Merge lp:~christian-roeller/hipl/whitelisting into lp:hipl
- whitelisting
- Merge into trunk
Status: | Superseded |
---|---|
Proposed branch: | lp:~christian-roeller/hipl/whitelisting |
Merge into: | lp:hipl |
Diff against target: |
204 lines (+100/-20) 2 files modified
hipd/netdev.c (+98/-20) hipd/netdev.h (+2/-0) |
To merge this branch: | bzr merge lp:~christian-roeller/hipl/whitelisting |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Diego Biurrun | Needs Fixing | ||
Stefan Götz (community) | Approve | ||
Review via email: mp+67982@code.launchpad.net |
This proposal has been superseded by a proposal from 2011-08-10.
Commit message
Extension for the whitelist-
Alias-Interfaces have the same index as its physical interfaces for the linux kernel, so this extension considers also the interface-labels, when a new netlink event comes in and checks if this label is whitelisted or not.
Description of the change
Change in the whitelisting of hipl:
The problem with the current whitelisting fuction is, that it only considers the interface-indexes. So when you for instance want to whitelist your eth0 interface, but there are also alias-interfaces for this interface on your machine, then a change for this alias-interfaces would also trigger an update, because these interfaces have the same interface-index for the kernel.
To have a more concrete possibility to whitelist interfaces, I extend the whitelist-structure with the interface-label. So that when you now whitelist your interface eth0, only changes on this interface would trigger an update and not for the alias-interfaces.
I did this by just checking for every incoming NEWADDR netlinkevent, if the corresponding label for this address is whitelisted or not.
So please have a look and just tell if you are fine with this...
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
Miika Komu (miika-iki) wrote : | # |
Quick test report: seems to work without any troubles.
- 5983. By Christian Röller
-
a few changes due to policy violations and cleanup
- 5984. By Christian Röller
-
a few changes to impvove maintainability
- 5985. By Christian Röller
-
another maintainability improvement
Christian Röller (christian-roeller) wrote : | # |
Once my exam is over I have finally found the time to work on your improvement suggestions...
> Hi Christian!
>
> Thanks for this helpful contribution! My comments below:
>
> > > === modified file 'hipd/netdev.c'
> > > --- hipd/netdev.c 2011-05-31 18:21:28 +0000
> > > +++ hipd/netdev.c 2011-07-14 15:34:41 +0000
> > > -static void hip_netdev_
> > > +static void hip_netdev_
> char *const device_name)
>
> [L] cleanup: please add a 'const' modifier to the 'if_index' argument
> [L] cleanup: I guess that 'if_index' cannot be less than 0. If so, it would be
> nice to change its type to unsigned to communicate this fact to the caller.
Both done, you are right no reason here for dont make it unsigned and const...
>
> > > {
> > > if (hip_netdev_
> > > - hip_netdev_
> > > + hip_netdev_
> if_index;
> > > +
> strncpy(
> device_name, IF_NAMESIZE);
> [L] maintainability: it is more maintainable to use
> 'sizeof(
> the
> size of the 'if_label' field can be changed in the struct declaration without
> having to touch other code.
Good point I didnt take this into account, its changed now
>
> > > @@ -120,16 +127,18 @@
> > > }
> > >
> > > /**
> > > - * Test if the given network interface index is white listed.
> > > + * Test if the given network interface index plus label is white listed.
> > > *
> > > * @param if_index the index of the network interface to be tested
> > > + * @param device_name the label of the network interface to be tested
> > > * @return 1 if the index is whitelisted or zero otherwise
> > > */
> > > -static int hip_netdev_
> > > +static int hip_netdev_
>
> [M] policy: please apply full const correctness to the function arguments.
> [L] cleanup: it would be nice to change the type of 'if_index' to unsigned as
> it
> can never be < 0 (I guess)
Same as above, so done...
>
> > > {
> > > - int i = 0;
> > > + int i;
> > > for (i = 0; i < hip_netdev_
>
> [L] style: you could even place the declaration of 'i' in the for() header.
Yes I can, so I did... ;-) The actual writer did it like this, so I just adopt it...
>
> > > - if (hip_netdev_
> > > + if (hip_netdev_
> > > + !strncmp(
> IF_NAMESIZE)) {
>
> [L] maintainability: 'sizeof()' instead of 'IF_NAMESIZE', see above
Done...but I use sizeof()-1 to do not override the null-termination
>
> > > @@ -637,7 +645,7 @@
> > > HIP_IFEL(!(if_index = if_nametoindex(
> > > -1, "if_nametoindex failed\n");
> > > /* Check if our interface is in the whitelist */
> > > - if ((hip_netdev_
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
Hi Christian!
Thanks for your detailed reply! I was on holidays so that's why my answer is
quite late:
>>>> - if (hip_netdev_
>>>> + if (hip_netdev_
>>>> + !strncmp(
>> IF_NAMESIZE)) {
>>
>> [L] maintainability: 'sizeof()' instead of 'IF_NAMESIZE', see above
>
> Done...but I use sizeof()-1 to do not override the null-termination
Hm - in the case of the read-only 'strncmp()' function, I'm pretty sure that you
want to check both strings to their full extent, including the null-terminating
character. Otherwise, you can get false positives with unterminated strings (I
know, that's a pathological case, but still, passing 'sizeof() - 1' to
'strncmp()' seems logically incorrect to me).
>>>> +int hip_find_
>>
>> [M] policy: please ensure full const correctness
>
> I write to label and cast addr, so I cannot declare const, can I?
You can use 'const struct sockaddr *const addr' and cast it to 'const struct
sockaddr_in const* s4_in'. Similarly, you can use 'char *const label' as you do
not intend to or do change the pointer value.
>>>> + res = getifaddrs(
>>>> + for (ifa = myaddrs; ifa != NULL; ifa = ifa->ifa_next) {
>>>> + if (ifa->ifa_addr == NULL) continue;
>>>> + if (ifa->ifa_
>> ifa->ifa_
>>
>> [M] policy: HIPL always uses "long" if statements including braces and
>> newlines.
>> Please adhere to that style. Do you use the pre-commit hook for checking your
>> code style? I'm asking because I'm surprised that the checker does not catch
>> this.
>
> For me the statement doesnt include braces or a new line. Maybe I have changed it and forgot to commit it...maybe you can check it again...
Exactly my point: it *should* include braces and newlines but currently it does
not :-) It should read
if (ifa->ifa_addr == NULL) {
continue;
}
etc.
>> [L] maintainability: similar to the above cases, 'sizeof(s4_in)' would be more
>> easily maintainable and more obvious to read than 'sizeof(struct
>> sockaddr_in)'.
>> The same applies to the code below.
>>
>>>> + strncpy(label, ifa->ifa_name, IF_NAMESIZE);
>>
>> [L] 'sizeof()'
>
> Both done, like described above...
Just like 'strncmp()', 'strncpy()' should use the full character array - the
code should also check that the string to copy is not longer than the given
character array - 1 or otherwise return an error from the function. Only this
combination will ensure that the string is either copied correctly or an error
is detected under all circumstances.
>>>> + freeifaddrs(
>>>> + return 1;
>>>> + }
>>>> + }
>>>> + if (ifa->ifa_
>>>> + s6 = (struct sockaddr_in6 *)(ifa->ifa_addr);
>>>> + if (!memcmp(s6_in, s6, sizeof(struct sockaddr_in6))) {
>>>> + strncpy(label, ifa->ifa_name, IF_NAMESIZE);
>>>> + freeifaddrs(
>>>> + return 1;
>>
>> [L] styl...
- 5986. By Christian Röller
-
A few changes respecting style, policy and maintainability.
Christian Röller (christian-roeller) wrote : | # |
> Hi Christian!
>
> Thanks for your detailed reply! I was on holidays so that's why my answer is
> quite late:
No problem my first reply has also taken a while due to my exam preparations ;-)
>
> >>>> - if (hip_netdev_
> >>>> + if (hip_netdev_
> >>>> + !strncmp(
> >> IF_NAMESIZE)) {
> >>
> >> [L] maintainability: 'sizeof()' instead of 'IF_NAMESIZE', see above
> >
> > Done...but I use sizeof()-1 to do not override the null-termination
>
> Hm - in the case of the read-only 'strncmp()' function, I'm pretty sure that
> you
> want to check both strings to their full extent, including the null-
> terminating
> character. Otherwise, you can get false positives with unterminated strings (I
> know, that's a pathological case, but still, passing 'sizeof() - 1' to
> 'strncmp()' seems logically incorrect to me).
Yes of course...I never did it in the code. This was just a comment at the wrong position.
>
> >>>> +int hip_find_
> >>
> >> [M] policy: please ensure full const correctness
> >
> > I write to label and cast addr, so I cannot declare const, can I?
>
> You can use 'const struct sockaddr *const addr' and cast it to 'const struct
> sockaddr_in const* s4_in'. Similarly, you can use 'char *const label' as you
> do
> not intend to or do change the pointer value.
Yes you are right, did it.
>
> >>>> + res = getifaddrs(
> >>>> + for (ifa = myaddrs; ifa != NULL; ifa = ifa->ifa_next) {
> >>>> + if (ifa->ifa_addr == NULL) continue;
> >>>> + if (ifa->ifa_
> >> ifa->ifa_
> >>
> >> [M] policy: HIPL always uses "long" if statements including braces and
> >> newlines.
> >> Please adhere to that style. Do you use the pre-commit hook for checking
> your
> >> code style? I'm asking because I'm surprised that the checker does not
> catch
> >> this.
> >
> > For me the statement doesnt include braces or a new line. Maybe I have
> changed it and forgot to commit it...maybe you can check it again...
>
> Exactly my point: it *should* include braces and newlines but currently it
> does
> not :-) It should read
>
> if (ifa->ifa_addr == NULL) {
> continue;
> }
>
> etc.
Ah OK now I got your point...sorry ;-) I changed it
>
> >> [L] maintainability: similar to the above cases, 'sizeof(s4_in)' would be
> more
> >> easily maintainable and more obvious to read than 'sizeof(struct
> >> sockaddr_in)'.
> >> The same applies to the code below.
> >>
> >>>> + strncpy(label, ifa->ifa_name, IF_NAMESIZE);
> >>
> >> [L] 'sizeof()'
> >
> > Both done, like described above...
>
> Just like 'strncmp()', 'strncpy()' should use the full character array - the
> code should also check that the string to copy is not longer than the given
> character array - 1 or otherwise return an error from the function. Only this
> combination will ensure that the string is either copied correctly or an error
> is detected under all circumstances.
OK, I changed it in the following way:
I chec...
Stefan Götz (stefan.goetz-deactivatedaccount) : | # |
Diego Biurrun (diego-biurrun) wrote : | # |
review needs-fixing
On Thu, Jul 14, 2011 at 03:34:45PM +0000, Christian Röller wrote:
> Christian Röller has proposed merging lp:~christian-roeller/hipl/whitelisting into lp:hipl.
Formatting is messed-up. Didn't you install the uncrustify pre-commit
hook as described in doc/HACKING? Why?
Diego
- 5987. By Christian Röller
-
Correct some code style violations.
Christian Röller (christian-roeller) wrote : | # |
> review needs-fixing
>
> On Thu, Jul 14, 2011 at 03:34:45PM +0000, Christian Röller wrote:
> > Christian Röller has proposed merging lp:~christian-
> roeller/
>
> Formatting is messed-up. Didn't you install the uncrustify pre-commit
> hook as described in doc/HACKING? Why?
>
> Diego
Sorry for that, I checked now my modifications with the stylechecker and correct everything it complained about.
Diego Biurrun (diego-biurrun) wrote : | # |
On Mon, Aug 01, 2011 at 09:19:26AM +0000, Christian Röller wrote:
> > On Thu, Jul 14, 2011 at 03:34:45PM +0000, Christian Röller wrote:
> > > Christian Röller has proposed merging lp:~christian-
> > roeller/
> >
> > Formatting is messed-up. Didn't you install the uncrustify pre-commit
> > hook as described in doc/HACKING? Why?
>
> Sorry for that, I checked now my modifications with the stylechecker
> and correct everything it complained about.
I'm not trying to pass blame around. I want to know why some of our
processes are not working as intended, so that we can fix them.
Why were you not running uncrustify? Did you just forget to install
the hook (no big deal, we all make mistakes and we have review for a
reason) or did you not know about it? Where would we have to advertise
it so that the next newcomer is informed of its existence?
Diego
Christian Röller (christian-roeller) wrote : | # |
> On Mon, Aug 01, 2011 at 09:19:26AM +0000, Christian Röller wrote:
> > > On Thu, Jul 14, 2011 at 03:34:45PM +0000, Christian Röller wrote:
> > > > Christian Röller has proposed merging lp:~christian-
> > > roeller/
> > >
> > > Formatting is messed-up. Didn't you install the uncrustify pre-commit
> > > hook as described in doc/HACKING? Why?
> >
> > Sorry for that, I checked now my modifications with the stylechecker
> > and correct everything it complained about.
>
> I'm not trying to pass blame around. I want to know why some of our
> processes are not working as intended, so that we can fix them.
>
> Why were you not running uncrustify? Did you just forget to install
> the hook (no big deal, we all make mistakes and we have review for a
> reason) or did you not know about it? Where would we have to advertise
> it so that the next newcomer is informed of its existence?
>
> Diego
I have heard that there is a hook for this, but as this is my first share,
I just forgot to install it.
So in this case it was just my fault...
But for the next newcomers, it would be nice to advertise the HACKING doc a
little bit more, because it is very helpful and I don't know about it. I just
heard about the stylechecker through the grapevine.
So sorry again and thanks for the infos...
Christian
Diego Biurrun (diego-biurrun) wrote : | # |
On Mon, Aug 01, 2011 at 09:59:28AM +0000, Christian Röller wrote:
> > On Mon, Aug 01, 2011 at 09:19:26AM +0000, Christian Röller wrote:
> > > > On Thu, Jul 14, 2011 at 03:34:45PM +0000, Christian Röller wrote:
> > > > > Christian Röller has proposed merging lp:~christian-
> > > > roeller/
> > > >
> > > > Formatting is messed-up. Didn't you install the uncrustify pre-commit
> > > > hook as described in doc/HACKING? Why?
> > >
> > > Sorry for that, I checked now my modifications with the stylechecker
> > > and correct everything it complained about.
> >
> > I'm not trying to pass blame around. I want to know why some of our
> > processes are not working as intended, so that we can fix them.
> >
> > Why were you not running uncrustify? Did you just forget to install
> > the hook (no big deal, we all make mistakes and we have review for a
> > reason) or did you not know about it? Where would we have to advertise
> > it so that the next newcomer is informed of its existence?
>
> I have heard that there is a hook for this, but as this is my first share,
> I just forgot to install it.
> So in this case it was just my fault...
I repeat: I'm not trying to pass blame around. Stop apologizing please.
> But for the next newcomers, it would be nice to advertise the HACKING doc a
> little bit more, because it is very helpful and I don't know about it. I just
> heard about the stylechecker through the grapevine.
I've updated INSTALL and the PISA wiki slightly. There's still room for
improvement though.
Diego
Christian Röller (christian-roeller) wrote : | # |
Hi,
sorry for my long absence, it was again exam-time ;-)
So I correct everything, which were mentioned. Are there more improvement suggestions or any other reasons why it should not be merged in this version?
Otherwise I would do so.
I merged it locally and as there are only a few changes in two files, it works without any trouble.
The same applies for the compiling.
Regards,
Christian
René Hummen (rene-hummen) wrote : | # |
Diego, have your comments been tackled? If so, please approve the merge request.
Diego Biurrun (diego-biurrun) wrote : | # |
On Wed, Aug 10, 2011 at 02:07:38PM +0000, Christian Röller wrote:
>
> So I correct everything, which were mentioned. Are there more
> improvement suggestions or any other reasons why it should not be
> merged in this version?
> Otherwise I would do so.
The general idea is that you resubmit a fixed merge proposal.
Diego
Diego Biurrun (diego-biurrun) wrote : | # |
On Wed, Aug 10, 2011 at 02:39:35PM +0000, René Hummen wrote:
> Diego, have your comments been tackled? If so, please approve the merge request.
There was no updated merge request, so the answer is no.
Diego
Christian Röller (christian-roeller) wrote : | # |
> On Wed, Aug 10, 2011 at 02:39:35PM +0000, René Hummen wrote:
> > Diego, have your comments been tackled? If so, please approve the merge
> request.
>
> There was no updated merge request, so the answer is no.
>
> Diego
I correct the code style violations with revision 5987.
What do you mean with updated merge request? I answered on your needs-fixing comment and correct it.
I did the same for Stefan's needs-fixing request and he approved it.
What should I rather have done?
Christian
René Hummen (rene-hummen) wrote : | # |
On 10.08.2011, at 17:11, Christian Röller wrote:
>> On Wed, Aug 10, 2011 at 02:39:35PM +0000, René Hummen wrote:
>>> Diego, have your comments been tackled? If so, please approve the merge
>> request.
>>
>> There was no updated merge request, so the answer is no.
>>
>> Diego
>
> I correct the code style violations with revision 5987.
> What do you mean with updated merge request? I answered on your needs-fixing comment and correct it.
> I did the same for Stefan's needs-fixing request and he approved it.
> What should I rather have done?
In the top right corner of your merge proposal page on the Launchpad website, you can follow the link "Resubmit proposal". Don't check the option to "start afresh" in order to keep the discussion history intact and for others to follow the whole conversation.
Ciao,
René
--
Dipl.-Inform. Rene Hummen, Ph.D. Student
Chair of Communication and Distributed Systems
RWTH Aachen University, Germany
tel: +49 241 80 20772
web: http://
Diego Biurrun (diego-biurrun) wrote : | # |
On Wed, Aug 10, 2011 at 03:11:23PM +0000, Christian Röller wrote:
> > On Wed, Aug 10, 2011 at 02:39:35PM +0000, René Hummen wrote:
> > > Diego, have your comments been tackled? If so, please approve the merge
> > request.
> >
> > There was no updated merge request, so the answer is no.
>
> I correct the code style violations with revision 5987.
> What do you mean with updated merge request? I answered on your
> needs-fixing comment and correct it.
> I did the same for Stefan's needs-fixing request and he approved it.
> What should I rather have done?
Maybe you did fix it in your branch, but how would we know? We never
had a chance to see and review it. What you should do now is send
another merge request from your updated branch.
Diego
- 5988. By Christian Röller
-
cosmetic: shorten the hip_find_
label_for_ address function a little bit - 5989. By Christian Röller
-
change the return description for the hip_find_
label_for_ address function - 5990. By Christian Röller
-
cosmetic: shorten a few things
- 5991. By Christian Röller
-
cosmetic: typo in function description
- 5992. By Christian Röller
-
cosmetic: correct some typos
- 5993. By Christian Röller
-
cosmetic: alignments in function description hip_find_
label_for_ address - 5994. By Christian Röller
-
Increase the n by 1 in strncpy regarding the writing of the interfacelabel to guarantee null-termination.
- 5995. By Christian Röller
-
Add Unit-Tests for the new function hip_find_
label_for_ address in /hipd/netdev.c - 5996. By Christian Röller
-
Rebase with trunk.
- 5997. By Christian Röller
-
A few cosmetic changes and correct one mistake regarding the use of sizeof.
- 5998. By Christian Röller
-
Cosmetic issues in both files.
- 5999. By Christian Röller
-
Cosmetic issues in all files.
Unmerged revisions
- 5999. By Christian Röller
-
Cosmetic issues in all files.
- 5998. By Christian Röller
-
Cosmetic issues in both files.
- 5997. By Christian Röller
-
A few cosmetic changes and correct one mistake regarding the use of sizeof.
- 5996. By Christian Röller
-
Rebase with trunk.
- 5995. By Christian Röller
-
Add Unit-Tests for the new function hip_find_
label_for_ address in /hipd/netdev.c - 5994. By Christian Röller
-
Increase the n by 1 in strncpy regarding the writing of the interfacelabel to guarantee null-termination.
- 5993. By Christian Röller
-
cosmetic: alignments in function description hip_find_
label_for_ address - 5992. By Christian Röller
-
cosmetic: correct some typos
- 5991. By Christian Röller
-
cosmetic: typo in function description
- 5990. By Christian Röller
-
cosmetic: shorten a few things
Preview Diff
1 | === modified file 'hipd/netdev.c' | |||
2 | --- hipd/netdev.c 2011-07-21 11:28:01 +0000 | |||
3 | +++ hipd/netdev.c 2011-08-01 09:16:42 +0000 | |||
4 | @@ -100,19 +100,26 @@ | |||
5 | 100 | * size array. | 100 | * size array. |
6 | 101 | * Free slots are signaled by the value -1. | 101 | * Free slots are signaled by the value -1. |
7 | 102 | */ | 102 | */ |
10 | 103 | static int hip_netdev_white_list[HIP_NETDEV_MAX_WHITE_LIST]; | 103 | struct hip_netdev_whiteliste_entry { |
11 | 104 | static int hip_netdev_white_list_count = 0; | 104 | unsigned int if_index; |
12 | 105 | char if_label[IF_NAMESIZE]; | ||
13 | 106 | }; | ||
14 | 107 | static struct hip_netdev_whiteliste_entry hip_netdev_white_list[HIP_NETDEV_MAX_WHITE_LIST]; | ||
15 | 108 | static unsigned int hip_netdev_white_list_count = 0; | ||
16 | 105 | 109 | ||
17 | 106 | /** | 110 | /** |
19 | 107 | * Add a network interface index number to the list of white listed | 111 | * Add a network interface index number plus label to the list of white listed |
20 | 108 | * network interfaces. | 112 | * network interfaces. |
21 | 109 | * | 113 | * |
22 | 110 | * @param if_index the network interface index to be white listed | 114 | * @param if_index the network interface index to be white listed |
23 | 115 | * @param device_name the network interface label to be white listed | ||
24 | 111 | */ | 116 | */ |
26 | 112 | static void hip_netdev_white_list_add_index(int if_index) | 117 | static void hip_netdev_white_list_add_index_and_name(const unsigned int if_index, const char *const device_name) |
27 | 113 | { | 118 | { |
28 | 114 | if (hip_netdev_white_list_count < HIP_NETDEV_MAX_WHITE_LIST) { | 119 | if (hip_netdev_white_list_count < HIP_NETDEV_MAX_WHITE_LIST) { |
30 | 115 | hip_netdev_white_list[hip_netdev_white_list_count++] = if_index; | 120 | hip_netdev_white_list[hip_netdev_white_list_count].if_index = if_index; |
31 | 121 | strncpy(hip_netdev_white_list[hip_netdev_white_list_count].if_label, device_name, sizeof(hip_netdev_white_list[0].if_label) - 1); | ||
32 | 122 | hip_netdev_white_list_count++; | ||
33 | 116 | } else { | 123 | } else { |
34 | 117 | /* We should NEVER run out of white list slots!!! */ | 124 | /* We should NEVER run out of white list slots!!! */ |
35 | 118 | HIP_DIE("Error: ran out of space for white listed interfaces!\n"); | 125 | HIP_DIE("Error: ran out of space for white listed interfaces!\n"); |
36 | @@ -120,17 +127,20 @@ | |||
37 | 120 | } | 127 | } |
38 | 121 | 128 | ||
39 | 122 | /** | 129 | /** |
41 | 123 | * Test if the given network interface index is white listed. | 130 | * Test if the given network interface index plus label is white listed. |
42 | 124 | * | 131 | * |
43 | 125 | * @param if_index the index of the network interface to be tested | 132 | * @param if_index the index of the network interface to be tested |
44 | 133 | * @param device_name the label of the network interface to be tested | ||
45 | 126 | * @return 1 if the index is whitelisted or zero otherwise | 134 | * @return 1 if the index is whitelisted or zero otherwise |
46 | 127 | */ | 135 | */ |
48 | 128 | static int hip_netdev_is_in_white_list(int if_index) | 136 | static int hip_netdev_is_in_white_list(const unsigned int if_index, const char *const device_name) |
49 | 129 | { | 137 | { |
54 | 130 | int i = 0; | 138 | if (hip_netdev_white_list_count > 0) { |
55 | 131 | for (i = 0; i < hip_netdev_white_list_count; i++) { | 139 | for (unsigned int i = 0; i < hip_netdev_white_list_count; i++) { |
56 | 132 | if (hip_netdev_white_list[i] == if_index) { | 140 | if (hip_netdev_white_list[i].if_index == if_index && |
57 | 133 | return 1; | 141 | !strncmp(hip_netdev_white_list[i].if_label, device_name, sizeof(hip_netdev_white_list[0].if_label))) { |
58 | 142 | return 1; | ||
59 | 143 | } | ||
60 | 134 | } | 144 | } |
61 | 135 | } | 145 | } |
62 | 136 | return 0; | 146 | return 0; |
63 | @@ -149,19 +159,18 @@ | |||
64 | 149 | int sock = 0; | 159 | int sock = 0; |
65 | 150 | int ret = 0; | 160 | int ret = 0; |
66 | 151 | 161 | ||
68 | 152 | strncpy(ifr.ifr_name, device_name, IF_NAMESIZE); | 162 | strncpy(ifr.ifr_name, device_name, sizeof(ifr.ifr_name) - 1); |
69 | 153 | sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); | 163 | sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); |
70 | 154 | 164 | ||
71 | 155 | if (ioctl(sock, SIOCGIFINDEX, &ifr) == 0) { | 165 | if (ioctl(sock, SIOCGIFINDEX, &ifr) == 0) { |
72 | 156 | ret = 1; | 166 | ret = 1; |
74 | 157 | hip_netdev_white_list_add_index(ifr.ifr_ifindex); | 167 | hip_netdev_white_list_add_index_and_name(ifr.ifr_ifindex, device_name); |
75 | 158 | HIP_DEBUG("Adding device <%s> to white list with index <%i>.\n", | 168 | HIP_DEBUG("Adding device <%s> to white list with index <%i>.\n", |
76 | 159 | device_name, | 169 | device_name, |
77 | 160 | ifr.ifr_ifindex); | 170 | ifr.ifr_ifindex); |
78 | 161 | } else { | 171 | } else { |
79 | 162 | ret = 0; | 172 | ret = 0; |
80 | 163 | } | 173 | } |
81 | 164 | |||
82 | 165 | if (sock) { | 174 | if (sock) { |
83 | 166 | close(sock); | 175 | close(sock); |
84 | 167 | } | 176 | } |
85 | @@ -635,7 +644,7 @@ | |||
86 | 635 | HIP_IFEL(!(if_index = if_nametoindex(g_iface->ifa_name)), | 644 | HIP_IFEL(!(if_index = if_nametoindex(g_iface->ifa_name)), |
87 | 636 | -1, "if_nametoindex failed\n"); | 645 | -1, "if_nametoindex failed\n"); |
88 | 637 | /* Check if our interface is in the whitelist */ | 646 | /* Check if our interface is in the whitelist */ |
90 | 638 | if ((hip_netdev_white_list_count > 0) && (!hip_netdev_is_in_white_list(if_index))) { | 647 | if ((!hip_netdev_is_in_white_list(if_index, g_iface->ifa_name))) { |
91 | 639 | continue; | 648 | continue; |
92 | 640 | } | 649 | } |
93 | 641 | 650 | ||
94 | @@ -1123,6 +1132,68 @@ | |||
95 | 1123 | } | 1132 | } |
96 | 1124 | 1133 | ||
97 | 1125 | /** | 1134 | /** |
98 | 1135 | * This functions gives you the interface label for a given ip4 or ip6 addr. | ||
99 | 1136 | * | ||
100 | 1137 | * @param addr address for which you want to know the label | ||
101 | 1138 | * @param label pointer where the function stores the label | ||
102 | 1139 | * @return one on success, zero on error and write the label in param label | ||
103 | 1140 | */ | ||
104 | 1141 | int hip_find_label_for_address(const struct sockaddr *const addr, char *const label) | ||
105 | 1142 | { | ||
106 | 1143 | int res = 0; | ||
107 | 1144 | struct ifaddrs *myaddrs, *ifa = NULL; | ||
108 | 1145 | |||
109 | 1146 | const struct sockaddr_in *s4_in = NULL; | ||
110 | 1147 | const struct sockaddr_in6 *s6_in = NULL; | ||
111 | 1148 | struct sockaddr_in *s4; | ||
112 | 1149 | struct sockaddr_in6 *s6; | ||
113 | 1150 | |||
114 | 1151 | if (addr->sa_family == AF_INET) { | ||
115 | 1152 | s4_in = (const struct sockaddr_in *const) (addr); | ||
116 | 1153 | } | ||
117 | 1154 | if (addr->sa_family == AF_INET6) { | ||
118 | 1155 | s6_in = (const struct sockaddr_in6 *const) (addr); | ||
119 | 1156 | } | ||
120 | 1157 | |||
121 | 1158 | getifaddrs(&myaddrs); | ||
122 | 1159 | for (ifa = myaddrs; ifa != NULL; ifa = ifa->ifa_next) { | ||
123 | 1160 | if (ifa->ifa_addr == NULL) { | ||
124 | 1161 | continue; | ||
125 | 1162 | } | ||
126 | 1163 | if (ifa->ifa_addr->sa_family != AF_INET && ifa->ifa_addr->sa_family != AF_INET6) { | ||
127 | 1164 | continue; | ||
128 | 1165 | } | ||
129 | 1166 | |||
130 | 1167 | if (ifa->ifa_addr->sa_family == AF_INET) { | ||
131 | 1168 | s4 = (struct sockaddr_in *) (ifa->ifa_addr); | ||
132 | 1169 | if (!memcmp(s4_in, s4, sizeof(s4))) { | ||
133 | 1170 | if (strlen(ifa->ifa_name) <= sizeof(label) - 1) { | ||
134 | 1171 | strncpy(label, ifa->ifa_name, sizeof(label) - 1); | ||
135 | 1172 | res = 1; | ||
136 | 1173 | } else { | ||
137 | 1174 | res = 0; | ||
138 | 1175 | } | ||
139 | 1176 | break; | ||
140 | 1177 | } | ||
141 | 1178 | } | ||
142 | 1179 | if (ifa->ifa_addr->sa_family == AF_INET6) { | ||
143 | 1180 | s6 = (struct sockaddr_in6 *) (ifa->ifa_addr); | ||
144 | 1181 | if (!memcmp(s6_in, s6, sizeof(s6))) { | ||
145 | 1182 | if (strlen(ifa->ifa_name) <= sizeof(label) - 1) { | ||
146 | 1183 | strncpy(label, ifa->ifa_name, sizeof(label) - 1); | ||
147 | 1184 | res = 1; | ||
148 | 1185 | } else { | ||
149 | 1186 | res = 0; | ||
150 | 1187 | } | ||
151 | 1188 | break; | ||
152 | 1189 | } | ||
153 | 1190 | } | ||
154 | 1191 | } | ||
155 | 1192 | freeifaddrs(myaddrs); | ||
156 | 1193 | return res; | ||
157 | 1194 | } | ||
158 | 1195 | |||
159 | 1196 | /** | ||
160 | 1126 | * Netlink event handler. Handles IPsec acquire messages (triggering | 1197 | * Netlink event handler. Handles IPsec acquire messages (triggering |
161 | 1127 | * of base exchange) and updates the cache of local addresses when | 1198 | * of base exchange) and updates the cache of local addresses when |
162 | 1128 | * address changes occur. | 1199 | * address changes occur. |
163 | @@ -1168,11 +1239,6 @@ | |||
164 | 1168 | rta = IFA_RTA(ifa); | 1239 | rta = IFA_RTA(ifa); |
165 | 1169 | l = msg->nlmsg_len - NLMSG_LENGTH(sizeof(*ifa)); | 1240 | l = msg->nlmsg_len - NLMSG_LENGTH(sizeof(*ifa)); |
166 | 1170 | 1241 | ||
167 | 1171 | /* Check if our interface is in the whitelist */ | ||
168 | 1172 | if ((hip_netdev_white_list_count > 0) && | ||
169 | 1173 | (!hip_netdev_is_in_white_list(ifindex))) { | ||
170 | 1174 | continue; | ||
171 | 1175 | } | ||
172 | 1176 | 1242 | ||
173 | 1177 | if ((ifa->ifa_family != AF_INET) && | 1243 | if ((ifa->ifa_family != AF_INET) && |
174 | 1178 | (ifa->ifa_family != AF_INET6)) { | 1244 | (ifa->ifa_family != AF_INET6)) { |
175 | @@ -1214,6 +1280,18 @@ | |||
176 | 1214 | HIP_DEBUG("Unknown addr family in addr\n"); | 1280 | HIP_DEBUG("Unknown addr family in addr\n"); |
177 | 1215 | } | 1281 | } |
178 | 1216 | 1282 | ||
179 | 1283 | /* find interface label for address and check if it is whitelisted or not */ | ||
180 | 1284 | if (is_add) { | ||
181 | 1285 | char label[IF_NAMESIZE]; | ||
182 | 1286 | if (hip_find_label_for_address(addr, label)) { | ||
183 | 1287 | if ((!hip_netdev_is_in_white_list(ifa->ifa_index, label))) { | ||
184 | 1288 | HIP_DEBUG("Interface:<%s> is not whitelisted\n", label); | ||
185 | 1289 | continue; | ||
186 | 1290 | } | ||
187 | 1291 | } | ||
188 | 1292 | } | ||
189 | 1293 | |||
190 | 1294 | |||
191 | 1217 | /* Trying to add an existing address or deleting a non-existing | 1295 | /* Trying to add an existing address or deleting a non-existing |
192 | 1218 | * address */ | 1296 | * address */ |
193 | 1219 | exists = hip_exists_address_in_list(addr, ifa->ifa_index); | 1297 | exists = hip_exists_address_in_list(addr, ifa->ifa_index); |
194 | 1220 | 1298 | ||
195 | === modified file 'hipd/netdev.h' | |||
196 | --- hipd/netdev.h 2011-05-18 15:12:07 +0000 | |||
197 | +++ hipd/netdev.h 2011-08-01 09:16:42 +0000 | |||
198 | @@ -56,4 +56,6 @@ | |||
199 | 56 | int hip_map_id_to_addr(const hip_hit_t *hit, const hip_lsi_t *lsi, | 56 | int hip_map_id_to_addr(const hip_hit_t *hit, const hip_lsi_t *lsi, |
200 | 57 | struct in6_addr *addr); | 57 | struct in6_addr *addr); |
201 | 58 | 58 | ||
202 | 59 | int hip_find_label_for_address(const struct sockaddr *const addr, char *const label); | ||
203 | 60 | |||
204 | 59 | #endif /* HIP_HIPD_NETDEV_H */ | 61 | #endif /* HIP_HIPD_NETDEV_H */ |
Hi Christian!
Thanks for this helpful contribution! My comments below:
> > === modified file 'hipd/netdev.c' white_list_ add_index( int if_index) white_list_ add_index_ and_name( int if_index, const char *const device_name)
> > --- hipd/netdev.c 2011-05-31 18:21:28 +0000
> > +++ hipd/netdev.c 2011-07-14 15:34:41 +0000
> > -static void hip_netdev_
> > +static void hip_netdev_
[L] cleanup: please add a 'const' modifier to the 'if_index' argument
[L] cleanup: I guess that 'if_index' cannot be less than 0. If so, it would be
nice to change its type to unsigned to communicate this fact to the caller.
> > { white_list_ count < HIP_NETDEV_ MAX_WHITE_ LIST) { white_list[ hip_netdev_ white_list_ count++ ] = if_index; white_list[ hip_netdev_ white_list_ count]. if_index = if_index; hip_netdev_ white_list[ hip_netdev_ white_list_ count]. if_label, device_name, IF_NAMESIZE); hip_netdev_ white_list[ 0].if_label) ' than 'IF_NAMESIZE' because then the
> > if (hip_netdev_
> > - hip_netdev_
> > + hip_netdev_
> > + strncpy(
[L] maintainability: it is more maintainable to use
'sizeof(
size of the 'if_label' field can be changed in the struct declaration without
having to touch other code.
> > @@ -120,16 +127,18 @@ is_in_white_ list(int if_index) is_in_white_ list(int if_index, char *device_name)
> > }
> >
> > /**
> > - * Test if the given network interface index is white listed.
> > + * Test if the given network interface index plus label is white listed.
> > *
> > * @param if_index the index of the network interface to be tested
> > + * @param device_name the label of the network interface to be tested
> > * @return 1 if the index is whitelisted or zero otherwise
> > */
> > -static int hip_netdev_
> > +static int hip_netdev_
[M] policy: please apply full const correctness to the function arguments.
[L] cleanup: it would be nice to change the type of 'if_index' to unsigned as it
can never be < 0 (I guess)
> > { white_list_ count; i++) {
> > - int i = 0;
> > + int i;
> > for (i = 0; i < hip_netdev_
[L] style: you could even place the declaration of 'i' in the for() header.
> > - if (hip_netdev_ white_list[ i] == if_index) { white_list[ i].if_index == if_index && hip_netdev_ white_list[ i].if_label, device_name, IF_NAMESIZE)) {
> > + if (hip_netdev_
> > + !strncmp(
[L] maintainability: 'sizeof()' instead of 'IF_NAMESIZE', see above
> > @@ -637,7 +645,7 @@ g_iface- >ifa_name) ), white_list_ count > 0) && (!hip_netdev_ is_in_white_ list(if_ index)) ) { white_list_ count > 0) && (!hip_netdev_ is_in_white_ list(if_ index, g_iface- >ifa_name) )) {
> > HIP_IFEL(!(if_index = if_nametoindex(
> > -1, "if_nametoindex failed\n");
> > /* Check if our interface is in the whitelist */
> > - if ((hip_netdev_
> > + if ((hip_netdev_
[L] style: just a general comment: it would make more sense to move the '> 0' is_in_white_ list()' function so the caller does not
check into the 'hip_netdev_
need to have internal knowledge about the list implementation. Furthermore it's
a really silly performance optimization.
> > @@ -1125,6 +1133,55 @@
> > }
> >
> > /**
> > + * find interface label for a given ip4 or ip6 addr
...