Committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx> Date: Wed Feb 17 14:55:23 2010 +0100 Revision: 3663 Revision-id: rene.hummen@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Branch nick: trunk Log: fixed still existing TABs in firewall Modified: M firewall/cache_port.c M firewall/common_hipd_msg.c M firewall/esp_prot_api.c M firewall/esp_prot_config.c M firewall/esp_prot_conntrack.c M firewall/esp_prot_fw_msg.c M firewall/firewall.c M firewall/firewall_control.c M firewall/firewalldb.c M firewall/lsi.c M firewall/proxy.c M firewall/sysopp.c M firewall/user_ipsec_api.c M firewall/user_ipsec_esp.c M firewall/user_ipsec_sadb.c === modified file 'firewall/cache_port.c' --- firewall/cache_port.c 2010-02-11 09:57:04 +0000 +++ firewall/cache_port.c 2010-02-17 13:55:23 +0000 @@ -32,8 +32,8 @@ /** * add a default entry in the firewall port cache. * - * @param key the hash key (a string consisting of concatenation of the port, an underscore and the protocol) - * @param value the value for the hash key (LSI mode value) + * @param key the hash key (a string consisting of concatenation of the port, an underscore and the protocol) + * @param value the value for the hash key (LSI mode value) * * @return zero on success or non-zero on failure */ === modified file 'firewall/common_hipd_msg.c' --- firewall/common_hipd_msg.c 2010-02-12 10:47:40 +0000 +++ firewall/common_hipd_msg.c 2010-02-17 13:55:23 +0000 @@ -9,15 +9,15 @@ /** * Gets the state of the bex for a pair of ip addresses. - * @param src_ip input for finding the correct entries - * @param dst_ip input for finding the correct entries - * @param src_hit output data of the correct entry - * @param dst_hit output data of the correct entry - * @param src_lsi output data of the correct entry - * @param dst_lsi output data of the correct entry + * @param src_ip input for finding the correct entries + * @param dst_ip input for finding the correct entries + * @param src_hit output data of the correct entry + * @param dst_hit output data of the correct entry + * @param src_lsi output data of the correct entry + * @param dst_lsi output data of the correct entry * - * @return the state of the bex if the entry is found - * otherwise returns -1 + * @return the state of the bex if the entry is found + * otherwise returns -1 */ int hip_get_bex_state_from_IPs(const struct in6_addr *src_ip, const struct in6_addr *dst_ip, === modified file 'firewall/esp_prot_api.c' --- firewall/esp_prot_api.c 2010-02-10 23:02:52 +0000 +++ firewall/esp_prot_api.c 2010-02-17 13:55:23 +0000 @@ -95,9 +95,9 @@ /** * Adds buffered packet hashes to a protected IPsec packet * - * @param esp_packet buffer where to write to - * @param esp_length length of the output (return value) - * @param entry the corresponding outbound IPsec SA + * @param esp_packet buffer where to write to + * @param esp_length length of the output (return value) + * @param entry the corresponding outbound IPsec SA */ static int esp_prot_add_packet_hashes(unsigned char *esp_packet, int *out_length, @@ -167,9 +167,9 @@ /** gets hash structure by anchor element from BEX store, * refills BEX store and sends update message to hipd * - * @param item_anchor anchor element of the hash structure to be looked up - * @param transform the TPA transform of the corresponding hash structure - * @return pointer to the hash structure, NULL if not found + * @param item_anchor anchor element of the hash structure to be looked up + * @param transform the TPA transform of the corresponding hash structure + * @return pointer to the hash structure, NULL if not found */ static void *esp_prot_get_bex_item_by_anchor(const unsigned char *item_anchor, const uint8_t transform) @@ -220,7 +220,7 @@ /** initializes the esp protection extension for the hipfw and the hipd * - * @return 0 on success, -1 on error + * @return 0 on success, -1 on error */ int esp_prot_init(void) { @@ -375,7 +375,7 @@ /** un-initializes the esp protection extension for the hipfw and the hipd * - * @return 0 on success, -1 on error + * @return 0 on success, -1 on error */ int esp_prot_uninit(void) { @@ -403,13 +403,13 @@ /** sets the esp protection-specific information of an IPsec SA * - * @param entry the corresponding IPsec SA - * @param esp_prot_transform the TPA transform - * @param hash_item_length length of the employed hash structure - * @param esp_num_anchors number of anchor elements - * @param esp_prot_anchors either active or update anchor elements, depends on update - * @param update indicates whether we are processing a BEX or an UPDATE - * @return 0 on success, 1 if TPA transforms not matching, -1 on error + * @param entry the corresponding IPsec SA + * @param esp_prot_transform the TPA transform + * @param hash_item_length length of the employed hash structure + * @param esp_num_anchors number of anchor elements + * @param esp_prot_anchors either active or update anchor elements, depends on update + * @param update indicates whether we are processing a BEX or an UPDATE + * @return 0 on success, 1 if TPA transforms not matching, -1 on error */ int esp_prot_sa_entry_set(hip_sa_entry_t *entry, const uint8_t esp_prot_transform, @@ -528,7 +528,7 @@ /** frees the esp protection-specific information of an IPsec SA * - * @param entry the corresponding IPsec SA + * @param entry the corresponding IPsec SA */ void esp_prot_sa_entry_free(hip_sa_entry_t *entry) { @@ -557,9 +557,9 @@ /** cache the hash of a complete protected IPsec packet * - * @param esp_packet buffer where to write to - * @param eso_length length of the packet - * @param entry the corresponding outbound IPsec SA + * @param esp_packet buffer where to write to + * @param eso_length length of the packet + * @param entry the corresponding outbound IPsec SA */ int esp_prot_cache_packet_hash(unsigned char *esp_packet, const uint16_t esp_length, @@ -595,9 +595,9 @@ /** adds an esp protection token to a protected IPsec packet * - * @param esp_packet buffer where to write to - * @param esp_length length of the output (return value) - * @param entry the corresponding outbound IPsec SA + * @param esp_packet buffer where to write to + * @param esp_length length of the output (return value) + * @param entry the corresponding outbound IPsec SA */ int esp_prot_add_hash(unsigned char *esp_packet, int *out_length, hip_sa_entry_t *entry) @@ -711,17 +711,17 @@ /** verifies a hash chain-based esp protection token * - * @param hash_function the hash function to be used to derive the hashes - * @param hash_length the hash length specified for the used TPA transform - * @param active_anchor the active anchor element of the payload channel - * @param next_anchor the update anchor element of the payload channel - * @param hash_value the hash value to be verified - * @param tolerance the maximum number of hash calculations - * @param active_root the eventual root element committed to in the active hash chain - * @param active_root_length the length of the active root element - * @param next_root the eventual root element committed to in the next hash chain - * @param next_root_length the length of the next root element - * @return 0 on success, 1 in case of an implicit anchor element change, -1 on error + * @param hash_function the hash function to be used to derive the hashes + * @param hash_length the hash length specified for the used TPA transform + * @param active_anchor the active anchor element of the payload channel + * @param next_anchor the update anchor element of the payload channel + * @param hash_value the hash value to be verified + * @param tolerance the maximum number of hash calculations + * @param active_root the eventual root element committed to in the active hash chain + * @param active_root_length the length of the active root element + * @param next_root the eventual root element committed to in the next hash chain + * @param next_root_length the length of the next root element + * @return 0 on success, 1 in case of an implicit anchor element change, -1 on error */ int esp_prot_verify_hchain_element(const hash_function_t hash_function, const int hash_length, @@ -806,17 +806,17 @@ /** verifies a hash tree-based esp protection token * - * @param hash_function the hash function to be used to derive the hashes - * @param hash_length the hash length specified for the used TPA transform - * @param hash_tree_depth depth of the hash tree in use - * @param active_root the active root element of the payload channel - * @param next_root the update root element of the payload channel - * @param active_uroot the eventual root element committed to in the active hash tree - * @param active_uroot_length the length of the active root element - * @param next_uroot the eventual root element committed to in the next hash tree - * @param next_uroot_length the length of the next root element - * @param hash_value contains the data block and verification branch to be verified - * @return 0 on success, 1 in case of an implicit root element change, -1 on error + * @param hash_function the hash function to be used to derive the hashes + * @param hash_length the hash length specified for the used TPA transform + * @param hash_tree_depth depth of the hash tree in use + * @param active_root the active root element of the payload channel + * @param next_root the update root element of the payload channel + * @param active_uroot the eventual root element committed to in the active hash tree + * @param active_uroot_length the length of the active root element + * @param next_uroot the eventual root element committed to in the next hash tree + * @param next_uroot_length the length of the next root element + * @param hash_value contains the data block and verification branch to be verified + * @return 0 on success, 1 in case of an implicit root element change, -1 on error */ int esp_prot_verify_htree_element(const hash_function_t hash_function, const int hash_length, @@ -903,8 +903,8 @@ /** resolves an esp protection transform to the hash function and hash length in use * - * @param transform the TPA transform - * @return resolved transform, NULL for UNUSED transform + * @param transform the TPA transform + * @return resolved transform, NULL for UNUSED transform */ esp_prot_tfm_t *esp_prot_resolve_transform(const uint8_t transform) { @@ -920,8 +920,8 @@ /** resolves an esp protection transform to the hash function in use * - * @param transform the TPA transform - * @return resolved hash function, NULL for UNUSED transform + * @param transform the TPA transform + * @return resolved hash function, NULL for UNUSED transform */ hash_function_t esp_prot_get_hash_function(const uint8_t transform) { @@ -946,8 +946,8 @@ /** resolves an esp protection transform to the hash length in use * - * @param transform the TPA transform - * @return resolved hash length, 0 for UNUSED transform + * @param transform the TPA transform + * @return resolved hash length, 0 for UNUSED transform */ int esp_prot_get_hash_length(const uint8_t transform) { @@ -968,8 +968,8 @@ /** gets the data offset of the ESP IV and payload * - * @param entry the corresponding IPsec SA - * @return ESP header length if no esp protection, else ESP header length + token length + * @param entry the corresponding IPsec SA + * @return ESP header length if no esp protection, else ESP header length + token length */ int esp_prot_get_data_offset(const hip_sa_entry_t *entry) { @@ -1001,8 +1001,8 @@ * when active one reaches threshold, does the hash structure change when active * one is depleted, refills the update store * - * @param entry the corresponding outbound IPsec SA - * @return 0 on success, 1 in case of UNUSED transform, -1 otherwise + * @param entry the corresponding outbound IPsec SA + * @return 0 on success, 1 in case of UNUSED transform, -1 otherwise */ int esp_prot_sadb_maintenance(hip_sa_entry_t *entry) { === modified file 'firewall/esp_prot_config.c' --- firewall/esp_prot_config.c 2010-02-11 17:21:17 +0000 +++ firewall/esp_prot_config.c 2010-02-17 13:55:23 +0000 @@ -81,7 +81,7 @@ /** * parses the config-file and stores the parameters in memory * - * @return configuration parameters + * @return configuration parameters */ config_t *esp_prot_read_config(void) { @@ -115,8 +115,8 @@ /** * releases the configuration file and frees the configuration memory * - * @param cfg parsed configuration parameters - * @return always 0 + * @param cfg parsed configuration parameters + * @return always 0 */ int esp_prot_release_config(config_t *cfg) { @@ -135,8 +135,8 @@ /** * sets the token-specific parameters such as protection mode and element length * - * @param cfg parsed configuration parameters - * @return 0 on success, -1 otherwise + * @param cfg parsed configuration parameters + * @return 0 on success, -1 otherwise */ int esp_prot_token_config(const config_t *cfg) { @@ -272,8 +272,8 @@ /** * sets the sender-specific configuration parameters * - * @param cfg parsed configuration parameters - * @return 0 on success, -1 otherwise + * @param cfg parsed configuration parameters + * @return 0 on success, -1 otherwise */ int esp_prot_sender_config(const config_t *cfg) { @@ -338,8 +338,8 @@ /** * sets the verifier-specific configuration parameters * - * @param cfg parsed configuration parameters - * @return 0 on success, -1 otherwise + * @param cfg parsed configuration parameters + * @return 0 on success, -1 otherwise */ int esp_prot_verifier_config(const config_t *cfg) { === modified file 'firewall/esp_prot_conntrack.c' --- firewall/esp_prot_conntrack.c 2010-02-11 09:57:04 +0000 +++ firewall/esp_prot_conntrack.c 2010-02-17 13:55:23 +0000 @@ -48,8 +48,8 @@ /** * Resolves a transform to the specified hash function and hash length * - * @param transform TPA transform - * @return resolved transform, NULL for UNUSED transform + * @param transform TPA transform + * @return resolved transform, NULL for UNUSED transform */ static esp_prot_conntrack_tfm_t *esp_prot_conntrack_resolve_transform( const uint8_t transform) @@ -66,7 +66,7 @@ /** * Frees cached anchor elements * - * @param cache_item the cache item to be freed + * @param cache_item the cache item to be freed */ static void esp_prot_conntrack_free_cached_item(void *cache_item) { @@ -95,10 +95,10 @@ /** * Finds the matching esp state in the connection state * - * @param tuple state maintained for this connection - * @param active_anchor the active anchor element of the TPA tokens - * @param hash_length length of the anchor element - * @return esp state of the connection + * @param tuple state maintained for this connection + * @param active_anchor the active anchor element of the TPA tokens + * @param hash_length length of the anchor element + * @return esp state of the connection */ static struct esp_tuple *esp_prot_conntrack_find_esp_tuple( const struct tuple *tuple, @@ -149,11 +149,11 @@ /** * Caches an anchor element found in a update messages * - * @param tuple state maintained for this connection - * @param seq the sequence number parameter of the HIP message - * @param esp_anchors the anchor element parameters of the HIP message - * @param esp_roots the root element parameters of the HIP message - * @return 0 on success, -1 in case of an error + * @param tuple state maintained for this connection + * @param seq the sequence number parameter of the HIP message + * @param esp_anchors the anchor element parameters of the HIP message + * @param esp_roots the root element parameters of the HIP message + * @return 0 on success, -1 in case of an error */ static int esp_prot_conntrack_cache_anchor(const struct tuple *tuple, const struct hip_seq *seq, @@ -265,10 +265,10 @@ * Stores and enables update anchor element, if an acknowledgement for the * update is received * - * @param tuple state maintained for this connection - * @param ack the acknowledgement parameter of the HIP message - * @param esp_info the esp info parameter of the HIP message - * @return -1 on error, 1 if cached update not found, 0 if ok + * @param tuple state maintained for this connection + * @param ack the acknowledgement parameter of the HIP message + * @param esp_info the esp info parameter of the HIP message + * @return -1 on error, 1 if cached update not found, 0 if ok */ static int esp_prot_conntrack_update_anchor(const struct tuple *tuple, const struct hip_ack *ack, @@ -386,11 +386,11 @@ /** * Verifies the anchor element of a HHL-based update * - * @param tuple state maintained for this connection - * @param esp_anchors the anchor element parameters of the HIP message - * @param esp_branches the verification branch parameters - * @param esp_secrets the secret parameters - * @return 0 on success, -1 on error + * @param tuple state maintained for this connection + * @param esp_anchors the anchor element parameters of the HIP message + * @param esp_branches the verification branch parameters + * @param esp_secrets the secret parameters + * @return 0 on success, -1 on error */ static int esp_prot_conntrack_verify_branch(const struct tuple *tuple, struct esp_prot_anchor *esp_anchors[MAX_NUM_PARALLEL_HCHAINS], @@ -530,9 +530,9 @@ /** * Processes the transform list enclosed in the R1 * - * @param common the HIP message - * @param tuple connection state of the connection tracking mechanism - * @return always 0 + * @param common the HIP message + * @param tuple connection state of the connection tracking mechanism + * @return always 0 */ int esp_prot_conntrack_R1_tfms(const struct hip_common *common, const struct tuple *tuple) @@ -588,9 +588,9 @@ /** * Processes the anchor element of the I2 * - * @param common the HIP message - * @param tuple connection state of the connection tracking mechanism - * @return 0 on success, 1 if non-matching anchor element properties, -1 in case + * @param common the HIP message + * @param tuple connection state of the connection tracking mechanism + * @return 0 on success, 1 if non-matching anchor element properties, -1 in case * of an error */ int esp_prot_conntrack_I2_anchor(const struct hip_common *common, @@ -718,8 +718,8 @@ /** * Gets the corresponding state for the R2 * - * @param other_dir_esps maintained connection tracking state for this connection - * @return corresponding state + * @param other_dir_esps maintained connection tracking state for this connection + * @return corresponding state */ struct esp_tuple *esp_prot_conntrack_R2_esp_tuple(const SList *other_dir_esps) { @@ -753,9 +753,9 @@ /** * Processes the anchor element of the R2 * - * @param common the HIP message - * @param tuple connection state of the connection tracking mechanism - * @return 0 on success, 1 if non-matching anchor element properties, -1 in case + * @param common the HIP message + * @param tuple connection state of the connection tracking mechanism + * @return 0 on success, 1 if non-matching anchor element properties, -1 in case * of an error */ int esp_prot_conntrack_R2_anchor(const struct hip_common *common, @@ -862,9 +862,9 @@ /** * Processes an update message * - * @param update the HIP message - * @param tuple connection state of the connection tracking mechanism - * @return 0 on success, -1 in case of an error or unsupported update + * @param update the HIP message + * @param tuple connection state of the connection tracking mechanism + * @return 0 on success, -1 in case of an error or unsupported update */ int esp_prot_conntrack_update(const hip_common_t *update, const struct tuple *tuple) { @@ -944,8 +944,8 @@ /** * Frees (cached) anchor elements of an ESP tuple * - * @param esp_tuple the tuple to be freed - * @return always 0 + * @param esp_tuple the tuple to be freed + * @return always 0 */ int esp_prot_conntrack_remove_state(struct esp_tuple *esp_tuple) { @@ -968,11 +968,11 @@ /** * Tracks an HHL-based update message * - * @param ip6_src the source address of the packet - * @param ip6_dst the destination address of the packet - * @param common the HIP message - * @param tuple state maintained for this connection - * @return 0 on success, -1 in case of an error + * @param ip6_src the source address of the packet + * @param ip6_dst the destination address of the packet + * @param common the HIP message + * @param tuple state maintained for this connection + * @return 0 on success, -1 in case of an error */ int esp_prot_conntrack_lupdate(const struct in6_addr *ip6_src, const struct in6_addr *ip6_dst, @@ -1082,9 +1082,9 @@ /** * Verifies the enclosed TPA tokens * - * @param ctx context of the currently processed packet - * @param esp_tuple corresponding esp state of the connection - * @return 0 on success, -1 on error + * @param ctx context of the currently processed packet + * @param esp_tuple corresponding esp state of the connection + * @return 0 on success, -1 on error */ int esp_prot_conntrack_verify(const hip_fw_context_t *ctx, struct esp_tuple *esp_tuple) === modified file 'firewall/esp_prot_fw_msg.c' --- firewall/esp_prot_fw_msg.c 2010-02-11 09:57:04 +0000 +++ firewall/esp_prot_fw_msg.c 2010-02-17 13:55:23 +0000 @@ -25,9 +25,9 @@ /** creates the anchor element message * - * @param hcstore the BEX store - * @param use_hash_trees indicates whether hash chains or hash trees are stored - * @return the message on success, NULL on error + * @param hcstore the BEX store + * @param use_hash_trees indicates whether hash chains or hash trees are stored + * @return the message on success, NULL on error * * @note this will only consider the first hchain item in each shelf, as only * this should be set up for the store containing the hchains for the BEX @@ -151,8 +151,8 @@ * Sends the preferred transform to hipd implicitely turning on * the esp protection extension there * - * @param active 1 to activate, 0 to deactivate the extension in the hipd - * @return 0 on success, -1 on error + * @param active 1 to activate, 0 to deactivate the extension in the hipd + * @return 0 on success, -1 on error */ int send_esp_prot_to_hipd(const int activate) { @@ -251,9 +251,9 @@ /** sends a list of all available anchor elements in the BEX store * to the hipd * - * @param hcstore the BEX store - * @param use_hash_trees indicates whether hash chains or hash trees are stored - * @return 0 on success, -1 on error + * @param hcstore the BEX store + * @param use_hash_trees indicates whether hash chains or hash trees are stored + * @return 0 on success, -1 on error */ int send_bex_store_update_to_hipd(hchain_store_t *hcstore, const int use_hash_trees) @@ -291,13 +291,13 @@ * Invokes an UPDATE message containing an anchor element as a hook to * next hash structure to be used when the active one depletes * - * @param entry the sadb entry for the outbound direction - * @param anchors the anchor elements to be sent - * @param hash_item_length length of the respective hash item - * @param soft_update indicates if HHL-based updates should be used - * @param anchor_offset the offset of the anchor element in the link tree - * @param link_trees the link trees for the anchor elements, in case of HHL - * @return 0 on success, -1 on error + * @param entry the sadb entry for the outbound direction + * @param anchors the anchor elements to be sent + * @param hash_item_length length of the respective hash item + * @param soft_update indicates if HHL-based updates should be used + * @param anchor_offset the offset of the anchor element in the link tree + * @param link_trees the link trees for the anchor elements, in case of HHL + * @return 0 on success, -1 on error */ int send_trigger_update_to_hipd(const hip_sa_entry_t *entry, const unsigned char *anchors[MAX_NUM_PARALLEL_HCHAINS], @@ -470,8 +470,8 @@ /** * Notifies the hipd about an anchor change in the hipfw * - * @param entry the sadb entry for the outbound direction - * @return 0 on success, -1 on error, 1 for inbound sadb entry + * @param entry the sadb entry for the outbound direction + * @return 0 on success, -1 on error, 1 for inbound sadb entry */ int send_anchor_change_to_hipd(const hip_sa_entry_t *entry) { @@ -559,12 +559,12 @@ /** handles the TPA specific parts in the setup of new IPsec SAs * - * @param msg the HIP message - * @param esp_prot_transform the TPA transform (return value) - * @param num_anchors number of anchor in the array - * @param esp_prot_anchors array storing the anchors - * @param hash_item_length length of the employed hash structure at the peer (return value) - * @return 0 on success, -1 on error + * @param msg the HIP message + * @param esp_prot_transform the TPA transform (return value) + * @param num_anchors number of anchor in the array + * @param esp_prot_anchors array storing the anchors + * @param hash_item_length length of the employed hash structure at the peer (return value) + * @return 0 on success, -1 on error */ int esp_prot_handle_sa_add_request(const struct hip_common *msg, uint8_t *esp_prot_transform, === modified file 'firewall/firewall.c' --- firewall/firewall.c 2010-02-12 10:47:40 +0000 +++ firewall/firewall.c 2010-02-17 13:55:23 +0000 @@ -1849,15 +1849,15 @@ * possibly encapsulating packet type. It also stores useful pointers IP and * transport layer headers where applicable to avoid redundant casting. * - * Currently supported types: type - * - plain HIP control packet 1 - * - ESP packet 2 - * - TCP packet 3 (for opportunistic TCP handshake) + * Currently supported types: type + * - plain HIP control packet 1 + * - ESP packet 2 + * - TCP packet 3 (for opportunistic TCP handshake) * * Unsupported types -> type 0 * * @param hdr a pointer to a IP packet. - * @param ipVersion the IP version for this packet + * @param ipVersion the IP version for this packet * @return One if @c hdr is a HIP packet, zero otherwise. */ static int hip_fw_init_context(hip_fw_context_t *ctx, @@ -2137,9 +2137,9 @@ /** * Allow a packet to pass * - * @param handle the handle for the packets. - * @param packetId the packet ID. - * @return nothing + * @param handle the handle for the packets. + * @param packetId the packet ID. + * @return nothing */ static void allow_packet(struct ipq_handle *handle, unsigned long packetId) { @@ -2151,9 +2151,9 @@ /** * Drop a packet * - * @param handle the handle for the packets. - * @param packetId the packet ID. - * @return nothing + * @param handle the handle for the packets. + * @param packetId the packet ID. + * @return nothing */ static void drop_packet(struct ipq_handle *handle, unsigned long packetId) { @@ -2170,7 +2170,7 @@ * @param ip_version the type of traffic: 4 - ipv4; 6 - ipv6. * @param ctx packet context * - * @return nothing, this function loops forever, + * @return nothing, this function loops forever, * until the firewall is stopped. */ static int hip_fw_handle_packet(unsigned char *buf, === modified file 'firewall/firewall_control.c' --- firewall/firewall_control.c 2010-02-11 17:21:17 +0000 +++ firewall/firewall_control.c 2010-02-17 13:55:23 +0000 @@ -72,8 +72,8 @@ /** * distribute a message from hipd to the respective extension handler * - * @param msg pointer to the received user message - * @return 0 on success, else -1 + * @param msg pointer to the received user message + * @return 0 on success, else -1 */ int hip_handle_msg(struct hip_common *msg) { === modified file 'firewall/firewalldb.c' --- firewall/firewalldb.c 2010-02-11 17:21:17 +0000 +++ firewall/firewalldb.c 2010-02-17 13:55:23 +0000 @@ -105,9 +105,8 @@ /** * Add a default entry in the firewall db. * - * @param ip the only supplied field, the ip of the peer - * - * @return error if any + * @param ip the only supplied field, the ip of the peer + * @return error if any */ int hip_firewall_add_default_entry(const struct in6_addr *ip) { @@ -158,13 +157,13 @@ * the corresponding field in the db entry is not updated. * The ip field is required so as to find the entry. * - * @param *hit_our our hit, optionally null - * @param *hit_peer peer hit, optionally null - * @param *lsi peer lsi, optionally null - * @param *ip peer ip, NOT null - * @param state state of entry, required + * @param *hit_our our hit, optionally null + * @param *hit_peer peer hit, optionally null + * @param *lsi peer lsi, optionally null + * @param *ip peer ip, NOT null + * @param state state of entry, required * - * @return error if any + * @return error if any */ int hip_firewall_update_entry(const struct in6_addr *hit_our, const struct in6_addr *hit_peer, === modified file 'firewall/lsi.c' --- firewall/lsi.c 2010-02-11 18:25:12 +0000 +++ firewall/lsi.c 2010-02-17 13:55:23 +0000 @@ -12,12 +12,12 @@ * packet is passed as it is. Otherwise, the packet is translated to * the corresponding LSIs. See the following document for more technical * details: - * + * * <a href="http://hipl.hiit.fi/hipl/thesis_teresa_finez.pdf";>T. Finez, * Backwards Compatibility Experimentation with Host Identity Protocol * and Legacy Software and Networks , final project, December 2008</a> * - * @brief Local-Scope Identifier (LSI) input and output processing + * @brief Local-Scope Identifier (LSI) input and output processing * * @author Teresa Finez */ @@ -38,8 +38,8 @@ * Checks if the packet is a reinjection * * @param ip_src pointer to the source address - * @return 1 if the dst id is a local lsi - * 0 otherwise + * @return 1 if the dst id is a local lsi + * 0 otherwise */ int hip_is_packet_lsi_reinjection(hip_lsi_t *lsi) { @@ -67,8 +67,8 @@ * @param m pointer to the packet * @param ip_src ipv6 source address * @param ip_dst ipv6 destination address - * @return 1 if translation not done - * 0 if packet reinjected with lsis as addresses + * @return 1 if translation not done + * 0 if packet reinjected with lsis as addresses */ int hip_fw_handle_incoming_hit(const ipq_packet_msg_t *m, @@ -184,7 +184,7 @@ * @param m pointer to the packet * @param lsi_src source LSI * @param lsi_dst destination LSI - * @return err during the BEX + * @return err during the BEX */ int hip_fw_handle_outgoing_lsi(ipq_packet_msg_t *m, struct in_addr *lsi_src, struct in_addr *lsi_dst) @@ -367,7 +367,7 @@ * @param m pointer to the packet * @param ipOrigTraffic type of Traffic (IPv4 or IPv6) * @param incoming packet direction - * @return err during the reinjection + * @return err during the reinjection */ int hip_reinject_packet(const struct in6_addr *src_hit, const struct in6_addr *dst_hit, === modified file 'firewall/proxy.c' --- firewall/proxy.c 2010-02-12 10:47:40 +0000 +++ firewall/proxy.c 2010-02-17 13:55:23 +0000 @@ -818,7 +818,7 @@ } HIP_DEBUG("Previous checksum: %X\n", (tcp->check)); -// tcp->check = htons(0); +//tcp->check = htons(0); if (src_is_ipv4 && dst_is_ipv4) { //struct tcphdr * tcptemp; === modified file 'firewall/sysopp.c' --- firewall/sysopp.c 2010-02-11 09:57:04 +0000 +++ firewall/sysopp.c 2010-02-17 13:55:23 +0000 @@ -22,10 +22,9 @@ * Checks whether a particular hit is one of the local ones. * Goes through all the local hits and compares with the given hit. * - * @param *hit the input src hit - * - * @return 1 if *hit is a local hit - * 0 otherwise + * @param *hit the input src hit + * @return 1 if *hit is a local hit + * 0 otherwise */ static int hit_is_local_hit(const struct in6_addr *hit) { @@ -104,8 +103,8 @@ * in the local database the necessary information for * doing the packet reinjection with HITs. * - * @param *ctx the contect of the packet - * @return the verdict for the packet + * @param *ctx the contect of the packet + * @return the verdict for the packet */ int hip_fw_handle_outgoing_system_based_opp(const hip_fw_context_t *ctx, const int default_verdict) === modified file 'firewall/user_ipsec_api.c' --- firewall/user_ipsec_api.c 2010-02-11 18:03:28 +0000 +++ firewall/user_ipsec_api.c 2010-02-17 13:55:23 +0000 @@ -98,7 +98,7 @@ * initializes the sadb, packet buffers and the sockets and notifies * the hipd about the activation of userspace ipsec * - * @return 0, if correct, else != 0 + * @return 0, if correct, else != 0 */ int userspace_ipsec_init(void) { @@ -177,8 +177,8 @@ /** * prepares the context for performing the ESP transformation * - * @param ctx the firewall context of the packet to be processed - * @return 0, if correct, else != 0 + * @param ctx the firewall context of the packet to be processed + * @return 0, if correct, else != 0 */ int hip_fw_userspace_ipsec_output(const hip_fw_context_t *ctx) { @@ -310,8 +310,8 @@ /** * prepares the context for performing the ESP transformation * - * @param ctx the firewall context of the packet to be processed - * @return 0, if correct, else != 0 + * @param ctx the firewall context of the packet to be processed + * @return 0, if correct, else != 0 */ int hip_fw_userspace_ipsec_input(const hip_fw_context_t *ctx) { === modified file 'firewall/user_ipsec_esp.c' --- firewall/user_ipsec_esp.c 2010-02-11 17:21:17 +0000 +++ firewall/user_ipsec_esp.c 2010-02-17 13:55:23 +0000 @@ -39,9 +39,9 @@ /** calculates the IP-checksum * - * @param ip_hdr packet to be checksumed - * @param ip_hl header length field inside the header - * @return the IP checksum + * @param ip_hdr packet to be checksumed + * @param ip_hl header length field inside the header + * @return the IP checksum */ static uint16_t checksum_ip(struct ip *ip_hdr, const unsigned int ip_hl) { @@ -77,9 +77,9 @@ /** adds an UDP-header to the packet * - * @param udp_hdr location of the udp_hdr - * @param packet_len packet length - * @param entry corresponding host association entry + * @param udp_hdr location of the udp_hdr + * @param packet_len packet length + * @param entry corresponding host association entry */ static void add_udp_header(struct udphdr *udp_hdr, const uint16_t packet_len, @@ -99,13 +99,13 @@ /** creates a packet according to BEET mode ESP specification * - * @param ctx packet context - * @param entry corresponding host association entry - * @param preferred_local_addr globally routable src IP address - * @param preferred_peer_addr globally routable dst IP address - * @param esp_packet location of esp packet - * @param esp_packet_len packet length - * @return 0, if correct, else != 0 + * @param ctx packet context + * @param entry corresponding host association entry + * @param preferred_local_addr globally routable src IP address + * @param preferred_peer_addr globally routable dst IP address + * @param esp_packet location of esp packet + * @param esp_packet_len packet length + * @return 0, if correct, else != 0 */ int hip_beet_mode_output(const hip_fw_context_t *ctx, hip_sa_entry_t *entry, const struct in6_addr *preferred_local_addr, @@ -306,11 +306,11 @@ /** handles a received packet according to BEET mode ESP specification * - * @param ctx packet context - * @param entry corresponding host association entry - * @param decrypted_packet location of decrypted packet - * @param decrypted_packet_len packet length of decrypted packet - * @return 0, if correct, != 0 else + * @param ctx packet context + * @param entry corresponding host association entry + * @param decrypted_packet location of decrypted packet + * @param decrypted_packet_len packet length of decrypted packet + * @return 0, if correct, != 0 else */ int hip_beet_mode_input(const hip_fw_context_t *ctx, hip_sa_entry_t *entry, unsigned char *decrypted_packet, @@ -366,14 +366,14 @@ /** encrypts the payload of ESP packets and adds authentication information * - * @param in the input-buffer containing the data to be encrypted - * @param in_type value of the next header type - * @param in_len the length of the input-buffer - * @param out the output-buffer - * @param out_len the length of the output-buffer - * @param entry the SA entry containing information about algorithms - * and key to be used - * @return 0, if correct, != 0 else + * @param in the input-buffer containing the data to be encrypted + * @param in_type value of the next header type + * @param in_len the length of the input-buffer + * @param out the output-buffer + * @param out_len the length of the output-buffer + * @param entry the SA entry containing information about algorithms + * and key to be used + * @return 0, if correct, != 0 else */ int hip_payload_encrypt(unsigned char *in, const uint8_t in_type, @@ -580,14 +580,14 @@ /** decrypts the payload of ESP packets and verifies authentication * - * @param in the input-buffer containing the data to be encrypted - * @param in_len the length of the input-buffer - * @param out the output-buffer - * @param out_type type value of the ESP next header field - * @param out_len the length of the output-buffer - * @param entry the SA entry containing information about algorithms - * and key to be used - * @return 0, if correct, != 0 else + * @param in the input-buffer containing the data to be encrypted + * @param in_len the length of the input-buffer + * @param out the output-buffer + * @param out_type type value of the ESP next header field + * @param out_len the length of the output-buffer + * @param entry the SA entry containing information about algorithms + * and key to be used + * @return 0, if correct, != 0 else */ int hip_payload_decrypt(const unsigned char *in, const uint16_t in_len, unsigned char *out, uint8_t *out_type, uint16_t *out_len, @@ -787,11 +787,11 @@ /** adds an IPv4-header to the packet * - * @param ip_hdr pointer to location where IPv4 header should be written to - * @param src_addr IPv4 source address - * @param dst_addr IPv4 destination address - * @param packet_len packet length - * @param next_hdr next header value + * @param ip_hdr pointer to location where IPv4 header should be written to + * @param src_addr IPv4 source address + * @param dst_addr IPv4 destination address + * @param packet_len packet length + * @param next_hdr next header value */ void add_ipv4_header(struct ip *ip_hdr, const struct in6_addr *src_addr, const struct in6_addr *dst_addr, const uint16_t packet_len, @@ -823,11 +823,11 @@ /** adds an IPv6-header to the packet * - * @param ip_hdr pointer to location where IPv6 header should be written to - * @param src_addr IPv6 source address - * @param dst_addr IPv6 destination address - * @param packet_len packet length - * @param next_hdr next header value + * @param ip_hdr pointer to location where IPv6 header should be written to + * @param src_addr IPv6 source address + * @param dst_addr IPv6 destination address + * @param packet_len packet length + * @param next_hdr next header value */ void add_ipv6_header(struct ip6_hdr *ip6_hdr, const struct in6_addr *src_addr, const struct in6_addr *dst_addr, const uint16_t packet_len, === modified file 'firewall/user_ipsec_sadb.c' --- firewall/user_ipsec_sadb.c 2010-02-11 17:43:39 +0000 +++ firewall/user_ipsec_sadb.c 2010-02-17 13:55:23 +0000 @@ -41,8 +41,8 @@ /** * hashes the inner addresses (for now) to lookup the corresponding SA entry * - * @param sa_entry partial SA entry containing inner addresses and IPsec mode - * @return hash of inner addresses + * @param sa_entry partial SA entry containing inner addresses and IPsec mode + * @return hash of inner addresses */ static unsigned long hip_sa_entry_hash(const hip_sa_entry_t *sa_entry) { @@ -91,9 +91,9 @@ /** * compares the hashes of 2 SA entries to check if they are the same * - * @param first SA entry to be compared with - * @param second SA entry to be compared with - * @return 1 if different entries, else 0 + * @param sa_entry1 first SA entry to be compared with + * @param sa_entry2 second SA entry to be compared with + * @return 1 if different entries, else 0 */ static int hip_sa_entries_cmp(const hip_sa_entry_t *sa_entry1, const hip_sa_entry_t *sa_entry2) @@ -124,8 +124,8 @@ /** * hashes the outer dst address and IPsec SPI to lookup the corresponding SA entry * - * @param sa_entry link entry containing outer dst address and IPsec SPI - * @return hash of outer dst address and IPsec SPI + * @param sa_entry link entry containing outer dst address and IPsec SPI + * @return hash of outer dst address and IPsec SPI */ static unsigned long hip_link_entry_hash(const hip_link_entry_t *link_entry) { @@ -164,9 +164,9 @@ /** * compares the hashes of 2 link entries to check if they are the same * - * @param first link entry to be compared with - * @param second link entry to be compared with - * @return 1 if different entries, else 0 + * @param link_entry1 first link entry to be compared with + * @param link_entry2 second link entry to be compared with + * @return 1 if different entries, else 0 */ static int hip_link_entries_cmp(const hip_link_entry_t *link_entry1, const hip_link_entry_t *link_entry2) @@ -198,8 +198,8 @@ * callback wrappers providing per-variable casts before calling the * type-specific callbacks * - * @param hip_sa_entry function pointer - * @param hip_sa_entry_t type to be casted to + * @param hip_sa_entry function pointer + * @param hip_sa_entry_t type to be casted to * * @note appends _hash to given function */ @@ -209,8 +209,8 @@ * callback wrappers providing per-variable casts before calling the * type-specific callbacks * - * @param hip_sa_entries function pointer - * @param hip_sa_entry_t type to be casted to + * @param hip_sa_entries function pointer + * @param hip_sa_entry_t type to be casted to * * @note appends _cmp to given function */ @@ -220,8 +220,8 @@ * callback wrappers providing per-variable casts before calling the * type-specific callbacks * - * @param hip_link_entry function pointer - * @param hip_link_entry_t type to be casted to + * @param hip_link_entry function pointer + * @param hip_link_entry_t type to be casted to * * @note appends _hash to given function */ @@ -231,8 +231,8 @@ * callback wrappers providing per-variable casts before calling the * type-specific callbacks * - * @param hip_sa_entries function pointer - * @param hip_link_entry_t type to be casted to + * @param hip_sa_entries function pointer + * @param hip_link_entry_t type to be casted to * * @note appends _cmp to given function */ @@ -241,9 +241,9 @@ /** * finds a link entry in the linkdb * - * @param dst_addr outer destination address - * @param spi IPsec SPI number - * @return corresponding link entry + * @param dst_addr outer destination address + * @param spi IPsec SPI number + * @return corresponding link entry */ static hip_link_entry_t * hip_link_entry_find(const struct in6_addr *dst_addr, uint32_t spi) @@ -280,9 +280,9 @@ /** * adds a link entry to the linkdb * - * @param dst_addr outer destination address - * @param entry SA entry this link points to - * @return 0 on success, else -1 + * @param dst_addr outer destination address + * @param entry SA entry this link points to + * @return 0 on success, else -1 */ static int hip_link_entry_add(struct in6_addr *dst_addr, hip_sa_entry_t *entry) { @@ -306,9 +306,9 @@ /** * removes a link entry from the linkdb * - * @param dst_addr outer destination address - * @param entry SA entry this link points to - * @return 0 on success, else -1 + * @param dst_addr outer destination address + * @param entry SA entry this link points to + * @return 0 on success, else -1 */ static int hip_link_entry_delete(struct in6_addr *dst_addr, uint32_t spi) { @@ -337,7 +337,7 @@ /** * prints a single link entry in the linkdb * - * @param entry link entry to be printed + * @param entry link entry to be printed */ void hip_link_entry_print(hip_link_entry_t *entry) { @@ -381,27 +381,27 @@ /** * sets the values of a SA entry * - * @param entry SA entry for which the values should be set - * @param direction direction of the SA - * @param spi IPsec SPI number - * @param mode ESP mode - * @param src_addr source address of outer IP header - * @param dst_addr destination address of outer IP header - * @param inner_src_addr inner source addresses for tunnel and BEET SAs - * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs - * @param encap_mode encapsulation mode - * @param src_port src port for UDP encaps. ESP - * @param dst_port dst port for UDP encaps. ESP - * @param ealg crypto transform in use - * @param auth_key raw authentication key - * @param enc_key raw encryption key - * @param lifetime seconds until expiration - * @param esp_prot_transform mode used for securing ipsec traffic - * @param hash_item_length length of the hash item - * @param esp_num_anchors number of anchors for parallel mode - * @param esp_prot_anchors hash item anchors - * @param update notification if this is an update - * @return 0 on success, else -1 + * @param entry SA entry for which the values should be set + * @param direction direction of the SA + * @param spi IPsec SPI number + * @param mode ESP mode + * @param src_addr source address of outer IP header + * @param dst_addr destination address of outer IP header + * @param inner_src_addr inner source addresses for tunnel and BEET SAs + * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs + * @param encap_mode encapsulation mode + * @param src_port src port for UDP encaps. ESP + * @param dst_port dst port for UDP encaps. ESP + * @param ealg crypto transform in use + * @param auth_key raw authentication key + * @param enc_key raw encryption key + * @param lifetime seconds until expiration + * @param esp_prot_transform mode used for securing ipsec traffic + * @param hash_item_length length of the hash item + * @param esp_num_anchors number of anchors for parallel mode + * @param esp_prot_anchors hash item anchors + * @param update notification if this is an update + * @return 0 on success, else -1 */ static int hip_sa_entry_set(hip_sa_entry_t *entry, int direction, @@ -538,27 +538,27 @@ /** * updates an existing SA entry * - * @param entry SA entry for which the values should be set - * @param direction direction of the SA - * @param spi IPsec SPI number - * @param mode ESP mode - * @param src_addr source address of outer IP header - * @param dst_addr destination address of outer IP header - * @param inner_src_addr inner source addresses for tunnel and BEET SAs - * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs - * @param encap_mode encapsulation mode - * @param src_port src port for UDP encaps. ESP - * @param dst_port dst port for UDP encaps. ESP - * @param ealg crypto transform in use - * @param auth_key raw authentication key - * @param enc_key raw encryption key - * @param lifetime seconds until expiration - * @param esp_prot_transform mode used for securing ipsec traffic - * @param hash_item_length length of the hash item - * @param esp_num_anchors number of anchors for parallel mode - * @param esp_prot_anchors hash item anchors - * @param update notification if this is an update - * @return 0 on success, else -1 + * @param entry SA entry for which the values should be set + * @param direction direction of the SA + * @param spi IPsec SPI number + * @param mode ESP mode + * @param src_addr source address of outer IP header + * @param dst_addr destination address of outer IP header + * @param inner_src_addr inner source addresses for tunnel and BEET SAs + * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs + * @param encap_mode encapsulation mode + * @param src_port src port for UDP encaps. ESP + * @param dst_port dst port for UDP encaps. ESP + * @param ealg crypto transform in use + * @param auth_key raw authentication key + * @param enc_key raw encryption key + * @param lifetime seconds until expiration + * @param esp_prot_transform mode used for securing ipsec traffic + * @param hash_item_length length of the hash item + * @param esp_num_anchors number of anchors for parallel mode + * @param esp_prot_anchors hash item anchors + * @param update notification if this is an update + * @return 0 on success, else -1 */ static int hip_sa_entry_update(int direction, uint32_t spi, @@ -618,7 +618,7 @@ /** * frees an SA entry * - * @param entry SA entry to be freed + * @param entry SA entry to be freed */ static void hip_sa_entry_free(hip_sa_entry_t *entry) { @@ -650,27 +650,27 @@ /** * adds an SA entry * - * @param entry SA entry for which the values should be set - * @param direction direction of the SA - * @param spi IPsec SPI number - * @param mode ESP mode - * @param src_addr source address of outer IP header - * @param dst_addr destination address of outer IP header - * @param inner_src_addr inner source addresses for tunnel and BEET SAs - * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs - * @param encap_mode encapsulation mode - * @param src_port src port for UDP encaps. ESP - * @param dst_port dst port for UDP encaps. ESP - * @param ealg crypto transform in use - * @param auth_key raw authentication key - * @param enc_key raw encryption key - * @param lifetime seconds until expiration - * @param esp_prot_transform mode used for securing ipsec traffic - * @param hash_item_length length of the hash item - * @param esp_num_anchors number of anchors for parallel mode - * @param esp_prot_anchors hash item anchors - * @param update notification if this is an update - * @return 0 on success, else -1 + * @param entry SA entry for which the values should be set + * @param direction direction of the SA + * @param spi IPsec SPI number + * @param mode ESP mode + * @param src_addr source address of outer IP header + * @param dst_addr destination address of outer IP header + * @param inner_src_addr inner source addresses for tunnel and BEET SAs + * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs + * @param encap_mode encapsulation mode + * @param src_port src port for UDP encaps. ESP + * @param dst_port dst port for UDP encaps. ESP + * @param ealg crypto transform in use + * @param auth_key raw authentication key + * @param enc_key raw encryption key + * @param lifetime seconds until expiration + * @param esp_prot_transform mode used for securing ipsec traffic + * @param hash_item_length length of the hash item + * @param esp_num_anchors number of anchors for parallel mode + * @param esp_prot_anchors hash item anchors + * @param update notification if this is an update + * @return 0 on success, else -1 */ static int hip_sa_entry_add(int direction, uint32_t spi, uint32_t mode, struct in6_addr *src_addr, struct in6_addr *dst_addr, @@ -779,7 +779,7 @@ /** * prints a single SA entry * - * @param entry SA entry to be printed + * @param entry SA entry to be printed */ void hip_sa_entry_print(const hip_sa_entry_t *entry) { @@ -880,27 +880,27 @@ /** * adds or updates SA entry * - * @param direction represents inbound or outbound direction - * @param spi ipsec spi for demultiplexing - * @param mode ipsec mode to be used for the SA - * @param src_addr outer globally routable source ip address - * @param dst_addr outer globally routable destination ip address - * @param inner_src_addr inner source address - * @param inner_dst_addr inner destination address - * @param encap_mode defines whether no or udp encapsulation is to be used - * @param local_port the local port in case of udp encapsulation - * @param peer_port the peer port in case of udp encapsulation - * @param ealg crypto transform to be used for the SA - * @param auth_key raw authentication key - * @param enc_key raw encryption key - * @param lifetime of the SA - * @param esp_prot_transform mode used for securing ipsec traffic - * @param hash_item_length length of the hash item used by the peer for esp_prot - * @param esp_num_anchors number of hash items in case of parallel esp_prot mode - * @param esp_prot_anchors anchor elements of the hash items used by the peer - * @param retransmission notification if this event derives from a retransmission - * @param update notification if this event derives from an update - * @return -1, if error occurred, else 0 + * @param entry SA entry for which the values should be set + * @param direction direction of the SA + * @param spi IPsec SPI number + * @param mode ESP mode + * @param src_addr source address of outer IP header + * @param dst_addr destination address of outer IP header + * @param inner_src_addr inner source addresses for tunnel and BEET SAs + * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs + * @param encap_mode encapsulation mode + * @param src_port src port for UDP encaps. ESP + * @param dst_port dst port for UDP encaps. ESP + * @param ealg crypto transform in use + * @param auth_key raw authentication key + * @param enc_key raw encryption key + * @param lifetime seconds until expiration + * @param esp_prot_transform mode used for securing ipsec traffic + * @param hash_item_length length of the hash item + * @param esp_num_anchors number of anchors for parallel mode + * @param esp_prot_anchors hash item anchors + * @param update notification if this is an update + * @return 0 on success, else -1 */ int hip_sadb_add(int direction, uint32_t spi, uint32_t mode, struct in6_addr *src_addr, struct in6_addr *dst_addr, @@ -960,9 +960,9 @@ /** * removes an SA entry and all corresponding links from the sadb * - * @param dst_addr destination ip address of the entry - * @param spi spi number of the entry - * @return -1, if error occurred, else 0 + * @param dst_addr destination ip address of the entry + * @param spi spi number of the entry + * @return -1, if error occurred, else 0 */ int hip_sadb_delete(struct in6_addr *dst_addr, uint32_t spi) { @@ -982,7 +982,7 @@ /** * flushes all entries in the sadb * - * @return -1, if error occurred, else 0 + * @return -1, if error occurred, else 0 */ int hip_sadb_flush() { @@ -1007,9 +1007,9 @@ /** * searches the linkdb for corresponding SA entry * - * @param dst_addr outer destination address of the ip packet - * @param spi SPI number of the searched entry - * @return SA entry on success or NULL if no matching entry was found + * @param dst_addr outer destination address of the ip packet + * @param spi SPI number of the searched entry + * @return SA entry on success or NULL if no matching entry was found */ hip_sa_entry_t *hip_sa_entry_find_inbound(const struct in6_addr *dst_addr, uint32_t spi) { @@ -1033,9 +1033,9 @@ /** * searches the sadb for a SA entry * - * @param src_hit inner source address - * @param dst_hit inner destination address - * @return SA entry on success or NULL if no matching entry found + * @param src_hit inner source address + * @param dst_hit inner destination address + * @return SA entry on success or NULL if no matching entry found */ hip_sa_entry_t *hip_sa_entry_find_outbound(const struct in6_addr *src_hit, const struct in6_addr *dst_hit)