HIPL

Merge lp:~fahad-aizaz/hipl/hipd-relay-config into lp:hipl

  1. hipd-relay-config
  2. Merge into trunk
Proposed by Fahad Aizaz
Status: Needs review
Proposed branch: lp:~fahad-aizaz/hipl/hipd-relay-config
Merge into: lp:hipl
Diff against target: 431 lines (+123/-192)
11 files modified
Makefile.am (+5/-0)
debian/hipl-daemon.dirs (+1/-0)
debian/hipl-daemon.install (+4/-0)
hipd/hipd.conf (+21/-0)
hipd/hiprelay.c (+5/-79)
hipd/hosts (+4/-0)
hipd/init.c (+8/-113)
hipd/nsupdate.conf (+35/-0)
hipd/relay.conf (+32/-0)
packaging/hipl.spec (+4/-0)
packaging/openwrt/hipl/Makefile.in (+4/-0)
To merge this branch: bzr merge lp:~fahad-aizaz/hipl/hipd-relay-config
Reviewer Review Type Date Requested Status
Miika Komu Approve
Diego Biurrun Approve
Review via email: mp+84610@code.launchpad.net

Description of the change

Runtime generation for 'relay.conf' being removed. The configuration file content hard coded into HIP is removed and the configuration file is now distributed with HIPL package.

To post a comment you must log in.
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

 review needs-info

On Tue, Dec 06, 2011 at 01:06:27PM +0000, Fahad Aizaz wrote:
> Fahad Aizaz has proposed merging lp:~fahad-aizaz/hipl/hipd-relay-config into lp:hipl with lp:~fahad-aizaz/hipl/hipd-init-conf as a prerequisite.

This merge request is not compatible with the previous one, as it
incorporates it completely. What are you trying to do?

> --- packaging/hipl.spec 2011-12-01 21:29:13 +0000
> +++ packaging/hipl.spec 2011-12-06 13:05:27 +0000
> @@ -154,6 +154,10 @@
> %{_sbindir}/pisacert
> %{_sbindir}/nsupdate.pl
> %{_initddir}/hipd
> +%config(noreplace) %{_sysconfdir}/hip/hipd.conf
> +%config(noreplace) %{_sysconfdir}/hip/hosts
> +%config(noreplace) %{_sysconfdir}/hip/nsupdate.conf
> +%config(noreplace) %{_sysconfdir}/hip/relay.conf

cf your other merge request

Diego

review: Needs Information
Reply
Revision history for this message
Fahad Aizaz (fahad-aizaz) wrote :

On 12/06/2011 11:43 PM, Diego Biurrun wrote:
> Review: Needs Information
>
> review needs-info
>
> On Tue, Dec 06, 2011 at 01:06:27PM +0000, Fahad Aizaz wrote:
>> Fahad Aizaz has proposed merging lp:~fahad-aizaz/hipl/hipd-relay-config into lp:hipl with lp:~fahad-aizaz/hipl/hipd-init-conf as a prerequisite.
>
> This merge request is not compatible with the previous one, as it
> incorporates it completely. What are you trying to do?
>
>> --- packaging/hipl.spec 2011-12-01 21:29:13 +0000
>> +++ packaging/hipl.spec 2011-12-06 13:05:27 +0000
>> @@ -154,6 +154,10 @@
>> %{_sbindir}/pisacert
>> %{_sbindir}/nsupdate.pl
>> %{_initddir}/hipd
>> +%config(noreplace) %{_sysconfdir}/hip/hipd.conf
>> +%config(noreplace) %{_sysconfdir}/hip/hosts
>> +%config(noreplace) %{_sysconfdir}/hip/nsupdate.conf
>> +%config(noreplace) %{_sysconfdir}/hip/relay.conf

Yes, you are right but I don't understand how this happened because I
created a branch of my other (the one proposed for merging) branch. And
made changed to it.

I don't understand why launchpad didn't start from where I committed my
previous changes.

Fahad

Reply
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

On Wed, Dec 07, 2011 at 03:04:23AM +0000, Fahad Aizaz wrote:
> On 12/06/2011 11:43 PM, Diego Biurrun wrote:
> > On Tue, Dec 06, 2011 at 01:06:27PM +0000, Fahad Aizaz wrote:
> >> Fahad Aizaz has proposed merging lp:~fahad-aizaz/hipl/hipd-relay-config into lp:hipl with lp:~fahad-aizaz/hipl/hipd-init-conf as a prerequisite.
> >
> > This merge request is not compatible with the previous one, as it
> > incorporates it completely. What are you trying to do?
>
> Yes, you are right but I don't understand how this happened because I
> created a branch of my other (the one proposed for merging) branch. And
> made changed to it.
>
> I don't understand why launchpad didn't start from where I committed my
> previous changes.

Because the merge proposal is for trunk, not for your other branch.
Thus what gets submitted is the diff to trunk, not to your other branch.

That said, I notice that launchpad did speak about branch prerequisites:

  Fahad Aizaz has proposed merging lp:~fahad-aizaz/hipl/hipd-relay-config
  into lp:hipl with lp:~fahad-aizaz/hipl/hipd-init-conf as a prerequisite.

Sometimes I long for git ...

Diego

Reply
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

 review approve

On Tue, Dec 06, 2011 at 01:06:27PM +0000, Fahad Aizaz wrote:
> Fahad Aizaz has proposed merging lp:~fahad-aizaz/hipl/hipd-relay-config into lp:hipl with lp:~fahad-aizaz/hipl/hipd-init-conf as a prerequisite.

So I am going to finally approve this, just note the change I mention
below and one more thing: The history of both your branches is confusing
and not particularly enlightening, so just squash this branch into one
commit and push that. See the '--forget-merges' parameter of bzr revert.

> --- hipd/hiprelay.c 2011-11-29 11:37:54 +0000
> +++ hipd/hiprelay.c 2011-12-06 13:05:27 +0000
> @@ -1401,23 +1340,10 @@
> "Unable to initialize HIP relay / RVS database.\n");
> HIP_IFEL(relwl_init(), -1,
> "Unable to initialize HIP relay / RVS whitelist.\n");
> -
> - if (relay_read_config() == -ENOENT) {
> - HIP_ERROR("The configuration file \"%s\" could not be read.\n"
> - "Trying to write a new configuration file from "
> - "scratch.\n", HIP_RELAY_CONFIG_FILE);
> - if (relay_write_config() == -ENOENT) {
> - HIP_ERROR("Could not create a configuration file "
> - "\"%s\".\n", HIP_RELAY_CONFIG_FILE);
> - } else {
> - HIP_DEBUG("Created a new configuration file \"%s\".\n",
> - HIP_RELAY_CONFIG_FILE);
> - }
> - } else {
> - HIP_DEBUG("Read configuration file \"%s\" successfully.\n",
> - HIP_RELAY_CONFIG_FILE);
> - }
> -
> + HIP_IFEL(relay_read_config(), -ENOENT,
> + "Loading configuration file failed.\n");
> + HIP_DEBUG("Read configuration file \"%s\" successfully.\n",
> + HIP_RELAY_CONFIG_FILE);
> out_err:
> if (hiprelay_wl == NULL) {
> relht_uninit();

Do not remove the empty line before the goto label.

Diego

review: Approve
Reply
Revision history for this message
Miika Komu (miika-iki) wrote :

Fine by me, good work!

review: Approve
Reply
Revision history for this message
Fahad Aizaz (fahad-aizaz) wrote :

On 12/07/2011 09:16 AM, Diego Biurrun wrote:
> Review: Approve

So I have been reading documentation about bazaar in relation to 'bzr
revert' with --forget-merges. Since the second branch contains changes
also from the first branch that I uploaded for review.

Okay, since I am not really confident with bazaar (still) and I don't
want to mess the main trunk, Is it okay that I merge the first
'approved' branch and then merge the second one. I am sure the way you
have suggested would be easier but I don't fully understand it and I am
short on time. (I have to push another branch related to firewall
configuration file)

So please let me know if this is fine.

regards
Fahad

Reply
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

On Fri, Dec 09, 2011 at 04:31:28AM +0000, Fahad Aizaz wrote:
> On 12/07/2011 09:16 AM, Diego Biurrun wrote:
> > Review: Approve
>
> So I have been reading documentation about bazaar in relation to 'bzr
> revert' with --forget-merges. Since the second branch contains changes
> also from the first branch that I uploaded for review.

The second branch does not "contain changes from" the first branch,
it is a strict superset.

> Okay, since I am not really confident with bazaar (still) and I don't
> want to mess the main trunk, Is it okay that I merge the first
> 'approved' branch and then merge the second one.

No.

Try the merge you propose (into a sandbox branch) and witness the result.
You will get a huge number of conflicts due to the related changes.

> I am sure the way you have suggested would be easier but I don't fully
> understand it and I am short on time.

I suggested two things:

1) Only merge the second branch.
2) Drop the history of the second branch.

How to do 1) and why it is easier should be obvious.

You can achieve 2) by

- merging hipd-relay-config into your trunk (or whatever) branch
- running "bzr revert --forget-merges" in that branch so that the
  changes remain, but the merged history is dropped
- committing all the changes and
- pushing the resulting commit to the central repository.

You should peruse the Bazaar manual some more. Here's a sensible
point to start:

http://doc.bazaar.canonical.com/bzr.2.4/en/user-guide/adv_merging.html

Diego

Reply
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

On Fri, Dec 09, 2011 at 03:58:46PM +0100, Diego Biurrun wrote:
> [... lengthy explanation that was ignored ...]

So I take the time to elaborate and explain how to merge this properly
and outline two alternative ways to go about this correctly that would
result in either a single merge or a single commit.

Instead of picking one of those two, you instead decide to split your
work arbitrarily and push seven commits, six of which are broken in
different ways and all of which have bad log messages.

Why?

Diego

Reply
Revision history for this message
Fahad Aizaz (fahad-aizaz) wrote :

On 12/12/2011 08:34 PM, Diego Biurrun wrote:
> On Fri, Dec 09, 2011 at 03:58:46PM +0100, Diego Biurrun wrote:
>> [... lengthy explanation that was ignored ...]
>
> So I take the time to elaborate and explain how to merge this properly
> and outline two alternative ways to go about this correctly that would
> result in either a single merge or a single commit.
>
> Instead of picking one of those two, you instead decide to split your
> work arbitrarily and push seven commits, six of which are broken in
> different ways and all of which have bad log messages.

1) Only merge the second branch.
2) Drop the history of the second branch.

- merging hipd-relay-config into your trunk (or whatever) branch
- running "bzr revert --forget-merges" in that branch so that the
   changes remain, but the merged history is dropped
- committing all the changes and
- pushing the resulting commit to the central repository.

I followed what you mentioned in your email.

1. I discarded the first branch.
2. Merged 2nd on into a sandbox (branch) and I didn't find any
    conflicts.
3. Merged this branch into trunk with and used
    bzr revert --forget-merges switch to remove all the history.
4. I committed the changes into the trunk any typed all log messages
    again.

Fahad

Reply
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

On Mon, Dec 12, 2011 at 08:52:24PM +0000, Fahad Aizaz wrote:
> On 12/12/2011 08:34 PM, Diego Biurrun wrote:
> > On Fri, Dec 09, 2011 at 03:58:46PM +0100, Diego Biurrun wrote:
> >> [... lengthy explanation that was ignored ...]
> >
> > So I take the time to elaborate and explain how to merge this properly
> > and outline two alternative ways to go about this correctly that would
> > result in either a single merge or a single commit.
> >
> > Instead of picking one of those two, you instead decide to split your
> > work arbitrarily and push seven commits, six of which are broken in
> > different ways and all of which have bad log messages.
>
> 1) Only merge the second branch.
> 2) Drop the history of the second branch.
>
> - merging hipd-relay-config into your trunk (or whatever) branch
> - running "bzr revert --forget-merges" in that branch so that the
> changes remain, but the merged history is dropped
> - committing all the changes and
> - pushing the resulting commit to the central repository.
>
> I followed what you mentioned in your email.
>
> 1. I discarded the first branch.
> 2. Merged 2nd on into a sandbox (branch) and I didn't find any
> conflicts.
> 3. Merged this branch into trunk with and used
> bzr revert --forget-merges switch to remove all the history.

Good so far - note the operative term here: remove all the history.

> 4. I committed the changes into the trunk any typed all log messages
> again.

So now you are recreating the history which I told you to drop!

I told you to commit *all* the changes, not split the changes into
multiple commits again. And I told you to push the resulting commit
to the central repository. Note the singular, it should have been a
single one.

You have some very deep-seated misunderstandings about what a commit is
and what it should do. A commit must be atomic and it must work.

None of the commits you pushed fit that bill, most don't even compile, at
least on some platform, but trunk must *always* compile[1]. And related
changes *must* be grouped into one commit, not split arbitrarily by files
as you did.

Also your log messages are bad. You should describe what the commit does
and why, not just list the files created or touched by the commit. This
information is already in the Bazaar metadata.

I notice that HIPL's HACKING document does not say much about the subject,
so go read PISA's HACKING document again instead. Some of that and more
will need to get ported over...

Diego

[1] Hey, of course people may sometimes screw up, but not knowingly.
That's why we have private branches. To screw up in private and then
push a cleaned-up history without the messups.

Reply

Unmerged revisions

6193. By Fahad Aizaz

Updating multiple packages to handle 'relay.conf' file.

6192. By Fahad Aizaz

Adding 'relay.conf' to Makefile.am

6191. By Fahad Aizaz

Configuration file 'relay.conf' as part of HIP package.

6190. By Fahad Aizaz

Runtime generation for configuration file 'relay.conf' needs to be removed.

6189. By Fahad Aizaz

Stylecheck fix

6188. By Fahad Aizaz

The runtime generation of configuration files needs to be removed.

The changes made to 'init.c' removes the run-time generation of the
the following configuration files:

hipd.conf
hosts
nsupdate.conf

6187. By Fahad Aizaz

The OpenWRT package needs to be updated for configuration files.

The following configuration files are part of OpenWRT package:

hipd.conf
hosts
nsupdate.conf

6186. By Fahad Aizaz

The RPM package needs to be updated for configuration files.

The following configuration files are part of RPM package:

hipd.conf
hosts
nsupdate.conf

6185. By Fahad Aizaz

The configuration files need to be added to the Makefile.am.

The following configuration files are part of Makefile.am

hipd.conf
hosts
nsupdate.conf

6184. By Fahad Aizaz

Fix merge conflict

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'Makefile.am'
2--- Makefile.am 2011-11-25 13:52:20 +0000
3+++ Makefile.am 2011-12-06 13:05:27 +0000
4@@ -134,6 +134,11 @@
5 modules/midauth/hipd/midauth.c \
6 hipd/main.c
7
8+dist_sysconf_DATA = hipd/hipd.conf \
9+ hipd/hosts \
10+ hipd/nsupdate.conf \
11+ hipd/relay.conf
12+
13 hipfw_hipfw_sources = hipfw/cache.c \
14 hipfw/dlist.c \
15 hipfw/esp_prot_api.c \
16
17=== modified file 'debian/hipl-daemon.dirs'
18--- debian/hipl-daemon.dirs 2010-12-28 16:53:40 +0000
19+++ debian/hipl-daemon.dirs 2011-12-06 13:05:27 +0000
20@@ -1,1 +1,2 @@
21 usr/sbin
22+etc/hip
23
24=== modified file 'debian/hipl-daemon.install'
25--- debian/hipl-daemon.install 2010-12-28 16:53:40 +0000
26+++ debian/hipl-daemon.install 2011-12-06 13:05:27 +0000
27@@ -2,3 +2,7 @@
28 debian/tmp/usr/sbin/hipconf usr/sbin/
29 debian/tmp/usr/sbin/pisacert usr/sbin/
30 debian/tmp/usr/sbin/nsupdate.pl usr/sbin/
31+debian/tmp/etc/hip/hipd.conf etc/hip/
32+debian/tmp/etc/hip/hosts etc/hip/
33+debian/tmp/etc/hip/nsupdate.conf etc/hip/
34+debian/tmp/etc/hip/relay.conf etc/hip/
35
36=== added file 'hipd/hipd.conf'
37--- hipd/hipd.conf 1970-01-01 00:00:00 +0000
38+++ hipd/hipd.conf 2011-12-06 13:05:27 +0000
39@@ -0,0 +1,21 @@
40+# Format of this file is as with hipconf, but without "hipconf daemon" prefix
41+# add hi default # add all four HITs (see bug id 592127)
42+# add map HIT IP # preload some HIT-to-IP mappings to hipd
43+# add service rvs # the host acts as HIP rendezvous (also see relay.conf)
44+# add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server
45+# add server relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to relay server
46+# add server full-relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to relay server
47+hit-to-ip on # resolve HITs to locators in dynamic DNS zone
48+# hit-to-ip set hit-to-ip.infrahip.net. # resolve HITs to locators in dynamic DNS zone
49+nsupdate on # send dynamic DNS updates
50+# add server rvs hiprvs.infrahip.net 50000 # Register to free RVS at infrahip
51+# heartbeat 10 # send ICMPv6 messages inside HIP tunnels
52+# locator on # host sends all of its locators in base exchange
53+# shotgun on # use all possible src/dst IP combinations to send I1/UPDATE
54+# broadcast on # broadcast to LAN if no matching IP address found
55+# opp normal|advanced|none
56+# transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL)
57+nat plain-udp # use UDP capsulation (for NATted environments)
58+#nat port local 11111 # change local default UDP port
59+#nat port peer 22222 # change local peer UDP port
60+debug medium # debug verbosity: all, medium, low or none
61
62=== modified file 'hipd/hiprelay.c'
63--- hipd/hiprelay.c 2011-11-29 11:37:54 +0000
64+++ hipd/hiprelay.c 2011-12-06 13:05:27 +0000
65@@ -661,6 +661,7 @@
66
67 return ((struct lhash_st *) hiprelay_wl)->num_items;
68 }
69+
70 #endif /* CONFIG_HIP_DEBUG */
71
72 /** A callback wrapper of the prototype required by @c lh_doall(). */
73@@ -811,68 +812,6 @@
74 }
75
76 /**
77- * Writes RVS / HIP Relay configuration file with default content. Writes a RVS
78- * / HIP Relay configuration file to @c HIP_RELAY_CONFIG_FILE. The file is
79- * opened with "w" argument mode, which means that a possibly existing file is
80- * truncated to zero length.
81- *
82- * @return zero on success, -ENOENT if the file could not be opened for writing.
83- * @note Truncates existing file to zero length.
84- */
85-static int relay_write_config(void)
86-{
87- int err = 0;
88- FILE *fp = NULL;
89-
90- HIP_IFEL((fp = fopen(HIP_RELAY_CONFIG_FILE, "w")) == NULL, -ENOENT,
91- "Cannot open file %s for writing.\n", HIP_RELAY_CONFIG_FILE);
92-
93- fprintf(fp,
94- "# HIP relay / RVS configuration file.\n"
95- "#\n"
96- "# This file consists of stanzas of the following form:\n"
97- "#\n"
98- "# parametername = \"value1\", \"value2\", ... \"valueN\"\n"
99- "#\n"
100- "# where there can be as many values as needed per line with the limitation of\n"
101- "# total line length of %d characters. The 'parametername' is at most %d\n"
102- "# characters long and 'values' are at most %d characters long. A value itself\n"
103- "# may not contain a '%c' character.\n"
104- "#\n"
105- "# The '%c' character is used for comments. End of line comments are not allowed.\n"
106- "\n"
107- "# Relay whitelist status. When this is set to 'yes', only clients whose HIT is\n"
108- "# listed on the whitelist are allowed to register to the relay / RVS service.\n"
109- "# When this is set to 'no', any client is allowed to register. This defaults as\n"
110- "# 'yes' when no value is given.\n"
111- "whitelist_enabled = \"no\"\n"
112- "\n"
113- "# Relay whitelist. The HITs of the clients that are allowed to register to\n"
114- "# the relay / RVS service. You may use multiple stanzas of the same name.\n"
115- "whitelist = \"\"\n"
116- "\n"
117- "# The minimum number of seconds the relay / RVS client is granted the service.\n"
118- "# If the service request defines a value smaller than this value, this value is\n"
119- "# used.\n"
120- "minimum_lifetime = \"60\"\n"
121- "\n"
122- "# The maximum number of seconds the relay / RVS client is granted the service.\n"
123- "# If the service request defines a value bigger than this value, this value is\n"
124- "# used.\n"
125- "maximum_lifetime = \"3600\"\n",
126- HIP_RELAY_MAX_LINE_LEN, HIP_RELAY_MAX_PAR_LEN,
127- HIP_RELAY_MAX_VAL_LEN, HIP_RELAY_VAL_SEP, HIP_RELAY_COMMENT);
128-
129- if (fclose(fp) != 0) {
130- HIP_ERROR("Cannot close file %s.\n", HIP_RELAY_CONFIG_FILE);
131- }
132-
133-out_err:
134-
135- return err;
136-}
137-
138-/**
139 * forward a control packet in relay or rvs mode
140 *
141 * @param ctx the packet context corresponding to the packet
142@@ -1401,23 +1340,10 @@
143 "Unable to initialize HIP relay / RVS database.\n");
144 HIP_IFEL(relwl_init(), -1,
145 "Unable to initialize HIP relay / RVS whitelist.\n");
146-
147- if (relay_read_config() == -ENOENT) {
148- HIP_ERROR("The configuration file \"%s\" could not be read.\n"
149- "Trying to write a new configuration file from "
150- "scratch.\n", HIP_RELAY_CONFIG_FILE);
151- if (relay_write_config() == -ENOENT) {
152- HIP_ERROR("Could not create a configuration file "
153- "\"%s\".\n", HIP_RELAY_CONFIG_FILE);
154- } else {
155- HIP_DEBUG("Created a new configuration file \"%s\".\n",
156- HIP_RELAY_CONFIG_FILE);
157- }
158- } else {
159- HIP_DEBUG("Read configuration file \"%s\" successfully.\n",
160- HIP_RELAY_CONFIG_FILE);
161- }
162-
163+ HIP_IFEL(relay_read_config(), -ENOENT,
164+ "Loading configuration file failed.\n");
165+ HIP_DEBUG("Read configuration file \"%s\" successfully.\n",
166+ HIP_RELAY_CONFIG_FILE);
167 out_err:
168 if (hiprelay_wl == NULL) {
169 relht_uninit();
170
171=== added file 'hipd/hosts'
172--- hipd/hosts 1970-01-01 00:00:00 +0000
173+++ hipd/hosts 2011-12-06 13:05:27 +0000
174@@ -0,0 +1,4 @@
175+# This file stores the HITs of the hosts, in a similar fashion to /etc/hosts.
176+# The aliases are optional. Examples:
177+#2001:1e:361f:8a55:6730:6f82:ef36:2fff kyle kyle.com # This is a HIT with alias
178+#2001:17:53ab:9ff1:3cba:15f:86d6:ea2e kenny # This is a HIT without alias
179
180=== modified file 'hipd/init.c'
181--- hipd/init.c 2011-11-29 11:37:54 +0000
182+++ hipd/init.c 2011-12-06 13:05:27 +0000
183@@ -141,117 +141,6 @@
184 }
185
186 /**
187- * Create a file with the given contents unless it already exists
188- *
189- * @param path the file with its path
190- * @param contents a string to write to the file
191- */
192-static void create_file_unless_exists(const char *path, const char *contents)
193-{
194- struct stat status;
195- FILE *fp;
196- size_t items;
197-
198- if (stat(path, &status) == 0) {
199- return;
200- }
201-
202- fp = fopen(path, "w");
203- HIP_ASSERT(fp);
204- items = fwrite(contents, strlen(contents), 1, fp);
205- HIP_ASSERT(items > 0);
206- fclose(fp);
207-}
208-
209-#define HIPL_CONFIG_FILE_EX \
210- "# Format of this file is as with hipconf, but without \"hipconf daemon\" prefix\n\
211-# add hi default # add all four HITs (see bug id 592127)\n\
212-# add map HIT IP # preload some HIT-to-IP mappings to hipd\n\
213-# add service rvs # the host acts as HIP rendezvous (also see relay.conf)\n\
214-# add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server\n\
215-# add server relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to relay server\n\
216-# add server full-relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to relay server\n\
217-hit-to-ip on # resolve HITs to locators in dynamic DNS zone\n\
218-# hit-to-ip set hit-to-ip.infrahip.net. # resolve HITs to locators in dynamic DNS zone\n\
219-nsupdate on # send dynamic DNS updates\n\
220-# add server rvs hiprvs.infrahip.net 50000 # Register to free RVS at infrahip\n\
221-# heartbeat 10 # send ICMPv6 messages inside HIP tunnels\n\
222-# locator on # host sends all of its locators in base exchange\n\
223-# shotgun on # use all possible src/dst IP combinations to send I1/UPDATE\n\
224-# broadcast on # broadcast to LAN if no matching IP address found\n\
225-# opp normal|advanced|none\n\
226-# transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL)\n\
227-nat plain-udp # use UDP capsulation (for NATted environments)\n\
228-#nat port local 11111 # change local default UDP port\n\
229-#nat port peer 22222 # change local peer UDP port\n\
230-debug medium # debug verbosity: all, medium, low or none\n"
231-
232-#define HIPL_HOSTS_FILE_EX \
233- "# This file stores the HITs of the hosts, in a similar fashion to /etc/hosts.\n\
234-# The aliases are optional. Examples:\n\
235-#2001:1e:361f:8a55:6730:6f82:ef36:2fff kyle kyle.com # This is a HIT with alias\n\
236-#2001:17:53ab:9ff1:3cba:15f:86d6:ea2e kenny # This is a HIT without alias\n"
237-
238-#define HIPL_NSUPDATE_CONF_FILE HIPL_SYSCONFDIR "/nsupdate.conf"
239-
240-#define HIPL_NSUPDATE_CONF_FILE_EX \
241- "##########################################################\n" \
242- "# configuration examples\n" \
243- "##########################################################\n" \
244- "# update records for 5.7.d.1.c.c.8.d.0.6.3.b.a.4.6.2.5.0.5.2.e.4.7.5.e.1.0.0.1.0.0.2.hit-to-ip.infrahip.net.\n" \
245- "# $HIT_TO_IP_ZONE = 'hit-to-ip.infrahip.net.';\n" \
246- "# or in some other zone\n" \
247- "# $HIT_TO_IP_ZONE = 'hit-to-ip.example.org.';\n" \
248- "\n" \
249- "# update is sent to SOA if server empty\n" \
250- "# $HIT_TO_IP_SERVER = '';\n" \
251- "# or you may define it \n" \
252- "# $HIT_TO_IP_SERVER = 'ns.example.net.';\n" \
253- "\n" \
254- "# name of key if you configured it on the server\n" \
255- "# please also chown this file to nobody and chmod 400\n" \
256- "# $HIT_TO_IP_KEY_NAME='key.hit-to-ip';\n" \
257- "# $HIT_TO_IP_KEY_NAME = '';\n" \
258- "\n" \
259- "# secret of that key\n" \
260- "# $HIT_TO_IP_KEY_SECRET='Ousu6700S9sfYSL4UIKtvnxY4FKwYdgXrnEgDAu/rmUAoyBGFwGs0eY38KmYGLT1UbcL/O0igGFpm+NwGftdEQ==';\n" \
261- "# $HIT_TO_IP_KEY_SECRET = '';\n" \
262- "\n" \
263- "# TTL inserted for the records\n" \
264- "# $HIT_TO_IP_TTL = 1;\n" \
265- "###########################################################\n" \
266- "# domain with ORCHID prefix \n" \
267- "# $REVERSE_ZONE = '1.0.0.1.0.0.2.ip6.arpa.'; \n" \
268- "# \n" \
269- "# $REVERSE_SERVER = 'ptr-soa-hit.infrahip.net.'; # since SOA 1.0.0.1.0.0.2.ip6.arpa. is dns1.icann.org. now\n" \
270- "# $REVERSE_KEY_NAME = '';\n" \
271- "# $REVERSE_KEY_SECRET = '';\n" \
272- "# $REVERSE_TTL = 86400;\n" \
273- "# System hostname is used if empty\n" \
274- "# $REVERSE_HOSTNAME = 'stargazer-hit.pc.infrahip.net';\n" \
275- "###########################################################\n"
276-
277-/**
278- * load hipd configuration files
279- */
280-static void load_configuration(void)
281-{
282- const char *cfile = "default";
283-
284- create_file_unless_exists(HIPL_CONFIG_FILE, HIPL_CONFIG_FILE_EX);
285-
286- create_file_unless_exists(HIPL_HOSTS_FILE, HIPL_HOSTS_FILE_EX);
287-
288- create_file_unless_exists(HIPL_NSUPDATE_CONF_FILE, HIPL_NSUPDATE_CONF_FILE_EX);
289-
290- /* Load the configuration. The configuration is loaded as a sequence
291- * of hipd system calls. Assumably the user socket buffer is large
292- * enough to buffer all of the hipconf commands.. */
293-
294- hip_conf_handle_load(NULL, 0, &cfile, 1, 1);
295-}
296-
297-/**
298 * initialize OS-dependent variables
299 */
300 static void set_os_dep_variables(void)
301@@ -1145,7 +1034,11 @@
302 sizeof(daemon_addr)), -1,
303 "Bind on daemon addr failed\n");
304
305- load_configuration();
306+ const char *cfile = "default";
307+ if (hip_conf_handle_load(NULL, 0, &cfile, 1, 1) == -1) {
308+ HIP_ERROR("Loading configuration file failed.\n");
309+ return -1;
310+ }
311
312 certerr = 0;
313 certerr = init_certs();
314@@ -1158,7 +1051,9 @@
315
316 #ifdef CONFIG_HIP_RVS
317 HIP_INFO("Initializing HIP relay / RVS.\n");
318- hip_relay_init();
319+ if (hip_relay_init() == -ENOENT) {
320+ return -ENOENT;
321+ }
322 #endif
323
324 if (flags & HIPD_START_LOWCAP) {
325
326=== added file 'hipd/nsupdate.conf'
327--- hipd/nsupdate.conf 1970-01-01 00:00:00 +0000
328+++ hipd/nsupdate.conf 2011-12-06 13:05:27 +0000
329@@ -0,0 +1,35 @@
330+##########################################################
331+# configuration examples
332+##########################################################
333+# update records for 5.7.d.1.c.c.8.d.0.6.3.b.a.4.6.2.5.0.5.2.e.4.7.5.e.1.0.0.1.0.0.2.hit-to-ip.infrahip.net.
334+# $HIT_TO_IP_ZONE = 'hit-to-ip.infrahip.net.';
335+# or in some other zone
336+# $HIT_TO_IP_ZONE = 'hit-to-ip.example.org.';
337+
338+# update is sent to SOA if server empty
339+# $HIT_TO_IP_SERVER = '';
340+# or you may define it
341+# $HIT_TO_IP_SERVER = 'ns.example.net.';
342+
343+# name of key if you configured it on the server
344+# please also chown this file to nobody and chmod 400
345+# $HIT_TO_IP_KEY_NAME='key.hit-to-ip';
346+# $HIT_TO_IP_KEY_NAME = '';
347+
348+# secret of that key
349+# $HIT_TO_IP_KEY_SECRET='Ousu6700S9sfYSL4UIKtvnxY4FKwYdgXrnEgDAu/rmUAoyBGFwGs0eY38KmYGLT1UbcL/O0igGFpm+NwGftdEQ==';
350+# $HIT_TO_IP_KEY_SECRET = '';
351+
352+# TTL inserted for the records
353+# $HIT_TO_IP_TTL = 1;
354+###########################################################
355+# domain with ORCHID prefix
356+# $REVERSE_ZONE = '1.0.0.1.0.0.2.ip6.arpa.';
357+#
358+# $REVERSE_SERVER = 'ptr-soa-hit.infrahip.net.'; # since SOA 1.0.0.1.0.0.2.ip6.arpa. is dns1.icann.org. now
359+# $REVERSE_KEY_NAME = '';
360+# $REVERSE_KEY_SECRET = '';
361+# $REVERSE_TTL = 86400;
362+# System hostname is used if empty
363+# $REVERSE_HOSTNAME = 'stargazer-hit.pc.infrahip.net';
364+###########################################################
365
366=== added file 'hipd/relay.conf'
367--- hipd/relay.conf 1970-01-01 00:00:00 +0000
368+++ hipd/relay.conf 2011-12-06 13:05:27 +0000
369@@ -0,0 +1,32 @@
370+# HIP relay / RVS configuration file.
371+#
372+# This file consists of stanzas of the following form:
373+#
374+# parametername = "value1", "value2", ... "valueN"
375+#
376+# where there can be as many values as needed per line with the limitation of
377+# total line length of 2048 characters. The 'parametername' is at most 32
378+# characters long and 'values' are at most 64 characters long. A value itself
379+# may not contain a ',' character.
380+#
381+# The '#' character is used for comments. End of line comments are not allowed.
382+
383+# Relay whitelist status. When this is set to 'yes', only clients whose HIT is
384+# listed on the whitelist are allowed to register to the relay / RVS service.
385+# When this is set to 'no', any client is allowed to register. This defaults as
386+# 'yes' when no value is given.
387+whitelist_enabled = "no"
388+
389+# Relay whitelist. The HITs of the clients that are allowed to register to
390+# the relay / RVS service. You may use multiple stanzas of the same name.
391+whitelist = ""
392+
393+# The minimum number of seconds the relay / RVS client is granted the service.
394+# If the service request defines a value smaller than this value, this value is
395+# used.
396+minimum_lifetime = "60"
397+
398+# The maximum number of seconds the relay / RVS client is granted the service.
399+# If the service request defines a value bigger than this value, this value is
400+# used.
401+maximum_lifetime = "3600"
402
403=== modified file 'packaging/hipl.spec'
404--- packaging/hipl.spec 2011-12-01 21:29:13 +0000
405+++ packaging/hipl.spec 2011-12-06 13:05:27 +0000
406@@ -154,6 +154,10 @@
407 %{_sbindir}/pisacert
408 %{_sbindir}/nsupdate.pl
409 %{_initddir}/hipd
410+%config(noreplace) %{_sysconfdir}/hip/hipd.conf
411+%config(noreplace) %{_sysconfdir}/hip/hosts
412+%config(noreplace) %{_sysconfdir}/hip/nsupdate.conf
413+%config(noreplace) %{_sysconfdir}/hip/relay.conf
414
415 %files dnsproxy
416 %{_sbindir}/hipdnsproxy
417
418=== modified file 'packaging/openwrt/hipl/Makefile.in'
419--- packaging/openwrt/hipl/Makefile.in 2011-12-01 13:34:53 +0000
420+++ packaging/openwrt/hipl/Makefile.in 2011-12-06 13:05:27 +0000
421@@ -73,6 +73,10 @@
422 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/hipd $(1)/usr/sbin/
423 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/hipconf $(1)/usr/sbin/
424 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/hipdnsproxy $(1)/usr/sbin/
425+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/hip/hipd.conf $(1)/etc/hip/
426+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/hip/hosts $(1)/etc/hip/
427+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/hip/nsupdate.conf $(1)/etc/hip/
428+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/hip/relay.conf $(1)/etc/hip/
429 endef
430
431 define Package/hipl-firewall/install

Subscribers

People subscribed via source and target branches

to all changes: