[hipl-commit] [trunk] Rev 3592: uncrustified lib/tool

  • From: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
  • To: hipl-commit@xxxxxxxxxxxxx
  • Date: Thu, 11 Feb 2010 02:01:19 +0200

Committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
Date: Thu Feb 11 01:01:07 2010 +0100
Revision: 3592
Revision-id: rene.hummen@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: trunk

Log:
  uncrustified lib/tool

Modified:
  M  lib/tool/crypto.c
  M  lib/tool/crypto.c.doxyme
  M  lib/tool/crypto.h
  M  lib/tool/lutil.c
  M  lib/tool/lutil.c.doxyme
  M  lib/tool/lutil.h
  M  lib/tool/nlink.c
  M  lib/tool/nlink.c.doxyme
  M  lib/tool/nlink.h
  M  lib/tool/pk.c
  M  lib/tool/pk.c.doxyme
  M  lib/tool/xfrmapi.c
  M  lib/tool/xfrmapi.c.doxyme
  M  lib/tool/xfrmapi.h

=== modified file 'lib/tool/crypto.c'
--- lib/tool/crypto.c   2010-02-08 15:18:06 +0000
+++ lib/tool/crypto.c   2010-02-11 00:01:07 +0000
@@ -8,7 +8,7 @@
  * - Mika Kousa <mkousa@xxxxxx>
  * - Miika Komu <miika@xxxxxx>
  * - Teemu Koponen <tkoponen@xxxxxx>
- * - Abhinav Pathak <abpathak@xxxxxxxxxx>  
+ * - Abhinav Pathak <abpathak@xxxxxxxxxx>
  *
  * Licence: GNU/GPL
  *
@@ -46,264 +46,265 @@
 
 /* 384-bit Group */
 unsigned char dhprime_384[] = {
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0xB2,0x02,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0xB2, 0x02, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 };
 
 /* RFC 2412 Oakley Group 1 768-bit, 96 bytes */
-unsigned char dhprime_oakley_1[] = { 
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-       0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-       0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-       0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-       0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+unsigned char dhprime_oakley_1[] = {
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+    0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+    0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 };
-                                    
+
 /* RFC 3526 MODP 1536-bit = RFC 2412 Oakley Group 5 */
 unsigned char dhprime_modp_1536[] = {
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-       0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-       0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-       0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-       0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-       0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-       0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-       0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-       0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-       0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-       0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-       0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-       0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+    0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+    0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+    0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
+    0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+    0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+    0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 };
 
 /* RFC 3526 MODP 3072-bit, 384 bytes */
 unsigned char dhprime_modp_3072[] = {
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-       0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-       0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-       0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-       0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-       0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-       0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-       0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-       0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-       0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-       0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-       0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-       0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-       0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-       0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-       0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-       0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-       0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
-       0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
-       0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
-       0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
-       0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
-       0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
-       0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
-       0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
-       0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
-       0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
-       0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
-       0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+    0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+    0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+    0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
+    0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+    0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+    0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
+    0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
+    0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+    0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
+    0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
+    0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
+    0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
+    0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
+    0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 };
 
 /* RFC 3526 MODP 6144-bit, 768 bytes */
 unsigned char dhprime_modp_6144[] = {
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-       0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-       0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-       0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-       0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-       0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-       0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-       0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-       0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-       0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-       0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-       0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-       0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-       0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-       0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-       0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-       0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-       0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
-       0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
-       0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
-       0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
-       0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
-       0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
-       0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
-       0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
-       0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
-       0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
-       0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
-       0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
-       0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
-       0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
-       0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
-       0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
-       0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
-       0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
-       0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
-       0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
-       0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
-       0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
-       0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
-       0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
-       0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
-       0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
-       0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
-       0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
-       0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
-       0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
-       0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
-       0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
-       0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
-       0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
-       0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
-       0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
-       0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
-       0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
-       0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
-       0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
-       0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
-       0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
-       0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
-       0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+    0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+    0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+    0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
+    0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+    0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+    0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
+    0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
+    0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+    0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
+    0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
+    0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
+    0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
+    0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
+    0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+    0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
+    0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+    0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+    0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+    0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
+    0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+    0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
+    0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+    0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
+    0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+    0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
+    0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
+    0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
+    0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
+    0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
+    0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
+    0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+    0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
+    0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
+    0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
+    0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
+    0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
+    0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
+    0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+    0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
+    0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
+    0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
+    0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
+    0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
+    0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
+    0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+    0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 };
 
 /* RFC 3526 MODP 8192-bit, 1024 bytes */
 unsigned char dhprime_modp_8192[] = {
-       0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-       0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-       0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-       0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-       0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-       0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-       0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-       0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-       0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-       0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-       0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-       0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-       0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-       0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-       0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-       0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-       0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-       0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-       0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-       0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-       0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
-       0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
-       0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
-       0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
-       0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
-       0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
-       0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
-       0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
-       0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
-       0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
-       0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
-       0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
-       0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
-       0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
-       0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
-       0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
-       0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
-       0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
-       0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
-       0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
-       0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
-       0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
-       0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
-       0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
-       0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
-       0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
-       0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
-       0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
-       0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
-       0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
-       0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
-       0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
-       0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
-       0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
-       0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
-       0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
-       0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
-       0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
-       0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
-       0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
-       0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
-       0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
-       0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
-       0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
-       0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
-       0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
-       0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
-       0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
-       0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
-       0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
-       0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
-       0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
-       0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
-       0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
-       0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
-       0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
-       0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
-       0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
-       0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
-       0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
-       0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
-       0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
-       0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
-       0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
-       0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
-       0xFF,0xFF,0xFF,0xFF
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
+    0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+    0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
+    0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+    0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+    0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
+    0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
+    0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+    0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
+    0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
+    0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+    0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
+    0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
+    0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
+    0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
+    0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
+    0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+    0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
+    0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+    0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+    0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+    0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
+    0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+    0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
+    0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+    0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
+    0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+    0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
+    0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
+    0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
+    0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
+    0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
+    0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
+    0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+    0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
+    0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
+    0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
+    0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
+    0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
+    0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
+    0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+    0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
+    0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
+    0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
+    0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
+    0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
+    0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
+    0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+    0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
+    0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, 0xBE, 0xC4, 0xD0,
+    0x73, 0xB9, 0x31, 0xBA, 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
+    0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93,
+    0x6B, 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
+    0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, 0x16, 0xCB,
+    0xE3, 0x9D, 0x65, 0x2D, 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
+    0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 0x13, 0xEB, 0x57, 0xA8,
+    0x1A, 0x23, 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
+    0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, 0x7F,
+    0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
+    0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 0x6D, 0x2A, 0x13, 0xF8,
+    0x3F, 0x44, 0xF8, 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
+    0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
+    0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
+    0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, 0xF3, 0x6B, 0xC3,
+    0x1E, 0xCF, 0xA2, 0x68, 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
+    0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E,
+    0xD5, 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
+    0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, 0x50, 0xE2,
+    0x76, 0x56, 0x94, 0xDF, 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
+    0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0xFF, 0xFF, 0xFF
 };
 
 /* load DH arrays for easy access */
 const unsigned char *dhprime[HIP_MAX_DH_GROUP_ID] = {
-        0,
-        dhprime_384,
-        dhprime_oakley_1,
-        dhprime_modp_1536,
-        dhprime_modp_3072,
-        dhprime_modp_6144,
-        dhprime_modp_8192,
+    0,
+    dhprime_384,
+    dhprime_oakley_1,
+    dhprime_modp_1536,
+    dhprime_modp_3072,
+    dhprime_modp_6144,
+    dhprime_modp_8192,
 };
 
 int dhprime_len[HIP_MAX_DH_GROUP_ID] = {
-        -1,
-        sizeof(dhprime_384),
-        sizeof(dhprime_oakley_1),
-        sizeof(dhprime_modp_1536),
-        sizeof(dhprime_modp_3072),
-        sizeof(dhprime_modp_6144),
-        sizeof(dhprime_modp_8192),
+    -1,
+    sizeof(dhprime_384),
+    sizeof(dhprime_oakley_1),
+    sizeof(dhprime_modp_1536),
+    sizeof(dhprime_modp_3072),
+    sizeof(dhprime_modp_6144),
+    sizeof(dhprime_modp_8192),
 };
 
-unsigned char dhgen[HIP_MAX_DH_GROUP_ID] = {0,0x02,0x02,0x02,0x02,0x02,0x02};
+unsigned char dhgen[HIP_MAX_DH_GROUP_ID] = {0, 0x02, 0x02, 0x02,
+                                            0x02, 0x02, 0x02};
 
 /**
  * Calculates a hmac.
- * 
+ *
  * @param type   type (digest algorithm) of hmac.
  * @param key    a pointer to the key used for hmac.
  * @param in     a pointer to the input buffer.
@@ -315,32 +316,32 @@
  */
 int hip_write_hmac(int type, const void *key, void *in, int in_len, void *out)
 {
-       switch(type) {
-        case HIP_DIGEST_SHA1_HMAC:
-                HMAC(EVP_sha1(), 
-                     key,
-                    hip_hmac_key_length(HIP_ESP_AES_SHA1),
-                    in, in_len,
-                    out, NULL);
-                break;
-               
-        case HIP_DIGEST_MD5_HMAC:
-                HMAC(EVP_md5(), 
-                    key,
-                    hip_hmac_key_length(HIP_ESP_3DES_MD5),
-                    in, in_len,
-                    out, NULL);
-                break;
-        default:
-                HIP_ERROR("Unknown HMAC type 0x%x\n", type);
-                return 1;
-        }
-
-       HIP_HEXDUMP("HMAC key:", key, hip_hmac_key_length(HIP_ESP_AES_SHA1));
-       HIP_HEXDUMP("HMAC in:", in, in_len);
-       HIP_HEXDUMP("HMAC out:", out, HIP_AH_SHA_LEN);
-
-       return 0;
+    switch (type) {
+    case HIP_DIGEST_SHA1_HMAC:
+        HMAC(EVP_sha1(),
+             key,
+             hip_hmac_key_length(HIP_ESP_AES_SHA1),
+             in, in_len,
+             out, NULL);
+        break;
+
+    case HIP_DIGEST_MD5_HMAC:
+        HMAC(EVP_md5(),
+             key,
+             hip_hmac_key_length(HIP_ESP_3DES_MD5),
+             in, in_len,
+             out, NULL);
+        break;
+    default:
+        HIP_ERROR("Unknown HMAC type 0x%x\n", type);
+        return 1;
+    }
+
+    HIP_HEXDUMP("HMAC key:", key, hip_hmac_key_length(HIP_ESP_AES_SHA1));
+    HIP_HEXDUMP("HMAC in:", in, in_len);
+    HIP_HEXDUMP("HMAC out:", out, HIP_AH_SHA_LEN);
+
+    return 0;
 }
 
 /**
@@ -362,79 +363,79 @@
  *                  otherwise.
  */
 int hip_crypto_encrypted(void *data, const void *iv_orig, int alg, int len,
-                        void* key, int direction)
+                         void *key, int direction)
 {
-        void *result = NULL;
-       int err = -1;
-       AES_KEY aes_key;
-       des_key_schedule ks1, ks2, ks3;
-       u8 secret_key1[8], secret_key2[8], secret_key3[8];
-       u8 iv[20]; /* OpenSSL modifies the IV it is passed during the 
encryption/decryption */
-        HIP_IFEL(!(result = malloc(len)), -1, "Out of memory\n");
-       _HIP_HEXDUMP("hip_crypto_encrypted encrypt data", data, len);
-        
-       _HIP_DEBUG("algo: %d\n", alg);
-
-       switch(alg) {
-        case HIP_HIP_AES_SHA1:
-               /* AES key must be 128, 192, or 256 bits in length */
-               memcpy(iv, iv_orig, 16);
-               if (direction == HIP_DIRECTION_ENCRYPT) {
-                       _HIP_DEBUG("d3\n");
-                       HIP_IFEL((err = AES_set_encrypt_key(key, 8 * 
hip_transform_key_length(alg), &aes_key)) != 0, err, 
-                                "Unable to use calculated DH secret for AES 
key (%d)\n", err);
-                       _HIP_HEXDUMP("AES key for OpenSSL: ", &aes_key, 
sizeof(unsigned long) * 4 * (AES_MAXNR + 1));
-                       _HIP_HEXDUMP("AES IV: ", iv, 16);
-                       AES_cbc_encrypt(data, result, len, &aes_key, (unsigned 
char *)iv, AES_ENCRYPT);
-               } else {
-                       HIP_IFEL((err = AES_set_decrypt_key(key, 8 * 
hip_transform_key_length(alg), &aes_key)) != 0, err, 
-                                "Unable to use calculated DH secret for AES 
key (%d)\n", err);
-                       _HIP_HEXDUMP("AES key for OpenSSL: ", &aes_key, 
sizeof(unsigned long) * 4 * (AES_MAXNR + 1));
-                       _HIP_HEXDUMP("AES IV: ", iv, 16);
-                       AES_cbc_encrypt(data, result, len, &aes_key, (unsigned 
char *)iv, AES_DECRYPT);
-               }
-               memcpy(data, result, len);
-                break;
-
-        case HIP_HIP_3DES_SHA1:
-               memcpy(iv, iv_orig, 8);
-               memcpy(&secret_key1, key, hip_transform_key_length(alg) / 3);
-                memcpy(&secret_key2, key+8, hip_transform_key_length(alg) / 3);
-                memcpy(&secret_key3, key+16, hip_transform_key_length(alg) / 
3);
-
-               des_set_odd_parity((des_cblock *)&secret_key1);
-                des_set_odd_parity((des_cblock *)&secret_key2);
-                des_set_odd_parity((des_cblock *)&secret_key3);
-
-               HIP_IFEL( ((err = des_set_key_checked((
-                       (des_cblock *)&secret_key1), ks1)) != 0) ||
-                         ((err = des_set_key_checked((
-                                 (des_cblock *)&secret_key2), ks2)) != 0) ||
-                         ((err = des_set_key_checked((
-                                 (des_cblock *)&secret_key3), ks3)) != 0), 
err, 
-                         "Unable to use calculated DH secret for 3DES key 
(%d)\n", err);
-                des_ede3_cbc_encrypt(data, result, len,
-                                    ks1, ks2, ks3, (des_cblock*)iv, 
-                                    direction == HIP_DIRECTION_ENCRYPT ? 
DES_ENCRYPT : DES_DECRYPT);
-               memcpy(data, result, len);
-                break;
-
-        case HIP_HIP_NULL_SHA1:
-               HIP_DEBUG("Null encryption used.\n");
-                break;
-
-        default:
-                HIP_IFEL(1, -EINVAL, "Attempted to use unknown CI (alg = 
%d)\n", alg);
+    void *result = NULL;
+    int err      = -1;
+    AES_KEY aes_key;
+    des_key_schedule ks1, ks2, ks3;
+    u8 secret_key1[8], secret_key2[8], secret_key3[8];
+    /* OpenSSL modifies the IV it is passed during the encryption/decryption */
+    u8 iv[20];
+    HIP_IFEL(!(result = malloc(len)), -1, "Out of memory\n");
+    _HIP_HEXDUMP("hip_crypto_encrypted encrypt data", data, len);
+
+    _HIP_DEBUG("algo: %d\n", alg);
+
+    switch (alg) {
+    case HIP_HIP_AES_SHA1:
+        /* AES key must be 128, 192, or 256 bits in length */
+        memcpy(iv, iv_orig, 16);
+        if (direction == HIP_DIRECTION_ENCRYPT) {
+            _HIP_DEBUG("d3\n");
+            HIP_IFEL((err = AES_set_encrypt_key(key, 8 * 
hip_transform_key_length(alg), &aes_key)) != 0, err,
+                     "Unable to use calculated DH secret for AES key (%d)\n", 
err);
+            _HIP_HEXDUMP("AES key for OpenSSL: ", &aes_key, sizeof(unsigned 
long) * 4 * (AES_MAXNR + 1));
+            _HIP_HEXDUMP("AES IV: ", iv, 16);
+            AES_cbc_encrypt(data, result, len, &aes_key, (unsigned char *) iv, 
AES_ENCRYPT);
+        } else {
+            HIP_IFEL((err = AES_set_decrypt_key(key, 8 * 
hip_transform_key_length(alg), &aes_key)) != 0, err,
+                     "Unable to use calculated DH secret for AES key (%d)\n", 
err);
+            _HIP_HEXDUMP("AES key for OpenSSL: ", &aes_key, sizeof(unsigned 
long) * 4 * (AES_MAXNR + 1));
+            _HIP_HEXDUMP("AES IV: ", iv, 16);
+            AES_cbc_encrypt(data, result, len, &aes_key, (unsigned char *) iv, 
AES_DECRYPT);
         }
-       
-       _HIP_HEXDUMP("hip_crypto_encrypted decrypt data: ", result, len);       
-       err = 0;
-
- out_err:
-        if (result)
-                free(result);
-
-        return err;
+        memcpy(data, result, len);
+        break;
+
+    case HIP_HIP_3DES_SHA1:
+        memcpy(iv, iv_orig, 8);
+        memcpy(&secret_key1, key, hip_transform_key_length(alg) / 3);
+        memcpy(&secret_key2, key + 8, hip_transform_key_length(alg) / 3);
+        memcpy(&secret_key3, key + 16, hip_transform_key_length(alg) / 3);
+
+        des_set_odd_parity((des_cblock *) &secret_key1);
+        des_set_odd_parity((des_cblock *) &secret_key2);
+        des_set_odd_parity((des_cblock *) &secret_key3);
+
+        HIP_IFEL(((err = des_set_key_checked(((des_cblock *) &secret_key1), 
ks1)) != 0)
+                 || ((err = des_set_key_checked(((des_cblock *) &secret_key2), 
ks2)) != 0)
+                 || ((err = des_set_key_checked(((des_cblock *) &secret_key3), 
ks3)) != 0),
+                 err,
+                 "Unable to use calculated DH secret for 3DES key (%d)\n", 
err);
+        des_ede3_cbc_encrypt(data, result, len,
+                             ks1, ks2, ks3, (des_cblock *) iv,
+                             direction == HIP_DIRECTION_ENCRYPT ? DES_ENCRYPT 
: DES_DECRYPT);
+        memcpy(data, result, len);
+        break;
+
+    case HIP_HIP_NULL_SHA1:
+        HIP_DEBUG("Null encryption used.\n");
+        break;
+
+    default:
+        HIP_IFEL(1, -EINVAL, "Attempted to use unknown CI (alg = %d)\n", alg);
+    }
+
+    _HIP_HEXDUMP("hip_crypto_encrypted decrypt data: ", result, len);
+    err = 0;
+
+out_err:
+    if (result) {
+        free(result);
+    }
+
+    return err;
 }
 
 /*
@@ -446,13 +447,14 @@
  */
 int bn2bin_safe(const BIGNUM *a, unsigned char *to, int len)
 {
-        int padlen = len - BN_num_bytes(a);
-        /* add leading zeroes when needed */
-        if (padlen > 0)
-                memset(to, 0, padlen);
-        BN_bn2bin(a, &to[padlen]);
-        /* return value from BN_bn2bin() may differ from length */
-        return len;
+    int padlen = len - BN_num_bytes(a);
+    /* add leading zeroes when needed */
+    if (padlen > 0) {
+        memset(to, 0, padlen);
+    }
+    BN_bn2bin(a, &to[padlen]);
+    /* return value from BN_bn2bin() may differ from length */
+    return len;
 }
 
 /*
@@ -460,38 +462,40 @@
  */
 int impl_dsa_sign(u8 *digest, DSA *dsa, u8 *signature)
 {
-       DSA_SIG *dsa_sig = NULL;
-       int err = 0, t;
-
-       t = (BN_num_bytes(dsa->p) - 64) / 8;
-       HIP_IFEL((t > 8 || t < 0), 1, "Illegal DSA key\n");
-
-       memset(signature, 0, HIP_DSA_SIGNATURE_LEN);
-       signature[0] = t;
-
-       /* calculate the DSA signature of the message hash */   
-#ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Start PERF_DSA_SIGN_IMPL\n");
-       hip_perf_start_benchmark(perf_set, PERF_DSA_SIGN_IMPL);
-#endif
-       dsa_sig = DSA_do_sign(digest, SHA_DIGEST_LENGTH, dsa);
-#ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Stop PERF_DSA_SIGN_IMPL\n");
-       hip_perf_stop_benchmark(perf_set, PERF_DSA_SIGN_IMPL);
-#endif
-       HIP_IFEL(!dsa_sig, 1, "DSA_do_sign failed\n");
-
-       /* build signature from DSA_SIG struct */
-       bn2bin_safe(dsa_sig->r, &signature[1], DSA_PRIV);
-       bn2bin_safe(dsa_sig->s, &signature[1 + DSA_PRIV], DSA_PRIV);
-
- out_err:
-       if (dsa)
-               DSA_free(dsa);
-       if (dsa_sig)
-               DSA_SIG_free(dsa_sig);
-
-       return err;
+    DSA_SIG *dsa_sig = NULL;
+    int err          = 0, t;
+
+    t            = (BN_num_bytes(dsa->p) - 64) / 8;
+    HIP_IFEL((t > 8 || t < 0), 1, "Illegal DSA key\n");
+
+    memset(signature, 0, HIP_DSA_SIGNATURE_LEN);
+    signature[0] = t;
+
+    /* calculate the DSA signature of the message hash */
+#ifdef CONFIG_HIP_PERFORMANCE
+    HIP_DEBUG("Start PERF_DSA_SIGN_IMPL\n");
+    hip_perf_start_benchmark(perf_set, PERF_DSA_SIGN_IMPL);
+#endif
+    dsa_sig = DSA_do_sign(digest, SHA_DIGEST_LENGTH, dsa);
+#ifdef CONFIG_HIP_PERFORMANCE
+    HIP_DEBUG("Stop PERF_DSA_SIGN_IMPL\n");
+    hip_perf_stop_benchmark(perf_set, PERF_DSA_SIGN_IMPL);
+#endif
+    HIP_IFEL(!dsa_sig, 1, "DSA_do_sign failed\n");
+
+    /* build signature from DSA_SIG struct */
+    bn2bin_safe(dsa_sig->r, &signature[1], DSA_PRIV);
+    bn2bin_safe(dsa_sig->s, &signature[1 + DSA_PRIV], DSA_PRIV);
+
+out_err:
+    if (dsa) {
+        DSA_free(dsa);
+    }
+    if (dsa_sig) {
+        DSA_SIG_free(dsa_sig);
+    }
+
+    return err;
 }
 
 /*
@@ -500,97 +504,104 @@
  */
 int impl_dsa_verify(u8 *digest, DSA *dsa, u8 *signature)
 {
-       DSA_SIG *dsa_sig;
-       int err = 0;
-
-       /* build the signature structure */
-       dsa_sig = DSA_SIG_new();
-       HIP_IFEL(!dsa_sig, 1, "Failed to allocate DSA_SIG\n");
-       dsa_sig->r = BN_bin2bn(&signature[1], DSA_PRIV, NULL);
-       dsa_sig->s = BN_bin2bn(&signature[1 + DSA_PRIV], DSA_PRIV, NULL);
-
-       /* verify the DSA signature */
-#ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Start PERF_DSA_VERIFY_IMPL\n");
-       hip_perf_start_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
-#endif
-       err = DSA_do_verify(digest, SHA_DIGEST_LENGTH, dsa_sig, dsa) == 1 ? 0 : 
1;
-#ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Stop PERF_DSA_VERIFY_IMPL\n");
-       hip_perf_stop_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
-#endif
-
-  out_err:
-       if (dsa_sig)
-           DSA_SIG_free(dsa_sig);
-       return err;
+    DSA_SIG *dsa_sig;
+    int err = 0;
+
+    /* build the signature structure */
+    dsa_sig    = DSA_SIG_new();
+    HIP_IFEL(!dsa_sig, 1, "Failed to allocate DSA_SIG\n");
+    dsa_sig->r = BN_bin2bn(&signature[1], DSA_PRIV, NULL);
+    dsa_sig->s = BN_bin2bn(&signature[1 + DSA_PRIV], DSA_PRIV, NULL);
+
+    /* verify the DSA signature */
+#ifdef CONFIG_HIP_PERFORMANCE
+    HIP_DEBUG("Start PERF_DSA_VERIFY_IMPL\n");
+    hip_perf_start_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
+#endif
+    err = DSA_do_verify(digest, SHA_DIGEST_LENGTH, dsa_sig, dsa) == 1 ? 0 : 1;
+#ifdef CONFIG_HIP_PERFORMANCE
+    HIP_DEBUG("Stop PERF_DSA_VERIFY_IMPL\n");
+    hip_perf_stop_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
+#endif
+
+out_err:
+    if (dsa_sig) {
+        DSA_SIG_free(dsa_sig);
+    }
+    return err;
 }
 
-int hip_gen_dh_shared_key(DH *dh, u8 *peer_key, size_t peer_len, u8 
*dh_shared_key,
-                         size_t outlen)
+int hip_gen_dh_shared_key(DH *dh,
+                          u8 *peer_key,
+                          size_t peer_len,
+                          u8 *dh_shared_key,
+                          size_t outlen)
 {
-       BIGNUM *peer_pub_key = NULL;
-       size_t len;
-       int err;
-
-       HIP_IFEL(!dh, -EINVAL, "No DH context\n");
-       HIP_IFEL(!(peer_pub_key = BN_bin2bn(peer_key, peer_len, NULL)), 
-EINVAL, "Unable to read peer_key\n");
-       HIP_IFEL((len = DH_size(dh)) > outlen, -EINVAL, "Output buffer too 
small. %d bytes required\n", len);
-       err = DH_compute_key(dh_shared_key, peer_pub_key, dh);
-
- out_err:
-       if (peer_pub_key)
-               BN_free(peer_pub_key);
-
-       return err;
+    BIGNUM *peer_pub_key = NULL;
+    size_t len;
+    int err;
+
+    HIP_IFEL(!dh, -EINVAL, "No DH context\n");
+    HIP_IFEL(!(peer_pub_key = BN_bin2bn(peer_key, peer_len, NULL)),
+             -EINVAL, "Unable to read peer_key\n");
+    HIP_IFEL((len = DH_size(dh)) > outlen, -EINVAL,
+             "Output buffer too small. %d bytes required\n", len);
+    err = DH_compute_key(dh_shared_key, peer_pub_key, dh);
+
+out_err:
+    if (peer_pub_key) {
+        BN_free(peer_pub_key);
+    }
+
+    return err;
 }
 
 int hip_encode_dh_publickey(DH *dh, u8 *out, int outlen)
-{      
-       int len, err;
-        HIP_IFEL(!dh, -EINVAL, "No Diffie Hellman context for DH tlv.\n");
-        HIP_IFEL(outlen < (len = BN_num_bytes(dh->pub_key)), -EINVAL, 
-                "Output buffer %d too small. %d bytes required\n", outlen, 
len);
-
-        err = bn2bin_safe(dh->pub_key, out, outlen);
-
- out_err:
-       return err;
+{
+    int len, err;
+    HIP_IFEL(!dh, -EINVAL, "No Diffie Hellman context for DH tlv.\n");
+    HIP_IFEL(outlen < (len = BN_num_bytes(dh->pub_key)), -EINVAL,
+             "Output buffer %d too small. %d bytes required\n", outlen, len);
+
+    err = bn2bin_safe(dh->pub_key, out, outlen);
+
+out_err:
+    return err;
 }
 
 DH *hip_generate_dh_key(int group_id)
 {
-        int err;
-       DH *dh;
-        char rnd_seed[20];
-        struct timeval time1;
-        
-        gettimeofday(&time1, NULL);
-        sprintf(rnd_seed, "%x%x", (unsigned int) time1.tv_usec,
-               (unsigned int) time1.tv_sec);
-        RAND_seed(rnd_seed, sizeof(rnd_seed));
-        
-        dh = DH_new();
-        dh->g = BN_new();
-        dh->p = BN_new();
-        /* Put prime corresponding to group_id into dh->p */
-        BN_bin2bn(dhprime[group_id],
-                  dhprime_len[group_id], dh->p);
-        /* Put generator corresponding to group_id into dh->g */
-        BN_set_word(dh->g, dhgen[group_id]);
-        /* By not setting dh->priv_key, allow crypto lib to pick at random */
-        if ((err = DH_generate_key(dh)) != 1) {
-                HIP_ERROR("DH key generation failed (%d).\n", err);
-                exit(1);
-        }
-        return dh;
+    int err;
+    DH *dh;
+    char rnd_seed[20];
+    struct timeval time1;
+
+    gettimeofday(&time1, NULL);
+    sprintf(rnd_seed, "%x%x", (unsigned int) time1.tv_usec,
+            (unsigned int) time1.tv_sec);
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
+
+    dh    = DH_new();
+    dh->g = BN_new();
+    dh->p = BN_new();
+    /* Put prime corresponding to group_id into dh->p */
+    BN_bin2bn(dhprime[group_id],
+              dhprime_len[group_id], dh->p);
+    /* Put generator corresponding to group_id into dh->g */
+    BN_set_word(dh->g, dhgen[group_id]);
+    /* By not setting dh->priv_key, allow crypto lib to pick at random */
+    if ((err = DH_generate_key(dh)) != 1) {
+        HIP_ERROR("DH key generation failed (%d).\n", err);
+        exit(1);
+    }
+    return dh;
 }
 
 void hip_free_dh(DH *dh)
 {
-       if (dh) {
-               DH_free(dh);
-       }
+    if (dh) {
+        DH_free(dh);
+    }
 }
 
 /**
@@ -599,18 +610,20 @@
  *
  * @return 0 on failure, or the size for storing DH shared secret in bytes
  */
-u16 hip_get_dh_size(u8 hip_dh_group_type) {
-       u16 ret = -1;
-
-       _HIP_DEBUG("dh_group_type=%u\n", hip_dh_group_type);
-       if (hip_dh_group_type == 0) 
-               HIP_ERROR("Trying to use reserved DH group type 0\n");
-       else if (hip_dh_group_type > ARRAY_SIZE(dhprime_len))
-               HIP_ERROR("Unknown/unsupported MODP group %d\n", 
hip_dh_group_type);
-       else
-               ret = dhprime_len[hip_dh_group_type];
-
-       return ret;
+u16 hip_get_dh_size(u8 hip_dh_group_type)
+{
+    u16 ret = -1;
+
+    _HIP_DEBUG("dh_group_type=%u\n", hip_dh_group_type);
+    if (hip_dh_group_type == 0) {
+        HIP_ERROR("Trying to use reserved DH group type 0\n");
+    } else if (hip_dh_group_type > ARRAY_SIZE(dhprime_len)) {
+        HIP_ERROR("Unknown/unsupported MODP group %d\n", hip_dh_group_type);
+    } else {
+        ret = dhprime_len[hip_dh_group_type];
+    }
+
+    return ret;
 }
 
 /**
@@ -622,37 +635,39 @@
  * @return the created DSA structure, otherwise NULL.
  *
  */
-DSA *create_dsa_key(int bits) {
-  DSA *dsa = NULL;
+DSA *create_dsa_key(int bits)
+{
+    DSA *dsa = NULL;
 
 /*  if (bits < 1 || bits > HIP_MAX_DSA_KEY_LEN) {
-    HIP_ERROR("create_dsa_key failed (illegal bits value %d)\n", bits);
-    goto err_out;
-  } Checked before calling function */
-
-  dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
-  if (!dsa) {
-    HIP_ERROR("create_dsa_key failed (DSA_generate_parameters): %s\n",
-            ERR_error_string(ERR_get_error(), NULL));
-    goto err_out;
-  }
-
-  /* generate private and public keys */
-  if (!DSA_generate_key(dsa)) {
-    HIP_ERROR("create_dsa_key failed (DSA_generate_key): %s\n",
-            ERR_error_string(ERR_get_error(), NULL));
-    goto err_out;
-  }
-
-  HIP_DEBUG("*****************Creating DSA of %d bits\n\n\n", bits);
-  return dsa;
-
- err_out:
-
-  if (dsa)
-    DSA_free(dsa);
-
-  return NULL;
+ *  HIP_ERROR("create_dsa_key failed (illegal bits value %d)\n", bits);
+ *  goto err_out;
+ * } Checked before calling function */
+
+    dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
+    if (!dsa) {
+        HIP_ERROR("create_dsa_key failed (DSA_generate_parameters): %s\n",
+                  ERR_error_string(ERR_get_error(), NULL));
+        goto err_out;
+    }
+
+    /* generate private and public keys */
+    if (!DSA_generate_key(dsa)) {
+        HIP_ERROR("create_dsa_key failed (DSA_generate_key): %s\n",
+                  ERR_error_string(ERR_get_error(), NULL));
+        goto err_out;
+    }
+
+    HIP_DEBUG("*****************Creating DSA of %d bits\n\n\n", bits);
+    return dsa;
+
+err_out:
+
+    if (dsa) {
+        DSA_free(dsa);
+    }
+
+    return NULL;
 }
 
 /**
@@ -664,43 +679,49 @@
  * @return the created RSA structure, otherwise NULL.
  *
  */
-RSA *create_rsa_key(int bits) {
-  RSA *rsa = NULL;
-
- /* if (bits < 1 || bits > HIP_MAX_RSA_KEY_LEN) {
-    HIP_ERROR("create_rsa_key failed (illegal bits value %d)\n", bits);
-    goto err_out;
-  } Checked before calling function */
-
-  /* generate private and public keys */
+RSA *create_rsa_key(int bits)
+{
+    RSA *rsa = NULL;
+
+    /* if (bits < 1 || bits > HIP_MAX_RSA_KEY_LEN) {
+     * HIP_ERROR("create_rsa_key failed (illegal bits value %d)\n", bits);
+     * goto err_out;
+     * } Checked before calling function */
+
+    /* generate private and public keys */
 #ifdef ANDROID_CHANGES
-  BIGNUM *bn;
-  if (!(bn = BN_new()))
-    goto err_out;
-  if (!BN_set_word(bn, RSA_F4))
-    goto err_out;
-  if (!(rsa = RSA_new()))
-    goto err_out;
-  if (RSA_generate_key_ex(rsa, bits, bn, NULL) == -1)
-    goto err_out;
+    BIGNUM *bn;
+    if (!(bn = BN_new())) {
+        goto err_out;
+    }
+    if (!BN_set_word(bn, RSA_F4)) {
+        goto err_out;
+    }
+    if (!(rsa = RSA_new())) {
+        goto err_out;
+    }
+    if (RSA_generate_key_ex(rsa, bits, bn, NULL) == -1) {
+        goto err_out;
+    }
 #else
-  rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL);
+    rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL);
 #endif
-  if (!rsa) {
-    HIP_ERROR("create_rsa_key failed (RSA_generate_key): %s\n",
-                               ERR_error_string(ERR_get_error(), NULL));
-    goto err_out;
-  }
-
-  HIP_DEBUG("*****************Creating RSA of %d bits\n\n\n", bits);
-  return rsa;
-
- err_out:
-
-  if (rsa)
-    RSA_free(rsa);
-
-  return NULL;
+    if (!rsa) {
+        HIP_ERROR("create_rsa_key failed (RSA_generate_key): %s\n",
+                  ERR_error_string(ERR_get_error(), NULL));
+        goto err_out;
+    }
+
+    HIP_DEBUG("*****************Creating RSA of %d bits\n\n\n", bits);
+    return rsa;
+
+err_out:
+
+    if (rsa) {
+        RSA_free(rsa);
+    }
+
+    return NULL;
 }
 
 /**
@@ -719,85 +740,90 @@
  * @return 0 if all files were saved successfully, or non-zero if an error
  * occurred.
  */
-int save_dsa_private_key(const char *filenamebase, DSA *dsa) {
-  int err = 0, files = 0, ret;
-  char *pubfilename = NULL;
-  int pubfilename_len;
-  FILE *fp = NULL;
-
-  HIP_IFEL(!filenamebase, 1, "NULL filenamebase\n");
-
-  pubfilename_len =
-    strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1;
-  pubfilename = malloc(pubfilename_len);
-  HIP_IFEL(!pubfilename, 1, "malloc for pubfilename failed\n");
-
-  ret = snprintf(pubfilename, pubfilename_len, "%s%s", filenamebase,
-          DEFAULT_PUB_FILE_SUFFIX);
-  HIP_IFEL(ret <= 0, 1, "Failed to create pubfilename\n");
-
-  HIP_INFO("Saving DSA keys to: pub='%s' priv='%s'\n", pubfilename,
-          filenamebase);
-  HIP_INFO("Saving host DSA pubkey=%s\n", BN_bn2hex(dsa->pub_key));
-  HIP_INFO("Saving host DSA privkey=%s\n", BN_bn2hex(dsa->priv_key));
-  HIP_INFO("Saving host DSA p=%s\n", BN_bn2hex(dsa->p));
-  HIP_INFO("Saving host DSA q=%s\n", BN_bn2hex(dsa->q));
-  HIP_INFO("Saving host DSA g=%s\n", BN_bn2hex(dsa->g));
-
-  /* rewrite using PEM_write_PKCS8PrivateKey */
-
-  fp = fopen(pubfilename, "wb" /* mode */);
-  HIP_IFEL(!fp, 1,
-               "Couldn't open public key file %s for writing\n", pubfilename);
-
-  err = PEM_write_DSA_PUBKEY(fp, dsa) == 0 ? 1 : 0;;
-  files++;
-  if (err) {
-    HIP_ERROR("Write failed for %s\n", pubfilename);
-    goto out_err;
-  }
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-
-  fp = fopen(filenamebase, "wb" /* mode */);
-  HIP_IFEL(!fp, 1,
-             "Couldn't open private key file %s for writing\n", filenamebase);
-
-  err = PEM_write_DSAPrivateKey(fp, dsa, NULL, NULL, 0, NULL, NULL) == 0 ? 1 : 
0;
-  files++;
-  if (err) {
-    HIP_ERROR("Write failed for %s\n", filenamebase);
-    goto out_err;
-  }
-
- out_err:
- if(err && fp) {
-    if (fclose(fp))
-       HIP_ERROR("Error closing file\n");
-  }
-  else if(fp && (err = fclose(fp)) ) {
-       HIP_ERROR("Error closing file\n");
-  }
-
-  if(err) {
-    switch(files) {
-       case 2:
-           if (unlink(filenamebase)) /* add error check */
-               HIP_ERROR("Could not delete file %s\n", filenamebase);
-       case 1:
-           if (unlink(pubfilename)) /* add error check */
-               HIP_ERROR("Could not delete file %s\n", pubfilename);
-       default:
-           break;
-    }
-  }
-
-  if(pubfilename)
-    free(pubfilename);
-
-  return err;
+int save_dsa_private_key(const char *filenamebase, DSA *dsa)
+{
+    int err           = 0, files = 0, ret;
+    char *pubfilename = NULL;
+    int pubfilename_len;
+    FILE *fp          = NULL;
+
+    HIP_IFEL(!filenamebase, 1, "NULL filenamebase\n");
+
+    pubfilename_len =
+        strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1;
+    pubfilename     = malloc(pubfilename_len);
+    HIP_IFEL(!pubfilename, 1, "malloc for pubfilename failed\n");
+
+    ret             = snprintf(pubfilename, pubfilename_len, "%s%s", 
filenamebase,
+                               DEFAULT_PUB_FILE_SUFFIX);
+    HIP_IFEL(ret <= 0, 1, "Failed to create pubfilename\n");
+
+    HIP_INFO("Saving DSA keys to: pub='%s' priv='%s'\n", pubfilename,
+             filenamebase);
+    HIP_INFO("Saving host DSA pubkey=%s\n", BN_bn2hex(dsa->pub_key));
+    HIP_INFO("Saving host DSA privkey=%s\n", BN_bn2hex(dsa->priv_key));
+    HIP_INFO("Saving host DSA p=%s\n", BN_bn2hex(dsa->p));
+    HIP_INFO("Saving host DSA q=%s\n", BN_bn2hex(dsa->q));
+    HIP_INFO("Saving host DSA g=%s\n", BN_bn2hex(dsa->g));
+
+    /* rewrite using PEM_write_PKCS8PrivateKey */
+
+    fp  = fopen(pubfilename, "wb" /* mode */);
+    HIP_IFEL(!fp, 1,
+             "Couldn't open public key file %s for writing\n", pubfilename);
+
+    err = PEM_write_DSA_PUBKEY(fp, dsa) == 0 ? 1 : 0;
+    ;
+    files++;
+    if (err) {
+        HIP_ERROR("Write failed for %s\n", pubfilename);
+        goto out_err;
+    }
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+
+    fp  = fopen(filenamebase, "wb" /* mode */);
+    HIP_IFEL(!fp, 1,
+             "Couldn't open private key file %s for writing\n", filenamebase);
+
+    err = PEM_write_DSAPrivateKey(fp, dsa, NULL, NULL, 0, NULL, NULL) == 0 ? 1 
: 0;
+    files++;
+    if (err) {
+        HIP_ERROR("Write failed for %s\n", filenamebase);
+        goto out_err;
+    }
+
+out_err:
+    if (err && fp) {
+        if (fclose(fp)) {
+            HIP_ERROR("Error closing file\n");
+        }
+    } else if (fp && (err = fclose(fp)))   {
+        HIP_ERROR("Error closing file\n");
+    }
+
+    if (err) {
+        switch (files) {
+        case 2:
+            if (unlink(filenamebase)) { /* add error check */
+                HIP_ERROR("Could not delete file %s\n", filenamebase);
+            }
+        case 1:
+            if (unlink(pubfilename)) { /* add error check */
+                HIP_ERROR("Could not delete file %s\n", pubfilename);
+            }
+        default:
+            break;
+        }
+    }
+
+    if (pubfilename) {
+        free(pubfilename);
+    }
+
+    return err;
 }
 
 /**
@@ -816,89 +842,94 @@
  * @return 0 if all files were saved successfully, or non-zero if an
  * error occurred.
  */
-int save_rsa_private_key(const char *filenamebase, RSA *rsa) {
-  int err = 0, files = 0, ret;
-  char *pubfilename = NULL;
-  int pubfilename_len;
-  FILE *fp = NULL;
-
-  HIP_IFEL(!filenamebase, 1, "NULL filenamebase\n");
-
-  pubfilename_len =
-    strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1;
-  pubfilename = malloc(pubfilename_len);
-  HIP_IFEL(!pubfilename, 1, "malloc for pubfilename failed\n");
-
-  ret = snprintf(pubfilename, pubfilename_len, "%s%s", filenamebase,
-          DEFAULT_PUB_FILE_SUFFIX);
-  HIP_IFEL(ret <= 0, 1, "Failed to create pubfilename\n");
-
-  HIP_INFO("Saving RSA keys to: pub='%s' priv='%s'\n", pubfilename,
-          filenamebase);
-  HIP_INFO("Saving host RSA n=%s\n", BN_bn2hex(rsa->n));
-  HIP_INFO("Saving host RSA e=%s\n", BN_bn2hex(rsa->e));
-  HIP_INFO("Saving host RSA d=%s\n", BN_bn2hex(rsa->d));
-  HIP_INFO("Saving host RSA p=%s\n", BN_bn2hex(rsa->p));
-  HIP_INFO("Saving host RSA q=%s\n", BN_bn2hex(rsa->q));
-
-  /* rewrite using PEM_write_PKCS8PrivateKey */
-
-  fp = fopen(pubfilename, "wb" /* mode */);
-  HIP_IFEL(!fp, 1, 
-               "Couldn't open public key file %s for writing\n", pubfilename);
-
-  err = PEM_write_RSA_PUBKEY(fp, rsa) == 0 ? 1 : 0;
-  files++;
-  if (err) {
-    HIP_ERROR("Write failed for %s\n", pubfilename);
-    goto out_err;
-  }
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-
-  fp = fopen(filenamebase, "wb" /* mode */);
-  HIP_IFEL(!fp, 1, 
-       "Couldn't open private key file %s for writing\n", filenamebase);
-
-  err = PEM_write_RSAPrivateKey(fp, rsa, NULL, NULL, 0, NULL, NULL) == 0 ? 1 : 
0;
-  files++;
-  if (err) {
-    HIP_ERROR("Write failed for %s\n", filenamebase);
-    goto out_err;
-  }
-
- out_err:
-
-  if(err && fp) {
-    if (fclose(fp))
-       HIP_ERROR("Error closing file\n");
-  }
-  else if (fp && (err = fclose(fp)) ) {
-       HIP_ERROR("Error closing file\n");
-  }
-
-  if(err) {
-    switch(files) {
-       case 2:
-           if (unlink(filenamebase)) /* add error check */
-               HIP_ERROR("Could not delete file %s\n", filenamebase);
-       case 1:
-           if (unlink(pubfilename)) /* add error check */
-               HIP_ERROR("Could not delete file %s\n", pubfilename);
-       default:
-           break;
-    }
-  }
-
-  if(pubfilename)
-    free(pubfilename);
-
-  return err;
+int save_rsa_private_key(const char *filenamebase, RSA *rsa)
+{
+    int err           = 0, files = 0, ret;
+    char *pubfilename = NULL;
+    int pubfilename_len;
+    FILE *fp          = NULL;
+
+    HIP_IFEL(!filenamebase, 1, "NULL filenamebase\n");
+
+    pubfilename_len =
+        strlen(filenamebase) + strlen(DEFAULT_PUB_FILE_SUFFIX) + 1;
+    pubfilename     = malloc(pubfilename_len);
+    HIP_IFEL(!pubfilename, 1, "malloc for pubfilename failed\n");
+
+    ret = snprintf(pubfilename, pubfilename_len, "%s%s",
+                               filenamebase,
+                               DEFAULT_PUB_FILE_SUFFIX);
+    HIP_IFEL(ret <= 0, 1, "Failed to create pubfilename\n");
+
+    HIP_INFO("Saving RSA keys to: pub='%s' priv='%s'\n", pubfilename,
+             filenamebase);
+    HIP_INFO("Saving host RSA n=%s\n", BN_bn2hex(rsa->n));
+    HIP_INFO("Saving host RSA e=%s\n", BN_bn2hex(rsa->e));
+    HIP_INFO("Saving host RSA d=%s\n", BN_bn2hex(rsa->d));
+    HIP_INFO("Saving host RSA p=%s\n", BN_bn2hex(rsa->p));
+    HIP_INFO("Saving host RSA q=%s\n", BN_bn2hex(rsa->q));
+
+    /* rewrite using PEM_write_PKCS8PrivateKey */
+
+    fp  = fopen(pubfilename, "wb" /* mode */);
+    HIP_IFEL(!fp, 1,
+             "Couldn't open public key file %s for writing\n", pubfilename);
+
+    err = PEM_write_RSA_PUBKEY(fp, rsa) == 0 ? 1 : 0;
+    files++;
+    if (err) {
+        HIP_ERROR("Write failed for %s\n", pubfilename);
+        goto out_err;
+    }
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+
+    fp  = fopen(filenamebase, "wb" /* mode */);
+    HIP_IFEL(!fp, 1,
+             "Couldn't open private key file %s for writing\n", filenamebase);
+
+    err = PEM_write_RSAPrivateKey(fp, rsa, NULL, NULL,
+                                  0, NULL, NULL) == 0 ? 1 : 0;
+    files++;
+    if (err) {
+        HIP_ERROR("Write failed for %s\n", filenamebase);
+        goto out_err;
+    }
+
+out_err:
+
+    if (err && fp) {
+        if (fclose(fp)) {
+            HIP_ERROR("Error closing file\n");
+        }
+    } else if (fp && (err = fclose(fp)))   {
+        HIP_ERROR("Error closing file\n");
+    }
+
+    if (err) {
+        switch (files) {
+        case 2:
+            if (unlink(filenamebase)) { /* add error check */
+                HIP_ERROR("Could not delete file %s\n", filenamebase);
+            }
+        case 1:
+            if (unlink(pubfilename)) { /* add error check */
+                HIP_ERROR("Could not delete file %s\n", pubfilename);
+            }
+        default:
+            break;
+        }
+    }
+
+    if (pubfilename) {
+        free(pubfilename);
+    }
+
+    return err;
 }
 
-
 /**
  * load_dsa_private_key - load host DSA private keys from disk
  * @param filenamebase the file name base of the host DSA key
@@ -912,37 +943,38 @@
  * *dsa contins NULL if the key could not be loaded (not in PEM format
  * or file not found, etc).
  */
-int load_dsa_private_key(const char *filename, DSA **dsa) {
-  FILE *fp = NULL;
-  int err = 0;
-
-  *dsa = NULL;
-
-  HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
-
-  fp = fopen(filename, "rb");
-  HIP_IFEL(!fp, -ENOMEM,
-               "Could not open private key file %s for reading\n", filename);
-
-  *dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL);
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-
-  _HIP_DEBUG("Loaded host DSA q=%s\n", BN_bn2hex((*dsa)->q));
-  _HIP_DEBUG("Loaded host DSA p=%s\n", BN_bn2hex((*dsa)->p));
-  _HIP_DEBUG("Loaded host DSA g=%s\n", BN_bn2hex((*dsa)->g));
-
-  HIP_IFEL(!*dsa, -EINVAL, "Read failed for %s\n", filename);
-
-  _HIP_DEBUG("Loaded host DSA pubkey=%s\n", BN_bn2hex((*dsa)->pub_key));
-  _HIP_DEBUG("Loaded host DSA privkey=%s\n", BN_bn2hex((*dsa)->priv_key));
-
-
- out_err:
-
-  return err;
+int load_dsa_private_key(const char *filename, DSA **dsa)
+{
+    FILE *fp = NULL;
+    int err  = 0;
+
+    *dsa = NULL;
+
+    HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
+
+    fp   = fopen(filename, "rb");
+    HIP_IFEL(!fp, -ENOMEM,
+             "Could not open private key file %s for reading\n", filename);
+
+    *dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL);
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+
+    _HIP_DEBUG("Loaded host DSA q=%s\n", BN_bn2hex((*dsa)->q));
+    _HIP_DEBUG("Loaded host DSA p=%s\n", BN_bn2hex((*dsa)->p));
+    _HIP_DEBUG("Loaded host DSA g=%s\n", BN_bn2hex((*dsa)->g));
+
+    HIP_IFEL(!*dsa, -EINVAL, "Read failed for %s\n", filename);
+
+    _HIP_DEBUG("Loaded host DSA pubkey=%s\n", BN_bn2hex((*dsa)->pub_key));
+    _HIP_DEBUG("Loaded host DSA privkey=%s\n", BN_bn2hex((*dsa)->priv_key));
+
+
+out_err:
+
+    return err;
 }
 
 /**
@@ -958,40 +990,41 @@
  * *rsa contains NULL if the key could not be loaded (not in PEM
  * format or file not found, etc).
  */
-int load_rsa_private_key(const char *filename, RSA **rsa) {
-  FILE *fp = NULL;
-  int err = 0;
-
-  *rsa = NULL;
-
-  HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
-
-  fp = fopen(filename, "rb");
-  HIP_IFEL(!fp, -ENOMEM,
-               "Couldn't open private key file %s for reading\n", filename);
-
-  *rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-  HIP_IFEL(!*rsa, -EINVAL, "Read failed for %s\n", filename);
-
-  _HIP_DEBUG("Loaded host RSA n=%s\n", BN_bn2hex((*rsa)->n));
-  _HIP_DEBUG("Loaded host RSA e=%s\n", BN_bn2hex((*rsa)->e));
-  _HIP_DEBUG("Loaded host RSA d=%s\n", BN_bn2hex((*rsa)->d));
-  _HIP_DEBUG("Loaded host RSA p=%s\n", BN_bn2hex((*rsa)->p));
-  _HIP_DEBUG("Loaded host RSA q=%s\n", BN_bn2hex((*rsa)->q));
-
- out_err:
-
-  return err;
+int load_rsa_private_key(const char *filename, RSA **rsa)
+{
+    FILE *fp = NULL;
+    int err  = 0;
+
+    *rsa = NULL;
+
+    HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
+
+    fp   = fopen(filename, "rb");
+    HIP_IFEL(!fp, -ENOMEM,
+             "Couldn't open private key file %s for reading\n", filename);
+
+    *rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+    HIP_IFEL(!*rsa, -EINVAL, "Read failed for %s\n", filename);
+
+    _HIP_DEBUG("Loaded host RSA n=%s\n", BN_bn2hex((*rsa)->n));
+    _HIP_DEBUG("Loaded host RSA e=%s\n", BN_bn2hex((*rsa)->e));
+    _HIP_DEBUG("Loaded host RSA d=%s\n", BN_bn2hex((*rsa)->d));
+    _HIP_DEBUG("Loaded host RSA p=%s\n", BN_bn2hex((*rsa)->p));
+    _HIP_DEBUG("Loaded host RSA q=%s\n", BN_bn2hex((*rsa)->q));
+
+out_err:
+
+    return err;
 }
 
 /**
  * load_dsa_public_key - load host DSA public keys from disk
  * @param filename the file name of the host DSA key
- * @param dsa the DSA 
+ * @param dsa the DSA
  *
  * Loads DSA public key from the given file.
  * The DSA struct will be allocated dynamically and it is the responsibility
@@ -999,41 +1032,42 @@
  *
  * @return 0 on success, non-zero otherwise.
  */
-int load_dsa_public_key(const char *filename, DSA **dsa) {
-  FILE *fp = NULL;
-  int err = 0;
-
-  _HIP_DEBUG("load_dsa_public_key called\n");
-
-  *dsa = NULL;
-
-  HIP_IFEL(!filename, -ENOENT, "NULL filename %s\n", filename);
-
-  fp = fopen(filename, "rb");
-  HIP_IFEL(!fp, -ENOENT, // XX FIX: USE ERRNO
-               "Couldn't open public key file %s for reading\n", filename);
-
-  *dsa = PEM_read_DSA_PUBKEY(fp, NULL, NULL, NULL);
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-  /* XX FIX: USE ERRNO */
-  HIP_IFEL(!*dsa, -EINVAL, "Read failed for %s\n", filename);
-
-  _HIP_DEBUG("Loaded host DSA pubkey=%s\n", BN_bn2hex((*dsa)->pub_key));
-  _HIP_DEBUG("Loaded host DSA p=%s\n", BN_bn2hex((*dsa)->p));
-  _HIP_DEBUG("Loaded host DSA q=%s\n", BN_bn2hex((*dsa)->q));
-  _HIP_DEBUG("Loaded host DSA g=%s\n", BN_bn2hex((*dsa)->g));
-
- out_err:
-  return err;
+int load_dsa_public_key(const char *filename, DSA **dsa)
+{
+    FILE *fp = NULL;
+    int err  = 0;
+
+    _HIP_DEBUG("load_dsa_public_key called\n");
+
+    *dsa = NULL;
+
+    HIP_IFEL(!filename, -ENOENT, "NULL filename %s\n", filename);
+
+    fp   = fopen(filename, "rb");
+    HIP_IFEL(!fp, -ENOENT, // XX FIX: USE ERRNO
+             "Couldn't open public key file %s for reading\n", filename);
+
+    *dsa = PEM_read_DSA_PUBKEY(fp, NULL, NULL, NULL);
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+    /* XX FIX: USE ERRNO */
+    HIP_IFEL(!*dsa, -EINVAL, "Read failed for %s\n", filename);
+
+    _HIP_DEBUG("Loaded host DSA pubkey=%s\n", BN_bn2hex((*dsa)->pub_key));
+    _HIP_DEBUG("Loaded host DSA p=%s\n", BN_bn2hex((*dsa)->p));
+    _HIP_DEBUG("Loaded host DSA q=%s\n", BN_bn2hex((*dsa)->q));
+    _HIP_DEBUG("Loaded host DSA g=%s\n", BN_bn2hex((*dsa)->g));
+
+out_err:
+    return err;
 }
 
 /**
  * load_rsa_public_key - load host RSA public keys from disk
  * @param filename the file name of the host RSA key
- * @param rsa the RSA 
+ * @param rsa the RSA
  *
  * Loads RSA public key from the given file.
  * The RSA struct will be allocated dynamically and it is the responsibility
@@ -1041,31 +1075,32 @@
  *
  * @return 0 on success, non-zero otherwise.
  */
-int load_rsa_public_key(const char *filename, RSA **rsa) {
-  FILE *fp = NULL;
-  int err = 0;
-
-  *rsa = NULL;
-
-  _HIP_DEBUG("load_rsa_public_key called\n");
-
-  HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
-
-  fp = fopen(filename, "rb");
-  HIP_IFEL(!fp, -ENOENT, // XX FIX: USE ERRNO
-               "Couldn't open public key file %s for reading\n", filename);
-
-  *rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
-  if ( (err = fclose(fp)) ) {
-    HIP_ERROR("Error closing file\n");
-    goto out_err;
-  }
-  /* XX FIX: USE ERRNO */
-  HIP_IFEL(!*rsa, -EINVAL, "Read failed for %s\n", filename);
-
-  _HIP_DEBUG("Loaded host RSA n=%s\n", BN_bn2hex((*rsa)->n));
-  _HIP_DEBUG("Loaded host RSA e=%s\n", BN_bn2hex((*rsa)->e));
-
- out_err:
-  return err;
+int load_rsa_public_key(const char *filename, RSA **rsa)
+{
+    FILE *fp = NULL;
+    int err  = 0;
+
+    *rsa = NULL;
+
+    _HIP_DEBUG("load_rsa_public_key called\n");
+
+    HIP_IFEL(!filename, -ENOENT, "NULL filename\n");
+
+    fp   = fopen(filename, "rb");
+    HIP_IFEL(!fp, -ENOENT, // XX FIX: USE ERRNO
+             "Couldn't open public key file %s for reading\n", filename);
+
+    *rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
+    if ((err = fclose(fp))) {
+        HIP_ERROR("Error closing file\n");
+        goto out_err;
+    }
+    /* XX FIX: USE ERRNO */
+    HIP_IFEL(!*rsa, -EINVAL, "Read failed for %s\n", filename);
+
+    _HIP_DEBUG("Loaded host RSA n=%s\n", BN_bn2hex((*rsa)->n));
+    _HIP_DEBUG("Loaded host RSA e=%s\n", BN_bn2hex((*rsa)->e));
+
+out_err:
+    return err;
 }

=== modified file 'lib/tool/crypto.c.doxyme'
--- lib/tool/crypto.c.doxyme    2010-01-19 11:26:32 +0000
+++ lib/tool/crypto.c.doxyme    2010-02-11 00:01:07 +0000
@@ -14,20 +14,20 @@
 
 
 
- ///  Single line comment for dOxygen.
+///  Single line comment for dOxygen.
 
 /**
  * my_great_function
  *
  * Write description of function here.
  * The function should follow these comments.
- * 
+ *
  * Document the use of each function variable and indicate if this
  * argument is used to return information to the calling context. Use
- * [out] for outut parameters (This is very important). Align the 
+ * [out] for outut parameters (This is very important). Align the
  * descriptions to improve readability.
  *
- *  @note: put important usage informations to notes. 
+ *  @note: put important usage informations to notes.
  *
  *  @param      firstArg     Description of first function argument.
  *  @param[out] secondArg    Description of second function argument.
@@ -35,7 +35,8 @@
  *  @return Description of returned value.
  **/
 
-int my_great_function(int firstArg, char** secondArg, int thirdArg){
+int my_great_function(int firstArg, char **secondArg, int thirdArg)
+{
     .....
 
 /// Now it's your turn.
@@ -44,36 +45,36 @@
 
 
 /**
- * bn2bin_safe 
+ * bn2bin_safe
  *
  *
  * @param a
  * @param to
  * @param len
- * @return 
- **/
-
-
-/**
- * create_dsa_key 
- *
- *
- * @param bits
- * @return 
- **/
-
-
-/**
- * create_rsa_key 
- *
- *
- * @param bits
- * @return 
- **/
-
-
-/**
- * hip_crypto_encrypted 
+ * @return
+ **/
+
+
+/**
+ * create_dsa_key
+ *
+ *
+ * @param bits
+ * @return
+ **/
+
+
+/**
+ * create_rsa_key
+ *
+ *
+ * @param bits
+ * @return
+ **/
+
+
+/**
+ * hip_crypto_encrypted
  *
  *
  * @param data
@@ -82,32 +83,32 @@
  * @param len
  * @param key
  * @param direction
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_encode_dh_publickey 
+ * hip_encode_dh_publickey
  *
  *
  * @param dh
  * @param cscope.out
  * @param outlen
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_free_dh 
+ * hip_free_dh
  *
  *
  * @param dh
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_gen_dh_shared_key 
+ * hip_gen_dh_shared_key
  *
  *
  * @param dh
@@ -115,30 +116,30 @@
  * @param peer_len
  * @param dh_shared_key
  * @param outlen
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_generate_dh_key 
+ * hip_generate_dh_key
  *
  *
  * @param group_id
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_get_dh_size 
+ * hip_get_dh_size
  *
  *
  * @param hip_dh_group_type
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_write_hmac 
+ * hip_write_hmac
  *
  *
  * @param type
@@ -146,88 +147,87 @@
  * @param in
  * @param in_len
  * @param cscope.out
- * @return 
- **/
-
-
-/**
- * impl_dsa_sign 
- *
- *
- * @param digest
- * @param dsa
- * @param signature
- * @return 
- **/
-
-
-/**
- * impl_dsa_verify 
- *
- *
- * @param digest
- * @param dsa
- * @param signature
- * @return 
- **/
-
-
-/**
- * load_dsa_private_key 
- *
- *
- * @param filename
- * @param dsa
- * @return 
- **/
-
-
-/**
- * load_dsa_public_key 
- *
- *
- * @param filename
- * @param dsa
- * @return 
- **/
-
-
-/**
- * load_rsa_private_key 
- *
- *
- * @param filename
- * @param rsa
- * @return 
- **/
-
-
-/**
- * load_rsa_public_key 
- *
- *
- * @param filename
- * @param rsa
- * @return 
- **/
-
-
-/**
- * save_dsa_private_key 
- *
- *
- * @param filenamebase
- * @param dsa
- * @return 
- **/
-
-
-/**
- * save_rsa_private_key 
- *
- *
- * @param filenamebase
- * @param rsa
- * @return 
- **/
-
+ * @return
+ **/
+
+
+/**
+ * impl_dsa_sign
+ *
+ *
+ * @param digest
+ * @param dsa
+ * @param signature
+ * @return
+ **/
+
+
+/**
+ * impl_dsa_verify
+ *
+ *
+ * @param digest
+ * @param dsa
+ * @param signature
+ * @return
+ **/
+
+
+/**
+ * load_dsa_private_key
+ *
+ *
+ * @param filename
+ * @param dsa
+ * @return
+ **/
+
+
+/**
+ * load_dsa_public_key
+ *
+ *
+ * @param filename
+ * @param dsa
+ * @return
+ **/
+
+
+/**
+ * load_rsa_private_key
+ *
+ *
+ * @param filename
+ * @param rsa
+ * @return
+ **/
+
+
+/**
+ * load_rsa_public_key
+ *
+ *
+ * @param filename
+ * @param rsa
+ * @return
+ **/
+
+
+/**
+ * save_dsa_private_key
+ *
+ *
+ * @param filenamebase
+ * @param dsa
+ * @return
+ **/
+
+
+/**
+ * save_rsa_private_key
+ *
+ *
+ * @param filenamebase
+ * @param rsa
+ * @return
+ **/

=== modified file 'lib/tool/crypto.h'
--- lib/tool/crypto.h   2010-02-08 15:18:06 +0000
+++ lib/tool/crypto.h   2010-02-11 00:01:07 +0000
@@ -35,7 +35,8 @@
 
 
 
-/* These should be consistent with the table length in crypto.c and 
crypto/dh.c */
+/* These should be consistent with the table length in crypto.c and
+ * crypto/dh.c */
 #define HIP_DH_384                    1 /* 384-bit group */
 #define HIP_DH_OAKLEY_1               2 /* 768-bit OAKLEY well known group 1 */
 #define HIP_DH_OAKLEY_5               3 /* 1536-bit MODP group */
@@ -63,35 +64,32 @@
 #define DEFAULT_ANON_HI_FILE_NAME_SUFFIX "_anon"
 
 #ifdef OPENSSL_NO_SHA0
-# define HIP_SHA(buffer, total_len, hash)      SHA1((buffer), (total_len), 
(hash));
+# define HIP_SHA(buffer, total_len, hash)   SHA1((buffer), (total_len), 
(hash));
 #else
-# define HIP_SHA(buffer, total_len, hash)      SHA((buffer), (total_len), 
(hash));
+# define HIP_SHA(buffer, total_len, hash)   SHA((buffer), (total_len), (hash));
 #endif
 
 #ifdef OPENSSL_NO_SHA0
-# define HIP_SHA(buffer, total_len, hash)      SHA1((buffer), (total_len), 
(hash));
+# define HIP_SHA(buffer, total_len, hash)   SHA1((buffer), (total_len), 
(hash));
 #else
-# define HIP_SHA(buffer, total_len, hash)      SHA((buffer), (total_len), 
(hash));
+# define HIP_SHA(buffer, total_len, hash)   SHA((buffer), (total_len), (hash));
 #endif
 
 int ssl_rsa_verify(u8 *digest, u8 *public_key, u8 *signature, int pub_klen);
 int ssl_dsa_verify(u8 *digest, u8 *public_key, u8 *signature);
-
 int hip_init_cipher(void);
 void hip_uninit_cipher(void);
-
 /* In kernel these come from crypto/dh.h, included above */
 int hip_gen_dh_shared_key(DH *dh, u8 *peer_key, size_t peer_len, u8 *out,
-                         size_t outlen);
+                          size_t outlen);
 int hip_encode_dh_publickey(DH *dh, u8 *out, int outlen);
 DH *hip_generate_dh_key(int group_id);
 void hip_free_dh(DH *target);
 u16 hip_get_dh_size(u8 hip_dh_group_type);
-
 int dsa_to_hit(DSA *dsa_key, unsigned char *dsa, int type,
-              struct in6_addr *hit);
+               struct in6_addr *hit);
 int rsa_to_hit(RSA *rsa_key, unsigned char *rsa, int type,
-              struct in6_addr *hit);
+               struct in6_addr *hit);
 DSA *create_dsa_key(int bits);
 RSA *create_rsa_key(int bits);
 int save_dsa_private_key(const char *filenamebase, DSA *dsa);
@@ -100,12 +98,11 @@
 int load_rsa_private_key(const char *filename, RSA **rsa);
 int load_dsa_public_key(const char *filenamebase, DSA **dsa);
 int load_rsa_public_key(const char *filename, RSA **rsa);
-
 int bn2bin_safe(const BIGNUM *a, unsigned char *to, int len);
 int impl_dsa_sign(u8 *digest, DSA *dsa, u8 *signature);
 int impl_dsa_verify(u8 *digest, DSA *dsa, u8 *signature);
 int hip_write_hmac(int type, const void *key, void *in, int in_len, void *out);
 int hip_crypto_encrypted(void *data, const void *iv, int enc_alg, int enc_len,
-                        void* enc_key, int direction);
+                         void *enc_key, int direction);
 
 #endif /* HIPD_CRYPTO_H */

=== modified file 'lib/tool/lutil.c'
--- lib/tool/lutil.c    2010-02-09 13:42:11 +0000
+++ lib/tool/lutil.c    2010-02-11 00:01:07 +0000
@@ -1,35 +1,39 @@
 /** @file
  * Miscellaneous utility functions.
- * 
- * @note    Distributed under <a 
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
+ *
+ * @note    Distributed under
+ * <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>
  */
 #include "lutil.h"
 #include "lib/conf/hipconf.h"
 
-void free_gaih_addrtuple(struct gaih_addrtuple *tuple) {
-  struct gaih_addrtuple *tmp;
-  
-  while(tuple) {
-    tmp = tuple;
-    tuple = tmp->next;
-    free(tmp);
-  }
+void free_gaih_addrtuple(struct gaih_addrtuple *tuple)
+{
+    struct gaih_addrtuple *tmp;
+
+    while (tuple) {
+        tmp   = tuple;
+        tuple = tmp->next;
+        free(tmp);
+    }
 }
 
 /*
  * Works like fgets() but removes '\n' from the end.
  */
-char *getwithoutnewline(char *buffer, int count, FILE *f) {
-  char *result = buffer, *np;
-  if ((buffer == NULL) || (count < 1))
-    result = NULL;
-  else if (count == 1)
-    *result = '\0';
-  else if ((result = fgets(buffer, count, f)) != NULL)
-    if ( (np = strchr(buffer, '\n')) ) {
-      *np = '\0';
+char *getwithoutnewline(char *buffer, int count, FILE *f)
+{
+    char *result = buffer, *np;
+    if ((buffer == NULL) || (count < 1)) {
+        result = NULL;
+    } else if (count == 1) {
+        *result = '\0';
+    } else if ((result = fgets(buffer, count, f)) != NULL) {
+        if ((np = strchr(buffer, '\n'))) {
+            *np = '\0';
+        }
     }
-  return result;
+    return result;
 }
 
 /*
@@ -37,166 +41,186 @@
  *
  * If string contains substring, the return value is the location of
  * the first matching instance of substring in string.  If string doesn't
- * contain substring, the return value is NULL.  
+ * contain substring, the return value is NULL.
  */
-char *findsubstring(const char *string, const char *substring) {
-  char *str = (char *) string, *sub = (char *) substring;
-  char *a, *b;
-  
-  for (b = sub; *str != 0; str += 1) {
-    if (*str != *b)
-      continue;
-    a = str;
-    for (;;) {
-      if (*b == 0)
-       return(str);
-      if (*a++ != *b++)
-       break;
+char *findsubstring(const char *string, const char *substring)
+{
+    char *str = (char *) string, *sub = (char *) substring;
+    char *a, *b;
+
+    for (b = sub; *str != 0; str += 1) {
+        if (*str != *b) {
+            continue;
+        }
+        a = str;
+        for (;; ) {
+            if (*b == 0) {
+                return str;
+            }
+            if (*a++ != *b++) {
+                break;
+            }
+        }
+        b = sub;
     }
-    b = sub;
-  }
-  return((char *) NULL);
+    return (char *) NULL;
 }
 
-void extractsubstrings(char *string, List *list) {
-
-       char *sub_string;
-       char delims[] = " \t";
-       
-       sub_string = strtok(string, delims);
-       
-       if(sub_string)
-               insert(list, sub_string);
-       else 
-               return;
-       
-       sub_string = NULL;
-       
-       while ((sub_string = strtok(NULL, delims)) != NULL) {
-               insert(list, sub_string);
-               sub_string = NULL;
-       }
+void extractsubstrings(char *string, List *list)
+{
+    char *sub_string;
+    char delims[] = " \t";
+
+    sub_string = strtok(string, delims);
+
+    if (sub_string) {
+        insert(list, sub_string);
+    } else {
+        return;
+    }
+
+    sub_string = NULL;
+
+    while ((sub_string = strtok(NULL, delims)) != NULL) {
+        insert(list, sub_string);
+        sub_string = NULL;
+    }
 }
 
 /*
  * Finds HIP key files from the directory specified by 'path'.
  * Stores the file names into linked list (type listelement).
- */ 
-void findkeyfiles(char *path, List *files) {
-  
-  struct dirent *entry;             
-  struct stat file_status;   
-  DIR *dir = opendir(path);  
-
-  if (!dir) {
-    perror("opendir failure");
-    exit(1);
-  }
-  
-  if( chdir(path) != 0 ) {
-       perror("chdir failure");
-  };
-  
-  //Loop through all files and directories
-  while ( (entry = readdir(dir)) != NULL) {
-    if ((strcmp(entry->d_name, ".") != 0) && 
-       (strcmp(entry->d_name, "..") != 0)) {
-      //Get the status info for the current file
-      if (stat(entry->d_name, &file_status) == 0) {
-       //Is this a directory, or a file?
-       //Go through all public key files
-       if (!S_ISDIR(file_status.st_mode) && 
-            findsubstring(entry->d_name, ".pub") &&    
-           //!findsubstring(entry->d_name, ".pub") && original
-           findsubstring(entry->d_name, "hip_host_")) {
-         _HIP_DEBUG("findkeyfiles: Public key file: %s \n",entry->d_name);
-         insert(files, entry->d_name);
-         
-       }
-      }
-    }
-  }
-
-  if (closedir(dir) == -1) {
-    perror("closedir failure");
-    exit(1);
-  }
+ */
+void findkeyfiles(char *path, List *files)
+{
+    struct dirent *entry;
+    struct stat file_status;
+    DIR *dir = opendir(path);
+
+    if (!dir) {
+        perror("opendir failure");
+        exit(1);
+    }
+
+    if (chdir(path) != 0) {
+        perror("chdir failure");
+    }
+    ;
+
+    //Loop through all files and directories
+    while ((entry = readdir(dir)) != NULL) {
+        if ((strcmp(entry->d_name, ".") != 0) &&
+            (strcmp(entry->d_name, "..") != 0)) {
+            //Get the status info for the current file
+            if (stat(entry->d_name, &file_status) == 0) {
+                //Is this a directory, or a file?
+                //Go through all public key files
+                if (!S_ISDIR(file_status.st_mode) &&
+                    findsubstring(entry->d_name, ".pub") &&
+                    //!findsubstring(entry->d_name, ".pub") && original
+                    findsubstring(entry->d_name, "hip_host_")) {
+                    _HIP_DEBUG("findkeyfiles: Public key file: %s \n",
+                               entry->d_name);
+                    insert(files, entry->d_name);
+                }
+            }
+        }
+    }
+
+    if (closedir(dir) == -1) {
+        perror("closedir failure");
+        exit(1);
+    }
 }
 
-
 /* functions for simple linked list */
-void initlist(List *ilist) {
-  ilist->head = NULL;
-}
-
-void insert(List *ilist, char *data) {
-  Listitem *new;
-  new = (Listitem *)malloc(sizeof(Listitem));
-  new->next = ilist->head;
-  strncpy(new->data, data, MAX_ITEM_LEN);
-  ilist->head = new;
-}
-
-int length(List *ilist) {
-  Listitem *ptr;
-  int count = 1;
-
-  if(!ilist->head) return 0;
-  ptr = ilist->head;
-  while (ptr->next) {
-    ptr = ptr->next;
-    count++;
-  }
-  return count;
-}
-
-void destroy(List *ilist) {
-  Listitem *ptr1,*ptr2;
-  if(!ilist) return;
-  ptr1 = ilist->head;
-  while (ptr1) {
-    ptr2 = ptr1;
-    ptr1 = ptr1->next;
-    free(ptr2);
-  }
-  ilist->head = NULL;
-}
-
-char *getitem(List *ilist, int n) {
-  Listitem *ptr;
-  int count = 0;
-
-  if (!ilist->head) return NULL;
-  ptr = ilist->head;
-  if (n==0) return ptr->data;
-  while(ptr->next) {
-    ptr=ptr->next;
-    count++;
-    if(n==count)
-      return ptr->data;
-  }
-  return NULL;
-}
-
-
-char *setdataitem(List *ilist, int n, char *data){
-  Listitem *ptr;
-  int count = 0;
-
-  if (!ilist->head) return NULL;
-  ptr = ilist->head;
-  if (n==0) return ptr->data;
-  while(ptr->next) {
-    ptr=ptr->next;
-    count++;
-    if(n==count){
-      //memset(new->data, 0, MAX_ITEM_LEN);
-      strncpy(ptr->data, data, MAX_ITEM_LEN);
-      return ptr->data;
-    }
-  }
-  return NULL;
-
-}
-
-
+void initlist(List *ilist)
+{
+    ilist->head = NULL;
+}
+
+void insert(List *ilist, char *data)
+{
+    Listitem *new;
+    new         = (Listitem *) malloc(sizeof(Listitem));
+    new->next   = ilist->head;
+    strncpy(new->data, data, MAX_ITEM_LEN);
+    ilist->head = new;
+}
+
+int length(List *ilist)
+{
+    Listitem *ptr;
+    int count = 1;
+
+    if (!ilist->head) {
+        return 0;
+    }
+    ptr = ilist->head;
+    while (ptr->next) {
+        ptr = ptr->next;
+        count++;
+    }
+    return count;
+}
+
+void destroy(List *ilist)
+{
+    Listitem *ptr1, *ptr2;
+    if (!ilist) {
+        return;
+    }
+    ptr1 = ilist->head;
+    while (ptr1) {
+        ptr2 = ptr1;
+        ptr1 = ptr1->next;
+        free(ptr2);
+    }
+    ilist->head = NULL;
+}
+
+char *getitem(List *ilist, int n)
+{
+    Listitem *ptr;
+    int count = 0;
+
+    if (!ilist->head) {
+        return NULL;
+    }
+    ptr = ilist->head;
+    if (n == 0) {
+        return ptr->data;
+    }
+    while (ptr->next) {
+        ptr = ptr->next;
+        count++;
+        if (n == count) {
+            return ptr->data;
+        }
+    }
+    return NULL;
+}
+
+char *setdataitem(List *ilist, int n, char *data)
+{
+    Listitem *ptr;
+    int count = 0;
+
+    if (!ilist->head) {
+        return NULL;
+    }
+    ptr = ilist->head;
+    if (n == 0) {
+        return ptr->data;
+    }
+    while (ptr->next) {
+        ptr = ptr->next;
+        count++;
+        if (n == count) {
+            //memset(new->data, 0, MAX_ITEM_LEN);
+            strncpy(ptr->data, data, MAX_ITEM_LEN);
+            return ptr->data;
+        }
+    }
+    return NULL;
+}

=== modified file 'lib/tool/lutil.c.doxyme'
--- lib/tool/lutil.c.doxyme     2010-01-19 11:26:32 +0000
+++ lib/tool/lutil.c.doxyme     2010-02-11 00:01:07 +0000
@@ -14,20 +14,20 @@
 
 
 
- ///  Single line comment for dOxygen.
+///  Single line comment for dOxygen.
 
 /**
  * my_great_function
  *
  * Write description of function here.
  * The function should follow these comments.
- * 
+ *
  * Document the use of each function variable and indicate if this
  * argument is used to return information to the calling context. Use
- * [out] for outut parameters (This is very important). Align the 
+ * [out] for outut parameters (This is very important). Align the
  * descriptions to improve readability.
  *
- *  @note: put important usage informations to notes. 
+ *  @note: put important usage informations to notes.
  *
  *  @param      firstArg     Description of first function argument.
  *  @param[out] secondArg    Description of second function argument.
@@ -35,7 +35,8 @@
  *  @return Description of returned value.
  **/
 
-int my_great_function(int firstArg, char** secondArg, int thirdArg){
+int my_great_function(int firstArg, char **secondArg, int thirdArg)
+{
     .....
 
 /// Now it's your turn.
@@ -44,109 +45,108 @@
 
 
 /**
- * destroy 
+ * destroy
  *
  *
  * @param ilist
- * @return 
+ * @return
  **/
 
 
 /**
- * extractsubstrings 
+ * extractsubstrings
  *
  *
  * @param string
  * @param list
- * @return 
+ * @return
  **/
 
 
 /**
- * findkeyfiles 
+ * findkeyfiles
  *
  *
  * @param path
  * @param files
- * @return 
+ * @return
  **/
 
 
 /**
- * findsubstring 
+ * findsubstring
  *
  *
  * @param string
  * @param substring
- * @return 
+ * @return
  **/
 
 
 /**
- * free_gaih_addrtuple 
+ * free_gaih_addrtuple
  *
  *
  * @param tuple
- * @return 
+ * @return
  **/
 
 
 /**
- * getitem 
+ * getitem
  *
  *
  * @param ilist
  * @param n
- * @return 
+ * @return
  **/
 
 
 /**
- * getwithoutnewline 
+ * getwithoutnewline
  *
  *
  * @param buffer
  * @param count
  * @param libhipconf
- * @return 
+ * @return
  **/
 
 
 /**
- * initlist 
+ * initlist
  *
  *
  * @param ilist
- * @return 
+ * @return
  **/
 
 
 /**
- * insert 
+ * insert
  *
  *
  * @param ilist
  * @param data
- * @return 
+ * @return
  **/
 
 
 /**
- * length 
+ * length
  *
  *
  * @param ilist
- * @return 
+ * @return
  **/
 
 
 /**
- * setdataitem 
+ * setdataitem
  *
  *
  * @param ilist
  * @param n
  * @param data
- * @return 
+ * @return
  **/
-

=== modified file 'lib/tool/lutil.h'
--- lib/tool/lutil.h    2010-01-19 11:26:32 +0000
+++ lib/tool/lutil.h    2010-02-11 00:01:07 +0000
@@ -1,10 +1,11 @@
 /** @file
  * A header file for util.c.
- * 
+ *
  * @author  ?
  * @version ?
  * @date    17.01.2008
- * @note    Distributed under <a 
href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
+ * @note    Distributed under
+ * <a href="http://www.gnu.org/licenses/gpl2.txt";>GNU/GPL</a>.
  */
 #ifndef _LIBINET6_UTIL_H
 #define _LIBINET6_UTIL_H
@@ -28,32 +29,31 @@
 #define MAX_ITEM_LEN 256
 
 /* moved this here from getaddrinfo.c because it's used now in
-   getendpointinfo.c too */
+ * getendpointinfo.c too */
 
-struct gaih_addrtuple
-  {
+struct gaih_addrtuple {
     struct gaih_addrtuple *next;
-    int family;
-    char addr[16];
-    uint32_t scopeid;
+    int                    family;
+    char                   addr[16];
+    uint32_t               scopeid;
 };
 
 void free_gaih_addrtuple(struct gaih_addrtuple *tuple);
 
-struct listitem { 
-  char data[256];
-  struct listitem *next;
+struct listitem {
+    char             data[256];
+    struct listitem *next;
 };
 
 typedef struct listitem Listitem;
 
 struct list {
-  Listitem *head;
+    Listitem *head;
 };
 
 typedef struct list List;
 
-void initlist(List *);  
+void initlist(List *);
 void insert(List *, char *data);
 void destroy(List *);
 int length(List *);
@@ -61,7 +61,7 @@
 /**
  * Gets an item from a linked list. Gets <code>n</code>th item from a linked
  * list.
- * 
+ *
  * @param ilist a pointer to a linked list.
  * @param n     the index of the item to get.
  * @return      a pointer to <code>n</code>th item in the list, or NULL if

=== modified file 'lib/tool/nlink.c'
--- lib/tool/nlink.c    2010-02-09 14:12:03 +0000
+++ lib/tool/nlink.c    2010-02-11 00:01:07 +0000
@@ -13,21 +13,20 @@
 #define PREFIXLEN_SPECIFIED 1
 
 #define NLMSG_TAIL(nmsg) \
-       ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
+    ((struct rtattr *) (((void *) (nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
 
 typedef int (*rtnl_filter_t)(const struct sockaddr_nl *,
-                            const struct nlmsghdr *n, void **);
+                             const struct nlmsghdr *n, void **);
 
-typedef struct
-{
-        __u8 family;
-        __u8 bytelen;
-        __s16 bitlen;
-        __u32 flags;
-        __u32 data[4];
+typedef struct {
+    __u8  family;
+    __u8  bytelen;
+    __s16 bitlen;
+    __u32 flags;
+    __u32 data[4];
 } inet_prefix;
 
-/* 
+/*
  * Note that most of the functions are modified versions of
  * libnetlink functions.
  */
@@ -35,21 +34,21 @@
 int lsi_total = 0;
 
 int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
-             int alen)
+              int alen)
 {
-       int len = RTA_LENGTH(alen);
-       struct rtattr *rta;
+    int len = RTA_LENGTH(alen);
+    struct rtattr *rta;
 
-       if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) > maxlen) {
-               HIP_ERROR("addattr_l ERROR: message exceeded bound of 
%d\n",maxlen);
-               return -1;
-       }
-       rta = NLMSG_TAIL(n);
-       rta->rta_type = type;
-       rta->rta_len = len;
-       memcpy(RTA_DATA(rta), data, alen);
-       n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
-       return 0;
+    if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) > maxlen) {
+        HIP_ERROR("addattr_l ERROR: message exceeded bound of %d\n", maxlen);
+        return -1;
+    }
+    rta           = NLMSG_TAIL(n);
+    rta->rta_type = type;
+    rta->rta_len  = len;
+    memcpy(RTA_DATA(rta), data, alen);
+    n->nlmsg_len  = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
+    return 0;
 }
 
 /*
@@ -57,103 +56,105 @@
  * message function. This is a modified version of the rtnl_listen
  * function that processes only a finite amount of messages and then
  * returns.
-*/
+ */
 int hip_netlink_receive(struct rtnl_handle *nl,
-                       hip_filter_t handler,
-                       void *arg)
+                        hip_filter_t handler,
+                        void *arg)
 {
-       struct nlmsghdr *h;
-       struct sockaddr_nl nladdr;
-       struct iovec iov;
-        struct msghdr msg = {
-                (void*)&nladdr, sizeof(nladdr),
-                &iov,   1,
-                NULL,   0,
-                0
-        };
-       int msg_len = 0, status = 0;
-       char buf[NLMSG_SPACE(HIP_MAX_NETLINK_PACKET)];
-
-        memset(&nladdr, 0, sizeof(nladdr));
-        nladdr.nl_family = AF_NETLINK;
-        nladdr.nl_pid = 0;
-        nladdr.nl_groups = 0;
-       iov.iov_base = buf;
-       iov.iov_len = sizeof(buf);
-
-        msg_len = recvfrom(nl->fd, buf, sizeof(struct nlmsghdr),
-                          MSG_PEEK|MSG_DONTWAIT, NULL, NULL);
-       if (msg_len != sizeof(struct nlmsghdr)) {
-               HIP_ERROR("Bad netlink msg\n");
-               return -1;
-       }
-
-       HIP_DEBUG("Received a netlink message\n");
- 
-       while (1) {
-               iov.iov_len = sizeof(buf);
-
-               /* note: not using recvmsg interface anymore as
-                  a workaround for bug id 782 */
-
-               status = recvfrom(nl->fd, buf, sizeof(buf),
-                                 0, NULL, NULL);
-                //status = recvmsg(nl->fd, &msg, 0);
-
-                if (status < 0) {
-                       HIP_PERROR("perror: ");
-                        if (errno == EINTR)
-                                continue;
-                       HIP_ERROR("Netlink overrun.\n");
-                        return -1;
-                        continue;
-                }
-                if (status == 0) {
-                        HIP_ERROR("EOF on netlink\n");
-                        return -1;
-                }
-                if (msg.msg_namelen != sizeof(nladdr)) {
-                        HIP_ERROR("Sender address length == %d\n", 
msg.msg_namelen);
-                        return -1;
-                }
-               for (h = (struct nlmsghdr*)buf; status >= sizeof(*h); ) {
-                        int err;
-                        int len = h->nlmsg_len;
-                        int l = len - sizeof(*h);
-
-                       _HIP_DEBUG("l=%d, len=%d status=%d\n", l, len, status);
-
-                        if (l < 0 || len > status) {
-                                if (msg.msg_flags & MSG_TRUNC) {
-                                        HIP_ERROR("Truncated netlink 
message\n");
-                                        return -1;
-                                }
-
-                                HIP_ERROR("Malformed netlink message: 
len=%d\n", len);
-                                return -1;
-                        }
-
-                        err = handler(h, len, arg);
-                        if (err < 0)
-                                return err;
-
-                        status -= NLMSG_ALIGN(len);
-                        h = (struct nlmsghdr*)((char*)h + NLMSG_ALIGN(len));
-                }
+    struct nlmsghdr *h;
+    struct sockaddr_nl nladdr;
+    struct iovec iov;
+    struct msghdr msg = {
+        (void *) &nladdr, sizeof(nladdr),
+        &iov,             1,
+        NULL,             0,
+        0
+    };
+    int msg_len = 0, status = 0;
+    char buf[NLMSG_SPACE(HIP_MAX_NETLINK_PACKET)];
+
+    memset(&nladdr, 0, sizeof(nladdr));
+    nladdr.nl_family = AF_NETLINK;
+    nladdr.nl_pid    = 0;
+    nladdr.nl_groups = 0;
+    iov.iov_base     = buf;
+    iov.iov_len      = sizeof(buf);
+
+    msg_len          = recvfrom(nl->fd, buf, sizeof(struct nlmsghdr),
+                                MSG_PEEK | MSG_DONTWAIT, NULL, NULL);
+    if (msg_len != sizeof(struct nlmsghdr)) {
+        HIP_ERROR("Bad netlink msg\n");
+        return -1;
+    }
+
+    HIP_DEBUG("Received a netlink message\n");
+
+    while (1) {
+        iov.iov_len = sizeof(buf);
+
+        /* note: not using recvmsg interface anymore as
+         * a workaround for bug id 782 */
+
+        status      = recvfrom(nl->fd, buf, sizeof(buf),
+                               0, NULL, NULL);
+        //status = recvmsg(nl->fd, &msg, 0);
+
+        if (status < 0) {
+            HIP_PERROR("perror: ");
+            if (errno == EINTR) {
+                continue;
+            }
+            HIP_ERROR("Netlink overrun.\n");
+            return -1;
+            continue;
+        }
+        if (status == 0) {
+            HIP_ERROR("EOF on netlink\n");
+            return -1;
+        }
+        if (msg.msg_namelen != sizeof(nladdr)) {
+            HIP_ERROR("Sender address length == %d\n", msg.msg_namelen);
+            return -1;
+        }
+        for (h = (struct nlmsghdr *) buf; status >= sizeof(*h); ) {
+            int err;
+            int len = h->nlmsg_len;
+            int l   = len - sizeof(*h);
+
+            _HIP_DEBUG("l=%d, len=%d status=%d\n", l, len, status);
+
+            if (l < 0 || len > status) {
                 if (msg.msg_flags & MSG_TRUNC) {
-                        HIP_ERROR("Message truncated\n");
-                        break;
-                }
-
-                if (status) {
-                        HIP_ERROR("Remnant of size %d\n", status);
-                        return -1;
-                }
-
-               /* All messages processed */
-               return 0;
-       }
-       return 0;
+                    HIP_ERROR("Truncated netlink message\n");
+                    return -1;
+                }
+
+                HIP_ERROR("Malformed netlink message: len=%d\n", len);
+                return -1;
+            }
+
+            err     = handler(h, len, arg);
+            if (err < 0) {
+                return err;
+            }
+
+            status -= NLMSG_ALIGN(len);
+            h       = (struct nlmsghdr *) ((char *) h + NLMSG_ALIGN(len));
+        }
+        if (msg.msg_flags & MSG_TRUNC) {
+            HIP_ERROR("Message truncated\n");
+            break;
+        }
+
+        if (status) {
+            HIP_ERROR("Remnant of size %d\n", status);
+            return -1;
+        }
+
+        /* All messages processed */
+        return 0;
+    }
+    return 0;
 }
 
 /**
@@ -162,909 +163,947 @@
  * handling for junk messages.
  */
 int netlink_talk(struct rtnl_handle *nl, struct nlmsghdr *n, pid_t peer,
-                       unsigned groups, struct nlmsghdr *answer,
-                       hip_filter_t junk, void *arg)
+                 unsigned groups, struct nlmsghdr *answer,
+                 hip_filter_t junk, void *arg)
 {
-       int status, err = 0;
-       unsigned seq;
-       struct nlmsghdr *h;
-       struct sockaddr_nl nladdr;
-       char   buf[16384];
-       struct iovec iov = {
-               .iov_base = (void*) n,
-               .iov_len = n->nlmsg_len
-       };
-       struct msghdr msg = {
-               .msg_name = &nladdr,
-               .msg_namelen = sizeof(nladdr),
-               .msg_iov = &iov,
-               .msg_iovlen = 1,
-       };
-
-       memset(&nladdr, 0, sizeof(nladdr));
-       /*Assign values to the socket address*/
-       nladdr.nl_family = AF_NETLINK;
-       nladdr.nl_pid = peer;
-       nladdr.nl_groups = groups;
-
-       n->nlmsg_seq = seq = ++nl->seq;
-
-       /* Note: the TALK_ACK are here because I experienced problems
-          with SMP machines. The application added a mapping which caused
-          the control flow to arrive here. The sendmsg adds an SP and the
-          while loop tries to read the ACK for the SP. However, there will
-          be an acquire message arriving from the kernel before we read the
-          ack which confuses the loop completely, so I disabled the ACK.
-          The reason why this all happens is that we are using the same
-          netlink socket to read both acquire messages and sending SP.
-          Only a single netlink socket exist per PID, so we either do it
-          as it is here or create another thread for handling acquires.
-          For testing SP/SA related issues you might want to re-enable these
-          -mk */
-       if (HIP_NETLINK_TALK_ACK)
-               if (answer == NULL)
-                       n->nlmsg_flags |= NLM_F_ACK;
-
-       status = sendmsg(nl->fd, &msg, 0);
-       
-       if (status < 0)
-       {
-               HIP_PERROR("Cannot talk to rtnetlink");
-               err = -1;
-               goto out_err;
-       }
-
-       
-       memset(buf,0,sizeof(buf));
-       iov.iov_base = buf;
-
-       while (HIP_NETLINK_TALK_ACK) {
-               HIP_DEBUG("inside the while\n");
-               iov.iov_len = sizeof(buf);
-               status = recvmsg(nl->fd, &msg, 0);
-
-               if (status < 0)
-               {
-                       if (errno == EINTR)
-                       {
-                               HIP_DEBUG("EINTR\n");
-                               continue;
-                       }
-                       HIP_PERROR("OVERRUN");
-                       continue;
-               }
-               if (status == 0) {
-                        HIP_ERROR("EOF on netlink.\n");
-                       err = -1;
-                       goto out_err;
-                }
-                if (msg.msg_namelen != sizeof(nladdr)) {
-                        HIP_ERROR("sender address length == %d\n",
-                                 msg.msg_namelen);
-                       err = -1;
-                       goto out_err;
-                }
-                for (h = (struct nlmsghdr*)buf; status >= sizeof(*h); ) {
-                        int err;
-                        int len = h->nlmsg_len;
-                        int l = len - sizeof(*h);
-
-                        if (l<0 || len>status) {
-                                if (msg.msg_flags & MSG_TRUNC) {
-                                        HIP_ERROR("Truncated message\n");
-                                       err = -1;
-                                       goto out_err;
-                                }
-                                HIP_ERROR("Malformed message: len=%d\n", len);
-                               err = -1;
-                               goto out_err;
-                        }
-
-                        if (nladdr.nl_pid != peer ||
-                            h->nlmsg_seq != seq) {
-                               HIP_DEBUG("%d %d %d %d\n", nladdr.nl_pid, peer, 
h->nlmsg_seq, seq);
-                                if (junk) {
-                                       err = junk(h, len, arg);
-                                        if (err < 0) {
-                                               err = -1;
-                                               goto out_err;
-                                       }
-                                }
-                                /* Don't forget to skip that message. */
-                                status -= NLMSG_ALIGN(len);
-                                h = (struct nlmsghdr*)((char*)h + 
NLMSG_ALIGN(len));
-                                continue;
-                        }
-
-                        if (h->nlmsg_type == NLMSG_ERROR) {
-                                struct nlmsgerr *nl_err =
-                                       (struct nlmsgerr*)NLMSG_DATA(h);
-                                if (l < sizeof(struct nlmsgerr)) {
-                                        HIP_ERROR("Truncated\n");
-                                } else {
-                                        errno = -nl_err->error;
-                                        if (errno == 0) {
-                                                if (answer)
-                                                        memcpy(answer, h, 
h->nlmsg_len);
-                                               goto out_err;
-                                        }
-                                        HIP_PERROR("NETLINK answers");
-                                }
-                               err = -1;
-                               goto out_err;
-
-                        }
+    int status, err = 0;
+    unsigned seq;
+    struct nlmsghdr *h;
+    struct sockaddr_nl nladdr;
+    char buf[16384];
+    struct iovec iov  = {
+        .iov_base = (void *) n,
+        .iov_len  = n->nlmsg_len
+    };
+    struct msghdr msg = {
+        .msg_name    = &nladdr,
+        .msg_namelen = sizeof(nladdr),
+        .msg_iov     = &iov,
+        .msg_iovlen  = 1,
+    };
+
+    memset(&nladdr, 0, sizeof(nladdr));
+    /*Assign values to the socket address*/
+    nladdr.nl_family = AF_NETLINK;
+    nladdr.nl_pid    = peer;
+    nladdr.nl_groups = groups;
+
+    n->nlmsg_seq     = seq = ++nl->seq;
+
+    /* Note: the TALK_ACK are here because I experienced problems
+     * with SMP machines. The application added a mapping which caused
+     * the control flow to arrive here. The sendmsg adds an SP and the
+     * while loop tries to read the ACK for the SP. However, there will
+     * be an acquire message arriving from the kernel before we read the
+     * ack which confuses the loop completely, so I disabled the ACK.
+     * The reason why this all happens is that we are using the same
+     * netlink socket to read both acquire messages and sending SP.
+     * Only a single netlink socket exist per PID, so we either do it
+     * as it is here or create another thread for handling acquires.
+     * For testing SP/SA related issues you might want to re-enable these
+     * -mk */
+    if (HIP_NETLINK_TALK_ACK) {
+        if (answer == NULL) {
+            n->nlmsg_flags |= NLM_F_ACK;
+        }
+    }
+
+    status = sendmsg(nl->fd, &msg, 0);
+
+    if (status < 0) {
+        HIP_PERROR("Cannot talk to rtnetlink");
+        err = -1;
+        goto out_err;
+    }
+
+
+    memset(buf, 0, sizeof(buf));
+    iov.iov_base = buf;
+
+    while (HIP_NETLINK_TALK_ACK) {
+        HIP_DEBUG("inside the while\n");
+        iov.iov_len = sizeof(buf);
+        status      = recvmsg(nl->fd, &msg, 0);
+
+        if (status < 0) {
+            if (errno == EINTR) {
+                HIP_DEBUG("EINTR\n");
+                continue;
+            }
+            HIP_PERROR("OVERRUN");
+            continue;
+        }
+        if (status == 0) {
+            HIP_ERROR("EOF on netlink.\n");
+            err = -1;
+            goto out_err;
+        }
+        if (msg.msg_namelen != sizeof(nladdr)) {
+            HIP_ERROR("sender address length == %d\n",
+                      msg.msg_namelen);
+            err = -1;
+            goto out_err;
+        }
+        for (h = (struct nlmsghdr *) buf; status >= sizeof(*h); ) {
+            int err;
+            int len = h->nlmsg_len;
+            int l   = len - sizeof(*h);
+
+            if (l < 0 || len > status) {
+                if (msg.msg_flags & MSG_TRUNC) {
+                    HIP_ERROR("Truncated message\n");
+                    err = -1;
+                    goto out_err;
+                }
+                HIP_ERROR("Malformed message: len=%d\n", len);
+                err = -1;
+                goto out_err;
+            }
+
+            if (nladdr.nl_pid != peer ||
+                h->nlmsg_seq != seq) {
+                HIP_DEBUG("%d %d %d %d\n", nladdr.nl_pid,
+                          peer, h->nlmsg_seq, seq);
+                if (junk) {
+                    err = junk(h, len, arg);
+                    if (err < 0) {
+                        err = -1;
+                        goto out_err;
+                    }
+                }
+                /* Don't forget to skip that message. */
+                status -= NLMSG_ALIGN(len);
+                h       = (struct nlmsghdr *) ((char *) h + NLMSG_ALIGN(len));
+                continue;
+            }
+
+            if (h->nlmsg_type == NLMSG_ERROR) {
+                struct nlmsgerr *nl_err =
+                    (struct nlmsgerr *) NLMSG_DATA(h);
+                if (l < sizeof(struct nlmsgerr)) {
+                    HIP_ERROR("Truncated\n");
+                } else {
+                    errno = -nl_err->error;
+                    if (errno == 0) {
                         if (answer) {
-                                memcpy(answer, h, h->nlmsg_len);
-                               goto out_err;
+                            memcpy(answer, h, h->nlmsg_len);
                         }
-
-                        HIP_ERROR("Unexpected netlink reply!\n");
-
-                        status -= NLMSG_ALIGN(len);
-                        h = (struct nlmsghdr*)((char*)h + NLMSG_ALIGN(len));
-                }
-                if (msg.msg_flags & MSG_TRUNC) {
-                        HIP_ERROR("Message truncated\n");
-                        continue;
-                }
-                if (status) {
-                        HIP_ERROR("Remnant of size %d\n", status);
-                       err = -1;
-                       goto out_err;
-                }
-        }
+                        goto out_err;
+                    }
+                    HIP_PERROR("NETLINK answers");
+                }
+                err = -1;
+                goto out_err;
+            }
+            if (answer) {
+                memcpy(answer, h, h->nlmsg_len);
+                goto out_err;
+            }
+
+            HIP_ERROR("Unexpected netlink reply!\n");
+
+            status -= NLMSG_ALIGN(len);
+            h       = (struct nlmsghdr *) ((char *) h + NLMSG_ALIGN(len));
+        }
+        if (msg.msg_flags & MSG_TRUNC) {
+            HIP_ERROR("Message truncated\n");
+            continue;
+        }
+        if (status) {
+            HIP_ERROR("Remnant of size %d\n", status);
+            err = -1;
+            goto out_err;
+        }
+    }
 
 out_err:
 
-       return err;
+    return err;
 }
 
-
 int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
-                         int protocol)
+                      int protocol)
 {
-       socklen_t addr_len;
-       int sndbuf = 32768, rcvbuf = 32768;
-
-       memset(rth, 0, sizeof(*rth));
-
-       rth->fd = socket(AF_NETLINK, SOCK_RAW, protocol);
-        if (rth->fd < 0) {
-                HIP_PERROR("Cannot open a netlink socket");
-                return -1;
-        }
-       _HIP_DEBUG("setsockopt SO_SNDBUF\n");
-        if (setsockopt(rth->fd,SOL_SOCKET,SO_SNDBUF,&sndbuf,sizeof(sndbuf)) < 
0) {
-                HIP_PERROR("SO_SNDBUF");
-                return -1;
-        }
-       _HIP_DEBUG("setsockopt SO_RCVBUF\n");
-        if (setsockopt(rth->fd,SOL_SOCKET,SO_RCVBUF,&rcvbuf,sizeof(rcvbuf)) < 
0) {
-                HIP_PERROR("SO_RCVBUF");
-                return -1;
-        }
-
-        memset(&rth->local, 0, sizeof(rth->local));
-        rth->local.nl_family = AF_NETLINK;
-        rth->local.nl_groups = subscriptions;
-
-        if (bind(rth->fd, (struct sockaddr*)&rth->local, sizeof(rth->local)) < 
0) {
-                HIP_PERROR("Cannot bind a netlink socket");
-                return -1;
-        }
-        addr_len = sizeof(rth->local);
-        if (getsockname(rth->fd, (struct sockaddr*)&rth->local, &addr_len) < 
0) {
-                HIP_PERROR("Cannot getsockname");
-                return -1;
-        }
-        if (addr_len != sizeof(rth->local)) {
-                HIP_ERROR("Wrong address length %d\n", addr_len);
-                return -1;
-        }
-        if (rth->local.nl_family != AF_NETLINK) {
-                HIP_ERROR("Wrong address family %d\n", rth->local.nl_family);
-                return -1;
-        }
-        rth->seq = time(NULL);
-        return 0;
+    socklen_t addr_len;
+    int sndbuf = 32768, rcvbuf = 32768;
+
+    memset(rth, 0, sizeof(*rth));
+
+    rth->fd = socket(AF_NETLINK, SOCK_RAW, protocol);
+    if (rth->fd < 0) {
+        HIP_PERROR("Cannot open a netlink socket");
+        return -1;
+    }
+    _HIP_DEBUG("setsockopt SO_SNDBUF\n");
+    if (setsockopt(rth->fd, SOL_SOCKET, SO_SNDBUF,
+                   &sndbuf, sizeof(sndbuf)) < 0) {
+        HIP_PERROR("SO_SNDBUF");
+        return -1;
+    }
+    _HIP_DEBUG("setsockopt SO_RCVBUF\n");
+    if (setsockopt(rth->fd, SOL_SOCKET, SO_RCVBUF,
+                   &rcvbuf, sizeof(rcvbuf)) < 0) {
+        HIP_PERROR("SO_RCVBUF");
+        return -1;
+    }
+
+    memset(&rth->local, 0, sizeof(rth->local));
+    rth->local.nl_family = AF_NETLINK;
+    rth->local.nl_groups = subscriptions;
+
+    if (bind(rth->fd, (struct sockaddr *) &rth->local,
+             sizeof(rth->local)) < 0) {
+        HIP_PERROR("Cannot bind a netlink socket");
+        return -1;
+    }
+    addr_len = sizeof(rth->local);
+    if (getsockname(rth->fd, (struct sockaddr *) &rth->local,
+                    &addr_len) < 0) {
+        HIP_PERROR("Cannot getsockname");
+        return -1;
+    }
+    if (addr_len != sizeof(rth->local)) {
+        HIP_ERROR("Wrong address length %d\n", addr_len);
+        return -1;
+    }
+    if (rth->local.nl_family != AF_NETLINK) {
+        HIP_ERROR("Wrong address family %d\n", rth->local.nl_family);
+        return -1;
+    }
+    rth->seq = time(NULL);
+    return 0;
 }
 
 void rtnl_close(struct rtnl_handle *rth)
 {
-       close(rth->fd);
+    close(rth->fd);
 }
 
-
 /**
  * Functions for adding ip address
  */
 
 static unsigned ll_name_to_index(const char *name, struct idxmap **idxmap)
 {
-        static char ncache[16];
-        static int icache;
-        struct idxmap *im;
-        int i;
+    static char ncache[16];
+    static int icache;
+    struct idxmap *im;
+    int i;
 
-        if (name == NULL)
-                return 0;
-        if (icache && strcmp(name, ncache) == 0)
-                return icache;
-        for (i=0; i<16; i++) {
-                for (im = idxmap[i]; im; im = im->next) {
-                        if (strcmp(im->name, name) == 0) {
-                                icache = im->index;
-                                strcpy(ncache, name);
-                                return im->index;
-                        }
-                }
+    if (name == NULL) {
+        return 0;
+    }
+    if (icache && strcmp(name, ncache) == 0) {
+        return icache;
+    }
+    for (i = 0; i < 16; i++) {
+        for (im = idxmap[i]; im; im = im->next) {
+            if (strcmp(im->name, name) == 0) {
+                icache = im->index;
+                strcpy(ncache, name);
+                return im->index;
+            }
         }
+    }
 
-       /* XX FIXME: having more that one NETLINK socket open at the same
-          time is bad! See hipd.c:addresses comments */
-        return if_nametoindex(name);
+    /* XX FIXME: having more that one NETLINK socket open at the same
+     * time is bad! See hipd.c:addresses comments */
+    return if_nametoindex(name);
 }
 
 static int get_unsigned(unsigned *val, const char *arg, int base)
 {
-        unsigned long res;
-        char *ptr;
+    unsigned long res;
+    char *ptr;
 
-        if (!arg || !*arg)
-                return -1;
-        res = strtoul(arg, &ptr, base);
-        if (!ptr || ptr == arg || *ptr || res > UINT_MAX)
-                return -1;
-        *val = res;
-        return 0;
+    if (!arg || !*arg) {
+        return -1;
+    }
+    res  = strtoul(arg, &ptr, base);
+    if (!ptr || ptr == arg || *ptr || res > UINT_MAX) {
+        return -1;
+    }
+    *val = res;
+    return 0;
 }
 
-
-
 static int get_addr_1(inet_prefix *addr, const char *name, int family)
 {
-        const char *cp;
-        unsigned char *ap = (unsigned char*)addr->data;
-        int i;
-
-        memset(addr, 0, sizeof(*addr));
-
-        if (strcmp(name, "default") == 0 ||
-            strcmp(name, "all") == 0 ||
-            strcmp(name, "any") == 0) {
-                if (family == AF_DECnet)
-                        return -1;
-                addr->family = family;
-                addr->bytelen = (family == AF_INET6 ? 16 : 4);
-                addr->bitlen = -1;
-                return 0;
-        }
-
-        if (strchr(name, ':')) {
-                addr->family = AF_INET6;
-                if (family != AF_UNSPEC && family != AF_INET6)
-                        return -1;
-                if (inet_pton(AF_INET6, name, addr->data) <= 0)
-                        return -1;
-                addr->bytelen = 16;
-                addr->bitlen = -1;
-                return 0;
-        }
-
-        addr->family = AF_INET;
-        if (family != AF_UNSPEC && family != AF_INET)
-                return -1;
-        addr->bytelen = 4;
-        addr->bitlen = -1;
-        for (cp=name, i=0; *cp; cp++) {
-                if (*cp <= '9' && *cp >= '0') {
-                        ap[i] = 10*ap[i] + (*cp-'0');
-                        continue;
-                }
-                if (*cp == '.' && ++i <= 3)
-                        continue;
-                return -1;
-        }
-        return 0;
+    const char *cp;
+    unsigned char *ap = (unsigned char *) addr->data;
+    int i;
+
+    memset(addr, 0, sizeof(*addr));
+
+    if (strcmp(name, "default") == 0 ||
+        strcmp(name, "all") == 0 ||
+        strcmp(name, "any") == 0) {
+        if (family == AF_DECnet) {
+            return -1;
+        }
+        addr->family  = family;
+        addr->bytelen = (family == AF_INET6 ? 16 : 4);
+        addr->bitlen  = -1;
+        return 0;
+    }
+
+    if (strchr(name, ':')) {
+        addr->family = AF_INET6;
+        if (family != AF_UNSPEC && family != AF_INET6) {
+            return -1;
+        }
+        if (inet_pton(AF_INET6, name, addr->data) <= 0) {
+            return -1;
+        }
+        addr->bytelen = 16;
+        addr->bitlen  = -1;
+        return 0;
+    }
+
+    addr->family  = AF_INET;
+    if (family != AF_UNSPEC && family != AF_INET) {
+        return -1;
+    }
+    addr->bytelen = 4;
+    addr->bitlen  = -1;
+    for (cp = name, i = 0; *cp; cp++) {
+        if (*cp <= '9' && *cp >= '0') {
+            ap[i] = 10 * ap[i] + (*cp - '0');
+            continue;
+        }
+        if (*cp == '.' && ++i <= 3) {
+            continue;
+        }
+        return -1;
+    }
+    return 0;
 }
 
 static int get_prefix_1(inet_prefix *dst, char *arg, int family)
 {
-        int err;
-        unsigned plen;
-        char *slash;
-
-        memset(dst, 0, sizeof(*dst));
-
-        if (strcmp(arg, "default") == 0 ||
-            strcmp(arg, "any") == 0 ||
-            strcmp(arg, "all") == 0) {
-                if (family == AF_DECnet)
-                        return -1;
-                dst->family = family;
-                dst->bytelen = 0;
-                dst->bitlen = 0;
-                return 0;
-        }
-
-        slash = strchr(arg, '/');
-        if (slash)
-               *slash = 0;
-
-        err = get_addr_1(dst, arg, family);
-        if (err == 0) {
-                switch(dst->family) {
-                        case AF_INET6:
-                                dst->bitlen = 128;
-                                break;
-                        case AF_DECnet:
-                                dst->bitlen = 16;
-                                break;
-                        default:
-                        case AF_INET:
-                                dst->bitlen = 32;
-                 }
-                if (slash) {
-                        if (get_unsigned(&plen, slash+1, 0) || plen > 
dst->bitlen) {
-                                err = -1;
-                                goto done;
-                        }
-                        dst->flags |= PREFIXLEN_SPECIFIED;
-                        dst->bitlen = plen;
-                }
-        }
+    int err;
+    unsigned plen;
+    char *slash;
+
+    memset(dst, 0, sizeof(*dst));
+
+    if (strcmp(arg, "default") == 0 ||
+        strcmp(arg, "any") == 0 ||
+        strcmp(arg, "all") == 0) {
+        if (family == AF_DECnet) {
+            return -1;
+        }
+        dst->family  = family;
+        dst->bytelen = 0;
+        dst->bitlen  = 0;
+        return 0;
+    }
+
+    slash = strchr(arg, '/');
+    if (slash) {
+        *slash = 0;
+    }
+
+    err   = get_addr_1(dst, arg, family);
+    if (err == 0) {
+        switch (dst->family) {
+        case AF_INET6:
+            dst->bitlen = 128;
+            break;
+        case AF_DECnet:
+            dst->bitlen = 16;
+            break;
+        default:
+        case AF_INET:
+            dst->bitlen = 32;
+        }
+        if (slash) {
+            if (get_unsigned(&plen, slash + 1, 0) || plen > dst->bitlen) {
+                err = -1;
+                goto done;
+            }
+            dst->flags |= PREFIXLEN_SPECIFIED;
+            dst->bitlen = plen;
+        }
+    }
 done:
-        if (slash)
-                *slash = '/';
-        return err;
+    if (slash) {
+        *slash = '/';
+    }
+    return err;
 }
 
-
 static int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
 {
-        int len = RTA_LENGTH(4);
-        struct rtattr *rta;
-        if (NLMSG_ALIGN(n->nlmsg_len) + len > maxlen) {
-                HIP_ERROR("addattr32: Error! max allowed bound %d 
exceeded\n",maxlen);
-                return -1;
-        }
-        rta = NLMSG_TAIL(n);
-        rta->rta_type = type;
-        rta->rta_len = len;
-        memcpy(RTA_DATA(rta), &data, 4);
-        n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
-        return 0;
+    int len = RTA_LENGTH(4);
+    struct rtattr *rta;
+    if (NLMSG_ALIGN(n->nlmsg_len) + len > maxlen) {
+        HIP_ERROR("addattr32: Error! max allowed bound %d exceeded\n", maxlen);
+        return -1;
+    }
+    rta           = NLMSG_TAIL(n);
+    rta->rta_type = type;
+    rta->rta_len  = len;
+    memcpy(RTA_DATA(rta), &data, 4);
+    n->nlmsg_len  = NLMSG_ALIGN(n->nlmsg_len) + len;
+    return 0;
 }
 
 static int rtnl_wilddump_request(struct rtnl_handle *rth, int family, int type)
 {
-        struct {
-                struct nlmsghdr nlh;
-                struct rtgenmsg g;
-        } req;
-        struct sockaddr_nl nladdr;
-
-        memset(&nladdr, 0, sizeof(nladdr));
-        nladdr.nl_family = AF_NETLINK;
-
-        memset(&req, 0, sizeof(req));
-        req.nlh.nlmsg_len = sizeof(req);
-        req.nlh.nlmsg_type = type;
-        req.nlh.nlmsg_flags = NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST;
-        req.nlh.nlmsg_pid = 0;
-        req.nlh.nlmsg_seq = rth->dump = ++rth->seq;
-        req.g.rtgen_family = family;
-
-        return sendto(rth->fd, (void*)&req, sizeof(req), 0,
-                      (struct sockaddr*)&nladdr, sizeof(nladdr));
+    struct {
+        struct nlmsghdr nlh;
+        struct rtgenmsg g;
+    } req;
+    struct sockaddr_nl nladdr;
+
+    memset(&nladdr, 0, sizeof(nladdr));
+    nladdr.nl_family    = AF_NETLINK;
+
+    memset(&req, 0, sizeof(req));
+    req.nlh.nlmsg_len   = sizeof(req);
+    req.nlh.nlmsg_type  = type;
+    req.nlh.nlmsg_flags = NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST;
+    req.nlh.nlmsg_pid   = 0;
+    req.nlh.nlmsg_seq   = rth->dump = ++rth->seq;
+    req.g.rtgen_family  = family;
+
+    return sendto(rth->fd, (void *) &req, sizeof(req), 0,
+                  (struct sockaddr *) &nladdr, sizeof(nladdr));
 }
 
 static int rtnl_dump_filter(struct rtnl_handle *rth,
-                     rtnl_filter_t filter,
-                     void *arg1,
-                     rtnl_filter_t junk,
-                     void *arg2)
+                            rtnl_filter_t filter,
+                            void *arg1,
+                            rtnl_filter_t junk,
+                            void *arg2)
 {
-        struct sockaddr_nl nladdr;
-        struct iovec iov;
-        struct msghdr msg = {
-                .msg_name = &nladdr,
-                .msg_namelen = sizeof(nladdr),
-                .msg_iov = &iov,
-                .msg_iovlen = 1,
-        };
-        char buf[16384];
-
-        while (1) {
-                int status;
-                struct nlmsghdr *h;
-
-                       iov.iov_base = buf;
-                iov.iov_len = sizeof(buf);
-                status = recvmsg(rth->fd, &msg, 0);
-
-                if (status < 0) {
-                        if (errno == EINTR)
-                                continue;
-                        HIP_PERROR("OVERRUN");
-                        continue;
-                }
-
-                if (status == 0) {
-                        HIP_ERROR("EOF on netlink\n");
-                        return -1;
-                }
-
-                h = (struct nlmsghdr*)buf;
-                while (NLMSG_OK(h, status)) {
-                        int err = 0;
-
-                        if (nladdr.nl_pid != 0 ||
-                            h->nlmsg_pid != rth->local.nl_pid ||
-                            h->nlmsg_seq != rth->dump) {
-                                if (junk) {
-                                        err = junk(&nladdr, h, arg2);
-                                        if (err < 0)
-                                                return err;
-                                }
-                                goto skip_it;
-                        }
-
-                        if (h->nlmsg_type == NLMSG_DONE)
-                                return 0;
-                        if (h->nlmsg_type == NLMSG_ERROR) {
-                                struct nlmsgerr *err = (struct 
nlmsgerr*)NLMSG_DATA(h);
-                                if (h->nlmsg_len < NLMSG_LENGTH(sizeof(struct 
nlmsgerr))) {
-                                        HIP_ERROR("ERROR truncated\n");
-                                } else {
-                                        errno = -err->error;
-                                        HIP_PERROR("RTNETLINK answers");
-                                }
-                                return -1;
-                        }
-                       if (filter)
-                               err = filter(&nladdr, h, arg1);
-                        if (err < 0)
-                                return err;
+    struct sockaddr_nl nladdr;
+    struct iovec iov;
+    struct msghdr msg = {
+        .msg_name    = &nladdr,
+        .msg_namelen = sizeof(nladdr),
+        .msg_iov     = &iov,
+        .msg_iovlen  = 1,
+    };
+    char buf[16384];
+
+    while (1) {
+        int status;
+        struct nlmsghdr *h;
+
+        iov.iov_base = buf;
+        iov.iov_len  = sizeof(buf);
+        status       = recvmsg(rth->fd, &msg, 0);
+
+        if (status < 0) {
+            if (errno == EINTR) {
+                continue;
+            }
+            HIP_PERROR("OVERRUN");
+            continue;
+        }
+
+        if (status == 0) {
+            HIP_ERROR("EOF on netlink\n");
+            return -1;
+        }
+
+        h = (struct nlmsghdr *) buf;
+        while (NLMSG_OK(h, status)) {
+            int err = 0;
+
+            if (nladdr.nl_pid != 0 ||
+                h->nlmsg_pid != rth->local.nl_pid ||
+                h->nlmsg_seq != rth->dump) {
+                if (junk) {
+                    err = junk(&nladdr, h, arg2);
+                    if (err < 0) {
+                        return err;
+                    }
+                }
+                goto skip_it;
+            }
+
+            if (h->nlmsg_type == NLMSG_DONE) {
+                return 0;
+            }
+            if (h->nlmsg_type == NLMSG_ERROR) {
+                struct nlmsgerr *err = (struct nlmsgerr *) NLMSG_DATA(h);
+                if (h->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr))) {
+                    HIP_ERROR("ERROR truncated\n");
+                } else {
+                    errno = -err->error;
+                    HIP_PERROR("RTNETLINK answers");
+                }
+                return -1;
+            }
+            if (filter) {
+                err = filter(&nladdr, h, arg1);
+            }
+            if (err < 0) {
+                return err;
+            }
 
 skip_it:
-                        h = NLMSG_NEXT(h, status);
-                }
-                if (msg.msg_flags & MSG_TRUNC) {
-                        HIP_ERROR("Message truncated\n");
-                        continue;
-                }
-                if (status) {
-                        HIP_ERROR("Remnant of size %d\n", status);
-                        return -1;
-                }
-        }
+            h = NLMSG_NEXT(h, status);
+        }
+        if (msg.msg_flags & MSG_TRUNC) {
+            HIP_ERROR("Message truncated\n");
+            continue;
+        }
+        if (status) {
+            HIP_ERROR("Remnant of size %d\n", status);
+            return -1;
+        }
+    }
 }
 
 static int ll_init_map(struct rtnl_handle *rth, struct idxmap **idxmap)
 {
-       if (rtnl_wilddump_request(rth, AF_UNSPEC, RTM_GETLINK) < 0) {
-                HIP_PERROR("Cannot send dump request");
-                return -1;
-        }
+    if (rtnl_wilddump_request(rth, AF_UNSPEC, RTM_GETLINK) < 0) {
+        HIP_PERROR("Cannot send dump request");
+        return -1;
+    }
 
-        if (rtnl_dump_filter(rth,
-                            /*ll_remember_index*/ NULL,
-                            idxmap, NULL, NULL) < 0) {
-                HIP_ERROR("Dump terminated\n");
-                return -1;
-        }
-        return 0;
+    if (rtnl_dump_filter(rth,
+                         /*ll_remember_index*/ NULL,
+                         idxmap, NULL, NULL) < 0) {
+        HIP_ERROR("Dump terminated\n");
+        return -1;
+    }
+    return 0;
 }
 
 int hip_iproute_modify(struct rtnl_handle *rth,
-                      int cmd, int flags, int family, char *ip,
-                      char *dev)
+                       int cmd, int flags, int family, char *ip,
+                       char *dev)
 {
-        struct {
-                struct nlmsghdr         n;
-                struct rtmsg            r;
-                char                    buf[1024];
-        } req1;
-        inet_prefix dst;
-       struct idxmap *idxmap[16];
-        int dst_ok = 0, err;
-        int idx, i;
-
-        memset(&req1, 0, sizeof(req1));
-       for (i = 0; i < 16; i++)
-               idxmap[i] = NULL;
-
-        req1.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
-        req1.n.nlmsg_flags = NLM_F_REQUEST|flags;
-        req1.n.nlmsg_type = cmd;
-        req1.r.rtm_family = family;
-        req1.r.rtm_table = RT_TABLE_MAIN;
-        req1.r.rtm_scope = RT_SCOPE_NOWHERE;
-
-        if (cmd != RTM_DELROUTE) {
-                req1.r.rtm_protocol = RTPROT_BOOT;
-                req1.r.rtm_scope = RT_SCOPE_UNIVERSE;
-                req1.r.rtm_type = RTN_UNICAST;
+    struct {
+        struct nlmsghdr n;
+        struct rtmsg    r;
+        char            buf[1024];
+    } req1;
+    inet_prefix dst;
+    struct idxmap *idxmap[16];
+    int dst_ok = 0, err;
+    int idx, i;
+
+    memset(&req1, 0, sizeof(req1));
+    for (i = 0; i < 16; i++) {
+        idxmap[i] = NULL;
+    }
+
+    req1.n.nlmsg_len   = NLMSG_LENGTH(sizeof(struct rtmsg));
+    req1.n.nlmsg_flags = NLM_F_REQUEST | flags;
+    req1.n.nlmsg_type  = cmd;
+    req1.r.rtm_family  = family;
+    req1.r.rtm_table   = RT_TABLE_MAIN;
+    req1.r.rtm_scope   = RT_SCOPE_NOWHERE;
+
+    if (cmd != RTM_DELROUTE) {
+        req1.r.rtm_protocol = RTPROT_BOOT;
+        req1.r.rtm_scope    = RT_SCOPE_UNIVERSE;
+        req1.r.rtm_type     = RTN_UNICAST;
+    }
+
+    if (family == AF_INET) {
+        HIP_DEBUG("Setting %s as route for %s device with family %d\n",
+                  ip, dev, family);
+    }
+    HIP_IFEL(get_prefix_1(&dst, ip, req1.r.rtm_family), -1, "prefix\n");
+    //if (req.r.rtm_family == AF_UNSPEC)
+    //req.r.rtm_family = dst.family;
+    req1.r.rtm_dst_len = dst.bitlen;
+    dst_ok             = 1;
+    if (dst.bytelen) {
+        addattr_l(&req1.n, sizeof(req1), RTA_DST, &dst.data,
+                  dst.bytelen);
+    }
+
+    ll_init_map(rth, idxmap);
+
+    HIP_IFEL(((idx = ll_name_to_index(dev, idxmap)) == 0), -1,
+             "ll_name_to_index failed\n");
+
+    addattr32(&req1.n, sizeof(req1), RTA_OIF, idx);
+
+    HIP_IFEL((netlink_talk(rth, &req1.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+             "netlink_talk failed\n");
+
+out_err:
+    for (i = 0; i < 16; i++) {
+        if (idxmap[i]) {
+            HIP_FREE(idxmap[i]);
         }
-
-       if (family== AF_INET) HIP_DEBUG("Setting %s as route for %s device with 
family %d\n",ip, dev, family);
-        HIP_IFEL(get_prefix_1(&dst, ip, req1.r.rtm_family), -1, "prefix\n");
-        //if (req.r.rtm_family == AF_UNSPEC)
-                //req.r.rtm_family = dst.family;
-        req1.r.rtm_dst_len = dst.bitlen;
-        dst_ok = 1;
-        if (dst.bytelen)
-               addattr_l(&req1.n, sizeof(req1), RTA_DST, &dst.data,
-                         dst.bytelen);
-
-       ll_init_map(rth, idxmap);
-
-       HIP_IFEL(((idx = ll_name_to_index(dev, idxmap)) == 0), -1,
-               "ll_name_to_index failed\n");
-
-       addattr32(&req1.n, sizeof(req1), RTA_OIF, idx);
-
-       HIP_IFEL((netlink_talk(rth, &req1.n, 0, 0, NULL, NULL, NULL) < 0), -1,
-               "netlink_talk failed\n");
-
- out_err:
-       for (i = 0; i < 16; i++)
-         if (idxmap[i])
-           HIP_FREE(idxmap[i]);
-
-        return 0;
+    }
+
+    return 0;
 }
 
-static int parse_rtattr(struct rtattr *tb[], int max, struct rtattr *rta, int 
len)
+static int parse_rtattr(struct rtattr *tb[],
+                        int max,
+                        struct rtattr *rta,
+                        int len)
 {
-       memset(tb, 0, sizeof(struct rtattr *) * (max + 1));
-
-       while (RTA_OK(rta, len)) {
-               if (rta->rta_type <= max) {
-                       tb[rta->rta_type] = rta;
-               }
-               rta = RTA_NEXT(rta,len);
-       }
-
-       if (len) {
-               HIP_ERROR("Deficit len %d, rta_len=%d\n", len, rta->rta_len);
-       }
-
-       return 0;
+    memset(tb, 0, sizeof(struct rtattr *) * (max + 1));
+
+    while (RTA_OK(rta, len)) {
+        if (rta->rta_type <= max) {
+            tb[rta->rta_type] = rta;
+        }
+        rta = RTA_NEXT(rta, len);
+    }
+
+    if (len) {
+        HIP_ERROR("Deficit len %d, rta_len=%d\n", len, rta->rta_len);
+    }
+
+    return 0;
 }
 
 static int hip_parse_src_addr(struct nlmsghdr *n, struct in6_addr *src_addr)
 {
-       struct rtmsg *r = NLMSG_DATA(n);
-       struct rtattr *tb[RTA_MAX+1];
-       union {
-               struct in_addr *in;
-               struct in6_addr *in6;
-       } addr;
-       int entry;
-
-       /* see print_route() in ip/iproute.c */
-       parse_rtattr(tb, RTA_MAX, RTM_RTA(r), n->nlmsg_len);
-       _HIP_DEBUG("sizeof(struct nlmsghdr) =%d\n",sizeof(struct nlmsghdr));
-       _HIP_DEBUG("sizeof(struct rtmsg) =%d\n",sizeof(struct rtmsg));
-       _HIP_DEBUG("sizeof  n->nlmsg_len =%d\n",  n->nlmsg_len );
-       _HIP_HEXDUMP("nlmsghdr : ", n,sizeof(struct nlmsghdr));
-       _HIP_HEXDUMP("rtmsg : ", r, sizeof(struct rtmsg));
-       _HIP_HEXDUMP("nlmsg : ", n, n->nlmsg_len);
-       _HIP_HEXDUMP("tb[RTA_SRC] : ", &tb[RTA_SRC],sizeof(struct rtattr));
-       //entry = (tb[RTA_SRC] ? RTA_SRC : RTA_PREFSRC);
-       addr.in6 = (struct in6_addr *) RTA_DATA(tb[2]);
-       entry = 7;
-       addr.in6 = (struct in6_addr *) RTA_DATA(tb[entry]);
-
-       if (r->rtm_family == AF_INET) {
-               IPV4_TO_IPV6_MAP(addr.in, src_addr);
-       } else {
-               memcpy(src_addr, addr.in6, sizeof(struct in6_addr));
-       }
-
-       return 0;
+    struct rtmsg *r = NLMSG_DATA(n);
+    struct rtattr *tb[RTA_MAX + 1];
+    union {
+        struct in_addr * in;
+        struct in6_addr *in6;
+    } addr;
+    int entry;
+
+    /* see print_route() in ip/iproute.c */
+    parse_rtattr(tb, RTA_MAX, RTM_RTA(r), n->nlmsg_len);
+    _HIP_DEBUG("sizeof(struct nlmsghdr) =%d\n", sizeof(struct nlmsghdr));
+    _HIP_DEBUG("sizeof(struct rtmsg) =%d\n", sizeof(struct rtmsg));
+    _HIP_DEBUG("sizeof  n->nlmsg_len =%d\n",  n->nlmsg_len );
+    _HIP_HEXDUMP("nlmsghdr : ", n, sizeof(struct nlmsghdr));
+    _HIP_HEXDUMP("rtmsg : ", r, sizeof(struct rtmsg));
+    _HIP_HEXDUMP("nlmsg : ", n, n->nlmsg_len);
+    _HIP_HEXDUMP("tb[RTA_SRC] : ", &tb[RTA_SRC], sizeof(struct rtattr));
+    //entry = (tb[RTA_SRC] ? RTA_SRC : RTA_PREFSRC);
+    addr.in6 = (struct in6_addr *) RTA_DATA(tb[2]);
+    entry    = 7;
+    addr.in6 = (struct in6_addr *) RTA_DATA(tb[entry]);
+
+    if (r->rtm_family == AF_INET) {
+        IPV4_TO_IPV6_MAP(addr.in, src_addr);
+    } else {
+        memcpy(src_addr, addr.in6, sizeof(struct in6_addr));
+    }
+
+    return 0;
 }
 
 static int get_prefix(inet_prefix *dst, char *arg, int family)
 {
-        if (family == AF_PACKET) {
-                HIP_ERROR("Error: \"%s\" may be inet prefix, but it is not 
allowed in this context.\n", arg);
-                return -1;
-        }
-        if (get_prefix_1(dst, arg, family)) {
-                HIP_ERROR("Error: an inet prefix is expected rather than 
\"%s\".\n", arg);
-                return -1;
-        }
-        return 0;
+    if (family == AF_PACKET) {
+        HIP_ERROR("Error: \"%s\" may be inet prefix, but it is not allowed in 
this context.\n", arg);
+        return -1;
+    }
+    if (get_prefix_1(dst, arg, family)) {
+        HIP_ERROR("Error: an inet prefix is expected rather than \"%s\".\n",
+                  arg);
+        return -1;
+    }
+    return 0;
 }
 
 static int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n, pid_t peer,
-              unsigned groups, struct nlmsghdr *answer,
-              rtnl_filter_t junk,
-              void *jarg)
+                     unsigned groups, struct nlmsghdr *answer,
+                     rtnl_filter_t junk,
+                     void *jarg)
 {
-        int status;
-        unsigned seq;
-        struct nlmsghdr *h;
-        struct sockaddr_nl nladdr;
-        struct iovec iov = {
-                .iov_base = (void*) n,
-                .iov_len = n->nlmsg_len
-        };
-        struct msghdr msg = {
-                .msg_name = &nladdr,
-                .msg_namelen = sizeof(nladdr),
-                .msg_iov = &iov,
-                .msg_iovlen = 1,
-        };
-        char   buf[16384];
-
-        memset(&nladdr, 0, sizeof(nladdr));
-        nladdr.nl_family = AF_NETLINK;
-        nladdr.nl_pid = peer;
-        nladdr.nl_groups = groups;
-
-        n->nlmsg_seq = seq = ++rtnl->seq;
-
-        if (answer == NULL)
-                n->nlmsg_flags |= NLM_F_ACK;
-
-        status = sendmsg(rtnl->fd, &msg, 0);
-       _HIP_HEXDUMP("Msg sent : ", &msg, sizeof(struct nlmsghdr));
+    int status;
+    unsigned seq;
+    struct nlmsghdr *h;
+    struct sockaddr_nl nladdr;
+    struct iovec iov  = {
+        .iov_base = (void *) n,
+        .iov_len  = n->nlmsg_len
+    };
+    struct msghdr msg = {
+        .msg_name    = &nladdr,
+        .msg_namelen = sizeof(nladdr),
+        .msg_iov     = &iov,
+        .msg_iovlen  = 1,
+    };
+    char buf[16384];
+
+    memset(&nladdr, 0, sizeof(nladdr));
+    nladdr.nl_family = AF_NETLINK;
+    nladdr.nl_pid    = peer;
+    nladdr.nl_groups = groups;
+
+    n->nlmsg_seq     = seq = ++rtnl->seq;
+
+    if (answer == NULL) {
+        n->nlmsg_flags |= NLM_F_ACK;
+    }
+
+    status = sendmsg(rtnl->fd, &msg, 0);
+    _HIP_HEXDUMP("Msg sent : ", &msg, sizeof(struct nlmsghdr));
+    if (status < 0) {
+        HIP_PERROR("Cannot talk to rtnetlink");
+        return -1;
+    }
+
+    memset(buf, 0, sizeof(buf));
+
+    iov.iov_base = buf;
+
+    while (1) {
+        iov.iov_len = sizeof(buf);
+        status      = recvmsg(rtnl->fd, &msg, 0);
+
         if (status < 0) {
-                HIP_PERROR("Cannot talk to rtnetlink");
+            if (errno == EINTR) {
+                continue;
+            }
+            HIP_PERROR("OVERRUN");
+            continue;
+        }
+        if (status == 0) {
+            HIP_ERROR("EOF on netlink\n");
+            return -1;
+        }
+        if (msg.msg_namelen != sizeof(nladdr)) {
+            HIP_ERROR("sender address length == %d\n", msg.msg_namelen);
+            return -1;
+        }
+        for (h = (struct nlmsghdr *) buf; status >= sizeof(*h); ) {
+            int err;
+            int len = h->nlmsg_len;
+            int l   = len - sizeof(*h);
+
+            if (l < 0 || len > status) {
+                if (msg.msg_flags & MSG_TRUNC) {
+                    HIP_ERROR("Truncated message\n");
+                    return -1;
+                }
+                HIP_ERROR("malformed message: len=%d\n", len);
                 return -1;
-        }
-
-        memset(buf,0,sizeof(buf));
-
-        iov.iov_base = buf;
-
-        while (1) {
-                iov.iov_len = sizeof(buf);
-                status = recvmsg(rtnl->fd, &msg, 0);
-
-                if (status < 0) {
-                        if (errno == EINTR)
-                                continue;
-                        HIP_PERROR("OVERRUN");
-                        continue;
-                }
-                if (status == 0) {
-                        HIP_ERROR("EOF on netlink\n");
-                        return -1;
-                }
-                if (msg.msg_namelen != sizeof(nladdr)) {
-                        HIP_ERROR("sender address length == %d\n", 
msg.msg_namelen);
-                        return -1;
-                }
-                for (h = (struct nlmsghdr*)buf; status >= sizeof(*h); ) {
-                        int err;
-                        int len = h->nlmsg_len;
-                        int l = len - sizeof(*h);
-
-                        if (l<0 || len>status) {
-                                if (msg.msg_flags & MSG_TRUNC) {
-                                        HIP_ERROR("Truncated message\n");
-                                        return -1;
-                                }
-                                HIP_ERROR("malformed message: len=%d\n", len);
-                                return -1;
-                        }
-
-                        if (nladdr.nl_pid != peer ||
-                            h->nlmsg_pid != rtnl->local.nl_pid ||
-                            h->nlmsg_seq != seq) {
-                                if (junk) {
-                                        err = junk(&nladdr, h, jarg);
-                                        if (err < 0)
-                                                return err;
-                                }
-                               /* Don't forget to skip that message. */
-                                status -= NLMSG_ALIGN(len);
-                               h = (struct nlmsghdr*)((char*)h + 
NLMSG_ALIGN(len));
-
-                                continue;
-                        }
-
-                        if (h->nlmsg_type == NLMSG_ERROR) {
-                                struct nlmsgerr *err = (struct 
nlmsgerr*)NLMSG_DATA(h);
-                                if (l < sizeof(struct nlmsgerr)) {
-                                        HIP_ERROR("ERROR truncated\n");
-                                } else {
-                                        errno = -err->error;
-                                        if (errno == 0) {
-                                                if (answer)
-                                                        memcpy(answer, h, 
h->nlmsg_len);
-                                                return 0;
-                                        }
-                                        HIP_PERROR("RTNETLINK answers");
-                                }
-                                return -1;
-                        }
+            }
+
+            if (nladdr.nl_pid != peer ||
+                h->nlmsg_pid != rtnl->local.nl_pid ||
+                h->nlmsg_seq != seq) {
+                if (junk) {
+                    err = junk(&nladdr, h, jarg);
+                    if (err < 0) {
+                        return err;
+                    }
+                }
+                /* Don't forget to skip that message. */
+                status -= NLMSG_ALIGN(len);
+                h       = (struct nlmsghdr *) ((char *) h + NLMSG_ALIGN(len));
+
+                continue;
+            }
+
+            if (h->nlmsg_type == NLMSG_ERROR) {
+                struct nlmsgerr *err = (struct nlmsgerr *) NLMSG_DATA(h);
+                if (l < sizeof(struct nlmsgerr)) {
+                    HIP_ERROR("ERROR truncated\n");
+                } else {
+                    errno = -err->error;
+                    if (errno == 0) {
                         if (answer) {
-                                memcpy(answer, h, h->nlmsg_len);
-                               _HIP_HEXDUMP("Answer : ", h,h->nlmsg_len);
-                                return 0;
+                            memcpy(answer, h, h->nlmsg_len);
                         }
-
-                        HIP_ERROR("Unexpected reply!!!\n");
-
-                        status -= NLMSG_ALIGN(len);
-                        h = (struct nlmsghdr*)((char*)h + NLMSG_ALIGN(len));
-                }
-                if (msg.msg_flags & MSG_TRUNC) {
-                        HIP_ERROR("Message truncated\n");
-                        continue;
-                }
-                if (status) {
-                        HIP_ERROR("Remnant of size %d\n", status);
-                        return -1;
-                }
-        }
+                        return 0;
+                    }
+                    HIP_PERROR("RTNETLINK answers");
+                }
+                return -1;
+            }
+            if (answer) {
+                memcpy(answer, h, h->nlmsg_len);
+                _HIP_HEXDUMP("Answer : ", h, h->nlmsg_len);
+                return 0;
+            }
+
+            HIP_ERROR("Unexpected reply!!!\n");
+
+            status -= NLMSG_ALIGN(len);
+            h       = (struct nlmsghdr *) ((char *) h + NLMSG_ALIGN(len));
+        }
+        if (msg.msg_flags & MSG_TRUNC) {
+            HIP_ERROR("Message truncated\n");
+            continue;
+        }
+        if (status) {
+            HIP_ERROR("Remnant of size %d\n", status);
+            return -1;
+        }
+    }
 }
 
 int hip_iproute_get(struct rtnl_handle *rth, struct in6_addr *src_addr,
-                   const struct in6_addr *dst_addr, char *idev, char *odev,
-                   int family, struct idxmap **idxmap)
+                    const struct in6_addr *dst_addr, char *idev, char *odev,
+                    int family, struct idxmap **idxmap)
 {
-       struct {
-               struct nlmsghdr         n;
-               struct rtmsg            r;
-               char                    buf[1024];
-       } req;
-
-       int err = 0, idx, preferred_family = family;
-       inet_prefix addr;
-       char dst_str[INET6_ADDRSTRLEN];
-       struct in_addr ip4;
-       HIP_ASSERT(dst_addr);
-
-       HIP_DEBUG_IN6ADDR("Getting route for destination address", dst_addr);
-       
-       if(IN6_IS_ADDR_V4MAPPED(dst_addr)) {
-               IPV6_TO_IPV4_MAP(dst_addr, &ip4);
-               preferred_family = AF_INET;
-               HIP_IFEL((!inet_ntop(preferred_family, &ip4, dst_str,
-                             INET6_ADDRSTRLEN)), -1,"inet_pton\n");
-       } else {
-               HIP_IFEL((!inet_ntop(preferred_family, dst_addr, dst_str,
-                                    INET6_ADDRSTRLEN)), -1,
-                        "inet_pton\n");
-       }
-       memset(&req, 0, sizeof(req));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = RTM_GETROUTE;
-       req.r.rtm_family = preferred_family;
-       req.r.rtm_table = 0;
-       req.r.rtm_protocol = 0;
-       req.r.rtm_scope = 0;
-       req.r.rtm_type = 0;
-       req.r.rtm_src_len = 0;
-       req.r.rtm_dst_len = 0;
-       req.r.rtm_tos = 0;
-
-       get_prefix(&addr, dst_str, req.r.rtm_family);
-       
-       if (addr.bytelen)
-               addattr_l(&req.n, sizeof(req), RTA_DST, &addr.data,
-                         addr.bytelen);
-       req.r.rtm_dst_len = addr.bitlen;
-
-       ll_init_map(rth, idxmap);
-
-       if (idev) {
-               HIP_IFEL(((idx = ll_name_to_index(idev, idxmap)) == 0),
-                        -1, "Cannot find device \"%s\"\n", idev);
-               addattr32(&req.n, sizeof(req), RTA_IIF, idx);
-       }
-       if (odev) {
-               HIP_IFEL(((idx = ll_name_to_index(odev, idxmap)) == 0),
-                        -1, "Cannot find device \"%s\"\n", odev);
-               addattr32(&req.n, sizeof(req), RTA_OIF, idx);
-       }
-       HIP_IFE((rtnl_talk(rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0), -1);
-       HIP_IFE(hip_parse_src_addr(&req.n, src_addr), -1);
-
- out_err:
-
-       return err;
+    struct {
+        struct nlmsghdr n;
+        struct rtmsg    r;
+        char            buf[1024];
+    } req;
+
+    int err = 0, idx, preferred_family = family;
+    inet_prefix addr;
+    char dst_str[INET6_ADDRSTRLEN];
+    struct in_addr ip4;
+    HIP_ASSERT(dst_addr);
+
+    HIP_DEBUG_IN6ADDR("Getting route for destination address", dst_addr);
+
+    if (IN6_IS_ADDR_V4MAPPED(dst_addr)) {
+        IPV6_TO_IPV4_MAP(dst_addr, &ip4);
+        preferred_family = AF_INET;
+        HIP_IFEL((!inet_ntop(preferred_family, &ip4, dst_str,
+                             INET6_ADDRSTRLEN)), -1, "inet_pton\n");
+    } else {
+        HIP_IFEL((!inet_ntop(preferred_family, dst_addr, dst_str,
+                             INET6_ADDRSTRLEN)), -1,
+                 "inet_pton\n");
+    }
+    memset(&req, 0, sizeof(req));
+
+    req.n.nlmsg_len    = NLMSG_LENGTH(sizeof(struct rtmsg));
+    req.n.nlmsg_flags  = NLM_F_REQUEST;
+    req.n.nlmsg_type   = RTM_GETROUTE;
+    req.r.rtm_family   = preferred_family;
+    req.r.rtm_table    = 0;
+    req.r.rtm_protocol = 0;
+    req.r.rtm_scope    = 0;
+    req.r.rtm_type     = 0;
+    req.r.rtm_src_len  = 0;
+    req.r.rtm_dst_len  = 0;
+    req.r.rtm_tos      = 0;
+
+    get_prefix(&addr, dst_str, req.r.rtm_family);
+
+    if (addr.bytelen) {
+        addattr_l(&req.n, sizeof(req), RTA_DST, &addr.data,
+                  addr.bytelen);
+    }
+    req.r.rtm_dst_len = addr.bitlen;
+
+    ll_init_map(rth, idxmap);
+
+    if (idev) {
+        HIP_IFEL(((idx = ll_name_to_index(idev, idxmap)) == 0),
+                 -1, "Cannot find device \"%s\"\n", idev);
+        addattr32(&req.n, sizeof(req), RTA_IIF, idx);
+    }
+    if (odev) {
+        HIP_IFEL(((idx = ll_name_to_index(odev, idxmap)) == 0),
+                 -1, "Cannot find device \"%s\"\n", odev);
+        addattr32(&req.n, sizeof(req), RTA_OIF, idx);
+    }
+    HIP_IFE((rtnl_talk(rth, &req.n, 0, 0, &req.n, NULL, NULL) < 0), -1);
+    HIP_IFE(hip_parse_src_addr(&req.n, src_addr), -1);
+
+out_err:
+
+    return err;
 }
 
-static int convert_ipv6_slash_to_ipv4_slash(char *ip, struct in_addr *ip4){
-       struct in6_addr ip6_aux;
-       char *slash = strchr(ip, '/');
-       char *aux_slash = NULL;
-       int err;
-
-       if (slash){
-               HIP_IFEL(!(aux_slash = HIP_MALLOC(sizeof(slash), 0)), -1, 
"alloc\n");
-               strcpy(aux_slash, slash);
-               *slash = 0;
-       }
-
-       inet_pton(AF_INET6, ip, &ip6_aux);
-
-       if ( (err = IN6_IS_ADDR_V4MAPPED(&ip6_aux)) ) {
-               IPV6_TO_IPV4_MAP(&ip6_aux, ip4);
-               _HIP_DEBUG("ip4 value is %s\n", inet_ntoa(*ip4));
-       }
-       *slash = *aux_slash;
-
- out_err:
-       if (aux_slash)  
-               HIP_FREE(aux_slash);      
-       return err;
+static int convert_ipv6_slash_to_ipv4_slash(char *ip, struct in_addr *ip4)
+{
+    struct in6_addr ip6_aux;
+    char *slash     = strchr(ip, '/');
+    char *aux_slash = NULL;
+    int err;
+
+    if (slash) {
+        HIP_IFEL(!(aux_slash = HIP_MALLOC(sizeof(slash), 0)), -1, "alloc\n");
+        strcpy(aux_slash, slash);
+        *slash = 0;
+    }
+
+    inet_pton(AF_INET6, ip, &ip6_aux);
+
+    if ((err = IN6_IS_ADDR_V4MAPPED(&ip6_aux))) {
+        IPV6_TO_IPV4_MAP(&ip6_aux, ip4);
+        _HIP_DEBUG("ip4 value is %s\n", inet_ntoa(*ip4));
+    }
+    *slash = *aux_slash;
+
+out_err:
+    if (aux_slash) {
+        HIP_FREE(aux_slash);
+    }
+    return err;
 }
 
 int hip_ipaddr_modify(struct rtnl_handle *rth, int cmd, int family, char *ip,
-                     char *dev, struct idxmap **idxmap)
+                      char *dev, struct idxmap **idxmap)
 {
-       struct {
-               struct nlmsghdr         n;
-               struct ifaddrmsg        ifa;
-               char                    buf[256];
-       } req;
-
-       inet_prefix lcl;
-       int local_len = 0, err = 0, size_dev;
-       struct in_addr ip4 = { 0 };
-       int ip_is_v4 = 0;
-       char label[4];
-       char *res = NULL;
-
-        memset(&req, 0, sizeof(req));
-       if(convert_ipv6_slash_to_ipv4_slash(ip, &ip4)){
-               family = AF_INET;               
-               ip_is_v4 = 1;
-               lsi_total++;            
-               ip = strcat(inet_ntoa(ip4), HIP_LSI_FULL_PREFIX_STR);
-               sprintf(label, ":%d", lsi_total);
-               HIP_DEBUG("Label %s:%d\n", ip, lsi_total);
-       }
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg)); 
-       req.n.nlmsg_type = cmd;
-        req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.ifa.ifa_family = family;
-
-       get_prefix_1(&lcl, ip, req.ifa.ifa_family);
-       addattr_l(&req.n, sizeof(req), IFA_LOCAL, &lcl.data, lcl.bytelen);
-       
-        if(ip_is_v4 && lsi_total > 0){
-               size_dev = sizeof(dev)+sizeof(label);
-               res = (char *)malloc(size_dev+1);
-               memset(res,'\0',size_dev+1);
-               strcat(res, dev);
-               strcat(res, label);
-               _HIP_DEBUG("Name device inserted %s\n", res);
-               addattr_l(&req.n, sizeof(req), IFA_LABEL, res, strlen(dev) + 
strlen(label)+1);          
-       }       
-
-        local_len = lcl.bytelen;
-
-       if (req.ifa.ifa_prefixlen == 0)
-                req.ifa.ifa_prefixlen = lcl.bitlen;
-
-        HIP_IFEL(((req.ifa.ifa_index = ll_name_to_index(dev, idxmap)) == 0),
-                -1, "ll_name_to_index failed\n");
-
-       HIP_DEBUG("IFA INDEX IS %d\n",req.ifa.ifa_index);
-
-       int aux = netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL);// adds to 
the device dummy0
-       HIP_DEBUG("value exit function netlink_talk %i\n", aux);
-        HIP_IFEL((aux < 0), -1,
-                "netlink talk failed\n");
-
- out_err:
-       if (res)
-               HIP_FREE(res);
-       return 0;
+    struct {
+        struct nlmsghdr  n;
+        struct ifaddrmsg ifa;
+        char             buf[256];
+    } req;
+
+    inet_prefix lcl;
+    int local_len      = 0, err = 0, size_dev;
+    struct in_addr ip4 = { 0 };
+    int ip_is_v4       = 0;
+    char label[4];
+    char *res          = NULL;
+
+    memset(&req, 0, sizeof(req));
+    if (convert_ipv6_slash_to_ipv4_slash(ip, &ip4)) {
+        family   = AF_INET;
+        ip_is_v4 = 1;
+        lsi_total++;
+        ip       = strcat(inet_ntoa(ip4), HIP_LSI_FULL_PREFIX_STR);
+        sprintf(label, ":%d", lsi_total);
+        HIP_DEBUG("Label %s:%d\n", ip, lsi_total);
+    }
+
+    req.n.nlmsg_len    = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
+    req.n.nlmsg_type   = cmd;
+    req.n.nlmsg_flags  = NLM_F_REQUEST;
+    req.ifa.ifa_family = family;
+
+    get_prefix_1(&lcl, ip, req.ifa.ifa_family);
+    addattr_l(&req.n, sizeof(req), IFA_LOCAL, &lcl.data, lcl.bytelen);
+
+    if (ip_is_v4 && lsi_total > 0) {
+        size_dev = sizeof(dev) + sizeof(label);
+        res      = (char *) malloc(size_dev + 1);
+        memset(res, '\0', size_dev + 1);
+        strcat(res, dev);
+        strcat(res, label);
+        _HIP_DEBUG("Name device inserted %s\n", res);
+        addattr_l(&req.n, sizeof(req), IFA_LABEL, res,
+                  strlen(dev) + strlen(label) + 1);
+    }
+
+    local_len = lcl.bytelen;
+
+    if (req.ifa.ifa_prefixlen == 0) {
+        req.ifa.ifa_prefixlen = lcl.bitlen;
+    }
+
+    HIP_IFEL(((req.ifa.ifa_index = ll_name_to_index(dev, idxmap)) == 0),
+             -1, "ll_name_to_index failed\n");
+
+    HIP_DEBUG("IFA INDEX IS %d\n", req.ifa.ifa_index);
+
+    // adds to the device dummy0
+    int aux = netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL);
+    HIP_DEBUG("value exit function netlink_talk %i\n", aux);
+    HIP_IFEL((aux < 0), -1,
+             "netlink talk failed\n");
+
+out_err:
+    if (res) {
+        HIP_FREE(res);
+    }
+    return 0;
 }
 
 /**
@@ -1073,85 +1112,89 @@
 
 static int get_ctl_fd(void)
 {
-        int s_errno;
-        int fd;
+    int s_errno;
+    int fd;
 
-        fd = socket(PF_INET, SOCK_DGRAM, 0);
-        if (fd >= 0)
-                return fd;
-        s_errno = errno;
-        fd = socket(PF_PACKET, SOCK_DGRAM, 0);
-        if (fd >= 0)
-                return fd;
-        fd = socket(PF_INET6, SOCK_DGRAM, 0);
-        if (fd >= 0)
-                return fd;
-        errno = s_errno;
-        HIP_PERROR("Cannot create control socket");
-        return -1;
+    fd      = socket(PF_INET, SOCK_DGRAM, 0);
+    if (fd >= 0) {
+        return fd;
+    }
+    s_errno = errno;
+    fd      = socket(PF_PACKET, SOCK_DGRAM, 0);
+    if (fd >= 0) {
+        return fd;
+    }
+    fd      = socket(PF_INET6, SOCK_DGRAM, 0);
+    if (fd >= 0) {
+        return fd;
+    }
+    errno   = s_errno;
+    HIP_PERROR("Cannot create control socket");
+    return -1;
 }
 
-
 static int do_chflags(const char *dev, __u32 flags, __u32 mask)
 {
-        struct ifreq ifr;
-        int fd;
-        int err;
-
-        strncpy(ifr.ifr_name, dev, IFNAMSIZ);
-        fd = get_ctl_fd();
-        if (fd < 0)
-                return -1;
-
-        err = ioctl(fd, SIOCGIFFLAGS, &ifr);// get interface dummy0 flags
+    struct ifreq ifr;
+    int fd;
+    int err;
+
+    strncpy(ifr.ifr_name, dev, IFNAMSIZ);
+    fd  = get_ctl_fd();
+    if (fd < 0) {
+        return -1;
+    }
+
+    err = ioctl(fd, SIOCGIFFLAGS, &ifr);    // get interface dummy0 flags
+    if (err) {
+        HIP_PERROR("SIOCGIFFLAGS");
+        close(fd);
+        return -1;
+    }
+
+    if ((ifr.ifr_flags ^ flags) & mask) {
+        ifr.ifr_flags &= ~mask;
+        ifr.ifr_flags |= mask & flags;
+        err            = ioctl(fd, SIOCSIFFLAGS, &ifr);
         if (err) {
-                HIP_PERROR("SIOCGIFFLAGS");
-                close(fd);
-                return -1;
-        }
-
-        if ((ifr.ifr_flags^flags)&mask) {
-                ifr.ifr_flags &= ~mask;
-                ifr.ifr_flags |= mask&flags;
-                err = ioctl(fd, SIOCSIFFLAGS, &ifr);
-                if (err)
-                        HIP_PERROR("SIOCSIFFLAGS");
-        }
-
-        close(fd);
-        return err;
+            HIP_PERROR("SIOCSIFFLAGS");
+        }
+    }
+
+    close(fd);
+    return err;
 }
 
-
 int set_up_device(char *dev, int up)
 {
-       int err = -1, total_add;
-       __u32 mask = 0;
-       __u32 flags = 0;
-       char label[4];
-       char *res = NULL;
-       int size_dev;
-
-       if(up == 1){
-               mask |= IFF_UP;
-               flags |= IFF_UP;
-       } else {
-               mask |= IFF_UP;
-               flags &= ~IFF_UP;
-               for( total_add = lsi_total; total_add >0; total_add--){
-                       sprintf(label, ":%d", total_add);
-                       size_dev = sizeof(dev)+sizeof(label);
-                       res = (char *)malloc(size_dev+1);
-                       memset(res,'\0',size_dev+1);
-                       strcat(strcat(res, dev), label);
-                       err = do_chflags(res, flags, mask);
-                       if (res)
-                               HIP_FREE(res);
-               }
-       }
-       err = do_chflags(dev, flags, mask);
-       
-       return err;
+    int err     = -1, total_add;
+    __u32 mask  = 0;
+    __u32 flags = 0;
+    char label[4];
+    char *res   = NULL;
+    int size_dev;
+
+    if (up == 1) {
+        mask  |= IFF_UP;
+        flags |= IFF_UP;
+    } else {
+        mask  |= IFF_UP;
+        flags &= ~IFF_UP;
+        for (total_add = lsi_total; total_add > 0; total_add--) {
+            sprintf(label, ":%d", total_add);
+            size_dev = sizeof(dev) + sizeof(label);
+            res      = (char *) malloc(size_dev + 1);
+            memset(res, '\0', size_dev + 1);
+            strcat(strcat(res, dev), label);
+            err      = do_chflags(res, flags, mask);
+            if (res) {
+                HIP_FREE(res);
+            }
+        }
+    }
+    err = do_chflags(dev, flags, mask);
+
+    return err;
 }
 
 /**
@@ -1165,36 +1208,41 @@
  */
 
 int xfrm_selector_upspec(struct xfrm_selector *sel,
-                               uint32_t src_port, uint32_t dst_port)
-{
-       sel->sport = htons(src_port);
-        if (sel->sport)
-               sel->sport_mask = ~((__u16)0);
-
-       sel->dport = htons(dst_port);
-        if (sel->dport)
-               sel->dport_mask = ~((__u16)0);
-
-       return 0;
-
-
-}
-int xfrm_fill_encap(struct xfrm_encap_tmpl *encap, int sport, int dport, const 
struct in6_addr *oa)
-{
-       encap->encap_type = HIP_UDP_ENCAP_ESPINUDP;
-       encap->encap_sport = htons(sport);
-       encap->encap_dport = htons(dport);
-       encap->encap_oa.a4 = oa->s6_addr32[3];
-       //memcpy(&encap->encap_oa, oa, sizeof(encap->encap_oa));
-       //memcpy(&encap->encap_oa, oa, sizeof(struct in_addr));
-       return 0;
-}
+                         uint32_t src_port, uint32_t dst_port)
+{
+    sel->sport = htons(src_port);
+    if (sel->sport) {
+        sel->sport_mask = ~((__u16) 0);
+    }
+
+    sel->dport = htons(dst_port);
+    if (sel->dport) {
+        sel->dport_mask = ~((__u16) 0);
+    }
+
+    return 0;
+}
+
+int xfrm_fill_encap(struct xfrm_encap_tmpl *encap,
+                    int sport,
+                    int dport,
+                    const struct in6_addr *oa)
+{
+    encap->encap_type  = HIP_UDP_ENCAP_ESPINUDP;
+    encap->encap_sport = htons(sport);
+    encap->encap_dport = htons(dport);
+    encap->encap_oa.a4 = oa->s6_addr32[3];
+    //memcpy(&encap->encap_oa, oa, sizeof(encap->encap_oa));
+    //memcpy(&encap->encap_oa, oa, sizeof(struct in_addr));
+    return 0;
+}
+
 /**
  * xfrm_fill_selector - fill in the selector.
  * Selector is bound to HITs
  * @param sel pointer to xfrm_selector to be filled in
  * @param hit_our Source HIT or LSI, if the last is defined
- * @param hit_peer Peer HIT or LSI, if the last is defined 
+ * @param hit_peer Peer HIT or LSI, if the last is defined
  * @param proto ?
  * @param id_prefix Length of the identifier's prefix
  * @param src_port ?
@@ -1206,39 +1254,37 @@
 
 
 int xfrm_fill_selector(struct xfrm_selector *sel,
-                      const struct in6_addr *id_our,
-                      const struct in6_addr *id_peer,
-                      __u8 proto, u8 id_prefix,
-                      uint32_t src_port, uint32_t dst_port,
-                      int preferred_family)
+                       const struct in6_addr *id_our,
+                       const struct in6_addr *id_peer,
+                       __u8 proto, u8 id_prefix,
+                       uint32_t src_port, uint32_t dst_port,
+                       int preferred_family)
 {
-
-       struct in_addr in_id_our, in_id_peer;
-
-       if (IN6_IS_ADDR_V4MAPPED(id_our)){
-               sel->family = AF_INET;
-               IPV6_TO_IPV4_MAP(id_our, &in_id_our);
-               IPV6_TO_IPV4_MAP(id_peer, &in_id_peer);
-               memcpy(&sel->daddr, &in_id_our, sizeof(sel->daddr));
-               memcpy(&sel->saddr, &in_id_peer, sizeof(sel->saddr));
-       }
-       else{
-               sel->family = preferred_family;
-               memcpy(&sel->daddr, id_peer, sizeof(sel->daddr));
-               memcpy(&sel->saddr, id_our, sizeof(sel->saddr));
-       }
-
-       if (proto) {
-               HIP_DEBUG("proto = %d\n", proto);
-               sel->proto = proto;
-       }
-
-       sel->prefixlen_d = id_prefix;
-       sel->prefixlen_s = id_prefix;
-
-       //xfrm_selector_upspec(sel, src_port, dst_port);
-
-       return 0;
+    struct in_addr in_id_our, in_id_peer;
+
+    if (IN6_IS_ADDR_V4MAPPED(id_our)) {
+        sel->family = AF_INET;
+        IPV6_TO_IPV4_MAP(id_our, &in_id_our);
+        IPV6_TO_IPV4_MAP(id_peer, &in_id_peer);
+        memcpy(&sel->daddr, &in_id_our, sizeof(sel->daddr));
+        memcpy(&sel->saddr, &in_id_peer, sizeof(sel->saddr));
+    } else {
+        sel->family = preferred_family;
+        memcpy(&sel->daddr, id_peer, sizeof(sel->daddr));
+        memcpy(&sel->saddr, id_our, sizeof(sel->saddr));
+    }
+
+    if (proto) {
+        HIP_DEBUG("proto = %d\n", proto);
+        sel->proto = proto;
+    }
+
+    sel->prefixlen_d = id_prefix;
+    sel->prefixlen_s = id_prefix;
+
+    //xfrm_selector_upspec(sel, src_port, dst_port);
+
+    return 0;
 }
 
 /** xfrm_init_lft - Initializes the lft
@@ -1246,389 +1292,407 @@
  *
  * @return 0
  */
-int xfrm_init_lft(struct xfrm_lifetime_cfg *lft) {
-
-       lft->soft_byte_limit = XFRM_INF;
-       lft->hard_byte_limit = XFRM_INF;
-       lft->soft_packet_limit = XFRM_INF;
-       lft->hard_packet_limit = XFRM_INF;
-
-       return 0;
+int xfrm_init_lft(struct xfrm_lifetime_cfg *lft)
+{
+    lft->soft_byte_limit   = XFRM_INF;
+    lft->hard_byte_limit   = XFRM_INF;
+    lft->soft_packet_limit = XFRM_INF;
+    lft->hard_packet_limit = XFRM_INF;
+
+    return 0;
 }
 
 int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
-                   char *name, const unsigned char *key, int key_len, int max)
+                    char *name, const unsigned char *key, int key_len, int max)
 {
-       int len = 0;
-       int slen = key_len;
-
-       strncpy(alg->alg_name, name, sizeof(alg->alg_name));
-
-       len = slen;
-       if (len > 0) {
-               if (len > max) {
-                       HIP_ERROR("\"ALGOKEY\" makes buffer overflow\n", key);
-                       return -1;
-               }
-               memcpy(alg->alg_key, key, key_len * 8);
-       }
-
-       alg->alg_key_len = len * 8;
-
-       return 0;
+    int len  = 0;
+    int slen = key_len;
+
+    strncpy(alg->alg_name, name, sizeof(alg->alg_name));
+
+    len = slen;
+    if (len > 0) {
+        if (len > max) {
+            HIP_ERROR("\"ALGOKEY\" makes buffer overflow\n", key);
+            return -1;
+        }
+        memcpy(alg->alg_key, key, key_len * 8);
+    }
+
+    alg->alg_key_len = len * 8;
+
+    return 0;
 }
 
 void rtnl_tab_initialize(char *file, char **tab, int size)
 {
-       char buf[512];
-       FILE *fp;
-
-       fp = fopen(file, "r");
-       if (!fp) return;
-
-       while (fgets(buf, sizeof(buf), fp))
-       {
-               char *p = buf;
-               int id;
-               char namebuf[512];
-
-               while (*p == ' ' || *p == '\t') p++;
-               
-               if (*p == '#' || *p == '\n' || *p == 0) continue;
-
-               if (sscanf(p, "0x%x %s\n", &id, namebuf) != 2 &&
-                   sscanf(p, "0x%x %s #", &id, namebuf) != 2 &&
-                   sscanf(p, "%d %s\n", &id, namebuf) != 2 &&
-                   sscanf(p, "%d %s #", &id, namebuf) != 2)
-               {
-                               HIP_ERROR("Database %s is corrupted at %s\n", 
file, p);
-                               return;
-               }
-
-               if (id < 0 || id > size) continue;
-
-               tab[id] = strdup(namebuf);
-       }
-       
-       fclose(fp);
+    char buf[512];
+    FILE *fp;
+
+    fp = fopen(file, "r");
+    if (!fp) {
+        return;
+    }
+
+    while (fgets(buf, sizeof(buf), fp)) {
+        char *p = buf;
+        int id;
+        char namebuf[512];
+
+        while (*p == ' ' || *p == '\t') {
+            p++;
+        }
+
+        if (*p == '#' || *p == '\n' || *p == 0) {
+            continue;
+        }
+
+        if (sscanf(p, "0x%x %s\n", &id, namebuf) != 2 &&
+            sscanf(p, "0x%x %s #", &id, namebuf) != 2 &&
+            sscanf(p, "%d %s\n", &id, namebuf) != 2 &&
+            sscanf(p, "%d %s #", &id, namebuf) != 2) {
+            HIP_ERROR("Database %s is corrupted at %s\n", file, p);
+            return;
+        }
+
+        if (id < 0 || id > size) {
+            continue;
+        }
+
+        tab[id] = strdup(namebuf);
+    }
+
+    fclose(fp);
 }
 
 int ll_remember_index(const struct sockaddr_nl *who,
                       struct nlmsghdr *n, void **arg)
 {
-        int h;
-        struct ifinfomsg *ifi = NLMSG_DATA(n);
-        struct idxmap *im = NULL, **imp;
-       struct idxmap **idxmap = (struct idxmap **) arg;
-        struct rtattr *tb[IFLA_MAX+1];
-
-        if (n->nlmsg_type != RTM_NEWLINK)
-                return 0;
-
-        if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi)))
-                return -1;
-
-
-        memset(tb, 0, sizeof(tb));
-        parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), IFLA_PAYLOAD(n));
-        if (tb[IFLA_IFNAME] == NULL)
-                return 0;
-
-        h = ifi->ifi_index&0xF;
-
-        for (imp=&idxmap[h]; (im=*imp)!=NULL; imp = &im->next)
-               if (im->index == ifi->ifi_index)
-                        break;
-
-        /* the malloc leaks memory */
+    int h;
+    struct ifinfomsg *ifi  = NLMSG_DATA(n);
+    struct idxmap *im      = NULL, **imp;
+    struct idxmap **idxmap = (struct idxmap **) arg;
+    struct rtattr *tb[IFLA_MAX + 1];
+
+    if (n->nlmsg_type != RTM_NEWLINK) {
+        return 0;
+    }
+
+    if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi))) {
+        return -1;
+    }
+
+
+    memset(tb, 0, sizeof(tb));
+    parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), IFLA_PAYLOAD(n));
+    if (tb[IFLA_IFNAME] == NULL) {
+        return 0;
+    }
+
+    h = ifi->ifi_index & 0xF;
+
+    for (imp = &idxmap[h]; (im = *imp) != NULL; imp = &im->next) {
+        if (im->index == ifi->ifi_index) {
+            break;
+        }
+    }
+
+    /* the malloc leaks memory */
+    if (im == NULL) {
+        im        = malloc(sizeof(*im));
         if (im == NULL) {
-                im = malloc(sizeof(*im));
-                if (im == NULL)
-                        return 0;
-                im->next = *imp;
-                im->index = ifi->ifi_index;
-                *imp = im;
-        }
-
-        im->type = ifi->ifi_type;
-        im->flags = ifi->ifi_flags;
-        if (tb[IFLA_ADDRESS]) {
-                int alen;
-                im->alen = alen = RTA_PAYLOAD(tb[IFLA_ADDRESS]);
-                if (alen > sizeof(im->addr))
-                        alen = sizeof(im->addr);
-                memcpy(im->addr, RTA_DATA(tb[IFLA_ADDRESS]), alen);
-        } else {
-                im->alen = 0;
-                memset(im->addr, 0, sizeof(im->addr));
-        }
-        strcpy(im->name, RTA_DATA(tb[IFLA_IFNAME]));
-
-        return 0;
+            return 0;
+        }
+        im->next  = *imp;
+        im->index = ifi->ifi_index;
+        *imp      = im;
+    }
+
+    im->type  = ifi->ifi_type;
+    im->flags = ifi->ifi_flags;
+    if (tb[IFLA_ADDRESS]) {
+        int alen;
+        im->alen = alen = RTA_PAYLOAD(tb[IFLA_ADDRESS]);
+        if (alen > sizeof(im->addr)) {
+            alen = sizeof(im->addr);
+        }
+        memcpy(im->addr, RTA_DATA(tb[IFLA_ADDRESS]), alen);
+    } else {
+        im->alen = 0;
+        memset(im->addr, 0, sizeof(im->addr));
+    }
+    strcpy(im->name, RTA_DATA(tb[IFLA_IFNAME]));
+
+    return 0;
 }
 
 #ifdef CONFIG_HIP_OPPTCP
 
 /**
-* Standard BSD internet checksum routine from nmap
-*/
-unsigned short in_cksum(u16 *ptr,int nbytes){
-       register u32 sum;
-       u16 oddbyte;
-       register u16 answer;
-
-       /*
-        * Our algorithm is simple, using a 32-bit accumulator (sum),
-        * we add sequential 16-bit words to it, and at the end, fold back
-        * all the carry bits from the top 16 bits into the lower 16 bits.
-        */
-
-       sum = 0;
-       while (nbytes > 1){
-               sum += *ptr++;
-               nbytes -= 2;
-       }
-
-       /* mop up an odd byte, if necessary */
-       if (nbytes == 1) {
-               oddbyte = 0;            /* make sure top half is zero */
-               *((u_char *) &oddbyte) = *(u_char *)ptr;   /* one byte only */
-               sum += oddbyte;
-       }
-
-       /*
-        * Add back carry outs from top 16 bits to low 16 bits.
-        */
-
-       sum  = (sum >> 16) + (sum & 0xffff);    /* add high-16 to low-16 */
-       sum += (sum >> 16);                     /* add carry */
-       answer = ~sum;          /* ones-complement, then truncate to 16 bits */
-       return(answer);
+ * Standard BSD internet checksum routine from nmap
+ */
+unsigned short in_cksum(u16 *ptr, int nbytes)
+{
+    register u32 sum;
+    u16 oddbyte;
+    register u16 answer;
+
+    /*
+     * Our algorithm is simple, using a 32-bit accumulator (sum),
+     * we add sequential 16-bit words to it, and at the end, fold back
+     * all the carry bits from the top 16 bits into the lower 16 bits.
+     */
+
+    sum = 0;
+    while (nbytes > 1) {
+        sum    += *ptr++;
+        nbytes -= 2;
+    }
+
+    /* mop up an odd byte, if necessary */
+    if (nbytes == 1) {
+        oddbyte                = 0;     /* make sure top half is zero */
+        *((u_char *) &oddbyte) = *(u_char *) ptr;          /* one byte only */
+        sum                   += oddbyte;
+    }
+
+    /*
+     * Add back carry outs from top 16 bits to low 16 bits.
+     */
+
+    sum    = (sum >> 16) + (sum & 0xffff);      /* add high-16 to low-16 */
+    sum   += (sum >> 16);                       /* add carry */
+    answer = ~sum;              /* ones-complement, then truncate to 16 bits */
+    return answer;
 }
 
-
-
 /**
  * adds the i1 option to a packet if required
  * adds the default HIT after the i1 option (if i1 option should be added)
  * and sends it off with the correct checksum
  */
-void send_tcp_packet(void * hdr, int newSize, int trafficType, int addOption, 
int addHIT){
-       int   sockfd, socketFamily;
-       int   on = 1, i, j;
-       int   hdr_size, newHdr_size, twoHdrsSize;
-       char  *packet;
-       char  *bytes =(char*)hdr;
-       struct sockaddr_in  sock_raw;
-       struct sockaddr_in6 sock6_raw;
-       struct in_addr  dstAddr;
-       struct in6_addr dst6Addr;
-       struct tcphdr *tcphdr;
-       struct tcphdr *newTcphdr;
-       struct ip * iphdr;
-       struct ip * newIphdr;
-       struct ip6_hdr * ip6_hdr;
-       struct ip6_hdr * newIp6_hdr;
-       struct pseudo_hdr  *pseudo;
-       struct pseudo6_hdr *pseudo6;
-       void *pointer;
-       char *HITbytes;
-       struct in6_addr *defaultHit;
-       char newHdr [newSize + 4*addOption + (sizeof(struct in6_addr))*addHIT];
-
-       if(addOption)
-               newSize = newSize + 4;
-       if(addHIT)
-               newSize = newSize + sizeof(struct in6_addr);
-
-       //initializing the raw socket
-       if(trafficType == 4)
-               socketFamily = AF_INET;
-       else if(trafficType == 6)
-               socketFamily = AF_INET6;
-
-       if((sockfd = socket(socketFamily, SOCK_RAW, IPPROTO_RAW)) < 0 ){
-                       HIP_DEBUG("Error creating raw socket\n");
-                       return;
-       }
-       if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL, (char *)&on, sizeof(on)) 
< 0 ){
-               HIP_DEBUG("Error setting an option to raw socket\n"); 
-               return;
-       }
-
-       //initializing the headers and setting socket settings
-       if(trafficType == 4){
-               //get the ip header
-               iphdr = (struct ip *)hdr;
-               //get the tcp header
-               hdr_size = (iphdr->ip_hl * 4);
-               tcphdr = ((struct tcphdr *) (((char *) iphdr) + hdr_size));
-               //socket settings
-               sock_raw.sin_family = AF_INET;
-               sock_raw.sin_port = htons(tcphdr->dest);
-               sock_raw.sin_addr = iphdr->ip_dst;
-       }
-       else if(trafficType == 6){
-               //get the ip header
-               ip6_hdr = (struct ip6_hdr *)hdr;
-               //get the tcp header            
-               hdr_size = (ip6_hdr->ip6_ctlun.ip6_un1.ip6_un1_plen * 4);
-               tcphdr = ((struct tcphdr *) (((char *) ip6_hdr) + hdr_size));
-               //socket settings
-               sock6_raw.sin6_family = AF_INET6;
-               sock6_raw.sin6_port = htons(tcphdr->dest);
-               sock6_raw.sin6_addr = ip6_hdr->ip6_dst;
-       }
-
-       //measuring the size of ip and tcp headers (no options)
-       twoHdrsSize = hdr_size + 4*5;
-
-       //copy the ip header and the tcp header without the options
-       i = 0;
-       while(i < twoHdrsSize){
-               newHdr[i] = bytes[i];
-               i++;
-       }
-
-       //add the i1 option and copy the old options
-       //add the HIT if required, 
-       if(tcphdr->doff == 5){//there are no previous options
-               if(addOption){
-                       newHdr[twoHdrsSize]     = (char)HIP_OPTION_KIND;
-                       newHdr[twoHdrsSize + 1] = '0';
-                       newHdr[twoHdrsSize + 2] = '0';
-                       newHdr[twoHdrsSize + 3] = '0';
-                       if(addHIT){
-                               //get the default hit
-                               hip_get_default_hit(defaultHit);
-                               //copy the hit
-                               HITbytes = (char*)defaultHit;
-                               for(j = 0; j < 16; j++)
-                                       newHdr[twoHdrsSize + 4 + j] = 
HITbytes[j];
-                       }
-               }
-               else{
-                       if(addHIT){
-                               //get the default hit
-                               hip_get_default_hit(defaultHit);
-                               //copy the hit
-                               HITbytes = (char*)defaultHit;
-                               for(j = 0; j < 16; j++)
-                                       newHdr[twoHdrsSize + j] = HITbytes[j];
-                       }
-               }
-       }
-       else{//there are previous options
-               if(addOption){
-                       newHdr[twoHdrsSize]     = (char)HIP_OPTION_KIND;
-                       newHdr[twoHdrsSize + 1] = (char)2;
-                       newHdr[twoHdrsSize + 2] = (char)1;
-                       newHdr[twoHdrsSize + 3] = (char)1;
-
-                       //if the HIT is to be sent, the
-                       //other options are not important
-                       if(addHIT){
-                               //get the default hit
-                               hip_get_default_hit(defaultHit);
-                               //copy the hit
-                               HITbytes = (char*)defaultHit;
-                               for(j = 0; j < 16; j++)
-                                       newHdr[twoHdrsSize + 4 + j] = 
HITbytes[j];
-                       }
-                       else{
-                               i = 0;
-                               while(i < 4*(tcphdr->doff-5)){
-                                       newHdr[i + twoHdrsSize + 4] = bytes[i + 
twoHdrsSize];
-                                       i++;
-                               }
-                       }
-               }
-               else
-               {
-                       //if the HIT is to be sent, the
-                       //other options are not important
-                       if(addHIT){
-                               //get the default hit
-                               hip_get_default_hit(defaultHit);
-                               //copy the hit
-                               HITbytes = (char*)defaultHit;
-                               for(j = 0; j < 16; j++)
-                                       newHdr[twoHdrsSize + j] = HITbytes[j];
-                       }
-                       else{
-                               i = 0;
-                               while(i < 4*(tcphdr->doff-5)){
-                                       newHdr[i + twoHdrsSize] = bytes[i + 
twoHdrsSize];
-                                       i++;
-                               }
-                       }
-               }
-       }
-
-       pointer = &newHdr[0];
-       //get pointers to the new packet
-       if(trafficType == 4){
-               //get the ip header
-               newIphdr = (struct ip *)pointer;
-               //get the tcp header
-               newHdr_size = (iphdr->ip_hl * 4);
-               newTcphdr = ((struct tcphdr *) (((char *) newIphdr) + 
newHdr_size));
-       }
-       else if(trafficType == 6){
-               //get the ip header
-               newIp6_hdr = (struct ip6_hdr *)pointer;
-               //get the tcp header            
-               newHdr_size = (newIp6_hdr->ip6_ctlun.ip6_un1.ip6_un1_plen * 4);
-               newTcphdr = ((struct tcphdr *) (((char *) newIp6_hdr) + 
newHdr_size));
-       }
-
-       //change the values of the checksum and the tcp header length(+1) 
-       newTcphdr->check = 0;
-       if(addOption)
-               newTcphdr->doff = newTcphdr->doff + 1;
-       if(addHIT)
-               newTcphdr->doff = newTcphdr->doff + 4;//16 bytes HIT - 4 more 
words
-
-       //the checksum
-       if(trafficType == 4){
-               pseudo = (struct pseudo_hdr *) ((u8*)newTcphdr - sizeof(struct 
pseudo_hdr));
-
-               pseudo->s_addr = newIphdr->ip_src.s_addr;
-               pseudo->d_addr = newIphdr->ip_dst.s_addr;
-               pseudo->zer0    = 0;
-               pseudo->protocol = IPPROTO_TCP;
-               pseudo->length  = htons(sizeof(struct tcphdr) + 
4*(newTcphdr->doff-5) + 0);
-
-               newTcphdr->check = in_cksum((unsigned short *)pseudo, 
sizeof(struct tcphdr) + 
-                                                       4*(newTcphdr->doff-5) + 
sizeof(struct pseudo_hdr) + 0);
-       }
-       else if(trafficType == 6){
-               pseudo6 = (struct pseudo6_hdr *) ((u8*)newTcphdr - 
sizeof(struct pseudo6_hdr));
-
-               pseudo6->s_addr = newIp6_hdr->ip6_src;
-               pseudo6->d_addr = newIp6_hdr->ip6_dst;
-               pseudo6->zer0    = 0;
-               pseudo6->protocol = IPPROTO_TCP;
-               pseudo6->length  = htons(sizeof(struct tcphdr) + 
4*(newTcphdr->doff-5) + 0);
-
-               newTcphdr->check = in_cksum((unsigned short *)pseudo6, 
sizeof(struct tcphdr) +
-                                                       4*(newTcphdr->doff-5) + 
sizeof(struct pseudo6_hdr) + 0);
-       }
-
-       //replace the pseudo header bytes with the correct ones
-       i = 0;
-       while(i < hdr_size){
-               newHdr[i] = bytes[i];
-               i++;
-       }
-
-       //change the src and dst ip if it was an incoming packet******
-
-
-       //finally send through the socket
-       sendto(sockfd, &newHdr[0], newSize, 0, 
-                       (struct sockaddr *)&sock_raw, sizeof(sock_raw));
+void send_tcp_packet(void *hdr,
+                     int newSize,
+                     int trafficType,
+                     int addOption,
+                     int addHIT)
+{
+    int sockfd, socketFamily;
+    int on      = 1, i, j;
+    int hdr_size, newHdr_size, twoHdrsSize;
+    char *packet;
+    char *bytes = (char *) hdr;
+    struct sockaddr_in sock_raw;
+    struct sockaddr_in6 sock6_raw;
+    struct in_addr dstAddr;
+    struct in6_addr dst6Addr;
+    struct tcphdr *tcphdr;
+    struct tcphdr *newTcphdr;
+    struct ip *iphdr;
+    struct ip *newIphdr;
+    struct ip6_hdr *ip6_hdr;
+    struct ip6_hdr *newIp6_hdr;
+    struct pseudo_hdr *pseudo;
+    struct pseudo6_hdr *pseudo6;
+    void *pointer;
+    char *HITbytes;
+    struct in6_addr *defaultHit;
+    char newHdr[newSize + 4 * addOption + (sizeof(struct in6_addr)) * addHIT];
+
+    if (addOption) {
+        newSize = newSize + 4;
+    }
+    if (addHIT) {
+        newSize = newSize + sizeof(struct in6_addr);
+    }
+
+    //initializing the raw socket
+    if (trafficType == 4) {
+        socketFamily = AF_INET;
+    } else if (trafficType == 6) {
+        socketFamily = AF_INET6;
+    }
+
+    if ((sockfd = socket(socketFamily, SOCK_RAW, IPPROTO_RAW)) < 0) {
+        HIP_DEBUG("Error creating raw socket\n");
+        return;
+    }
+    if (setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL,
+                   (char *) &on, sizeof(on)) < 0) {
+        HIP_DEBUG("Error setting an option to raw socket\n");
+        return;
+    }
+
+    //initializing the headers and setting socket settings
+    if (trafficType == 4) {
+        //get the ip header
+        iphdr               = (struct ip *) hdr;
+        //get the tcp header
+        hdr_size            = (iphdr->ip_hl * 4);
+        tcphdr              = ((struct tcphdr *) (((char *) iphdr) + 
hdr_size));
+        //socket settings
+        sock_raw.sin_family = AF_INET;
+        sock_raw.sin_port   = htons(tcphdr->dest);
+        sock_raw.sin_addr   = iphdr->ip_dst;
+    } else if (trafficType == 6)    {
+        //get the ip header
+        ip6_hdr               = (struct ip6_hdr *) hdr;
+        //get the tcp header
+        hdr_size              = (ip6_hdr->ip6_ctlun.ip6_un1.ip6_un1_plen * 4);
+        tcphdr                =
+                ((struct tcphdr *) (((char *) ip6_hdr) + hdr_size));
+        //socket settings
+        sock6_raw.sin6_family = AF_INET6;
+        sock6_raw.sin6_port   = htons(tcphdr->dest);
+        sock6_raw.sin6_addr   = ip6_hdr->ip6_dst;
+    }
+
+    //measuring the size of ip and tcp headers (no options)
+    twoHdrsSize = hdr_size + 4 * 5;
+
+    //copy the ip header and the tcp header without the options
+    i           = 0;
+    while (i < twoHdrsSize) {
+        newHdr[i] = bytes[i];
+        i++;
+    }
+
+    //add the i1 option and copy the old options
+    //add the HIT if required,
+    if (tcphdr->doff == 5) {  //there are no previous options
+        if (addOption) {
+            newHdr[twoHdrsSize]     = (char) HIP_OPTION_KIND;
+            newHdr[twoHdrsSize + 1] = '0';
+            newHdr[twoHdrsSize + 2] = '0';
+            newHdr[twoHdrsSize + 3] = '0';
+            if (addHIT) {
+                //get the default hit
+                hip_get_default_hit(defaultHit);
+                //copy the hit
+                HITbytes = (char *) defaultHit;
+                for (j = 0; j < 16; j++) {
+                    newHdr[twoHdrsSize + 4 + j] = HITbytes[j];
+                }
+            }
+        } else {
+            if (addHIT) {
+                //get the default hit
+                hip_get_default_hit(defaultHit);
+                //copy the hit
+                HITbytes = (char *) defaultHit;
+                for (j = 0; j < 16; j++) {
+                    newHdr[twoHdrsSize + j] = HITbytes[j];
+                }
+            }
+        }
+    } else { //there are previous options
+        if (addOption) {
+            newHdr[twoHdrsSize]     = (char) HIP_OPTION_KIND;
+            newHdr[twoHdrsSize + 1] = (char) 2;
+            newHdr[twoHdrsSize + 2] = (char) 1;
+            newHdr[twoHdrsSize + 3] = (char) 1;
+
+            //if the HIT is to be sent, the
+            //other options are not important
+            if (addHIT) {
+                //get the default hit
+                hip_get_default_hit(defaultHit);
+                //copy the hit
+                HITbytes = (char *) defaultHit;
+                for (j = 0; j < 16; j++) {
+                    newHdr[twoHdrsSize + 4 + j] = HITbytes[j];
+                }
+            } else {
+                i = 0;
+                while (i < 4 * (tcphdr->doff - 5)) {
+                    newHdr[i + twoHdrsSize + 4] = bytes[i + twoHdrsSize];
+                    i++;
+                }
+            }
+        } else {
+            //if the HIT is to be sent, the
+            //other options are not important
+            if (addHIT) {
+                //get the default hit
+                hip_get_default_hit(defaultHit);
+                //copy the hit
+                HITbytes = (char *) defaultHit;
+                for (j = 0; j < 16; j++) {
+                    newHdr[twoHdrsSize + j] = HITbytes[j];
+                }
+            } else {
+                i = 0;
+                while (i < 4 * (tcphdr->doff - 5)) {
+                    newHdr[i + twoHdrsSize] = bytes[i + twoHdrsSize];
+                    i++;
+                }
+            }
+        }
+    }
+
+    pointer = &newHdr[0];
+    //get pointers to the new packet
+    if (trafficType == 4) {
+        //get the ip header
+        newIphdr    = (struct ip *) pointer;
+        //get the tcp header
+        newHdr_size = (iphdr->ip_hl * 4);
+        newTcphdr   = ((struct tcphdr *) (((char *) newIphdr) + newHdr_size));
+    } else if (trafficType == 6)    {
+        //get the ip header
+        newIp6_hdr  = (struct ip6_hdr *) pointer;
+        //get the tcp header
+        newHdr_size = (newIp6_hdr->ip6_ctlun.ip6_un1.ip6_un1_plen * 4);
+        newTcphdr   = ((struct tcphdr *) (((char *) newIp6_hdr) + 
newHdr_size));
+    }
+
+    //change the values of the checksum and the tcp header length(+1)
+    newTcphdr->check = 0;
+    if (addOption) {
+        newTcphdr->doff = newTcphdr->doff + 1;
+    }
+    if (addHIT) {
+        newTcphdr->doff = newTcphdr->doff + 4;        //16 bytes HIT - 4 more 
words
+    }
+    //the checksum
+    if (trafficType == 4) {
+        pseudo           = (struct pseudo_hdr *)
+                ((u8 *) newTcphdr - sizeof(struct pseudo_hdr));
+
+        pseudo->s_addr   = newIphdr->ip_src.s_addr;
+        pseudo->d_addr   = newIphdr->ip_dst.s_addr;
+        pseudo->zer0     = 0;
+        pseudo->protocol = IPPROTO_TCP;
+        pseudo->length   = htons(sizeof(struct tcphdr) + 4 * (newTcphdr->doff 
- 5) + 0);
+
+        newTcphdr->check = in_cksum((unsigned short *) pseudo, sizeof(struct 
tcphdr) +
+                                    4 * (newTcphdr->doff - 5) + sizeof(struct 
pseudo_hdr) + 0);
+    } else if (trafficType == 6)    {
+        pseudo6           = (struct pseudo6_hdr *) ((u8 *) newTcphdr - 
sizeof(struct pseudo6_hdr));
+
+        pseudo6->s_addr   = newIp6_hdr->ip6_src;
+        pseudo6->d_addr   = newIp6_hdr->ip6_dst;
+        pseudo6->zer0     = 0;
+        pseudo6->protocol = IPPROTO_TCP;
+        pseudo6->length   = htons(sizeof(struct tcphdr) + 4 * (newTcphdr->doff 
- 5) + 0);
+
+        newTcphdr->check  = in_cksum((unsigned short *) pseudo6, sizeof(struct 
tcphdr) +
+                                     4 * (newTcphdr->doff - 5) + sizeof(struct 
pseudo6_hdr) + 0);
+    }
+
+    //replace the pseudo header bytes with the correct ones
+    i = 0;
+    while (i < hdr_size) {
+        newHdr[i] = bytes[i];
+        i++;
+    }
+
+    //change the src and dst ip if it was an incoming packet******
+
+
+    //finally send through the socket
+    sendto(sockfd, &newHdr[0], newSize, 0,
+           (struct sockaddr *) &sock_raw, sizeof(sock_raw));
 }
 
-
 #endif

=== modified file 'lib/tool/nlink.c.doxyme'
--- lib/tool/nlink.c.doxyme     2010-01-19 11:26:32 +0000
+++ lib/tool/nlink.c.doxyme     2010-02-11 00:01:07 +0000
@@ -14,20 +14,20 @@
 
 
 
- ///  Single line comment for dOxygen.
+///  Single line comment for dOxygen.
 
 /**
  * my_great_function
  *
  * Write description of function here.
  * The function should follow these comments.
- * 
+ *
  * Document the use of each function variable and indicate if this
  * argument is used to return information to the calling context. Use
- * [out] for outut parameters (This is very important). Align the 
+ * [out] for outut parameters (This is very important). Align the
  * descriptions to improve readability.
  *
- *  @note: put important usage informations to notes. 
+ *  @note: put important usage informations to notes.
  *
  *  @param      firstArg     Description of first function argument.
  *  @param[out] secondArg    Description of second function argument.
@@ -35,7 +35,8 @@
  *  @return Description of returned value.
  **/
 
-int my_great_function(int firstArg, char** secondArg, int thirdArg){
+int my_great_function(int firstArg, char **secondArg, int thirdArg)
+{
     .....
 
 /// Now it's your turn.
@@ -44,19 +45,19 @@
 
 
 /**
- * addattr32 
+ * addattr32
  *
  *
  * @param release.version
  * @param maxlen
  * @param type
  * @param data
- * @return 
+ * @return
  **/
 
 
 /**
- * addattr_l 
+ * addattr_l
  *
  *
  * @param release.version
@@ -64,75 +65,75 @@
  * @param type
  * @param data
  * @param alen
- * @return 
+ * @return
  **/
 
 
 /**
- * convert_ipv6_slash_to_ipv4_slash 
+ * convert_ipv6_slash_to_ipv4_slash
  *
  *
  * @param libopphip
  * @param ip4
- * @return 
+ * @return
  **/
 
 
 /**
- * do_chflags 
+ * do_chflags
  *
  *
  * @param dev
  * @param flags
  * @param mask
- * @return 
+ * @return
  **/
 
 
 /**
- * get_addr_1 
+ * get_addr_1
  *
  *
  * @param addr
  * @param name
  * @param family
- * @return 
+ * @return
  **/
 
 
 /**
- * get_ctl_fd 
+ * get_ctl_fd
  *
  *
  * @param void
- * @return 
+ * @return
  **/
 
 
 /**
- * get_prefix_1 
+ * get_prefix_1
  *
  *
  * @param dst
  * @param arg
  * @param family
- * @return 
+ * @return
  **/
 
 
 /**
- * get_unsigned 
+ * get_unsigned
  *
  *
  * @param val
  * @param arg
  * @param base
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_ipaddr_modify 
+ * hip_ipaddr_modify
  *
  *
  * @param rth
@@ -141,12 +142,12 @@
  * @param libopphip
  * @param dev
  * @param idxmap
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_iproute_get 
+ * hip_iproute_get
  *
  *
  * @param rth
@@ -156,12 +157,12 @@
  * @param odev
  * @param family
  * @param idxmap
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_iproute_modify 
+ * hip_iproute_modify
  *
  *
  * @param rth
@@ -170,64 +171,64 @@
  * @param family
  * @param libopphip
  * @param dev
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_netlink_receive 
+ * hip_netlink_receive
  *
  *
  * @param nl
  * @param handler
  * @param arg
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_parse_src_addr 
+ * hip_parse_src_addr
  *
  *
  * @param release.version
  * @param src_addr
- * @return 
+ * @return
  **/
 
 
 /**
- * in_cksum 
+ * in_cksum
  *
  *
  * @param ptr
  * @param nbytes
- * @return 
+ * @return
  **/
 
 
 /**
- * ll_name_to_index 
+ * ll_name_to_index
  *
  *
  * @param name
  * @param idxmap
- * @return 
+ * @return
  **/
 
 
 /**
- * ll_remember_index 
+ * ll_remember_index
  *
  *
  * @param who
  * @param release.version
  * @param arg
- * @return 
+ * @return
  **/
 
 
 /**
- * netlink_talk 
+ * netlink_talk
  *
  *
  * @param nl
@@ -237,62 +238,62 @@
  * @param answer
  * @param junk
  * @param arg
- * @return 
+ * @return
  **/
 
 
 /**
- * rtnl_close 
+ * rtnl_close
  *
  *
  * @param rth
- * @return 
+ * @return
  **/
 
 
 /**
- * rtnl_open_byproto 
+ * rtnl_open_byproto
  *
  *
  * @param rth
  * @param subscriptions
  * @param protocol
- * @return 
+ * @return
  **/
 
 
 /**
- * rtnl_tab_initialize 
+ * rtnl_tab_initialize
  *
  *
  * @param file
  * @param tab
  * @param size
- * @return 
+ * @return
  **/
 
 
 /**
- * send_tcp_packet 
+ * send_tcp_packet
  *
  *
  * @param autogen.sh
- * @return 
+ * @return
  **/
 
 
 /**
- * set_up_device 
+ * set_up_device
  *
  *
  * @param dev
  * @param up
- * @return 
+ * @return
  **/
 
 
 /**
- * xfrm_algo_parse 
+ * xfrm_algo_parse
  *
  *
  * @param alg
@@ -301,24 +302,24 @@
  * @param key
  * @param key_len
  * @param max
- * @return 
+ * @return
  **/
 
 
 /**
- * xfrm_fill_encap 
+ * xfrm_fill_encap
  *
  *
  * @param encap
  * @param sport
  * @param dport
  * @param oa
- * @return 
+ * @return
  **/
 
 
 /**
- * xfrm_fill_selector 
+ * xfrm_fill_selector
  *
  *
  * @param sel
@@ -329,26 +330,25 @@
  * @param src_port
  * @param dst_port
  * @param preferred_family
- * @return 
+ * @return
  **/
 
 
 /**
- * xfrm_init_lft 
+ * xfrm_init_lft
  *
  *
  * @param lft
- * @return 
+ * @return
  **/
 
 
 /**
- * xfrm_selector_upspec 
+ * xfrm_selector_upspec
  *
  *
  * @param sel
  * @param src_port
  * @param dst_port
- * @return 
+ * @return
  **/
-

=== modified file 'lib/tool/nlink.h'
--- lib/tool/nlink.h    2010-02-09 14:12:03 +0000
+++ lib/tool/nlink.h    2010-02-11 00:01:07 +0000
@@ -13,97 +13,104 @@
 /* Keep this one as the last to avoid some weird compilation problems */
 #include <linux/netlink.h>
 
-struct pseudo_hdr{
-       u32 s_addr;
-       u32 d_addr;
-       u8  zer0;
-       u8  protocol;
-       u16 length;
+struct pseudo_hdr {
+    u32 s_addr;
+    u32 d_addr;
+    u8  zer0;
+    u8  protocol;
+    u16 length;
 };
 
-struct pseudo6_hdr{
-       struct in6_addr s_addr;
-       struct in6_addr d_addr;
-       u8  zer0;
-       u8  protocol;
-       u16 length;
+struct pseudo6_hdr {
+    struct in6_addr s_addr;
+    struct in6_addr d_addr;
+    u8              zer0;
+    u8              protocol;
+    u16             length;
 };
 
 #define HIP_OPTION_KIND 30
 
 struct netdev_address {
-  //hip_list_t next;
-       struct sockaddr_storage addr;
-       int if_index;
-        unsigned char secret[40];
-        time_t timestamp;
-       int flags;
-};
-
-struct idxmap
-{
-        struct idxmap * next;
-        unsigned        index;
-        int             type;
-        int             alen;
-        unsigned        flags;
-        unsigned char   addr[8];
-        char            name[16];
-};
-
-struct rtnl_handle
-{
-        int                     fd;
-        struct sockaddr_nl      local;
-        struct sockaddr_nl      peer;
-        __u32                   seq;
-        __u32                   dump;
+    //hip_list_t next;
+    struct sockaddr_storage addr;
+    int                     if_index;
+    unsigned char           secret[40];
+    time_t                  timestamp;
+    int                     flags;
+};
+
+struct idxmap {
+    struct idxmap *next;
+    unsigned       index;
+    int            type;
+    int            alen;
+    unsigned       flags;
+    unsigned char  addr[8];
+    char           name[16];
+};
+
+struct rtnl_handle {
+    int                fd;
+    struct sockaddr_nl local;
+    struct sockaddr_nl peer;
+    __u32              seq;
+    __u32              dump;
 };
 
 /* Workaround: in6_pktinfo does not compile on Fedora and Ubuntu anymore.
-   This works also with CentOS */
+ * This works also with CentOS */
 struct inet6_pktinfo {
-       struct in6_addr ipi6_addr;
-       unsigned int ipi6_ifindex;
+    struct in6_addr ipi6_addr;
+    unsigned int    ipi6_ifindex;
 };
 
 typedef int (*hip_filter_t)(const struct nlmsghdr *n, int len, void *arg);
 
 int set_up_device(char *dev, int up);
-int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data, 
-             int alen);
+int addattr_l(struct nlmsghdr *n, int maxlen, int type, const void *data,
+              int alen);
 
-int hip_netlink_open(struct rtnl_handle *nl, unsigned subscriptions, int 
protocol);
-int hip_netlink_receive(struct rtnl_handle *nl, hip_filter_t handler, void 
*arg);
-int rtnl_open_byproto(struct rtnl_handle *rth, unsigned subscriptions,
-                         int protocol);
+int hip_netlink_open(struct rtnl_handle *nl,
+                     unsigned subscriptions,
+                     int protocol);
+int hip_netlink_receive(struct rtnl_handle *nl,
+                        hip_filter_t handler,
+                        void *arg);
+int rtnl_open_byproto(struct rtnl_handle *rth,
+                      unsigned subscriptions,
+                      int protocol);
 void rtnl_close(struct rtnl_handle *rth);
 int hip_netlink_receive_workorder(const struct nlmsghdr *n, int len, void 
*arg);
 int netlink_talk(struct rtnl_handle *nl, struct nlmsghdr *n, pid_t peer,
-                       unsigned groups, struct nlmsghdr *answer,
-                       hip_filter_t junk, void *arg);
+                 unsigned groups, struct nlmsghdr *answer,
+                 hip_filter_t junk, void *arg);
 
 int hip_ipaddr_modify(struct rtnl_handle *rth, int cmd, int family, char *ip,
-                       char *dev, struct idxmap **idxma);
+                      char *dev, struct idxmap **idxma);
 int hip_iproute_modify(struct rtnl_handle *rth,
-                       int cmd, int flags, int family, char *ip,
-                       char *dev);
+                       int cmd, int flags, int family, char *ip,
+                       char *dev);
 int hip_iproute_get(struct rtnl_handle *rth, struct in6_addr *src_addr,
-                       const struct in6_addr *dst_addr, char *idev, char *odev,
-                       int family, struct idxmap **idxmap);
+                    const struct in6_addr *dst_addr, char *idev, char *odev,
+                    int family, struct idxmap **idxmap);
 
 
 void rtnl_tab_initialize(char *file, char **tab, int size);
 int xfrm_init_lft(struct xfrm_lifetime_cfg *lft);
 int xfrm_fill_selector(struct xfrm_selector *sel,
-                      const struct in6_addr *id_our,
-                      const struct in6_addr *id_peer,
-                      __u8 proto, u8 id_prefix,
-                      uint32_t src_port, uint32_t dst_port,
-                      int preferred_family);
-int xfrm_fill_encap(struct xfrm_encap_tmpl *encap, int sport, int dport, const 
struct in6_addr *oa);
+                       const struct in6_addr *id_our,
+                       const struct in6_addr *id_peer,
+                       __u8 proto, u8 id_prefix,
+                       uint32_t src_port, uint32_t dst_port,
+                       int preferred_family);
+int xfrm_fill_encap(struct xfrm_encap_tmpl *encap,
+                    int sport,
+                    int dport,
+                    const struct in6_addr *oa);
 
 int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
-                   char *name, const unsigned char *key, int key_len, int max);
+                    char *name, const unsigned char *key,
+                    int key_len, int max);
 
 #endif /* _HIP_NLINK_H */

=== modified file 'lib/tool/pk.c'
--- lib/tool/pk.c       2010-02-08 15:18:06 +0000
+++ lib/tool/pk.c       2010-02-11 00:01:07 +0000
@@ -8,168 +8,174 @@
 #include "lib/performance/performance.h"
 #endif
 
-int hip_rsa_sign(void *peer_pub, struct hip_common *msg) {
-       RSA* rsa = (RSA*)peer_pub;
-       u8 sha1_digest[HIP_AH_SHA_LEN];
-       u8 *signature = NULL;
-       int err = 0, len;
-       unsigned int sig_len;
-
-       len = hip_get_msg_total_len(msg);
-       HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest) < 0,
-                -1, "Building of SHA1 digest failed\n");
-
-       len = RSA_size(rsa);
-       signature = malloc(len);
-       HIP_IFEL(!signature, -1, "Malloc for signature failed.");
-       memset (signature, 0, len);
-
-       /* RSA_sign returns 0 on failure */
-       HIP_IFEL(!RSA_sign(NID_sha1, sha1_digest, SHA_DIGEST_LENGTH, signature,
-                                       &sig_len, rsa), -1, "Signing error\n");
-
-       if (hip_get_msg_type(msg) == HIP_R1) {
-           HIP_IFEL(hip_build_param_signature2_contents(msg, signature,
-                                                       len, HIP_SIG_RSA), 
-                                       -1,  "Building of signature failed\n");
-       } else {
-           HIP_IFEL(hip_build_param_signature_contents(msg, signature,
-                                                       len, HIP_SIG_RSA), 
-                                        -1, "Building of signature failed\n");
-       }
-
- out_err:
-       if(signature)
-           free(signature);
-       return err;
+int hip_rsa_sign(void *peer_pub, struct hip_common *msg)
+{
+    RSA *rsa      = (RSA *) peer_pub;
+    u8 sha1_digest[HIP_AH_SHA_LEN];
+    u8 *signature = NULL;
+    int err       = 0, len;
+    unsigned int sig_len;
+
+    len       = hip_get_msg_total_len(msg);
+    HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest) < 0,
+             -1, "Building of SHA1 digest failed\n");
+
+    len       = RSA_size(rsa);
+    signature = malloc(len);
+    HIP_IFEL(!signature, -1, "Malloc for signature failed.");
+    memset(signature, 0, len);
+
+    /* RSA_sign returns 0 on failure */
+    HIP_IFEL(!RSA_sign(NID_sha1, sha1_digest, SHA_DIGEST_LENGTH, signature,
+                       &sig_len, rsa), -1, "Signing error\n");
+
+    if (hip_get_msg_type(msg) == HIP_R1) {
+        HIP_IFEL(hip_build_param_signature2_contents(msg, signature,
+                                                     len, HIP_SIG_RSA),
+                 -1,  "Building of signature failed\n");
+    } else {
+        HIP_IFEL(hip_build_param_signature_contents(msg, signature,
+                                                    len, HIP_SIG_RSA),
+                 -1, "Building of signature failed\n");
+    }
+
+out_err:
+    if (signature) {
+        free(signature);
+    }
+    return err;
 }
 
-int hip_dsa_sign(void *peer_pub, struct hip_common *msg) {
-       DSA* dsa = (DSA*)peer_pub;
+int hip_dsa_sign(void *peer_pub, struct hip_common *msg)
+{
+    DSA *dsa = (DSA *) peer_pub;
     u8 sha1_digest[HIP_AH_SHA_LEN];
-       u8 signature[HIP_DSA_SIGNATURE_LEN];
-       int err = 0, len;
-
-       len = hip_get_msg_total_len(msg);
-       HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest) < 0,
-                -1, "Building of SHA1 digest failed\n");
-       HIP_IFEL(impl_dsa_sign(sha1_digest, dsa, signature), 
-                -1, "Signing error\n");
-
-       if (hip_get_msg_type(msg) == HIP_R1) {
-           HIP_IFEL(hip_build_param_signature2_contents(msg, signature,
-                                        HIP_DSA_SIGNATURE_LEN, HIP_SIG_DSA),
-                                        -1, "Building of signature failed\n");
-       } else {
-           HIP_IFEL(hip_build_param_signature_contents(msg, signature,
-                                        HIP_DSA_SIGNATURE_LEN, HIP_SIG_DSA),
-                                        -1, "Building of signature failed\n");
-       }
-
- out_err:
-       return err;
+    u8 signature[HIP_DSA_SIGNATURE_LEN];
+    int err  = 0, len;
+
+    len = hip_get_msg_total_len(msg);
+    HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest) < 0,
+             -1, "Building of SHA1 digest failed\n");
+    HIP_IFEL(impl_dsa_sign(sha1_digest, dsa, signature),
+             -1, "Signing error\n");
+
+    if (hip_get_msg_type(msg) == HIP_R1) {
+        HIP_IFEL(hip_build_param_signature2_contents(
+                msg, signature,
+                HIP_DSA_SIGNATURE_LEN, HIP_SIG_DSA),
+                -1, "Building of signature failed\n");
+    } else {
+        HIP_IFEL(hip_build_param_signature_contents(
+                msg, signature,
+                HIP_DSA_SIGNATURE_LEN, HIP_SIG_DSA),
+                 -1, "Building of signature failed\n");
+    }
+
+out_err:
+    return err;
 }
 
 static int verify(void *peer_pub, struct hip_common *msg, const int rsa)
 {
-       int err = 0, len, origlen;
-       struct hip_sig *sig;
-       u8 sha1_digest[HIP_AH_SHA_LEN];
-       struct in6_addr tmpaddr;        
-       struct hip_puzzle *pz = NULL;
-       uint8_t opaque[3];
-       uint64_t randi = 0;
-
-       ipv6_addr_copy(&tmpaddr, &msg->hitr); /* so update is handled, too */
-
-       origlen = hip_get_msg_total_len(msg);
-       if (hip_get_msg_type(msg) == HIP_R1) {
-           HIP_IFEL(!(sig = hip_get_param(msg, HIP_PARAM_HIP_SIGNATURE2)),
-                                      -ENOENT, "Could not find signature2\n");
-               
-           //ipv6_addr_copy(&tmpaddr, &msg->hitr);
-           memset(&msg->hitr, 0, sizeof(struct in6_addr));
-
-           HIP_IFEL(!(pz = hip_get_param(msg, HIP_PARAM_PUZZLE)),
-                             -ENOENT, "Illegal R1 packet (puzzle missing)\n");
-           memcpy(opaque, pz->opaque, 3);
-           randi = pz->I;
-
-           memset(pz->opaque, 0, 3);
-           pz->I = 0;
-       } else {
-           HIP_IFEL(!(sig = hip_get_param(msg, HIP_PARAM_HIP_SIGNATURE)),
-                                       -ENOENT, "Could not find signature\n");
-       }
-
-       //HIP_HEXDUMP("SIG", sig, hip_get_param_total_len(sig));
-       len = ((u8 *) sig) - ((u8 *) msg);
-       hip_zero_msg_checksum(msg);
-       HIP_IFEL(len < 0, -ENOENT, "Invalid signature len\n");
-       hip_set_msg_total_len(msg, len);
-
-       //HIP_HEXDUMP("Verifying:", msg, len);
-       //HIP_HEXDUMP("Pubkey:", peer_pub, hip_get_param_total_len(peer_pub));
-
-       HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest), 
-                -1, "Could not calculate SHA1 digest\n");
-       if (rsa) {
-           /* RSA_verify returns 0 on failure */
-           err = !RSA_verify(NID_sha1, sha1_digest, SHA_DIGEST_LENGTH,
-                                       sig->signature, RSA_size(peer_pub), 
peer_pub);
-       } else {
-           err = impl_dsa_verify(sha1_digest, peer_pub, sig->signature);
-       }
+    int err               = 0, len, origlen;
+    struct hip_sig *sig;
+    u8 sha1_digest[HIP_AH_SHA_LEN];
+    struct in6_addr tmpaddr;
+    struct hip_puzzle *pz = NULL;
+    uint8_t opaque[3];
+    uint64_t randi        = 0;
+
+    ipv6_addr_copy(&tmpaddr, &msg->hitr);     /* so update is handled, too */
+
+    origlen = hip_get_msg_total_len(msg);
+    if (hip_get_msg_type(msg) == HIP_R1) {
+        HIP_IFEL(!(sig = hip_get_param(msg, HIP_PARAM_HIP_SIGNATURE2)),
+                 -ENOENT, "Could not find signature2\n");
+
+        //ipv6_addr_copy(&tmpaddr, &msg->hitr);
+        memset(&msg->hitr, 0, sizeof(struct in6_addr));
+
+        HIP_IFEL(!(pz = hip_get_param(msg, HIP_PARAM_PUZZLE)),
+                 -ENOENT, "Illegal R1 packet (puzzle missing)\n");
+        memcpy(opaque, pz->opaque, 3);
+        randi = pz->I;
+
+        memset(pz->opaque, 0, 3);
+        pz->I = 0;
+    } else {
+        HIP_IFEL(!(sig = hip_get_param(msg, HIP_PARAM_HIP_SIGNATURE)),
+                 -ENOENT, "Could not find signature\n");
+    }
+
+    //HIP_HEXDUMP("SIG", sig, hip_get_param_total_len(sig));
+    len = ((u8 *) sig) - ((u8 *) msg);
+    hip_zero_msg_checksum(msg);
+    HIP_IFEL(len < 0, -ENOENT, "Invalid signature len\n");
+    hip_set_msg_total_len(msg, len);
+
+    //HIP_HEXDUMP("Verifying:", msg, len);
+    //HIP_HEXDUMP("Pubkey:", peer_pub, hip_get_param_total_len(peer_pub));
+
+    HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, msg, len, sha1_digest),
+             -1, "Could not calculate SHA1 digest\n");
+    if (rsa) {
+        /* RSA_verify returns 0 on failure */
+        err = !RSA_verify(NID_sha1, sha1_digest, SHA_DIGEST_LENGTH,
+                          sig->signature, RSA_size(peer_pub), peer_pub);
+    } else {
+        err = impl_dsa_verify(sha1_digest, peer_pub, sig->signature);
+    }
 
 #ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Stop and write PERF_VERIFY, PERF_RSA_VERIFY_IMPL, 
PERF_DSA_VERIFY_IMPL\n");
-       hip_perf_stop_benchmark(perf_set, PERF_VERIFY);
-       hip_perf_stop_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
-       hip_perf_stop_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
-       hip_perf_write_benchmark(perf_set, PERF_VERIFY);
-       hip_perf_write_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
-       hip_perf_write_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
+    HIP_DEBUG("Stop and write PERF_VERIFY, PERF_RSA_VERIFY_IMPL, 
PERF_DSA_VERIFY_IMPL\n");
+    hip_perf_stop_benchmark(perf_set, PERF_VERIFY);
+    hip_perf_stop_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
+    hip_perf_stop_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
+    hip_perf_write_benchmark(perf_set, PERF_VERIFY);
+    hip_perf_write_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
+    hip_perf_write_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
 #endif
 
-       if (hip_get_msg_type(msg) == HIP_R1) {
-           memcpy(pz->opaque, opaque, 3);
-           pz->I = randi;
-       }
-
-       ipv6_addr_copy(&msg->hitr, &tmpaddr);
-
-       /*switch(err) {
-       case 0:
-           err = 0;
-           break;
-       case 1:
-       default:
-           err = -1;
-           break;
-       }*/
-
-       if(err)
-           err = -1;
-
- out_err:
-       hip_set_msg_total_len(msg, origlen);
-       return err;
+    if (hip_get_msg_type(msg) == HIP_R1) {
+        memcpy(pz->opaque, opaque, 3);
+        pz->I = randi;
+    }
+
+    ipv6_addr_copy(&msg->hitr, &tmpaddr);
+
+    /*switch(err) {
+     * case 0:
+     *  err = 0;
+     *  break;
+     * case 1:
+     * default:
+     *  err = -1;
+     *  break;
+     * }*/
+
+    if (err) {
+        err = -1;
+    }
+
+out_err:
+    hip_set_msg_total_len(msg, origlen);
+    return err;
 }
 
 int hip_rsa_verify(void *peer_pub, struct hip_common *msg)
 {
 #ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Start PERF_RSA_VERIFY_IMPL\n");
-       hip_perf_start_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
+    HIP_DEBUG("Start PERF_RSA_VERIFY_IMPL\n");
+    hip_perf_start_benchmark(perf_set, PERF_RSA_VERIFY_IMPL);
 #endif
-       return verify((RSA *)peer_pub, msg, 1);
+    return verify((RSA *) peer_pub, msg, 1);
 }
 
 int hip_dsa_verify(void *peer_pub, struct hip_common *msg)
 {
 #ifdef CONFIG_HIP_PERFORMANCE
-       HIP_DEBUG("Start PERF_DSA_VERIFY_IMPL\n");
-       hip_perf_start_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
+    HIP_DEBUG("Start PERF_DSA_VERIFY_IMPL\n");
+    hip_perf_start_benchmark(perf_set, PERF_DSA_VERIFY_IMPL);
 #endif
-       return verify((DSA *)peer_pub, msg, 0);
+    return verify((DSA *) peer_pub, msg, 0);
 }

=== modified file 'lib/tool/pk.c.doxyme'
--- lib/tool/pk.c.doxyme        2010-01-19 11:26:32 +0000
+++ lib/tool/pk.c.doxyme        2010-02-11 00:01:07 +0000
@@ -14,20 +14,20 @@
 
 
 
- ///  Single line comment for dOxygen.
+///  Single line comment for dOxygen.
 
 /**
  * my_great_function
  *
  * Write description of function here.
  * The function should follow these comments.
- * 
+ *
  * Document the use of each function variable and indicate if this
  * argument is used to return information to the calling context. Use
- * [out] for outut parameters (This is very important). Align the 
+ * [out] for outut parameters (This is very important). Align the
  * descriptions to improve readability.
  *
- *  @note: put important usage informations to notes. 
+ *  @note: put important usage informations to notes.
  *
  *  @param      firstArg     Description of first function argument.
  *  @param[out] secondArg    Description of second function argument.
@@ -35,7 +35,8 @@
  *  @return Description of returned value.
  **/
 
-int my_great_function(int firstArg, char** secondArg, int thirdArg){
+int my_great_function(int firstArg, char **secondArg, int thirdArg)
+{
     .....
 
 /// Now it's your turn.
@@ -44,41 +45,40 @@
 
 
 /**
- * hip_dsa_sign 
- *
- *
- * @param peer_pub
- * @param msg
- * @return 
- **/
-
-
-/**
- * hip_dsa_verify 
- *
- *
- * @param peer_pub
- * @param msg
- * @return 
- **/
-
-
-/**
- * hip_rsa_sign 
- *
- *
- * @param peer_pub
- * @param msg
- * @return 
- **/
-
-
-/**
- * hip_rsa_verify 
- *
- *
- * @param peer_pub
- * @param msg
- * @return 
- **/
-
+ * hip_dsa_sign
+ *
+ *
+ * @param peer_pub
+ * @param msg
+ * @return
+ **/
+
+
+/**
+ * hip_dsa_verify
+ *
+ *
+ * @param peer_pub
+ * @param msg
+ * @return
+ **/
+
+
+/**
+ * hip_rsa_sign
+ *
+ *
+ * @param peer_pub
+ * @param msg
+ * @return
+ **/
+
+
+/**
+ * hip_rsa_verify
+ *
+ *
+ * @param peer_pub
+ * @param msg
+ * @return
+ **/

=== modified file 'lib/tool/xfrmapi.c'
--- lib/tool/xfrmapi.c  2010-01-20 17:16:13 +0000
+++ lib/tool/xfrmapi.c  2010-02-11 00:01:07 +0000
@@ -18,7 +18,7 @@
 
 
 /* For receiving netlink IPsec events (acquire, expire, etc);
-   thread unfriendly! */
+ * thread unfriendly! */
 struct rtnl_handle *hip_xfrmapi_nl_ipsec;
 
 int hip_xfrmapi_beet;
@@ -29,19 +29,19 @@
 
 /* Mappings from HIP to XFRM algo names < 2.6.19 */
 char *e_algo_names_old[] =
-  {"reserved", "aes", "des3_ede", "des3_ede",
-   "blowfish", "cipher_null", "cipher_null"};
+{"reserved",   "aes",         "des3_ede", "des3_ede",
+ "blowfish", "cipher_null", "cipher_null"};
 char *a_algo_names_old[] =
-  {"reserved", "sha1", "sha1", "md5",
-   "sha1", "sha1", "md5"};
+{"reserved", "sha1", "sha1", "md5",
+ "sha1",   "sha1", "md5"};
 
 /* Mappings from HIP to XFRM algo names >= 2.6.19 */
 char *e_algo_names_new[] =
-  {"reserved", "cbc(aes)", "cbc(des3_ede)", "cbc(des3_ede)",
-   "cbc(blowfish)", "ecb(cipher_null)", "ecb(cipher_null)"};
+{"reserved",        "cbc(aes)",         "cbc(des3_ede)", "cbc(des3_ede)",
+ "cbc(blowfish)", "ecb(cipher_null)", "ecb(cipher_null)"};
 char *a_algo_names_new[] =
-  {"reserved", "hmac(sha1)", "hmac(sha1)", "hmac(md5)",
-   "hmac(sha1)", "hmac(sha1)", "hmac(md5)"};
+{"reserved",     "hmac(sha1)", "hmac(sha1)", "hmac(md5)",
+ "hmac(sha1)", "hmac(sha1)", "hmac(md5)"};
 
 
 /**
@@ -55,140 +55,135 @@
  *
  * @return 0 if successful, else < 0
  */
-
-//hip_xfrm_policy_modify(hip_xfrmapi_nl_ipsec, cmd, dst_hit, src_hit, 
src_addr, dst_addr,XFRM_POLICY_IN, proto, prefix,AF_INET6)
-
-
 static int hip_xfrm_policy_modify(struct rtnl_handle *rth, int cmd,
-                                 const struct in6_addr *id_our,
-                                 const struct in6_addr *id_peer,
-                                 const struct in6_addr *tmpl_saddr,
-                                 const struct in6_addr *tmpl_daddr,
-                                 int dir, u8 proto, u8 id_prefix,
-                                 int preferred_family)
-{
-       struct {
-               struct nlmsghdr                 n;
-               struct xfrm_userpolicy_info     xpinfo;
-               char                            buf[RTA_BUF_SIZE];
-       } req;
-       char tmpls_buf[XFRM_TMPLS_BUF_SIZE];
-       int tmpls_len = 0, err = 0;
-       unsigned flags = 0;
-       struct xfrm_user_tmpl *tmpl;
-
-       memset(&req, 0, sizeof(req));
-       memset(&tmpls_buf, 0, sizeof(tmpls_buf));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xpinfo));
-       req.n.nlmsg_flags = NLM_F_REQUEST|flags;
-       req.n.nlmsg_type = cmd;
-
-       xfrm_init_lft(&req.xpinfo.lft);
-
-       /* Direction */
-       req.xpinfo.dir = dir;
-
-       /* SELECTOR <--> HITs  SELECTOR <--> LSIs*/
-       HIP_IFE(xfrm_fill_selector(&req.xpinfo.sel, id_peer, id_our, 0,
-                                  id_prefix, 0, 0, preferred_family), -1);
-
-       /* TEMPLATE */
-       tmpl = (struct xfrm_user_tmpl *)((char *)tmpls_buf);
-
-       if(IN6_IS_ADDR_V4MAPPED(tmpl_saddr) || IN6_IS_ADDR_V4MAPPED(tmpl_daddr))
-       {
-               HIP_DEBUG("IPv4 address found in tmpl policy\n");
-               tmpl->family = AF_INET;
-       } else {
-               tmpl->family = preferred_family;
-       }
-
-
-       /* The mode has to be BEET */
-       if (proto) {
-               tmpl->mode = XFRM_MODE_BEET;
-               tmpl->id.proto = proto;
-       }
-
-       tmpl->aalgos = (~(__u32)0);
-       tmpl->ealgos = (~(__u32)0);
-       tmpl->calgos = (~(__u32)0);
-       tmpl->optional = 0; /* required */
-       tmpls_len += sizeof(*tmpl);
-       if (tmpl_saddr && tmpl_daddr) {
-               if(tmpl->family == AF_INET){
-                       tmpl->saddr.a4 = tmpl_saddr->s6_addr32[3];
-                       tmpl->id.daddr.a4 = tmpl_daddr->s6_addr32[3];
-               } else {
-                       memcpy(&tmpl->saddr, tmpl_saddr, sizeof(tmpl->saddr));
-                       memcpy(&tmpl->id.daddr, tmpl_daddr, 
sizeof(tmpl->id.daddr));
-               }
-       }
-
-       addattr_l(&req.n, sizeof(req), XFRMA_TMPL,
-                 (void *)tmpls_buf, tmpls_len);
-
-       if (req.xpinfo.sel.family == AF_UNSPEC)
-               req.xpinfo.sel.family = AF_INET6;
-
-       {
-               /*void *x = malloc(sizeof(req.n) * 10);
-               memcpy(x, &req.n, sizeof(req.n));*/
-               HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 
0), -1,
-                        "netlink_talk failed\n");
-               ///if (x)
-                       //free(x);
-       }
-
-out_err:
-
-       return err;
-}
-
-
-static int hip_xfrm_sa_flush(struct rtnl_handle *rth) {
-
-       struct {
-               struct nlmsghdr           n;
-               struct xfrm_usersa_flush  xfs;
-       } req;
-       int err = 0;
-
-       memset(&req, 0, sizeof(req));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xfs));
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = XFRM_MSG_FLUSHSA;
-       req.xfs.proto = IPPROTO_ESP;
-
-       HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
-                "SA flush failed\n");
-
- out_err:
-
-       return err;
-}
-
-static int hip_xfrm_policy_flush(struct rtnl_handle *rth) {
-
-       struct {
-               struct nlmsghdr                 n;
-       } req;
-       int err = 0;
-
-       memset(&req, 0, sizeof(req));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(0);
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = XFRM_MSG_FLUSHPOLICY;
-
-       HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
-                "Policy flush failed\n");
-
- out_err:
-
-       return err;
+                                  const struct in6_addr *id_our,
+                                  const struct in6_addr *id_peer,
+                                  const struct in6_addr *tmpl_saddr,
+                                  const struct in6_addr *tmpl_daddr,
+                                  int dir, u8 proto, u8 id_prefix,
+                                  int preferred_family)
+{
+    struct {
+        struct nlmsghdr             n;
+        struct xfrm_userpolicy_info xpinfo;
+        char                        buf[RTA_BUF_SIZE];
+    } req;
+    char tmpls_buf[XFRM_TMPLS_BUF_SIZE];
+    int tmpls_len  = 0, err = 0;
+    unsigned flags = 0;
+    struct xfrm_user_tmpl *tmpl;
+
+    memset(&req, 0, sizeof(req));
+    memset(&tmpls_buf, 0, sizeof(tmpls_buf));
+
+    req.n.nlmsg_len   = NLMSG_LENGTH(sizeof(req.xpinfo));
+    req.n.nlmsg_flags = NLM_F_REQUEST | flags;
+    req.n.nlmsg_type  = cmd;
+
+    xfrm_init_lft(&req.xpinfo.lft);
+
+    /* Direction */
+    req.xpinfo.dir = dir;
+
+    /* SELECTOR <--> HITs  SELECTOR <--> LSIs*/
+    HIP_IFE(xfrm_fill_selector(&req.xpinfo.sel, id_peer, id_our, 0,
+                               id_prefix, 0, 0, preferred_family), -1);
+
+    /* TEMPLATE */
+    tmpl = (struct xfrm_user_tmpl *) ((char *) tmpls_buf);
+
+    if (IN6_IS_ADDR_V4MAPPED(tmpl_saddr) || IN6_IS_ADDR_V4MAPPED(tmpl_daddr)) {
+        HIP_DEBUG("IPv4 address found in tmpl policy\n");
+        tmpl->family = AF_INET;
+    } else {
+        tmpl->family = preferred_family;
+    }
+
+
+    /* The mode has to be BEET */
+    if (proto) {
+        tmpl->mode     = XFRM_MODE_BEET;
+        tmpl->id.proto = proto;
+    }
+
+    tmpl->aalgos   = (~(__u32) 0);
+    tmpl->ealgos   = (~(__u32) 0);
+    tmpl->calgos   = (~(__u32) 0);
+    tmpl->optional = 0;     /* required */
+    tmpls_len     += sizeof(*tmpl);
+    if (tmpl_saddr && tmpl_daddr) {
+        if (tmpl->family == AF_INET) {
+            tmpl->saddr.a4    = tmpl_saddr->s6_addr32[3];
+            tmpl->id.daddr.a4 = tmpl_daddr->s6_addr32[3];
+        } else {
+            memcpy(&tmpl->saddr, tmpl_saddr, sizeof(tmpl->saddr));
+            memcpy(&tmpl->id.daddr, tmpl_daddr, sizeof(tmpl->id.daddr));
+        }
+    }
+
+    addattr_l(&req.n, sizeof(req), XFRMA_TMPL,
+              (void *) tmpls_buf, tmpls_len);
+
+    if (req.xpinfo.sel.family == AF_UNSPEC) {
+        req.xpinfo.sel.family = AF_INET6;
+    }
+
+    {
+        /*void *x = malloc(sizeof(req.n) * 10);
+         * memcpy(x, &req.n, sizeof(req.n));*/
+        HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+                 "netlink_talk failed\n");
+        ///if (x)
+        //free(x);
+    }
+
+out_err:
+
+    return err;
+}
+
+static int hip_xfrm_sa_flush(struct rtnl_handle *rth)
+{
+    struct {
+        struct nlmsghdr          n;
+        struct xfrm_usersa_flush xfs;
+    } req;
+    int err = 0;
+
+    memset(&req, 0, sizeof(req));
+
+    req.n.nlmsg_len   = NLMSG_LENGTH(sizeof(req.xfs));
+    req.n.nlmsg_flags = NLM_F_REQUEST;
+    req.n.nlmsg_type  = XFRM_MSG_FLUSHSA;
+    req.xfs.proto     = IPPROTO_ESP;
+
+    HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+             "SA flush failed\n");
+
+out_err:
+
+    return err;
+}
+
+static int hip_xfrm_policy_flush(struct rtnl_handle *rth)
+{
+    struct {
+        struct nlmsghdr n;
+    } req;
+    int err = 0;
+
+    memset(&req, 0, sizeof(req));
+
+    req.n.nlmsg_len   = NLMSG_LENGTH(0);
+    req.n.nlmsg_flags = NLM_F_REQUEST;
+    req.n.nlmsg_type  = XFRM_MSG_FLUSHPOLICY;
+
+    HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+             "Policy flush failed\n");
+
+out_err:
+
+    return err;
 }
 
 /**
@@ -200,40 +195,39 @@
  * @return 0 if successful, else < 0
  */
 static int hip_xfrm_policy_delete(struct rtnl_handle *rth,
-               const struct in6_addr *hit_our,
-               const struct in6_addr *hit_peer,
-               const int dir, const uint8_t proto,
-               const uint8_t hit_prefix,
-               const int preferred_family)
+                                  const struct in6_addr *hit_our,
+                                  const struct in6_addr *hit_peer,
+                                  const int dir, const uint8_t proto,
+                                  const uint8_t hit_prefix,
+                                  const int preferred_family)
 {
-
-       struct {
-               struct nlmsghdr                 n;
-               struct xfrm_userpolicy_id       xpid;
-       } req;
-       int err = 0;
-
-       memset(&req, 0, sizeof(req));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xpid));
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = XFRM_MSG_DELPOLICY;
-
-       req.xpid.dir = dir;
-
-       /* SELECTOR <--> HITs */
-       HIP_IFE(xfrm_fill_selector(&req.xpid.sel, hit_peer, hit_our, 0,
-                                  hit_prefix, 0, 0, preferred_family), -1);
+    struct {
+        struct nlmsghdr           n;
+        struct xfrm_userpolicy_id xpid;
+    } req;
+    int err = 0;
+
+    memset(&req, 0, sizeof(req));
+
+    req.n.nlmsg_len   = NLMSG_LENGTH(sizeof(req.xpid));
+    req.n.nlmsg_flags = NLM_F_REQUEST;
+    req.n.nlmsg_type  = XFRM_MSG_DELPOLICY;
+
+    req.xpid.dir      = dir;
+
+    /* SELECTOR <--> HITs */
+    HIP_IFE(xfrm_fill_selector(&req.xpid.sel, hit_peer, hit_our, 0,
+                               hit_prefix, 0, 0, preferred_family), -1);
 /*
-       if (req.xpid.sel.family == AF_UNSPEC)
-               req.xpid.sel.family = AF_INET6;
-*/
-       HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
-                "No associated policies to be deleted\n");
-
- out_err:
-
-       return err;
+ *      if (req.xpid.sel.family == AF_UNSPEC)
+ *              req.xpid.sel.family = AF_INET6;
+ */
+    HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+             "No associated policies to be deleted\n");
+
+out_err:
+
+    return err;
 }
 
 /**
@@ -248,111 +242,109 @@
  * @return 0 if successful, else < 0
  */
 static int hip_xfrm_state_modify(struct rtnl_handle *rth,
-                                const int cmd, const  struct in6_addr *saddr,
-                                const struct in6_addr *daddr,
-                                const struct in6_addr *src_id,
-                                const struct in6_addr *dst_id,
-                                const __u32 spi, const int ealg,
-                                const struct hip_crypto_key *enckey,
-                                const int enckey_len,
-                                const int aalg,
-                                const struct hip_crypto_key *authkey,
-                                const int authkey_len,
-                                const int preferred_family,
-                                const int sport, const int dport)
+                                 const int cmd, const struct in6_addr *saddr,
+                                 const struct in6_addr *daddr,
+                                 const struct in6_addr *src_id,
+                                 const struct in6_addr *dst_id,
+                                 const __u32 spi, const int ealg,
+                                 const struct hip_crypto_key *enckey,
+                                 const int enckey_len,
+                                 const int aalg,
+                                 const struct hip_crypto_key *authkey,
+                                 const int authkey_len,
+                                 const int preferred_family,
+                                 const int sport, const int dport)
 {
-       int err = 0;
-       struct xfrm_encap_tmpl encap;
-       struct {
-               struct nlmsghdr         n;
-               struct xfrm_usersa_info xsinfo;
-               char                    buf[RTA_BUF_SIZE];
-       } req;
-
-       HIP_DEBUG("hip_xfrm_state_modify() invoked.\n");
-       HIP_DEBUG("sport %d, dport %d\n", sport, dport);
-       HIP_DEBUG_IN6ADDR("saddr in sa", saddr);
-       HIP_DEBUG_IN6ADDR("daddr in sa", daddr);
-
-       memset(&req, 0, sizeof(req));
-
-       if(IN6_IS_ADDR_V4MAPPED(saddr) || IN6_IS_ADDR_V4MAPPED(daddr))
-       {
-               req.xsinfo.saddr.a4 = saddr->s6_addr32[3];
-               req.xsinfo.id.daddr.a4 = daddr->s6_addr32[3];
-               req.xsinfo.family = AF_INET;
-       } else {
-               memcpy(&req.xsinfo.saddr, saddr, sizeof(req.xsinfo.saddr));
-               memcpy(&req.xsinfo.id.daddr, daddr, 
sizeof(req.xsinfo.id.daddr));
-               req.xsinfo.family = preferred_family;
-       }
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xsinfo));
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = cmd;
-
-       xfrm_init_lft(&req.xsinfo.lft);
-
-       req.xsinfo.mode = XFRM_MODE_BEET;
-       req.xsinfo.id.proto = IPPROTO_ESP;
-
-       //memcpy(&req.xsinfo.saddr, saddr, sizeof(req.xsinfo.saddr));
-       //memcpy(&req.xsinfo.id.daddr, daddr, sizeof(req.xsinfo.id.daddr));
-       req.xsinfo.id.spi = htonl(spi);
-
-       /* Selector */
-       HIP_IFE(xfrm_fill_selector(&req.xsinfo.sel, src_id, dst_id,
-                          0, hip_xfrmapi_sa_default_prefix, 0,0, AF_INET6), 
-1);
-       if(req.xsinfo.family == AF_INET && (sport || dport))
-       {
-               xfrm_fill_encap(&encap, (sport ? sport : 
hip_get_local_nat_udp_port()),
-                       (dport ? dport : hip_get_peer_nat_udp_port()), saddr);
-               HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ENCAP,
-                                  (void *)&encap, sizeof(encap)), -1);
-       }
-
-       {
-               struct {
-                       struct xfrm_algo algo;
-                       char buf[XFRM_ALGO_KEY_BUF_SIZE];
-               } alg;
-               char *e_name = e_algo_names[ealg];
-               char *a_name = a_algo_names[aalg];
-               int len;
-
-               HIP_ASSERT(ealg < sizeof(e_algo_names));
-               HIP_ASSERT(aalg < sizeof(a_algo_names));
-
-               memset(alg.buf, 0, sizeof(alg.buf));
-
-               /* XFRMA_ALG_AUTH */
-               memset(&alg, 0, sizeof(alg));
-               HIP_IFE(xfrm_algo_parse((void *)&alg, XFRMA_ALG_AUTH, a_name,
-                                        authkey->key, authkey_len,
-                                       sizeof(alg.buf)), -1);
-               len = sizeof(struct xfrm_algo) + alg.algo.alg_key_len;
-
-               HIP_IFE((addattr_l(&req.n, sizeof(req.buf), XFRMA_ALG_AUTH,
-                                  (void *)&alg, len)), -1);
-
-               /* XFRMA_ALG_CRYPT */
-               memset(&alg, 0, sizeof(alg));
-               HIP_IFE(xfrm_algo_parse((void *)&alg, XFRMA_ALG_CRYPT, e_name,
-                                       enckey->key, enckey_len,
-                                       sizeof(alg.buf)), -1);
-
-               len = sizeof(struct xfrm_algo) + alg.algo.alg_key_len;
-
-               HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ALG_CRYPT,
-                                 (void *)&alg, len), -1);
-
-       }
-
-       HIP_IFE((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1);
-
- out_err:
-
-       return err;
+    int err = 0;
+    struct xfrm_encap_tmpl encap;
+    struct {
+        struct nlmsghdr         n;
+        struct xfrm_usersa_info xsinfo;
+        char                    buf[RTA_BUF_SIZE];
+    } req;
+
+    HIP_DEBUG("hip_xfrm_state_modify() invoked.\n");
+    HIP_DEBUG("sport %d, dport %d\n", sport, dport);
+    HIP_DEBUG_IN6ADDR("saddr in sa", saddr);
+    HIP_DEBUG_IN6ADDR("daddr in sa", daddr);
+
+    memset(&req, 0, sizeof(req));
+
+    if (IN6_IS_ADDR_V4MAPPED(saddr) || IN6_IS_ADDR_V4MAPPED(daddr)) {
+        req.xsinfo.saddr.a4    = saddr->s6_addr32[3];
+        req.xsinfo.id.daddr.a4 = daddr->s6_addr32[3];
+        req.xsinfo.family      = AF_INET;
+    } else {
+        memcpy(&req.xsinfo.saddr, saddr, sizeof(req.xsinfo.saddr));
+        memcpy(&req.xsinfo.id.daddr, daddr, sizeof(req.xsinfo.id.daddr));
+        req.xsinfo.family = preferred_family;
+    }
+
+    req.n.nlmsg_len     = NLMSG_LENGTH(sizeof(req.xsinfo));
+    req.n.nlmsg_flags   = NLM_F_REQUEST;
+    req.n.nlmsg_type    = cmd;
+
+    xfrm_init_lft(&req.xsinfo.lft);
+
+    req.xsinfo.mode     = XFRM_MODE_BEET;
+    req.xsinfo.id.proto = IPPROTO_ESP;
+
+    //memcpy(&req.xsinfo.saddr, saddr, sizeof(req.xsinfo.saddr));
+    //memcpy(&req.xsinfo.id.daddr, daddr, sizeof(req.xsinfo.id.daddr));
+    req.xsinfo.id.spi   = htonl(spi);
+
+    /* Selector */
+    HIP_IFE(xfrm_fill_selector(&req.xsinfo.sel, src_id, dst_id,
+                               0, hip_xfrmapi_sa_default_prefix, 0, 0,
+                               AF_INET6), -1);
+    if (req.xsinfo.family == AF_INET && (sport || dport)) {
+        xfrm_fill_encap(&encap, (sport ? sport : hip_get_local_nat_udp_port()),
+                        (dport ? dport : hip_get_peer_nat_udp_port()), saddr);
+        HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ENCAP,
+                          (void *) &encap, sizeof(encap)), -1);
+    }
+
+    {
+        struct {
+            struct xfrm_algo algo;
+            char             buf[XFRM_ALGO_KEY_BUF_SIZE];
+        } alg;
+        char *e_name = e_algo_names[ealg];
+        char *a_name = a_algo_names[aalg];
+        int len;
+
+        HIP_ASSERT(ealg < sizeof(e_algo_names));
+        HIP_ASSERT(aalg < sizeof(a_algo_names));
+
+        memset(alg.buf, 0, sizeof(alg.buf));
+
+        /* XFRMA_ALG_AUTH */
+        memset(&alg, 0, sizeof(alg));
+        HIP_IFE(xfrm_algo_parse((void *) &alg, XFRMA_ALG_AUTH, a_name,
+                                authkey->key, authkey_len,
+                                sizeof(alg.buf)), -1);
+        len = sizeof(struct xfrm_algo) + alg.algo.alg_key_len;
+
+        HIP_IFE((addattr_l(&req.n, sizeof(req.buf), XFRMA_ALG_AUTH,
+                           (void *) &alg, len)), -1);
+
+        /* XFRMA_ALG_CRYPT */
+        memset(&alg, 0, sizeof(alg));
+        HIP_IFE(xfrm_algo_parse((void *) &alg, XFRMA_ALG_CRYPT, e_name,
+                                enckey->key, enckey_len,
+                                sizeof(alg.buf)), -1);
+
+        len = sizeof(struct xfrm_algo) + alg.algo.alg_key_len;
+
+        HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ALG_CRYPT,
+                          (void *) &alg, len), -1);
+    }
+
+    HIP_IFE((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1);
+
+out_err:
+
+    return err;
 }
 
 /**
@@ -363,295 +355,307 @@
  * @return 0 if successful
  */
 static int hip_xfrm_state_delete(struct rtnl_handle *rth,
-               const struct in6_addr *peer_addr, __u32 spi,
-               const int preferred_family,
-               const int sport, const int dport)
+                                 const struct in6_addr *peer_addr, __u32 spi,
+                                 const int preferred_family,
+                                 const int sport, const int dport)
 {
-       struct
-       {
-               struct nlmsghdr n;
-               struct xfrm_usersa_id xsid;
-               char buf[RTA_BUF_SIZE];
-       } req;
-       struct xfrm_encap_tmpl encap;
-       int err = 0;
-
-       memset(&req, 0, sizeof(req));
-
-       req.n.nlmsg_len = NLMSG_LENGTH(sizeof(req.xsid));
-       req.n.nlmsg_flags = NLM_F_REQUEST;
-       req.n.nlmsg_type = XFRM_MSG_DELSA;
-       //req.xsid.family = preferred_family;
-
-       if (IN6_IS_ADDR_V4MAPPED(peer_addr))
-       {
-               HIP_DEBUG("IPV4 SA deletion\n");
-                               req.xsid.daddr.a4 = peer_addr->s6_addr32[3];
-                               req.xsid.family = AF_INET;
-       }
-       else
-       {
-               HIP_DEBUG("IPV6 SA deletion\n");
-               memcpy(&req.xsid.daddr, peer_addr, sizeof(req.xsid.daddr));
-                               req.xsid.family = preferred_family;
-       }
-
-       HIP_DEBUG("sport %d, dport %d\n", sport, dport);
-
-        /** @todo Fill in information for UDP-NAT SAs. */
-       if (req.xsid.family == AF_INET && (sport || dport))
-       {
-               HIP_DEBUG("FILLING UDP Port info while deleting\n");
-               xfrm_fill_encap(&encap, (sport ? sport : 
hip_get_local_nat_udp_port()),
-                       (dport ? dport : hip_get_peer_nat_udp_port()), 
peer_addr);
-               HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ENCAP,
-                                  (void *)&encap, sizeof(encap)), -1);
-       }
-
-
-       req.xsid.spi = htonl(spi);
-       if (spi) req.xsid.proto = IPPROTO_ESP;
-
-       HIP_DEBUG("deleting xfrm state with spi 0x%x\n", spi);
-       HIP_HEXDUMP("SA peer addr: ", &req.xsid.daddr, sizeof(req.xsid.daddr));
-       HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1, 
"netlink_talk() failed!\n");
+    struct {
+        struct nlmsghdr       n;
+        struct xfrm_usersa_id xsid;
+        char                  buf[RTA_BUF_SIZE];
+    } req;
+    struct xfrm_encap_tmpl encap;
+    int err = 0;
+
+    memset(&req, 0, sizeof(req));
+
+    req.n.nlmsg_len   = NLMSG_LENGTH(sizeof(req.xsid));
+    req.n.nlmsg_flags = NLM_F_REQUEST;
+    req.n.nlmsg_type  = XFRM_MSG_DELSA;
+    //req.xsid.family = preferred_family;
+
+    if (IN6_IS_ADDR_V4MAPPED(peer_addr)) {
+        HIP_DEBUG("IPV4 SA deletion\n");
+        req.xsid.daddr.a4 = peer_addr->s6_addr32[3];
+        req.xsid.family   = AF_INET;
+    } else {
+        HIP_DEBUG("IPV6 SA deletion\n");
+        memcpy(&req.xsid.daddr, peer_addr, sizeof(req.xsid.daddr));
+        req.xsid.family = preferred_family;
+    }
+
+    HIP_DEBUG("sport %d, dport %d\n", sport, dport);
+
+    /** @todo Fill in information for UDP-NAT SAs. */
+    if (req.xsid.family == AF_INET && (sport || dport)) {
+        HIP_DEBUG("FILLING UDP Port info while deleting\n");
+        xfrm_fill_encap(&encap, (sport ? sport : hip_get_local_nat_udp_port()),
+                        (dport ? dport : hip_get_peer_nat_udp_port()),
+                        peer_addr);
+        HIP_IFE(addattr_l(&req.n, sizeof(req.buf), XFRMA_ENCAP,
+                          (void *) &encap, sizeof(encap)), -1);
+    }
+
+
+    req.xsid.spi = htonl(spi);
+    if (spi) {
+        req.xsid.proto = IPPROTO_ESP;
+    }
+
+    HIP_DEBUG("deleting xfrm state with spi 0x%x\n", spi);
+    HIP_HEXDUMP("SA peer addr: ", &req.xsid.daddr, sizeof(req.xsid.daddr));
+    HIP_IFEL((netlink_talk(rth, &req.n, 0, 0, NULL, NULL, NULL) < 0), -1,
+             "netlink_talk() failed!\n");
 
 out_err:
-       return err;
+    return err;
 }
 
 /*
-Calculates the prefix length to use depending on identifier's type: LSI or HIT
-*/
-static int hip_calc_sp_prefix(const struct in6_addr *src_id, int 
use_full_prefix){
-
-       u8 prefix;
-
-       if (IN6_IS_ADDR_V4MAPPED(src_id)){
-               HIP_DEBUG("ipv4 address mapped as ipv6\n");
-               prefix = (use_full_prefix) ? 32 : HIP_LSI_PREFIX_LEN;
-       }
-       else
-               prefix = (use_full_prefix) ? 128 : HIP_HIT_PREFIX_LEN;
-
-       return prefix;
-}
-
-void hip_xfrm_set_nl_ipsec(struct rtnl_handle *nl_ipsec) {
-       hip_xfrmapi_nl_ipsec = nl_ipsec;
-}
-
-void hip_xfrm_set_beet(int beet) {
-       hip_xfrmapi_beet = beet;
-}
-
-void hip_xfrm_set_default_sa_prefix_len(int len) {
-       hip_xfrmapi_sa_default_prefix = len;
-}
-
-void hip_xfrm_set_algo_names(int new_algo_names) {
-       e_algo_names = (new_algo_names ? e_algo_names_new : e_algo_names_old);
-       a_algo_names = (new_algo_names ? a_algo_names_new : a_algo_names_old);
-}
-
-int hip_flush_all_policy() {
-       return hip_xfrm_policy_flush(hip_xfrmapi_nl_ipsec);
-}
-
-int hip_flush_all_sa() {
-       return hip_xfrm_sa_flush(hip_xfrmapi_nl_ipsec);
+ * Calculates the prefix length to use depending on identifier's type:
+ * LSI or HIT
+ */
+static int hip_calc_sp_prefix(const struct in6_addr *src_id,
+                              int use_full_prefix)
+{
+    u8 prefix;
+
+    if (IN6_IS_ADDR_V4MAPPED(src_id)) {
+        HIP_DEBUG("ipv4 address mapped as ipv6\n");
+        prefix = (use_full_prefix) ? 32 : HIP_LSI_PREFIX_LEN;
+    } else {
+        prefix = (use_full_prefix) ? 128 : HIP_HIT_PREFIX_LEN;
+    }
+
+    return prefix;
+}
+
+void hip_xfrm_set_nl_ipsec(struct rtnl_handle *nl_ipsec)
+{
+    hip_xfrmapi_nl_ipsec = nl_ipsec;
+}
+
+void hip_xfrm_set_beet(int beet)
+{
+    hip_xfrmapi_beet = beet;
+}
+
+void hip_xfrm_set_default_sa_prefix_len(int len)
+{
+    hip_xfrmapi_sa_default_prefix = len;
+}
+
+void hip_xfrm_set_algo_names(int new_algo_names)
+{
+    e_algo_names = (new_algo_names ? e_algo_names_new : e_algo_names_old);
+    a_algo_names = (new_algo_names ? a_algo_names_new : a_algo_names_old);
+}
+
+int hip_flush_all_policy()
+{
+    return hip_xfrm_policy_flush(hip_xfrmapi_nl_ipsec);
+}
+
+int hip_flush_all_sa()
+{
+    return hip_xfrm_sa_flush(hip_xfrmapi_nl_ipsec);
 }
 
 void hip_delete_sa(const uint32_t spi, const struct in6_addr *peer_addr,
-               const struct in6_addr *not_used,
-               const int direction, hip_ha_t *entry)
+                   const struct in6_addr *not_used,
+                   const int direction, hip_ha_t *entry)
 {
-       in_port_t sport, dport;
-
-       // Ignore the dst_addr, because xfrm accepts only one address.
-       // dst_addr is used only in pfkeyapi.c
-       _HIP_DEBUG("spi=0x%x\n", spi);
-       _HIP_DEBUG_IN6ADDR("SA daddr", peer_addr);
-
-       if (direction == HIP_SPI_DIRECTION_OUT)
-       {
-               sport = entry->local_udp_port;
-               dport = entry->peer_udp_port;
-               entry->outbound_sa_count--;
-               if (entry->outbound_sa_count < 0) {
-                       HIP_ERROR("Warning: out sa count negative\n");
-                       entry->outbound_sa_count = 0;
-               }
-       }
-       else
-       {
-               sport = entry->peer_udp_port;
-               dport = entry->local_udp_port;
-               entry->inbound_sa_count--;
-               if (entry->inbound_sa_count < 0) {
-                       HIP_ERROR("Warning: in sa count negative\n");
-                       entry->inbound_sa_count = 0;
-               }
-       }
-
-       hip_xfrm_state_delete(hip_xfrmapi_nl_ipsec, peer_addr, spi, AF_INET6,
-                             sport, dport);
+    in_port_t sport, dport;
+
+    // Ignore the dst_addr, because xfrm accepts only one address.
+    // dst_addr is used only in pfkeyapi.c
+    _HIP_DEBUG("spi=0x%x\n", spi);
+    _HIP_DEBUG_IN6ADDR("SA daddr", peer_addr);
+
+    if (direction == HIP_SPI_DIRECTION_OUT) {
+        sport = entry->local_udp_port;
+        dport = entry->peer_udp_port;
+        entry->outbound_sa_count--;
+        if (entry->outbound_sa_count < 0) {
+            HIP_ERROR("Warning: out sa count negative\n");
+            entry->outbound_sa_count = 0;
+        }
+    } else {
+        sport = entry->peer_udp_port;
+        dport = entry->local_udp_port;
+        entry->inbound_sa_count--;
+        if (entry->inbound_sa_count < 0) {
+            HIP_ERROR("Warning: in sa count negative\n");
+            entry->inbound_sa_count = 0;
+        }
+    }
+
+    hip_xfrm_state_delete(hip_xfrmapi_nl_ipsec, peer_addr, spi, AF_INET6,
+                          sport, dport);
 }
 
 uint32_t hip_acquire_spi(hip_hit_t *srchit, hip_hit_t *dsthit)
 {
-       uint32_t spi;
-       get_random_bytes(&spi, sizeof(uint32_t));
-       return spi; /* XX FIXME: REWRITE USING XFRM */
+    uint32_t spi;
+    get_random_bytes(&spi, sizeof(uint32_t));
+    return spi;     /* XX FIXME: REWRITE USING XFRM */
 }
 
 /* Security associations in the kernel with BEET are bounded to the outer
  * address, meaning IP addresses. As a result the parameters to be given
  * should be such an addresses and not the HITs.
  *
- * If you make changes to this function, please change also 
hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa() and pfkeyapi.c:add_sa()
+ * If you make changes to this function, please change also
+ * hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa() and
+ * pfkeyapi.c:add_sa()
  */
-uint32_t hip_add_sa(const struct in6_addr *saddr, const struct in6_addr *daddr,
-               const struct in6_addr *src_hit, const struct in6_addr *dst_hit,
-               const uint32_t spi, const int ealg,
-               const struct hip_crypto_key *enckey,
-               const struct hip_crypto_key *authkey,
-               const int already_acquired,
-               const int direction, const int update,
-               hip_ha_t *entry)
+uint32_t hip_add_sa(const struct in6_addr *saddr,
+                    const struct in6_addr *daddr,
+                    const struct in6_addr *src_hit,
+                    const struct in6_addr *dst_hit,
+                    const uint32_t spi,
+                    const int ealg,
+                    const struct hip_crypto_key *enckey,
+                    const struct hip_crypto_key *authkey,
+                    const int already_acquired,
+                    const int direction,
+                    const int update,
+                    hip_ha_t *entry)
 {
-       int err = 0, enckey_len, authkey_len;
-       int aalg = ealg;
-       int cmd = update ? XFRM_MSG_UPDSA : XFRM_MSG_NEWSA;
-       in_port_t sport, dport;
-
-       HIP_ASSERT(spi != 0);
-       HIP_ASSERT(entry);
-       
-       HIP_IFEL((entry->disable_sas == 1), 0,
-                "SA creation disabled\n");
-
-       if (direction == HIP_SPI_DIRECTION_OUT)
-       {
-               sport = entry->local_udp_port;
-               dport = entry->peer_udp_port;
-               entry->outbound_sa_count++;
-       }
-       else
-       {
-               sport = entry->peer_udp_port;
-               dport = entry->local_udp_port;
-               entry->inbound_sa_count++;
-       }
-
-       authkey_len = hip_auth_key_length_esp(aalg);
-       enckey_len = hip_enc_key_length(ealg);
-
-       HIP_IFEL((enckey_len < 0 || authkey_len < 0), 1,
-                "Bad enc or auth key len\n");
+    int err  = 0, enckey_len, authkey_len;
+    int aalg = ealg;
+    int cmd  = update ? XFRM_MSG_UPDSA : XFRM_MSG_NEWSA;
+    in_port_t sport, dport;
+
+    HIP_ASSERT(spi != 0);
+    HIP_ASSERT(entry);
+
+    HIP_IFEL((entry->disable_sas == 1), 0,
+             "SA creation disabled\n");
+
+    if (direction == HIP_SPI_DIRECTION_OUT) {
+        sport = entry->local_udp_port;
+        dport = entry->peer_udp_port;
+        entry->outbound_sa_count++;
+    } else {
+        sport = entry->peer_udp_port;
+        dport = entry->local_udp_port;
+        entry->inbound_sa_count++;
+    }
+
+    authkey_len = hip_auth_key_length_esp(aalg);
+    enckey_len  = hip_enc_key_length(ealg);
+
+    HIP_IFEL((enckey_len < 0 || authkey_len < 0), 1,
+             "Bad enc or auth key len\n");
 
 #if 0
-       /* XX CHECK: is there some kind of range for the SPIs ? */
-       if (!already_acquired)
-               get_random_bytes(spi, sizeof(uint32_t));
+    /* XX CHECK: is there some kind of range for the SPIs ? */
+    if (!already_acquired) {
+        get_random_bytes(spi, sizeof(uint32_t));
+    }
 #endif
 
-       HIP_DEBUG("************************************\n");
-       HIP_DEBUG("%s SA\n", (update ? "updating" : "adding new"));
-       HIP_DEBUG_HIT("src_hit", src_hit);
-       HIP_DEBUG_HIT("dst_hit", dst_hit);
-       HIP_DEBUG_IN6ADDR("saddr", saddr);
-       HIP_DEBUG_IN6ADDR("daddr", daddr);
-
-       _HIP_DEBUG("sport %d\n", sport);
-       _HIP_DEBUG("dport %d\n", dport);
-       HIP_DEBUG("direction %d\n", direction);
-       HIP_DEBUG("SPI=0x%x\n", spi);
-       HIP_DEBUG("************************************\n");
-       
-       HIP_IFE(hip_xfrm_state_modify(hip_xfrmapi_nl_ipsec, cmd,
-                                     saddr, daddr,
-                                     src_hit, dst_hit, spi,
-                                     ealg, enckey, enckey_len, aalg,
-                                     authkey, authkey_len, AF_INET6,
-                                     sport, dport), 1);
-
- out_err:
-       return err;
+    HIP_DEBUG("************************************\n");
+    HIP_DEBUG("%s SA\n", (update ? "updating" : "adding new"));
+    HIP_DEBUG_HIT("src_hit", src_hit);
+    HIP_DEBUG_HIT("dst_hit", dst_hit);
+    HIP_DEBUG_IN6ADDR("saddr", saddr);
+    HIP_DEBUG_IN6ADDR("daddr", daddr);
+
+    _HIP_DEBUG("sport %d\n", sport);
+    _HIP_DEBUG("dport %d\n", dport);
+    HIP_DEBUG("direction %d\n", direction);
+    HIP_DEBUG("SPI=0x%x\n", spi);
+    HIP_DEBUG("************************************\n");
+
+    HIP_IFE(hip_xfrm_state_modify(hip_xfrmapi_nl_ipsec, cmd,
+                                  saddr, daddr,
+                                  src_hit, dst_hit, spi,
+                                  ealg, enckey, enckey_len, aalg,
+                                  authkey, authkey_len, AF_INET6,
+                                  sport, dport), 1);
+
+out_err:
+    return err;
 }
 
 int hip_setup_hit_sp_pair(const struct in6_addr *src_id,
-                         const struct in6_addr *dst_id,
-                         const struct in6_addr *src_addr,
-                         const struct in6_addr *dst_addr,
-                         u8 proto,
-                         int use_full_prefix,
-                         int update)
-{
-       HIP_DEBUG("Start\n");
-
-       int err = 0;
-       u8 prefix = hip_calc_sp_prefix(src_id, use_full_prefix);
-       int cmd = update ? XFRM_MSG_UPDPOLICY : XFRM_MSG_NEWPOLICY;
-
-       /* XX FIXME: remove the proto argument */
-       HIP_DEBUG("hip_setup_hit_sp_pair\n");
-       HIP_IFE(hip_xfrm_policy_modify(hip_xfrmapi_nl_ipsec, cmd,
-                                      dst_id, src_id,
-                                      src_addr, dst_addr,
-                                      XFRM_POLICY_IN, proto, prefix,
-                                      AF_INET6), -1);
-
-       HIP_IFE(hip_xfrm_policy_modify(hip_xfrmapi_nl_ipsec, cmd,
-                                      src_id, dst_id,
-                                      dst_addr, src_addr,
-                                      XFRM_POLICY_OUT, proto, prefix,
-                                      AF_INET6), -1);
-       HIP_DEBUG("End\n");
- out_err:
-       return err;
-}
-
-void hip_delete_hit_sp_pair(const hip_hit_t *src_hit, const hip_hit_t 
*dst_hit, const uint8_t proto,
-               const int use_full_prefix)
-{
-       u8 prefix = (use_full_prefix) ? 128 : HIP_HIT_PREFIX_LEN;
-
-       hip_xfrm_policy_delete(hip_xfrmapi_nl_ipsec, dst_hit, src_hit,
-                              XFRM_POLICY_IN, proto, prefix, AF_INET6);
-       hip_xfrm_policy_delete(hip_xfrmapi_nl_ipsec, src_hit, dst_hit,
-                              XFRM_POLICY_OUT, proto, prefix, AF_INET6);
-}
-
-void hip_delete_default_prefix_sp_pair() {
-       hip_hit_t src_hit, dst_hit;
-       memset(&src_hit, 0, sizeof(hip_hit_t));
-       memset(&dst_hit, 0, sizeof(hip_hit_t));
-
-       /* See the comment in hip_setup_sp_prefix_pair() */
-       set_hit_prefix(&src_hit);
-       set_hit_prefix(&dst_hit);
-
-       hip_delete_hit_sp_pair(&src_hit, &dst_hit, 0, 0);
-}
-
-int hip_setup_default_sp_prefix_pair() {
-       int err = 0;
-       hip_hit_t src_hit, dst_hit;
-       struct in6_addr ip;
-
-       memset(&ip, 0, sizeof(hip_hit_t));
-       memset(&src_hit, 0, sizeof(hip_hit_t));
-       memset(&dst_hit, 0, sizeof(hip_hit_t));
-
-       /* The OUTGOING and INCOMING policy is set to the generic value */
-       set_hit_prefix(&src_hit);
-       set_hit_prefix(&dst_hit);
-
-       HIP_IFE(hip_setup_hit_sp_pair(&src_hit, &dst_hit, &ip, &ip, 0, 0, 0),
-               -1);
- out_err:
-       return err;
+                          const struct in6_addr *dst_id,
+                          const struct in6_addr *src_addr,
+                          const struct in6_addr *dst_addr,
+                          u8 proto,
+                          int use_full_prefix,
+                          int update)
+{
+    HIP_DEBUG("Start\n");
+
+    int err   = 0;
+    u8 prefix = hip_calc_sp_prefix(src_id, use_full_prefix);
+    int cmd   = update ? XFRM_MSG_UPDPOLICY : XFRM_MSG_NEWPOLICY;
+
+    /* XX FIXME: remove the proto argument */
+    HIP_DEBUG("hip_setup_hit_sp_pair\n");
+    HIP_IFE(hip_xfrm_policy_modify(hip_xfrmapi_nl_ipsec, cmd,
+                                   dst_id, src_id,
+                                   src_addr, dst_addr,
+                                   XFRM_POLICY_IN, proto, prefix,
+                                   AF_INET6), -1);
+
+    HIP_IFE(hip_xfrm_policy_modify(hip_xfrmapi_nl_ipsec, cmd,
+                                   src_id, dst_id,
+                                   dst_addr, src_addr,
+                                   XFRM_POLICY_OUT, proto, prefix,
+                                   AF_INET6), -1);
+    HIP_DEBUG("End\n");
+out_err:
+    return err;
+}
+
+void hip_delete_hit_sp_pair(const hip_hit_t *src_hit,
+                            const hip_hit_t *dst_hit,
+                            const uint8_t proto,
+                            const int use_full_prefix)
+{
+    u8 prefix = (use_full_prefix) ? 128 : HIP_HIT_PREFIX_LEN;
+
+    hip_xfrm_policy_delete(hip_xfrmapi_nl_ipsec, dst_hit, src_hit,
+                           XFRM_POLICY_IN, proto, prefix, AF_INET6);
+    hip_xfrm_policy_delete(hip_xfrmapi_nl_ipsec, src_hit, dst_hit,
+                           XFRM_POLICY_OUT, proto, prefix, AF_INET6);
+}
+
+void hip_delete_default_prefix_sp_pair()
+{
+    hip_hit_t src_hit, dst_hit;
+    memset(&src_hit, 0, sizeof(hip_hit_t));
+    memset(&dst_hit, 0, sizeof(hip_hit_t));
+
+    /* See the comment in hip_setup_sp_prefix_pair() */
+    set_hit_prefix(&src_hit);
+    set_hit_prefix(&dst_hit);
+
+    hip_delete_hit_sp_pair(&src_hit, &dst_hit, 0, 0);
+}
+
+int hip_setup_default_sp_prefix_pair()
+{
+    int err = 0;
+    hip_hit_t src_hit, dst_hit;
+    struct in6_addr ip;
+
+    memset(&ip, 0, sizeof(hip_hit_t));
+    memset(&src_hit, 0, sizeof(hip_hit_t));
+    memset(&dst_hit, 0, sizeof(hip_hit_t));
+
+    /* The OUTGOING and INCOMING policy is set to the generic value */
+    set_hit_prefix(&src_hit);
+    set_hit_prefix(&dst_hit);
+
+    HIP_IFE(hip_setup_hit_sp_pair(&src_hit, &dst_hit, &ip, &ip, 0, 0, 0),
+            -1);
+out_err:
+    return err;
 }
 
 #endif /* ! CONFIG_HIP_PFKEY */

=== modified file 'lib/tool/xfrmapi.c.doxyme'
--- lib/tool/xfrmapi.c.doxyme   2010-01-19 11:26:32 +0000
+++ lib/tool/xfrmapi.c.doxyme   2010-02-11 00:01:07 +0000
@@ -14,20 +14,20 @@
 
 
 
- ///  Single line comment for dOxygen.
+///  Single line comment for dOxygen.
 
 /**
  * my_great_function
  *
  * Write description of function here.
  * The function should follow these comments.
- * 
+ *
  * Document the use of each function variable and indicate if this
  * argument is used to return information to the calling context. Use
- * [out] for outut parameters (This is very important). Align the 
+ * [out] for outut parameters (This is very important). Align the
  * descriptions to improve readability.
  *
- *  @note: put important usage informations to notes. 
+ *  @note: put important usage informations to notes.
  *
  *  @param      firstArg     Description of first function argument.
  *  @param[out] secondArg    Description of second function argument.
@@ -35,7 +35,8 @@
  *  @return Description of returned value.
  **/
 
-int my_great_function(int firstArg, char** secondArg, int thirdArg){
+int my_great_function(int firstArg, char **secondArg, int thirdArg)
+{
     .....
 
 /// Now it's your turn.
@@ -44,17 +45,17 @@
 
 
 /**
- * hip_acquire_spi 
+ * hip_acquire_spi
  *
  *
  * @param srchit
  * @param dsthit
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_add_sa 
+ * hip_add_sa
  *
  *
  * @param saddr
@@ -69,34 +70,34 @@
  * @param direction
  * @param update
  * @param entry
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_calc_sp_prefix 
+ * hip_calc_sp_prefix
  *
  *
  * @param src_id
  * @param use_full_prefix
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_delete_hit_sp_pair 
+ * hip_delete_hit_sp_pair
  *
  *
  * @param src_hit
  * @param dst_hit
  * @param proto
  * @param use_full_prefix
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_delete_sa 
+ * hip_delete_sa
  *
  *
  * @param spi
@@ -104,12 +105,12 @@
  * @param not_used
  * @param direction
  * @param entry
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_setup_hit_sp_pair 
+ * hip_setup_hit_sp_pair
  *
  *
  * @param src_id
@@ -119,21 +120,21 @@
  * @param proto
  * @param use_full_prefix
  * @param update
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_get_beet 
+ * hip_xfrm_get_beet
  *
  *
  * @param void
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_policy_delete 
+ * hip_xfrm_policy_delete
  *
  *
  * @param rth
@@ -143,21 +144,21 @@
  * @param proto
  * @param hit_prefix
  * @param preferred_family
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_policy_flush 
+ * hip_xfrm_policy_flush
  *
  *
  * @param rth
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_policy_modify 
+ * hip_xfrm_policy_modify
  *
  *
  * @param rth
@@ -170,57 +171,57 @@
  * @param proto
  * @param id_prefix
  * @param preferred_family
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_sa_flush 
+ * hip_xfrm_sa_flush
  *
  *
  * @param rth
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_set_algo_names 
+ * hip_xfrm_set_algo_names
  *
  *
  * @param new_algo_names
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_set_beet 
+ * hip_xfrm_set_beet
  *
  *
  * @param beet
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_set_default_sa_prefix_len 
+ * hip_xfrm_set_default_sa_prefix_len
  *
  *
  * @param len
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_set_nl_ipsec 
+ * hip_xfrm_set_nl_ipsec
  *
  *
  * @param nl_ipsec
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_state_delete 
+ * hip_xfrm_state_delete
  *
  *
  * @param rth
@@ -229,12 +230,12 @@
  * @param preferred_family
  * @param sport
  * @param dport
- * @return 
+ * @return
  **/
 
 
 /**
- * hip_xfrm_state_modify 
+ * hip_xfrm_state_modify
  *
  *
  * @param rth
@@ -253,6 +254,5 @@
  * @param preferred_family
  * @param sport
  * @param dport
- * @return 
+ * @return
  **/
-

=== modified file 'lib/tool/xfrmapi.h'
--- lib/tool/xfrmapi.h  2010-01-19 11:26:32 +0000
+++ lib/tool/xfrmapi.h  2010-02-11 00:01:07 +0000
@@ -40,39 +40,41 @@
  * manage the replica of HADB within the kernel.
  */
 void hip_xfrm_set_nl_ipsec(struct rtnl_handle *nl_ipsec);
-int hip_xfrm_dst_init(struct in6_addr * dst_hit, struct in6_addr * dst_addr);
+int hip_xfrm_dst_init(struct in6_addr *dst_hit, struct in6_addr *dst_addr);
 int hip_xfrm_update(hip_hit_t *hit, hip_hit_t *hit2, struct in6_addr *addr,
-                   uint32_t spi, int state, int dir, hip_portpair_t *sa_info);
-int hip_xfrm_delete(hip_hit_t * hit, uint32_t spi, int dir);
+                    uint32_t spi, int state, int dir, hip_portpair_t *sa_info);
+int hip_xfrm_delete(hip_hit_t *hit, uint32_t spi, int dir);
 
 /* Allocates SPI for fixed time */
 uint32_t hip_acquire_spi(hip_hit_t *srchit, hip_hit_t *dsthit);
 
 /* Setups the SA (with a given SPI if so said) */
-uint32_t hip_add_sa(const struct in6_addr *saddr, const struct in6_addr *daddr,
-               const struct in6_addr *src_hit, const struct in6_addr *dst_hit,
-               const uint32_t spi, const int ealg,
-               const struct hip_crypto_key *enckey,
-               const struct hip_crypto_key *authkey,
-               const int already_acquired,
-               const int direction, const int update,
-               hip_ha_t *entry);
+uint32_t hip_add_sa(const struct in6_addr *saddr,
+                    const struct in6_addr *daddr,
+                    const struct in6_addr *src_hit,
+                    const struct in6_addr *dst_hit,
+                    const uint32_t spi, const int ealg,
+                    const struct hip_crypto_key *enckey,
+                    const struct hip_crypto_key *authkey,
+                    const int already_acquired,
+                    const int direction, const int update,
+                    hip_ha_t *entry);
 
 void hip_delete_sa(const uint32_t spi, const struct in6_addr *peer_addr,
-               const struct in6_addr *not_used,
-               const int direction, hip_ha_t *entry);
+                   const struct in6_addr *not_used,
+                   const int direction, hip_ha_t *entry);
 
 
 int hip_setup_hit_sp_pair(const hip_hit_t *src_hit,
-                         const hip_hit_t *dst_hit,
+                          const hip_hit_t *dst_hit,
                           const struct in6_addr *src_addr,
                           const struct in6_addr *dst_addr,
-                         u8 proto,
+                          u8 proto,
                           int use_full_prefix,
-                         int update);
+                          int update);
 
 void hip_delete_hit_sp_pair(const hip_hit_t *src_hit, const hip_hit_t *dst_hit,
-               const uint8_t proto, const int use_full_prefix);
+                            const uint8_t proto, const int use_full_prefix);
 
 
 void hip_xfrm_set_beet(int beet);
@@ -87,4 +89,3 @@
 
 
 #endif /* HIP_BEET_H */
-

Other related posts:

  • » [hipl-commit] [trunk] Rev 3592: uncrustified lib/tool - Rene Hummen