; + int err = 0; + uint8_t digist[HIP_AH_SHA_LEN]; + + + pz = hip_get_param(in, HIP_PARAM_CHALLENGE_REQUEST); + while (pz) { + if (hip_get_param_type(pz) != HIP_PARAM_CHALLENGE_REQUEST) { + break; + } + + HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, pz->opaque, 24, digist) < 0, + -1, "Building of SHA1 Random seed I failed\n"); + tmp.type = pz->type; + tmp.length = pz->length; + tmp.K = pz->K; + tmp.lifetime = pz->lifetime; + tmp.opaque[0] = tmp.opaque[1] = 0; + tmp.I = *digist & 0x40; //truncate I to 8 byte length + + HIP_IFEL((solution = entry->hadb_misc_func->hip_solve_puzzle( + &tmp, in, HIP_SOLVE_PUZZLE)) == 0, + -EINVAL, "Solving of puzzle failed\n"); + + HIP_IFEL(hip_build_param_challenge_response(out, pz, ntoh64(solution)) < 0, + -1, + "Error while creating solution_m reply parameter\n"); + pz = (struct hip_challenge_request *) hip_get_next_param(in, + (struct hip_tlv_common *) pz); + } out_err: - return err; + return err; } + #endif - - - - - - /** * Gets the state of the bex for a pair of ip addresses. * @param *src_ip input for finding the correct entries @@ -1931,154 +1959,151 @@ * otherwise returns -1 */ int hip_get_bex_state_from_LSIs(hip_lsi_t *src_lsi, - hip_lsi_t *dst_lsi, - struct in6_addr *src_ip, - struct in6_addr *dst_ip, - struct in6_addr *src_hit, - struct in6_addr *dst_hit){ - int err = 0, res = -1; - struct hip_tlv_common *current_param = NULL; - struct hip_common *msg = NULL; - struct hip_hadb_user_info_state *ha; - - HIP_ASSERT(src_ip != NULL && dst_ip != NULL); - - HIP_IFEL(!(msg = hip_msg_alloc()), -1, "malloc failed\n"); - hip_msg_init(msg); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), - -1, "Building of daemon header failed\n"); - HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send recv daemon info\n"); - - while((current_param = hip_get_next_param(msg, current_param)) != NULL) { - ha = hip_get_param_contents_direct(current_param); - - if( (ipv4_addr_cmp(dst_lsi, &ha->lsi_our) == 0) && - (ipv4_addr_cmp(src_lsi, &ha->lsi_peer) == 0) ){ - *src_hit = ha->hit_peer; - *dst_hit = ha->hit_our; - *src_ip = ha->ip_peer; - *dst_ip = ha->ip_our; - res = ha->state; - break; - }else if( (ipv4_addr_cmp(src_lsi, &ha->lsi_our) == 0) && - (ipv4_addr_cmp(dst_lsi, &ha->lsi_peer) == 0) ){ - *src_hit = ha->hit_our; - *dst_hit = ha->hit_peer; - *src_ip = ha->ip_our; - *dst_ip = ha->ip_peer; - res = ha->state; - break; - } - } - - out_err: - if(msg) - HIP_FREE(msg); - return res; - + hip_lsi_t *dst_lsi, + struct in6_addr *src_ip, + struct in6_addr *dst_ip, + struct in6_addr *src_hit, + struct in6_addr *dst_hit) +{ + int err = 0, res = -1; + struct hip_tlv_common *current_param = NULL; + struct hip_common *msg = NULL; + struct hip_hadb_user_info_state *ha; + + HIP_ASSERT(src_ip != NULL && dst_ip != NULL); + + HIP_IFEL(!(msg = hip_msg_alloc()), -1, "malloc failed\n"); + hip_msg_init(msg); + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), + -1, "Building of daemon header failed\n"); + HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send recv daemon info\n"); + + while ((current_param = hip_get_next_param(msg, current_param)) != NULL) { + ha = hip_get_param_contents_direct(current_param); + + if ((ipv4_addr_cmp(dst_lsi, &ha->lsi_our) == 0) && + (ipv4_addr_cmp(src_lsi, &ha->lsi_peer) == 0)) { + *src_hit = ha->hit_peer; + *dst_hit = ha->hit_our; + *src_ip = ha->ip_peer; + *dst_ip = ha->ip_our; + res = ha->state; + break; + } else if ((ipv4_addr_cmp(src_lsi, &ha->lsi_our) == 0) && + (ipv4_addr_cmp(dst_lsi, &ha->lsi_peer) == 0)) { + *src_hit = ha->hit_our; + *dst_hit = ha->hit_peer; + *src_ip = ha->ip_our; + *dst_ip = ha->ip_peer; + res = ha->state; + break; + } + } + +out_err: + if (msg) { + HIP_FREE(msg); + } + return res; } /** * Obtains the information needed by the dns proxy, based on the ip addr - * + * * @param *ip_addr input, the ip address to look for * @param *hit output, the corresponding hit - * @param *lsi output, the corresponding lsi - * + * @param *lsi output, the corresponding lsi + * * @return 1 - if a corresponding entry is found - * 0 - is returned if there is no entry + * 0 - is returned if there is no entry */ /*int hip_get_info_for_dnsproxy_from_ip( - struct in6_addr *ip_addr, - struct in6_addr *hit, - hip_lsi_t *lsi){ - int err = 0, res = 0; - hip_lsi_t src_ip4, dst_ip4; - struct hip_tlv_common *current_param = NULL; - struct hip_common *msg = NULL; - struct hip_hadb_user_info_state *ha; - - HIP_ASSERT(ip_addr != NULL); - - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, "malloc failed\n"); - hip_msg_init(msg); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), - -1, "Building of daemon header failed\n"); - HIP_IFEL(hip_send_recv_daemon_info(msg), -1, "send recv daemon info\n"); - - while((current_param = hip_get_next_param(msg, current_param)) != NULL){ - ha = hip_get_param_contents_direct(current_param); - if(ipv6_addr_cmp(ip_addr, &ha->ip_our) == 0){ - *hit = ha->hit_our; - *lsi = ha->lsi_our; - res = 1; - break; - } - else if(ipv6_addr_cmp(ip_addr, &ha->ip_peer) == 0){ - *hit = ha->hit_peer; - *lsi = ha->lsi_peer; - res = 1; - break; - } - } -out_err: - if(msg) - HIP_FREE(msg); - return res; -} -*/ + * struct in6_addr *ip_addr, + * struct in6_addr *hit, + * hip_lsi_t *lsi){ + * int err = 0, res = 0; + * hip_lsi_t src_ip4, dst_ip4; + * struct hip_tlv_common *current_param = NULL; + * struct hip_common *msg = NULL; + * struct hip_hadb_user_info_state *ha; + * + * HIP_ASSERT(ip_addr != NULL); + * + * HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, "malloc failed\n"); + * hip_msg_init(msg); + * HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), + * -1, "Building of daemon header failed\n"); + * HIP_IFEL(hip_send_recv_daemon_info(msg), -1, "send recv daemon info\n"); + * + * while((current_param = hip_get_next_param(msg, current_param)) != NULL){ + * ha = hip_get_param_contents_direct(current_param); + * if(ipv6_addr_cmp(ip_addr, &ha->ip_our) == 0){ + *hit = ha->hit_our; + *lsi = ha->lsi_our; + * res = 1; + * break; + * } + * else if(ipv6_addr_cmp(ip_addr, &ha->ip_peer) == 0){ + *hit = ha->hit_peer; + *lsi = ha->lsi_peer; + * res = 1; + * break; + * } + * } + * out_err: + * if(msg) + * HIP_FREE(msg); + * return res; + * } + */ /** * Obtains the information needed by the dns proxy, based on the hostname - * + * * @param *hostname input, the ip address to look for * @param *hit output, the corresponding hit - * @param *lsi output, the corresponding lsi - * + * @param *lsi output, the corresponding lsi + * * @return 1 - if a corresponding entry is found - * 0 - is returned if there is no entry + * 0 - is returned if there is no entry */ /*int hip_get_info_for_dnsproxy_from_hostname( - const char *hostname, - struct in6_addr *ip, - struct in6_addr *hit, - hip_lsi_t *lsi){ - int err = 0, res = 0; - hip_lsi_t src_ip4, dst_ip4; - struct hip_tlv_common *current_param = NULL; - struct hip_common *msg = NULL; - struct hip_hadb_user_info_state *ha; - - HIP_ASSERT(hostname != NULL); - - HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, "malloc failed\n"); - hip_msg_init(msg); - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), - -1, "Building of daemon header failed\n"); - HIP_IFEL(hip_send_recv_daemon_info(msg), -1, "send recv daemon info\n"); - - while((current_param = hip_get_next_param(msg, current_param)) != NULL){ - ha = hip_get_param_contents_direct(current_param); - - if(strcmp(hostname, &ha->peer_hostname) == 0){ - *ip = ha->ip_peer; - *hit = ha->hit_peer; - *lsi = ha->lsi_peer; - res = 1; - break; - } - } - -out_err: - if(msg) - HIP_FREE(msg); - return res; -} -*/ - - - - + * const char *hostname, + * struct in6_addr *ip, + * struct in6_addr *hit, + * hip_lsi_t *lsi){ + * int err = 0, res = 0; + * hip_lsi_t src_ip4, dst_ip4; + * struct hip_tlv_common *current_param = NULL; + * struct hip_common *msg = NULL; + * struct hip_hadb_user_info_state *ha; + * + * HIP_ASSERT(hostname != NULL); + * + * HIP_IFEL(!(msg = malloc(HIP_MAX_PACKET)), -1, "malloc failed\n"); + * hip_msg_init(msg); + * HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_GET_HA_INFO, 0), + * -1, "Building of daemon header failed\n"); + * HIP_IFEL(hip_send_recv_daemon_info(msg), -1, "send recv daemon info\n"); + * + * while((current_param = hip_get_next_param(msg, current_param)) != NULL){ + * ha = hip_get_param_contents_direct(current_param); + * + * if(strcmp(hostname, &ha->peer_hostname) == 0){ + *ip = ha->ip_peer; + *hit = ha->hit_peer; + *lsi = ha->lsi_peer; + * res = 1; + * break; + * } + * } + * + * out_err: + * if(msg) + * HIP_FREE(msg); + * return res; + * } + */ /* This builds a msg which will be sent to the HIPd in order to trigger * a BEX there. @@ -2087,123 +2112,130 @@ * No, because this function is called by hip_fw_handle_outgoing_lsi too. * * NOTE: Either destination HIT or IP (for opportunistic BEX) has to be provided */ -int hip_trigger_bex(const struct in6_addr *src_hit, const struct in6_addr *dst_hit, - struct in6_addr *src_lsi, struct in6_addr *dst_lsi, - struct in6_addr *src_ip, struct in6_addr *dst_ip){ - struct hip_common *msg = NULL; - int err = 0; - HIP_IFE(!(msg = hip_msg_alloc()), -1); - HIP_IFEL(!dst_hit && !dst_ip, -1, - "neither destination hit nor ip provided\n"); - - /* NOTE: we need this sequence in order to process the incoming - message correctly */ - - /* build the message header */ - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_TRIGGER_BEX, 0), - -1, "build hdr failed\n"); - - // destination HIT is obligatory or opportunistic BEX - if(dst_hit) { - HIP_DEBUG_HIT("dst_hit: ", dst_hit); - HIP_IFEL(hip_build_param_contents(msg, (void *)(dst_hit), - HIP_PARAM_HIT, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_HIT failed\n"); - } - - // source HIT is optional - if(src_hit) { - HIP_DEBUG_HIT("src_hit: ", src_hit); - HIP_IFEL(hip_build_param_contents(msg, (void *)(src_hit), - HIP_PARAM_HIT, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_HIT failed\n"); - } - - // destination LSI is obligatory - if(dst_lsi) { - HIP_DEBUG_IN6ADDR("dst lsi: ", dst_lsi); - HIP_IFEL(hip_build_param_contents(msg, (void *)(dst_lsi), - HIP_PARAM_LSI, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_LSI failed\n"); - } - - // source LSI is optional - if(src_lsi) { - HIP_DEBUG_IN6ADDR("src lsi: ", src_lsi); - HIP_IFEL(hip_build_param_contents(msg, (void *)(src_lsi), - HIP_PARAM_LSI, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_LSI failed\n"); - } - - // if no destination HIT is provided this has to be there - if(dst_ip) { - HIP_DEBUG_IN6ADDR("dst_ip: ", dst_ip); - HIP_IFEL(hip_build_param_contents(msg, (void *)(dst_ip), - HIP_PARAM_IPV6_ADDR, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_IPV6_ADDR failed\n"); - } - - // this again is optional - if (src_ip) { - HIP_DEBUG_IN6ADDR("src_ip: ", src_ip); - HIP_IFEL(hip_build_param_contents(msg, (void *)(src_ip), - HIP_PARAM_IPV6_ADDR, - sizeof(struct in6_addr)), - -1, "build param HIP_PARAM_IPV6_ADDR failed\n"); - } - - HIP_DUMP_MSG(msg); - - /* send msg to hipd and receive corresponding reply */ - HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send_recv msg failed\n"); - - /* check error value */ - HIP_IFEL(hip_get_msg_err(msg), -1, "hipd returned error message!\n"); - HIP_DEBUG("Send_recv msg succeed \n"); - - out_err: - if (msg) - HIP_FREE(msg); - return err; +int hip_trigger_bex(const struct in6_addr *src_hit, + const struct in6_addr *dst_hit, + struct in6_addr *src_lsi, + struct in6_addr *dst_lsi, + struct in6_addr *src_ip, + struct in6_addr *dst_ip) +{ + struct hip_common *msg = NULL; + int err = 0; + HIP_IFE(!(msg = hip_msg_alloc()), -1); + HIP_IFEL(!dst_hit && !dst_ip, -1, + "neither destination hit nor ip provided\n"); + + /* NOTE: we need this sequence in order to process the incoming + * message correctly */ + + /* build the message header */ + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_TRIGGER_BEX, 0), + -1, "build hdr failed\n"); + + // destination HIT is obligatory or opportunistic BEX + if (dst_hit) { + HIP_DEBUG_HIT("dst_hit: ", dst_hit); + HIP_IFEL(hip_build_param_contents(msg, (void *) (dst_hit), + HIP_PARAM_HIT, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_HIT failed\n"); + } + + // source HIT is optional + if (src_hit) { + HIP_DEBUG_HIT("src_hit: ", src_hit); + HIP_IFEL(hip_build_param_contents(msg, (void *) (src_hit), + HIP_PARAM_HIT, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_HIT failed\n"); + } + + // destination LSI is obligatory + if (dst_lsi) { + HIP_DEBUG_IN6ADDR("dst lsi: ", dst_lsi); + HIP_IFEL(hip_build_param_contents(msg, (void *) (dst_lsi), + HIP_PARAM_LSI, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_LSI failed\n"); + } + + // source LSI is optional + if (src_lsi) { + HIP_DEBUG_IN6ADDR("src lsi: ", src_lsi); + HIP_IFEL(hip_build_param_contents(msg, (void *) (src_lsi), + HIP_PARAM_LSI, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_LSI failed\n"); + } + + // if no destination HIT is provided this has to be there + if (dst_ip) { + HIP_DEBUG_IN6ADDR("dst_ip: ", dst_ip); + HIP_IFEL(hip_build_param_contents(msg, (void *) (dst_ip), + HIP_PARAM_IPV6_ADDR, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_IPV6_ADDR failed\n"); + } + + // this again is optional + if (src_ip) { + HIP_DEBUG_IN6ADDR("src_ip: ", src_ip); + HIP_IFEL(hip_build_param_contents(msg, (void *) (src_ip), + HIP_PARAM_IPV6_ADDR, + sizeof(struct in6_addr)), + -1, "build param HIP_PARAM_IPV6_ADDR failed\n"); + } + + HIP_DUMP_MSG(msg); + + /* send msg to hipd and receive corresponding reply */ + HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send_recv msg failed\n"); + + /* check error value */ + HIP_IFEL(hip_get_msg_err(msg), -1, "hipd returned error message!\n"); + HIP_DEBUG("Send_recv msg succeed \n"); + +out_err: + if (msg) { + HIP_FREE(msg); + } + return err; } + //Added by Prabhu to get the Data Packet header from Daemon int hip_get_data_packet_header(const struct in6_addr *src_hit, - const struct in6_addr *dst_hit, int payload, struct hip_common *msg) + const struct in6_addr *dst_hit, + int payload, + struct hip_common *msg) { - int err = 0; - - hip_build_network_hdr(msg,HIP_DATA,0,src_hit,dst_hit); - msg->payload_proto = payload; - - HIP_DEBUG("PAYLOAD_PROTO in HIP DATA HEADER = %d ", payload ); - - /* @todo: this will assert */ - HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_BUILD_HOST_ID_SIGNATURE_DATAPACKET, 0), - -1, "build hdr failed\n"); - _HIP_DUMP_MSG(msg); - - /* send msg to hipd and receive corresponding reply */ - HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send_recv msg failed\n"); - - /* check error value */ - HIP_IFEL(hip_get_msg_err(msg), -1, "hipd returned error message!\n"); - HIP_DEBUG("Send_recv msg succeed \n"); + int err = 0; + + hip_build_network_hdr(msg, HIP_DATA, 0, src_hit, dst_hit); + msg->payload_proto = payload; + + HIP_DEBUG("PAYLOAD_PROTO in HIP DATA HEADER = %d ", payload ); + + /* @todo: this will assert */ + HIP_IFEL(hip_build_user_hdr(msg, SO_HIP_BUILD_HOST_ID_SIGNATURE_DATAPACKET, 0), + -1, "build hdr failed\n"); + _HIP_DUMP_MSG(msg); + + /* send msg to hipd and receive corresponding reply */ + HIP_IFEL(hip_send_recv_daemon_info(msg, 0, 0), -1, "send_recv msg failed\n"); + + /* check error value */ + HIP_IFEL(hip_get_msg_err(msg), -1, "hipd returned error message!\n"); + HIP_DEBUG("Send_recv msg succeed \n"); out_err: - msg->type_hdr = HIP_DATA; - msg->payload_proto = payload; // this was overwritten by some mischief.. So reseting it + msg->type_hdr = HIP_DATA; + /* this was overwritten by some mischief.. So reseting it */ + msg->payload_proto = payload; - return err; + return err; } - - /** * Checks whether there is a local ipv6 socket that is: * connected to a particular port @@ -2213,600 +2245,630 @@ * @param *proto protocol type * * @return 1 if it finds the required socket - * 0 otherwise + * 0 otherwise */ -int hip_get_proto_info(in_port_t port_dest, char *proto) { - FILE *fd = NULL; - char line[500], sub_string_addr_hex[8], path[11+sizeof(proto)]; - char *fqdn_str = NULL, *separator = NULL, *sub_string_port_hex = NULL; - int lineno = 0, index_addr_port = 0, exists = 0, result; - uint32_t result_addr; - struct in_addr addr; - List list; - - if (!proto) - return 0; - - if (!strcmp(proto, "tcp6") || !strcmp(proto, "tcp")) - index_addr_port = 15; - else if (!strcmp(proto, "udp6") || !strcmp(proto,"udp")) - index_addr_port = 10; - else - return 0; - - strcpy(path,"/proc/net/"); - strcat(path, proto); - fd = fopen(path, "r"); - - initlist(&list); - while (fd && getwithoutnewline(line, 500, fd) != NULL && !exists) { - lineno++; - - destroy(&list); - initlist(&list); - - if (lineno == 1 || strlen(line) <=1) - continue; - - extractsubstrings(line, &list); - - fqdn_str = getitem(&list, index_addr_port); - if (fqdn_str) - separator = strrchr(fqdn_str, ':'); - - if (!separator) - continue; - - sub_string_port_hex = strtok(separator, ":"); - //sprintf(port_dest_hex, "%x", port_dest); - //HIP_DEBUG("sub_string_port_hex %s\n",sub_string_port_hex); - sscanf(sub_string_port_hex,"%X", &result); - HIP_DEBUG("Result %i\n", result); - HIP_DEBUG("port dest %i\n", port_dest); - if (result == port_dest) { - strncpy(sub_string_addr_hex, fqdn_str, 8); - sscanf(sub_string_addr_hex, "%X", &result_addr); - addr.s_addr = result_addr; - if (IS_LSI32(addr.s_addr)) { - exists = 2; - break; - } else { - exists = 1; - break; - } - } - } /* end of while */ - if (fd) - fclose(fd); - destroy(&list); - - return exists; +int hip_get_proto_info(in_port_t port_dest, char *proto) +{ + FILE *fd = NULL; + char line[500], sub_string_addr_hex[8], path[11 + sizeof(proto)]; + char *fqdn_str = NULL, *separator = NULL, *sub_string_port_hex = NULL; + int lineno = 0, index_addr_port = 0, exists = 0, result; + uint32_t result_addr; + struct in_addr addr; + List list; + + if (!proto) { + return 0; + } + + if (!strcmp(proto, "tcp6") || !strcmp(proto, "tcp")) { + index_addr_port = 15; + } else if (!strcmp(proto, "udp6") || !strcmp(proto, "udp")) { + index_addr_port = 10; + } else { + return 0; + } + + strcpy(path, "/proc/net/"); + strcat(path, proto); + fd = fopen(path, "r"); + + initlist(&list); + while (fd && getwithoutnewline(line, 500, fd) != NULL && !exists) { + lineno++; + + destroy(&list); + initlist(&list); + + if (lineno == 1 || strlen(line) <= 1) { + continue; + } + + extractsubstrings(line, &list); + + fqdn_str = getitem(&list, index_addr_port); + if (fqdn_str) { + separator = strrchr(fqdn_str, ':'); + } + + if (!separator) { + continue; + } + + sub_string_port_hex = strtok(separator, ":"); + //sprintf(port_dest_hex, "%x", port_dest); + //HIP_DEBUG("sub_string_port_hex %s\n",sub_string_port_hex); + sscanf(sub_string_port_hex, "%X", &result); + HIP_DEBUG("Result %i\n", result); + HIP_DEBUG("port dest %i\n", port_dest); + if (result == port_dest) { + strncpy(sub_string_addr_hex, fqdn_str, 8); + sscanf(sub_string_addr_hex, "%X", &result_addr); + addr.s_addr = result_addr; + if (IS_LSI32(addr.s_addr)) { + exists = 2; + break; + } else { + exists = 1; + break; + } + } + } /* end of while */ + if (fd) { + fclose(fd); + } + destroy(&list); + + return exists; } -void hip_get_rsa_keylen(const struct hip_host_id_priv *host_id, - struct hip_rsa_keylen *ret, - int is_priv){ - int bytes; - u8 *tmp = (u8 *) host_id->key; - int offset = 0; - int e_len = tmp[offset++]; - - /* Check for public exponent longer than 255 bytes (see RFC 3110) */ - if (e_len == 0) { - e_len = ntohs((u16)tmp[offset]); - offset += 2; - } - - /* - hi_length is the total length of: - rdata struct (4 bytes), length of e (1 byte for e < 255 bytes, 3 bytes otherwise), - e (normally 3 bytes), followed by public n, private d, p, q, dmp1, dmq1, iqmp - n_len == d_len == 2 * p_len == 2 * q_len == dmp1_len == dmq1_len == iqmp_len - for 9/2 * n_len - */ - if (is_priv) - bytes = (ntohs(host_id->hi_length) - sizeof(struct hip_host_id_key_rdata) - - offset - e_len) * 2 / 9; - else - bytes = (ntohs(host_id->hi_length) - sizeof(struct hip_host_id_key_rdata) - - offset - e_len); - - ret->e_len = offset; - ret->e = e_len; - ret->n = bytes; +void hip_get_rsa_keylen(const struct hip_host_id_priv *host_id, + struct hip_rsa_keylen *ret, + int is_priv) +{ + int bytes; + u8 *tmp = (u8 *) host_id->key; + int offset = 0; + int e_len = tmp[offset++]; + + /* Check for public exponent longer than 255 bytes (see RFC 3110) */ + if (e_len == 0) { + e_len = ntohs((u16) tmp[offset]); + offset += 2; + } + + /* + * hi_length is the total length of: + * rdata struct (4 bytes), length of e (1 byte for e < 255 bytes, 3 bytes otherwise), + * e (normally 3 bytes), followed by public n, private d, p, q, dmp1, dmq1, iqmp + * n_len == d_len == 2 * p_len == 2 * q_len == dmp1_len == dmq1_len == iqmp_len + * for 9/2 * n_len + */ + if (is_priv) { + bytes = (ntohs(host_id->hi_length) - sizeof(struct hip_host_id_key_rdata) - + offset - e_len) * 2 / 9; + } else { + bytes = (ntohs(host_id->hi_length) - sizeof(struct hip_host_id_key_rdata) - + offset - e_len); + } + + ret->e_len = offset; + ret->e = e_len; + ret->n = bytes; } #ifndef __KERNEL__ -RSA *hip_key_rr_to_rsa(const struct hip_host_id_priv *host_id, int is_priv) { - int offset; - struct hip_rsa_keylen keylen; - RSA *rsa = NULL; - - hip_get_rsa_keylen(host_id, &keylen, is_priv); - - rsa = RSA_new(); - if (!rsa) { - HIP_ERROR("Failed to allocate RSA\n"); - return NULL; - } - - offset = keylen.e_len; - rsa->e = BN_bin2bn(&host_id->key[offset], keylen.e, 0); - offset += keylen.e; - rsa->n = BN_bin2bn(&host_id->key[offset], keylen.n, 0); - - if (is_priv) { - offset += keylen.n; - rsa->d = BN_bin2bn(&host_id->key[offset], keylen.n, 0); - offset += keylen.n; - rsa->p = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); - offset += keylen.n / 2; - rsa->q = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); - offset += keylen.n / 2; - rsa->dmp1 = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); - offset += keylen.n / 2; - rsa->dmq1 = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); - offset += keylen.n / 2; - rsa->iqmp = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); - } - - return rsa; -} - -DSA *hip_key_rr_to_dsa(const struct hip_host_id_priv *host_id, int is_priv) { - int offset = 0; - DSA *dsa = NULL; - u8 t = host_id->key[offset++]; - int key_len = 64 + (t * 8); - - dsa = DSA_new(); - if (!dsa) { - HIP_ERROR("Failed to allocate DSA\n"); - return NULL; - } - - dsa->q = BN_bin2bn(&host_id->key[offset], DSA_PRIV, 0); - offset += DSA_PRIV; - dsa->p = BN_bin2bn(&host_id->key[offset], key_len, 0); - offset += key_len; - dsa->g = BN_bin2bn(&host_id->key[offset], key_len, 0); - offset += key_len; - dsa->pub_key = BN_bin2bn(&host_id->key[offset], key_len, 0); - - if (is_priv) { - offset += key_len; - dsa->priv_key = BN_bin2bn(&host_id->key[offset], DSA_PRIV, 0); - - /* Precompute values for faster signing */ - DSA_sign_setup(dsa, NULL, &dsa->kinv, &dsa->r); - } - - return dsa; -} +RSA *hip_key_rr_to_rsa(const struct hip_host_id_priv *host_id, int is_priv) +{ + int offset; + struct hip_rsa_keylen keylen; + RSA *rsa = NULL; + + hip_get_rsa_keylen(host_id, &keylen, is_priv); + + rsa = RSA_new(); + if (!rsa) { + HIP_ERROR("Failed to allocate RSA\n"); + return NULL; + } + + offset = keylen.e_len; + rsa->e = BN_bin2bn(&host_id->key[offset], keylen.e, 0); + offset += keylen.e; + rsa->n = BN_bin2bn(&host_id->key[offset], keylen.n, 0); + + if (is_priv) { + offset += keylen.n; + rsa->d = BN_bin2bn(&host_id->key[offset], keylen.n, 0); + offset += keylen.n; + rsa->p = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); + offset += keylen.n / 2; + rsa->q = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); + offset += keylen.n / 2; + rsa->dmp1 = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); + offset += keylen.n / 2; + rsa->dmq1 = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); + offset += keylen.n / 2; + rsa->iqmp = BN_bin2bn(&host_id->key[offset], keylen.n / 2, 0); + } + + return rsa; +} + +DSA *hip_key_rr_to_dsa(const struct hip_host_id_priv *host_id, int is_priv) +{ + int offset = 0; + DSA *dsa = NULL; + u8 t = host_id->key[offset++]; + int key_len = 64 + (t * 8); + + dsa = DSA_new(); + if (!dsa) { + HIP_ERROR("Failed to allocate DSA\n"); + return NULL; + } + + dsa->q = BN_bin2bn(&host_id->key[offset], DSA_PRIV, 0); + offset += DSA_PRIV; + dsa->p = BN_bin2bn(&host_id->key[offset], key_len, 0); + offset += key_len; + dsa->g = BN_bin2bn(&host_id->key[offset], key_len, 0); + offset += key_len; + dsa->pub_key = BN_bin2bn(&host_id->key[offset], key_len, 0); + + if (is_priv) { + offset += key_len; + dsa->priv_key = BN_bin2bn(&host_id->key[offset], DSA_PRIV, 0); + + /* Precompute values for faster signing */ + DSA_sign_setup(dsa, NULL, &dsa->kinv, &dsa->r); + } + + return dsa; +} + #endif /* !__KERNEL__ */ -int hip_string_to_lowercase(char *to, const char *from, const size_t count){ - if(to == NULL || from == NULL || count == 0) - return -1; - - int i = 0; - - for(; i < count; i++) { - if(isalpha(from[i])) { - to[i] = tolower(from[i]); - } else { - to[i] = from[i]; - } - } - return 0; +int hip_string_to_lowercase(char *to, const char *from, const size_t count) +{ + if (to == NULL || from == NULL || count == 0) { + return -1; + } + + int i = 0; + + for (; i < count; i++) { + if (isalpha(from[i])) { + to[i] = tolower(from[i]); + } else { + to[i] = from[i]; + } + } + return 0; } - -int hip_string_is_digit(const char *string){ - if(string == NULL) - return -1; - - int i = 0; - - while(string[i] != '\0') { - if(!isdigit(string[i])) { - return -1; - } - i++; - } - return 0; +int hip_string_is_digit(const char *string) +{ + if (string == NULL) { + return -1; + } + + int i = 0; + + while (string[i] != '\0') { + if (!isdigit(string[i])) { + return -1; + } + i++; + } + return 0; } int hip_map_first_id_to_hostname_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - - if (!ipv6_addr_cmp((struct in6_addr *) arg, &entry->id)) { - _HIP_DEBUG("Match on line %d\n", entry->lineno); - memcpy(result, entry->hostname, strlen(entry->hostname)); - err = 0; /* Stop at the first match */ - } - - return err; + const void *arg, + void *result) +{ + int err = 1; + + if (!ipv6_addr_cmp((struct in6_addr *) arg, &entry->id)) { + _HIP_DEBUG("Match on line %d\n", entry->lineno); + memcpy(result, entry->hostname, strlen(entry->hostname)); + err = 0; /* Stop at the first match */ + } + + return err; } int hip_map_first_lsi_to_hostname_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - int is_lsi = hip_id_type_match(&entry->id, 2); - - if (!ipv6_addr_cmp((struct in6_addr *) arg, &entry->id) && is_lsi) { - _HIP_DEBUG("Match on line %d\n", entry->lineno); - memcpy(result, entry->hostname, strlen(entry->hostname)); - err = 0; /* Stop at the first match */ - } - - return err; + const void *arg, + void *result) +{ + int err = 1; + int is_lsi = hip_id_type_match(&entry->id, 2); + + if (!ipv6_addr_cmp((struct in6_addr *) arg, &entry->id) && is_lsi) { + _HIP_DEBUG("Match on line %d\n", entry->lineno); + memcpy(result, entry->hostname, strlen(entry->hostname)); + err = 0; /* Stop at the first match */ + } + + return err; } -int hip_map_lsi_to_hostname_from_hosts(hip_lsi_t *lsi, char *hostname) { - return (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_lsi_to_hostname_from_hosts, - lsi, hostname) && - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_lsi_to_hostname_from_hosts, - lsi, hostname)); +int hip_map_lsi_to_hostname_from_hosts(hip_lsi_t *lsi, char *hostname) +{ + return hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_lsi_to_hostname_from_hosts, + lsi, hostname) && + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_lsi_to_hostname_from_hosts, + lsi, hostname); } int hip_map_first_hostname_to_hit_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - int is_hit; - - /* test if hostname/alias matches and the type is hit */ - if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || - (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || - (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { - is_hit = hip_id_type_match(&entry->id, 1); - - HIP_IFE(!is_hit, 1); - - _HIP_DEBUG("Match on line %d\n", entry->lineno); - ipv6_addr_copy(result, &entry->id); - err = 0; /* Stop at the first match */ - } - - out_err: - - return err; + const void *arg, + void *result) +{ + int err = 1; + int is_hit; + + /* test if hostname/alias matches and the type is hit */ + if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || + (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || + (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { + is_hit = hip_id_type_match(&entry->id, 1); + + HIP_IFE(!is_hit, 1); + + _HIP_DEBUG("Match on line %d\n", entry->lineno); + ipv6_addr_copy(result, &entry->id); + err = 0; /* Stop at the first match */ + } + +out_err: + + return err; } int hip_map_first_hostname_to_lsi_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - int is_lsi; - - /* test if hostname/alias matches and the type is lsi */ - if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || - (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || - (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { - is_lsi = hip_id_type_match(&entry->id, 2); - - HIP_IFE(!is_lsi, 1); - - _HIP_DEBUG("Match on line %d\n", entry->lineno); - ipv6_addr_copy(result, &entry->id); - err = 0; /* Stop at the first match */ - } - - out_err: - - return err; + const void *arg, + void *result) +{ + int err = 1; + int is_lsi; + + /* test if hostname/alias matches and the type is lsi */ + if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || + (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || + (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { + is_lsi = hip_id_type_match(&entry->id, 2); + + HIP_IFE(!is_lsi, 1); + + _HIP_DEBUG("Match on line %d\n", entry->lineno); + ipv6_addr_copy(result, &entry->id); + err = 0; /* Stop at the first match */ + } + +out_err: + + return err; } int hip_map_first_hostname_to_ip_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - int is_lsi, is_hit; - - /* test if hostname/alias matches and the type is routable ip */ - if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || - (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || - (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { - is_hit = hip_id_type_match(&entry->id, 1); - is_lsi = hip_id_type_match(&entry->id, 2); - - HIP_IFE((is_hit || is_lsi), 1); - - _HIP_DEBUG("Match on line %d\n", entry->lineno); - ipv6_addr_copy(result, &entry->id); - err = 0; /* Stop at the first match */ - } - - out_err: - - return err; + const void *arg, + void *result) +{ + int err = 1; + int is_lsi, is_hit; + + /* test if hostname/alias matches and the type is routable ip */ + if (!strncmp(arg, entry->hostname, HOST_NAME_MAX) || + (entry->alias && !strncmp(arg, entry->alias, HOST_NAME_MAX)) || + (entry->alias2 && !strncmp(arg, entry->alias2, HOST_NAME_MAX))) { + is_hit = hip_id_type_match(&entry->id, 1); + is_lsi = hip_id_type_match(&entry->id, 2); + + HIP_IFE((is_hit || is_lsi), 1); + + _HIP_DEBUG("Match on line %d\n", entry->lineno); + ipv6_addr_copy(result, &entry->id); + err = 0; /* Stop at the first match */ + } + +out_err: + + return err; } - int hip_calc_lines_in_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int *res = (int *) result; - (*res)++; - return 1; + const void *arg, + void *result) +{ + int *res = (int *) result; + (*res)++; + return 1; } int hip_get_nth_id_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result) { - int err = 1; - const int *nth = (const int *) arg; - int *total_past = (int *) result; + const void *arg, + void *result) +{ + int err = 1; + const int *nth = (const int *) arg; + int *total_past = (int *) result; - if (*nth == *total_past) { - ipv6_addr_copy(result, &entry->id); - err = 0; - } else { - (*total_past)++; - } - return err; + if (*nth == *total_past) { + ipv6_addr_copy(result, &entry->id); + err = 0; + } else { + (*total_past)++; + } + return err; } int hip_for_each_hosts_file_line(const char *hosts_file, - int (*func)(const struct hosts_file_line *line,const void *arg,void *result), - void *arg, void *result) + int(*func)(const struct hosts_file_line *line, + const void *arg, + void *result), + void *arg, + void *result) { - FILE *hip_hosts = NULL; - List mylist; - char line[500]; - int err = 0, lineno = 0; - struct in_addr in_addr; - struct hosts_file_line entry; - char *hostname = NULL, *alias = NULL, *alias2 = NULL, *addr_ptr = NULL; - - initlist(&mylist); - memset(line, 0, sizeof(line)); - - /* check whether given hit_str is actually a HIT */ - - hip_hosts = fopen(hosts_file, "r"); - - HIP_IFEL(!hip_hosts, -1, "Failed to open hosts file\n"); - - /* For each line in the given hosts file, convert the line into binary format and - call the given the handler */ - - err = 1; - while (fgets(line, sizeof(line) - 1, hip_hosts) != NULL) { - char *eofline, *c, *comment; - int len; - - lineno++; - c = line; - - /* Remove whitespace */ - while (*c == ' ' || *c == '\t') - c++; - - /* Line is a comment or empty */ - if (*c =='#' || *c =='\n' || *c == '\0') - continue; - - eofline = strchr(c, '\n'); - if (eofline) - *eofline = '\0'; - - /* Terminate before (the first) trailing comment */ - comment = strchr(c, '#'); - if (comment) - *comment = '\0'; - - /* shortest hostname: ":: a" = 4 */ - if ((len = strlen(c)) < 4) { - HIP_DEBUG("skip line\n"); - continue; - } - - _HIP_DEBUG("lineno=%d, str=%s\n", lineno, c); - - /* Split line into list */ - extractsubstrings(c, &mylist); - - len = length(&mylist); - if (len < 2 || len > 4) { - HIP_ERROR("Bad number of items on line %d in %s, skipping\n", - lineno, hosts_file); - continue; - } - - /* The list contains hosts line in reverse order. Let's sort it. */ - switch (len) - { - case (2): - alias = NULL; - hostname = getitem(&mylist, 0); - addr_ptr = getitem(&mylist, 1); - break; - case (3): - alias = getitem(&mylist, 0); - hostname = getitem(&mylist, 1); - addr_ptr = getitem(&mylist, 2); - break; - case (4): - alias2 = getitem(&mylist, 0); - alias = getitem(&mylist, 1); - hostname = getitem(&mylist, 2); - addr_ptr = getitem(&mylist, 3); - break; - } - - /* Initialize entry */ - - memset(&entry, 0, sizeof(entry)); - - HIP_ASSERT(addr_ptr); - err = inet_pton(AF_INET6, addr_ptr, &entry.id); - if (err <= 0) { - err = inet_pton(AF_INET, addr_ptr, &in_addr); - if (err <= 0) { - HIP_ERROR("Bad address %s on line %d in %s, skipping\n", - addr_ptr, lineno, hosts_file); - continue; - } - IPV4_TO_IPV6_MAP(&in_addr, &entry.id); - } - - entry.hostname = hostname; - HIP_ASSERT(entry.hostname) - - entry.alias2 = alias2; - entry.alias = alias; - entry.lineno = lineno; - - /* Finally, call the handler function to handle the line */ - - if (func(&entry, arg, result) == 0) { - _HIP_DEBUG("Match on line %d in %s\n", lineno, hosts_file); - err = 0; - break; - } - + FILE *hip_hosts = NULL; + List mylist; + char line[500]; + int err = 0, lineno = 0; + struct in_addr in_addr; + struct hosts_file_line entry; + char *hostname = NULL, *alias = NULL, *alias2 = NULL, *addr_ptr = NULL; + + initlist(&mylist); memset(line, 0, sizeof(line)); + + /* check whether given hit_str is actually a HIT */ + + hip_hosts = fopen(hosts_file, "r"); + + HIP_IFEL(!hip_hosts, -1, "Failed to open hosts file\n"); + + /* For each line in the given hosts file, convert the line into binary format and + * call the given the handler */ + + err = 1; + while (fgets(line, sizeof(line) - 1, hip_hosts) != NULL) { + char *eofline, *c, *comment; + int len; + + lineno++; + c = line; + + /* Remove whitespace */ + while (*c == ' ' || *c == '\t') { + c++; + } + + /* Line is a comment or empty */ + if (*c == '#' || *c == '\n' || *c == '\0') { + continue; + } + + eofline = strchr(c, '\n'); + if (eofline) { + *eofline = '\0'; + } + + /* Terminate before (the first) trailing comment */ + comment = strchr(c, '#'); + if (comment) { + *comment = '\0'; + } + + /* shortest hostname: ":: a" = 4 */ + if ((len = strlen(c)) < 4) { + HIP_DEBUG("skip line\n"); + continue; + } + + _HIP_DEBUG("lineno=%d, str=%s\n", lineno, c); + + /* Split line into list */ + extractsubstrings(c, &mylist); + + len = length(&mylist); + if (len < 2 || len > 4) { + HIP_ERROR("Bad number of items on line %d in %s, skipping\n", + lineno, hosts_file); + continue; + } + + /* The list contains hosts line in reverse order. Let's sort it. */ + switch (len) { + case (2): + alias = NULL; + hostname = getitem(&mylist, 0); + addr_ptr = getitem(&mylist, 1); + break; + case (3): + alias = getitem(&mylist, 0); + hostname = getitem(&mylist, 1); + addr_ptr = getitem(&mylist, 2); + break; + case (4): + alias2 = getitem(&mylist, 0); + alias = getitem(&mylist, 1); + hostname = getitem(&mylist, 2); + addr_ptr = getitem(&mylist, 3); + break; + } + + /* Initialize entry */ + + memset(&entry, 0, sizeof(entry)); + + HIP_ASSERT(addr_ptr); + err = inet_pton(AF_INET6, addr_ptr, &entry.id); + if (err <= 0) { + err = inet_pton(AF_INET, addr_ptr, &in_addr); + if (err <= 0) { + HIP_ERROR("Bad address %s on line %d in %s, skipping\n", + addr_ptr, lineno, hosts_file); + continue; + } + IPV4_TO_IPV6_MAP(&in_addr, &entry.id); + } + + entry.hostname = hostname; + HIP_ASSERT(entry.hostname) + + entry.alias2 = alias2; + entry.alias = alias; + entry.lineno = lineno; + + /* Finally, call the handler function to handle the line */ + + if (func(&entry, arg, result) == 0) { + _HIP_DEBUG("Match on line %d in %s\n", lineno, hosts_file); + err = 0; + break; + } + + memset(line, 0, sizeof(line)); + destroy(&mylist); + } + +out_err: + destroy(&mylist); - } - - out_err: - - destroy(&mylist); - - if (hip_hosts) - fclose(hip_hosts); - - return err; + + if (hip_hosts) { + fclose(hip_hosts); + } + + return err; } int hip_map_lsi_to_hit_from_hosts_files(hip_lsi_t *lsi, hip_hit_t *hit) { - int err = 0; - uint8_t hostname[HOST_NAME_MAX]; - struct in6_addr mapped_lsi; - - memset(hostname, 0, sizeof(hostname)); - HIP_ASSERT(lsi && hit); - - IPV4_TO_IPV6_MAP(lsi, &mapped_lsi); - - err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &mapped_lsi, hostname); - if(err) - err = hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &mapped_lsi, hostname); - - HIP_IFEL(err, -1, "Failed to map id to hostname\n"); - - err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_hostname_to_hit_from_hosts, - hostname, hit); - if(err) - err = hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_hostname_to_hit_from_hosts, - hostname, hit); - - HIP_IFEL(err, -1, "Failed to map id to hostname\n"); - - HIP_DEBUG_HIT("Found hit: ", hit); - - out_err: - - return err; + int err = 0; + uint8_t hostname[HOST_NAME_MAX]; + struct in6_addr mapped_lsi; + + memset(hostname, 0, sizeof(hostname)); + HIP_ASSERT(lsi && hit); + + IPV4_TO_IPV6_MAP(lsi, &mapped_lsi); + + err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &mapped_lsi, hostname); + if (err) { + err = hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &mapped_lsi, hostname); + } + + HIP_IFEL(err, -1, "Failed to map id to hostname\n"); + + err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_hostname_to_hit_from_hosts, + hostname, hit); + if (err) { + err = hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_hostname_to_hit_from_hosts, + hostname, hit); + } + + HIP_IFEL(err, -1, "Failed to map id to hostname\n"); + + HIP_DEBUG_HIT("Found hit: ", hit); + +out_err: + + return err; } int hip_map_hit_to_lsi_from_hosts_files(const hip_hit_t *hit, hip_lsi_t *lsi) { - int err = 0; - uint8_t hostname[HOST_NAME_MAX]; - struct in6_addr mapped_lsi; - - memset(hostname, 0, sizeof(hostname)); - HIP_ASSERT(lsi && hit); - - err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - (hip_hit_t *) hit, hostname) && - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - (hip_hit_t *) hit, hostname)); - HIP_IFEL(err, -1, "Failed to map id to hostname\n"); - - err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_hostname_to_lsi_from_hosts, - hostname, &mapped_lsi) && - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_hostname_to_lsi_from_hosts, - hostname, &mapped_lsi)); - HIP_IFEL(err, -1, "Failed to map hostname to lsi\n"); - - IPV6_TO_IPV4_MAP(&mapped_lsi, lsi); - - HIP_DEBUG_LSI("Found lsi: ", lsi); - - out_err: - - return err; + int err = 0; + uint8_t hostname[HOST_NAME_MAX]; + struct in6_addr mapped_lsi; + + memset(hostname, 0, sizeof(hostname)); + HIP_ASSERT(lsi && hit); + + err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + (hip_hit_t *) hit, hostname) && + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + (hip_hit_t *) hit, hostname)); + HIP_IFEL(err, -1, "Failed to map id to hostname\n"); + + err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_hostname_to_lsi_from_hosts, + hostname, &mapped_lsi) && + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_hostname_to_lsi_from_hosts, + hostname, &mapped_lsi)); + HIP_IFEL(err, -1, "Failed to map hostname to lsi\n"); + + IPV6_TO_IPV4_MAP(&mapped_lsi, lsi); + + HIP_DEBUG_LSI("Found lsi: ", lsi); + +out_err: + + return err; } int hip_get_random_hostname_id_from_hosts(char *filename, - char *hostname, - char *id_str) { - - int lines = 0, err = 0, nth; - struct in6_addr id; - - memset(&id, 0, sizeof(struct in6_addr)); - - /* ignore return value, returns always error */ - hip_for_each_hosts_file_line(filename, - hip_calc_lines_in_hosts, - NULL, - &lines); - HIP_IFEL((lines == 0), -1, - "No lines in host file %s\n", filename); - - srand(time(NULL)); - nth = rand() % lines; - - err = hip_for_each_hosts_file_line(filename, - hip_get_nth_id_from_hosts, - &nth, - &id); - HIP_IFEL(err, -1, "Failed to get random id\n"); - - err = hip_for_each_hosts_file_line(filename, - hip_map_first_id_to_hostname_from_hosts, - &id, - hostname); - HIP_IFEL(err, -1, "Failed to map to hostname\n"); - - if (IN6_IS_ADDR_V4MAPPED(&id)) { - struct in_addr id4; - IPV6_TO_IPV4_MAP(&id, &id4); - HIP_IFEL(!inet_ntop(AF_INET, &id4, id_str, - INET_ADDRSTRLEN), -1, - "inet_ntop failed\n"); - } else { - HIP_IFEL(!inet_ntop(AF_INET6, &id, id_str, - INET6_ADDRSTRLEN), -1, - "inet_ntop failed\n"); - } - - out_err: - return err; + char *hostname, + char *id_str) +{ + int lines = 0, err = 0, nth; + struct in6_addr id; + + memset(&id, 0, sizeof(struct in6_addr)); + + /* ignore return value, returns always error */ + hip_for_each_hosts_file_line(filename, + hip_calc_lines_in_hosts, + NULL, + &lines); + HIP_IFEL((lines == 0), -1, + "No lines in host file %s\n", filename); + + srand(time(NULL)); + nth = rand() % lines; + + err = hip_for_each_hosts_file_line(filename, + hip_get_nth_id_from_hosts, + &nth, + &id); + HIP_IFEL(err, -1, "Failed to get random id\n"); + + err = hip_for_each_hosts_file_line(filename, + hip_map_first_id_to_hostname_from_hosts, + &id, + hostname); + HIP_IFEL(err, -1, "Failed to map to hostname\n"); + + if (IN6_IS_ADDR_V4MAPPED(&id)) { + struct in_addr id4; + IPV6_TO_IPV4_MAP(&id, &id4); + HIP_IFEL(!inet_ntop(AF_INET, &id4, id_str, + INET_ADDRSTRLEN), -1, + "inet_ntop failed\n"); + } else { + HIP_IFEL(!inet_ntop(AF_INET6, &id, id_str, + INET6_ADDRSTRLEN), -1, + "inet_ntop failed\n"); + } + +out_err: + return err; } - /** * * This function maps a HIT or a LSI (nodename) to an IP address using the two hosts files. @@ -2815,67 +2877,69 @@ * /etc/hosts. The IP address is returned in the res argument. * */ -int hip_map_id_to_ip_from_hosts_files(hip_hit_t *hit, hip_lsi_t *lsi, struct in6_addr *ip) { - int err = 0; - uint8_t hostname[HOST_NAME_MAX]; - - HIP_ASSERT((hit || lsi) && ip); - - memset(hostname, 0, sizeof(hostname)); - - if (hit && !ipv6_addr_any(hit)) { - err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - hit, hostname); - } else { - struct in6_addr mapped_lsi; - IPV4_TO_IPV6_MAP(lsi, &mapped_lsi); - err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &mapped_lsi, hostname) && - hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_id_to_hostname_from_hosts, - &mapped_lsi, hostname)); - } - - HIP_IFEL(err, -1, "Failed to map id to hostname\n"); - - err = hip_for_each_hosts_file_line(HOSTS_FILE, - hip_map_first_hostname_to_ip_from_hosts, - hostname, ip); - HIP_IFEL(err, -1, "Failed to map id to ip\n"); - - out_err: - return err; +int hip_map_id_to_ip_from_hosts_files(hip_hit_t *hit, hip_lsi_t *lsi, struct in6_addr *ip) +{ + int err = 0; + uint8_t hostname[HOST_NAME_MAX]; + + HIP_ASSERT((hit || lsi) && ip); + + memset(hostname, 0, sizeof(hostname)); + + if (hit && !ipv6_addr_any(hit)) { + err = hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + hit, hostname); + } else { + struct in6_addr mapped_lsi; + IPV4_TO_IPV6_MAP(lsi, &mapped_lsi); + err = (hip_for_each_hosts_file_line(HIPL_HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &mapped_lsi, hostname) && + hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_id_to_hostname_from_hosts, + &mapped_lsi, hostname)); + } + + HIP_IFEL(err, -1, "Failed to map id to hostname\n"); + + err = hip_for_each_hosts_file_line(HOSTS_FILE, + hip_map_first_hostname_to_ip_from_hosts, + hostname, ip); + HIP_IFEL(err, -1, "Failed to map id to ip\n"); + +out_err: + return err; } + #endif /* !__KERNEL__ */ in_port_t hip_get_local_nat_udp_port() { - return hip_local_nat_udp_port; + return hip_local_nat_udp_port; } in_port_t hip_get_peer_nat_udp_port() { - return hip_peer_nat_udp_port; + return hip_peer_nat_udp_port; } int hip_set_local_nat_udp_port(in_port_t port) { - int err = 0; - HIP_DEBUG("set local nat udp port %d\n", port); - hip_local_nat_udp_port = port; + int err = 0; + HIP_DEBUG("set local nat udp port %d\n", port); + hip_local_nat_udp_port = port; - return err; + return err; } int hip_set_peer_nat_udp_port(in_port_t port) { - int err = 0; + int err = 0; - HIP_DEBUG("set peer nat udp port %d\n", port); - hip_peer_nat_udp_port = port; - return err; + HIP_DEBUG("set peer nat udp port %d\n", port); + hip_peer_nat_udp_port = port; + return err; } /** hip_verify_packet_signature - verify the signature in a packet @@ -2886,85 +2950,95 @@ * * @return zero on success, or negative error value on failure */ -int hip_verify_packet_signature(struct hip_common *pkt, - struct hip_host_id *peer_host_id) +int hip_verify_packet_signature(struct hip_common *pkt, + struct hip_host_id *peer_host_id) { - int err = 0; - struct hip_host_id *peer_pub = NULL; - int len = hip_get_param_total_len(peer_host_id); - char *key = NULL; - - HIP_IFEL(!(peer_pub = HIP_MALLOC(len, GFP_KERNEL)), - -ENOMEM, "Out of memory\n"); - - memcpy(peer_pub, peer_host_id, len); - - if (peer_host_id->rdata.algorithm == HIP_HI_DSA){ - key = (char *) hip_key_rr_to_rsa( - (struct hip_host_id_priv *)peer_pub, 0); - err = hip_dsa_verify((DSA *) key, pkt); - } else if(peer_host_id->rdata.algorithm == HIP_HI_RSA){ - key = (char *) hip_key_rr_to_rsa( - (struct hip_host_id_priv *)peer_pub, 0); - err = hip_rsa_verify((RSA *) key, pkt); - } else { - HIP_ERROR("Unknown algorithm\n"); - err = -1; - } - - out_err: - if (peer_pub) - free(peer_pub); - - return err; + int err = 0; + struct hip_host_id *peer_pub = NULL; + int len = hip_get_param_total_len(peer_host_id); + char *key = NULL; + + HIP_IFEL(!(peer_pub = HIP_MALLOC(len, GFP_KERNEL)), + -ENOMEM, "Out of memory\n"); + + memcpy(peer_pub, peer_host_id, len); + + if (peer_host_id->rdata.algorithm == HIP_HI_DSA) { + key = (char *) hip_key_rr_to_rsa( + (struct hip_host_id_priv *) peer_pub, 0); + err = hip_dsa_verify((DSA *) key, pkt); + } else if (peer_host_id->rdata.algorithm == HIP_HI_RSA) { + key = (char *) hip_key_rr_to_rsa( + (struct hip_host_id_priv *) peer_pub, 0); + err = hip_rsa_verify((RSA *) key, pkt); + } else { + HIP_ERROR("Unknown algorithm\n"); + err = -1; + } + +out_err: + if (peer_pub) { + free(peer_pub); + } + + return err; } int hip_addr_is_loopback(struct in6_addr *addr) { - struct in_addr addr_in; + struct in_addr addr_in; - if (!IN6_IS_ADDR_V4MAPPED(addr)) - return IN6_IS_ADDR_LOOPBACK(addr); - IPV6_TO_IPV4_MAP(addr, &addr_in); - return IS_IPV4_LOOPBACK(addr_in.s_addr); + if (!IN6_IS_ADDR_V4MAPPED(addr)) { + return IN6_IS_ADDR_LOOPBACK(addr); + } + IPV6_TO_IPV4_MAP(addr, &addr_in); + return IS_IPV4_LOOPBACK(addr_in.s_addr); } -/** +/** * base64_encode - Encodes given content to Base64 * @param buf Pointer to contents to be encoded * @param len How long is the first parameter in bytes * * @return Returns a pointer to encoded content or NULL on error */ -unsigned char * base64_encode(unsigned char * buf, unsigned int len) +unsigned char *base64_encode(unsigned char *buf, unsigned int len) { - unsigned char * ret; + unsigned char *ret; unsigned int b64_len; b64_len = (((len + 2) / 3) * 4) + 1; - ret = (unsigned char *)malloc(b64_len); - if (ret == NULL) goto out_err; + ret = (unsigned char *) malloc(b64_len); + if (ret == NULL) { + goto out_err; + } EVP_EncodeBlock(ret, buf, len); return ret; - out_err: - if (ret) free(ret); - return(NULL); +out_err: + if (ret) { + free(ret); + } + return NULL; } int hip_host_id_entry_to_hit_info(struct hip_host_id_entry *entry, - void *msg) + void *msg) { - struct hip_hit_info data; - int err = 0; - - memcpy(&data.lhi, &entry->lhi, sizeof(struct hip_lhi)); - /* FIXME: algo is 0 in entry->lhi */ - data.lhi.algo = hip_get_host_id_algo(entry->host_id); - memcpy(&data.lsi, &entry->lsi, sizeof(hip_lsi_t)); - - HIP_IFEL(hip_build_param_contents(msg, &data, HIP_PARAM_HIT_INFO, - sizeof(data)), -1, "Error building parameter\n"); - + struct hip_hit_info data; + int err = 0; + + memcpy(&data.lhi, &entry->lhi, sizeof(struct hip_lhi)); + /* FIXME: algo is 0 in entry->lhi */ + data.lhi.algo = hip_get_host_id_algo(entry->host_id); + memcpy(&data.lsi, &entry->lsi, sizeof(hip_lsi_t)); + + HIP_IFEL(hip_build_param_contents(msg, + &data, + HIP_PARAM_HIT_INFO, + sizeof(data)), + -1, + "Error building parameter\n"); + out_err: - return err; + return err; } === modified file 'lib/core/misc.c.doxyme' --- lib/core/misc.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/misc.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,187 +45,187 @@ /** - * base64_encode + * base64_encode * * * @param autogen.sh - * @return + * @return **/ /** - * change_key_file_perms + * change_key_file_perms * * * @param filenamebase - * @return + * @return **/ /** - * check_and_create_dir + * check_and_create_dir * * * @param dirname * @param mode - * @return + * @return **/ /** - * check_and_create_file + * check_and_create_file * * * @param filename * @param mode - * @return + * @return **/ /** - * convert_string_to_address + * convert_string_to_address * * * @param str * @param ip6 - * @return + * @return **/ /** - * convert_string_to_address_v4 + * convert_string_to_address_v4 * * * @param str * @param libopphip - * @return + * @return **/ /** - * dsa_to_dns_key_rr + * dsa_to_dns_key_rr * * * @param dsa * @param dsa_key_rr - * @return + * @return **/ /** - * get_random_bytes + * get_random_bytes * * * @param buf * @param n - * @return + * @return **/ /** - * hip_addr_to_sockaddr + * hip_addr_to_sockaddr * * * @param addr * @param sa - * @return + * @return **/ /** - * hip_auth_key_length_esp + * hip_auth_key_length_esp * * * @param tid - * @return + * @return **/ /** - * hip_birthday_success + * hip_birthday_success * * * @param old_bd * @param new_bd - * @return + * @return **/ /** - * hip_build_digest + * hip_build_digest * * * @param type * @param in * @param in_len * @param cscope.out - * @return + * @return **/ /** - * hip_calc_lines_in_hosts + * hip_calc_lines_in_hosts * * * @param entry * @param arg * @param result - * @return + * @return **/ /** - * hip_cast_sa_addr + * hip_cast_sa_addr * * * @param sa - * @return + * @return **/ /** - * hip_convert_hit_to_str + * hip_convert_hit_to_str * * * @param hit * @param prefix * @param hit_str - * @return + * @return **/ /** - * hip_create_lock_file + * hip_create_lock_file * * * @param filename * @param killold - * @return + * @return **/ /** - * hip_dsa_host_id_to_hit + * hip_dsa_host_id_to_hit * * * @param host_id * @param hit * @param hit_type - * @return + * @return **/ /** - * hip_enc_key_length + * hip_enc_key_length * * * @param tid - * @return + * @return **/ /** - * hip_for_each_hosts_file_line + * hip_for_each_hosts_file_line * * * @param hosts_file @@ -233,12 +234,12 @@ * @param result) * @param arg * @param result) - * @return + * @return **/ /** - * hip_get_bex_state_from_LSIs + * hip_get_bex_state_from_LSIs * * * @param src_lsi @@ -247,409 +248,409 @@ * @param dst_ip * @param src_hit * @param dst_hit - * @return + * @return **/ /** - * hip_get_data_packet_header + * hip_get_data_packet_header * * * @param src_hit * @param dst_hit * @param payload * @param msg - * @return + * @return **/ /** - * hip_get_nat_username + * hip_get_nat_username * * * @param buf * @param hit - * @return + * @return **/ /** - * hip_get_nth_id_from_hosts + * hip_get_nth_id_from_hosts * * * @param entry * @param arg * @param result - * @return + * @return **/ /** - * hip_get_proto_info + * hip_get_proto_info * * * @param port_dest * @param proto - * @return + * @return **/ /** - * hip_get_random_hostname_id_from_hosts + * hip_get_random_hostname_id_from_hosts * * * @param filename * @param hostname * @param id_str - * @return + * @return **/ /** - * hip_get_rsa_keylen + * hip_get_rsa_keylen * * * @param host_id * @param ret * @param is_priv - * @return - **/ - - -/** - * hip_hash_generic - * - * - * @param ptr - * @return - **/ - - -/** - * hip_hash_hit - * - * - * @param ptr - * @return - **/ - - -/** - * hip_hash_spi - * - * - * @param ptr - * @return - **/ - - -/** - * hip_hit_are_equal - * - * - * @param hit1 - * @param hit2 - * @return - **/ - - -/** - * hip_hit_is_bigger - * - * - * @param hit1 - * @param hit2 - * @return - **/ - - -/** - * hip_hmac_key_length + * @return + **/ + + +/** + * hip_hash_generic + * + * + * @param ptr + * @return + **/ + + +/** + * hip_hash_hit + * + * + * @param ptr + * @return + **/ + + +/** + * hip_hash_spi + * + * + * @param ptr + * @return + **/ + + +/** + * hip_hit_are_equal + * + * + * @param hit1 + * @param hit2 + * @return + **/ + + +/** + * hip_hit_is_bigger + * + * + * @param hit1 + * @param hit2 + * @return + **/ + + +/** + * hip_hmac_key_length * * * @param tid - * @return + * @return **/ /** - * hip_host_id_contains_private_key + * hip_host_id_contains_private_key * * * @param host_id - * @return + * @return **/ /** - * hip_host_id_to_hit + * hip_host_id_to_hit * * * @param host_id * @param hit * @param hit_type - * @return + * @return **/ /** - * hip_id_type_match + * hip_id_type_match * * * @param libhipandroid * @param id_type - * @return - **/ - - -/** - * hip_in6_ntop - * - * - * @param in6 - * @param buf - * @return - **/ - - -/** - * hip_in6_ntop2 - * - * - * @param in6 - * @param buf - * @return - **/ - - -/** - * hip_key_rr_to_dsa - * - * - * @param host_id - * @param is_priv - * @return - **/ - - -/** - * hip_key_rr_to_rsa - * - * - * @param host_id - * @param is_priv - * @return - **/ - - -/** - * hip_lsi_are_equal + * @return + **/ + + +/** + * hip_in6_ntop + * + * + * @param in6 + * @param buf + * @return + **/ + + +/** + * hip_in6_ntop2 + * + * + * @param in6 + * @param buf + * @return + **/ + + +/** + * hip_key_rr_to_dsa + * + * + * @param host_id + * @param is_priv + * @return + **/ + + +/** + * hip_key_rr_to_rsa + * + * + * @param host_id + * @param is_priv + * @return + **/ + + +/** + * hip_lsi_are_equal * * * @param lsi1 * @param lsi2 - * @return - **/ - - -/** - * hip_map_first_hostname_to_hit_from_hosts - * - * - * @param entry - * @param arg - * @param result - * @return - **/ - - -/** - * hip_map_first_hostname_to_ip_from_hosts - * - * - * @param entry - * @param arg - * @param result - * @return - **/ - - -/** - * hip_map_first_hostname_to_lsi_from_hosts - * - * - * @param entry - * @param arg - * @param result - * @return - **/ - - -/** - * hip_map_first_id_to_hostname_from_hosts - * - * - * @param entry - * @param arg - * @param result - * @return - **/ - - -/** - * hip_map_first_lsi_to_hostname_from_hosts - * - * - * @param entry - * @param arg - * @param result - * @return - **/ - - -/** - * hip_map_hit_to_lsi_from_hosts_files + * @return + **/ + + +/** + * hip_map_first_hostname_to_hit_from_hosts + * + * + * @param entry + * @param arg + * @param result + * @return + **/ + + +/** + * hip_map_first_hostname_to_ip_from_hosts + * + * + * @param entry + * @param arg + * @param result + * @return + **/ + + +/** + * hip_map_first_hostname_to_lsi_from_hosts + * + * + * @param entry + * @param arg + * @param result + * @return + **/ + + +/** + * hip_map_first_id_to_hostname_from_hosts + * + * + * @param entry + * @param arg + * @param result + * @return + **/ + + +/** + * hip_map_first_lsi_to_hostname_from_hosts + * + * + * @param entry + * @param arg + * @param result + * @return + **/ + + +/** + * hip_map_hit_to_lsi_from_hosts_files * * * @param hit * @param lsi - * @return + * @return **/ /** - * hip_map_id_to_ip_from_hosts_files + * hip_map_id_to_ip_from_hosts_files * * * @param hit * @param lsi * @param libopphip - * @return + * @return **/ /** - * hip_map_lsi_to_hit_from_hosts_files + * hip_map_lsi_to_hit_from_hosts_files * * * @param lsi * @param hit - * @return + * @return **/ /** - * hip_map_lsi_to_hostname_from_hosts + * hip_map_lsi_to_hostname_from_hosts * * * @param lsi * @param hostname - * @return - **/ - - -/** - * hip_match_generic - * - * - * @param ptr1 - * @param ptr2 - * @return - **/ - - -/** - * hip_match_hit - * - * - * @param ptr1 - * @param ptr2 - * @return - **/ - - -/** - * hip_opportunistic_ipv6_to_hit + * @return + **/ + + +/** + * hip_match_generic + * + * + * @param ptr1 + * @param ptr2 + * @return + **/ + + +/** + * hip_match_hit + * + * + * @param ptr1 + * @param ptr2 + * @return + **/ + + +/** + * hip_opportunistic_ipv6_to_hit * * * @param libopphip * @param hit * @param hit_type - * @return - **/ - - -/** - * hip_private_dsa_host_id_to_hit - * - * - * @param host_id - * @param hit - * @param hit_type - * @return - **/ - - -/** - * hip_private_host_id_to_hit - * - * - * @param host_id - * @param hit - * @param hit_type - * @return - **/ - - -/** - * hip_private_rsa_host_id_to_hit - * - * - * @param host_id - * @param hit - * @param hit_type - * @return - **/ - - -/** - * hip_remove_lock_file + * @return + **/ + + +/** + * hip_private_dsa_host_id_to_hit + * + * + * @param host_id + * @param hit + * @param hit_type + * @return + **/ + + +/** + * hip_private_host_id_to_hit + * + * + * @param host_id + * @param hit + * @param hit_type + * @return + **/ + + +/** + * hip_private_rsa_host_id_to_hit + * + * + * @param host_id + * @param hit + * @param hit_type + * @return + **/ + + +/** + * hip_remove_lock_file * * * @param filename - * @return + * @return **/ /** - * hip_sa_addr_len + * hip_sa_addr_len * * * @param sockaddr - * @return - **/ - - -/** - * hip_select_esp_transform - * - * - * @param libdht - * @return - **/ - - -/** - * hip_select_hip_transform - * - * - * @param libdht - * @return - **/ - - -/** - * hip_serialize_host_id_action + * @return + **/ + + +/** + * hip_select_esp_transform + * + * + * @param libdht + * @return + **/ + + +/** + * hip_select_hip_transform + * + * + * @param libdht + * @return + **/ + + +/** + * hip_serialize_host_id_action * * * @param msg @@ -660,110 +661,110 @@ * @param hi_file * @param rsa_key_bits * @param dsa_key_bits - * @return - **/ - - -/** - * hip_set_local_nat_udp_port - * - * - * @param port - * @return - **/ - - -/** - * hip_set_peer_nat_udp_port - * - * - * @param port - * @return - **/ - - -/** - * hip_sockaddr_is_v6_mapped + * @return + **/ + + +/** + * hip_set_local_nat_udp_port + * + * + * @param port + * @return + **/ + + +/** + * hip_set_peer_nat_udp_port + * + * + * @param port + * @return + **/ + + +/** + * hip_sockaddr_is_v6_mapped * * * @param sa - * @return + * @return **/ /** - * hip_sockaddr_len + * hip_sockaddr_len * * * @param sockaddr - * @return + * @return **/ /** - * hip_solve_puzzle + * hip_solve_puzzle * * * @param puzzle_or_solution * @param hdr * @param mode - * @return + * @return **/ /** - * hip_solve_puzzle_m + * hip_solve_puzzle_m * * * @param cscope.out * @param in * @param entry - * @return + * @return **/ /** - * hip_string_is_digit + * hip_string_is_digit * * * @param string - * @return + * @return **/ /** - * hip_string_to_lowercase + * hip_string_to_lowercase * * * @param to * @param from * @param count - * @return + * @return **/ /** - * hip_timeval_diff + * hip_timeval_diff * * * @param t1 * @param t2 * @param result - * @return + * @return **/ /** - * hip_transform_key_length + * hip_transform_key_length * * * @param tid - * @return + * @return **/ /** - * hip_trigger_bex + * hip_trigger_bex * * * @param src_hit @@ -772,33 +773,33 @@ * @param dst_lsi * @param src_ip * @param dst_ip - * @return + * @return **/ /** - * hip_verify_packet_signature + * hip_verify_packet_signature * * * @param pkt * @param peer_host_id - * @return + * @return **/ /** - * hip_xor_hits + * hip_xor_hits * * * @param res * @param hit1 * @param hit2 - * @return + * @return **/ /** - * ipv4_checksum + * ipv4_checksum * * * @param protocol @@ -806,38 +807,37 @@ * @param dst[] * @param data[] * @param len - * @return + * @return **/ /** - * khi_encode + * khi_encode * * * @param orig * @param orig_len * @param encoded * @param encoded_len - * @return + * @return **/ /** - * maxof + * maxof * * * @param num_args * @param ... - * @return + * @return **/ /** - * rsa_to_dns_key_rr + * rsa_to_dns_key_rr * * * @param rsa * @param rsa_key_rr - * @return + * @return **/ - === modified file 'lib/core/misc.h' --- lib/core/misc.h 2010-02-08 15:23:29 +0000 +++ lib/core/misc.h 2010-02-10 23:55:24 +0000 @@ -41,113 +41,121 @@ #define HIP_DEFAULT_EXEC_PATH "/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/system/bin" struct hip_rsa_keylen { - int e_len; - int e; - int n; + int e_len; + int e; + int n; }; struct hip_hit_info { - struct hip_lhi lhi; - hip_lsi_t lsi; + struct hip_lhi lhi; + hip_lsi_t lsi; }; int hip_sockaddr_is_v6_mapped(struct sockaddr *sa); static inline int ipv4_addr_cmp(const struct in_addr *a1, - const struct in_addr *a2) + const struct in_addr *a2) { - return memcmp((const char *) a1, (const char *) a2, - sizeof(struct in_addr)); + return memcmp((const char *) a1, (const char *) a2, + sizeof(struct in_addr)); } static inline void ipv4_addr_copy(struct in_addr *a1, - const struct in_addr *a2) + const struct in_addr *a2) { - memcpy((char *) a1, (const char *) a2, sizeof(struct in_addr)); + memcpy((char *) a1, (const char *) a2, sizeof(struct in_addr)); } static inline int ipv6_addr_cmp(const struct in6_addr *a1, - const struct in6_addr *a2) + const struct in6_addr *a2) { - return memcmp((const char *) a1, (const char *) a2, - sizeof(struct in6_addr)); + return memcmp((const char *) a1, (const char *) a2, + sizeof(struct in6_addr)); } static inline void ipv6_addr_copy(struct in6_addr *a1, - const struct in6_addr *a2) + const struct in6_addr *a2) { - memcpy((char *) a1, (const char *) a2, sizeof(struct in6_addr)); + memcpy((char *) a1, (const char *) a2, sizeof(struct in6_addr)); } static inline int ipv6_addr_any(const struct in6_addr *a) { - return ((a->s6_addr32[0] | a->s6_addr32[1] | - a->s6_addr32[2] | a->s6_addr32[3] ) == 0); -} -int hip_opportunistic_ipv6_to_hit(const struct in6_addr *ip, - struct in6_addr *hit, int hit_type); - -static inline void hip_copy_in6addr_null_check(struct in6_addr *to, struct in6_addr *from) { - HIP_ASSERT(to); - if (from) - ipv6_addr_copy(to, from); - else - memset(to, 0, sizeof(*to)); -} - -static inline void hip_copy_inaddr_null_check(struct in_addr *to, struct in_addr *from) { - HIP_ASSERT(to); - if (from) - memcpy(to, from, sizeof(*to)); - else - memset(to, 0, sizeof(*to)); + return (a->s6_addr32[0] | a->s6_addr32[1] | + a->s6_addr32[2] | a->s6_addr32[3]) == 0; +} + +int hip_opportunistic_ipv6_to_hit(const struct in6_addr *ip, + struct in6_addr *hit, int hit_type); + +static inline void hip_copy_in6addr_null_check(struct in6_addr *to, + struct in6_addr *from) +{ + HIP_ASSERT(to); + if (from) { + ipv6_addr_copy(to, from); + } else { + memset(to, 0, sizeof(*to)); + } +} + +static inline void hip_copy_inaddr_null_check(struct in_addr *to, + struct in_addr *from) +{ + HIP_ASSERT(to); + if (from) { + memcpy(to, from, sizeof(*to)); + } else { + memset(to, 0, sizeof(*to)); + } } int khi_encode(unsigned char *orig, int orig_len, - unsigned char *encoded, - int encoded_len); + unsigned char *encoded, + int encoded_len); int hip_dsa_host_id_to_hit(const struct hip_host_id *host_id, - struct in6_addr *hit, int hit_type); + struct in6_addr *hit, int hit_type); /* Useless abstraction, goes to the same function anyway -- SAMU - - True that. Let's make this a static inline function and move it to the header - file. It still remains as useless abstraction, but at least we eliminate the - need for a call and return sequence. -Lauri 06.08.2008 -*/ + * + * True that. Let's make this a static inline function and move it to the header + * file. It still remains as useless abstraction, but at least we eliminate the + * need for a call and return sequence. -Lauri 06.08.2008 + */ #ifndef __KERNEL__ static inline int hip_rsa_host_id_to_hit(const struct hip_host_id *host_id, - struct in6_addr *hit, int hit_type) + struct in6_addr *hit, int hit_type) { - return hip_dsa_host_id_to_hit(host_id, hit, hit_type); + return hip_dsa_host_id_to_hit(host_id, hit, hit_type); } + #endif int hip_host_id_to_hit(const struct hip_host_id *host_id, - struct in6_addr *hit, int hit_type); + struct in6_addr *hit, int hit_type); int hip_private_dsa_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, - int hit_type); + struct in6_addr *hit, + int hit_type); int hip_private_rsa_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, - int hit_type); + struct in6_addr *hit, + int hit_type); int hip_private_host_id_to_hit(const struct hip_host_id_priv *host_id, - struct in6_addr *hit, int hit_type); + struct in6_addr *hit, int hit_type); int check_and_create_dir(char *dirname, mode_t mode); int hip_timeval_diff(const struct timeval *t1, const struct timeval *t2, - struct timeval *result); -char* hip_in6_ntop(const struct in6_addr *in6, char *buf); -char* hip_hit_ntop(const hip_hit_t *hit, char *buf); + struct timeval *result); +char *hip_in6_ntop(const struct in6_addr *in6, char *buf); +char *hip_hit_ntop(const hip_hit_t *hit, char *buf); int hip_host_id_contains_private_key(struct hip_host_id *host_id); u8 *hip_host_id_extract_public_key(u8 *buffer, struct hip_host_id *data); int hip_lsi_are_equal(const hip_lsi_t *lsi1, - const hip_lsi_t *lsi2); + const hip_lsi_t *lsi2); int hip_hit_is_bigger(const struct in6_addr *hit1, - const struct in6_addr *hit2); + const struct in6_addr *hit2); int hip_hit_are_equal(const struct in6_addr *hit1, - const struct in6_addr *hit2); + const struct in6_addr *hit2); unsigned long hip_hash_hit(const void *hit); int hip_match_hit(const void *, const void *); @@ -161,9 +169,14 @@ int hip_hmac_key_length(int tid); int hip_enc_key_length(int tid); uint64_t hip_get_current_birthday(void); -int hip_serialize_host_id_action(struct hip_common *msg, int action, int anon, - int use_default, const char *hi_fmt, - const char *hi_file, int rsa_key_bits, int dsa_key_bits); +int hip_serialize_host_id_action(struct hip_common *msg, + int action, + int anon, + int use_default, + const char *hi_fmt, + const char *hi_file, + int rsa_key_bits, + int dsa_key_bits); int hip_convert_hit_to_str(const hip_hit_t *hit, const char *prefix, char *str); int maxof(int num_args, ...); @@ -176,7 +189,7 @@ int dsa_to_dns_key_rr(DSA *dsa, unsigned char **buf); int rsa_to_dns_key_rr(RSA *rsa, unsigned char **rsa_key_rr); #endif -void *hip_cast_sa_addr(const struct sockaddr* sa); +void *hip_cast_sa_addr(const struct sockaddr *sa); int hip_sockaddr_len(const void *sockaddr); int hip_sa_addr_len(void *sockaddr); int hip_create_lock_file(char *filename, int killold); @@ -185,7 +198,9 @@ void hip_addr_to_sockaddr(struct in6_addr *addr, struct sockaddr_storage *sa); uint64_t hip_solve_puzzle(void *puzzle, struct hip_common *hdr, int mode); -int hip_solve_puzzle_m(struct hip_common *out, struct hip_common *in, hip_ha_t *entry); +int hip_solve_puzzle_m(struct hip_common *out, + struct hip_common *in, + hip_ha_t *entry); /** * Converts a string to lowercase. Converts parameter @c from string to a @@ -199,7 +214,7 @@ * termination</b>. Use strlen(from) + 1. * @return -1 if @c count is zero or if @c to or @c from are NULL, zero * otherwise. - */ + */ int hip_string_to_lowercase(char *to, const char *from, const size_t count); /** @@ -208,10 +223,12 @@ * @param string the string to check * @return -1 if @c string is NULL or if the string has characters other * than digits, zero otherwise. - */ + */ int hip_string_is_digit(const char *string); -void hip_get_rsa_keylen(const struct hip_host_id_priv *host_id, struct hip_rsa_keylen *ret, int is_priv); +void hip_get_rsa_keylen(const struct hip_host_id_priv *host_id, + struct hip_rsa_keylen *ret, + int is_priv); #ifndef __KERNEL__ RSA *hip_key_rr_to_rsa(const struct hip_host_id_priv *host_id, int is_priv); @@ -220,35 +237,44 @@ int hip_get_random_hostname_id_from_hosts(char *filename, - char *hostname, - char *id_str); - - -int hip_trigger_bex(const struct in6_addr *src_hit, const struct in6_addr *dst_hit, - struct in6_addr *src_lsi, struct in6_addr *dst_lsi, - struct in6_addr *src_ip, struct in6_addr *dst_ip); + char *hostname, + char *id_str); + +int hip_trigger_bex(const struct in6_addr *src_hit, + const struct in6_addr *dst_hit, + struct in6_addr *src_lsi, + struct in6_addr *dst_lsi, + struct in6_addr *src_ip, + struct in6_addr *dst_ip); + int hip_get_data_packet_header(const struct in6_addr *src_hit, - const struct in6_addr *dst_hit, int payload, struct hip_common *msg); + const struct in6_addr *dst_hit, + int payload, + struct hip_common *msg); + int hip_map_first_id_to_hostname_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result); + const void *arg, + void *result); int hip_map_first_hostname_to_hit_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result); + const void *arg, + void *result); int hip_map_first_hostname_to_lsi_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result); + const void *arg, + void *result); int hip_map_first_hostname_to_ip_from_hosts(const struct hosts_file_line *entry, - const void *arg, - void *result); + const void *arg, + void *result); int hip_for_each_hosts_file_line(const char *hosts_file, - int (*func)(const struct hosts_file_line *line, - const void *arg, - void *result), - void *arg, void *result); + int(*func)(const struct hosts_file_line *line, + const void *arg, + void *result), + void *arg, + void *result); int hip_map_lsi_to_hit_from_hosts_files(hip_lsi_t *lsi, hip_hit_t *hit); int hip_map_hit_to_lsi_from_hosts_files(const hip_hit_t *hit, hip_lsi_t *lsi); -int hip_map_id_to_ip_from_hosts_files(hip_hit_t *hit, hip_lsi_t *lsi, struct in6_addr *ip); +int hip_map_id_to_ip_from_hosts_files(hip_hit_t *hit, + hip_lsi_t *lsi, + struct in6_addr *ip); int hip_map_lsi_to_hostname_from_hosts(hip_lsi_t *lsi, char *hostname); /** @@ -280,17 +306,20 @@ int hip_get_proto_info(in_port_t port_dest, char *proto); -int hip_get_bex_state_from_LSIs(hip_lsi_t *src_lsi, hip_lsi_t *dst_lsi, - struct in6_addr *src_ip, struct in6_addr *dst_ip, - struct in6_addr *src_hit, struct in6_addr *dst_hit); +int hip_get_bex_state_from_LSIs(hip_lsi_t *src_lsi, + hip_lsi_t *dst_lsi, + struct in6_addr *src_ip, + struct in6_addr *dst_ip, + struct in6_addr *src_hit, + struct in6_addr *dst_hit); u16 ipv4_checksum(u8 protocol, u8 src[], u8 dst[], u8 data[], u16 len); /* openSSL wrapper functions for base64 encoding and decoding */ -unsigned char * base64_encode(unsigned char *, unsigned int); +unsigned char *base64_encode(unsigned char *, unsigned int); int hip_host_id_entry_to_hit_info(struct hip_host_id_entry *entry, - void *msg); + void *msg); #endif /* HIP_MISC_H */ === modified file 'lib/core/misc.h.doxyme' --- lib/core/misc.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/misc.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/misc.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/protodefs.h' --- lib/core/protodefs.h 2010-02-08 15:18:06 +0000 +++ lib/core/protodefs.h 2010-02-10 23:55:24 +0000 @@ -7,7 +7,7 @@ #ifdef __KERNEL__ # include "usercompat.h" - typedef uint16_t in_port_t; +typedef uint16_t in_port_t; # define MAX_HASH_LENGTH 0 # define MAX_HTREE_DEPTH 0 #else @@ -37,7 +37,8 @@ #define HIP_NOTIFY 17 #define HIP_CLOSE 18 #define HIP_CLOSE_ACK 19 -#define HIP_HDRR 20 /* 20 was already occupied by HIP_PSIG so shifting HIP_PSIG and HIP_TRIG plus 1*/ +/* 20 was already occupied by HIP_PSIG so shifting HIP_PSIG and HIP_TRIG plus 1*/ +#define HIP_HDRR 20 #define HIP_PSIG 21 /* lightweight HIP pre signature */ #define HIP_TRIG 22 /* lightweight HIP signature trigger*/ #define HIP_LUPDATE 23 @@ -49,7 +50,7 @@ #define HIP_HIT_TYPE_HASH100 1 #define HIP_HIT_TYPE_MASK_100 0x20010010 #define HIP_TEREDO_TYPE_MASK_100 0x20010000 -#define HIP_LSI_TYPE_MASK_1 0x01000000 +#define HIP_LSI_TYPE_MASK_1 0x01000000 #define HIP_HIT_TYPE_MASK_CLEAR 0x0000000f #define HIP_LSI_TYPE_MASK_CLEAR 0x000000ff #define HIP_HIT_TYPE_MASK_INV 0xfffffff0 @@ -57,14 +58,14 @@ #define HIP_HIT_PREFIX HIP_HIT_TYPE_MASK_100 #define HIP_TEREDO_PREFIX HIP_TEREDO_TYPE_MASK_100 #define HIP_LSI_PREFIX HIP_LSI_TYPE_MASK_1 -#define HIP_HIT_PREFIX_LEN 28 /* bits */ -#define HIP_LSI_PREFIX_LEN 24 /* bits */ +#define HIP_HIT_PREFIX_LEN 28 /* bits */ +#define HIP_LSI_PREFIX_LEN 24 /* bits */ #define HIP_HIT_FULL_PREFIX_STR "/128" #define HIP_HIT_PREFIX_STR "/28" #define HIP_LSI_FULL_PREFIX_STR "/24" -#define HIP_FULL_LSI_STR "1.0.0.0/8" -#define HIP_KHI_CONTEXT_ID_INIT { 0xF0,0xEF,0xF0,0x2F,0xBF,0xF4,0x3D,0x0F, \ - 0xE7,0x93,0x0C,0x3C,0x6E,0x61,0x74,0xEA } +#define HIP_FULL_LSI_STR "1.0.0.0/8" +#define HIP_KHI_CONTEXT_ID_INIT { 0xF0, 0xEF, 0xF0, 0x2F, 0xBF, 0xF4, 0x3D, 0x0F, \ + 0xE7, 0x93, 0x0C, 0x3C, 0x6E, 0x61, 0x74, 0xEA } /** @addtogroup hip_param_type_numbers * @{ @@ -74,9 +75,9 @@ #define HIP_PARAM_ESP_INFO 65 #define HIP_PARAM_R1_COUNTER 128 #define HIP_PARAM_LOCATOR 193 - //NAT branch +//NAT branch /*195 is temp value, check me later**/ -#define HIP_PARAM_STUN 195 +#define HIP_PARAM_STUN 195 //end NAT branch #define HIP_PARAM_HASH_CHAIN_VALUE 221 #define HIP_PARAM_HASH_CHAIN_ANCHORS 222 @@ -89,20 +90,20 @@ #define HIP_PARAM_DIFFIE_HELLMAN 513 #define HIP_PARAM_HIP_TRANSFORM 577 //NAT branch -#define HIP_PARAM_NAT_TRANSFORM 608 -#define HIP_PARAM_NAT_PACING 610 -//end NAT branch - +#define HIP_PARAM_NAT_TRANSFORM 608 +#define HIP_PARAM_NAT_PACING 610 +//end NAT branch + #define HIP_PARAM_ENCRYPTED 641 #define HIP_PARAM_HOST_ID 705 #define HIP_PARAM_CERT 768 #define HIP_PARAM_NOTIFICATION 832 #define HIP_PARAM_ECHO_REQUEST_SIGN 897 -#define HIP_PARAM_REG_INFO 930 -#define HIP_PARAM_REG_REQUEST 932 -#define HIP_PARAM_REG_RESPONSE 934 -#define HIP_PARAM_REG_FAILED 936 -#define HIP_PARAM_REG_FROM 950 +#define HIP_PARAM_REG_INFO 930 +#define HIP_PARAM_REG_REQUEST 932 +#define HIP_PARAM_REG_RESPONSE 934 +#define HIP_PARAM_REG_FAILED 936 +#define HIP_PARAM_REG_FROM 950 #define HIP_PARAM_ECHO_RESPONSE_SIGN 961 #define HIP_PARAM_ECHO_RESPONSE_M 962 #define HIP_PARAM_ESP_TRANSFORM 4095 @@ -112,11 +113,11 @@ #define HIP_PARAM_ESP_PROT_SECRET 4123 #define HIP_PARAM_ESP_PROT_ROOT 4124 #define HIP_PARAM_LOCAL_NAT_PORT 4125 -#define HIP_PARAM_PEER_NAT_PORT 4126 +#define HIP_PARAM_PEER_NAT_PORT 4126 /* Range 32768 - 49141 for HIPL private network parameters. Please add - here only network messages, not internal messages! - @todo: move these to icomm.h */ + * here only network messages, not internal messages! + * @todo: move these to icomm.h */ #define HIP_PARAM_HIT 32768 #define HIP_PARAM_IPV6_ADDR 32769 #define HIP_PARAM_DSA_SIGN_DATA 32770 /**< @todo change to digest */ @@ -132,65 +133,65 @@ #define HIP_PARAM_PSEUDO_HIT 32780 #define HIP_PARAM_BLIND_NONCE 32785 /**< Pass blind nonce */ #define HIP_PARAM_OPENDHT_GW_INFO 32786 -#define HIP_PARAM_ENCAPS_MSG 32787 -#define HIP_PARAM_PORTPAIR 32788 -#define HIP_PARAM_SRC_ADDR 32789 -#define HIP_PARAM_DST_ADDR 32790 -#define HIP_PARAM_AGENT_REJECT 32791 +#define HIP_PARAM_ENCAPS_MSG 32787 +#define HIP_PARAM_PORTPAIR 32788 +#define HIP_PARAM_SRC_ADDR 32789 +#define HIP_PARAM_DST_ADDR 32790 +#define HIP_PARAM_AGENT_REJECT 32791 #define HIP_PARAM_HA_INFO 32792 #define HIP_PARAM_OPENDHT_SET 32793 #define HIP_PARAM_CERT_SPKI_INFO 32794 -#define HIP_PARAM_SRC_TCP_PORT 32795 -#define HIP_PARAM_DST_TCP_PORT 32796 -#define HIP_PARAM_IP_HEADER 32797 -#define HIP_PARAM_PACKET_SIZE 32798 -#define HIP_PARAM_TRAFFIC_TYPE 32799 -#define HIP_PARAM_ADD_HIT 32800 -#define HIP_PARAM_ADD_OPTION 32801 +#define HIP_PARAM_SRC_TCP_PORT 32795 +#define HIP_PARAM_DST_TCP_PORT 32796 +#define HIP_PARAM_IP_HEADER 32797 +#define HIP_PARAM_PACKET_SIZE 32798 +#define HIP_PARAM_TRAFFIC_TYPE 32799 +#define HIP_PARAM_ADD_HIT 32800 +#define HIP_PARAM_ADD_OPTION 32801 /* free slot */ -#define HIP_PARAM_HCHAIN_ANCHOR 32803 -#define HIP_PARAM_LSI 32804 -#define HIP_PARAM_HIT_LOCAL 32805 -#define HIP_PARAM_HIT_PEER 32806 -#define HIP_PARAM_IPV6_ADDR_LOCAL 32807 +#define HIP_PARAM_HCHAIN_ANCHOR 32803 +#define HIP_PARAM_LSI 32804 +#define HIP_PARAM_HIT_LOCAL 32805 +#define HIP_PARAM_HIT_PEER 32806 +#define HIP_PARAM_IPV6_ADDR_LOCAL 32807 #define HIP_PARAM_IPV6_ADDR_PEER 32808 #define HIP_PARAM_HEARTBEAT 32809 #define HIP_PARAM_CERT_X509_REQ 32810 #define HIP_PARAM_CERT_X509_RESP 32811 -#define HIP_PARAM_ESP_PROT_TFM 32812 +#define HIP_PARAM_ESP_PROT_TFM 32812 #define HIP_PARAM_TRANSFORM_ORDER 32813 -#define HIP_PARAM_HDRR_INFO 32814 -#define HIP_PARAM_UADB_INFO 32815 +#define HIP_PARAM_HDRR_INFO 32814 +#define HIP_PARAM_UADB_INFO 32815 #define HIP_PARAM_SAVA_CRYPTO_INFO 32816 -#define HIP_PARAM_SECRET 32817 -#define HIP_PARAM_BRANCH_NODES 32818 -#define HIP_PARAM_ROOT 32819 +#define HIP_PARAM_SECRET 32817 +#define HIP_PARAM_BRANCH_NODES 32818 +#define HIP_PARAM_ROOT 32819 #define HIP_PARAM_HIT_TO_IP_SET 32820 #define HIP_PARAM_TURN_INFO 32821 -#define HIP_PARAM_ITEM_LENGTH 32822 +#define HIP_PARAM_ITEM_LENGTH 32822 /* End of HIPL private parameters. */ -#define HIP_PARAM_HMAC 61505 -#define HIP_PARAM_HMAC2 61569 -#define HIP_PARAM_HIP_SIGNATURE2 61633 -#define HIP_PARAM_HIP_SIGNATURE 61697 -#define HIP_PARAM_ECHO_RESPONSE 63425 -#define HIP_PARAM_ECHO_REQUEST 63661 -#define HIP_PARAM_RELAY_FROM 63998 -#define HIP_PARAM_RELAY_TO 64002 +#define HIP_PARAM_HMAC 61505 +#define HIP_PARAM_HMAC2 61569 +#define HIP_PARAM_HIP_SIGNATURE2 61633 +#define HIP_PARAM_HIP_SIGNATURE 61697 +#define HIP_PARAM_ECHO_RESPONSE 63425 +#define HIP_PARAM_ECHO_REQUEST 63661 +#define HIP_PARAM_RELAY_FROM 63998 +#define HIP_PARAM_RELAY_TO 64002 //#define HIP_PARAM_REG_FROM 64010 -#define HIP_PARAM_TO_PEER 64006 -#define HIP_PARAM_FROM_PEER 64008 -#define HIP_PARAM_ECHO_REQUEST_M 65332 -#define HIP_PARAM_CHALLENGE_REQUEST 65334 -#define HIP_PARAM_FROM 65498 -#define HIP_PARAM_RVS_HMAC 65500 -#define HIP_PARAM_VIA_RVS 65502 -#define HIP_PARAM_RELAY_HMAC 65520 -#define HIP_PARAM_HOSTNAME 65521 -#define HIP_PARAM_HIT_INFO 65524 +#define HIP_PARAM_TO_PEER 64006 +#define HIP_PARAM_FROM_PEER 64008 +#define HIP_PARAM_ECHO_REQUEST_M 65332 +#define HIP_PARAM_CHALLENGE_REQUEST 65334 +#define HIP_PARAM_FROM 65498 +#define HIP_PARAM_RVS_HMAC 65500 +#define HIP_PARAM_VIA_RVS 65502 +#define HIP_PARAM_RELAY_HMAC 65520 +#define HIP_PARAM_HOSTNAME 65521 +#define HIP_PARAM_HIT_INFO 65524 -#define HIP_PARAM_MAX 65536 +#define HIP_PARAM_MAX 65536 /* @} */ /** @addtogroup notification @@ -244,7 +245,7 @@ #define HIP_HI_DEFAULT_ALGO HIP_HI_RSA /** @todo Kludge: currently set to DSA until bug id 175 is resolved! - Should be RSA. */ + * Should be RSA. */ #define HIP_ANY_ALGO -1 #define HIP_DIGEST_MD5 1 @@ -263,19 +264,19 @@ #define HIP_DSA_SIGNATURE_LEN 41 /* Assume that RSA key is 1024 bits. RSA signature is as long as the key - (1024 bits -> 128 bytes) */ + * (1024 bits -> 128 bytes) */ #define HIP_RSA_SIGNATURE_LEN 128 -#define HIP_AH_SHA_LEN 20 +#define HIP_AH_SHA_LEN 20 -#define HIP_NAT_PROTO_UDP 17 +#define HIP_NAT_PROTO_UDP 17 #define HIP_HOST_ID_HOSTNAME_LEN_MAX 64 #define HIP_MAX_KEY_LEN 32 /* max. draw: 256 bits! */ #define HIP_VER_RES 0x01 /* Version 1, reserved 0 */ -#define HIP_USER_VER_RES 0x02 /* Internal messages */ +#define HIP_USER_VER_RES 0x02 /* Internal messages */ /** * @addtogroup hip_ha_controls @@ -290,13 +291,13 @@ #define HIP_HA_CTRL_LOCAL_REQ_SAVAH 0x0010 #define HIP_HA_CTRL_LOCAL_REQ_FULLRELAY 0x1000 /* Keep inside parentheses. */ -#define HIP_HA_CTRL_LOCAL_REQ_ANY (\ - HIP_HA_CTRL_LOCAL_REQ_UNSUP |\ - HIP_HA_CTRL_LOCAL_REQ_RELAY |\ - HIP_HA_CTRL_LOCAL_REQ_RVS |\ - HIP_HA_CTRL_LOCAL_REQ_SAVAH | \ - HIP_HA_CTRL_LOCAL_REQ_FULLRELAY \ - ) +#define HIP_HA_CTRL_LOCAL_REQ_ANY ( \ + HIP_HA_CTRL_LOCAL_REQ_UNSUP | \ + HIP_HA_CTRL_LOCAL_REQ_RELAY | \ + HIP_HA_CTRL_LOCAL_REQ_RVS | \ + HIP_HA_CTRL_LOCAL_REQ_SAVAH | \ + HIP_HA_CTRL_LOCAL_REQ_FULLRELAY \ + ) #define HIP_HA_CTRL_LOCAL_GRANTED_FULLRELAY 0x0800 #define HIP_HA_CTRL_PEER_GRANTED_UNSUP 0x0001 @@ -323,16 +324,16 @@ * @{ */ #define HIP_PACKET_CTRL_ANON 0x0001 /**< HIP packet Controls value */ -#define HIP_PACKET_CTRL_BLIND 0x0004 /**< HIP packet Controls value */ +#define HIP_PACKET_CTRL_BLIND 0x0004 /**< HIP packet Controls value */ /* @} */ /** @addtogroup hip_services * @{ */ -#define HIP_SERVICE_RENDEZVOUS 1 -#define HIP_SERVICE_RELAY 2 +#define HIP_SERVICE_RENDEZVOUS 1 +#define HIP_SERVICE_RELAY 2 #define HIP_SERVICE_SAVAH 203 -#define HIP_SERVICE_FULLRELAY 204 +#define HIP_SERVICE_FULLRELAY 204 /* IMPORTANT! This must be the sum of above services. */ #define HIP_TOTAL_EXISTING_SERVICES 4 /* @} */ @@ -340,31 +341,31 @@ /** @addtogroup hip_proxy * @{ */ -#define HIP_PROXY_PASSTHROUGH 0 -#define HIP_PROXY_TRANSLATE 1 +#define HIP_PROXY_PASSTHROUGH 0 +#define HIP_PROXY_TRANSLATE 1 #define HIP_PROXY_I1_SENT 2 /* @} */ /* Registration failure types as specified in draft-ietf-hip-registration-02. - Numbers 0-200 are reserved by IANA. - Numbers 201 - 255 are reserved by IANA for private use. */ + * Numbers 0-200 are reserved by IANA. + * Numbers 201 - 255 are reserved by IANA for private use. */ #define HIP_REG_INSUFFICIENT_CREDENTIALS 0 #define HIP_REG_TYPE_UNAVAILABLE 1 /** HIPL specific failure type to indicate that the requested service cannot - co-exist with a service that has been already granted to the client. The - client is required to cancel the overlapping service before registering. */ + * co-exist with a service that has been already granted to the client. The + * client is required to cancel the overlapping service before registering. */ #define HIP_REG_CANCEL_REQUIRED 201 /** HIPL specific failure type to indicate that the requested service is not - available due to transient conditions. */ + * available due to transient conditions. */ #define HIP_REG_TRANSIENT_CONDITIONS 202 /** Number of existing failure types. */ #define HIP_TOTAL_EXISTING_FAILURE_TYPES 4 /* A shorthand to init an array having all possible registration failure - types. */ + * types. */ #define HIP_ARRAY_INIT_REG_FAILURES \ - {HIP_REG_INSUFFICIENT_CREDENTIALS, HIP_REG_TYPE_UNAVAILABLE,\ - HIP_REG_CANCEL_REQUIRED, HIP_REG_TRANSIENT_CONDITIONS} + {HIP_REG_INSUFFICIENT_CREDENTIALS, HIP_REG_TYPE_UNAVAILABLE, \ + HIP_REG_CANCEL_REQUIRED, HIP_REG_TRANSIENT_CONDITIONS} /* Returns length of TLV option (contents) with padding. */ @@ -403,40 +404,40 @@ typedef struct hip_tlv_common hip_tlv_common_t; struct hip_crypto_key { - unsigned char key[HIP_MAX_KEY_LEN]; + unsigned char key[HIP_MAX_KEY_LEN]; }; typedef struct hip_crypto_key hip_crypto_key_t; /* RFC2535 3.1 KEY RDATA format */ struct hip_host_id_key_rdata { - uint16_t flags; - uint8_t protocol; - uint8_t algorithm; - /* fixed part ends */ + uint16_t flags; + uint8_t protocol; + uint8_t algorithm; + /* fixed part ends */ } __attribute__ ((packed)); struct hip_host_id { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t hi_length; - uint16_t di_type_length; - struct hip_host_id_key_rdata rdata; - /* Space to accommodate the largest supported key */ - unsigned char key[HIP_MAX_RSA_KEY_LEN / 8 + 4]; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t hi_length; + uint16_t di_type_length; + struct hip_host_id_key_rdata rdata; + /* Space to accommodate the largest supported key */ + unsigned char key[HIP_MAX_RSA_KEY_LEN / 8 + 4]; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; } __attribute__ ((packed)); struct hip_host_id_priv { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t hi_length; - uint16_t di_type_length; - struct hip_host_id_key_rdata rdata; - /* Space for the full private key */ - unsigned char key[HIP_MAX_RSA_KEY_LEN / 16 * 9 + 4]; - char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t hi_length; + uint16_t di_type_length; + struct hip_host_id_key_rdata rdata; + /* Space for the full private key */ + unsigned char key[HIP_MAX_RSA_KEY_LEN / 16 * 9 + 4]; + char hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; } __attribute__ ((packed)); @@ -444,70 +445,68 @@ * Localhost Host Identity. Used only internally in the implementation. * Used for wrapping anonymous bit with the corresponding HIT. */ -struct hip_lhi -{ - struct in6_addr hit; - uint16_t anonymous; /**< Is this an anonymous HI */ - uint16_t algo; /**< HIP_HI_RSA or HIP_HI_DSA */ +struct hip_lhi { + struct in6_addr hit; + uint16_t anonymous; /**< Is this an anonymous HI */ + uint16_t algo; /**< HIP_HI_RSA or HIP_HI_DSA */ } __attribute__ ((packed)); -struct hip_keymat_keymat -{ - size_t offset; /**< Offset into the key material */ - size_t keymatlen; /**< Length of the key material */ - void *keymatdst; /**< Pointer to beginning of key material */ +struct hip_keymat_keymat { + size_t offset; /**< Offset into the key material */ + size_t keymatlen; /**< Length of the key material */ + void * keymatdst; /**< Pointer to beginning of key material */ }; #ifndef __KERNEL__ struct esp_prot_preferred_tfms { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t num_transforms; - // this will also contain the UNUSED transform - uint8_t transforms[MAX_NUM_TRANSFORMS]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t num_transforms; + // this will also contain the UNUSED transform + uint8_t transforms[MAX_NUM_TRANSFORMS]; } __attribute__ ((packed)); struct esp_prot_anchor { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t transform; - uint32_t hash_item_length; - // contains active and next anchor - unsigned char anchors[2 * MAX_HASH_LENGTH]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t transform; + uint32_t hash_item_length; + // contains active and next anchor + unsigned char anchors[2 * MAX_HASH_LENGTH]; } __attribute__ ((packed)); #endif struct esp_prot_branch { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t anchor_offset; - uint32_t branch_length; - unsigned char branch_nodes[MAX_HTREE_DEPTH * MAX_HASH_LENGTH]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t anchor_offset; + uint32_t branch_length; + unsigned char branch_nodes[MAX_HTREE_DEPTH * MAX_HASH_LENGTH]; } __attribute__ ((packed)); struct esp_prot_secret { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t secret_length; - unsigned char secret[MAX_HASH_LENGTH]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t secret_length; + unsigned char secret[MAX_HASH_LENGTH]; } __attribute__ ((packed)); struct esp_prot_root { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t root_length; - unsigned char root[MAX_HASH_LENGTH]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t root_length; + unsigned char root[MAX_HASH_LENGTH]; } __attribute__ ((packed)); /** * Used in executing a unit test case in a test suite in the kernel module. */ struct hip_unit_test { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t suiteid; - uint16_t caseid; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t suiteid; + uint16_t caseid; } __attribute__ ((packed)); /** @@ -516,41 +515,39 @@ * @todo Maybe fix this in some better way? */ struct hip_locator_info_addr_item { - uint8_t traffic_type; - uint8_t locator_type; - uint8_t locator_length; - uint8_t reserved; /**< last bit is P (prefered) */ - uint32_t lifetime; - struct in6_addr address; - - /** Removed the state because it is against the nat-draft and mobility rfc - Same in the type 2 locator below --SAMU**/ - /* end of fixed part - locator of arbitrary length follows but - currently support only IPv6 */ - //int state; /**<State of our addresses, possible states are: - // WAITING_ECHO_REQUEST, ACTIVE */ - + uint8_t traffic_type; + uint8_t locator_type; + uint8_t locator_length; + uint8_t reserved; /**< last bit is P (prefered) */ + uint32_t lifetime; + struct in6_addr address; + + /** Removed the state because it is against the nat-draft and mobility rfc + * Same in the type 2 locator below --SAMU**/ + /* end of fixed part - locator of arbitrary length follows but + * currently support only IPv6 */ + //int state; /**<State of our addresses, possible states are: + // WAITING_ECHO_REQUEST, ACTIVE */ } __attribute__ ((packed)); //add by santtu /** * it is the type 2 locater for UDP or other transport protocol later. */ struct hip_locator_info_addr_item2 { - uint8_t traffic_type; - uint8_t locator_type; - uint8_t locator_length; - uint8_t reserved; /* last bit is P (prefered) */ - uint32_t lifetime; - uint16_t port; - uint8_t transport_protocol; - uint8_t kind; - uint32_t priority; - uint32_t spi; - struct in6_addr address; - - // int state; /**<State of our addresses, possible states are: - // WAITING_ECHO_REQUEST, ACTIVE */ - + uint8_t traffic_type; + uint8_t locator_type; + uint8_t locator_length; + uint8_t reserved; /* last bit is P (prefered) */ + uint32_t lifetime; + uint16_t port; + uint8_t transport_protocol; + uint8_t kind; + uint32_t priority; + uint32_t spi; + struct in6_addr address; + + // int state; /**<State of our addresses, possible states are: + // WAITING_ECHO_REQUEST, ACTIVE */ } __attribute__ ((packed)); @@ -558,38 +555,38 @@ * it is a union of both type1 and type2 locator. */ union hip_locator_info_addr { - struct hip_locator_info_addr_item type1; - struct hip_locator_info_addr_item2 type2; -}__attribute__ ((packed)); + struct hip_locator_info_addr_item type1; + struct hip_locator_info_addr_item2 type2; +} __attribute__ ((packed)); //end add /** Structure describing an endpoint. This structure is used by the resolver in * the userspace, so it is not length-padded like HIP parameters. All of the * members are in network byte order. */ struct endpoint { - se_family_t family; /**< PF_HIP, PF_XX */ - se_length_t length; /**< length of the whole endpoint in octets */ + se_family_t family; /**< PF_HIP, PF_XX */ + se_length_t length; /**< length of the whole endpoint in octets */ }; /** * @note not padded */ struct endpoint_hip { - se_family_t family; /**< PF_HIP */ - se_length_t length; /**< length of the whole endpoint in octets */ - se_hip_flags_t flags; /**< e.g. ANON or HIT */ - uint8_t algo; - hip_lsi_t lsi; - union { - struct hip_host_id_priv host_id; - struct in6_addr hit; - } id; + se_family_t family; /**< PF_HIP */ + se_length_t length; /**< length of the whole endpoint in octets */ + se_hip_flags_t flags; /**< e.g. ANON or HIT */ + uint8_t algo; + hip_lsi_t lsi; + union { + struct hip_host_id_priv host_id; + struct in6_addr hit; + } id; }; struct sockaddr_eid { - unsigned short int eid_family; - uint16_t eid_port; - sa_eid_t eid_val; + unsigned short int eid_family; + uint16_t eid_port; + sa_eid_t eid_val; } __attribute__ ((packed)); /** @@ -597,24 +594,24 @@ * directly to avoid hassle with byte ordering and number conversion. */ struct hip_common { - uint8_t payload_proto; - uint8_t payload_len; - uint8_t type_hdr; - uint8_t ver_res; - uint16_t checksum; - uint16_t control; - struct in6_addr hits; /**< Sender HIT */ - struct in6_addr hitr; /**< Receiver HIT */ + uint8_t payload_proto; + uint8_t payload_len; + uint8_t type_hdr; + uint8_t ver_res; + uint16_t checksum; + uint16_t control; + struct in6_addr hits; /**< Sender HIT */ + struct in6_addr hitr; /**< Receiver HIT */ } __attribute__ ((packed)); struct hip_common_user { - uint16_t len; - uint8_t type; - uint8_t version; - uint16_t error; - uint16_t control; - struct in6_addr hitr; /* unused */ - struct in6_addr hits; /* unused */ + uint16_t len; + uint8_t type; + uint8_t version; + uint16_t error; + uint16_t control; + struct in6_addr hitr; /* unused */ + struct in6_addr hits; /* unused */ } __attribute__ ((packed)); /** @@ -622,248 +619,248 @@ * directly to avoid hassle with byte ordering and length conversion. */ struct hip_tlv_common { - hip_tlv_type_t type; - hip_tlv_len_t length; + hip_tlv_type_t type; + hip_tlv_len_t length; } __attribute__ ((packed)); struct hip_esp_info { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t reserved; - uint16_t keymat_index; - uint32_t old_spi; - uint32_t new_spi; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t reserved; + uint16_t keymat_index; + uint32_t old_spi; + uint32_t new_spi; } __attribute__ ((packed)); /** @addtogroup hip_tlv * @{ */ struct hip_r1_counter { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t reserved; - uint64_t generation; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t reserved; + uint64_t generation; } __attribute__ ((packed)); struct hip_puzzle { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t K; - uint8_t lifetime; - uint8_t opaque[HIP_PUZZLE_OPAQUE_LEN]; - uint64_t I; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t K; + uint8_t lifetime; + uint8_t opaque[HIP_PUZZLE_OPAQUE_LEN]; + uint64_t I; } __attribute__ ((packed)); struct hip_solution { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t K; - uint8_t reserved; - uint8_t opaque[HIP_PUZZLE_OPAQUE_LEN]; - uint64_t I; - uint64_t J; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t K; + uint8_t reserved; + uint8_t opaque[HIP_PUZZLE_OPAQUE_LEN]; + uint64_t I; + uint64_t J; } __attribute__ ((packed)); struct hip_challenge_request { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t K; - uint8_t lifetime; - uint8_t opaque[24]; /**< variable length */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t K; + uint8_t lifetime; + uint8_t opaque[24]; /**< variable length */ } __attribute__ ((packed)); struct hip_challenge_response { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t K; - uint8_t lifetime; - uint64_t J; - uint8_t opaque[24]; /**< variable length */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t K; + uint8_t lifetime; + uint64_t J; + uint8_t opaque[24]; /**< variable length */ } __attribute__ ((packed)); struct hip_echo_request_m { - hip_tlv_type_t type; - hip_tlv_len_t length; - /* opaque */ + hip_tlv_type_t type; + hip_tlv_len_t length; + /* opaque */ } __attribute__ ((packed)); struct hip_echo_response_m { - hip_tlv_type_t type; - hip_tlv_len_t length; - /* opaque */ + hip_tlv_type_t type; + hip_tlv_len_t length; + /* opaque */ } __attribute__ ((packed)); struct hip_dh_public_value { - uint8_t group_id; - uint16_t pub_len; - /* fixed part ends */ - uint8_t public_value[0]; + uint8_t group_id; + uint16_t pub_len; + /* fixed part ends */ + uint8_t public_value[0]; } __attribute__ ((packed)); struct hip_diffie_hellman { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct hip_dh_public_value pub_val; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct hip_dh_public_value pub_val; } __attribute__ ((packed)); struct hip_hip_transform { - hip_tlv_type_t type; - hip_tlv_len_t length; - hip_transform_suite_t suite_id[HIP_TRANSFORM_HIP_MAX]; + hip_tlv_type_t type; + hip_tlv_len_t length; + hip_transform_suite_t suite_id[HIP_TRANSFORM_HIP_MAX]; } __attribute__ ((packed)); struct hip_esp_transform { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t reserved; - hip_transform_suite_t suite_id[HIP_TRANSFORM_ESP_MAX]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t reserved; + hip_transform_suite_t suite_id[HIP_TRANSFORM_ESP_MAX]; } __attribute__ ((packed)); struct hip_encrypted_aes_sha1 { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t reserved; - uint8_t iv[16]; - /* fixed part ends */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t reserved; + uint8_t iv[16]; + /* fixed part ends */ } __attribute__ ((packed)); struct hip_encrypted_3des_sha1 { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t reserved; - uint8_t iv[8]; - /* fixed part ends */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t reserved; + uint8_t iv[8]; + /* fixed part ends */ } __attribute__ ((packed)); struct hip_encrypted_null_sha1 { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t reserved; - /* fixed part ends */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t reserved; + /* fixed part ends */ } __attribute__ ((packed)); struct hip_sig { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t algorithm; - uint8_t signature[0]; /**< variable length */ - /* fixed part end */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t algorithm; + uint8_t signature[0]; /**< variable length */ + /* fixed part end */ } __attribute__ ((packed)); struct hip_sig2 { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t algorithm; - uint8_t signature[0]; /**< variable length */ - /* fixed part end */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t algorithm; + uint8_t signature[0]; /**< variable length */ + /* fixed part end */ } __attribute__ ((packed)); struct hip_seq { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t update_id; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t update_id; } __attribute__ ((packed)); struct hip_ack { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t peer_update_id; /**< n items */ /* This only fits one... */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t peer_update_id; /**< n items */ /* This only fits one... */ } __attribute__ ((packed)); struct hip_notification { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t reserved; - uint16_t msgtype; - uint8_t data[0]; /**< A pointer to the notification data */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t reserved; + uint16_t msgtype; + uint8_t data[0]; /**< A pointer to the notification data */ } __attribute__ ((packed)); struct hip_locator { - hip_tlv_type_t type; - hip_tlv_len_t length; - /* fixed part ends */ + hip_tlv_type_t type; + hip_tlv_len_t length; + /* fixed part ends */ } __attribute__ ((packed)); struct hip_hmac { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t hmac_data[HIP_AH_SHA_LEN]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t hmac_data[HIP_AH_SHA_LEN]; } __attribute__ ((packed)); struct hip_cert { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t cert_group; - uint8_t cert_count; - uint8_t cert_id; - uint8_t cert_type; - /* end of fixed part */ + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t cert_group; + uint8_t cert_count; + uint8_t cert_id; + uint8_t cert_type; + /* end of fixed part */ } __attribute__ ((packed)); struct hip_echo_request { - hip_tlv_type_t type; - hip_tlv_len_t length; - /* opaque */ + hip_tlv_type_t type; + hip_tlv_len_t length; + /* opaque */ } __attribute__ ((packed)); struct hip_echo_response { - hip_tlv_type_t type; - hip_tlv_len_t length; - /* opaque */ + hip_tlv_type_t type; + hip_tlv_len_t length; + /* opaque */ } __attribute__ ((packed)); /** draft-ietf-hip-rvs-05 */ struct hip_rvs_hmac { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t hmac_data[HIP_AH_SHA_LEN]; /**< Computed over the HIP packet, - excluding @c RVS_HMAC - and any following parameters. */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t hmac_data[HIP_AH_SHA_LEN]; /**< Computed over the HIP packet, + * excluding @c RVS_HMAC + * and any following parameters. */ } __attribute__ ((packed)); /** draft-ietf-hip-rvs-05 */ struct hip_from { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t address[16]; /**< IPv6 address */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t address[16]; /**< IPv6 address */ } __attribute__ ((packed)); /** draft-ietf-hip-rvs-05 */ struct hip_via_rvs { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t address[0]; /**< Rendezvous server addresses */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t address[0]; /**< Rendezvous server addresses */ } __attribute__ ((packed)); /** draft-ietf-hip-nat-traversal-02 */ struct hip_relay_from { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - in_port_t port; /**< Port number. */ - uint8_t protocol; /**< Protocol */ - int8_t reserved; /**< Reserved */ - uint8_t address[16]; /**< IPv6 address */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + in_port_t port; /**< Port number. */ + uint8_t protocol; /**< Protocol */ + int8_t reserved; /**< Reserved */ + uint8_t address[16]; /**< IPv6 address */ } __attribute__ ((packed)); /** draft-ietf-hip-nat-traversal-02 */ struct hip_relay_to { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - in_port_t port; /**< Port number. */ - uint8_t protocol; /**< Protocol */ - uint8_t reserved; /**< Reserved */ - struct in6_addr address; /**< IPv6 address */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + in_port_t port; /**< Port number. */ + uint8_t protocol; /**< Protocol */ + uint8_t reserved; /**< Reserved */ + struct in6_addr address; /**< IPv6 address */ } __attribute__ ((packed)); /** draft-ietf-hip-nat-traversal-02 */ struct hip_relay_via { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t address[16]; /**< IPv6 address */ - in_port_t port; /**< Port number. */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t address[16]; /**< IPv6 address */ + in_port_t port; /**< Port number. */ } __attribute__ ((packed)); /** @@ -871,190 +868,190 @@ * @note obsolete. */ struct hip_relay_to_old { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t address_and_port[0]; /**< Rendezvous server addresses and ports. */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t address_and_port[0]; /**< Rendezvous server addresses and ports. */ } __attribute__ ((packed)); struct hip_eid_endpoint { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct endpoint_hip endpoint; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct endpoint_hip endpoint; } __attribute__ ((packed)); struct hip_eid_iface { - hip_tlv_type_t type; - hip_tlv_len_t length; - hip_eid_iface_type_t if_index; + hip_tlv_type_t type; + hip_tlv_len_t length; + hip_eid_iface_type_t if_index; } __attribute__ ((packed)); struct hip_eid_sockaddr { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct sockaddr sockaddr; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct sockaddr sockaddr; } __attribute__ ((packed)); struct hip_reg_info { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - uint8_t min_lifetime; - uint8_t max_lifetime; - uint8_t reg_type[0]; + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + uint8_t min_lifetime; + uint8_t max_lifetime; + uint8_t reg_type[0]; } __attribute__ ((packed)); struct hip_reg_request { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t lifetime; - uint8_t reg_type[0]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t lifetime; + uint8_t reg_type[0]; } __attribute__ ((packed)); struct hip_reg_response { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t lifetime; - uint8_t reg_type[0]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t lifetime; + uint8_t reg_type[0]; } __attribute__ ((packed)); struct hip_reg_failed { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint8_t failure_type; - uint8_t reg_type[0]; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint8_t failure_type; + uint8_t reg_type[0]; } __attribute__ ((packed)); struct hip_keys { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t operation; - uint16_t alg_id; - uint8_t address[16]; - uint8_t hit[16]; - uint8_t peer_hit[16]; - uint32_t spi; - uint32_t spi_old; - uint16_t key_len; - struct hip_crypto_key enc; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t operation; + uint16_t alg_id; + uint8_t address[16]; + uint8_t hit[16]; + uint8_t peer_hit[16]; + uint32_t spi; + uint32_t spi_old; + uint16_t key_len; + struct hip_crypto_key enc; } __attribute__ ((packed)); struct hip_blind_nonce { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint16_t nonce; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint16_t nonce; } __attribute__ ((packed)); struct hip_opendht_gw_info { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct in6_addr addr; - uint32_t ttl; - uint16_t port; - char host_name[256]; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct in6_addr addr; + uint32_t ttl; + uint16_t port; + char host_name[256]; } __attribute__ ((packed)); struct hip_cert_x509_req { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct in6_addr addr; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct in6_addr addr; } __attribute__ ((packed)); struct hip_cert_x509_resp { - hip_tlv_type_t type; - hip_tlv_len_t length; - unsigned char der[1024]; - int der_len; + hip_tlv_type_t type; + hip_tlv_len_t length; + unsigned char der[1024]; + int der_len; } __attribute__ ((packed)); struct hip_transformation_order { - hip_tlv_type_t type; - hip_tlv_len_t length; - int transorder; + hip_tlv_type_t type; + hip_tlv_len_t length; + int transorder; } __attribute__ ((packed)); struct hip_opendht_set { - hip_tlv_type_t type; - hip_tlv_len_t length; - char name[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + hip_tlv_type_t type; + hip_tlv_len_t length; + char name[HIP_HOST_ID_HOSTNAME_LEN_MAX]; } __attribute__ ((packed)); #define HIT_TO_IP_ZONE_MAX_LEN 256 struct hip_hit_to_ip_set { - hip_tlv_type_t type; - hip_tlv_len_t length; - char name[HIT_TO_IP_ZONE_MAX_LEN]; + hip_tlv_type_t type; + hip_tlv_len_t length; + char name[HIT_TO_IP_ZONE_MAX_LEN]; } __attribute__ ((packed)); struct hip_hdrr_info { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct in6_addr dht_key; - /* 0 if succesfully verified otherwise negative */ - int sig_verified; - int hit_verified; -}__attribute__ ((packed)); + hip_tlv_type_t type; + hip_tlv_len_t length; + struct in6_addr dht_key; + /* 0 if succesfully verified otherwise negative */ + int sig_verified; + int hit_verified; +} __attribute__ ((packed)); struct hip_uadb_info { - hip_tlv_type_t type; - hip_tlv_len_t length; - struct in6_addr hitr ; - struct in6_addr hitl ; - char cert[512] ; -}__attribute__ ((packed)) ; + hip_tlv_type_t type; + hip_tlv_len_t length; + struct in6_addr hitr; + struct in6_addr hitl; + char cert[512]; +} __attribute__ ((packed)); struct hip_heartbeat { - hip_tlv_type_t type; - hip_tlv_len_t length; - int heartbeat; + hip_tlv_type_t type; + hip_tlv_len_t length; + int heartbeat; } __attribute__ ((packed)); //add by santtu from here struct hip_nat_transform { - hip_tlv_type_t type; - hip_tlv_len_t length; - hip_transform_suite_t reserved; - hip_transform_suite_t suite_id[6]; + hip_tlv_type_t type; + hip_tlv_len_t length; + hip_transform_suite_t reserved; + hip_transform_suite_t suite_id[6]; } __attribute__ ((packed)); /* @} */ struct hip_nat_pacing { - hip_tlv_type_t type; - hip_tlv_len_t length; - uint32_t min_ta; + hip_tlv_type_t type; + hip_tlv_len_t length; + uint32_t min_ta; } __attribute__ ((packed)); /** draft-ietf-hip-nat-traversal-02 */ struct hip_reg_from { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - in_port_t port; /**< Port number. */ - uint8_t protocol; /**< Protocol */ - uint8_t reserved; /**< Reserved */ - struct in6_addr address; /**< IPv6 address */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + in_port_t port; /**< Port number. */ + uint8_t protocol; /**< Protocol */ + uint8_t reserved; /**< Reserved */ + struct in6_addr address; /**< IPv6 address */ } __attribute__ ((packed)); struct hip_stun { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ } __attribute__ ((packed)); struct sockaddr_hip { - sa_family_t ship_family; - in_port_t ship_port; - uint32_t ship_pad; - uint64_t ship_flags; - hip_hit_t ship_hit; - uint8_t ship_reserved[16]; + sa_family_t ship_family; + in_port_t ship_port; + uint32_t ship_pad; + uint64_t ship_flags; + hip_hit_t ship_hit; + uint8_t ship_reserved[16]; } __attribute__ ((packed)); struct hip_port_info { - hip_tlv_type_t type; /**< Type code for the parameter. */ - hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ - in_port_t port; /**< Port number. */ + hip_tlv_type_t type; /**< Type code for the parameter. */ + hip_tlv_len_t length; /**< Length of the parameter contents in bytes. */ + in_port_t port; /**< Port number. */ } __attribute__ ((packed)); === modified file 'lib/core/protodefs.h.doxyme' --- lib/core/protodefs.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/protodefs.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/protodefs.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/sqlitedbapi.c' --- lib/core/sqlitedbapi.c 2010-01-19 09:28:42 +0000 +++ lib/core/sqlitedbapi.c 2010-02-10 23:55:24 +0000 @@ -14,69 +14,73 @@ #include "sqlitedbapi.h" /** - * hip_sqlite_open_db - Function that opens the database, can also create the database + * hip_sqlite_open_db - Function that opens the database, can also create the database * * @param db_path is a char pointer pointing telling where the db is - * @param create_table_sql SQL create sequence to create table for the db + * @param create_table_sql SQL create sequence to create table for the db * * @returns pointer to db otherwise NULL * * @note Always remember to close the db, even if it did return error! */ -sqlite3 * hip_sqlite_open_db(const char * db_path, const char * create_table_sql) { - int err = 0, existed = 0; - FILE * db_file = NULL; - sqlite3 * p_db = NULL; - - db_file = fopen(db_path, "r"); - if (!db_file) { - HIP_DEBUG("Database %s did NOT exist, it will be created\n", db_path); - existed = -1; - } else { - HIP_DEBUG("Database existed so just opening it\n"); - fclose(db_file); - } - HIP_DEBUG("Opening the db\n"); - HIP_IFEL(sqlite3_open(db_path, &p_db), - -1, "Can't open database: %s\n", sqlite3_errmsg(p_db)); - - /* Tables need to be created */ - if (existed == -1) { - HIP_DEBUG("Database did not exist so it needs tables too\n"); - HIP_IFEL(hip_sqlite_create_table(p_db, create_table_sql), - -1, "Failed to create tables\n"); - HIP_DEBUG("Table creation returned OK\n"); - } - - out_err: - - if (err && p_db) { - if (sqlite3_close(p_db)) - HIP_ERROR("Error closing database: %s\n", sqlite3_errmsg(p_db)); - p_db = NULL; - } - return(p_db); +sqlite3 *hip_sqlite_open_db(const char *db_path, const char *create_table_sql) +{ + int err = 0, existed = 0; + FILE *db_file = NULL; + sqlite3 *p_db = NULL; + + db_file = fopen(db_path, "r"); + if (!db_file) { + HIP_DEBUG("Database %s did NOT exist, it will be created\n", db_path); + existed = -1; + } else { + HIP_DEBUG("Database existed so just opening it\n"); + fclose(db_file); + } + HIP_DEBUG("Opening the db\n"); + HIP_IFEL(sqlite3_open(db_path, &p_db), + -1, "Can't open database: %s\n", sqlite3_errmsg(p_db)); + + /* Tables need to be created */ + if (existed == -1) { + HIP_DEBUG("Database did not exist so it needs tables too\n"); + HIP_IFEL(hip_sqlite_create_table(p_db, create_table_sql), + -1, "Failed to create tables\n"); + HIP_DEBUG("Table creation returned OK\n"); + } + +out_err: + + if (err && p_db) { + if (sqlite3_close(p_db)) { + HIP_ERROR("Error closing database: %s\n", sqlite3_errmsg(p_db)); + } + p_db = NULL; + } + return p_db; } /** - * hip_sqlite_close_db - Function that closes the database + * hip_sqlite_close_db - Function that closes the database * * @param db a pointer to the database to be closed * * @return 0 if closed OK and if not return -1 */ -int hip_sqlite_close_db(sqlite3 * db) { - int err = 0; +int hip_sqlite_close_db(sqlite3 *db) +{ + int err = 0; - err = sqlite3_close(db); - if (err != SQLITE_OK) - HIP_IFEL(-1, -1, "Failed to close the db\n"); - out_err: - return(err); + err = sqlite3_close(db); + if (err != SQLITE_OK) { + HIP_IFEL(-1, -1, "Failed to close the db\n"); + } +out_err: + return err; } /** - * hip_sqlite_select - Function that executes SQL queries agenst the database + * hip_sqlite_select - Function that executes SQL queries agenst the database * * @param db a pointer to the database * @param sql points to SQL query to be executed @@ -88,52 +92,55 @@ * May work in funny way with INSERT INTO or CREATE TABLE use * hip_sqlite_execute_to_db with them instead. */ -int hip_sqlite_select(sqlite3 * db, const char *sql, - int (*callback)(void*,int,char**,char**)) { - int err = 0, rc = 0; - char *zErrMsg = 0; - - _HIP_DEBUG("Executing %s\n", sql); - rc = sqlite3_exec(db, sql, callback, 0, &zErrMsg); - if (rc != SQLITE_OK) { - _HIP_DEBUG("Failed to run SQL query against the database\n"); - err = -1; - HIP_DEBUG("SQL error: %s\n", zErrMsg); - sqlite3_free(zErrMsg); - } - return(err); +int hip_sqlite_select(sqlite3 *db, const char *sql, + int (*callback)(void *, int, char **, char **)) +{ + int err = 0, rc = 0; + char *zErrMsg = 0; + + _HIP_DEBUG("Executing %s\n", sql); + rc = sqlite3_exec(db, sql, callback, 0, &zErrMsg); + if (rc != SQLITE_OK) { + _HIP_DEBUG("Failed to run SQL query against the database\n"); + err = -1; + HIP_DEBUG("SQL error: %s\n", zErrMsg); + sqlite3_free(zErrMsg); + } + return err; } - + /** * hip_sqlite_execute_into_db - Function that executes queries against * the db and does not take callback * - * @param db a pointer to the database to which the execute is executed + * @param db a pointer to the database to which the execute is executed * @param sql points to the SQL clause used in the execute - * usually CREATE, INSERT INTO or DELETE + * usually CREATE, INSERT INTO or DELETE * @param errormsg contains the error message shown on error cases * * @return 0 on success otherwise negative * * @note DO NOT use with SELECT */ -int hip_sqlite_execute_into_db(sqlite3 * db, const char *sql) { - int err = 0, rc = 0; - char *zErrMsg = 0; - - _HIP_DEBUG("Executing \"%s\"\n", sql); - rc = sqlite3_exec(db, sql, NULL, 0, &zErrMsg); - if (rc != SQLITE_OK) { - err = -1; - HIP_DEBUG("RC = %d, SQL error: %s\n", rc, zErrMsg); - sqlite3_free(zErrMsg); - } - return(err); +int hip_sqlite_execute_into_db(sqlite3 *db, const char *sql) +{ + int err = 0, rc = 0; + char *zErrMsg = 0; + + _HIP_DEBUG("Executing \"%s\"\n", sql); + rc = sqlite3_exec(db, sql, NULL, 0, &zErrMsg); + if (rc != SQLITE_OK) { + err = -1; + HIP_DEBUG("RC = %d, SQL error: %s\n", rc, zErrMsg); + sqlite3_free(zErrMsg); + } + return err; } /** * hip_sqlite_create_table - Function that executes queries against - * the db and does not take callback used with creates (a wrapper for the hip_sqlite_execute_into_db) + * the db and does not take callback used with creates + * (a wrapper for the hip_sqlite_execute_into_db) * * @param db a pointer to the database to which we are creating * @param sql points to the CREATE query @@ -142,17 +149,19 @@ * * @note Remember to use correct query with this */ -int hip_sqlite_create_table(sqlite3 * db, const char *sql) { - int err = 0; - HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, - "Failed to create table\n"); - out_err: - return(err); +int hip_sqlite_create_table(sqlite3 *db, const char *sql) +{ + int err = 0; + HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, + "Failed to create table\n"); +out_err: + return err; } /** * hip_sqlite_insert_into_table - Function that executes queries - * against the db and does not take callback ( a wrapper for the hip_sqlite_execute_into_db) + * against the db and does not take callback + * ( a wrapper for the hip_sqlite_execute_into_db) * * @param db a pointer to the database * @param sql points to the INSERT INTO query @@ -161,20 +170,21 @@ * * @note Remember to use correct query with this */ -int hip_sqlite_insert_into_table(sqlite3 * db, const char *sql) { - int err = 0; - HIP_IFEL(hip_sqlite_execute_into_db(db, "BEGIN;"), -1, - "Failed to BEGIN\n"); - HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, - "Failed to insert into table\n"); - HIP_IFEL(hip_sqlite_execute_into_db(db, "END;"), -1, - "Failed to END\n"); - out_err: - return(err); -} +int hip_sqlite_insert_into_table(sqlite3 *db, const char *sql) +{ + int err = 0; + HIP_IFEL(hip_sqlite_execute_into_db(db, "BEGIN;"), -1, + "Failed to BEGIN\n"); + HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, + "Failed to insert into table\n"); + HIP_IFEL(hip_sqlite_execute_into_db(db, "END;"), -1, + "Failed to END\n"); +out_err: + return err; +} /** - * Function that executes queries against the db and does not take callback + * Function that executes queries against the db and does not take callback * * @param db a pointer to the database * @param sql points to the DELETE query @@ -183,12 +193,13 @@ * * @note Remember to use correct query with this */ -int hip_sqlite_delete_from_table(sqlite3 * db, const char *sql) { - int err = 0; - HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, - "Failed to delete from table\n"); - out_err: - return(err); +int hip_sqlite_delete_from_table(sqlite3 *db, const char *sql) +{ + int err = 0; + HIP_IFEL(hip_sqlite_execute_into_db(db, sql), -1, + "Failed to delete from table\n"); +out_err: + return err; } #endif /* CONFIG_HIP_AGENT */ === modified file 'lib/core/sqlitedbapi.c.doxyme' --- lib/core/sqlitedbapi.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/sqlitedbapi.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,64 +45,63 @@ /** - * hip_sqlite_close_db - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_create_table - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_delete_from_table - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_execute_into_db - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_insert_into_table - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_open_db - * - * - * @param autogen.sh - * @return - **/ - - -/** - * hip_sqlite_select - * - * - * @param autogen.sh - * @return - **/ - + * hip_sqlite_close_db + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_create_table + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_delete_from_table + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_execute_into_db + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_insert_into_table + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_open_db + * + * + * @param autogen.sh + * @return + **/ + + +/** + * hip_sqlite_select + * + * + * @param autogen.sh + * @return + **/ === modified file 'lib/core/sqlitedbapi.h' --- lib/core/sqlitedbapi.h 2010-01-19 09:28:42 +0000 +++ lib/core/sqlitedbapi.h 2010-02-10 23:55:24 +0000 @@ -22,16 +22,16 @@ #include "debug.h" #include "ife.h" -#define HIP_CERT_DB_PATH_AND_NAME HIPL_SYSCONFDIR"/certdb.db" +#define HIP_CERT_DB_PATH_AND_NAME HIPL_SYSCONFDIR "/certdb.db" #define HIP_CERT_DB_CREATE_TBLS "CREATE TABLE hits (" \ - "lhit VARCHAR(41), " \ - "rhit VARCHAR(41), " \ - "cert VARCHAR(1048) " \ - "); " \ + "lhit VARCHAR(41), " \ + "rhit VARCHAR(41), " \ + "cert VARCHAR(1048) " \ + "); " \ #define HIP_CERT_DB_SELECT_HITS "SELECT * FROM hits;" - + #define HIP_AGENT_DB_CREATE_TBLS "CREATE TABLE local (" \ "lname VARCHAR(65), " \ "lhit VARCHAR(41)" \ @@ -60,10 +60,12 @@ #define HIP_AGENT_DB_SELECT_GROUPS "SELECT * FROM groups;" -sqlite3 * hip_sqlite_open_db(const char *, const char *); +sqlite3 *hip_sqlite_open_db(const char *, const char *); int hip_sqlite_close_db(sqlite3 *); -int hip_sqlite_select(sqlite3 *, const char *, - int (*callback)(void*,int,char**,char**)); +int hip_sqlite_select(sqlite3 *, const char *, int(*callback)(void *, + int, + char **, + char **)); int hip_sqlite_execute_into_db(sqlite3 *, const char *); /* These three functions are just wrappers for the one in above */ === modified file 'lib/core/sqlitedbapi.h.doxyme' --- lib/core/sqlitedbapi.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/sqlitedbapi.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/sqlitedbapi.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/state.h' --- lib/core/state.h 2010-02-08 15:18:06 +0000 +++ lib/core/state.h 2010-02-10 23:55:24 +0000 @@ -30,7 +30,7 @@ * @{ */ /* When adding new states update debug.h hip_state_str(). Doxygen comments to - these states are available at doc/doxygen.h */ + * these states are available at doc/doxygen.h */ #define HIP_STATE_NONE 0 #define HIP_STATE_UNASSOCIATED 1 #define HIP_STATE_I1_SENT 2 @@ -72,8 +72,8 @@ #define HIP_UPDATE_ECHO_RESPONSE 2 #define SEND_UPDATE_ESP_ANCHOR 3 -#define HIP_SPI_DIRECTION_OUT 1 -#define HIP_SPI_DIRECTION_IN 2 +#define HIP_SPI_DIRECTION_OUT 1 +#define HIP_SPI_DIRECTION_IN 2 #define HIP_FLAG_CONTROL_TRAFFIC_ONLY 0x1 @@ -83,41 +83,45 @@ * @todo remove HIP_HASTATE_SPIOK */ typedef enum { - HIP_HASTATE_INVALID = 0, - HIP_HASTATE_SPIOK = 1, - HIP_HASTATE_HITOK = 2, - HIP_HASTATE_VALID = 3 + HIP_HASTATE_INVALID = 0, + HIP_HASTATE_SPIOK = 1, + HIP_HASTATE_HITOK = 2, + HIP_HASTATE_VALID = 3 } hip_hastate_t; /** A typedefinition for a functionpointer to a transmitfunction introduced in - @c hip_xmit_func_set_t. */ -typedef int (*hip_xmit_func_t)(const struct in6_addr *, const struct in6_addr *, const in_port_t, - const in_port_t, struct hip_common*, hip_ha_t *, const int); + * @c hip_xmit_func_set_t. */ +typedef int (*hip_xmit_func_t)(const struct in6_addr *, + const struct in6_addr *, + const in_port_t, + const in_port_t, + struct hip_common *, + hip_ha_t *, + const int); /** * A data structure for storing the source and destination ports of an incoming * packet. */ -typedef struct hip_stateless_info -{ - in_port_t src_port; /**< The source port of an incoming packet. */ - in_port_t dst_port; /**< The destination port of an incoming packet. */ +typedef struct hip_stateless_info { + in_port_t src_port; /**< The source port of an incoming packet. */ + in_port_t dst_port; /**< The destination port of an incoming packet. */ #ifdef CONFIG_HIP_I3 - int hi3_in_use; /**< A boolean to indicate whether this message was - sent through I3 or not .*/ + int hi3_in_use; /**< A boolean to indicate whether this message was + * sent through I3 or not .*/ #endif -}hip_portpair_t; +} hip_portpair_t; /** * A data structure for handling retransmission. Used inside host association * database entries. */ -typedef struct hip_msg_retrans{ - int count; - time_t last_transmit; - struct in6_addr saddr; - struct in6_addr daddr; - struct hip_common *buf; +typedef struct hip_msg_retrans { + int count; + time_t last_transmit; + struct in6_addr saddr; + struct in6_addr daddr; + struct hip_common *buf; } hip_msg_retrans_t; /** @@ -128,41 +132,39 @@ * @c RELAY_TO parameters. * @note obsolete */ -struct hip_in6_addr_port -{ - struct in6_addr sin6_addr; /**< IPv6 address. */ - in_port_t sin6_port; /**< Transport layer port number. */ +struct hip_in6_addr_port { + struct in6_addr sin6_addr; /**< IPv6 address. */ + in_port_t sin6_port; /**< Transport layer port number. */ } __attribute__ ((packed)); -struct hip_context -{ - //struct sk_buff *skb_in; /* received skbuff */ - struct hip_common *input; /**< Received packet. */ - struct hip_common *output; /**< Packet to be built and sent. */ - struct hip_crypto_key hip_enc_out; - struct hip_crypto_key hip_hmac_out; - struct hip_crypto_key esp_out; - struct hip_crypto_key auth_out; - struct hip_crypto_key hip_enc_in; - struct hip_crypto_key hip_hmac_in; - struct hip_crypto_key esp_in; - struct hip_crypto_key auth_in; - char *dh_shared_key; - size_t dh_shared_key_len; - struct hip_esp_info *esp_info; - - uint16_t current_keymat_index; /**< The byte offset index in draft - chapter HIP KEYMAT */ - unsigned char current_keymat_K[HIP_AH_SHA_LEN]; - uint8_t keymat_calc_index; /**< The one byte index number used - during the keymat calculation. */ - uint16_t keymat_index; /**< KEYMAT offset. */ - uint16_t esp_keymat_index; /**< A pointer to the esp keymat index. */ - - int esp_prot_param; - - char hip_nat_key[HIP_MAX_KEY_LEN]; - int use_ice; +struct hip_context { + //struct sk_buff *skb_in; /* received skbuff */ + struct hip_common * input; /**< Received packet. */ + struct hip_common * output; /**< Packet to be built and sent. */ + struct hip_crypto_key hip_enc_out; + struct hip_crypto_key hip_hmac_out; + struct hip_crypto_key esp_out; + struct hip_crypto_key auth_out; + struct hip_crypto_key hip_enc_in; + struct hip_crypto_key hip_hmac_in; + struct hip_crypto_key esp_in; + struct hip_crypto_key auth_in; + char * dh_shared_key; + size_t dh_shared_key_len; + struct hip_esp_info * esp_info; + + uint16_t current_keymat_index; /**< The byte offset index in draft + * chapter HIP KEYMAT */ + unsigned char current_keymat_K[HIP_AH_SHA_LEN]; + uint8_t keymat_calc_index; /**< The one byte index number used + * during the keymat calculation. */ + uint16_t keymat_index; /**< KEYMAT offset. */ + uint16_t esp_keymat_index; /**< A pointer to the esp keymat index. */ + + int esp_prot_param; + + char hip_nat_key[HIP_MAX_KEY_LEN]; + int use_ice; }; /* @@ -170,622 +172,625 @@ * for the part of address item. It is used in hip_update_locator_match(). */ /// @todo Check if all these fields are used and needed -struct hip_peer_addr_list_item -{ +struct hip_peer_addr_list_item { // hip_list_t list; - uint32_t padding; - unsigned long hash_key; - struct in6_addr address; + uint32_t padding; + unsigned long hash_key; + struct in6_addr address; - int address_state; /* current state of the - * address (PEER_ADDR_STATE_xx) */ - int is_preferred; /* 1 if this address was set as - preferred address in the LOCATOR */ - uint32_t lifetime; - struct timeval modified_time; /* time when this address was - added or updated */ - uint32_t seq_update_id; /* the Update ID in SEQ parameter - this address is related to */ - uint8_t echo_data[4]; /* data put into the ECHO_REQUEST parameter */ + int address_state; /* current state of the + * address (PEER_ADDR_STATE_xx) */ + int is_preferred; /* 1 if this address was set as + * preferred address in the LOCATOR */ + uint32_t lifetime; + struct timeval modified_time; /* time when this address was + * added or updated */ + uint32_t seq_update_id; /* the Update ID in SEQ parameter + * this address is related to */ + uint8_t echo_data[4]; /* data put into the ECHO_REQUEST parameter */ //NAT branch - uint8_t transport_protocol; /*value 1 for UDP*/ - - uint16_t port /*port number for transport protocol*/; - - uint32_t priority; - - uint8_t kind; + uint8_t transport_protocol; /*value 1 for UDP*/ + + uint16_t port /*port number for transport protocol*/; + + uint32_t priority; + + uint8_t kind; //end NAT branch }; /* for HIT-SPI hashtable only */ struct hip_hit_spi { // hip_list_t list; - spinlock_t lock; - atomic_t refcnt; - hip_hit_t hit_our; - hip_hit_t hit_peer; - uint32_t spi; /* this SPI spi belongs to the HIT hit */ + spinlock_t lock; + atomic_t refcnt; + hip_hit_t hit_our; + hip_hit_t hit_peer; + uint32_t spi; /* this SPI spi belongs to the HIT hit */ }; -struct hip_spi_in_item -{ +struct hip_spi_in_item { // hip_list_t list; - uint32_t spi; - uint32_t new_spi; /* SPI is changed to this when rekeying */ - /* ifindex if the netdev to which this is related to */ - int ifindex; - unsigned long timestamp; /* when SA was created */ - int updating; /* UPDATE is in progress */ - uint32_t esp_info_spi_out; /* UPDATE, the stored outbound - * SPI related to the inbound - * SPI we sent in reply (useless?)*/ - uint16_t keymat_index; /* advertised keymat index */ - int update_state_flags; /* 0x1=received ack for - sent SEQ, 0x2=received - peer's ESP_INFO, - both=0x3=can move back - to established */ - /* the Update ID in SEQ parameter these SPI are related to */ - uint32_t seq_update_id; - /* the corresponding esp_info of peer */ - struct hip_esp_info stored_received_esp_info; - /* our addresses this SPI is related to, reuse struct to ease coding */ - struct hip_locator_info_addr_item *addresses; - int addresses_n; /* number of addresses */ + uint32_t spi; + uint32_t new_spi; /* SPI is changed to this when rekeying */ + /* ifindex if the netdev to which this is related to */ + int ifindex; + unsigned long timestamp; /* when SA was created */ + int updating; /* UPDATE is in progress */ + uint32_t esp_info_spi_out; /* UPDATE, the stored outbound + * SPI related to the inbound + * SPI we sent in reply (useless?)*/ + uint16_t keymat_index; /* advertised keymat index */ + int update_state_flags; /* 0x1=received ack for + * sent SEQ, 0x2=received + * peer's ESP_INFO, + * both=0x3=can move back + * to established */ + /* the Update ID in SEQ parameter these SPI are related to */ + uint32_t seq_update_id; + /* the corresponding esp_info of peer */ + struct hip_esp_info stored_received_esp_info; + /* our addresses this SPI is related to, reuse struct to ease coding */ + struct hip_locator_info_addr_item *addresses; + int addresses_n; /* number of addresses */ }; #ifndef __KERNEL__ -struct hip_spi_out_item -{ +struct hip_spi_out_item { // hip_list_t list; - uint32_t spi; - uint32_t new_spi; /* spi is changed to this when rekeying */ - uint32_t seq_update_id; /* USELESS, IF SEQ ID WILL BE RELATED TO ADDRESS ITEMS, - * NOT OUTBOUND SPIS *//* the Update ID in SEQ parameter these SPI are related to */ - - HIP_HASHTABLE *peer_addr_list; /* Peer's IPv6 addresses */ - struct in6_addr preferred_address; + uint32_t spi; + uint32_t new_spi; /* spi is changed to this when rekeying */ + + /* USELESS, IF SEQ ID WILL BE RELATED TO ADDRESS ITEMS, + * NOT OUTBOUND SPIS */ + /* the Update ID in SEQ parameter these SPI are related to */ + uint32_t seq_update_id; + + HIP_HASHTABLE * peer_addr_list; /* Peer's IPv6 addresses */ + struct in6_addr preferred_address; }; #endif /* this struct is here instead of hidb.h to avoid some weird compilation - warnings */ + * warnings */ struct hip_host_id_entry { - /* this needs to be first (list_for_each_entry, list - head being of different type) */ - //hip_list_t next; - struct hip_lhi lhi; - hip_lsi_t lsi; - /* struct in6_addr ipv6_addr[MAXIP]; */ - struct hip_host_id *host_id; /* allocated dynamically */ - void *private_key; /* RSA or DSA */ - struct hip_r1entry *r1; /* precreated R1s */ - struct hip_r1entry *blindr1; /* pre-created R1s for blind*/ - /* Handler to call after insert with an argument, return 0 if OK*/ - int (*insert)(struct hip_host_id_entry *, void **arg); - /* Handler to call before remove with an argument, return 0 if OK*/ - int (*remove)(struct hip_host_id_entry *, void **arg); - void *arg; + /* this needs to be first (list_for_each_entry, list + * head being of different type) */ + //hip_list_t next; + struct hip_lhi lhi; + hip_lsi_t lsi; + /* struct in6_addr ipv6_addr[MAXIP]; */ + struct hip_host_id *host_id; /* allocated dynamically */ + void * private_key; /* RSA or DSA */ + struct hip_r1entry *r1; /* precreated R1s */ + struct hip_r1entry *blindr1; /* pre-created R1s for blind*/ + /* Handler to call after insert with an argument, return 0 if OK*/ + int (*insert)(struct hip_host_id_entry *, void **arg); + /* Handler to call before remove with an argument, return 0 if OK*/ + int (*remove)(struct hip_host_id_entry *, void **arg); + void * arg; }; #ifndef __KERNEL__ /* If you need to add a new boolean type variable to this structure, consider - adding a control value to the local_controls and/or peer_controls bitmask - field(s) instead of adding yet another integer. Lauri 24.01.2008. */ + * adding a control value to the local_controls and/or peer_controls bitmask + * field(s) instead of adding yet another integer. Lauri 24.01.2008. */ /** A data structure defining host association database state i.e.\ a HIP - association between two hosts. Each successful base exchange between two - different hosts leads to a new @c hip_hadb_state with @c state set to - @c HIP_STATE_ESTABLISHED. */ -struct hip_hadb_state -{ - /** Our Host Identity Tag (HIT). */ - hip_hit_t hit_our; - /** Peer's Host Identity Tag (HIT). */ - hip_hit_t hit_peer; - /** Information about the usage of the host association related to - locking stuff which is currently unimplemented because the daemon - is single threaded. When zero, the host association can be freed. - @date 24.01.2008 */ - hip_hastate_t hastate; - /** Counter to tear down a HA in CLOSING or CLOSED state */ - int purge_timeout; - /** The state of this host association. @see hip_ha_state */ - int state; - /** This guarantees that retransmissions work properly also in - non-established state.*/ - int retrans_state; - /** A kludge to get the UPDATE retransmission to work. - @todo Remove this kludge. */ - int update_state; - /** Our control values related to this host association. - @see hip_ha_controls */ - hip_controls_t local_controls; - /** Peer control values related to this host association. - @see hip_ha_controls */ - hip_controls_t peer_controls; - /** If this host association is from a local HIT to a local HIT this - is non-zero, otherwise zero. */ - int is_loopback; - /** Default SPI for outbound SAs. */ - //uint32_t default_spi_out; - /** Preferred peer IP address to use when sending data to peer. */ - struct in6_addr peer_addr; - /** Our IP address. */ - struct in6_addr our_addr; - /** Rendezvour server address used to connect to the peer; */ - struct in6_addr *rendezvous_addr; - /** Peer's Local Scope Identifier (LSI). A Local Scope Identifier is a - 32-bit localized representation for a Host Identity.*/ - hip_lsi_t lsi_peer; - /** Our Local Scope Identifier (LSI). A Local Scope Identifier is a - 32-bit localized representation for a Host Identity.*/ - hip_lsi_t lsi_our; - /** ESP transform type */ - int esp_transform; - /** HIP transform type */ - int hip_transform; - /** ESP extension protection transform */ - uint8_t esp_prot_transform; - /** ESP extension protection local_anchor */ - unsigned char esp_local_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; - /** another local anchor used for UPDATE messages */ - unsigned char esp_local_update_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; - /** ESP extension protection peer_anchor */ - unsigned char esp_peer_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; - /** another peer anchor used for UPDATE messages */ - unsigned char esp_peer_update_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; - /** needed for offset calculation when using htrees */ - uint32_t esp_local_active_length; - uint32_t esp_local_update_length; - uint32_t esp_peer_active_length; - uint32_t esp_peer_update_length; - /** root needed in case of hierarchical hchain linking */ - uint8_t esp_root_length; - unsigned char esp_root[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; - int hash_item_length; - /** parameters needed for soft-updates of hchains */ - /** Stored outgoing UPDATE ID counter. */ - uint32_t light_update_id_out; - /** Stored incoming UPDATE ID counter. */ - uint32_t light_update_id_in; - /** retranmission */ - uint8_t light_update_retrans; - /** Something to do with the birthday paradox. - @todo Please clarify what this field is. */ - uint64_t birthday; - /** A pointer to the Diffie-Hellman shared key. */ - char *dh_shared_key; - /** The length of the Diffie-Hellman shared key. */ - size_t dh_shared_key_len; - /** A boolean value indicating whether there is a NAT between this host - and the peer. */ - hip_transform_suite_t nat_mode; - /* this might seem redundant as dst_port == hip_get_nat_udp_port(), but it makes - * port handling easier in other functions */ - in_port_t local_udp_port; - /** NAT mangled port (source port of I2 packet). */ - in_port_t peer_udp_port; - /* The Initiator computes the keys when it receives R1. The keys are - needed only when R2 is received. We store them here in the mean - time. */ - /** For outgoing HIP packets. */ - struct hip_crypto_key hip_enc_out; - /** For outgoing HIP packets. */ - struct hip_crypto_key hip_hmac_out; - /** For outgoing ESP packets. */ - struct hip_crypto_key esp_out; - /** For outgoing ESP packets. */ - struct hip_crypto_key auth_out; - /** For incoming HIP packets. */ - struct hip_crypto_key hip_enc_in; - /** For incoming HIP packets. */ - struct hip_crypto_key hip_hmac_in; - /** For incoming ESP packets. */ - struct hip_crypto_key esp_in; - /** For incoming ESP packets. */ - struct hip_crypto_key auth_in; - /** The byte offset index in draft chapter HIP KEYMAT. */ - uint16_t current_keymat_index; - /** The one byte index number used during the keymat calculation. */ - uint8_t keymat_calc_index; - /** For @c esp_info. */ - uint16_t esp_keymat_index; - /* Last Kn, where n is @c keymat_calc_index. */ - unsigned char current_keymat_K[HIP_AH_SHA_LEN]; - /** Stored outgoing UPDATE ID counter. */ - uint32_t update_id_out; - /** Stored incoming UPDATE ID counter. */ - uint32_t update_id_in; - /** Our public host identity. */ - struct hip_host_id *our_pub; - /** Our private host identity. */ - struct hip_host_id *our_priv; - /** Keys in OpenSSL RSA or DSA format */ - void *our_priv_key; - void *peer_pub_key; - /** A function pointer to a function that signs our host identity. */ - int (*sign)(void *, struct hip_common *); - /** Peer's public host identity. */ - struct hip_host_id *peer_pub; - /** A function pointer to a function that verifies peer's host identity. */ - int (*verify)(void *, struct hip_common *); - /** For retransmission. */ - uint64_t puzzle_solution; - /** 1, if hadb_state uses BLIND protocol. */ - uint16_t blind; - /** The HIT we use with this host when BLIND is in use. */ - hip_hit_t hit_our_blind; - /** The HIT the peer uses when BLIND is in use. */ - hip_hit_t hit_peer_blind; - /** BLIND nonce. */ - uint16_t blind_nonce_i; - /** LOCATOR parameter. Just tmp save if sent in R1 no @c esp_info so - keeping it here 'till the hip_update_locator_parameter can be done. - @todo Remove this kludge. */ - struct hip_locator *locator; - /** For retransmission. */ - uint64_t puzzle_i; - /** Used for UPDATE and CLOSE. When we sent multiple identical UPDATE - * packets between different address combinations, we don't modify - * the opaque data. */ - char echo_data[4]; + * association between two hosts. Each successful base exchange between two + * different hosts leads to a new @c hip_hadb_state with @c state set to + * @c HIP_STATE_ESTABLISHED. */ +struct hip_hadb_state { + /** Our Host Identity Tag (HIT). */ + hip_hit_t hit_our; + /** Peer's Host Identity Tag (HIT). */ + hip_hit_t hit_peer; + /** Information about the usage of the host association related to + * locking stuff which is currently unimplemented because the daemon + * is single threaded. When zero, the host association can be freed. + * @date 24.01.2008 */ + hip_hastate_t hastate; + /** Counter to tear down a HA in CLOSING or CLOSED state */ + int purge_timeout; + /** The state of this host association. @see hip_ha_state */ + int state; + /** This guarantees that retransmissions work properly also in + * non-established state.*/ + int retrans_state; + /** A kludge to get the UPDATE retransmission to work. + * @todo Remove this kludge. */ + int update_state; + /** Our control values related to this host association. + * @see hip_ha_controls */ + hip_controls_t local_controls; + /** Peer control values related to this host association. + * @see hip_ha_controls */ + hip_controls_t peer_controls; + /** If this host association is from a local HIT to a local HIT this + * is non-zero, otherwise zero. */ + int is_loopback; + /** Default SPI for outbound SAs. */ + //uint32_t default_spi_out; + /** Preferred peer IP address to use when sending data to peer. */ + struct in6_addr peer_addr; + /** Our IP address. */ + struct in6_addr our_addr; + /** Rendezvour server address used to connect to the peer; */ + struct in6_addr * rendezvous_addr; + /** Peer's Local Scope Identifier (LSI). A Local Scope Identifier is a + * 32-bit localized representation for a Host Identity.*/ + hip_lsi_t lsi_peer; + /** Our Local Scope Identifier (LSI). A Local Scope Identifier is a + * 32-bit localized representation for a Host Identity.*/ + hip_lsi_t lsi_our; + /** ESP transform type */ + int esp_transform; + /** HIP transform type */ + int hip_transform; + /** ESP extension protection transform */ + uint8_t esp_prot_transform; + /** ESP extension protection local_anchor */ + unsigned char esp_local_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; + /** another local anchor used for UPDATE messages */ + unsigned char esp_local_update_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; + /** ESP extension protection peer_anchor */ + unsigned char esp_peer_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; + /** another peer anchor used for UPDATE messages */ + unsigned char esp_peer_update_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; + /** needed for offset calculation when using htrees */ + uint32_t esp_local_active_length; + uint32_t esp_local_update_length; + uint32_t esp_peer_active_length; + uint32_t esp_peer_update_length; + /** root needed in case of hierarchical hchain linking */ + uint8_t esp_root_length; + unsigned char esp_root[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; + int hash_item_length; + /** parameters needed for soft-updates of hchains */ + /** Stored outgoing UPDATE ID counter. */ + uint32_t light_update_id_out; + /** Stored incoming UPDATE ID counter. */ + uint32_t light_update_id_in; + /** retranmission */ + uint8_t light_update_retrans; + /** Something to do with the birthday paradox. + * @todo Please clarify what this field is. */ + uint64_t birthday; + /** A pointer to the Diffie-Hellman shared key. */ + char * dh_shared_key; + /** The length of the Diffie-Hellman shared key. */ + size_t dh_shared_key_len; + /** A boolean value indicating whether there is a NAT between this host + * and the peer. */ + hip_transform_suite_t nat_mode; + /* this might seem redundant as dst_port == hip_get_nat_udp_port(), but it makes + * port handling easier in other functions */ + in_port_t local_udp_port; + /** NAT mangled port (source port of I2 packet). */ + in_port_t peer_udp_port; + /* The Initiator computes the keys when it receives R1. The keys are + * needed only when R2 is received. We store them here in the mean + * time. */ + /** For outgoing HIP packets. */ + struct hip_crypto_key hip_enc_out; + /** For outgoing HIP packets. */ + struct hip_crypto_key hip_hmac_out; + /** For outgoing ESP packets. */ + struct hip_crypto_key esp_out; + /** For outgoing ESP packets. */ + struct hip_crypto_key auth_out; + /** For incoming HIP packets. */ + struct hip_crypto_key hip_enc_in; + /** For incoming HIP packets. */ + struct hip_crypto_key hip_hmac_in; + /** For incoming ESP packets. */ + struct hip_crypto_key esp_in; + /** For incoming ESP packets. */ + struct hip_crypto_key auth_in; + /** The byte offset index in draft chapter HIP KEYMAT. */ + uint16_t current_keymat_index; + /** The one byte index number used during the keymat calculation. */ + uint8_t keymat_calc_index; + /** For @c esp_info. */ + uint16_t esp_keymat_index; + /* Last Kn, where n is @c keymat_calc_index. */ + unsigned char current_keymat_K[HIP_AH_SHA_LEN]; + /** Stored outgoing UPDATE ID counter. */ + uint32_t update_id_out; + /** Stored incoming UPDATE ID counter. */ + uint32_t update_id_in; + /** Our public host identity. */ + struct hip_host_id * our_pub; + /** Our private host identity. */ + struct hip_host_id * our_priv; + /** Keys in OpenSSL RSA or DSA format */ + void * our_priv_key; + void * peer_pub_key; + /** A function pointer to a function that signs our host identity. */ + int (*sign)(void *, struct hip_common *); + /** Peer's public host identity. */ + struct hip_host_id * peer_pub; + /** A function pointer to a function that verifies peer's host identity. */ + int (*verify)(void *, struct hip_common *); + /** For retransmission. */ + uint64_t puzzle_solution; + /** 1, if hadb_state uses BLIND protocol. */ + uint16_t blind; + /** The HIT we use with this host when BLIND is in use. */ + hip_hit_t hit_our_blind; + /** The HIT the peer uses when BLIND is in use. */ + hip_hit_t hit_peer_blind; + /** BLIND nonce. */ + uint16_t blind_nonce_i; + /** LOCATOR parameter. Just tmp save if sent in R1 no @c esp_info so + * keeping it here 'till the hip_update_locator_parameter can be done. + * @todo Remove this kludge. */ + struct hip_locator * locator; + /** For retransmission. */ + uint64_t puzzle_i; + /** Used for UPDATE and CLOSE. When we sent multiple identical UPDATE + * packets between different address combinations, we don't modify + * the opaque data. */ + char echo_data[4]; - HIP_HASHTABLE *peer_addr_list_to_be_added; - /** For storing retransmission related data. */ - hip_msg_retrans_t hip_msg_retrans; - /** Receive function set. - @note Do not modify this value directly. Use - hip_hadb_set_rcv_function_set() instead. */ - hip_rcv_func_set_t *hadb_rcv_func; - /** Handle function set. - @note Do not modify this value directly. Use - hip_hadb_set_handle_function_set() instead. */ - hip_handle_func_set_t *hadb_handle_func; - /** Miscellaneous function set. - @note Do not modify this value directly. Use - hip_hadb_set_handle_function_set() instead. */ - hip_misc_func_set_t *hadb_misc_func; - /** Update function set. - @note Do not modify this value directly. Use - hip_hadb_set_handle_function_set() instead. */ - hip_update_func_set_t *hadb_update_func; - /** Transmission function set. - @note Do not modify this value directly. Use - hip_hadb_set_handle_function_set() instead. */ - hip_xmit_func_set_t *hadb_xmit_func; - /** IPsec function set. - @note Do not modify this value directly. Use - hip_ipsec_set_handle_function_set() instead. */ - hip_ipsec_func_set_t *hadb_ipsec_func; - /** Input filter function set. Input filter used in the GUI agent. - @note Do not modify this value directly. Use - hip_hadb_set_input_filter_function_set() instead. */ - hip_input_filter_func_set_t *hadb_input_filter_func; - /** Output filter function set. Output filter used in the GUI agent. - @note Do not modify this value directly. Use - hip_hadb_set_output_filter_function_set() instead. */ - hip_output_filter_func_set_t *hadb_output_filter_func; - /** peer hostname */ - uint8_t peer_hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - /** True when agent is prompting user and fall back is disabled. */ - int hip_opp_fallback_disable; + HIP_HASHTABLE * peer_addr_list_to_be_added; + /** For storing retransmission related data. */ + hip_msg_retrans_t hip_msg_retrans; + /** Receive function set. + * @note Do not modify this value directly. Use + * hip_hadb_set_rcv_function_set() instead. */ + hip_rcv_func_set_t * hadb_rcv_func; + /** Handle function set. + * @note Do not modify this value directly. Use + * hip_hadb_set_handle_function_set() instead. */ + hip_handle_func_set_t * hadb_handle_func; + /** Miscellaneous function set. + * @note Do not modify this value directly. Use + * hip_hadb_set_handle_function_set() instead. */ + hip_misc_func_set_t * hadb_misc_func; + /** Update function set. + * @note Do not modify this value directly. Use + * hip_hadb_set_handle_function_set() instead. */ + hip_update_func_set_t * hadb_update_func; + /** Transmission function set. + * @note Do not modify this value directly. Use + * hip_hadb_set_handle_function_set() instead. */ + hip_xmit_func_set_t * hadb_xmit_func; + /** IPsec function set. + * @note Do not modify this value directly. Use + * hip_ipsec_set_handle_function_set() instead. */ + hip_ipsec_func_set_t * hadb_ipsec_func; + /** Input filter function set. Input filter used in the GUI agent. + * @note Do not modify this value directly. Use + * hip_hadb_set_input_filter_function_set() instead. */ + hip_input_filter_func_set_t * hadb_input_filter_func; + /** Output filter function set. Output filter used in the GUI agent. + * @note Do not modify this value directly. Use + * hip_hadb_set_output_filter_function_set() instead. */ + hip_output_filter_func_set_t * hadb_output_filter_func; + /** peer hostname */ + uint8_t peer_hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + /** True when agent is prompting user and fall back is disabled. */ + int hip_opp_fallback_disable; #ifdef CONFIG_HIP_I3 - /** If the state for hi3, then this flag is 1, otherwise it is zero. */ - int is_hi3_state ; - /** Non-zero if hi3 mode is on. */ - int hip_is_hi3_on; + /** If the state for hi3, then this flag is 1, otherwise it is zero. */ + int is_hi3_state; + /** Non-zero if hi3 mode is on. */ + int hip_is_hi3_on; #endif - /** Non-zero if opportunistic TCP mode is on. */ - int hip_is_opptcp_on; - /** The local port from where the TCP SYN I1 packet will be sent */ - in_port_t tcp_opptcp_src_port; - /** the port at the peer where the TCP SYN I1 packet will be sent */ - in_port_t tcp_opptcp_dst_port; + /** Non-zero if opportunistic TCP mode is on. */ + int hip_is_opptcp_on; + /** The local port from where the TCP SYN I1 packet will be sent */ + in_port_t tcp_opptcp_src_port; + /** the port at the peer where the TCP SYN I1 packet will be sent */ + in_port_t tcp_opptcp_dst_port; #ifdef CONFIG_HIP_HIPPROXY - int hipproxy; + int hipproxy; #endif - /** Counters of heartbeats (ICMPv6s) **/ - int heartbeats_sent; - statistics_data_t heartbeats_statistics; - int update_trigger_on_heartbeat_counter; - - struct timeval bex_start; - struct timeval bex_end; - - //pointer for ice engine - void* ice_session; - /** a 16 bits flag for nat connectiviy checking engine control*/ - //uint16_t nat_control; - - uint32_t pacing; - uint8_t ice_control_role; - struct hip_esp_info *nat_esp_info; - - /** disable SAs on this HA (currently used only by full relay) */ - int disable_sas; - - char hip_nat_key[HIP_MAX_KEY_LEN]; - /**reflexive address(NAT box out bound) when register to relay or RVS */ - struct in6_addr local_reflexive_address; - /**reflexive address port (NAT box out bound) when register to relay or RVS */ - in_port_t local_reflexive_udp_port; - - /** These are used in the ICMPv6 heartbeat code. The hipd sends - periodic ICMPv6 keepalives through IPsec tunnel. If the - tunnel does not exist, a single threaded hipd will blocked - forever */ - int outbound_sa_count; - int inbound_sa_count; - - /** Variable shoting shotgun status for this host association: - * SO_HIP_SHOTGUN_ON if shotgun is on, - * SO_HIP_SHOTGUN_OFF if it is off. - */ - int shotgun_status; - - /** This "linked list" includes the locators we recieved in the initial - * UPDATE packet. Locators are stored as "struct in6_addr *"s. - * - * Hipd sends UPDATE packets including ECHO_REQUESTS to all these - * addresses. - * - * Notice that there's a hack that a hash table is used as a linked list - * here but this is common allover HIPL and it doesn't seem to cause - * performance problems. - */ - HIP_HASHTABLE *addresses_to_send_echo_request; - - int spi_inbound_current; - int spi_outbound_current; - int spi_outbound_new; - - // Has struct hip_peer_addr_list_item s - HIP_HASHTABLE *peer_addresses_old; + /** Counters of heartbeats (ICMPv6s) **/ + int heartbeats_sent; + statistics_data_t heartbeats_statistics; + int update_trigger_on_heartbeat_counter; + + struct timeval bex_start; + struct timeval bex_end; + + //pointer for ice engine + void * ice_session; + /** a 16 bits flag for nat connectiviy checking engine control*/ + //uint16_t nat_control; + + uint32_t pacing; + uint8_t ice_control_role; + struct hip_esp_info *nat_esp_info; + + /** disable SAs on this HA (currently used only by full relay) */ + int disable_sas; + + char hip_nat_key[HIP_MAX_KEY_LEN]; + /**reflexive address(NAT box out bound) when register to relay or RVS */ + struct in6_addr local_reflexive_address; + /**reflexive address port (NAT box out bound) when register to relay or RVS */ + in_port_t local_reflexive_udp_port; + + /** These are used in the ICMPv6 heartbeat code. The hipd sends + * periodic ICMPv6 keepalives through IPsec tunnel. If the + * tunnel does not exist, a single threaded hipd will blocked + * forever */ + int outbound_sa_count; + int inbound_sa_count; + + /** Variable shoting shotgun status for this host association: + * SO_HIP_SHOTGUN_ON if shotgun is on, + * SO_HIP_SHOTGUN_OFF if it is off. + */ + int shotgun_status; + + /** This "linked list" includes the locators we recieved in the initial + * UPDATE packet. Locators are stored as "struct in6_addr *"s. + * + * Hipd sends UPDATE packets including ECHO_REQUESTS to all these + * addresses. + * + * Notice that there's a hack that a hash table is used as a linked list + * here but this is common allover HIPL and it doesn't seem to cause + * performance problems. + */ + HIP_HASHTABLE *addresses_to_send_echo_request; + + int spi_inbound_current; + int spi_outbound_current; + int spi_outbound_new; + + // Has struct hip_peer_addr_list_item s + HIP_HASHTABLE *peer_addresses_old; }; #endif /* __KERNEL__ */ /** A data structure defining host association information that is sent - to the userspace */ -struct hip_hadb_user_info_state -{ - hip_hit_t hit_our; - hip_hit_t hit_peer; - struct in6_addr ip_our; - struct in6_addr ip_peer; - hip_lsi_t lsi_our; - hip_lsi_t lsi_peer; - uint8_t peer_hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; - int state; - int heartbeats_on; - int heartbeats_sent; - int heartbeats_received; - double heartbeats_mean; - double heartbeats_variance; - in_port_t nat_udp_port_local; - in_port_t nat_udp_port_peer; - int shotgun_status; - hip_controls_t peer_controls; - struct timeval bex_duration; + * to the userspace */ +struct hip_hadb_user_info_state { + hip_hit_t hit_our; + hip_hit_t hit_peer; + struct in6_addr ip_our; + struct in6_addr ip_peer; + hip_lsi_t lsi_our; + hip_lsi_t lsi_peer; + uint8_t peer_hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX]; + int state; + int heartbeats_on; + int heartbeats_sent; + int heartbeats_received; + double heartbeats_mean; + double heartbeats_variance; + in_port_t nat_udp_port_local; + in_port_t nat_udp_port_peer; + int shotgun_status; + hip_controls_t peer_controls; + struct timeval bex_duration; }; -struct hip_turn_info -{ - uint32_t spi; - struct in6_addr peer_address; - in_port_t peer_port; +struct hip_turn_info { + uint32_t spi; + struct in6_addr peer_address; + in_port_t peer_port; }; /** @addtogroup hadb_func * @{ */ struct hip_hadb_rcv_func_set { - int (*hip_receive_i1)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, - hip_portpair_t *); - - int (*hip_receive_r1)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, - hip_portpair_t *); - - /* as there is possibly no state established when i2 - messages are received, the hip_handle_i2 function pointer - is not executed during the establishment of a new connection*/ - int (*hip_receive_i2)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, - hip_portpair_t *); - - int (*hip_receive_r2)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, hip_portpair_t *); - - int (*hip_receive_update)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, - hip_portpair_t *); - - int (*hip_receive_notify)(const struct hip_common *, - const struct in6_addr *, - const struct in6_addr *, - hip_ha_t*); - - int (*hip_receive_bos)(struct hip_common *, - struct in6_addr *, - struct in6_addr *, - hip_ha_t*, - hip_portpair_t *); - - int (*hip_receive_close)(struct hip_common *, - hip_ha_t*); - - int (*hip_receive_close_ack)(struct hip_common *, - hip_ha_t*); - + int (*hip_receive_i1)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, + hip_portpair_t *); + + int (*hip_receive_r1)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, + hip_portpair_t *); + + /* as there is possibly no state established when i2 + * messages are received, the hip_handle_i2 function pointer + * is not executed during the establishment of a new connection*/ + int (*hip_receive_i2)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, + hip_portpair_t *); + + int (*hip_receive_r2)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, hip_portpair_t *); + + int (*hip_receive_update)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, + hip_portpair_t *); + + int (*hip_receive_notify)(const struct hip_common *, + const struct in6_addr *, + const struct in6_addr *, + hip_ha_t *); + + int (*hip_receive_bos)(struct hip_common *, + struct in6_addr *, + struct in6_addr *, + hip_ha_t *, + hip_portpair_t *); + + int (*hip_receive_close)(struct hip_common *, + hip_ha_t *); + + int (*hip_receive_close_ack)(struct hip_common *, + hip_ha_t *); }; -struct hip_hadb_handle_func_set{ - int (*hip_handle_i1)(struct hip_common *r1, - struct in6_addr *r1_saddr, - struct in6_addr *r1_daddr, - hip_ha_t *entry, - hip_portpair_t *); - - int (*hip_handle_r1)(struct hip_common *r1, - struct in6_addr *r1_saddr, - struct in6_addr *r1_daddr, - hip_ha_t *entry, - hip_portpair_t *); - - /* as there is possibly no state established when i2 - messages are received, the hip_handle_i2 function pointer - is not executed during the establishment of a new connection*/ - int (*hip_handle_i2)(struct hip_common *i2, - struct in6_addr *i2_saddr, - struct in6_addr *i2_daddr, - hip_ha_t *ha, - hip_portpair_t *i2_info); - - int (*hip_handle_r2)(struct hip_common *r2, - struct in6_addr *r2_saddr, - struct in6_addr *r2_daddr, - hip_ha_t *ha, - hip_portpair_t *r2_info); - int (*hip_handle_bos)(struct hip_common *bos, - struct in6_addr *r2_saddr, - struct in6_addr *r2_daddr, - hip_ha_t *ha, - hip_portpair_t *); - int (*hip_handle_close)(struct hip_common *close, - hip_ha_t *entry); - int (*hip_handle_close_ack)(struct hip_common *close_ack, - hip_ha_t *entry); +struct hip_hadb_handle_func_set { + int (*hip_handle_i1)(struct hip_common *r1, + struct in6_addr *r1_saddr, + struct in6_addr *r1_daddr, + hip_ha_t *entry, + hip_portpair_t *); + + int (*hip_handle_r1)(struct hip_common *r1, + struct in6_addr *r1_saddr, + struct in6_addr *r1_daddr, + hip_ha_t *entry, + hip_portpair_t *); + + /* as there is possibly no state established when i2 + * messages are received, the hip_handle_i2 function pointer + * is not executed during the establishment of a new connection*/ + int (*hip_handle_i2)(struct hip_common *i2, + struct in6_addr *i2_saddr, + struct in6_addr *i2_daddr, + hip_ha_t *ha, + hip_portpair_t *i2_info); + + int (*hip_handle_r2)(struct hip_common *r2, + struct in6_addr *r2_saddr, + struct in6_addr *r2_daddr, + hip_ha_t *ha, + hip_portpair_t *r2_info); + int (*hip_handle_bos)(struct hip_common *bos, + struct in6_addr *r2_saddr, + struct in6_addr *r2_daddr, + hip_ha_t *ha, + hip_portpair_t *); + int (*hip_handle_close)(struct hip_common *close, + hip_ha_t *entry); + int (*hip_handle_close_ack)(struct hip_common *close_ack, + hip_ha_t *entry); }; /* -struct hip_hadb_update_func_set{ - int (*hip_handle_update_plain_locator)(hip_ha_t *entry, - struct hip_common *msg, - struct in6_addr *src_ip, - struct in6_addr *dst_ip, - struct hip_esp_info *esp_info, - struct hip_seq *seq); - - int (*hip_handle_update_addr_verify)(hip_ha_t *entry, - struct hip_common *msg, - struct in6_addr *src_ip, - struct in6_addr *dst_ip); - - void (*hip_update_handle_ack)(hip_ha_t *entry, - struct hip_ack *ack, - int have_nes); - - int (*hip_handle_update_established)(hip_ha_t *entry, - struct hip_common *msg, - struct in6_addr *src_ip, - struct in6_addr *dst_ip, - hip_portpair_t *); - int (*hip_handle_update_rekeying)(hip_ha_t *entry, - struct hip_common *msg, - struct in6_addr *src_ip); - - int (*hip_update_send_addr_verify)(hip_ha_t *entry, - struct hip_common *msg, - struct in6_addr *src_ip, - uint32_t spi); - - int (*hip_update_send_echo)(hip_ha_t *entry, - uint32_t spi_out, - struct hip_peer_addr_list_item *addr); -};*/ - -struct hip_hadb_misc_func_set{ - uint64_t (*hip_solve_puzzle)(void *puzzle, - struct hip_common *hdr, - int mode); - int (*hip_produce_keying_material)(struct hip_common *msg, - struct hip_context *ctx, - uint64_t I, - uint64_t J, - struct hip_dh_public_value **); - int (*hip_create_i2)(struct hip_context *ctx, uint64_t solved_puzzle, - struct in6_addr *r1_saddr, - struct in6_addr *r1_daddr, - hip_ha_t *entry, - hip_portpair_t *, - struct hip_dh_public_value *); - int (*hip_create_r2)(struct hip_context *ctx, - struct in6_addr *i2_saddr, - struct in6_addr *i2_daddr, - hip_ha_t *entry, - hip_portpair_t *, + * struct hip_hadb_update_func_set{ + * int (*hip_handle_update_plain_locator)(hip_ha_t *entry, + * struct hip_common *msg, + * struct in6_addr *src_ip, + * struct in6_addr *dst_ip, + * struct hip_esp_info *esp_info, + * struct hip_seq *seq); + * + * int (*hip_handle_update_addr_verify)(hip_ha_t *entry, + * struct hip_common *msg, + * struct in6_addr *src_ip, + * struct in6_addr *dst_ip); + * + * void (*hip_update_handle_ack)(hip_ha_t *entry, + * struct hip_ack *ack, + * int have_nes); + * + * int (*hip_handle_update_established)(hip_ha_t *entry, + * struct hip_common *msg, + * struct in6_addr *src_ip, + * struct in6_addr *dst_ip, + * hip_portpair_t *); + * int (*hip_handle_update_rekeying)(hip_ha_t *entry, + * struct hip_common *msg, + * struct in6_addr *src_ip); + * + * int (*hip_update_send_addr_verify)(hip_ha_t *entry, + * struct hip_common *msg, + * struct in6_addr *src_ip, + * uint32_t spi); + * + * int (*hip_update_send_echo)(hip_ha_t *entry, + * uint32_t spi_out, + * struct hip_peer_addr_list_item *addr); + * };*/ + +struct hip_hadb_misc_func_set { + uint64_t (*hip_solve_puzzle)(void *puzzle, + struct hip_common *hdr, + int mode); + int (*hip_produce_keying_material)(struct hip_common *msg, + struct hip_context *ctx, + uint64_t I, + uint64_t J, + struct hip_dh_public_value **); + int (*hip_create_i2)(struct hip_context *ctx, uint64_t solved_puzzle, + struct in6_addr *r1_saddr, + struct in6_addr *r1_daddr, + hip_ha_t *entry, + hip_portpair_t *, + struct hip_dh_public_value *); + int (*hip_create_r2)(struct hip_context *ctx, + struct in6_addr *i2_saddr, + struct in6_addr *i2_daddr, + hip_ha_t *entry, + hip_portpair_t *, //add by santtu for the relay address and port - struct in6_addr *, - const in_port_t + struct in6_addr *, + const in_port_t //end add - ); - void (*hip_build_network_hdr)(struct hip_common *msg, uint8_t type_hdr, - uint16_t control, - const struct in6_addr *hit_sender, - const struct in6_addr *hit_receiver); + ); + void (*hip_build_network_hdr)(struct hip_common *msg, uint8_t type_hdr, + uint16_t control, + const struct in6_addr *hit_sender, + const struct in6_addr *hit_receiver); }; /** A data structure containing function pointers to functions used for sending - data on wire. */ -struct hip_hadb_xmit_func_set{ - /** A function pointer for sending packet on wire. */ - int (*hip_send_pkt)(const struct in6_addr *local_addr, - const struct in6_addr *peer_addr, - const in_port_t src_port, const in_port_t dst_port, - struct hip_common* msg, hip_ha_t *entry, - const int retransmit); + * data on wire. */ +struct hip_hadb_xmit_func_set { + /** A function pointer for sending packet on wire. */ + int (*hip_send_pkt)(const struct in6_addr *local_addr, + const struct in6_addr *peer_addr, + const in_port_t src_port, const in_port_t dst_port, + struct hip_common *msg, hip_ha_t *entry, + const int retransmit); }; struct hip_ipsec_func_set { - /** A function pointer for userspace/kernelspace ipsec */ - uint32_t (*hip_add_sa)(const struct in6_addr *saddr, const struct in6_addr *daddr, - const struct in6_addr *src_hit, const struct in6_addr *dst_hit, - const uint32_t spi, const int ealg, - const struct hip_crypto_key *enckey, - const struct hip_crypto_key *authkey, - const int already_acquired, - const int direction, const int update, - hip_ha_t *entry); - void (*hip_delete_sa)(const uint32_t spi, const struct in6_addr *not_used, - const struct in6_addr *dst_addr, - const int direction, hip_ha_t *entry); - int (*hip_flush_all_sa)(void); - int (*hip_setup_hit_sp_pair)(const hip_hit_t *src_hit, - const hip_hit_t *dst_hit, - const struct in6_addr *src_addr, - const struct in6_addr *dst_addr, - u8 proto, - int use_full_prefix, - int update); - void (*hip_delete_hit_sp_pair)(const hip_hit_t *src_hit, const hip_hit_t *dst_hit, const uint8_t proto, - const int use_full_prefix); - int (*hip_flush_all_policy)(void); - uint32_t (*hip_acquire_spi)(hip_hit_t *srchit, hip_hit_t *dsthit); - void (*hip_delete_default_prefix_sp_pair)(void); - int (*hip_setup_default_sp_prefix_pair)(void); + /** A function pointer for userspace/kernelspace ipsec */ + uint32_t (*hip_add_sa)(const struct in6_addr *saddr, + const struct in6_addr *daddr, + const struct in6_addr *src_hit, + const struct in6_addr *dst_hit, + const uint32_t spi, + const int ealg, + const struct hip_crypto_key *enckey, + const struct hip_crypto_key *authkey, + const int already_acquired, + const int direction, + const int update, + hip_ha_t *entry); + void (*hip_delete_sa)(const uint32_t spi, + const struct in6_addr *not_used, + const struct in6_addr *dst_addr, + const int direction, + hip_ha_t *entry); + int (*hip_flush_all_sa)(void); + int (*hip_setup_hit_sp_pair)(const hip_hit_t *src_hit, + const hip_hit_t *dst_hit, + const struct in6_addr *src_addr, + const struct in6_addr *dst_addr, + u8 proto, + int use_full_prefix, + int update); + void (*hip_delete_hit_sp_pair)(const hip_hit_t *src_hit, + const hip_hit_t *dst_hit, + const uint8_t proto, + const int use_full_prefix); + int (*hip_flush_all_policy)(void); + uint32_t (*hip_acquire_spi)(hip_hit_t *srchit, hip_hit_t *dsthit); + void (*hip_delete_default_prefix_sp_pair)(void); + int (*hip_setup_default_sp_prefix_pair)(void); }; struct hip_hadb_input_filter_func_set { - int (*hip_input_filter)(struct hip_common *msg); + int (*hip_input_filter)(struct hip_common *msg); }; struct hip_hadb_output_filter_func_set { - int (*hip_output_filter)(struct hip_common *msg); + int (*hip_output_filter)(struct hip_common *msg); }; /* @} */ #endif /* HIP_STATE_H */ - === modified file 'lib/core/state.h.doxyme' --- lib/core/state.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/state.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/state.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. * === modified file 'lib/core/utils.c' --- lib/core/utils.c 2010-01-19 09:28:42 +0000 +++ lib/core/utils.c 2010-02-10 23:55:24 +0000 @@ -2,58 +2,64 @@ int ipv6_addr_is_hit(const struct in6_addr *hit) { - hip_closest_prefix_type_t hit_begin; - memcpy(&hit_begin, hit, sizeof(hip_closest_prefix_type_t)); - hit_begin = ntohl(hit_begin); - hit_begin &= HIP_HIT_TYPE_MASK_INV; - return (hit_begin == HIP_HIT_PREFIX); + hip_closest_prefix_type_t hit_begin; + memcpy(&hit_begin, hit, sizeof(hip_closest_prefix_type_t)); + hit_begin = ntohl(hit_begin); + hit_begin &= HIP_HIT_TYPE_MASK_INV; + return hit_begin == HIP_HIT_PREFIX; } int ipv6_addr_is_teredo(const struct in6_addr *teredo) { - hip_closest_prefix_type_t teredo_begin; - memcpy(&teredo_begin, teredo, sizeof(hip_closest_prefix_type_t)); - teredo_begin = ntohl(teredo_begin); - teredo_begin &= HIP_TEREDO_TYPE_MASK_INV; - return (teredo_begin == HIP_TEREDO_PREFIX); -} - -int ipv6_addr_is_null(struct in6_addr *ip){ - return ((ip->s6_addr32[0] | ip->s6_addr32[1] | - ip->s6_addr32[2] | ip->s6_addr32[3] ) == 0); -} - -int hit_is_real_hit(const struct in6_addr *hit) { - return ipv6_addr_is_hit(hit) && (hit->s6_addr32[3] != 0); -} - -int hit_is_opportunistic_hit(const struct in6_addr *hit){ - return ipv6_addr_is_hit(hit) && (hit->s6_addr32[3] == 0); -} - -int hit_is_opportunistic_hashed_hit(const struct in6_addr *hit){ - return hit_is_opportunistic_hit(hit); -} - -int hit_is_opportunistic_null(const struct in6_addr *hit){ - // return hit_is_opportunistic_hit(hit); - return ((hit->s6_addr32[0] | hit->s6_addr32[1] | - hit->s6_addr32[2] | (hit->s6_addr32[3])) == 0); + hip_closest_prefix_type_t teredo_begin; + memcpy(&teredo_begin, teredo, sizeof(hip_closest_prefix_type_t)); + teredo_begin = ntohl(teredo_begin); + teredo_begin &= HIP_TEREDO_TYPE_MASK_INV; + return teredo_begin == HIP_TEREDO_PREFIX; +} + +int ipv6_addr_is_null(struct in6_addr *ip) +{ + return (ip->s6_addr32[0] | ip->s6_addr32[1] | + ip->s6_addr32[2] | ip->s6_addr32[3]) == 0; +} + +int hit_is_real_hit(const struct in6_addr *hit) +{ + return ipv6_addr_is_hit(hit) && (hit->s6_addr32[3] != 0); +} + +int hit_is_opportunistic_hit(const struct in6_addr *hit) +{ + return ipv6_addr_is_hit(hit) && (hit->s6_addr32[3] == 0); +} + +int hit_is_opportunistic_hashed_hit(const struct in6_addr *hit) +{ + return hit_is_opportunistic_hit(hit); +} + +int hit_is_opportunistic_null(const struct in6_addr *hit) +{ + // return hit_is_opportunistic_hit(hit); + return (hit->s6_addr32[0] | hit->s6_addr32[1] | + hit->s6_addr32[2] | (hit->s6_addr32[3])) == 0; } void set_hit_prefix(struct in6_addr *hit) { - hip_closest_prefix_type_t hit_begin; - memcpy(&hit_begin, hit, sizeof(hip_closest_prefix_type_t)); - hit_begin &= htonl(HIP_HIT_TYPE_MASK_CLEAR); - hit_begin |= htonl(HIP_HIT_PREFIX); - memcpy(hit, &hit_begin, sizeof(hip_closest_prefix_type_t)); + hip_closest_prefix_type_t hit_begin; + memcpy(&hit_begin, hit, sizeof(hip_closest_prefix_type_t)); + hit_begin &= htonl(HIP_HIT_TYPE_MASK_CLEAR); + hit_begin |= htonl(HIP_HIT_PREFIX); + memcpy(hit, &hit_begin, sizeof(hip_closest_prefix_type_t)); } + inline void set_lsi_prefix(hip_lsi_t *lsi) { - hip_closest_prefix_type_t lsi_begin; - memcpy(&lsi_begin, lsi, sizeof(hip_closest_prefix_type_t)); - lsi_begin &= htonl(HIP_LSI_TYPE_MASK_CLEAR); - lsi_begin |= htonl(HIP_LSI_PREFIX); - memcpy(lsi, &lsi_begin, sizeof(hip_closest_prefix_type_t)); + hip_closest_prefix_type_t lsi_begin; + memcpy(&lsi_begin, lsi, sizeof(hip_closest_prefix_type_t)); + lsi_begin &= htonl(HIP_LSI_TYPE_MASK_CLEAR); + lsi_begin |= htonl(HIP_LSI_PREFIX); + memcpy(lsi, &lsi_begin, sizeof(hip_closest_prefix_type_t)); } === modified file 'lib/core/utils.c.doxyme' --- lib/core/utils.c.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/utils.c.doxyme 2010-02-10 23:55:24 +0000 @@ -14,20 +14,20 @@ - /// Single line comment for dOxygen. +/// Single line comment for dOxygen. /** * my_great_function * * Write description of function here. * The function should follow these comments. - * + * * Document the use of each function variable and indicate if this * argument is used to return information to the calling context. Use - * [out] for outut parameters (This is very important). Align the + * [out] for outut parameters (This is very important). Align the * descriptions to improve readability. * - * @note: put important usage informations to notes. + * @note: put important usage informations to notes. * * @param firstArg Description of first function argument. * @param[out] secondArg Description of second function argument. @@ -35,7 +35,8 @@ * @return Description of returned value. **/ -int my_great_function(int firstArg, char** secondArg, int thirdArg){ +int my_great_function(int firstArg, char **secondArg, int thirdArg) +{ ..... /// Now it's your turn. @@ -44,82 +45,81 @@ /** - * hit_is_opportunistic_hashed_hit - * - * - * @param hit - * @return - **/ - - -/** - * hit_is_opportunistic_hit - * - * - * @param hit - * @return - **/ - - -/** - * hit_is_opportunistic_null - * - * - * @param hit - * @return - **/ - - -/** - * hit_is_real_hit - * - * - * @param hit - * @return - **/ - - -/** - * ipv6_addr_is_hit - * - * - * @param hit - * @return - **/ - - -/** - * ipv6_addr_is_null + * hit_is_opportunistic_hashed_hit + * + * + * @param hit + * @return + **/ + + +/** + * hit_is_opportunistic_hit + * + * + * @param hit + * @return + **/ + + +/** + * hit_is_opportunistic_null + * + * + * @param hit + * @return + **/ + + +/** + * hit_is_real_hit + * + * + * @param hit + * @return + **/ + + +/** + * ipv6_addr_is_hit + * + * + * @param hit + * @return + **/ + + +/** + * ipv6_addr_is_null * * * @param libopphip - * @return + * @return **/ /** - * ipv6_addr_is_teredo + * ipv6_addr_is_teredo * * * @param teredo - * @return + * @return **/ /** - * set_hit_prefix + * set_hit_prefix * * * @param hit - * @return + * @return **/ /** - * set_lsi_prefix + * set_lsi_prefix * * * @param lsi - * @return + * @return **/ - === modified file 'lib/core/utils.h' --- lib/core/utils.h 2010-02-08 15:18:06 +0000 +++ lib/core/utils.h 2010-02-10 23:55:24 +0000 @@ -26,13 +26,13 @@ #define HIP_TMP_FNAME_TEMPLATE "/tmp/hip_XXXXXX" struct hosts_file_line { - char *hostname, *alias, *alias2; - struct in6_addr id; - int lineno; + char * hostname, *alias, *alias2; + struct in6_addr id; + int lineno; }; -typedef uint32_t hip_closest_prefix_type_t; +typedef uint32_t hip_closest_prefix_type_t; int ipv6_addr_is_hit(const struct in6_addr *hit); int ipv6_addr_is_teredo(const struct in6_addr *teredo); @@ -47,20 +47,20 @@ /* IN6_IS_ADDR_V4MAPPED(a) is defined in /usr/include/netinet/in.h */ #define IPV4_TO_IPV6_MAP(in_addr_from, in6_addr_to) \ - {(in6_addr_to)->s6_addr32[0] = 0; \ - (in6_addr_to)->s6_addr32[1] = 0; \ - (in6_addr_to)->s6_addr32[2] = htonl(0xffff); \ - (in6_addr_to)->s6_addr32[3] = (uint32_t) ((in_addr_from)->s_addr);} + {(in6_addr_to)->s6_addr32[0] = 0; \ + (in6_addr_to)->s6_addr32[1] = 0; \ + (in6_addr_to)->s6_addr32[2] = htonl(0xffff); \ + (in6_addr_to)->s6_addr32[3] = (uint32_t) ((in_addr_from)->s_addr); } -#define IPV6_TO_IPV4_MAP(in6_addr_from,in_addr_to) \ - { ((in_addr_to)->s_addr) = \ +#define IPV6_TO_IPV4_MAP(in6_addr_from, in_addr_to) \ + { ((in_addr_to)->s_addr) = \ ((in6_addr_from)->s6_addr32[3]); } -#define IPV6_EQ_IPV4(in6_addr_a,in_addr_b) \ - ( IN6_IS_ADDR_V4MAPPED(in6_addr_a) && \ - ((in6_addr_a)->s6_addr32[3] == (in_addr_b)->s_addr)) - -/** +#define IPV6_EQ_IPV4(in6_addr_a, in_addr_b) \ + (IN6_IS_ADDR_V4MAPPED(in6_addr_a) && \ + ((in6_addr_a)->s6_addr32[3] == (in_addr_b)->s_addr)) + +/** * Checks if a uint32_t represents a Local Scope Identifier (LSI). * * @param the uint32_t to test @@ -72,11 +72,11 @@ */ #define IS_LSI32(a) ((a & 0x000000FF) == 0x00000001) -#define IS_LSI(a) ( (((struct sockaddr*)a)->sa_family == AF_INET) ? \ - (IS_LSI32(((struct sockaddr_in*)a)->sin_addr.s_addr)) : \ - (ipv6_addr_is_hit( &((struct sockaddr_in6*)a)->sin6_addr) ) ) +#define IS_LSI(a) ((((struct sockaddr *) a)->sa_family == AF_INET) ? \ + (IS_LSI32(((struct sockaddr_in *) a)->sin_addr.s_addr)) : \ + (ipv6_addr_is_hit( &((struct sockaddr_in6 *) a)->sin6_addr))) -/** +/** * A macro to test if a uint32_t represents an IPv4 loopback address. * * @param a the uint32_t to test @@ -89,18 +89,17 @@ #define IS_IPV4_LOOPBACK(a) ((a & 0x000000FF) == 0x0000007F) #ifndef MIN -# define MIN(a,b) ((a)<(b)?(a):(b)) +# define MIN(a, b) ((a) < (b) ? (a) : (b)) #endif #ifndef MAX -# define MAX(a,b) ((a)>(b)?(a):(b)) +# define MAX(a, b) ((a) > (b) ? (a) : (b)) #endif #ifdef CONFIG_HIP_OPENWRT -# define HIP_CREATE_FILE(x) check_and_create_file(x, 0644) +# define HIP_CREATE_FILE(x) check_and_create_file(x, 0644) #else -# define HIP_CREATE_FILE(x) open((x), O_RDWR | O_CREAT, 0644) +# define HIP_CREATE_FILE(x) open((x), O_RDWR | O_CREAT, 0644) #endif #endif /* _HIP_UTILS */ - === modified file 'lib/core/utils.h.doxyme' --- lib/core/utils.h.doxyme 2010-01-19 09:28:42 +0000 +++ lib/core/utils.h.doxyme 2010-02-10 23:55:24 +0000 @@ -1,8 +1,8 @@ /** * @file ./libhipcore/utils.h - * + * * <LICENSE TEMLPATE LINE - LEAVE THIS LINE INTACT> - * + * * Write description of header file here for dOxygen. Be as precise as possible. * Please also note how and by which parts of the code this file should be used. *