[hipl-commit] [trunk] Rev 3663: fixed still existing TABs in firewall
- From: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
- To: hipl-commit@xxxxxxxxxxxxx
- Date: Wed, 17 Feb 2010 15:55:30 +0200
Committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
Date: Wed Feb 17 14:55:23 2010 +0100
Revision: 3663
Revision-id: rene.hummen@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: trunk
Log:
fixed still existing TABs in firewall
Modified:
M firewall/cache_port.c
M firewall/common_hipd_msg.c
M firewall/esp_prot_api.c
M firewall/esp_prot_config.c
M firewall/esp_prot_conntrack.c
M firewall/esp_prot_fw_msg.c
M firewall/firewall.c
M firewall/firewall_control.c
M firewall/firewalldb.c
M firewall/lsi.c
M firewall/proxy.c
M firewall/sysopp.c
M firewall/user_ipsec_api.c
M firewall/user_ipsec_esp.c
M firewall/user_ipsec_sadb.c
=== modified file 'firewall/cache_port.c'
--- firewall/cache_port.c 2010-02-11 09:57:04 +0000
+++ firewall/cache_port.c 2010-02-17 13:55:23 +0000
@@ -32,8 +32,8 @@
/**
* add a default entry in the firewall port cache.
*
- * @param key the hash key (a string consisting of concatenation of the port,
an underscore and the protocol)
- * @param value the value for the hash key (LSI mode value)
+ * @param key the hash key (a string consisting of concatenation of the
port, an underscore and the protocol)
+ * @param value the value for the hash key (LSI mode value)
*
* @return zero on success or non-zero on failure
*/
=== modified file 'firewall/common_hipd_msg.c'
--- firewall/common_hipd_msg.c 2010-02-12 10:47:40 +0000
+++ firewall/common_hipd_msg.c 2010-02-17 13:55:23 +0000
@@ -9,15 +9,15 @@
/**
* Gets the state of the bex for a pair of ip addresses.
- * @param src_ip input for finding the correct entries
- * @param dst_ip input for finding the correct entries
- * @param src_hit output data of the correct entry
- * @param dst_hit output data of the correct entry
- * @param src_lsi output data of the correct entry
- * @param dst_lsi output data of the correct entry
+ * @param src_ip input for finding the correct entries
+ * @param dst_ip input for finding the correct entries
+ * @param src_hit output data of the correct entry
+ * @param dst_hit output data of the correct entry
+ * @param src_lsi output data of the correct entry
+ * @param dst_lsi output data of the correct entry
*
- * @return the state of the bex if the entry is found
- * otherwise returns -1
+ * @return the state of the bex if the entry is found
+ * otherwise returns -1
*/
int hip_get_bex_state_from_IPs(const struct in6_addr *src_ip,
const struct in6_addr *dst_ip,
=== modified file 'firewall/esp_prot_api.c'
--- firewall/esp_prot_api.c 2010-02-10 23:02:52 +0000
+++ firewall/esp_prot_api.c 2010-02-17 13:55:23 +0000
@@ -95,9 +95,9 @@
/**
* Adds buffered packet hashes to a protected IPsec packet
*
- * @param esp_packet buffer where to write to
- * @param esp_length length of the output (return value)
- * @param entry the corresponding outbound IPsec SA
+ * @param esp_packet buffer where to write to
+ * @param esp_length length of the output (return value)
+ * @param entry the corresponding outbound IPsec SA
*/
static int esp_prot_add_packet_hashes(unsigned char *esp_packet,
int *out_length,
@@ -167,9 +167,9 @@
/** gets hash structure by anchor element from BEX store,
* refills BEX store and sends update message to hipd
*
- * @param item_anchor anchor element of the hash structure to be looked up
- * @param transform the TPA transform of the corresponding hash structure
- * @return pointer to the hash structure, NULL if not found
+ * @param item_anchor anchor element of the hash structure to be looked up
+ * @param transform the TPA transform of the corresponding hash structure
+ * @return pointer to the hash structure, NULL if not found
*/
static void *esp_prot_get_bex_item_by_anchor(const unsigned char *item_anchor,
const uint8_t transform)
@@ -220,7 +220,7 @@
/** initializes the esp protection extension for the hipfw and the hipd
*
- * @return 0 on success, -1 on error
+ * @return 0 on success, -1 on error
*/
int esp_prot_init(void)
{
@@ -375,7 +375,7 @@
/** un-initializes the esp protection extension for the hipfw and the hipd
*
- * @return 0 on success, -1 on error
+ * @return 0 on success, -1 on error
*/
int esp_prot_uninit(void)
{
@@ -403,13 +403,13 @@
/** sets the esp protection-specific information of an IPsec SA
*
- * @param entry the corresponding IPsec SA
- * @param esp_prot_transform the TPA transform
- * @param hash_item_length length of the employed hash structure
- * @param esp_num_anchors number of anchor elements
- * @param esp_prot_anchors either active or update anchor elements,
depends on update
- * @param update indicates whether we are processing a BEX or an UPDATE
- * @return 0 on success, 1 if TPA transforms not matching, -1 on error
+ * @param entry the corresponding IPsec SA
+ * @param esp_prot_transform the TPA transform
+ * @param hash_item_length length of the employed hash structure
+ * @param esp_num_anchors number of anchor elements
+ * @param esp_prot_anchors either active or update anchor elements, depends
on update
+ * @param update indicates whether we are processing a BEX or an UPDATE
+ * @return 0 on success, 1 if TPA transforms not matching, -1 on error
*/
int esp_prot_sa_entry_set(hip_sa_entry_t *entry,
const uint8_t esp_prot_transform,
@@ -528,7 +528,7 @@
/** frees the esp protection-specific information of an IPsec SA
*
- * @param entry the corresponding IPsec SA
+ * @param entry the corresponding IPsec SA
*/
void esp_prot_sa_entry_free(hip_sa_entry_t *entry)
{
@@ -557,9 +557,9 @@
/** cache the hash of a complete protected IPsec packet
*
- * @param esp_packet buffer where to write to
- * @param eso_length length of the packet
- * @param entry the corresponding outbound IPsec SA
+ * @param esp_packet buffer where to write to
+ * @param eso_length length of the packet
+ * @param entry the corresponding outbound IPsec SA
*/
int esp_prot_cache_packet_hash(unsigned char *esp_packet,
const uint16_t esp_length,
@@ -595,9 +595,9 @@
/** adds an esp protection token to a protected IPsec packet
*
- * @param esp_packet buffer where to write to
- * @param esp_length length of the output (return value)
- * @param entry the corresponding outbound IPsec SA
+ * @param esp_packet buffer where to write to
+ * @param esp_length length of the output (return value)
+ * @param entry the corresponding outbound IPsec SA
*/
int esp_prot_add_hash(unsigned char *esp_packet, int *out_length,
hip_sa_entry_t *entry)
@@ -711,17 +711,17 @@
/** verifies a hash chain-based esp protection token
*
- * @param hash_function the hash function to be used to derive the hashes
- * @param hash_length the hash length specified for the used TPA transform
- * @param active_anchor the active anchor element of the payload channel
- * @param next_anchor the update anchor element of the payload channel
- * @param hash_value the hash value to be verified
- * @param tolerance the maximum number of hash calculations
- * @param active_root the eventual root element committed to in the
active hash chain
- * @param active_root_length the length of the active root element
- * @param next_root the eventual root element committed to in the next
hash chain
- * @param next_root_length the length of the next root element
- * @return 0 on success, 1 in case of an implicit anchor element change,
-1 on error
+ * @param hash_function the hash function to be used to derive the hashes
+ * @param hash_length the hash length specified for the used TPA transform
+ * @param active_anchor the active anchor element of the payload channel
+ * @param next_anchor the update anchor element of the payload channel
+ * @param hash_value the hash value to be verified
+ * @param tolerance the maximum number of hash calculations
+ * @param active_root the eventual root element committed to in the active
hash chain
+ * @param active_root_length the length of the active root element
+ * @param next_root the eventual root element committed to in the next hash
chain
+ * @param next_root_length the length of the next root element
+ * @return 0 on success, 1 in case of an implicit anchor element change, -1
on error
*/
int esp_prot_verify_hchain_element(const hash_function_t hash_function,
const int hash_length,
@@ -806,17 +806,17 @@
/** verifies a hash tree-based esp protection token
*
- * @param hash_function the hash function to be used to derive the hashes
- * @param hash_length the hash length specified for the used TPA transform
- * @param hash_tree_depth depth of the hash tree in use
- * @param active_root the active root element of the payload channel
- * @param next_root the update root element of the payload channel
- * @param active_uroot the eventual root element committed to in the
active hash tree
- * @param active_uroot_length the length of the active root element
- * @param next_uroot the eventual root element committed to in the next
hash tree
- * @param next_uroot_length the length of the next root element
- * @param hash_value contains the data block and verification branch to
be verified
- * @return 0 on success, 1 in case of an implicit root element change, -1
on error
+ * @param hash_function the hash function to be used to derive the hashes
+ * @param hash_length the hash length specified for the used TPA transform
+ * @param hash_tree_depth depth of the hash tree in use
+ * @param active_root the active root element of the payload channel
+ * @param next_root the update root element of the payload channel
+ * @param active_uroot the eventual root element committed to in the active
hash tree
+ * @param active_uroot_length the length of the active root element
+ * @param next_uroot the eventual root element committed to in the next hash
tree
+ * @param next_uroot_length the length of the next root element
+ * @param hash_value contains the data block and verification branch to be
verified
+ * @return 0 on success, 1 in case of an implicit root element change, -1 on
error
*/
int esp_prot_verify_htree_element(const hash_function_t hash_function,
const int hash_length,
@@ -903,8 +903,8 @@
/** resolves an esp protection transform to the hash function and hash length
in use
*
- * @param transform the TPA transform
- * @return resolved transform, NULL for UNUSED transform
+ * @param transform the TPA transform
+ * @return resolved transform, NULL for UNUSED transform
*/
esp_prot_tfm_t *esp_prot_resolve_transform(const uint8_t transform)
{
@@ -920,8 +920,8 @@
/** resolves an esp protection transform to the hash function in use
*
- * @param transform the TPA transform
- * @return resolved hash function, NULL for UNUSED transform
+ * @param transform the TPA transform
+ * @return resolved hash function, NULL for UNUSED transform
*/
hash_function_t esp_prot_get_hash_function(const uint8_t transform)
{
@@ -946,8 +946,8 @@
/** resolves an esp protection transform to the hash length in use
*
- * @param transform the TPA transform
- * @return resolved hash length, 0 for UNUSED transform
+ * @param transform the TPA transform
+ * @return resolved hash length, 0 for UNUSED transform
*/
int esp_prot_get_hash_length(const uint8_t transform)
{
@@ -968,8 +968,8 @@
/** gets the data offset of the ESP IV and payload
*
- * @param entry the corresponding IPsec SA
- * @return ESP header length if no esp protection, else ESP header length
+ token length
+ * @param entry the corresponding IPsec SA
+ * @return ESP header length if no esp protection, else ESP header length +
token length
*/
int esp_prot_get_data_offset(const hip_sa_entry_t *entry)
{
@@ -1001,8 +1001,8 @@
* when active one reaches threshold, does the hash structure change when
active
* one is depleted, refills the update store
*
- * @param entry the corresponding outbound IPsec SA
- * @return 0 on success, 1 in case of UNUSED transform, -1 otherwise
+ * @param entry the corresponding outbound IPsec SA
+ * @return 0 on success, 1 in case of UNUSED transform, -1 otherwise
*/
int esp_prot_sadb_maintenance(hip_sa_entry_t *entry)
{
=== modified file 'firewall/esp_prot_config.c'
--- firewall/esp_prot_config.c 2010-02-11 17:21:17 +0000
+++ firewall/esp_prot_config.c 2010-02-17 13:55:23 +0000
@@ -81,7 +81,7 @@
/**
* parses the config-file and stores the parameters in memory
*
- * @return configuration parameters
+ * @return configuration parameters
*/
config_t *esp_prot_read_config(void)
{
@@ -115,8 +115,8 @@
/**
* releases the configuration file and frees the configuration memory
*
- * @param cfg parsed configuration parameters
- * @return always 0
+ * @param cfg parsed configuration parameters
+ * @return always 0
*/
int esp_prot_release_config(config_t *cfg)
{
@@ -135,8 +135,8 @@
/**
* sets the token-specific parameters such as protection mode and element
length
*
- * @param cfg parsed configuration parameters
- * @return 0 on success, -1 otherwise
+ * @param cfg parsed configuration parameters
+ * @return 0 on success, -1 otherwise
*/
int esp_prot_token_config(const config_t *cfg)
{
@@ -272,8 +272,8 @@
/**
* sets the sender-specific configuration parameters
*
- * @param cfg parsed configuration parameters
- * @return 0 on success, -1 otherwise
+ * @param cfg parsed configuration parameters
+ * @return 0 on success, -1 otherwise
*/
int esp_prot_sender_config(const config_t *cfg)
{
@@ -338,8 +338,8 @@
/**
* sets the verifier-specific configuration parameters
*
- * @param cfg parsed configuration parameters
- * @return 0 on success, -1 otherwise
+ * @param cfg parsed configuration parameters
+ * @return 0 on success, -1 otherwise
*/
int esp_prot_verifier_config(const config_t *cfg)
{
=== modified file 'firewall/esp_prot_conntrack.c'
--- firewall/esp_prot_conntrack.c 2010-02-11 09:57:04 +0000
+++ firewall/esp_prot_conntrack.c 2010-02-17 13:55:23 +0000
@@ -48,8 +48,8 @@
/**
* Resolves a transform to the specified hash function and hash length
*
- * @param transform TPA transform
- * @return resolved transform, NULL for UNUSED transform
+ * @param transform TPA transform
+ * @return resolved transform, NULL for UNUSED transform
*/
static esp_prot_conntrack_tfm_t *esp_prot_conntrack_resolve_transform(
const uint8_t transform)
@@ -66,7 +66,7 @@
/**
* Frees cached anchor elements
*
- * @param cache_item the cache item to be freed
+ * @param cache_item the cache item to be freed
*/
static void esp_prot_conntrack_free_cached_item(void *cache_item)
{
@@ -95,10 +95,10 @@
/**
* Finds the matching esp state in the connection state
*
- * @param tuple state maintained for this connection
- * @param active_anchor the active anchor element of the TPA tokens
- * @param hash_length length of the anchor element
- * @return esp state of the connection
+ * @param tuple state maintained for this connection
+ * @param active_anchor the active anchor element of the TPA tokens
+ * @param hash_length length of the anchor element
+ * @return esp state of the connection
*/
static struct esp_tuple *esp_prot_conntrack_find_esp_tuple(
const struct tuple *tuple,
@@ -149,11 +149,11 @@
/**
* Caches an anchor element found in a update messages
*
- * @param tuple state maintained for this connection
- * @param seq the sequence number parameter of the HIP message
- * @param esp_anchors the anchor element parameters of the HIP message
- * @param esp_roots the root element parameters of the HIP message
- * @return 0 on success, -1 in case of an error
+ * @param tuple state maintained for this connection
+ * @param seq the sequence number parameter of the HIP message
+ * @param esp_anchors the anchor element parameters of the HIP message
+ * @param esp_roots the root element parameters of the HIP message
+ * @return 0 on success, -1 in case of an error
*/
static int esp_prot_conntrack_cache_anchor(const struct tuple *tuple,
const struct hip_seq *seq,
@@ -265,10 +265,10 @@
* Stores and enables update anchor element, if an acknowledgement for the
* update is received
*
- * @param tuple state maintained for this connection
- * @param ack the acknowledgement parameter of the HIP message
- * @param esp_info the esp info parameter of the HIP message
- * @return -1 on error, 1 if cached update not found, 0 if ok
+ * @param tuple state maintained for this connection
+ * @param ack the acknowledgement parameter of the HIP message
+ * @param esp_info the esp info parameter of the HIP message
+ * @return -1 on error, 1 if cached update not found, 0 if ok
*/
static int esp_prot_conntrack_update_anchor(const struct tuple *tuple,
const struct hip_ack *ack,
@@ -386,11 +386,11 @@
/**
* Verifies the anchor element of a HHL-based update
*
- * @param tuple state maintained for this connection
- * @param esp_anchors the anchor element parameters of the HIP message
- * @param esp_branches the verification branch parameters
- * @param esp_secrets the secret parameters
- * @return 0 on success, -1 on error
+ * @param tuple state maintained for this connection
+ * @param esp_anchors the anchor element parameters of the HIP message
+ * @param esp_branches the verification branch parameters
+ * @param esp_secrets the secret parameters
+ * @return 0 on success, -1 on error
*/
static int esp_prot_conntrack_verify_branch(const struct tuple *tuple,
struct esp_prot_anchor *esp_anchors[MAX_NUM_PARALLEL_HCHAINS],
@@ -530,9 +530,9 @@
/**
* Processes the transform list enclosed in the R1
*
- * @param common the HIP message
- * @param tuple connection state of the connection tracking mechanism
- * @return always 0
+ * @param common the HIP message
+ * @param tuple connection state of the connection tracking mechanism
+ * @return always 0
*/
int esp_prot_conntrack_R1_tfms(const struct hip_common *common,
const struct tuple *tuple)
@@ -588,9 +588,9 @@
/**
* Processes the anchor element of the I2
*
- * @param common the HIP message
- * @param tuple connection state of the connection tracking mechanism
- * @return 0 on success, 1 if non-matching anchor element properties, -1
in case
+ * @param common the HIP message
+ * @param tuple connection state of the connection tracking mechanism
+ * @return 0 on success, 1 if non-matching anchor element properties, -1 in
case
* of an error
*/
int esp_prot_conntrack_I2_anchor(const struct hip_common *common,
@@ -718,8 +718,8 @@
/**
* Gets the corresponding state for the R2
*
- * @param other_dir_esps maintained connection tracking state for this
connection
- * @return corresponding state
+ * @param other_dir_esps maintained connection tracking state for this
connection
+ * @return corresponding state
*/
struct esp_tuple *esp_prot_conntrack_R2_esp_tuple(const SList *other_dir_esps)
{
@@ -753,9 +753,9 @@
/**
* Processes the anchor element of the R2
*
- * @param common the HIP message
- * @param tuple connection state of the connection tracking mechanism
- * @return 0 on success, 1 if non-matching anchor element properties, -1
in case
+ * @param common the HIP message
+ * @param tuple connection state of the connection tracking mechanism
+ * @return 0 on success, 1 if non-matching anchor element properties, -1 in
case
* of an error
*/
int esp_prot_conntrack_R2_anchor(const struct hip_common *common,
@@ -862,9 +862,9 @@
/**
* Processes an update message
*
- * @param update the HIP message
- * @param tuple connection state of the connection tracking mechanism
- * @return 0 on success, -1 in case of an error or unsupported update
+ * @param update the HIP message
+ * @param tuple connection state of the connection tracking mechanism
+ * @return 0 on success, -1 in case of an error or unsupported update
*/
int esp_prot_conntrack_update(const hip_common_t *update, const struct tuple
*tuple)
{
@@ -944,8 +944,8 @@
/**
* Frees (cached) anchor elements of an ESP tuple
*
- * @param esp_tuple the tuple to be freed
- * @return always 0
+ * @param esp_tuple the tuple to be freed
+ * @return always 0
*/
int esp_prot_conntrack_remove_state(struct esp_tuple *esp_tuple)
{
@@ -968,11 +968,11 @@
/**
* Tracks an HHL-based update message
*
- * @param ip6_src the source address of the packet
- * @param ip6_dst the destination address of the packet
- * @param common the HIP message
- * @param tuple state maintained for this connection
- * @return 0 on success, -1 in case of an error
+ * @param ip6_src the source address of the packet
+ * @param ip6_dst the destination address of the packet
+ * @param common the HIP message
+ * @param tuple state maintained for this connection
+ * @return 0 on success, -1 in case of an error
*/
int esp_prot_conntrack_lupdate(const struct in6_addr *ip6_src,
const struct in6_addr *ip6_dst,
@@ -1082,9 +1082,9 @@
/**
* Verifies the enclosed TPA tokens
*
- * @param ctx context of the currently processed packet
- * @param esp_tuple corresponding esp state of the connection
- * @return 0 on success, -1 on error
+ * @param ctx context of the currently processed packet
+ * @param esp_tuple corresponding esp state of the connection
+ * @return 0 on success, -1 on error
*/
int esp_prot_conntrack_verify(const hip_fw_context_t *ctx,
struct esp_tuple *esp_tuple)
=== modified file 'firewall/esp_prot_fw_msg.c'
--- firewall/esp_prot_fw_msg.c 2010-02-11 09:57:04 +0000
+++ firewall/esp_prot_fw_msg.c 2010-02-17 13:55:23 +0000
@@ -25,9 +25,9 @@
/** creates the anchor element message
*
- * @param hcstore the BEX store
- * @param use_hash_trees indicates whether hash chains or hash trees are
stored
- * @return the message on success, NULL on error
+ * @param hcstore the BEX store
+ * @param use_hash_trees indicates whether hash chains or hash trees are
stored
+ * @return the message on success, NULL on error
*
* @note this will only consider the first hchain item in each shelf, as only
* this should be set up for the store containing the hchains for the BEX
@@ -151,8 +151,8 @@
* Sends the preferred transform to hipd implicitely turning on
* the esp protection extension there
*
- * @param active 1 to activate, 0 to deactivate the extension in the hipd
- * @return 0 on success, -1 on error
+ * @param active 1 to activate, 0 to deactivate the extension in the hipd
+ * @return 0 on success, -1 on error
*/
int send_esp_prot_to_hipd(const int activate)
{
@@ -251,9 +251,9 @@
/** sends a list of all available anchor elements in the BEX store
* to the hipd
*
- * @param hcstore the BEX store
- * @param use_hash_trees indicates whether hash chains or hash trees are
stored
- * @return 0 on success, -1 on error
+ * @param hcstore the BEX store
+ * @param use_hash_trees indicates whether hash chains or hash trees are
stored
+ * @return 0 on success, -1 on error
*/
int send_bex_store_update_to_hipd(hchain_store_t *hcstore,
const int use_hash_trees)
@@ -291,13 +291,13 @@
* Invokes an UPDATE message containing an anchor element as a hook to
* next hash structure to be used when the active one depletes
*
- * @param entry the sadb entry for the outbound direction
- * @param anchors the anchor elements to be sent
- * @param hash_item_length length of the respective hash item
- * @param soft_update indicates if HHL-based updates should be used
- * @param anchor_offset the offset of the anchor element in the link tree
- * @param link_trees the link trees for the anchor elements, in case of
HHL
- * @return 0 on success, -1 on error
+ * @param entry the sadb entry for the outbound direction
+ * @param anchors the anchor elements to be sent
+ * @param hash_item_length length of the respective hash item
+ * @param soft_update indicates if HHL-based updates should be used
+ * @param anchor_offset the offset of the anchor element in the link tree
+ * @param link_trees the link trees for the anchor elements, in case of HHL
+ * @return 0 on success, -1 on error
*/
int send_trigger_update_to_hipd(const hip_sa_entry_t *entry,
const unsigned char *anchors[MAX_NUM_PARALLEL_HCHAINS],
@@ -470,8 +470,8 @@
/**
* Notifies the hipd about an anchor change in the hipfw
*
- * @param entry the sadb entry for the outbound direction
- * @return 0 on success, -1 on error, 1 for inbound sadb entry
+ * @param entry the sadb entry for the outbound direction
+ * @return 0 on success, -1 on error, 1 for inbound sadb entry
*/
int send_anchor_change_to_hipd(const hip_sa_entry_t *entry)
{
@@ -559,12 +559,12 @@
/** handles the TPA specific parts in the setup of new IPsec SAs
*
- * @param msg the HIP message
- * @param esp_prot_transform the TPA transform (return value)
- * @param num_anchors number of anchor in the array
- * @param esp_prot_anchors array storing the anchors
- * @param hash_item_length length of the employed hash structure at the
peer (return value)
- * @return 0 on success, -1 on error
+ * @param msg the HIP message
+ * @param esp_prot_transform the TPA transform (return value)
+ * @param num_anchors number of anchor in the array
+ * @param esp_prot_anchors array storing the anchors
+ * @param hash_item_length length of the employed hash structure at the peer
(return value)
+ * @return 0 on success, -1 on error
*/
int esp_prot_handle_sa_add_request(const struct hip_common *msg,
uint8_t *esp_prot_transform,
=== modified file 'firewall/firewall.c'
--- firewall/firewall.c 2010-02-12 10:47:40 +0000
+++ firewall/firewall.c 2010-02-17 13:55:23 +0000
@@ -1849,15 +1849,15 @@
* possibly encapsulating packet type. It also stores useful pointers IP and
* transport layer headers where applicable to avoid redundant casting.
*
- * Currently supported types: type
- * - plain HIP control packet 1
- * - ESP packet
2
- * - TCP packet
3 (for opportunistic TCP handshake)
+ * Currently supported types: type
+ * - plain HIP control packet 1
+ * - ESP packet 2
+ * - TCP packet 3 (for opportunistic TCP handshake)
*
* Unsupported types -> type 0
*
* @param hdr a pointer to a IP packet.
- * @param ipVersion the IP version for this packet
+ * @param ipVersion the IP version for this packet
* @return One if @c hdr is a HIP packet, zero otherwise.
*/
static int hip_fw_init_context(hip_fw_context_t *ctx,
@@ -2137,9 +2137,9 @@
/**
* Allow a packet to pass
*
- * @param handle the handle for the packets.
- * @param packetId the packet ID.
- * @return nothing
+ * @param handle the handle for the packets.
+ * @param packetId the packet ID.
+ * @return nothing
*/
static void allow_packet(struct ipq_handle *handle, unsigned long packetId)
{
@@ -2151,9 +2151,9 @@
/**
* Drop a packet
*
- * @param handle the handle for the packets.
- * @param packetId the packet ID.
- * @return nothing
+ * @param handle the handle for the packets.
+ * @param packetId the packet ID.
+ * @return nothing
*/
static void drop_packet(struct ipq_handle *handle, unsigned long packetId)
{
@@ -2170,7 +2170,7 @@
* @param ip_version the type of traffic: 4 - ipv4; 6 - ipv6.
* @param ctx packet context
*
- * @return nothing, this function loops forever,
+ * @return nothing, this function loops forever,
* until the firewall is stopped.
*/
static int hip_fw_handle_packet(unsigned char *buf,
=== modified file 'firewall/firewall_control.c'
--- firewall/firewall_control.c 2010-02-11 17:21:17 +0000
+++ firewall/firewall_control.c 2010-02-17 13:55:23 +0000
@@ -72,8 +72,8 @@
/**
* distribute a message from hipd to the respective extension handler
*
- * @param msg pointer to the received user message
- * @return 0 on success, else -1
+ * @param msg pointer to the received user message
+ * @return 0 on success, else -1
*/
int hip_handle_msg(struct hip_common *msg)
{
=== modified file 'firewall/firewalldb.c'
--- firewall/firewalldb.c 2010-02-11 17:21:17 +0000
+++ firewall/firewalldb.c 2010-02-17 13:55:23 +0000
@@ -105,9 +105,8 @@
/**
* Add a default entry in the firewall db.
*
- * @param ip the only supplied field, the ip of the peer
- *
- * @return error if any
+ * @param ip the only supplied field, the ip of the peer
+ * @return error if any
*/
int hip_firewall_add_default_entry(const struct in6_addr *ip)
{
@@ -158,13 +157,13 @@
* the corresponding field in the db entry is not updated.
* The ip field is required so as to find the entry.
*
- * @param *hit_our our hit, optionally null
- * @param *hit_peer peer hit, optionally null
- * @param *lsi peer lsi, optionally null
- * @param *ip peer ip, NOT null
- * @param state state of entry, required
+ * @param *hit_our our hit, optionally null
+ * @param *hit_peer peer hit, optionally null
+ * @param *lsi peer lsi, optionally null
+ * @param *ip peer ip, NOT null
+ * @param state state of entry, required
*
- * @return error if any
+ * @return error if any
*/
int hip_firewall_update_entry(const struct in6_addr *hit_our,
const struct in6_addr *hit_peer,
=== modified file 'firewall/lsi.c'
--- firewall/lsi.c 2010-02-11 18:25:12 +0000
+++ firewall/lsi.c 2010-02-17 13:55:23 +0000
@@ -12,12 +12,12 @@
* packet is passed as it is. Otherwise, the packet is translated to
* the corresponding LSIs. See the following document for more technical
* details:
- *
+ *
* <a href="http://hipl.hiit.fi/hipl/thesis_teresa_finez.pdf";>T. Finez,
* Backwards Compatibility Experimentation with Host Identity Protocol
* and Legacy Software and Networks , final project, December 2008</a>
*
- * @brief Local-Scope Identifier (LSI) input and output processing
+ * @brief Local-Scope Identifier (LSI) input and output processing
*
* @author Teresa Finez
*/
@@ -38,8 +38,8 @@
* Checks if the packet is a reinjection
*
* @param ip_src pointer to the source address
- * @return 1 if the dst id is a local lsi
- * 0 otherwise
+ * @return 1 if the dst id is a local lsi
+ * 0 otherwise
*/
int hip_is_packet_lsi_reinjection(hip_lsi_t *lsi)
{
@@ -67,8 +67,8 @@
* @param m pointer to the packet
* @param ip_src ipv6 source address
* @param ip_dst ipv6 destination address
- * @return 1 if translation not done
- * 0 if packet reinjected with lsis as addresses
+ * @return 1 if translation not done
+ * 0 if packet reinjected with lsis as addresses
*/
int hip_fw_handle_incoming_hit(const ipq_packet_msg_t *m,
@@ -184,7 +184,7 @@
* @param m pointer to the packet
* @param lsi_src source LSI
* @param lsi_dst destination LSI
- * @return err during the BEX
+ * @return err during the BEX
*/
int hip_fw_handle_outgoing_lsi(ipq_packet_msg_t *m, struct in_addr *lsi_src,
struct in_addr *lsi_dst)
@@ -367,7 +367,7 @@
* @param m pointer to the packet
* @param ipOrigTraffic type of Traffic (IPv4 or IPv6)
* @param incoming packet direction
- * @return err during the reinjection
+ * @return err during the reinjection
*/
int hip_reinject_packet(const struct in6_addr *src_hit,
const struct in6_addr *dst_hit,
=== modified file 'firewall/proxy.c'
--- firewall/proxy.c 2010-02-12 10:47:40 +0000
+++ firewall/proxy.c 2010-02-17 13:55:23 +0000
@@ -818,7 +818,7 @@
}
HIP_DEBUG("Previous checksum: %X\n", (tcp->check));
-// tcp->check = htons(0);
+//tcp->check = htons(0);
if (src_is_ipv4 && dst_is_ipv4) {
//struct tcphdr * tcptemp;
=== modified file 'firewall/sysopp.c'
--- firewall/sysopp.c 2010-02-11 09:57:04 +0000
+++ firewall/sysopp.c 2010-02-17 13:55:23 +0000
@@ -22,10 +22,9 @@
* Checks whether a particular hit is one of the local ones.
* Goes through all the local hits and compares with the given hit.
*
- * @param *hit the input src hit
- *
- * @return 1 if *hit is a local hit
- * 0 otherwise
+ * @param *hit the input src hit
+ * @return 1 if *hit is a local hit
+ * 0 otherwise
*/
static int hit_is_local_hit(const struct in6_addr *hit)
{
@@ -104,8 +103,8 @@
* in the local database the necessary information for
* doing the packet reinjection with HITs.
*
- * @param *ctx the contect of the packet
- * @return the verdict for the packet
+ * @param *ctx the contect of the packet
+ * @return the verdict for the packet
*/
int hip_fw_handle_outgoing_system_based_opp(const hip_fw_context_t *ctx,
const int default_verdict)
=== modified file 'firewall/user_ipsec_api.c'
--- firewall/user_ipsec_api.c 2010-02-11 18:03:28 +0000
+++ firewall/user_ipsec_api.c 2010-02-17 13:55:23 +0000
@@ -98,7 +98,7 @@
* initializes the sadb, packet buffers and the sockets and notifies
* the hipd about the activation of userspace ipsec
*
- * @return 0, if correct, else != 0
+ * @return 0, if correct, else != 0
*/
int userspace_ipsec_init(void)
{
@@ -177,8 +177,8 @@
/**
* prepares the context for performing the ESP transformation
*
- * @param ctx the firewall context of the packet to be processed
- * @return 0, if correct, else != 0
+ * @param ctx the firewall context of the packet to be processed
+ * @return 0, if correct, else != 0
*/
int hip_fw_userspace_ipsec_output(const hip_fw_context_t *ctx)
{
@@ -310,8 +310,8 @@
/**
* prepares the context for performing the ESP transformation
*
- * @param ctx the firewall context of the packet to be processed
- * @return 0, if correct, else != 0
+ * @param ctx the firewall context of the packet to be processed
+ * @return 0, if correct, else != 0
*/
int hip_fw_userspace_ipsec_input(const hip_fw_context_t *ctx)
{
=== modified file 'firewall/user_ipsec_esp.c'
--- firewall/user_ipsec_esp.c 2010-02-11 17:21:17 +0000
+++ firewall/user_ipsec_esp.c 2010-02-17 13:55:23 +0000
@@ -39,9 +39,9 @@
/** calculates the IP-checksum
*
- * @param ip_hdr packet to be checksumed
- * @param ip_hl header length field inside the header
- * @return the IP checksum
+ * @param ip_hdr packet to be checksumed
+ * @param ip_hl header length field inside the header
+ * @return the IP checksum
*/
static uint16_t checksum_ip(struct ip *ip_hdr, const unsigned int ip_hl)
{
@@ -77,9 +77,9 @@
/** adds an UDP-header to the packet
*
- * @param udp_hdr location of the udp_hdr
- * @param packet_len packet length
- * @param entry corresponding host association entry
+ * @param udp_hdr location of the udp_hdr
+ * @param packet_len packet length
+ * @param entry corresponding host association entry
*/
static void add_udp_header(struct udphdr *udp_hdr,
const uint16_t packet_len,
@@ -99,13 +99,13 @@
/** creates a packet according to BEET mode ESP specification
*
- * @param ctx packet context
- * @param entry corresponding host
association entry
- * @param preferred_local_addr globally routable src IP address
- * @param preferred_peer_addr globally routable dst IP address
- * @param esp_packet location of esp packet
- * @param esp_packet_len packet length
- * @return 0, if correct, else != 0
+ * @param ctx packet context
+ * @param entry corresponding host association entry
+ * @param preferred_local_addr globally routable src IP address
+ * @param preferred_peer_addr globally routable dst IP address
+ * @param esp_packet location of esp packet
+ * @param esp_packet_len packet length
+ * @return 0, if correct, else != 0
*/
int hip_beet_mode_output(const hip_fw_context_t *ctx, hip_sa_entry_t *entry,
const struct in6_addr *preferred_local_addr,
@@ -306,11 +306,11 @@
/** handles a received packet according to BEET mode ESP specification
*
- * @param ctx packet context
- * @param entry corresponding host
association entry
- * @param decrypted_packet location of decrypted packet
- * @param decrypted_packet_len packet length of decrypted packet
- * @return 0, if correct, != 0 else
+ * @param ctx packet context
+ * @param entry corresponding host association entry
+ * @param decrypted_packet location of decrypted packet
+ * @param decrypted_packet_len packet length of decrypted packet
+ * @return 0, if correct, != 0 else
*/
int hip_beet_mode_input(const hip_fw_context_t *ctx, hip_sa_entry_t *entry,
unsigned char *decrypted_packet,
@@ -366,14 +366,14 @@
/** encrypts the payload of ESP packets and adds authentication information
*
- * @param in the input-buffer containing the data to be encrypted
- * @param in_type value of the next header type
- * @param in_len the length of the input-buffer
- * @param out the output-buffer
- * @param out_len the length of the output-buffer
- * @param entry the SA entry containing information about algorithms
- * and key to be used
- * @return 0, if correct, != 0 else
+ * @param in the input-buffer containing the data to be encrypted
+ * @param in_type value of the next header type
+ * @param in_len the length of the input-buffer
+ * @param out the output-buffer
+ * @param out_len the length of the output-buffer
+ * @param entry the SA entry containing information about algorithms
+ * and key to be used
+ * @return 0, if correct, != 0 else
*/
int hip_payload_encrypt(unsigned char *in,
const uint8_t in_type,
@@ -580,14 +580,14 @@
/** decrypts the payload of ESP packets and verifies authentication
*
- * @param in the input-buffer containing the data to be encrypted
- * @param in_len the length of the input-buffer
- * @param out the output-buffer
- * @param out_type type value of the ESP next header field
- * @param out_len the length of the output-buffer
- * @param entry the SA entry containing information about algorithms
- * and key to be used
- * @return 0, if correct, != 0 else
+ * @param in the input-buffer containing the data to be encrypted
+ * @param in_len the length of the input-buffer
+ * @param out the output-buffer
+ * @param out_type type value of the ESP next header field
+ * @param out_len the length of the output-buffer
+ * @param entry the SA entry containing information about algorithms
+ * and key to be used
+ * @return 0, if correct, != 0 else
*/
int hip_payload_decrypt(const unsigned char *in, const uint16_t in_len,
unsigned char *out, uint8_t *out_type, uint16_t
*out_len,
@@ -787,11 +787,11 @@
/** adds an IPv4-header to the packet
*
- * @param ip_hdr pointer to location where IPv4 header should be
written to
- * @param src_addr IPv4 source address
- * @param dst_addr IPv4 destination address
- * @param packet_len packet length
- * @param next_hdr next header value
+ * @param ip_hdr pointer to location where IPv4 header should be
written to
+ * @param src_addr IPv4 source address
+ * @param dst_addr IPv4 destination address
+ * @param packet_len packet length
+ * @param next_hdr next header value
*/
void add_ipv4_header(struct ip *ip_hdr, const struct in6_addr *src_addr,
const struct in6_addr *dst_addr, const uint16_t
packet_len,
@@ -823,11 +823,11 @@
/** adds an IPv6-header to the packet
*
- * @param ip_hdr pointer to location where IPv6 header should be
written to
- * @param src_addr IPv6 source address
- * @param dst_addr IPv6 destination address
- * @param packet_len packet length
- * @param next_hdr next header value
+ * @param ip_hdr pointer to location where IPv6 header should be
written to
+ * @param src_addr IPv6 source address
+ * @param dst_addr IPv6 destination address
+ * @param packet_len packet length
+ * @param next_hdr next header value
*/
void add_ipv6_header(struct ip6_hdr *ip6_hdr, const struct in6_addr *src_addr,
const struct in6_addr *dst_addr, const uint16_t
packet_len,
=== modified file 'firewall/user_ipsec_sadb.c'
--- firewall/user_ipsec_sadb.c 2010-02-11 17:43:39 +0000
+++ firewall/user_ipsec_sadb.c 2010-02-17 13:55:23 +0000
@@ -41,8 +41,8 @@
/**
* hashes the inner addresses (for now) to lookup the corresponding SA entry
*
- * @param sa_entry partial SA entry containing inner addresses and IPsec
mode
- * @return hash of inner addresses
+ * @param sa_entry partial SA entry containing inner addresses and IPsec mode
+ * @return hash of inner addresses
*/
static unsigned long hip_sa_entry_hash(const hip_sa_entry_t *sa_entry)
{
@@ -91,9 +91,9 @@
/**
* compares the hashes of 2 SA entries to check if they are the same
*
- * @param first SA entry to be compared with
- * @param second SA entry to be compared with
- * @return 1 if different entries, else 0
+ * @param sa_entry1 first SA entry to be compared with
+ * @param sa_entry2 second SA entry to be compared with
+ * @return 1 if different entries, else 0
*/
static int hip_sa_entries_cmp(const hip_sa_entry_t *sa_entry1,
const hip_sa_entry_t *sa_entry2)
@@ -124,8 +124,8 @@
/**
* hashes the outer dst address and IPsec SPI to lookup the corresponding SA
entry
*
- * @param sa_entry link entry containing outer dst address and IPsec SPI
- * @return hash of outer dst address and IPsec SPI
+ * @param sa_entry link entry containing outer dst address and IPsec SPI
+ * @return hash of outer dst address and IPsec SPI
*/
static unsigned long hip_link_entry_hash(const hip_link_entry_t *link_entry)
{
@@ -164,9 +164,9 @@
/**
* compares the hashes of 2 link entries to check if they are the same
*
- * @param first link entry to be compared with
- * @param second link entry to be compared with
- * @return 1 if different entries, else 0
+ * @param link_entry1 first link entry to be compared with
+ * @param link_entry2 second link entry to be compared with
+ * @return 1 if different entries, else 0
*/
static int hip_link_entries_cmp(const hip_link_entry_t *link_entry1,
const hip_link_entry_t *link_entry2)
@@ -198,8 +198,8 @@
* callback wrappers providing per-variable casts before calling the
* type-specific callbacks
*
- * @param hip_sa_entry function pointer
- * @param hip_sa_entry_t type to be casted to
+ * @param hip_sa_entry function pointer
+ * @param hip_sa_entry_t type to be casted to
*
* @note appends _hash to given function
*/
@@ -209,8 +209,8 @@
* callback wrappers providing per-variable casts before calling the
* type-specific callbacks
*
- * @param hip_sa_entries function pointer
- * @param hip_sa_entry_t type to be casted to
+ * @param hip_sa_entries function pointer
+ * @param hip_sa_entry_t type to be casted to
*
* @note appends _cmp to given function
*/
@@ -220,8 +220,8 @@
* callback wrappers providing per-variable casts before calling the
* type-specific callbacks
*
- * @param hip_link_entry function pointer
- * @param hip_link_entry_t type to be casted to
+ * @param hip_link_entry function pointer
+ * @param hip_link_entry_t type to be casted to
*
* @note appends _hash to given function
*/
@@ -231,8 +231,8 @@
* callback wrappers providing per-variable casts before calling the
* type-specific callbacks
*
- * @param hip_sa_entries function pointer
- * @param hip_link_entry_t type to be casted to
+ * @param hip_sa_entries function pointer
+ * @param hip_link_entry_t type to be casted to
*
* @note appends _cmp to given function
*/
@@ -241,9 +241,9 @@
/**
* finds a link entry in the linkdb
*
- * @param dst_addr outer destination address
- * @param spi IPsec SPI number
- * @return corresponding link entry
+ * @param dst_addr outer destination address
+ * @param spi IPsec SPI number
+ * @return corresponding link entry
*/
static hip_link_entry_t * hip_link_entry_find(const struct in6_addr *dst_addr,
uint32_t spi)
@@ -280,9 +280,9 @@
/**
* adds a link entry to the linkdb
*
- * @param dst_addr outer destination address
- * @param entry SA entry this link points to
- * @return 0 on success, else -1
+ * @param dst_addr outer destination address
+ * @param entry SA entry this link points to
+ * @return 0 on success, else -1
*/
static int hip_link_entry_add(struct in6_addr *dst_addr, hip_sa_entry_t *entry)
{
@@ -306,9 +306,9 @@
/**
* removes a link entry from the linkdb
*
- * @param dst_addr outer destination address
- * @param entry SA entry this link points to
- * @return 0 on success, else -1
+ * @param dst_addr outer destination address
+ * @param entry SA entry this link points to
+ * @return 0 on success, else -1
*/
static int hip_link_entry_delete(struct in6_addr *dst_addr, uint32_t spi)
{
@@ -337,7 +337,7 @@
/**
* prints a single link entry in the linkdb
*
- * @param entry link entry to be printed
+ * @param entry link entry to be printed
*/
void hip_link_entry_print(hip_link_entry_t *entry)
{
@@ -381,27 +381,27 @@
/**
* sets the values of a SA entry
*
- * @param entry SA entry for which the values should be set
- * @param direction direction of the SA
- * @param spi IPsec SPI number
- * @param mode ESP mode
- * @param src_addr source address of outer IP header
- * @param dst_addr destination address of outer IP header
- * @param inner_src_addr inner source addresses for tunnel and BEET SAs
- * @param inner_dst_addr inner destination addresses for tunnel and BEET
SAs
- * @param encap_mode encapsulation mode
- * @param src_port src port for UDP encaps. ESP
- * @param dst_port dst port for UDP encaps. ESP
- * @param ealg crypto transform in use
- * @param auth_key raw authentication key
- * @param enc_key raw encryption key
- * @param lifetime seconds until expiration
- * @param esp_prot_transform mode used for securing ipsec traffic
- * @param hash_item_length length of the hash item
- * @param esp_num_anchors number of anchors for parallel mode
- * @param esp_prot_anchors hash item anchors
- * @param update notification if this is an update
- * @return 0 on success, else -1
+ * @param entry SA entry for which the values should be set
+ * @param direction direction of the SA
+ * @param spi IPsec SPI number
+ * @param mode ESP mode
+ * @param src_addr source address of outer IP header
+ * @param dst_addr destination address of outer IP header
+ * @param inner_src_addr inner source addresses for tunnel and BEET SAs
+ * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs
+ * @param encap_mode encapsulation mode
+ * @param src_port src port for UDP encaps. ESP
+ * @param dst_port dst port for UDP encaps. ESP
+ * @param ealg crypto transform in use
+ * @param auth_key raw authentication key
+ * @param enc_key raw encryption key
+ * @param lifetime seconds until expiration
+ * @param esp_prot_transform mode used for securing ipsec traffic
+ * @param hash_item_length length of the hash item
+ * @param esp_num_anchors number of anchors for parallel mode
+ * @param esp_prot_anchors hash item anchors
+ * @param update notification if this is an update
+ * @return 0 on success, else -1
*/
static int hip_sa_entry_set(hip_sa_entry_t *entry,
int direction,
@@ -538,27 +538,27 @@
/**
* updates an existing SA entry
*
- * @param entry SA entry for which the values should be set
- * @param direction direction of the SA
- * @param spi IPsec SPI number
- * @param mode ESP mode
- * @param src_addr source address of outer IP header
- * @param dst_addr destination address of outer IP header
- * @param inner_src_addr inner source addresses for tunnel and BEET SAs
- * @param inner_dst_addr inner destination addresses for tunnel and BEET
SAs
- * @param encap_mode encapsulation mode
- * @param src_port src port for UDP encaps. ESP
- * @param dst_port dst port for UDP encaps. ESP
- * @param ealg crypto transform in use
- * @param auth_key raw authentication key
- * @param enc_key raw encryption key
- * @param lifetime seconds until expiration
- * @param esp_prot_transform mode used for securing ipsec traffic
- * @param hash_item_length length of the hash item
- * @param esp_num_anchors number of anchors for parallel mode
- * @param esp_prot_anchors hash item anchors
- * @param update notification if this is an update
- * @return 0 on success, else -1
+ * @param entry SA entry for which the values should be set
+ * @param direction direction of the SA
+ * @param spi IPsec SPI number
+ * @param mode ESP mode
+ * @param src_addr source address of outer IP header
+ * @param dst_addr destination address of outer IP header
+ * @param inner_src_addr inner source addresses for tunnel and BEET SAs
+ * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs
+ * @param encap_mode encapsulation mode
+ * @param src_port src port for UDP encaps. ESP
+ * @param dst_port dst port for UDP encaps. ESP
+ * @param ealg crypto transform in use
+ * @param auth_key raw authentication key
+ * @param enc_key raw encryption key
+ * @param lifetime seconds until expiration
+ * @param esp_prot_transform mode used for securing ipsec traffic
+ * @param hash_item_length length of the hash item
+ * @param esp_num_anchors number of anchors for parallel mode
+ * @param esp_prot_anchors hash item anchors
+ * @param update notification if this is an update
+ * @return 0 on success, else -1
*/
static int hip_sa_entry_update(int direction,
uint32_t spi,
@@ -618,7 +618,7 @@
/**
* frees an SA entry
*
- * @param entry SA entry to be freed
+ * @param entry SA entry to be freed
*/
static void hip_sa_entry_free(hip_sa_entry_t *entry)
{
@@ -650,27 +650,27 @@
/**
* adds an SA entry
*
- * @param entry SA entry for which the values should be set
- * @param direction direction of the SA
- * @param spi IPsec SPI number
- * @param mode ESP mode
- * @param src_addr source address of outer IP header
- * @param dst_addr destination address of outer IP header
- * @param inner_src_addr inner source addresses for tunnel and BEET SAs
- * @param inner_dst_addr inner destination addresses for tunnel and BEET
SAs
- * @param encap_mode encapsulation mode
- * @param src_port src port for UDP encaps. ESP
- * @param dst_port dst port for UDP encaps. ESP
- * @param ealg crypto transform in use
- * @param auth_key raw authentication key
- * @param enc_key raw encryption key
- * @param lifetime seconds until expiration
- * @param esp_prot_transform mode used for securing ipsec traffic
- * @param hash_item_length length of the hash item
- * @param esp_num_anchors number of anchors for parallel mode
- * @param esp_prot_anchors hash item anchors
- * @param update notification if this is an update
- * @return 0 on success, else -1
+ * @param entry SA entry for which the values should be set
+ * @param direction direction of the SA
+ * @param spi IPsec SPI number
+ * @param mode ESP mode
+ * @param src_addr source address of outer IP header
+ * @param dst_addr destination address of outer IP header
+ * @param inner_src_addr inner source addresses for tunnel and BEET SAs
+ * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs
+ * @param encap_mode encapsulation mode
+ * @param src_port src port for UDP encaps. ESP
+ * @param dst_port dst port for UDP encaps. ESP
+ * @param ealg crypto transform in use
+ * @param auth_key raw authentication key
+ * @param enc_key raw encryption key
+ * @param lifetime seconds until expiration
+ * @param esp_prot_transform mode used for securing ipsec traffic
+ * @param hash_item_length length of the hash item
+ * @param esp_num_anchors number of anchors for parallel mode
+ * @param esp_prot_anchors hash item anchors
+ * @param update notification if this is an update
+ * @return 0 on success, else -1
*/
static int hip_sa_entry_add(int direction, uint32_t spi, uint32_t mode,
struct in6_addr *src_addr, struct in6_addr
*dst_addr,
@@ -779,7 +779,7 @@
/**
* prints a single SA entry
*
- * @param entry SA entry to be printed
+ * @param entry SA entry to be printed
*/
void hip_sa_entry_print(const hip_sa_entry_t *entry)
{
@@ -880,27 +880,27 @@
/**
* adds or updates SA entry
*
- * @param direction represents inbound or outbound direction
- * @param spi ipsec spi for demultiplexing
- * @param mode ipsec mode to be used for the SA
- * @param src_addr outer globally routable source ip address
- * @param dst_addr outer globally routable destination ip address
- * @param inner_src_addr inner source address
- * @param inner_dst_addr inner destination address
- * @param encap_mode defines whether no or udp encapsulation is to be used
- * @param local_port the local port in case of udp encapsulation
- * @param peer_port the peer port in case of udp encapsulation
- * @param ealg crypto transform to be used for the SA
- * @param auth_key raw authentication key
- * @param enc_key raw encryption key
- * @param lifetime of the SA
- * @param esp_prot_transform mode used for securing ipsec traffic
- * @param hash_item_length length of the hash item used by the peer for
esp_prot
- * @param esp_num_anchors number of hash items in case of parallel
esp_prot mode
- * @param esp_prot_anchors anchor elements of the hash items used by the
peer
- * @param retransmission notification if this event derives from a
retransmission
- * @param update notification if this event derives from an update
- * @return -1, if error occurred, else 0
+ * @param entry SA entry for which the values should be set
+ * @param direction direction of the SA
+ * @param spi IPsec SPI number
+ * @param mode ESP mode
+ * @param src_addr source address of outer IP header
+ * @param dst_addr destination address of outer IP header
+ * @param inner_src_addr inner source addresses for tunnel and BEET SAs
+ * @param inner_dst_addr inner destination addresses for tunnel and BEET SAs
+ * @param encap_mode encapsulation mode
+ * @param src_port src port for UDP encaps. ESP
+ * @param dst_port dst port for UDP encaps. ESP
+ * @param ealg crypto transform in use
+ * @param auth_key raw authentication key
+ * @param enc_key raw encryption key
+ * @param lifetime seconds until expiration
+ * @param esp_prot_transform mode used for securing ipsec traffic
+ * @param hash_item_length length of the hash item
+ * @param esp_num_anchors number of anchors for parallel mode
+ * @param esp_prot_anchors hash item anchors
+ * @param update notification if this is an update
+ * @return 0 on success, else -1
*/
int hip_sadb_add(int direction, uint32_t spi, uint32_t mode,
struct in6_addr *src_addr, struct in6_addr *dst_addr,
@@ -960,9 +960,9 @@
/**
* removes an SA entry and all corresponding links from the sadb
*
- * @param dst_addr destination ip address of the entry
- * @param spi spi number of the entry
- * @return -1, if error occurred, else 0
+ * @param dst_addr destination ip address of the entry
+ * @param spi spi number of the entry
+ * @return -1, if error occurred, else 0
*/
int hip_sadb_delete(struct in6_addr *dst_addr, uint32_t spi)
{
@@ -982,7 +982,7 @@
/**
* flushes all entries in the sadb
*
- * @return -1, if error occurred, else 0
+ * @return -1, if error occurred, else 0
*/
int hip_sadb_flush()
{
@@ -1007,9 +1007,9 @@
/**
* searches the linkdb for corresponding SA entry
*
- * @param dst_addr outer destination address of the ip packet
- * @param spi SPI number of the searched entry
- * @return SA entry on success or NULL if no matching entry was found
+ * @param dst_addr outer destination address of the ip packet
+ * @param spi SPI number of the searched entry
+ * @return SA entry on success or NULL if no matching entry was found
*/
hip_sa_entry_t *hip_sa_entry_find_inbound(const struct in6_addr *dst_addr,
uint32_t spi)
{
@@ -1033,9 +1033,9 @@
/**
* searches the sadb for a SA entry
*
- * @param src_hit inner source address
- * @param dst_hit inner destination address
- * @return SA entry on success or NULL if no matching entry found
+ * @param src_hit inner source address
+ * @param dst_hit inner destination address
+ * @return SA entry on success or NULL if no matching entry found
*/
hip_sa_entry_t *hip_sa_entry_find_outbound(const struct in6_addr *src_hit,
const struct in6_addr *dst_hit)
Other related posts:
- » [hipl-commit] [trunk] Rev 3663: fixed still existing TABs in firewall - Rene Hummen
