HIPL

Merge lp:~hipl-core/hipl/libhip into lp:hipl

  1. libhip
  2. Merge into trunk
Proposed by Xin
Status: Superseded
Proposed branch: lp:~hipl-core/hipl/libhip
Merge into: lp:hipl
Diff against target: 3358 lines (+2303/-268)
42 files modified
.bzrignore (+1/-0)
Makefile.am (+72/-58)
doc/HOWTO.xml.in (+125/-1)
hipd/hipd.c (+8/-99)
hipd/main.c (+2/-2)
hipfw/hipfw.c (+1/-1)
lib/core/crypto.h (+2/-2)
lib/core/hostid.c (+10/-3)
lib/core/linkedlist.c (+25/-0)
lib/core/linkedlist.h (+2/-0)
lib/core/message.c (+75/-1)
lib/core/message.h (+1/-0)
lib/hipdaemon/esp_prot_hipd_msg.c (+4/-0)
lib/hipdaemon/hadb.c (+32/-1)
lib/hipdaemon/hidb.c (+9/-7)
lib/hipdaemon/hip_socket.c (+24/-0)
lib/hipdaemon/hip_socket.h (+9/-0)
lib/hipdaemon/hipd.h (+4/-32)
lib/hipdaemon/init.c (+275/-5)
lib/hipdaemon/init.h (+2/-0)
lib/hipdaemon/input.c (+5/-0)
lib/hipdaemon/maintenance.c (+28/-0)
lib/hipdaemon/maintenance.h (+2/-1)
lib/hipdaemon/nat.c (+1/-0)
lib/hipdaemon/netdev.c (+35/-7)
lib/hipdaemon/netdev.h (+20/-2)
lib/hipdaemon/nsupdate.c (+1/-0)
lib/hipdaemon/output.c (+46/-19)
lib/hipdaemon/output.h (+11/-0)
lib/hipdaemon/socket_wrapper.c (+812/-0)
lib/hipdaemon/socket_wrapper.h (+48/-0)
lib/hipdaemon/user.c (+1/-0)
lib/hipdaemon/user_ipsec_hipd_msg.c (+5/-0)
modules/heartbeat/hipd/heartbeat.c (+8/-8)
modules/heartbeat_update/hipd/hb_update.c (+2/-2)
modules/midauth/hipd/midauth.c (+2/-2)
modules/update/hipd/update.c (+11/-11)
modules/update/hipd/update_builder.c (+2/-2)
modules/update/hipd/update_locator.c (+1/-1)
test/check_hipnetcat.c (+208/-0)
test/hipd/lsidb.c (+1/-1)
test/hipnetcat.c (+370/-0)
To merge this branch: bzr merge lp:~hipl-core/hipl/libhip
Reviewer Review Type Date Requested Status
Diego Biurrun Needs Fixing
Miika Komu Abstain
Xin Pending
Review via email: mp+91407@code.launchpad.net

This proposal has been superseded by a proposal from 2012-02-10.

Description of the change

Libhip merge proposal:

The libhip branch mainly aims to provide a convenient way for system test of HIPL without full installation and configuration. In addition to this purpose, it also provides a socket API alike library approach for application to use HIP. Last by not least, since vanilla Linux TCP does not yet support long periods of disconnectivity [1] , libhip can be a solution in this condition.

In the libhip branch, we build a library version of HIP for upper applications, which only exposes traditional socket like API. when using the libhip, hip control messages are transmitted over TCP or UDP, which is similar to TLS/DTLS but we have a unified protocol to handle both datagram and streaming traffic[2]. Compared to TLS/DTLS, this is a big advantage and it may be better use case for HIP[3].

In the libhip, most of code of hipd has been moved to lib/hipdaemon which then becomes a library for both hipd and libhip. By this way, the libhip can reuse the code of hipd to the max extend. This is also the reason why libhip can be a system test approach for hipd, especially in the process of base exchange, the libhip and hipd share the same code base. Meanwhile, the hip daemon, and other functionalities previous exist in the trunk, are kept unchanged and functioning after this merge.

We also implement a sample application called hipnetcat, which is a client-server style application on top of libhip and these 2 sides establish HIP association via BEX before actual data communication. The hipnetcat is integrated into our automatically test framework (check_hipnetcat). In check_hipnetcat, 2 hipnetcat processes try to establish BEX on loopback address on top of TCP/UDP, therefore, the execution of this test suite will check the functionality of base exchange in a system level.

Currently the libhip is still at an eary stage, there are several features waiting for implementation. First there is no support in the firewall; Second, although the control plane base exchange functions well, the data plane security is not implemented yet. We plan to introduce libsrtp for this purpose; Third, the libhip is not thread save yet, because the socket descriptors we use now are global variables; Last, the support of long period disconnectivity we mention in the first paragraph is not included in this merge, there will be another merge request for this feature.

[1] Schutz et al,. Protocol enhancements for intermittently connected hosts, 2005
[2] Komu et al, Technical report: Sockets and Beyond Assessing the Source Code of Network Applications, 2012
[3] Levä et al, Adoption of General-purpose Communication Protocols: the Case of Host Identity Protocol, unpublished manuscript, 2012

To post a comment you must log in.
Revision history for this message
Miika Komu (miika-iki) wrote :

I am advocating this approach, so I think I'll need abstain myself. Feel free to comment both the design and implementation style. Also, I should repeat the point of this merge proposal is the system testing - we did this intermediate step intentionally to avoid an overly long merge proposal.

review: Abstain
Revision history for this message
Diego Biurrun (diego-biurrun) wrote :
Download full text (11.6 KiB)

 review needs-fixing

On Fri, Feb 03, 2012 at 10:58:21AM +0000, Xin wrote:
> Libhip merge proposal:
>
> The libhip branch mainly aims to provide a convenient way for system
> test of HIPL without full installation and configuration. In addition
> to this purpose, it also provides a socket API alike library approach
> for application to use HIP. Last by not least, since vanilla Linux TCP
> does not yet support long periods of disconnectivity [1] , libhip can
> be a solution in this condition.
>
> In the libhip branch, we build a library version of HIP for upper
> applications, which only exposes traditional socket like API. when
> using the libhip, hip control messages are transmitted over TCP or
> UDP, which is similar to TLS/DTLS but we have a unified protocol to
> handle both datagram and streaming traffic[2]. Compared to TLS/DTLS,
> this is a big advantage and it may be better use case for HIP[3].
>
> In the libhip, most of code of hipd has been moved to lib/hipdaemon
> which then becomes a library for both hipd and libhip. By this way,
> the libhip can reuse the code of hipd to the max extend. This is
> also the reason why libhip can be a system test approach for hipd,
> especially in the process of base exchange, the libhip and hipd
> share the same code base. Meanwhile, the hip daemon, and other
> functionalities previous exist in the trunk, are kept unchanged and
> functioning after this merge.
>
> We also implement a sample application called hipnetcat, which is a
> client-server style application on top of libhip and these 2 sides
> establish HIP association via BEX before actual data communication.
> The hipnetcat is integrated into our automatically test framework
> (check_hipnetcat). In check_hipnetcat, 2 hipnetcat processes try to
> establish BEX on loopback address on top of TCP/UDP, therefore, the
> execution of this test suite will check the functionality of base
> exchange in a system level.

Hmmmmmmmmmmmmmmmmmmmmmmm, I'm sceptical. Much of this sounds as if it
were not necessarily tied to librarizing hipd. For example, the system
level test could be done without it. Or maybe I don't yet understand
well enough.

Below are some quick comments on the implementation. Look out for similar
stuff in the other code you add. There is some work ahead before this is
fit for merging.

> --- Makefile.am 2012-01-30 12:28:31 +0000
> +++ Makefile.am 2012-02-03 10:57:21 +0000
> @@ -72,12 +73,15 @@
> test/check_hipfw \
> test/check_lib_core \
> test/check_lib_tool \
> - test/check_modules_midauth
> + test/check_modules_midauth \
> + test/check_hipnetcat
> +
> check_PROGRAMS = test/check_hipd \
> test/check_hipfw \
> test/check_lib_core \
> test/check_lib_tool \
> - test/check_modules_midauth
> + test/check_modules_midauth \
> + test/check_hipnetcat
> endif

That stuff used to be in alphabetical order.

There's more stuff I could complain about in this file, but there's no
point in reviewing at this level yet I th...

review: Needs Fixing
Revision history for this message
Miika Komu (miika-iki) wrote :

> Hmmmmmmmmmmmmmmmmmmmmmmm, I'm sceptical. Much of this sounds as if it
> were not necessarily tied to librarizing hipd. For example, the system
> level test could be done without it.

It could be but we have clearly identified another hidden design goal to boost the adoption of HIP ;)

Thanks for you comments, Xin will work on them to improve the code.

Revision history for this message
Miika Komu (miika-iki) wrote :

Hi,

On 02/07/2012 02:01 PM, Xin Gu wrote:
> On 06/02/12 19:44, Diego Biurrun wrote:
>>> @@ -866,7 +1074,7 @@
>>> * @param signum signal the signal hipd received from OS
>>> */
>>> -static void hip_close(int signum)
>>> +static void hipd_close(int signum)
>>> {
>>> @@ -928,8 +1136,8 @@
>>>
>>> /* Register signal handlers */
>>> - signal(SIGINT, hip_close);
>>> - signal(SIGTERM, hip_close);
>>> + signal(SIGINT, hipd_close);
>>> + signal(SIGTERM, hipd_close);
>>> signal(SIGCHLD, sig_chld);
>> Push that separately.
>>
>>
> Could you explain more here? I didn't get your point.

I believe Diego meant that this should be pushed directly to trunk.

>>> +int hip_bind(int fd, const struct sockaddr *address, socklen_t
>>> address_len)
>>> +{
>>> + int err = 0;
>>> + struct hip_fd_info *fd_info;
>>> + struct sockaddr_storage laddr;
>>> + socklen_t laddr_len = sizeof(laddr);
>>> + uint16_t request_port;
>>> +
>>> + fd_info = hip_socket_get_info(fd);
>>> + HIP_IFEL(!fd_info, -1, "Fd %d is not a hip socket, exiting.\n", fd);
>>> +
>>> + request_port = get_port_from_saddr(address);
>>> + if ((err = bind(fd, address, address_len)) == 0) {
>>> + if (request_port == 0) {
>>> + HIP_IFEL(getsockname(fd, (struct sockaddr *)&laddr,&laddr_len),
>>> + -1, "getsockname() failed\n");
>>> + request_port = get_port_from_saddr((struct sockaddr *)&laddr);
>>> + }
>>> + fd_info->bound_port = ntohs(request_port);
>>> + } else {
>>> + HIP_PERROR("bind error:");
>>> + }
>>> +
>>> + HIP_DEBUG("bind to port %d\n", fd_info->bound_port);
>>> +
>>> +out_err:
>>> + return err;
>>> +}
>> HIP_IFEL abuse, more below
>>
> As a new developer, I am not sure what kind of usage will be defined as
> an abuse. Basically I use HIP_IFEL as a shortcut for code like below:
> if (func()) {
> HIP_ERROR("msg");
> return -1;
> }
> In current code base I can also find similar usage. In HACKING doc there
> is a sample for malloc(). Probably I am wrong, could you also explain
> how to use this macro properly? Thanks.

unless the HIP_IFEL is used for memory deallocation, it should not be
used as a direct "return" is sufficient. Sorry that I forgot mention
about this.

P.S. Please remember to cc the launchpad bug id.

lp:~hipl-core/hipl/libhip updated
4862. By Xin

Fix code style and remove unnecessary memeset
based on Diego's review

4863. By Xin

Replace the inappropriate use of HIP_IFEL.

4864. By Xin

remove redudant library dipendencies.

4865. By Xin

Fix bug in hip_accept.
The second and the third parameters were not return correctly

4866. By Xin

Fix style problems.

4867. By Xin

revert unrelated change

4868. By Xin

Sync with trunk 6281

Revision history for this message
Xin (eric-nevup) wrote :
Download full text (7.3 KiB)

On 08/02/12 20:00, Diego Biurrun wrote:
> review needs-fixing
>
> On Wed, Feb 08, 2012 at 08:43:18AM +0000, Xin wrote:
>> You have been requested to review the proposed merge of lp:~hipl-core/hipl/libhip into lp:hipl.
>>
>> === modified file 'Makefile.am'
>> --- Makefile.am 2012-01-30 12:28:31 +0000
>> +++ Makefile.am 2012-02-07 15:20:56 +0000
>> @@ -64,19 +65,22 @@
>>
>> ### libraries ###
>> lib_LTLIBRARIES = lib/core/libhipcore.la
>> -
>> +lib_LTLIBRARIES += lib/hipdaemon/libhipdaemon.la
>>
>> ### tests ###
> Oh, the poor empty line ...
 Fixed, I didn't notice that there is a style for empty lines
>
>> if HIP_UNITTESTS
>> -TESTS = test/check_hipd \
>> - test/check_hipfw \
>> - test/check_lib_core \
>> - test/check_lib_tool \
>> +TESTS = test/check_hipd \
>> + test/check_hipfw \
>> + test/check_hipnetcat \
>> + test/check_lib_core \
>> + test/check_lib_tool \
>> test/check_modules_midauth
>> -check_PROGRAMS = test/check_hipd \
>> - test/check_hipfw \
>> - test/check_lib_core \
>> - test/check_lib_tool \
>> +
>> +check_PROGRAMS = test/check_hipd \
>> + test/check_hipfw \
>> + test/check_hipnetcat \
>> + test/check_lib_core \
>> + test/check_lib_tool \
>> test/check_modules_midauth
>> endif
> Having to realign all those backslashes is suboptimal. I'll move them
> all to a sensible position in trunk.
 I merged your newest change, which align to column 72, but some new
contents in libhip are long than 72. I align those longer lines to 84
>
>> @@ -86,55 +90,17 @@
>> test_auth_performance_SOURCES = test/auth_performance.c
>> test_certteststub_SOURCES = test/certteststub.c
>> test_dh_performance_SOURCES = test/dh_performance.c
>> -test_fw_port_bindings_performance_SOURCES = test/fw_port_bindings_performance.c \
>> - hipfw/file_buffer.c \
>> +test_fw_port_bindings_performance_SOURCES = hipfw/file_buffer.c \
>> hipfw/line_parser.c \
>> - hipfw/port_bindings.c
>> + hipfw/port_bindings.c \
>> + test/fw_port_bindings_performance.c
> This is unrelated, push to trunk right away.
 Pushed
>> @@ -225,6 +233,8 @@
>> test/hipfw/rewrite.c \
>> $(hipfw_hipfw_sources)
>>
>> +test_check_hipnetcat_SOURCES = test/check_hipnetcat.c
>> +
>> test_check_lib_core_SOURCES = test/check_lib_core.c \
>> test/lib/core/crypto.c \
>> test/lib/core/hit.c \
>> @@ -241,21 +251,35 @@
>> test/modu...

Read more...

Revision history for this message
Diego Biurrun (diego-biurrun) wrote :

On Thu, Feb 09, 2012 at 04:54:32PM +0200, Xin Gu wrote:
> On 08/02/12 20:00, Diego Biurrun wrote:
> >On Wed, Feb 08, 2012 at 08:43:18AM +0000, Xin wrote:
> >>
> >>--- Makefile.am 2012-01-30 12:28:31 +0000
> >>+++ Makefile.am 2012-02-07 15:20:56 +0000
> >>@@ -64,19 +65,22 @@
> >>
> >> ### libraries ###
> >> lib_LTLIBRARIES = lib/core/libhipcore.la
> >>-
> >>+lib_LTLIBRARIES += lib/hipdaemon/libhipdaemon.la
> >>
> >> ### tests ###
> >Oh, the poor empty line ...
> Fixed, I didn't notice that there is a style for empty lines

You shouldn't unintentionally mess with the style of a file.

> >> if HIP_UNITTESTS
> >>-TESTS = test/check_hipd \
> >>- test/check_hipfw \
> >>- test/check_lib_core \
> >>- test/check_lib_tool \
> >>+TESTS = test/check_hipd \
> >>+ test/check_hipfw \
> >>+ test/check_hipnetcat \
> >>+ test/check_lib_core \
> >>+ test/check_lib_tool \
> >> test/check_modules_midauth
> >>-check_PROGRAMS = test/check_hipd \
> >>- test/check_hipfw \
> >>- test/check_lib_core \
> >>- test/check_lib_tool \
> >>+
> >>+check_PROGRAMS = test/check_hipd \
> >>+ test/check_hipfw \
> >>+ test/check_hipnetcat \
> >>+ test/check_lib_core \
> >>+ test/check_lib_tool \
> >> test/check_modules_midauth
> >> endif
> >Having to realign all those backslashes is suboptimal. I'll move them
> >all to a sensible position in trunk.
> I merged your newest change, which align to column 72, but some new
> contents in libhip are long than 72. I align those longer lines to 84

Try to keep lines below 80 characters where easily possible.

And please leave empty lines before and after your text, your mails
are currently unnecessarily hard to read.

Diego

lp:~hipl-core/hipl/libhip updated
4869. By Xin

Code revise based on Diego's 2nd review.

4870. By Xin

Revise document style.

4871. By Xin

Remove useless declarations and definitions.
Found during merge process

4872. By Xin

Change prefix of new API to "hipl_"

4873. By Xin

Improve efficiency of the new list del function
Reduce 2 times of iteration to 1.
Add test method.

4874. By Xin

Code revising based on the comments of Christof.

4875. By Xin

Sync with trunk 6283.

4876. By Xin

Code revising to align to trunk code.

4877. By Xin

Sync with trunk 6285

4878. By Xin

cosmetics: revert removed empty lines.

4879. By Xin

Code revising based on Christof's 2nd review.

Revert back to malloc instead of stack memory, since the path may
be quite unexpected long.
The new linkedlist node delete function is updated to be more
compact.

4880. By Xin

Code revising based on Stefan's review.

Fix the const correctness problem.
Also some fixs on typo and add code comments

4881. By Xin

Fix more const correctness problems

4882. By Xin

Code revising based on Stefan's review.

4883. By Xin

change libhipdaemon to libhipl

4884. By Xin

Sync: trunk 6305

4885. By Xin

Sync: trunk 6328

The new exponential backoff for restranmission has been moved into the libhipl
since it is used by other codes in libhipl.

4886. By Xin

Move hipd.c to lib/hipl

Since hipd.c is also included in lib/hipl, previous changes related to
exp_backoff haven been reverted.

4887. By Xin

Sync: trunk 6332

4888. By Xin

Fix small style issues.

4889. By Xin

Check HIP firewall status before sending RESET message when closing HIP SA.

The "fail and retry" mechanism makes closing time unnecessary long when there
is no HIP firewall. In this case, we should simply skip this process.

4890. By Xin

Fix bug in hipnetcat test programming which causes longger testing time.

Previously, the break statement only exits the inner loop, but its purpose is
to exit the outer loop also.

4891. By Xin

Sync: trunk 6344

4892. By Xin

Eliminate redundant code in control message receiving and handling.

4893. By Xin

Fix issues in doc raised during review.

4894. By Xin

Sync: trunk 6360

4895. By Xin

Remove useless indirection.

4896. By Xin

sync: libhipl-mobility 4899

4897. By Xin

change the type of hipl_socket identifier from int to type hipl_sock_id

4898. By Xin

Sync: libhipl-mobility 4911.

4899. By Xin

Sync: trunk 6364

4900. By Xin

Fix document style and missing header.

4901. By Xin

Improve code style and doxygen documentation.

4902. By Xin

sync: trunk 6370

4903. By Xin

Remove unnecessary changes.

4904. By Xin

Change memcpy to assignments

4905. By Xin

Remove hipnetcat

4906. By Xin

Revise code based on review feedback.

4907. By Xin

Merge trunk and change directory lib/hipl => libhipl/

4908. By Xin

Closing the libhipl socket after unit tests.

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file '.bzrignore'
2--- .bzrignore 2012-01-25 10:44:48 +0000
3+++ .bzrignore 2012-02-09 14:35:25 +0000
4@@ -60,6 +60,7 @@
5 test/dh_performance
6 test/fw_port_bindings_performance
7 test/hc_performance
8+test/hipnetcat
9 tools/hipconf
10 tools/hipdnskeyparse/hipdnskeyparse
11 tools/hipdnsproxy/hipdnsproxy
12
13=== modified file 'Makefile.am'
14--- Makefile.am 2012-02-09 09:30:59 +0000
15+++ Makefile.am 2012-02-09 14:35:25 +0000
16@@ -40,7 +40,8 @@
17 ### user programs ###
18 bin_PROGRAMS = test/auth_performance \
19 test/certteststub \
20- test/hc_performance
21+ test/hc_performance \
22+ test/hipnetcat
23
24 if HIP_PERFORMANCE
25 bin_PROGRAMS += test/dh_performance
26@@ -64,17 +65,21 @@
27
28 ### libraries ###
29 lib_LTLIBRARIES = lib/core/libhipcore.la
30+lib_LTLIBRARIES += lib/hipdaemon/libhipdaemon.la
31
32
33 ### tests ###
34 if HIP_UNITTESTS
35 TESTS = test/check_hipd \
36 test/check_hipfw \
37+ test/check_hipnetcat \
38 test/check_lib_core \
39 test/check_lib_tool \
40 test/check_modules_midauth
41+
42 check_PROGRAMS = test/check_hipd \
43 test/check_hipfw \
44+ test/check_hipnetcat \
45 test/check_lib_core \
46 test/check_lib_tool \
47 test/check_modules_midauth
48@@ -83,58 +88,20 @@
49
50 ### source declarations ###
51
52-test_auth_performance_SOURCES = test/auth_performance.c
53-test_certteststub_SOURCES = test/certteststub.c
54-test_dh_performance_SOURCES = test/dh_performance.c
55-test_fw_port_bindings_performance_SOURCES = hipfw/file_buffer.c \
56- hipfw/line_parser.c \
57- hipfw/port_bindings.c \
58- test/fw_port_bindings_performance.c
59-test_hc_performance_SOURCES = test/hc_performance.c
60+test_auth_performance_SOURCES = test/auth_performance.c
61+test_certteststub_SOURCES = test/certteststub.c
62+test_dh_performance_SOURCES = test/dh_performance.c
63+test_fw_port_bindings_performance_SOURCES = hipfw/file_buffer.c \
64+ hipfw/line_parser.c \
65+ hipfw/port_bindings.c \
66+ test/fw_port_bindings_performance.c
67+test_hc_performance_SOURCES = test/hc_performance.c
68+test_hipnetcat_SOURCES = test/hipnetcat.c
69
70 tools_hipconf_SOURCES = tools/hipconf.c
71 tools_pisacert_SOURCES = tools/pisacert.c
72
73-hipd_hipd_sources = hipd/accessor.c \
74- hipd/cert.c \
75- hipd/close.c \
76- hipd/configfilereader.c \
77- hipd/cookie.c \
78- hipd/dh.c \
79- hipd/esp_prot_anchordb.c \
80- hipd/esp_prot_hipd_msg.c \
81- hipd/esp_prot_light_update.c \
82- hipd/hadb.c \
83- hipd/hidb.c \
84- hipd/hip_socket.c \
85- hipd/hipd.c \
86- hipd/hiprelay.c \
87- hipd/hit_to_ip.c \
88- hipd/init.c \
89- hipd/input.c \
90- hipd/keymat.c \
91- hipd/lsidb.c \
92- hipd/maintenance.c \
93- hipd/nat.c \
94- hipd/netdev.c \
95- hipd/nsupdate.c \
96- hipd/opp_mode.c \
97- hipd/output.c \
98- hipd/pkt_handling.c \
99- hipd/registration.c \
100- hipd/user.c \
101- hipd/user_ipsec_hipd_msg.c \
102- hipd/user_ipsec_sadb_api.c \
103- modules/heartbeat/hipd/heartbeat.c \
104- modules/heartbeat_update/hipd/hb_update.c \
105- modules/midauth/lib/midauth_builder.c \
106- modules/update/hipd/update.c \
107- modules/update/hipd/update_builder.c \
108- modules/update/hipd/update_locator.c \
109- modules/update/hipd/update_param_handling.c
110-
111-hipd_hipd_SOURCES = $(hipd_hipd_sources) \
112- modules/midauth/hipd/midauth.c \
113+hipd_hipd_SOURCES = hipd/hipd.c \
114 hipd/main.c
115
116 dist_sysconf_DATA = hipd/hipd.conf \
117@@ -164,8 +131,7 @@
118 hipfw/user_ipsec_api.c \
119 hipfw/user_ipsec_esp.c \
120 hipfw/user_ipsec_fw_msg.c \
121- hipfw/user_ipsec_sadb.c \
122- modules/midauth/lib/midauth_builder.c
123+ hipfw/user_ipsec_sadb.c
124
125 # The hipfw unit test program is linked against the hipfw object files.
126 # To avoid duplicate symbols during linking some object files need to excluded.
127@@ -210,6 +176,49 @@
128 lib_core_libhipcore_la_SOURCES += lib/core/performance.c
129 endif
130
131+lib_hipdaemon_libhipdaemon_la_sources = lib/hipdaemon/accessor.c \
132+ lib/hipdaemon/cert.c \
133+ lib/hipdaemon/close.c \
134+ lib/hipdaemon/configfilereader.c \
135+ lib/hipdaemon/cookie.c \
136+ lib/hipdaemon/dh.c \
137+ lib/hipdaemon/esp_prot_anchordb.c \
138+ lib/hipdaemon/esp_prot_hipd_msg.c \
139+ lib/hipdaemon/esp_prot_light_update.c \
140+ lib/hipdaemon/hadb.c \
141+ lib/hipdaemon/hidb.c \
142+ lib/hipdaemon/hip_socket.c \
143+ lib/hipdaemon/hiprelay.c \
144+ lib/hipdaemon/hit_to_ip.c \
145+ lib/hipdaemon/init.c \
146+ lib/hipdaemon/input.c \
147+ lib/hipdaemon/keymat.c \
148+ lib/hipdaemon/lsidb.c \
149+ lib/hipdaemon/maintenance.c \
150+ lib/hipdaemon/nat.c \
151+ lib/hipdaemon/netdev.c \
152+ lib/hipdaemon/nsupdate.c \
153+ lib/hipdaemon/opp_mode.c \
154+ lib/hipdaemon/output.c \
155+ lib/hipdaemon/pkt_handling.c \
156+ lib/hipdaemon/registration.c \
157+ lib/hipdaemon/socket_wrapper.c \
158+ lib/hipdaemon/user.c \
159+ lib/hipdaemon/user_ipsec_hipd_msg.c \
160+ lib/hipdaemon/user_ipsec_sadb_api.c \
161+ modules/heartbeat/hipd/heartbeat.c \
162+ modules/heartbeat_update/hipd/hb_update.c \
163+ modules/midauth/lib/midauth_builder.c \
164+ modules/update/hipd/update.c \
165+ modules/update/hipd/update_builder.c \
166+ modules/update/hipd/update_locator.c \
167+ modules/update/hipd/update_param_handling.c
168+
169+lib_hipdaemon_libhipdaemon_la_SOURCES = $(lib_hipdaemon_libhipdaemon_la_sources) \
170+ lib/hipdaemon/pisa.c \
171+ modules/midauth/hipd/midauth.c
172+
173+lib_hipdaemon_libhipdaemon_la_LIBADD = lib/core/libhipcore.la
174
175 test_check_hipd_SOURCES = test/check_hipd.c \
176 test/hipd/lsidb.c
177@@ -225,6 +234,8 @@
178 test/hipfw/rewrite.c \
179 $(hipfw_hipfw_sources)
180
181+test_check_hipnetcat_SOURCES = test/check_hipnetcat.c
182+
183 test_check_lib_core_SOURCES = test/check_lib_core.c \
184 test/lib/core/crypto.c \
185 test/lib/core/hit.c \
186@@ -244,21 +255,24 @@
187
188 ### static library dependencies ###
189
190-hipd_hipd_LDADD = lib/core/libhipcore.la
191-hipfw_hipfw_LDADD = lib/core/libhipcore.la
192+hipd_hipd_LDADD = lib/hipdaemon/libhipdaemon.la
193+hipfw_hipfw_LDADD = lib/hipdaemon/libhipdaemon.la
194 test_auth_performance_LDADD = lib/core/libhipcore.la
195-test_check_hipd_LDADD = lib/core/libhipcore.la
196-test_check_hipfw_LDADD = lib/core/libhipcore.la
197+test_check_hipd_LDADD = lib/hipdaemon/libhipdaemon.la
198+test_check_hipfw_LDADD = lib/hipdaemon/libhipdaemon.la
199+test_check_hipnetcat_LDADD = lib/hipdaemon/libhipdaemon.la
200 test_check_lib_core_LDADD = lib/core/libhipcore.la
201 test_check_lib_tool_LDADD = lib/core/libhipcore.la
202-test_check_modules_midauth_LDADD = lib/core/libhipcore.la
203+test_check_modules_midauth_LDADD = lib/hipdaemon/libhipdaemon.la
204 test_certteststub_LDADD = lib/core/libhipcore.la
205 test_dh_performance_LDADD = lib/core/libhipcore.la
206-test_fw_port_bindings_performance_LDADD = lib/core/libhipcore.la
207-test_hc_performance_LDADD = lib/core/libhipcore.la
208+test_fw_port_bindings_performance_LDADD = lib/hipdaemon/libhipdaemon.la
209+test_hc_performance_LDADD = lib/hipdaemon/libhipdaemon.la
210+test_hipnetcat_LDADD = lib/hipdaemon/libhipdaemon.la
211 tools_hipconf_LDADD = lib/core/libhipcore.la
212 tools_pisacert_LDADD = lib/core/libhipcore.la
213
214+
215 ### dynamic library dependencies ###
216
217 test_check_hipfw_LDFLAGS = -ldl -Wl,-z,muldefs
218
219=== modified file 'doc/HOWTO.xml.in'
220--- doc/HOWTO.xml.in 2012-01-25 10:44:48 +0000
221+++ doc/HOWTO.xml.in 2012-02-09 14:35:25 +0000
222@@ -764,6 +764,58 @@
223 </para>
224 </section> <!-- handover -->
225
226+ <section id="ch_hipnetcat">
227+ <title>Test HIPL by the hipnetcat program</title>
228+ <para>
229+ The hipnetcat can be used to test the base exchange functionality of the HIPL without
230+ installing the HIPL binary. This section explains its usage in detail.
231+ </para>
232+ <para>
233+ The hipnetcat program takes similar parameters as the normal netcat program. In
234+ order to check the functionality of the base exchange, a hipnetcat server and a
235+ hipnetcat client are required.
236+ </para>
237+ <para>
238+ The usage of hipnetcat is shown as follow:
239+ <programlisting>
240+ Usage: hipnetcat [-hlt] [-p source_port] [-s source_ip_address]
241+ [-d dest_port] [peer_identifier[s]]
242+
243+ -h: help
244+ -l: Listening mode, hip netcat acts as the server side.
245+ -t: Using TCP as transportation protocol, otherwise UDP will be used.
246+ </programlisting>
247+ The peer_identifiers can be a list of combination of peer's HIT, IP address and
248+ host name.
249+ </para>
250+ <para>
251+ Example 1: localhost hipnetcat connection via TCP. The server listens on 127.0.0.1:22300
252+ and the client connects from 127.0.0.1:22345 with HIT 2001:1c:809e:244a:c33:78fb:45e3:d132.
253+ <programlisting>
254+ The server:
255+ hipnetcat -l -t -s 127.0.0.1 -p 22300
256+
257+ The client:
258+ hipnetcat -t -s 127.0.0.1 -p 22345 -d 22300 127.0.0.1 2001:1c:809e:244a:c33:78fb:45e3:d132
259+ </programlisting>
260+ </para>
261+ <para>
262+ Example 2: localhost hipnetcat connection via UDP. The server listens on 127.0.0.1:22300
263+ and the client connects from 127.0.0.1:22345 with HIT 2001:1c:809e:244a:c33:78fb:45e3:d132.
264+ <programlisting>
265+ The server:
266+ hipnetcat -l -s 127.0.0.1 -p 22300
267+
268+ The client:
269+ hipnetcat -s 127.0.0.1 -p 22345 -d 22300 127.0.0.1 2001:1c:809e:244a:c33:78fb:45e3:d132
270+ </programlisting>
271+ </para>
272+ <para>
273+ If the hipnetcat execution successes, the server will receive one message from the client,
274+ and then both sides exit without any error.
275+ </para>
276+ </section> <!-- hipnetcat -->
277+
278 </chapter> <!-- ch_prebuilt -->
279
280 <chapter id="ch_how_to_use_hip">
281@@ -2583,7 +2635,79 @@
282 </para>
283
284 </section>
285-
286+ <section id="ch_libhip_usage">
287+ <title>The Libhip Extension</title>
288+
289+ <para>
290+ The Libhip provides HIP functionality as a library for upper layer
291+ applications and it does not require the present of normal hip
292+ daemon. Instead, the HIP control messages are transmitted on top of
293+ TCP/UDP. From the application points of view, they get similar API set
294+ as normal socket API. This section describes the usage of libhip API.
295+ </para>
296+
297+ <para>
298+ The Libhip API set is listed as follow:
299+ <programlisting>
300+ <emphasis>"socket_wrapper.h"</emphasis>
301+ int hip_socket(int domain, int type, int protocol);
302+ int hip_close(int fd);
303+ int hip_bind(int fd, const struct sockaddr *address, socklen_t address_len);
304+ int hip_sendto(int fd, const void *msg, size_t len,
305+ int flags, const struct sockaddr *dst_hit,
306+ socklen_t dst_len);
307+ int hip_recvfrom(int fd, void *buf, size_t len, int flags,
308+ struct sockaddr *addr, socklen_t *addr_len);
309+ int hip_connect(int fd, const struct sockaddr *addr, socklen_t addr_len);
310+ int hip_accept(int fd, struct sockaddr *addr, socklen_t *addr_len);
311+
312+ <emphasis>"init.h"</emphasis>
313+ int libhipd_init(void);
314+ </programlisting>
315+ </para>
316+
317+ <para>
318+ The libhip requires user to initialize it before calling any socket wrapper
319+ function which starts with "hip_" prefix. To initialize the libhip, call the
320+ <emphasis>libhipd_init</emphasis> function in init.h
321+ </para>
322+
323+ <para>
324+ Once the libhip initialization finishes, user can use functions provided by
325+ socket_wrapper.h and it works like normal socket function except that:
326+ <itemizedlist>
327+ <listitem>
328+ <para>
329+ In <emphasis>hip_sendto</emphasis> and <emphasis>hip_connect</emphasis>,
330+ the destination address should be a HIT, not an IP address.The destination
331+ port should also be included in the same structure.
332+ </para>
333+ </listitem>
334+ <listitem>
335+ <para>
336+ In <emphasis>hip_recvfrom</emphasis>, the remote peer address should also
337+ be a HIT, not an IP address.The peer's port should also be included in the
338+ same structure.
339+ </para>
340+ </listitem>
341+ <listitem>
342+ <para>
343+ In <emphasis>hip_accept</emphasis>, after it accepts a new peer, the
344+ <emphasis>addr</emphasis> parameter returns a structure which container peer's
345+ HIT and port (NOT IP). the <emphasis>addr_len</emphasis> parameter returns
346+ the length of this structure. The user then can use this structure for further
347+ function calls such as <emphasis>hip_recvfrom</emphasis>.
348+ </para>
349+ </listitem>
350+ </itemizedlist>
351+ </para>
352+
353+ <para>
354+ For more detail usage of the libhip, please refer to the hipnetcat program
355+ in the <emphasis>test</emphasis> directory.
356+ </para>
357+
358+ </section> <!-- ch_libhip_usage -->
359 </chapter> <!-- ch_exp_extensions -->
360
361 </book>
362
363=== modified file 'hipd/hipd.c'
364--- hipd/hipd.c 2011-11-25 16:40:40 +0000
365+++ hipd/hipd.c 2012-02-09 14:35:25 +0000
366@@ -1,5 +1,5 @@
367 /*
368- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
369+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
370 *
371 * Permission is hereby granted, free of charge, to any person
372 * obtaining a copy of this software and associated documentation
373@@ -58,49 +58,14 @@
374 #include "lib/core/protodefs.h"
375 #include "lib/core/straddr.h"
376 #include "lib/core/util.h"
377+#include "lib/hipdaemon/accessor.h"
378+#include "lib/hipdaemon/hip_socket.h"
379+#include "lib/hipdaemon/init.h"
380+#include "lib/hipdaemon/maintenance.h"
381+#include "lib/hipdaemon/netdev.h"
382+#include "lib/hipdaemon/hipd.h"
383+
384 #include "config.h"
385-#include "accessor.h"
386-#include "hip_socket.h"
387-#include "init.h"
388-#include "maintenance.h"
389-#include "netdev.h"
390-#include "hipd.h"
391-
392-
393-/** Suppress advertising of none, AF_INET or AF_INET6 address in UPDATEs.
394- * 0 = none = default, AF_INET, AF_INET6 */
395-int suppress_af_family = 0;
396-
397-/* For sending HIP control messages */
398-int hip_raw_sock_output_v6 = 0;
399-int hip_raw_sock_output_v4 = 0;
400-
401-/* For receiving HIP control messages */
402-int hip_raw_sock_input_v6 = 0;
403-int hip_raw_sock_input_v4 = 0;
404-
405-/** File descriptor of the socket used for sending HIP control packet
406- * NAT traversal on UDP/IPv4
407- */
408-int hip_nat_sock_output_udp = 0;
409-
410-/** File descriptor of the socket used for receiving HIP control packet
411- * NAT traversal on UDP/IPv4
412- */
413-int hip_nat_sock_input_udp = 0;
414-
415-int hip_nat_sock_output_udp_v6 = 0;
416-int hip_nat_sock_input_udp_v6 = 0;
417-
418-/** Specifies the NAT status of the daemon. This value indicates if the current
419- * machine is behind a NAT. */
420-hip_transform_suite hip_nat_status = 0;
421-
422-/* Encrypt host id in I2 */
423-int hip_encrypt_i2_hi = 0;
424-
425-/* Communication interface to userspace apps (hipconf etc) */
426-int hip_user_sock = 0;
427
428 /** For receiving netlink IPsec events (acquire, expire, etc) */
429 struct rtnl_handle hip_nl_ipsec;
430@@ -109,18 +74,6 @@
431 * nf_ipsec for this purpose). */
432 struct rtnl_handle hip_nl_route;
433
434-struct sockaddr_in6 hipfw_addr = { 0 };
435-static int hipfw_sock = 0;
436-
437-/* used to change the transform order see hipconf usage to see the usage
438- * This is set to AES, 3DES, NULL by default see hipconf transform order for
439- * more information.
440- */
441-int hip_transform_order = 123;
442-
443-/* Tells to the daemon should it build LOCATOR parameters to R1 and I2 */
444-int hip_locator_status = HIP_MSG_SET_LOCATOR_OFF;
445-
446 /* We are caching the IP addresses of the host here. The reason is that during
447 * in hip_handle_acquire it is not possible to call getifaddrs (it creates
448 * a new netlink socket and seems like only one can be open per process).
449@@ -132,24 +85,6 @@
450 int address_count;
451 HIP_HASHTABLE *addresses;
452
453-int address_change_time_counter = -1;
454-
455-/*Define hip_use_userspace_ipsec variable to indicate whether use
456- * userspace ipsec or not. If it is 1, hip uses the user space ipsec.
457- * It will not use if hip_use_userspace_ipsec = 0. Added By Tao Wan
458- */
459-int hip_use_userspace_ipsec = 0;
460-
461-int esp_prot_active = 0;
462-int esp_prot_num_transforms = 0;
463-long esp_prot_num_parallel_hchains = 0;
464-
465-int hip_shotgun_status = HIP_MSG_SHOTGUN_OFF;
466-
467-int hip_broadcast_status = HIP_MSG_BROADCAST_OFF;
468-
469-int hip_wait_addr_changes_to_stabilize = 1;
470-
471 /**
472 * print hipd usage instructions on stderr
473 */
474@@ -173,32 +108,6 @@
475 }
476
477 /**
478- * send a message to the HIP firewall
479- *
480- * @param msg the message to send
481- * @return zero on success or negative on error
482- */
483-int hip_sendto_firewall(HIPFW const struct hip_common *msg)
484-{
485-#ifdef CONFIG_HIP_FIREWALL
486- int n = 0;
487- HIP_DEBUG("CONFIG_HIP_FIREWALL DEFINED AND STATUS IS %d\n",
488- hipfw_is_alive());
489-
490- n = sendto(hipfw_sock,
491- msg,
492- hip_get_msg_total_len(msg),
493- 0,
494- (struct sockaddr *) &hipfw_addr,
495- sizeof(hipfw_addr));
496- return n;
497-#else
498- HIP_DEBUG("Firewall is disabled.\n");
499- return 0;
500-#endif // CONFIG_HIP_FIREWALL
501-}
502-
503-/**
504 * Parse the command line options
505 * @param argc number of command line parameters
506 * @param argv command line parameters
507
508=== modified file 'hipd/main.c'
509--- hipd/main.c 2011-11-03 09:21:12 +0000
510+++ hipd/main.c 2012-02-09 14:35:25 +0000
511@@ -33,8 +33,8 @@
512 #include <sys/types.h>
513
514
515-#include "hipd/hipd.h"
516-#include "init.h"
517+#include "lib/hipdaemon/hipd.h"
518+#include "lib/hipdaemon/init.h"
519 #include "lib/core/debug.h"
520
521
522
523=== modified file 'hipfw/hipfw.c'
524--- hipfw/hipfw.c 2011-11-25 16:40:40 +0000
525+++ hipfw/hipfw.c 2012-02-09 14:35:25 +0000
526@@ -75,7 +75,7 @@
527 #include "lib/core/performance.h"
528 #include "lib/core/prefix.h"
529 #include "lib/core/util.h"
530-#include "hipd/hipd.h"
531+#include "lib/hipdaemon/hipd.h"
532 #include "config.h"
533 #include "cache.h"
534 #include "common_types.h"
535
536=== modified file 'lib/core/crypto.h'
537--- lib/core/crypto.h 2011-11-25 17:56:24 +0000
538+++ lib/core/crypto.h 2012-02-09 14:35:25 +0000
539@@ -65,9 +65,9 @@
540 #define RSA_KEY_DEFAULT_BITS 1024
541 #define ECDSA_DEFAULT_CURVE NID_X9_62_prime256v1
542
543-
544+#define DEFAULT_HOST_RSA_KEY_FILE_NAME "hip_host_rsa_key"
545 #define DEFAULT_HOST_DSA_KEY_FILE_BASE HIPL_SYSCONFDIR "/hip_host_dsa_key"
546-#define DEFAULT_HOST_RSA_KEY_FILE_BASE HIPL_SYSCONFDIR "/hip_host_rsa_key"
547+#define DEFAULT_HOST_RSA_KEY_FILE_BASE HIPL_SYSCONFDIR "/" DEFAULT_HOST_RSA_KEY_FILE_NAME
548 #define DEFAULT_HOST_ECDSA_KEY_FILE_BASE HIPL_SYSCONFDIR "/hip_host_ecdsa_key"
549 #define DEFAULT_PUB_FILE_SUFFIX ".pub"
550
551
552=== modified file 'lib/core/hostid.c'
553--- lib/core/hostid.c 2011-11-10 10:35:47 +0000
554+++ lib/core/hostid.c 2012-02-09 14:35:25 +0000
555@@ -29,6 +29,7 @@
556 */
557
558 #include <errno.h>
559+#include <libgen.h>
560 #include <stdint.h>
561 #include <stdlib.h>
562 #include <string.h>
563@@ -743,11 +744,16 @@
564 goto out_err;
565 }
566 } else if (!use_default) {
567+ char *hi_file_dup = strdup(hi_file);
568+ if ((err = check_and_create_dir(dirname(hi_file_dup), HIP_DIR_MODE))) {
569+ HIP_ERROR("Could not create direcory for path: %s\n", hi_file);
570+ goto out_err;
571+ }
572 if (!strcmp(hi_fmt, "dsa")) {
573 dsa_key = create_dsa_key(dsa_key_bits);
574 HIP_IFEL(!dsa_key, -EINVAL,
575 "Creation of DSA key failed.\n");
576- if ((err = save_dsa_private_key(dsa_filenamebase, dsa_key))) {
577+ if ((err = save_dsa_private_key(hi_file, dsa_key))) {
578 HIP_ERROR("Saving of DSA key failed.\n");
579 goto out_err;
580 }
581@@ -756,7 +762,7 @@
582 ecdsa_key = create_ecdsa_key(ecdsa_nid);
583 HIP_IFEL(!ecdsa_key, -EINVAL,
584 "Creation of ECDSA key failed.\n");
585- if ((err = save_ecdsa_private_key(ecdsa_filenamebase, ecdsa_key))) {
586+ if ((err = save_ecdsa_private_key(hi_file, ecdsa_key))) {
587 HIP_ERROR("Saving of ECDSA key failed.\n");
588 goto out_err;
589 }
590@@ -765,7 +771,8 @@
591 rsa_key = create_rsa_key(rsa_key_bits);
592 HIP_IFEL(!rsa_key, -EINVAL,
593 "Creation of RSA key failed.\n");
594- if ((err = save_rsa_private_key(rsa_filenamebase, rsa_key))) {
595+
596+ if ((err = save_rsa_private_key(hi_file, rsa_key))) {
597 HIP_ERROR("Saving of RSA key failed.\n");
598 goto out_err;
599 }
600
601=== modified file 'lib/core/linkedlist.c'
602--- lib/core/linkedlist.c 2011-08-15 14:11:56 +0000
603+++ lib/core/linkedlist.c 2012-02-09 14:35:25 +0000
604@@ -297,6 +297,31 @@
605 return ptr;
606 }
607
608+/*
609+ * Deletes the first node in a list with the given element as its data.
610+ * If there is no match, does nothing.
611+ *
612+ * @param linkedlist the list where from to remove the element.
613+ * @param ptr pointer by which to identify the node
614+ * @param free_element a function pointer to a function for freeing the memory
615+ * allocated for an element at a node or NULL if the element
616+ * itself is not to be freed.
617+ */
618+void hip_ll_del_by_ptr(struct hip_ll *linkedlist, void *ptr,
619+ free_elem_fn free_element)
620+{
621+ int index = 0;
622+ const struct hip_ll_node *current = NULL;
623+
624+ while ((current = hip_ll_iterate(linkedlist, current))) {
625+ if (current->ptr == ptr) {
626+ hip_ll_del(linkedlist, index, free_element);
627+ return;
628+ }
629+ index++;
630+ }
631+}
632+
633 /**
634 * Deletes the first node from a linked list. If there are no nodes in the list,
635 * no action will be taken. If @c free_element is non-NULL the memory allocated
636
637=== modified file 'lib/core/linkedlist.h'
638--- lib/core/linkedlist.h 2011-11-25 17:56:24 +0000
639+++ lib/core/linkedlist.h 2012-02-09 14:35:25 +0000
640@@ -69,6 +69,8 @@
641 void *hip_ll_del(struct hip_ll *linkedlist, const unsigned int index,
642 free_elem_fn free_element);
643 void *hip_ll_del_first(struct hip_ll *linkedlist, free_elem_fn free_element);
644+void hip_ll_del_by_ptr(struct hip_ll *linkedlist, void *ptr,
645+ free_elem_fn free_element);
646 void *hip_ll_get(const struct hip_ll *const linkedlist, const unsigned int index);
647 const struct hip_ll_node *hip_ll_iterate(const struct hip_ll *const linkedlist,
648 const struct hip_ll_node *const current);
649
650=== modified file 'lib/core/message.c'
651--- lib/core/message.c 2011-11-08 15:25:41 +0000
652+++ lib/core/message.c 2012-02-09 14:35:25 +0000
653@@ -1,5 +1,5 @@
654 /*
655- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
656+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
657 *
658 * Permission is hereby granted, free of charge, to any person
659 * obtaining a copy of this software and associated documentation
660@@ -686,6 +686,80 @@
661 }
662
663 /**
664+ * Read a control message over TCP socket.
665+ * Used by libhip API.
666+ *
667+ * @param sockfd a socket file descriptor
668+ * @param ctx a pointer to the packet context
669+ * @return -1 in case of an error, 0 otherwise.
670+ */
671+int hip_read_control_msg_tcp(int sockfd, struct hip_packet_context *ctx)
672+{
673+ int len, is_ipv4;
674+ struct sockaddr dst_addr = { 0 };
675+ struct sockaddr src_addr = { 0 };
676+ struct sockaddr_in *saddr4;
677+ struct sockaddr_in6 *saddr6;
678+ socklen_t saddr_len = sizeof(struct sockaddr);
679+
680+ hip_msg_init(ctx->input_msg);
681+
682+ len = recv(sockfd, ctx->input_msg, HIP_MAX_PACKET, 0);
683+ if (len < 0) {
684+ HIP_PERROR("recvfrom(): ");
685+ return -1;
686+ }
687+
688+ /* Get peer address */
689+ if (getpeername(sockfd, &src_addr, &saddr_len) < 0) {
690+ HIP_PERROR("getpeername(): ");
691+ return -1;
692+ }
693+
694+ is_ipv4 = src_addr.sa_family == AF_INET ? 1 : 0;
695+ if (is_ipv4) {
696+ saddr4 = (struct sockaddr_in *) &src_addr;
697+ IPV4_TO_IPV6_MAP(&saddr4->sin_addr, &ctx->src_addr);
698+ ctx->msg_ports.src_port = ntohs(saddr4->sin_port);
699+ } else {
700+ saddr6 = (struct sockaddr_in6 *) &src_addr;
701+ memcpy(&ctx->dst_addr, &saddr6->sin6_addr, sizeof(struct in6_addr));
702+ ctx->msg_ports.src_port = ntohs(saddr6->sin6_port);
703+ }
704+
705+ /* Get local (bound) address */
706+ if (getsockname(sockfd, &dst_addr, &saddr_len) < 0) {
707+ HIP_PERROR("getsockname(): ");
708+ return -1;
709+ }
710+ if (is_ipv4) {
711+ saddr4 = (struct sockaddr_in *) &dst_addr;
712+ IPV4_TO_IPV6_MAP(&saddr4->sin_addr, &ctx->dst_addr);
713+ ctx->msg_ports.dst_port = saddr4->sin_port;
714+ } else {
715+ saddr6 = (struct sockaddr_in6 *) &dst_addr;
716+ memcpy(&ctx->dst_addr, &saddr6->sin6_addr, sizeof(struct in6_addr));
717+ ctx->msg_ports.dst_port = saddr6->sin6_port;
718+ }
719+
720+ HIP_DEBUG_IN6ADDR("src", &ctx->src_addr);
721+ HIP_DEBUG_IN6ADDR("dst", &ctx->dst_addr);
722+
723+ memmove(ctx->input_msg,
724+ ((char *) ctx->input_msg) + HIP_UDP_ZERO_BYTES_LEN,
725+ HIP_MAX_PACKET - HIP_UDP_ZERO_BYTES_LEN);
726+ len -= HIP_UDP_ZERO_BYTES_LEN;
727+
728+ if (hip_verify_network_header(ctx->input_msg, &src_addr,
729+ &dst_addr, len) < 0) {
730+ HIP_ERROR("verifying network header failed\n");
731+ return -1;
732+ }
733+
734+ return 0;
735+}
736+
737+/**
738 * Read an IPv6 control message.
739 *
740 * @param sockfd a socket file descriptor
741
742=== modified file 'lib/core/message.h'
743--- lib/core/message.h 2011-11-25 17:56:24 +0000
744+++ lib/core/message.h 2012-02-09 14:35:25 +0000
745@@ -46,6 +46,7 @@
746 int hip_send_recv_daemon_info(struct hip_common *msg,
747 int send_only,
748 int opt_socket);
749+int hip_read_control_msg_tcp(int sockfd, struct hip_packet_context *ctx);
750 int hip_send_recv_firewall_info(struct hip_common *const msg);
751
752 #endif /* HIPL_LIB_CORE_MESSAGE_H */
753
754=== added directory 'lib/hipdaemon'
755=== renamed file 'hipd/accessor.c' => 'lib/hipdaemon/accessor.c'
756=== renamed file 'hipd/accessor.h' => 'lib/hipdaemon/accessor.h'
757=== renamed file 'hipd/cert.c' => 'lib/hipdaemon/cert.c'
758=== renamed file 'hipd/cert.h' => 'lib/hipdaemon/cert.h'
759=== renamed file 'hipd/close.c' => 'lib/hipdaemon/close.c'
760=== renamed file 'hipd/close.h' => 'lib/hipdaemon/close.h'
761=== renamed file 'hipd/configfilereader.c' => 'lib/hipdaemon/configfilereader.c'
762=== renamed file 'hipd/configfilereader.h' => 'lib/hipdaemon/configfilereader.h'
763=== renamed file 'hipd/cookie.c' => 'lib/hipdaemon/cookie.c'
764=== renamed file 'hipd/cookie.h' => 'lib/hipdaemon/cookie.h'
765=== renamed file 'hipd/dh.c' => 'lib/hipdaemon/dh.c'
766=== renamed file 'hipd/dh.h' => 'lib/hipdaemon/dh.h'
767=== renamed file 'hipd/esp_prot_anchordb.c' => 'lib/hipdaemon/esp_prot_anchordb.c'
768=== renamed file 'hipd/esp_prot_anchordb.h' => 'lib/hipdaemon/esp_prot_anchordb.h'
769=== renamed file 'hipd/esp_prot_hipd_msg.c' => 'lib/hipdaemon/esp_prot_hipd_msg.c'
770--- hipd/esp_prot_hipd_msg.c 2011-12-16 13:37:33 +0000
771+++ lib/hipdaemon/esp_prot_hipd_msg.c 2012-02-09 14:35:25 +0000
772@@ -57,6 +57,10 @@
773
774 static uint8_t esp_prot_transforms[MAX_NUM_TRANSFORMS];
775
776+int esp_prot_active = 0;
777+int esp_prot_num_transforms = 0;
778+long esp_prot_num_parallel_hchains = 0;
779+
780 /**
781 * Sends second update message for a public-key-based anchor element update
782 *
783
784=== renamed file 'hipd/esp_prot_hipd_msg.h' => 'lib/hipdaemon/esp_prot_hipd_msg.h'
785=== renamed file 'hipd/esp_prot_light_update.c' => 'lib/hipdaemon/esp_prot_light_update.c'
786=== renamed file 'hipd/esp_prot_light_update.h' => 'lib/hipdaemon/esp_prot_light_update.h'
787=== renamed file 'hipd/hadb.c' => 'lib/hipdaemon/hadb.c'
788--- hipd/hadb.c 2012-01-25 20:45:27 +0000
789+++ lib/hipdaemon/hadb.c 2012-02-09 14:35:25 +0000
790@@ -105,6 +105,23 @@
791 uint8_t peer_hostname[HIP_HOST_ID_HOSTNAME_LEN_MAX];
792 };
793
794+/* Flag to show if hipl is running in libhip mode (=1) or normal mode (=0).
795+ * This variable should NOT be accessed directly. Always use the accessor
796+ * functions instead.
797+ */
798+static int hipd_library_mode = 0;
799+
800+int is_libhip_mode()
801+{
802+ return hipd_library_mode;
803+}
804+
805+int set_libhip_mode()
806+{
807+ hipd_library_mode = 1;
808+ return 0;
809+}
810+
811 /**
812 * The hash function of the hashtable. Calculates a hash from parameter host
813 * association HITs (hit_our and hit_peer).
814@@ -616,7 +633,12 @@
815
816 if (hip_select_source_address(&peer_map.our_addr, &peer_map.peer_addr)) {
817 HIP_ERROR("Cannot find source address\n");
818- return -1;
819+ if (is_libhip_mode()) {
820+ memset(&peer_map.our_addr, 0, sizeof(peer_map.our_addr));
821+ HIP_DEBUG("Using ANY for source address\n");
822+ } else {
823+ return -1;
824+ }
825 }
826
827 if (hip_for_each_hi(hadb_add_peer_info_wrapper, &peer_map)) {
828@@ -1459,6 +1481,10 @@
829 int prev_spi_out = ha->spi_outbound_current;
830 int prev_spi_in = ha->spi_inbound_current;
831
832+ if (hipd_library_mode) {
833+ return;
834+ }
835+
836 // Delete previous security policies
837 hip_delete_hit_sp_pair(&ha->hit_our, &ha->hit_peer, 1);
838 hip_delete_hit_sp_pair(&ha->hit_peer, &ha->hit_our, 1);
839@@ -1522,6 +1548,11 @@
840 ha),
841 -1, "Error while changing outbound security association\n");
842
843+ if (hipd_library_mode) {
844+ HIP_DEBUG("No SP set up in library mode\n");
845+ goto out_err;
846+ }
847+
848 // Create a new security policy pointing to SAs after SA setup
849 HIP_IFEL(hip_setup_hit_sp_pair(&ha->hit_peer,
850 &ha->hit_our,
851
852=== renamed file 'hipd/hadb.h' => 'lib/hipdaemon/hadb.h'
853=== renamed file 'hipd/hidb.c' => 'lib/hipdaemon/hidb.c'
854--- hipd/hidb.c 2012-01-25 20:45:27 +0000
855+++ lib/hipdaemon/hidb.c 2012-02-09 14:35:25 +0000
856@@ -600,13 +600,15 @@
857 hip_add_iface_local_route(&in6_lsi);
858
859 /* Adding HITs and LSIs to the interface */
860- if (hip_add_iface_local_hit(&hit)) {
861- HIP_ERROR("Failed to add HIT to the device\n");
862- return -1;
863- }
864- if (hip_add_iface_local_hit(&in6_lsi)) {
865- HIP_ERROR("Failed to add LSI to the device\n");
866- return -1;
867+ if (!is_libhip_mode()) {
868+ if (hip_add_iface_local_hit(&hit)) {
869+ HIP_ERROR("Failed to add HIT to the device\n");
870+ return -1;
871+ }
872+ if (hip_add_iface_local_hit(&in6_lsi)) {
873+ HIP_ERROR("Failed to add LSI to the device\n");
874+ return -1;
875+ }
876 }
877 }
878
879
880=== renamed file 'hipd/hidb.h' => 'lib/hipdaemon/hidb.h'
881=== renamed file 'hipd/hip_socket.c' => 'lib/hipdaemon/hip_socket.c'
882--- hipd/hip_socket.c 2011-10-25 21:14:16 +0000
883+++ lib/hipdaemon/hip_socket.c 2012-02-09 14:35:25 +0000
884@@ -55,6 +55,30 @@
885 int (*func_ptr)(struct hip_packet_context *ctx);
886 };
887
888+/* For sending HIP control messages */
889+int hip_raw_sock_output_v6 = 0;
890+int hip_raw_sock_output_v4 = 0;
891+
892+/* For receiving HIP control messages */
893+int hip_raw_sock_input_v6 = 0;
894+int hip_raw_sock_input_v4 = 0;
895+
896+/** File descriptor of the socket used for sending HIP control packet
897+ * NAT traversal on UDP/IPv4
898+ */
899+int hip_nat_sock_output_udp = 0;
900+
901+/** File descriptor of the socket used for receiving HIP control packet
902+ * NAT traversal on UDP/IPv4
903+ */
904+int hip_nat_sock_input_udp = 0;
905+
906+int hip_nat_sock_output_udp_v6 = 0;
907+int hip_nat_sock_input_udp_v6 = 0;
908+
909+/* Communication interface to userspace apps (hipconf etc) */
910+int hip_user_sock = 0;
911+
912 /**
913 * List for storage of used sockets
914 */
915
916=== renamed file 'hipd/hip_socket.h' => 'lib/hipdaemon/hip_socket.h'
917--- hipd/hip_socket.h 2011-11-25 17:56:24 +0000
918+++ lib/hipdaemon/hip_socket.h 2012-02-09 14:35:25 +0000
919@@ -30,6 +30,15 @@
920 #include <sys/select.h>
921 #include "lib/core/protodefs.h"
922
923+extern int hip_raw_sock_input_v6;
924+extern int hip_raw_sock_input_v4;
925+extern int hip_nat_sock_input_udp;
926+extern int hip_nat_sock_input_udp_v6;
927+
928+extern int hip_user_sock;
929+extern int hip_firewall_sock;
930+extern struct sockaddr_in6 hip_firewall_addr;
931+
932 void hip_register_sockets(void);
933
934 void hip_unregister_sockets(void);
935
936=== renamed file 'hipd/hipd.h' => 'lib/hipdaemon/hipd.h'
937--- hipd/hipd.h 2011-11-25 17:56:24 +0000
938+++ lib/hipdaemon/hipd.h 2012-02-09 14:35:25 +0000
939@@ -59,50 +59,18 @@
940
941 #define HIP_ADDRESS_CHANGE_WAIT_INTERVAL 3 /* seconds */
942
943-extern struct rtnl_handle hip_nl_route;
944-extern struct rtnl_handle hip_nl_ipsec;
945 extern struct rtnl_handle hip_nl_generic;
946
947-extern int hip_raw_sock_input_v6;
948-extern int hip_raw_sock_input_v4;
949-extern int hip_nat_sock_input_udp;
950-
951-extern int hip_raw_sock_output_v6;
952-extern int hip_raw_sock_output_v4;
953-extern int hip_nat_sock_output_udp;
954-
955-extern int hip_nat_sock_output_udp_v6;
956-extern int hip_nat_sock_input_udp_v6;
957-
958-extern int address_change_time_counter;
959-
960-extern int hip_wait_addr_changes_to_stabilize;
961-
962-extern int hip_user_sock;
963-
964 extern struct sockaddr_in6 hipfw_addr;
965
966 extern int hit_db_lock;
967
968-extern int hip_shotgun_status;
969-
970 extern int hip_broadcast_status;
971
972-extern int hip_encrypt_i2_hi;
973-
974-extern hip_transform_suite hip_nat_status;
975-
976 extern int esp_prot_active;
977 extern int esp_prot_num_transforms;
978 extern long esp_prot_num_parallel_hchains;
979
980-extern int hip_locator_status;
981-extern int hip_transform_order;
982-
983-extern int suppress_af_family;
984-extern int address_count;
985-extern HIP_HASHTABLE *addresses;
986-
987 /* For switch userspace / kernel IPsec */
988 extern int hip_use_userspace_ipsec;
989
990@@ -115,4 +83,8 @@
991 int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t * flags);
992 int hipd_main(uint64_t flags);
993
994+/* libhip_mode accessor */
995+int is_libhip_mode(void);
996+int set_libhip_mode(void);
997+
998 #endif /* HIPL_HIPD_HIPD_H */
999
1000=== renamed file 'hipd/hiprelay.c' => 'lib/hipdaemon/hiprelay.c'
1001=== renamed file 'hipd/hiprelay.h' => 'lib/hipdaemon/hiprelay.h'
1002=== renamed file 'hipd/hit_to_ip.c' => 'lib/hipdaemon/hit_to_ip.c'
1003=== renamed file 'hipd/hit_to_ip.h' => 'lib/hipdaemon/hit_to_ip.h'
1004=== renamed file 'hipd/init.c' => 'lib/hipdaemon/init.c'
1005--- hipd/init.c 2012-01-18 21:21:26 +0000
1006+++ lib/hipdaemon/init.c 2012-02-09 14:35:25 +0000
1007@@ -34,6 +34,7 @@
1008
1009 #include <errno.h>
1010 #include <limits.h>
1011+#include <pwd.h>
1012 #include <signal.h>
1013 #include <stdint.h>
1014 #include <stdlib.h>
1015@@ -74,12 +75,14 @@
1016 #include "accessor.h"
1017 #include "close.h"
1018 #include "dh.h"
1019+#include "esp_prot_hipd_msg.h"
1020 #include "esp_prot_light_update.h"
1021 #include "hadb.h"
1022 #include "hidb.h"
1023 #include "hip_socket.h"
1024 #include "hipd.h"
1025 #include "hiprelay.h"
1026+#include "init.h"
1027 #include "input.h"
1028 #include "maintenance.h"
1029 #include "nat.h"
1030@@ -88,9 +91,8 @@
1031 #include "output.h"
1032 #include "pkt_handling.h"
1033 #include "registration.h"
1034+#include "socket_wrapper.h"
1035 #include "user.h"
1036-#include "init.h"
1037-#include "hipd/esp_prot_hipd_msg.h"
1038
1039
1040 /**
1041@@ -118,6 +120,8 @@
1042 #endif
1043 /** end ICMPV6_FILTER related stuff */
1044
1045+#define HIP_USER_DIR ".hipl/"
1046+
1047 /* Startup flags of the HIPD. Keep the around, for they will be used at exit */
1048 static uint64_t sflags;
1049
1050@@ -523,6 +527,210 @@
1051 lmod_register_packet_type(HIP_LUPDATE, "HIP_LUPDATE");
1052 }
1053
1054+static int libhip_init_handle_functions(void)
1055+{
1056+ int err = 0;
1057+
1058+ HIP_DEBUG("Initialize handle functions for libhip.\n");
1059+
1060+ hip_register_handle_function(HIP_I1, HIP_STATE_UNASSOCIATED, &hip_check_i1, 20000);
1061+ hip_register_handle_function(HIP_I1, HIP_STATE_UNASSOCIATED, &hip_handle_i1, 30000);
1062+ hip_register_handle_function(HIP_I1, HIP_STATE_UNASSOCIATED, &hip_update_retransmissions, 35000);
1063+ hip_register_handle_function(HIP_I1, HIP_STATE_UNASSOCIATED, &hip_send_r1, 40000);
1064+ hip_register_handle_function(HIP_I1, HIP_STATE_I1_SENT, &hip_check_i1, 20000);
1065+ hip_register_handle_function(HIP_I1, HIP_STATE_I1_SENT, &hip_handle_i1, 30000);
1066+ hip_register_handle_function(HIP_I1, HIP_STATE_I1_SENT, &hip_update_retransmissions, 35000);
1067+ hip_register_handle_function(HIP_I1, HIP_STATE_I1_SENT, &hip_send_r1, 40000);
1068+ hip_register_handle_function(HIP_I1, HIP_STATE_I2_SENT, &hip_check_i1, 20000);
1069+ hip_register_handle_function(HIP_I1, HIP_STATE_I2_SENT, &hip_handle_i1, 30000);
1070+ hip_register_handle_function(HIP_I1, HIP_STATE_I2_SENT, &hip_update_retransmissions, 35000);
1071+ hip_register_handle_function(HIP_I1, HIP_STATE_I2_SENT, &hip_send_r1, 40000);
1072+ hip_register_handle_function(HIP_I1, HIP_STATE_R2_SENT, &hip_check_i1, 20000);
1073+ hip_register_handle_function(HIP_I1, HIP_STATE_R2_SENT, &hip_handle_i1, 30000);
1074+ hip_register_handle_function(HIP_I1, HIP_STATE_R2_SENT, &hip_update_retransmissions, 35000);
1075+ hip_register_handle_function(HIP_I1, HIP_STATE_R2_SENT, &hip_send_r1, 40000);
1076+ hip_register_handle_function(HIP_I1, HIP_STATE_ESTABLISHED, &hip_check_i1, 20000);
1077+ hip_register_handle_function(HIP_I1, HIP_STATE_ESTABLISHED, &hip_handle_i1, 30000);
1078+ hip_register_handle_function(HIP_I1, HIP_STATE_ESTABLISHED, &hip_update_retransmissions, 35000);
1079+ hip_register_handle_function(HIP_I1, HIP_STATE_ESTABLISHED, &hip_send_r1, 40000);
1080+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSING, &hip_check_i1, 20000);
1081+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSING, &hip_handle_i1, 30000);
1082+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSING, &hip_update_retransmissions, 35000);
1083+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSING, &hip_send_r1, 40000);
1084+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSED, &hip_check_i1, 20000);
1085+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSED, &hip_handle_i1, 30000);
1086+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSED, &hip_update_retransmissions, 35000);
1087+ hip_register_handle_function(HIP_I1, HIP_STATE_CLOSED, &hip_send_r1, 40000);
1088+ hip_register_handle_function(HIP_I1, HIP_STATE_NONE, &hip_check_i1, 20000);
1089+ hip_register_handle_function(HIP_I1, HIP_STATE_NONE, &hip_handle_i1, 30000);
1090+ hip_register_handle_function(HIP_I1, HIP_STATE_NONE, &hip_update_retransmissions, 35000);
1091+ hip_register_handle_function(HIP_I1, HIP_STATE_NONE, &hip_send_r1, 40000);
1092+
1093+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_check_i2, 20000);
1094+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_handle_i2, 30000);
1095+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_update_retransmissions, 30250);
1096+ //hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_setup_ipsec_sa, 30500);
1097+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_create_r2, 40000);
1098+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_add_rvs_reg_from, 41000);
1099+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_hmac2_and_sign, 42000);
1100+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_add_rvs_relay_to, 43000);
1101+ hip_register_handle_function(HIP_I2, HIP_STATE_UNASSOCIATED, &hip_send_r2, 50000);
1102+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_check_i2, 20000);
1103+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_handle_i2, 30000);
1104+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_update_retransmissions, 30250);
1105+ //hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_setup_ipsec_sa, 30500);
1106+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_create_r2, 40000);
1107+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_add_rvs_reg_from, 41000);
1108+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_hmac2_and_sign, 42000);
1109+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_add_rvs_relay_to, 43000);
1110+ hip_register_handle_function(HIP_I2, HIP_STATE_I1_SENT, &hip_send_r2, 50000);
1111+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_check_i2, 20000);
1112+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_handle_i2_in_i2_sent, 21000);
1113+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_handle_i2, 30000);
1114+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_update_retransmissions, 30250);
1115+ //hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_setup_ipsec_sa, 30500);
1116+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_create_r2, 40000);
1117+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_add_rvs_reg_from, 41000);
1118+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_hmac2_and_sign, 42000);
1119+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_add_rvs_relay_to, 43000);
1120+ hip_register_handle_function(HIP_I2, HIP_STATE_I2_SENT, &hip_send_r2, 50000);
1121+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_check_i2, 20000);
1122+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_handle_i2, 30000);
1123+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_update_retransmissions, 30250);
1124+ //hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_setup_ipsec_sa, 30500);
1125+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_create_r2, 40000);
1126+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_add_rvs_reg_from, 41000);
1127+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_hmac2_and_sign, 42000);
1128+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_add_rvs_relay_to, 43000);
1129+ hip_register_handle_function(HIP_I2, HIP_STATE_R2_SENT, &hip_send_r2, 50000);
1130+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_check_i2, 20000);
1131+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_handle_i2, 30000);
1132+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_update_retransmissions, 30250);
1133+ //hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_setup_ipsec_sa, 30500);
1134+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_create_r2, 40000);
1135+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_add_rvs_reg_from, 41000);
1136+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_hmac2_and_sign, 42000);
1137+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_add_rvs_relay_to, 43000);
1138+ hip_register_handle_function(HIP_I2, HIP_STATE_ESTABLISHED, &hip_send_r2, 50000);
1139+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_check_i2, 20000);
1140+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_handle_i2, 30000);
1141+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_update_retransmissions, 30250);
1142+ //hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_setup_ipsec_sa, 30500);
1143+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_create_r2, 40000);
1144+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_add_rvs_reg_from, 41000);
1145+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_hmac2_and_sign, 42000);
1146+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_add_rvs_relay_to, 43000);
1147+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSING, &hip_send_r2, 50000);
1148+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_check_i2, 20000);
1149+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_handle_i2, 30000);
1150+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_update_retransmissions, 30250);
1151+ //hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_setup_ipsec_sa, 30500);
1152+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_create_r2, 40000);
1153+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_add_rvs_reg_from, 41000);
1154+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_hmac2_and_sign, 42000);
1155+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_add_rvs_relay_to, 43000);
1156+ hip_register_handle_function(HIP_I2, HIP_STATE_CLOSED, &hip_send_r2, 50000);
1157+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_check_i2, 20000);
1158+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_handle_i2, 30000);
1159+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_update_retransmissions, 30250);
1160+ //hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_setup_ipsec_sa, 30500);
1161+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_create_r2, 40000);
1162+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_add_rvs_reg_from, 41000);
1163+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_hmac2_and_sign, 42000);
1164+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_add_rvs_relay_to, 43000);
1165+ hip_register_handle_function(HIP_I2, HIP_STATE_NONE, &hip_send_r2, 50000);
1166+
1167+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_check_r1, 20000);
1168+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_handle_r1, 30000);
1169+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_update_retransmissions, 30500);
1170+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_build_esp_info, 31000);
1171+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_build_solution, 32000);
1172+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_handle_diffie_hellman, 33000);
1173+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &esp_prot_r1_handle_transforms, 34000);
1174+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_create_i2, 40000);
1175+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_add_signed_echo_response, 41000);
1176+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_mac_and_sign_handler, 42000);
1177+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_add_unsigned_echo_response, 43000);
1178+ hip_register_handle_function(HIP_R1, HIP_STATE_I1_SENT, &hip_send_i2, 50000);
1179+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_check_r1, 20000);
1180+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_handle_r1, 30000);
1181+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_update_retransmissions, 30500);
1182+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_build_esp_info, 31000);
1183+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_build_solution, 32000);
1184+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_handle_diffie_hellman, 33000);
1185+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &esp_prot_r1_handle_transforms, 34000);
1186+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_create_i2, 40000);
1187+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_add_signed_echo_response, 41000);
1188+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_mac_and_sign_handler, 42000);
1189+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_add_unsigned_echo_response, 43000);
1190+ hip_register_handle_function(HIP_R1, HIP_STATE_I2_SENT, &hip_send_i2, 50000);
1191+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_check_r1, 20000);
1192+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_handle_r1, 30000);
1193+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_update_retransmissions, 30500);
1194+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_build_esp_info, 31000);
1195+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_build_solution, 32000);
1196+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_handle_diffie_hellman, 33000);
1197+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &esp_prot_r1_handle_transforms, 34000);
1198+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_create_i2, 40000);
1199+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_add_signed_echo_response, 41000);
1200+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_mac_and_sign_handler, 42000);
1201+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_add_unsigned_echo_response, 43000);
1202+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSING, &hip_send_i2, 50000);
1203+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_check_r1, 20000);
1204+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_handle_r1, 30000);
1205+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_update_retransmissions, 30500);
1206+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_build_esp_info, 31000);
1207+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_build_solution, 32000);
1208+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_handle_diffie_hellman, 33000);
1209+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &esp_prot_r1_handle_transforms, 34000);
1210+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_create_i2, 40000);
1211+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_add_signed_echo_response, 41000);
1212+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_mac_and_sign_handler, 42000);
1213+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_add_unsigned_echo_response, 43000);
1214+ hip_register_handle_function(HIP_R1, HIP_STATE_CLOSED, &hip_send_i2, 50000);
1215+
1216+ hip_register_handle_function(HIP_R2, HIP_STATE_I2_SENT, &hip_check_r2, 20000);
1217+ hip_register_handle_function(HIP_R2, HIP_STATE_I2_SENT, &hip_handle_r2, 30000);
1218+ hip_register_handle_function(HIP_R2, HIP_STATE_I2_SENT, &hip_update_retransmissions, 30250);
1219+ //hip_register_handle_function(HIP_R2, HIP_STATE_I2_SENT, &hip_setup_ipsec_sa, 30500);
1220+
1221+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_I1_SENT, &hip_check_notify, 20000);
1222+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_I1_SENT, &hip_handle_notify, 30000);
1223+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_I2_SENT, &hip_check_notify, 20000);
1224+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_I2_SENT, &hip_handle_notify, 30000);
1225+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_R2_SENT, &hip_check_notify, 20000);
1226+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_R2_SENT, &hip_handle_notify, 30000);
1227+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_ESTABLISHED, &hip_check_notify, 20000);
1228+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_ESTABLISHED, &hip_handle_notify, 30000);
1229+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_CLOSING, &hip_check_notify, 20000);
1230+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_CLOSING, &hip_handle_notify, 30000);
1231+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_CLOSED, &hip_check_notify, 20000);
1232+ hip_register_handle_function(HIP_NOTIFY, HIP_STATE_CLOSED, &hip_handle_notify, 30000);
1233+
1234+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_ESTABLISHED, &hip_close_check_packet, 20000);
1235+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_ESTABLISHED, &hip_update_retransmissions, 25000);
1236+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_ESTABLISHED, &hip_close_create_response, 30000);
1237+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_ESTABLISHED, &hip_close_send_response, 40000);
1238+
1239+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_CLOSING, &hip_close_check_packet, 20000);
1240+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_CLOSING, &hip_update_retransmissions, 25000);
1241+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_CLOSING, &hip_close_create_response, 30000);
1242+ hip_register_handle_function(HIP_CLOSE, HIP_STATE_CLOSING, &hip_close_send_response, 40000);
1243+
1244+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSING, &hip_close_ack_check_packet, 20000);
1245+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSING, &hip_update_retransmissions, 25000);
1246+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSING, &hip_close_ack_handle_packet, 30000);
1247+
1248+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSED, &hip_close_ack_check_packet, 20000);
1249+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSED, &hip_update_retransmissions, 25000);
1250+ hip_register_handle_function(HIP_CLOSE_ACK, HIP_STATE_CLOSED, &hip_close_ack_handle_packet, 30000);
1251+
1252+ hip_register_handle_function(HIP_LUPDATE, HIP_STATE_ESTABLISHED, &esp_prot_handle_light_update, 20000);
1253+ hip_register_handle_function(HIP_LUPDATE, HIP_STATE_R2_SENT, &esp_prot_handle_light_update, 20000);
1254+
1255+ return err;
1256+}
1257+
1258 static int init_handle_functions(void)
1259 {
1260 int err = 0;
1261@@ -866,7 +1074,7 @@
1262 *
1263 * @param signum signal the signal hipd received from OS
1264 */
1265-static void hip_close(int signum)
1266+static void hipd_close(int signum)
1267 {
1268 static int terminate = 0;
1269
1270@@ -928,8 +1136,8 @@
1271 }
1272
1273 /* Register signal handlers */
1274- signal(SIGINT, hip_close);
1275- signal(SIGTERM, hip_close);
1276+ signal(SIGINT, hipd_close);
1277+ signal(SIGTERM, hipd_close);
1278 signal(SIGCHLD, sig_chld);
1279
1280 HIP_IFEL(hip_init_cipher() < 0, -1, "Unable to init ciphers.\n");
1281@@ -1090,6 +1298,68 @@
1282 return err;
1283 }
1284
1285+int libhipd_init(void)
1286+{
1287+ int err = 0;
1288+ int keypath_len = 0;
1289+ char *key_path = NULL;
1290+ struct hip_common *msg = NULL;
1291+ struct passwd *pwd;
1292+
1293+ set_libhip_mode();
1294+ hip_nat_status = 1;
1295+#ifdef CONFIG_HIP_FIREWALL
1296+ hipfw_status = 0;
1297+#endif
1298+
1299+ hip_init_hadb();
1300+ hip_init_hostid_db();
1301+ hip_netdev_init_addresses();
1302+ libhip_init_handle_functions();
1303+ hip_init_socket_wrapper();
1304+
1305+ /* Load default key from ~/.hipl/ */
1306+ if ((pwd = getpwuid(getuid())) == NULL) {
1307+ return -1;
1308+ }
1309+
1310+ /* +2 because we need a slash after pwd and a NULL for termination */
1311+ keypath_len = strlen(pwd->pw_dir) +
1312+ strlen(HIP_USER_DIR) +
1313+ strlen(DEFAULT_HOST_RSA_KEY_FILE_NAME) +
1314+ strlen(DEFAULT_PUB_HI_FILE_NAME_SUFFIX) + 2;
1315+ HIP_IFE(!(key_path = malloc(keypath_len)), -1);
1316+ HIP_IFE(snprintf(key_path, keypath_len, "%s/%s%s%s", pwd->pw_dir,
1317+ HIP_USER_DIR,
1318+ DEFAULT_HOST_RSA_KEY_FILE_NAME,
1319+ DEFAULT_PUB_HI_FILE_NAME_SUFFIX) < 0,
1320+ -1);
1321+
1322+ HIP_DEBUG("Using key: %s\n", key_path);
1323+ HIP_IFE(!(msg = hip_msg_alloc()), -1);
1324+ if (hip_serialize_host_id_action(msg, ACTION_ADD, 0, 0, "rsa",
1325+ key_path, 0, 0, 0)) {
1326+ free(msg);
1327+ HIP_IFE(!(msg = hip_msg_alloc()), -1);
1328+ HIP_IFEL(hip_serialize_host_id_action(msg, ACTION_NEW, 0, 0, "rsa",
1329+ key_path, RSA_KEY_DEFAULT_BITS,
1330+ DSA_KEY_DEFAULT_BITS,
1331+ ECDSA_DEFAULT_CURVE), -1,
1332+ "Fail to create local key at %s.", key_path);
1333+ free(msg);
1334+ HIP_IFE(!(msg = hip_msg_alloc()), -1);
1335+ HIP_IFEL(hip_serialize_host_id_action(msg, ACTION_ADD, 0, 0, "rsa",
1336+ key_path, 0, 0, 0), -1,
1337+ "Fail to load local key at %s.", key_path);
1338+ }
1339+ HIP_IFE(hip_handle_add_local_hi(msg), -1);
1340+
1341+out_err:
1342+ free(msg);
1343+ free(key_path);
1344+ return err;
1345+}
1346+
1347 /**
1348 * create a socket to handle UDP encapsulation of HIP control
1349 * packets
1350
1351=== renamed file 'hipd/init.h' => 'lib/hipdaemon/init.h'
1352--- hipd/init.h 2011-11-25 17:56:24 +0000
1353+++ lib/hipdaemon/init.h 2012-02-09 14:35:25 +0000
1354@@ -60,4 +60,6 @@
1355 int is_output);
1356 void hip_exit(void);
1357
1358+int libhipd_init(void);
1359+
1360 #endif /* HIPL_HIPD_INIT_H */
1361
1362=== renamed file 'hipd/input.c' => 'lib/hipdaemon/input.c'
1363--- hipd/input.c 2012-01-30 11:29:16 +0000
1364+++ lib/hipdaemon/input.c 2012-02-09 14:35:25 +0000
1365@@ -709,6 +709,11 @@
1366 &ctx->src_addr);
1367 }
1368
1369+ if (is_libhip_mode()) {
1370+ ctx->msg_ports.src_port = ctx->hadb_entry->peer_udp_port;
1371+ ctx->msg_ports.dst_port = ctx->hadb_entry->local_udp_port;
1372+ }
1373+
1374 hip_relay_add_rvs_to_ha(ctx->input_msg, ctx->hadb_entry);
1375
1376 #ifdef CONFIG_HIP_RVS
1377
1378=== renamed file 'hipd/input.h' => 'lib/hipdaemon/input.h'
1379=== renamed file 'hipd/keymat.c' => 'lib/hipdaemon/keymat.c'
1380=== renamed file 'hipd/keymat.h' => 'lib/hipdaemon/keymat.h'
1381=== renamed file 'hipd/lsidb.c' => 'lib/hipdaemon/lsidb.c'
1382=== renamed file 'hipd/lsidb.h' => 'lib/hipdaemon/lsidb.h'
1383=== renamed file 'hipd/maintenance.c' => 'lib/hipdaemon/maintenance.c'
1384--- hipd/maintenance.c 2011-12-29 18:52:56 +0000
1385+++ lib/hipdaemon/maintenance.c 2012-02-09 14:35:25 +0000
1386@@ -58,6 +58,7 @@
1387 #include "cookie.h"
1388 #include "hadb.h"
1389 #include "hidb.h"
1390+#include "hip_socket.h"
1391 #include "hipd.h"
1392 #include "init.h"
1393 #include "input.h"
1394@@ -74,6 +75,9 @@
1395 int hipfw_sock_lsi_fd = -1;
1396 int hipfw_status = -1;
1397
1398+struct sockaddr_in6 hipfw_addr = { 0 };
1399+int hipfw_sock = 0;
1400+
1401 static float retrans_counter = HIP_RETRANSMIT_INIT;
1402 static float precreate_counter = HIP_R1_PRECREATE_INIT;
1403 static int force_exit_counter = FORCE_EXIT_COUNTER_START;
1404@@ -387,3 +391,27 @@
1405 free(msg);
1406 return err;
1407 }
1408+
1409+/**
1410+ * send a message to the HIP firewall
1411+ *
1412+ * @param msg the message to send
1413+ * @return zero on success or negative on error
1414+ */
1415+int hip_sendto_firewall(const struct hip_common *msg)
1416+{
1417+#ifdef CONFIG_HIP_FIREWALL
1418+ int n = 0;
1419+
1420+ n = sendto(hipfw_sock,
1421+ msg,
1422+ hip_get_msg_total_len(msg),
1423+ 0,
1424+ (struct sockaddr *) &hipfw_addr,
1425+ sizeof(hipfw_addr));
1426+ return n;
1427+#else
1428+ HIP_DEBUG("Firewall is disabled.\n");
1429+ return 0;
1430+#endif // CONFIG_HIP_FIREWALL
1431+}
1432
1433=== renamed file 'hipd/maintenance.h' => 'lib/hipdaemon/maintenance.h'
1434--- hipd/maintenance.h 2011-11-25 17:56:24 +0000
1435+++ lib/hipdaemon/maintenance.h 2012-02-09 14:35:25 +0000
1436@@ -30,9 +30,10 @@
1437 #include <netinet/in.h>
1438 #include <sys/time.h>
1439
1440-
1441+extern int hip_firewall_status;
1442 extern int hipfw_sock_lsi_fd;
1443 extern int hipfw_status;
1444+extern int hipfw_sock;
1445
1446 int hip_register_maint_function(int (*maint_function)(void),
1447 const uint16_t priority);
1448
1449=== renamed file 'hipd/nat.c' => 'lib/hipdaemon/nat.c'
1450--- hipd/nat.c 2011-11-07 15:56:02 +0000
1451+++ lib/hipdaemon/nat.c 2012-02-09 14:35:25 +0000
1452@@ -64,6 +64,7 @@
1453 #include "lib/core/state.h"
1454 #include "hadb.h"
1455 #include "hipd.h"
1456+#include "netdev.h"
1457 #include "output.h"
1458 #include "user.h"
1459 #include "nat.h"
1460
1461=== renamed file 'hipd/nat.h' => 'lib/hipdaemon/nat.h'
1462=== renamed file 'hipd/netdev.c' => 'lib/hipdaemon/netdev.c'
1463--- hipd/netdev.c 2011-12-30 23:20:44 +0000
1464+++ lib/hipdaemon/netdev.c 2012-02-09 14:35:25 +0000
1465@@ -1,5 +1,5 @@
1466 /*
1467- * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
1468+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
1469 *
1470 * Permission is hereby granted, free of charge, to any person
1471 * obtaining a copy of this software and associated documentation
1472@@ -89,6 +89,34 @@
1473 /** Maximum lenght of the address family string */
1474 #define FAM_STR_MAX 32
1475
1476+/** For receiving netlink IPsec events (acquire, expire, etc) */
1477+struct rtnl_handle hip_nl_ipsec;
1478+/** For getting/setting routes and adding HITs (it was not possible to use
1479+ * nf_ipsec for this purpose). */
1480+struct rtnl_handle hip_nl_route;
1481+
1482+/* We are caching the IP addresses of the host here. The reason is that during
1483+ * in hip_handle_acquire it is not possible to call getifaddrs (it creates
1484+ * a new netlink socket and seems like only one can be open per process).
1485+ * Feel free to experiment by porting the required functionality from
1486+ * iproute2/ip/ipaddrs.c:ipaddr_list_or_flush(). It would make these global
1487+ * variable and most of the functions referencing them unnecessary -miika
1488+ */
1489+int address_count;
1490+HIP_HASHTABLE *addresses;
1491+
1492+int hip_broadcast_status = HIP_MSG_BROADCAST_OFF;
1493+
1494+int hip_use_userspace_data_packet_mode = 0;
1495+/** Suppress advertising of none, AF_INET or AF_INET6 address in UPDATEs.
1496+ * 0 = none = default, AF_INET, AF_INET6 */
1497+int suppress_af_family = 0;
1498+/** Specifies the NAT status of the daemon. This value indicates if the current
1499+ * machine is behind a NAT. */
1500+hip_transform_suite hip_nat_status = 0;
1501+int address_change_time_counter = -1;
1502+int hip_wait_addr_changes_to_stabilize = 1;
1503+
1504 /**
1505 * This is the white list. For every interface, which is in our white list,
1506 * this array has a fixed size, because there seems to be no need at this
1507@@ -745,12 +773,12 @@
1508 * will be used as a last resort.
1509 * @todo move this function to some other file
1510 */
1511-static int netdev_trigger_bex(const hip_hit_t *src_hit_in,
1512- const hip_hit_t *dst_hit_in,
1513- const hip_lsi_t *src_lsi_in,
1514- const hip_lsi_t *dst_lsi_in,
1515- const struct in6_addr *src_addr_in,
1516- const struct in6_addr *dst_addr_in)
1517+int netdev_trigger_bex(const hip_hit_t *src_hit_in,
1518+ const hip_hit_t *dst_hit_in,
1519+ const hip_lsi_t *src_lsi_in,
1520+ const hip_lsi_t *dst_lsi_in,
1521+ const struct in6_addr *src_addr_in,
1522+ const struct in6_addr *dst_addr_in)
1523 {
1524 int err = 0, if_index = 0, is_ipv4_locator;
1525 int reuse_hadb_local_address = 0, ha_nat_mode = hip_nat_status;
1526
1527=== renamed file 'hipd/netdev.h' => 'lib/hipdaemon/netdev.h'
1528--- hipd/netdev.h 2011-11-25 17:56:24 +0000
1529+++ lib/hipdaemon/netdev.h 2012-02-09 14:35:25 +0000
1530@@ -1,5 +1,5 @@
1531 /*
1532- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
1533+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
1534 *
1535 * Permission is hereby granted, free of charge, to any person
1536 * obtaining a copy of this software and associated documentation
1537@@ -36,8 +36,19 @@
1538 #include <netinet/in.h>
1539 #include <sys/socket.h>
1540
1541+#include "lib/core/hashtable.h"
1542+#include "lib/tool/nlink.h"
1543 #include "lib/core/protodefs.h"
1544-#include "lib/tool/nlink.h"
1545+
1546+extern struct rtnl_handle hip_nl_route;
1547+extern struct rtnl_handle hip_nl_ipsec;
1548+extern int hip_use_userspace_data_packet_mode;
1549+extern int suppress_af_family;
1550+extern int address_count;
1551+extern HIP_HASHTABLE *addresses;
1552+extern hip_transform_suite hip_nat_status;
1553+extern int address_change_time_counter;
1554+extern int hip_wait_addr_changes_to_stabilize;
1555
1556 int hip_devaddr2ifindex(struct in6_addr *addr);
1557 int hip_netdev_init_addresses(void);
1558@@ -47,6 +58,13 @@
1559 int hip_remove_iface_all_local_hits(void);
1560 int hip_add_iface_local_route(const hip_hit_t *local_hit);
1561 int hip_select_source_address(struct in6_addr *src, const struct in6_addr *dst);
1562+
1563+int netdev_trigger_bex(const hip_hit_t *src_hit_in,
1564+ const hip_hit_t *dst_hit_in,
1565+ const hip_lsi_t *src_lsi_in,
1566+ const hip_lsi_t *dst_lsi_in,
1567+ const struct in6_addr *src_addr_in,
1568+ const struct in6_addr *dst_addr_in);
1569 int hip_netdev_trigger_bex_msg(const struct hip_common *msg);
1570 void hip_add_address_to_list(struct sockaddr *addr, int ifindex, int flags);
1571
1572
1573=== renamed file 'hipd/nsupdate.c' => 'lib/hipdaemon/nsupdate.c'
1574--- hipd/nsupdate.c 2012-01-25 10:44:48 +0000
1575+++ lib/hipdaemon/nsupdate.c 2012-02-09 14:35:25 +0000
1576@@ -57,6 +57,7 @@
1577 #include "config.h"
1578 #include "hidb.h"
1579 #include "hipd.h"
1580+#include "netdev.h"
1581 #include "nsupdate.h"
1582
1583 // parameters for nsupdate
1584
1585=== renamed file 'hipd/nsupdate.h' => 'lib/hipdaemon/nsupdate.h'
1586=== renamed file 'hipd/opp_mode.c' => 'lib/hipdaemon/opp_mode.c'
1587=== renamed file 'hipd/opp_mode.h' => 'lib/hipdaemon/opp_mode.h'
1588=== renamed file 'hipd/output.c' => 'lib/hipdaemon/output.c'
1589--- hipd/output.c 2012-01-16 22:06:09 +0000
1590+++ lib/hipdaemon/output.c 2012-02-09 14:35:25 +0000
1591@@ -69,6 +69,19 @@
1592 #include "registration.h"
1593 #include "output.h"
1594
1595+int hip_shotgun_status = HIP_MSG_SHOTGUN_OFF;
1596+
1597+/* Encrypt host id in I2 */
1598+int hip_encrypt_i2_hi = 0;
1599+
1600+/* used to change the transform order see hipconf usage to see the usage
1601+ * This is set to AES, 3DES, NULL by default see hipconf transform order for
1602+ * more information.
1603+ */
1604+int hip_transform_order = 123;
1605+
1606+/* Tells to the daemon should it build LOCATOR parameters to R1 and I2 */
1607+int hip_locator_status = HIP_MSG_SET_LOCATOR_OFF;
1608
1609 /* Set to 1 if you want to simulate lost output packet */
1610 #define HIP_SIMULATE_PACKET_LOSS 1
1611@@ -836,7 +849,8 @@
1612 HIP_ASSERT(!hit_is_opportunistic_hit(&ctx->input_msg->hitr));
1613
1614 /* Case: I ----->IPv4---> RVS ---IPv6---> R */
1615- if (IN6_IS_ADDR_V4MAPPED(r1_src_addr) !=
1616+ if (!is_libhip_mode() &&
1617+ IN6_IS_ADDR_V4MAPPED(r1_src_addr) !=
1618 IN6_IS_ADDR_V4MAPPED(r1_dst_addr)) {
1619 HIP_DEBUG_IN6ADDR("r1_src_addr", r1_src_addr);
1620 HIP_DEBUG_IN6ADDR("r1_dst_addr", r1_dst_addr);
1621@@ -1203,6 +1217,9 @@
1622 goto out_err;
1623 }
1624
1625+ if (is_libhip_mode()) {
1626+ udp = 1;
1627+ }
1628 dst_is_ipv4 = IN6_IS_ADDR_V4MAPPED(peer_addr);
1629 len = hip_get_msg_total_len(msg);
1630
1631@@ -1231,13 +1248,16 @@
1632 if (local_addr) {
1633 HIP_DEBUG("local address given\n");
1634 memcpy(&my_addr, local_addr, sizeof(struct in6_addr));
1635- } else {
1636+ } else if (!is_libhip_mode()) {
1637 HIP_DEBUG("no local address, selecting one\n");
1638 HIP_IFEL(hip_select_source_address(&my_addr, peer_addr), -1,
1639 "Cannot find source address\n");
1640+ } else {
1641+ memset(&my_addr, 0, sizeof(my_addr));
1642 }
1643
1644- src_is_ipv4 = IN6_IS_ADDR_V4MAPPED(&my_addr);
1645+ src_is_ipv4 = IN6_IS_ADDR_V4MAPPED(&my_addr) ||
1646+ (dst_is_ipv4 && ipv6_addr_any(&my_addr));
1647
1648 if (src_is_ipv4) {
1649 IPV6_TO_IPV4_MAP(&my_addr, &src4->sin_addr);
1650@@ -1252,7 +1272,6 @@
1651 if (dst_is_ipv4) {
1652 IPV6_TO_IPV4_MAP(peer_addr, &dst4->sin_addr);
1653 dst4->sin_family = AF_INET;
1654-
1655 HIP_DEBUG_INADDR("dst4", &dst4->sin_addr);
1656 } else {
1657 memcpy(&dst6->sin6_addr, peer_addr, sizeof(struct in6_addr));
1658@@ -1291,9 +1310,10 @@
1659
1660 /* Handover may cause e.g. on-link duplicate address detection
1661 * which may cause bind to fail. */
1662-
1663- HIP_IFEL(bind(hip_raw_sock_output, (struct sockaddr *) &src, sa_size),
1664- -1, "Binding to raw sock failed\n");
1665+ if (!is_libhip_mode()) {
1666+ HIP_IFEL(bind(hip_raw_sock_output, (struct sockaddr *) &src, sa_size),
1667+ -1, "Binding to raw sock failed\n");
1668+ }
1669
1670 #if (HIP_SIMULATE_PACKET_LOSS_PROBABILITY > 0)
1671 if (HIP_SIMULATE_PACKET_LOSS && HIP_SIMULATE_PACKET_IS_LOST()) {
1672@@ -1310,18 +1330,25 @@
1673 len = hip_get_msg_total_len(msg);
1674
1675 if (udp) {
1676- struct udphdr *uh = (struct udphdr *) msg;
1677-
1678- /* Insert 32 bits of zero bytes between UDP and HIP */
1679- memmove((char *) msg + HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr), msg, len);
1680- memset(msg, 0, HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr));
1681- len += HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr);
1682-
1683- uh->source = htons(src_port);
1684- uh->dest = htons(dst_port);
1685- uh->len = htons(len);
1686- uh->check = 0;
1687- memmoved = 1;
1688+ if (!is_libhip_mode()) {
1689+ /* Insert 32 bits of zero bytes between UDP and HIP */
1690+ memmove((char *) msg + HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr), msg, len);
1691+ memset(msg, 0, HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr));
1692+ len += HIP_UDP_ZERO_BYTES_LEN + sizeof(struct udphdr);
1693+
1694+ struct udphdr *uh = (struct udphdr *) msg;
1695+ uh->source = htons(src_port);
1696+ uh->dest = htons(dst_port);
1697+ uh->len = htons(len);
1698+ uh->check = 0;
1699+ } else {
1700+ memmove((char *) msg + HIP_UDP_ZERO_BYTES_LEN, msg, len);
1701+ memset(msg, 0, HIP_UDP_ZERO_BYTES_LEN);
1702+ len += HIP_UDP_ZERO_BYTES_LEN;
1703+
1704+ dst4->sin_port = htons(dst_port);
1705+ }
1706+ memmoved = 1;
1707 }
1708
1709 sent = sendto(hip_raw_sock_output, msg, len, 0,
1710
1711=== renamed file 'hipd/output.h' => 'lib/hipdaemon/output.h'
1712--- hipd/output.h 2011-11-25 17:56:24 +0000
1713+++ lib/hipdaemon/output.h 2012-02-09 14:35:25 +0000
1714@@ -35,6 +35,17 @@
1715 extern int hip_raw_sock_v6;
1716 extern int hip_raw_sock_v4;
1717
1718+extern int hip_raw_sock_output_v6;
1719+extern int hip_raw_sock_output_v4;
1720+extern int hip_nat_sock_output_udp;
1721+extern int hip_nat_sock_output_udp_v6;
1722+
1723+extern int is_active_mhaddr;
1724+extern int is_hard_handover;
1725+extern int hip_shotgun_status;
1726+extern int hip_encrypt_i2_hi;
1727+extern int hip_locator_status;
1728+extern int hip_transform_order;
1729
1730 int hip_create_r1(struct hip_common *const msg,
1731 const struct in6_addr *const src_hit,
1732
1733=== renamed file 'hipd/pisa.c' => 'lib/hipdaemon/pisa.c'
1734=== renamed file 'hipd/pisa.h' => 'lib/hipdaemon/pisa.h'
1735=== renamed file 'hipd/pkt_handling.c' => 'lib/hipdaemon/pkt_handling.c'
1736=== renamed file 'hipd/pkt_handling.h' => 'lib/hipdaemon/pkt_handling.h'
1737=== renamed file 'hipd/registration.c' => 'lib/hipdaemon/registration.c'
1738=== renamed file 'hipd/registration.h' => 'lib/hipdaemon/registration.h'
1739=== added file 'lib/hipdaemon/socket_wrapper.c'
1740--- lib/hipdaemon/socket_wrapper.c 1970-01-01 00:00:00 +0000
1741+++ lib/hipdaemon/socket_wrapper.c 2012-02-09 14:35:25 +0000
1742@@ -0,0 +1,812 @@
1743+/*
1744+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
1745+ *
1746+ * Permission is hereby granted, free of charge, to any person
1747+ * obtaining a copy of this software and associated documentation
1748+ * files (the "Software"), to deal in the Software without
1749+ * restriction, including without limitation the rights to use,
1750+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
1751+ * copies of the Software, and to permit persons to whom the
1752+ * Software is furnished to do so, subject to the following
1753+ * conditions:
1754+ *
1755+ * The above copyright notice and this permission notice shall be
1756+ * included in all copies or substantial portions of the Software.
1757+ *
1758+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
1759+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
1760+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
1761+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
1762+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
1763+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
1764+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
1765+ * OTHER DEALINGS IN THE SOFTWARE.
1766+ */
1767+
1768+/**
1769+ * @file
1770+ * This file contains implementation of libhip API.
1771+ *
1772+ */
1773+
1774+#define _BSD_SOURCE
1775+
1776+#include <string.h>
1777+#include <unistd.h>
1778+
1779+#include "lib/core/builder.h"
1780+#include "lib/core/conf.h"
1781+#include "lib/core/crypto.h"
1782+#include "lib/core/hip_udp.h"
1783+#include "lib/core/linkedlist.h"
1784+#include "lib/core/message.h"
1785+#include "lib/core/prefix.h"
1786+#include "close.h"
1787+#include "hadb.h"
1788+#include "hidb.h"
1789+#include "init.h"
1790+#include "input.h"
1791+#include "netdev.h"
1792+#include "output.h"
1793+#include "socket_wrapper.h"
1794+
1795+struct hip_fd_info {
1796+ int fd;
1797+ int bound_port;
1798+ int family;
1799+ int proto;
1800+ struct hip_hadb_state *ha;
1801+};
1802+
1803+static struct hip_ll socket_list;
1804+static struct in6_addr default_hit;
1805+
1806+static uint16_t get_port_from_saddr(const struct sockaddr *addr)
1807+{
1808+ const struct sockaddr_in *addr4;
1809+ const struct sockaddr_in6 *addr6;
1810+
1811+ if (addr->sa_family == AF_INET) {
1812+ addr4 = (const struct sockaddr_in *) addr;
1813+ return addr4->sin_port;
1814+ } else {
1815+ addr6 = (const struct sockaddr_in6 *) addr;
1816+ return addr6->sin6_port;
1817+ }
1818+}
1819+
1820+/**
1821+ * Build a suitable sockaddr_storage.
1822+ * If the addr is V4MAPPED, the storage family will be INET4.
1823+ * Otherwise the sotrage family will be INET6.
1824+ *
1825+ * @param addr a V6 addr or V4MAPPED addr
1826+ * @param port port number (in NETWORK order)
1827+ * @param ss the sockaddr_storage to be filled.
1828+ */
1829+static void build_sockaddr(struct in6_addr *const addr, const uint16_t port,
1830+ struct sockaddr_storage *const ss)
1831+{
1832+ HIP_ASSERT(addr && ss);
1833+ memset(ss, 0, sizeof(struct sockaddr_storage));
1834+
1835+ if (IN6_IS_ADDR_V4MAPPED(addr)) {
1836+ struct sockaddr_in *const in = (struct sockaddr_in *) ss;
1837+ in->sin_family = AF_INET;
1838+ IPV6_TO_IPV4_MAP(addr, &in->sin_addr);
1839+ in->sin_port = port;
1840+ } else {
1841+ struct sockaddr_in6 *const in6 = (struct sockaddr_in6 *) ss;
1842+ in6->sin6_family = AF_INET6;
1843+ ipv6_addr_copy(&in6->sin6_addr, addr);
1844+ in6->sin6_port = port;
1845+ }
1846+}
1847+
1848+/**
1849+ * Create a new hip socket info struct and insert it into global list.
1850+ *
1851+ * @param fd file descriptor of the socket
1852+ * @param bound_port the port number which this @fd bound to (in HOST order)
1853+ * @param family the address family of this @fd (INET or INET6)
1854+ * @param proto the protocol of this @fd (TCP or UDP)
1855+ * @return pointer of the new struct, NULL if we fail to create it.
1856+ */
1857+static struct hip_fd_info *create_new_fd_info(const int fd,
1858+ const uint16_t bound_port,
1859+ const int family, const int proto)
1860+{
1861+ int err = 0;
1862+ struct hip_fd_info *fd_info_new = NULL;
1863+
1864+ fd_info_new = malloc(sizeof(struct hip_fd_info));
1865+ HIP_IFEL(!fd_info_new, -1, "malloc()\n");
1866+ memset(fd_info_new, 0, sizeof(struct hip_fd_info));
1867+ HIP_IFEL(hip_ll_add_last(&socket_list, fd_info_new),
1868+ -1, "Error adding FD info struct to list\n");
1869+ fd_info_new->fd = fd;
1870+ fd_info_new->bound_port = bound_port;
1871+ fd_info_new->family = family;
1872+ fd_info_new->proto = proto;
1873+
1874+out_err:
1875+ if (err) {
1876+ free(fd_info_new);
1877+ fd_info_new = NULL;
1878+ }
1879+ return fd_info_new;
1880+}
1881+
1882+/**
1883+ * Get information on a socket by FD
1884+ *
1885+ * @param fd file descriptor of the socket
1886+ * @return a structure containing information on the status of the socket
1887+ * or NULL if none is found
1888+ */
1889+static struct hip_fd_info *hip_socket_get_info(int fd)
1890+{
1891+ const struct hip_ll_node *current = NULL;
1892+ struct hip_fd_info *fd_info;
1893+
1894+ while ((current = hip_ll_iterate(&socket_list, current))) {
1895+ fd_info = current->ptr;
1896+ if (fd_info->fd == fd) {
1897+ return fd_info;
1898+ }
1899+ }
1900+
1901+ return NULL;
1902+}
1903+
1904+/**
1905+ * Automatically bind a port for hip_fd_info struct.
1906+ * If the bound_port of hip_fd_info is not zero, this function does nothing.
1907+ *
1908+ * @param info hip_fd_info struct
1909+ * @return 0 if it successes, -1 on error
1910+ */
1911+static int auto_bind(const struct hip_fd_info *info)
1912+{
1913+ struct sockaddr_storage ss = { 0 };
1914+ struct sockaddr_in *addr4;
1915+ struct sockaddr_in6 *addr6;
1916+
1917+ if (info->bound_port != 0) {
1918+ HIP_ERROR("A bound port exists, auto_bind stops\n");
1919+ return -1;
1920+ }
1921+
1922+ if (info->family == AF_INET) {
1923+ ss.ss_family = AF_INET;
1924+ addr4 = (struct sockaddr_in *) &ss;
1925+ addr4->sin_port = 0;
1926+ return hip_bind(info->fd, (struct sockaddr *) addr4, sizeof(ss));
1927+ } else {
1928+ ss.ss_family = AF_INET6;
1929+ addr6 = (struct sockaddr_in6 *) &ss;
1930+ addr6->sin6_port = 0;
1931+ return hip_bind(info->fd, (struct sockaddr *) addr6, sizeof(ss));
1932+ }
1933+}
1934+
1935+/**
1936+ * Initialization function for socket wrapper functionality
1937+ */
1938+void hip_init_socket_wrapper(void)
1939+{
1940+ hip_ll_init(&socket_list);
1941+ memset(&default_hit, 0, sizeof(default_hit));
1942+}
1943+
1944+/**
1945+ * Add peer hit-addr mapping to hadb.
1946+ * @param peer_hit peer's hit
1947+ * @param peer_addr peer's addr, v4 addr should be mapped.
1948+ * @return 0 if success, -1 otherwise.
1949+ */
1950+int add_peer_info(const hip_hit_t *peer_hit,
1951+ const struct in6_addr *peer_addr)
1952+{
1953+ return hip_hadb_add_peer_info(peer_hit, peer_addr, NULL, NULL);
1954+}
1955+
1956+static void set_hip_connection_parameters(int sock_fd, int local_port,
1957+ int remote_port)
1958+{
1959+ HIP_DEBUG("fd = %d, lport = %d, rport= %d\n", sock_fd, local_port, remote_port);
1960+ hip_nat_sock_output_udp = sock_fd;
1961+ hip_raw_sock_output_v4 = sock_fd;
1962+ hip_raw_sock_output_v6 = sock_fd;
1963+ hip_set_local_nat_udp_port(local_port);
1964+ hip_set_peer_nat_udp_port(remote_port);
1965+}
1966+
1967+/**
1968+ * Check whether a received packet is a HIP control packet
1969+ *
1970+ * @param buf buffer containing the received data
1971+ * @param len size of @buf
1972+ * @param fd_info information of the socket the data was received on
1973+ * @return
1974+ */
1975+static int hip_is_control_msg(char *buf, unsigned int len,
1976+ struct hip_fd_info *fd_info)
1977+{
1978+ char udp_pad[HIP_UDP_ZERO_BYTES_LEN] = { 0 };
1979+ struct hip_common *msg;
1980+ struct sockaddr_storage src = { 0 };
1981+ struct sockaddr_storage dst = { 0 };
1982+
1983+ if (len < sizeof(struct hip_common)) {
1984+ return 0;
1985+ }
1986+
1987+ if (!memcmp(udp_pad, buf, HIP_UDP_ZERO_BYTES_LEN)) {
1988+ HIP_DEBUG("Message is padded\n");
1989+ msg = (struct hip_common *) (buf + HIP_UDP_ZERO_BYTES_LEN);
1990+ len -= HIP_UDP_ZERO_BYTES_LEN;
1991+ } else {
1992+ msg = (struct hip_common *) buf;
1993+ }
1994+
1995+ src.ss_family = fd_info->family;
1996+ dst.ss_family = fd_info->family;
1997+
1998+ if (fd_info->family == AF_INET) {
1999+ struct sockaddr_in *src4 = (struct sockaddr_in *) &src;
2000+ struct sockaddr_in *dst4 = (struct sockaddr_in *) &dst;
2001+
2002+ src4->sin_port = fd_info->ha->peer_udp_port;
2003+ dst4->sin_port = fd_info->ha->local_udp_port;
2004+
2005+ IPV6_TO_IPV4_MAP(&fd_info->ha->peer_addr, &src4->sin_addr);
2006+ IPV6_TO_IPV4_MAP(&fd_info->ha->our_addr, &dst4->sin_addr);
2007+
2008+ HIP_DEBUG_INADDR("src", &src4->sin_addr);
2009+ HIP_DEBUG_INADDR("dst", &dst4->sin_addr);
2010+ } else if (fd_info->family == AF_INET6) {
2011+ struct sockaddr_in6 *src6 = (struct sockaddr_in6 *) &src;
2012+ struct sockaddr_in6 *dst6 = (struct sockaddr_in6 *) &dst;
2013+
2014+ src6->sin6_port = fd_info->ha->peer_udp_port;
2015+ dst6->sin6_port = fd_info->ha->local_udp_port;
2016+
2017+ memcpy(&src6->sin6_addr, &fd_info->ha->peer_addr,
2018+ sizeof(struct in6_addr));
2019+ memcpy(&dst6->sin6_addr, &fd_info->ha->our_addr,
2020+ sizeof(struct in6_addr));
2021+
2022+ HIP_DEBUG_IN6ADDR("src", &src6->sin6_addr);
2023+ HIP_DEBUG_IN6ADDR("dst", &dst6->sin6_addr);
2024+ }
2025+
2026+ return !hip_verify_network_header(msg, (struct sockaddr *) &src,
2027+ (struct sockaddr *) &dst, len);
2028+}
2029+
2030+/**
2031+ * Initiate and perform a base exchange with a peer.
2032+ *
2033+ * @param fd file descriptor
2034+ * @param dst_hit_sockaddr hit of the peer to be contacted
2035+ * @return 0 on success, -1 otherwise
2036+ */
2037+static int hip_do_bex(int fd, const struct sockaddr_in6 *dst_hit_sockaddr)
2038+{
2039+ struct in6_addr dst_hit;
2040+ struct in6_addr dst_addr;
2041+ struct hip_packet_context ctx = { 0 };
2042+ struct hip_fd_info *fd_info;
2043+
2044+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2045+ HIP_ERROR("No socket info found.\n");
2046+ return -1;
2047+ }
2048+
2049+ hip_get_default_hit(&default_hit);
2050+
2051+ memcpy(&dst_hit, &dst_hit_sockaddr->sin6_addr, sizeof(dst_hit));
2052+ if (hip_map_id_to_addr(&dst_hit, NULL, &dst_addr) < 0) {
2053+ return -1;
2054+ }
2055+ if (ipv6_addr_any(&dst_addr)) {
2056+ HIP_ERROR("Couldn't map HIT to IP\n");
2057+ return -1;
2058+ }
2059+
2060+ set_hip_connection_parameters(fd, fd_info->bound_port,
2061+ ntohs(dst_hit_sockaddr->sin6_port));
2062+ if (netdev_trigger_bex(&default_hit, &dst_hit,
2063+ NULL, NULL, NULL, &dst_addr) < 0) {
2064+ HIP_ERROR("Couldn't start base exchange.\n");
2065+ return -1;
2066+ }
2067+
2068+ ctx.input_msg = hip_msg_alloc();
2069+ ctx.output_msg = hip_msg_alloc();
2070+
2071+ fd_info->ha = hip_hadb_find_byhits(&default_hit, &dst_hit);
2072+
2073+ do {
2074+ if (fd_info->proto == IPPROTO_TCP) {
2075+ if (!hip_read_control_msg_tcp(fd, &ctx)) {
2076+ hip_receive_control_packet(&ctx);
2077+ }
2078+ } else if (fd_info->family == AF_INET) {
2079+ if (!hip_read_control_msg_v4(fd, &ctx, HIP_UDP_ZERO_BYTES_LEN)) {
2080+ hip_receive_control_packet(&ctx);
2081+ }
2082+ } else {
2083+ if (!hip_read_control_msg_v6(fd, &ctx, HIP_UDP_ZERO_BYTES_LEN)) {
2084+ hip_receive_control_packet(&ctx);
2085+ }
2086+ }
2087+ } while (fd_info->ha->state != HIP_STATE_ESTABLISHED);
2088+
2089+ fd_info->ha->local_udp_port = fd_info->bound_port;
2090+
2091+ free(ctx.input_msg);
2092+ free(ctx.output_msg);
2093+ return 0;
2094+}
2095+
2096+/**
2097+ * Wait for an I1 packet and perform base exchange.
2098+ *
2099+ * @param fd file descriptor of the socket to receive from
2100+ * @param peer_addr peer's locator
2101+ * @return 0 on success, -1 otherwise
2102+ */
2103+static int hip_await_bex(struct hip_fd_info *fd_info, struct sockaddr *peer_addr)
2104+{
2105+ int fd = fd_info->fd;
2106+ struct hip_packet_context ctx = { 0 };
2107+
2108+ ctx.input_msg = hip_msg_alloc();
2109+ ctx.output_msg = hip_msg_alloc();
2110+
2111+ set_hip_connection_parameters(fd, fd_info->bound_port,
2112+ ntohs(get_port_from_saddr(peer_addr)));
2113+
2114+ do {
2115+ if (fd_info->proto == IPPROTO_TCP) {
2116+ if (!hip_read_control_msg_tcp(fd, &ctx) &&
2117+ !hip_receive_control_packet(&ctx)) {
2118+ fd_info->ha = hip_hadb_find_byhits(&ctx.input_msg->hitr,
2119+ &ctx.input_msg->hits);
2120+ }
2121+ } else if (fd_info->family == AF_INET) {
2122+ if (!hip_read_control_msg_v4(fd, &ctx, HIP_UDP_ZERO_BYTES_LEN) &&
2123+ !hip_receive_control_packet(&ctx)) {
2124+ fd_info->ha = hip_hadb_find_byhits(&ctx.input_msg->hitr,
2125+ &ctx.input_msg->hits);
2126+ }
2127+ } else {
2128+ if (!hip_read_control_msg_v6(fd, &ctx, HIP_UDP_ZERO_BYTES_LEN) &&
2129+ !hip_receive_control_packet(&ctx)) {
2130+ fd_info->ha = hip_hadb_find_byhits(&ctx.input_msg->hitr,
2131+ &ctx.input_msg->hits);
2132+ }
2133+ }
2134+ } while (!fd_info->ha || fd_info->ha->state != HIP_STATE_ESTABLISHED);
2135+
2136+ fd_info->ha->local_udp_port = fd_info->bound_port;
2137+
2138+ free(ctx.input_msg);
2139+ free(ctx.output_msg);
2140+ return 0;
2141+}
2142+
2143+/**
2144+ * Create a socket and an information entry for it
2145+ *
2146+ * @param domain Communications domain for the socket
2147+ * @param type Socket type
2148+ * @param protocol Socket protocol
2149+ * @return file descriptor of the new socket on success, -1 otherwise
2150+ */
2151+int hip_socket(int domain, int type, int protocol)
2152+{
2153+ int sock;
2154+ int on = 1, off = 0, err = 0;
2155+ struct hip_fd_info *fd_info = NULL;
2156+
2157+ sock = socket(domain, type, protocol);
2158+
2159+ if (domain == AF_INET) {
2160+ setsockopt(sock, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on));
2161+ setsockopt(sock, IPPROTO_IP, IP_PKTINFO, &on, sizeof(on));
2162+ setsockopt(sock, IPPROTO_IP, IP_RECVERR, &off, sizeof(off));
2163+ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
2164+ } else {
2165+ setsockopt(sock, IPPROTO_IPV6, IPV6_RECVERR, &off, sizeof(off));
2166+ setsockopt(sock, IPPROTO_IPV6, IPV6_2292PKTINFO, &on, sizeof(on));
2167+ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
2168+ }
2169+
2170+ //TODO support IPV6
2171+ HIP_IFEL(domain == AF_INET6, -1, "No support for IPv6.\n");
2172+
2173+ fd_info = create_new_fd_info(sock, 0, domain, protocol);
2174+ HIP_IFEL(!fd_info, -1, "Fail to create hip socket info for fd: %d\n", sock);
2175+
2176+out_err:
2177+ if (err) {
2178+ close(sock);
2179+ return err;
2180+ }
2181+
2182+ return sock;
2183+}
2184+
2185+/**
2186+ * Close a socket. Sends CLOSE to the associated peer and deletes
2187+ * the socket information.
2188+ *
2189+ * @param fd file descriptor of the socket to be closed
2190+ * @return 0 if the socket was successfully closed, -1 otherwise
2191+ */
2192+int hip_close(int fd)
2193+{
2194+ int err = 0;
2195+ struct hip_common *msg = NULL;
2196+ struct hip_fd_info *fd_info = NULL;
2197+
2198+ fd_info = hip_socket_get_info(fd);
2199+ if (!fd_info || !fd_info->ha || fd_info->ha->state == HIP_STATE_CLOSED) {
2200+ HIP_DEBUG("Not sending CLOSE.\n");
2201+ goto skip_close_msg;
2202+ }
2203+
2204+ if (!(msg = hip_msg_alloc()) ||
2205+ hip_build_param_contents(msg, &fd_info->ha->hit_peer,
2206+ HIP_PARAM_HIT, sizeof(struct in6_addr)) ||
2207+ hip_send_close(msg, 1)) {
2208+ HIP_ERROR("Sending CLOSE failed\n");
2209+ goto skip_close_msg;
2210+ }
2211+
2212+skip_close_msg:
2213+ err = close(fd);
2214+
2215+ if (fd_info) {
2216+ hip_ll_del_by_ptr(&socket_list, fd_info, free);
2217+ }
2218+ free(msg);
2219+ return err;
2220+}
2221+
2222+/**
2223+ * Bind a socket to a local address
2224+ *
2225+ * @param fd file descriptor of the socket
2226+ * @param address address to bind to
2227+ * @param address_len length of @address
2228+ * @return 0 on success, -1 otherwise
2229+ */
2230+int hip_bind(int fd, const struct sockaddr *address, socklen_t address_len)
2231+{
2232+ struct hip_fd_info *fd_info;
2233+ struct sockaddr_storage laddr = { 0 };
2234+ socklen_t laddr_len = sizeof(laddr);
2235+ uint16_t request_port;
2236+
2237+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2238+ HIP_ERROR("Fd %d is not a hip socket, exiting.\n", fd);
2239+ return -1;
2240+ }
2241+
2242+ request_port = get_port_from_saddr(address);
2243+ if (bind(fd, address, address_len) < 0) {
2244+ HIP_PERROR("bind error:");
2245+ return -1;
2246+ }
2247+
2248+ /* Ask OS to get assigned port number */
2249+ if (request_port == 0) {
2250+ if (getsockname(fd, (struct sockaddr *) &laddr, &laddr_len) < 0) {
2251+ HIP_PERROR("getsockname() error: ");
2252+ return -1;
2253+ }
2254+ request_port = get_port_from_saddr((struct sockaddr *) &laddr);
2255+ }
2256+
2257+ fd_info->bound_port = ntohs(request_port);
2258+ HIP_DEBUG("bind to port %d\n", fd_info->bound_port);
2259+
2260+ return 0;
2261+}
2262+
2263+/**
2264+ * Send data to the peer associated with a socket. Triggers base exchange
2265+ * if no host association exists.
2266+ *
2267+ * @note Data is currently sent unencrypted.
2268+ *
2269+ * @param fd file descriptor of the socket to send from
2270+ * @param msg data to send
2271+ * @param len size of @data
2272+ * @param flags sendto() flags
2273+ * @param dst_hit HIT of the peer to send to
2274+ * @param dst_len size of @dst_hit
2275+ * @return number of bytes sent on success, -1 otherwise
2276+ */
2277+int hip_sendto(int fd, const void *msg, size_t len,
2278+ int flags, const struct sockaddr *dst_hit,
2279+ socklen_t dst_len)
2280+{
2281+ struct sockaddr_storage dst_addr;
2282+ uint16_t dst_port;
2283+ struct hip_fd_info *fd_info;
2284+
2285+ dst_port = ((const struct sockaddr_in6 *) dst_hit)->sin6_port;
2286+
2287+ if (dst_len != sizeof(struct sockaddr_in6)) {
2288+ HIP_ERROR("Only HITs are supported\n");
2289+ return -1;
2290+ }
2291+
2292+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2293+ HIP_ERROR("Fd %d is not a hip socket, exiting.\n", fd);
2294+ return -1;
2295+ }
2296+
2297+ /* Bind to a ephemeral port if the src port hasn't been bound yet */
2298+ if (fd_info->bound_port == 0) {
2299+ if (auto_bind(fd_info)) {
2300+ HIP_ERROR("Fail to bind the hip socket.\n");
2301+ return -1;
2302+ }
2303+ }
2304+
2305+ /* Start BEX if HA hasn't establised */
2306+ if (!fd_info->ha) {
2307+ if (hip_do_bex(fd, (const struct sockaddr_in6 *) dst_hit)) {
2308+ HIP_ERROR("Base exchange not successful.\n");
2309+ return -1;
2310+ }
2311+ }
2312+
2313+ /* Send user data */
2314+ build_sockaddr(&fd_info->ha->peer_addr, dst_port, &dst_addr);
2315+ return sendto(fd, msg, len, flags,
2316+ (struct sockaddr *) &dst_addr, sizeof(dst_addr));
2317+}
2318+
2319+/**
2320+ * Receive data from the peer associated with a socket.
2321+ * Waits for base exchange if no host association exists.
2322+ *
2323+ * @note Data is currently sent unencrypted.
2324+ *
2325+ * @param fd file descriptor of the socket to receive from
2326+ * @param msg buffer for received data
2327+ * @param len size of @buf
2328+ * @param flags recvfrom() flags
2329+ * @param addr buffer for the associated peer HIT
2330+ * @param addr_len size of @dst_hit
2331+ * @return number of bytes received on success, -1 otherwise
2332+ */
2333+int hip_recvfrom(int fd, void *buf, size_t len, int flags,
2334+ struct sockaddr *addr, socklen_t *addr_len)
2335+{
2336+ int err = 0;
2337+ socklen_t socklen = *addr_len;
2338+ struct sockaddr_in6 *peer_hit = (struct sockaddr_in6 *) addr;
2339+ struct in6_addr peer_addr = { { { 0 } } };
2340+ struct in6_addr *peer_addr6;
2341+ struct in_addr *peer_addr4;
2342+ struct hip_fd_info *fd_info = NULL;
2343+ struct hip_packet_context ctx = { 0 };
2344+ int (*read_control_msg)(int, struct hip_packet_context *, int) = NULL;
2345+
2346+
2347+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2348+ HIP_ERROR("Fd %d is not a hip socket, exiting.\n", fd);
2349+ return -1;
2350+ }
2351+
2352+ /* Bind to a ephemeral port if the src port hasn't been bound yet */
2353+ if (fd_info->bound_port == 0) {
2354+ if (auto_bind(fd_info)) {
2355+ HIP_ERROR("Fail to bind the hip socket.\n");
2356+ return -1;
2357+ }
2358+ }
2359+
2360+ /* Handle BEX if HA hasn't establised */
2361+ if (!fd_info->ha) {
2362+ if (hip_await_bex(fd_info, addr)) {
2363+ HIP_ERROR("Base exchange not successful.\n");
2364+ return -1;
2365+ }
2366+ }
2367+
2368+ ctx.input_msg = hip_msg_alloc();
2369+ ctx.output_msg = hip_msg_alloc();
2370+ read_control_msg = fd_info->family == AF_INET ? hip_read_control_msg_v4
2371+ : hip_read_control_msg_v6;
2372+
2373+ /* Loop until we get a non-control packet or a CLOSE packet */
2374+ while (fd_info->ha->state == HIP_STATE_ESTABLISHED) {
2375+ err = recvfrom(fd, buf, len, flags | MSG_PEEK, addr, &socklen);
2376+ HIP_DEBUG("Peek packet len: %d\n", err);
2377+ HIP_DEBUG("peer sockaddr: AF = %d, socklen = %d\n", addr->sa_family, socklen);
2378+ if (err < 0) {
2379+ perror("recvfrom");
2380+ }
2381+
2382+ /* Drop the packet if it doesn't come from the address associated
2383+ * with the correct peer. */
2384+ if (fd_info->proto == IPPROTO_UDP) {
2385+ if (addr->sa_family == AF_INET) {
2386+ peer_addr4 = &((struct sockaddr_in *) addr)->sin_addr;
2387+ IPV4_TO_IPV6_MAP(peer_addr4, &peer_addr);
2388+ peer_addr6 = &peer_addr;
2389+ } else {
2390+ peer_addr6 = &((struct sockaddr_in6 *) addr)->sin6_addr;
2391+ }
2392+ if (ipv6_addr_cmp(&fd_info->ha->peer_addr, peer_addr6)) {
2393+ HIP_DEBUG("Packet not from associated address. Dropping.\n");
2394+ HIP_DEBUG_IN6ADDR("expected", &fd_info->ha->peer_addr);
2395+ HIP_DEBUG_IN6ADDR("got", peer_addr6);
2396+ err = recvfrom(fd, buf, 1, flags, addr, &socklen);
2397+ HIP_IFEL(err < 0, err, "recvfrom()\n");
2398+ continue;
2399+ }
2400+ }
2401+
2402+ /* Receive message */
2403+ if (hip_is_control_msg(buf, err, fd_info)) {
2404+ HIP_DEBUG("receive a hip control message.\n");
2405+ if (fd_info->proto == IPPROTO_TCP) {
2406+ if (!hip_read_control_msg_tcp(fd, &ctx)) {
2407+ hip_receive_control_packet(&ctx);
2408+ }
2409+ } else if (!read_control_msg(fd, &ctx, HIP_UDP_ZERO_BYTES_LEN)) {
2410+ hip_receive_control_packet(&ctx);
2411+ } else {
2412+ HIP_ERROR("Error reading control packet\n");
2413+ }
2414+ err = 0;
2415+ } else {
2416+ HIP_DEBUG("receive a non hip control message.\n");
2417+ err = recvfrom(fd, buf, len, flags, addr, &socklen);
2418+ HIP_IFEL(err < 0, err, "recvfrom() error\n");
2419+ break;
2420+ }
2421+ }
2422+
2423+ if (peer_hit) {
2424+ memset(peer_hit, 0, *addr_len);
2425+ memcpy(&peer_hit->sin6_addr, &fd_info->ha->hit_peer,
2426+ sizeof(struct in6_addr));
2427+ peer_hit->sin6_port = fd_info->ha->peer_udp_port;
2428+ *addr_len = sizeof(struct sockaddr_in6);
2429+ }
2430+
2431+out_err:
2432+ free(ctx.input_msg);
2433+ free(ctx.output_msg);
2434+ return err;
2435+}
2436+
2437+/**
2438+ * Initiate a connection on a socket and perform base exchange as Initiator
2439+ *
2440+ * @param fd file descriptor of the socket
2441+ * @param addr peer HIT to connect to
2442+ * @param addr_len size of @addr
2443+ * @return 0 on success, -1 otherwise
2444+ */
2445+int hip_connect(int fd, const struct sockaddr *addr, socklen_t addr_len)
2446+{
2447+ uint16_t dst_port;
2448+ struct hip_fd_info *fd_info = NULL;
2449+ struct in6_addr dst_hit;
2450+ struct in6_addr dst_addr = { { { 0 } } };
2451+ struct sockaddr_storage ss;
2452+
2453+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2454+ HIP_ERROR("Fd %d is not a hip socket, exiting.\n", fd);
2455+ return -1;
2456+ }
2457+
2458+ if (addr_len != sizeof(struct sockaddr_in6)) {
2459+ HIP_ERROR("Invalid argument, Only HITs supported\n");
2460+ return -1;
2461+ }
2462+
2463+ dst_port = ((const struct sockaddr_in6 *) addr)->sin6_port;
2464+ ipv6_addr_copy(&dst_hit, &((const struct sockaddr_in6 *) addr)->sin6_addr);
2465+ if (ipv6_addr_any(&dst_hit)) {
2466+ HIP_ERROR("Invalid argument: The ANY dest address is not supported.\n");
2467+ return -1;
2468+ }
2469+
2470+ if (hip_map_id_to_addr(&dst_hit, NULL, &dst_addr) < 0) {
2471+ return -1;
2472+ }
2473+ if (ipv6_addr_any(&dst_addr)) {
2474+ HIP_ERROR("Couldn't map HIT to IP\n");
2475+ return -1;
2476+ }
2477+
2478+ HIP_DEBUG_IN6ADDR("Dest locator is: ", &dst_addr);
2479+ HIP_DEBUG("Dest locator is V4MAPPED: %d\n", IN6_IS_ADDR_V4MAPPED(&dst_addr));
2480+ build_sockaddr(&dst_addr, dst_port, &ss);
2481+
2482+ if (connect(fd, (struct sockaddr *) &ss, sizeof(ss)) < 0) {
2483+ HIP_PERROR("connect():");
2484+ return -1;
2485+ }
2486+
2487+ /* Bind to a ephemeral port if the src port hasn't been bound yet */
2488+ if (fd_info->bound_port == 0) {
2489+ if (auto_bind(fd_info)) {
2490+ HIP_ERROR("Fail to bind the hip socket.\n");
2491+ return -1;
2492+ }
2493+ }
2494+
2495+ if (hip_do_bex(fd, (const struct sockaddr_in6 *) addr) < 0) {
2496+ HIP_ERROR("Base exchange not successful.\n");
2497+ return -1;
2498+ }
2499+
2500+ return 0;
2501+}
2502+
2503+/**
2504+ * Wait for an incoming connection on a socket and perform base exchange as
2505+ * Responder
2506+ *
2507+ * @param fd file descriptor of the socket
2508+ * @param new_peer_hit buffer to store peer hit and port
2509+ * @param hit_len size of @new_peer_hit
2510+ * @return file descriptor of accepted socket, -1 on error
2511+ */
2512+int hip_accept(int fd, struct sockaddr *new_peer_hit, socklen_t *hit_len)
2513+{
2514+ int new_fd;
2515+ struct hip_fd_info *fd_info = NULL;
2516+ struct hip_fd_info *fd_info_new = NULL;
2517+ struct sockaddr_storage ss = { 0 };
2518+ socklen_t ss_len = sizeof(struct sockaddr_storage);
2519+ struct sockaddr_in6 *phit = NULL;
2520+
2521+ if (*hit_len < sizeof(struct sockaddr_in6)) {
2522+ return -1;
2523+ }
2524+
2525+ if ((fd_info = hip_socket_get_info(fd)) == NULL) {
2526+ HIP_ERROR("Fd %d is not a hip socket, exiting.\n", fd);
2527+ return -1;
2528+ }
2529+
2530+ new_fd = accept(fd, (struct sockaddr *) &ss, &ss_len);
2531+ if (new_fd < 0) {
2532+ HIP_PERROR("accept(): ");
2533+ return -1;
2534+ }
2535+
2536+ fd_info_new = create_new_fd_info(new_fd, fd_info->bound_port,
2537+ fd_info->family, fd_info->proto);
2538+
2539+ if (hip_await_bex(fd_info_new, (struct sockaddr *) &ss) < 0) {
2540+ HIP_ERROR("Base exchange not successful.\n");
2541+ return -1;
2542+ }
2543+
2544+ if (new_peer_hit) {
2545+ phit = (struct sockaddr_in6 *) new_peer_hit;
2546+ memset(phit, 0, *hit_len);
2547+ memcpy(&phit->sin6_addr, &fd_info_new->ha->hit_peer,
2548+ sizeof(struct in6_addr));
2549+ phit->sin6_port = get_port_from_saddr((struct sockaddr *) &ss);
2550+ *hit_len = sizeof(struct sockaddr_in6);
2551+ }
2552+
2553+ return new_fd;
2554+}
2555
2556=== added file 'lib/hipdaemon/socket_wrapper.h'
2557--- lib/hipdaemon/socket_wrapper.h 1970-01-01 00:00:00 +0000
2558+++ lib/hipdaemon/socket_wrapper.h 2012-02-09 14:35:25 +0000
2559@@ -0,0 +1,48 @@
2560+/*
2561+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
2562+ *
2563+ * Permission is hereby granted, free of charge, to any person
2564+ * obtaining a copy of this software and associated documentation
2565+ * files (the "Software"), to deal in the Software without
2566+ * restriction, including without limitation the rights to use,
2567+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
2568+ * copies of the Software, and to permit persons to whom the
2569+ * Software is furnished to do so, subject to the following
2570+ * conditions:
2571+ *
2572+ * The above copyright notice and this permission notice shall be
2573+ * included in all copies or substantial portions of the Software.
2574+ *
2575+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
2576+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
2577+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
2578+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
2579+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
2580+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
2581+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
2582+ * OTHER DEALINGS IN THE SOFTWARE.
2583+ */
2584+
2585+#ifndef HIPL_LIB_HIPDAEMON_SOCKET_WRAPPER_H
2586+#define HIPL_LIB_HIPDAEMON_SOCKET_WRAPPER_H
2587+
2588+#include <sys/socket.h>
2589+
2590+#include "lib/core/protodefs.h"
2591+
2592+void hip_init_socket_wrapper(void);
2593+int add_peer_info(const hip_hit_t *peer_hit,
2594+ const struct in6_addr *peer_addr);
2595+
2596+int hip_socket(int domain, int type, int protocol);
2597+int hip_close(int fd);
2598+int hip_bind(int fd, const struct sockaddr *address, socklen_t address_len);
2599+int hip_sendto(int fd, const void *msg, size_t len,
2600+ int flags, const struct sockaddr *dst_hit,
2601+ socklen_t dst_len);
2602+int hip_recvfrom(int fd, void *buf, size_t len, int flags,
2603+ struct sockaddr *addr, socklen_t *addr_len);
2604+int hip_connect(int fd, const struct sockaddr *addr, socklen_t addr_len);
2605+int hip_accept(int fd, struct sockaddr *addr, socklen_t *addr_len);
2606+
2607+#endif /* HIPL_LIB_HIPDAEMON_SOCKET_WRAPPER_H */
2608
2609=== renamed file 'hipd/user.c' => 'lib/hipdaemon/user.c'
2610--- hipd/user.c 2012-01-14 14:20:17 +0000
2611+++ lib/hipdaemon/user.c 2012-02-09 14:35:25 +0000
2612@@ -72,6 +72,7 @@
2613 #include "esp_prot_hipd_msg.h"
2614 #include "hadb.h"
2615 #include "hidb.h"
2616+#include "hip_socket.h"
2617 #include "hipd.h"
2618 #include "hiprelay.h"
2619 #include "hit_to_ip.h"
2620
2621=== renamed file 'hipd/user.h' => 'lib/hipdaemon/user.h'
2622=== renamed file 'hipd/user_ipsec_hipd_msg.c' => 'lib/hipdaemon/user_ipsec_hipd_msg.c'
2623--- hipd/user_ipsec_hipd_msg.c 2011-08-15 14:11:56 +0000
2624+++ lib/hipdaemon/user_ipsec_hipd_msg.c 2012-02-09 14:35:25 +0000
2625@@ -46,6 +46,11 @@
2626 #include "user_ipsec_sadb_api.h"
2627 #include "user_ipsec_hipd_msg.h"
2628
2629+/*Define hip_use_userspace_ipsec variable to indicate whether use
2630+ * userspace ipsec or not. If it is 1, hip uses the user space ipsec.
2631+ * It will not use if hip_use_userspace_ipsec = 0. Added By Tao Wan
2632+ */
2633+int hip_use_userspace_ipsec = 0;
2634
2635 /**
2636 * handles a userspace ipsec activation message sent by the fw
2637
2638=== renamed file 'hipd/user_ipsec_hipd_msg.h' => 'lib/hipdaemon/user_ipsec_hipd_msg.h'
2639=== renamed file 'hipd/user_ipsec_sadb_api.c' => 'lib/hipdaemon/user_ipsec_sadb_api.c'
2640=== renamed file 'hipd/user_ipsec_sadb_api.h' => 'lib/hipdaemon/user_ipsec_sadb_api.h'
2641=== modified file 'modules/heartbeat/hipd/heartbeat.c'
2642--- modules/heartbeat/hipd/heartbeat.c 2011-10-25 21:14:16 +0000
2643+++ modules/heartbeat/hipd/heartbeat.c 2012-02-09 14:35:25 +0000
2644@@ -66,14 +66,14 @@
2645 #include <sys/types.h>
2646 #include <sys/socket.h>
2647
2648-#include "hipd/hadb.h"
2649-#include "hipd/init.h"
2650-#include "hipd/hip_socket.h"
2651-#include "hipd/maintenance.h"
2652-#include "hipd/nat.h"
2653-#include "hipd/output.h"
2654-#include "hipd/pkt_handling.h"
2655-#include "hipd/user.h"
2656+#include "lib/hipdaemon/hadb.h"
2657+#include "lib/hipdaemon/init.h"
2658+#include "lib/hipdaemon/hip_socket.h"
2659+#include "lib/hipdaemon/maintenance.h"
2660+#include "lib/hipdaemon/nat.h"
2661+#include "lib/hipdaemon/output.h"
2662+#include "lib/hipdaemon/pkt_handling.h"
2663+#include "lib/hipdaemon/user.h"
2664 #include "lib/core/common.h"
2665 #include "lib/core/debug.h"
2666 #include "lib/core/icomm.h"
2667
2668=== modified file 'modules/heartbeat_update/hipd/hb_update.c'
2669--- modules/heartbeat_update/hipd/hb_update.c 2011-10-25 21:14:16 +0000
2670+++ modules/heartbeat_update/hipd/hb_update.c 2012-02-09 14:35:25 +0000
2671@@ -40,8 +40,8 @@
2672 #include <stdint.h>
2673 #include <stdlib.h>
2674
2675-#include "hipd/hadb.h"
2676-#include "hipd/maintenance.h"
2677+#include "lib/hipdaemon/hadb.h"
2678+#include "lib/hipdaemon/maintenance.h"
2679 #include "lib/core/builder.h"
2680 #include "lib/core/common.h"
2681 #include "lib/core/debug.h"
2682
2683=== modified file 'modules/midauth/hipd/midauth.c'
2684--- modules/midauth/hipd/midauth.c 2012-01-16 22:06:09 +0000
2685+++ modules/midauth/hipd/midauth.c 2012-02-09 14:35:25 +0000
2686@@ -33,8 +33,8 @@
2687 #include <stdint.h>
2688 #include <string.h>
2689
2690-#include "hipd/hidb.h"
2691-#include "hipd/pkt_handling.h"
2692+#include "lib/hipdaemon/hidb.h"
2693+#include "lib/hipdaemon/pkt_handling.h"
2694 #include "lib/core/builder.h"
2695 #include "lib/core/common.h"
2696 #include "lib/core/ife.h"
2697
2698=== modified file 'modules/update/hipd/update.c'
2699--- modules/update/hipd/update.c 2012-01-17 08:34:18 +0000
2700+++ modules/update/hipd/update.c 2012-02-09 14:35:25 +0000
2701@@ -37,17 +37,17 @@
2702 #include <string.h>
2703
2704 #include "config.h"
2705-#include "hipd/cookie.h"
2706-#include "hipd/hadb.h"
2707-#include "hipd/hidb.h"
2708-#include "hipd/hipd.h"
2709-#include "hipd/input.h"
2710-#include "hipd/maintenance.h"
2711-#include "hipd/netdev.h"
2712-#include "hipd/nsupdate.h"
2713-#include "hipd/output.h"
2714-#include "hipd/pkt_handling.h"
2715-#include "hipd/user.h"
2716+#include "lib/hipdaemon/cookie.h"
2717+#include "lib/hipdaemon/hadb.h"
2718+#include "lib/hipdaemon/hidb.h"
2719+#include "lib/hipdaemon/hipd.h"
2720+#include "lib/hipdaemon/input.h"
2721+#include "lib/hipdaemon/maintenance.h"
2722+#include "lib/hipdaemon/netdev.h"
2723+#include "lib/hipdaemon/nsupdate.h"
2724+#include "lib/hipdaemon/output.h"
2725+#include "lib/hipdaemon/pkt_handling.h"
2726+#include "lib/hipdaemon/user.h"
2727 #include "lib/core/builder.h"
2728 #include "lib/core/debug.h"
2729 #include "lib/core/hip_udp.h"
2730
2731=== modified file 'modules/update/hipd/update_builder.c'
2732--- modules/update/hipd/update_builder.c 2012-01-14 14:20:17 +0000
2733+++ modules/update/hipd/update_builder.c 2012-02-09 14:35:25 +0000
2734@@ -34,8 +34,8 @@
2735 #include <string.h>
2736 #include <errno.h>
2737
2738-#include "hipd/hadb.h"
2739-#include "hipd/hipd.h"
2740+#include "lib/hipdaemon/hadb.h"
2741+#include "lib/hipdaemon/netdev.h"
2742 #include "lib/core/builder.h"
2743 #include "lib/core/ife.h"
2744 #include "lib/core/list.h"
2745
2746=== modified file 'modules/update/hipd/update_locator.c'
2747--- modules/update/hipd/update_locator.c 2011-12-12 14:18:05 +0000
2748+++ modules/update/hipd/update_locator.c 2012-02-09 14:35:25 +0000
2749@@ -34,7 +34,7 @@
2750 #include <string.h>
2751 #include <openssl/lhash.h>
2752
2753-#include "hipd/maintenance.h"
2754+#include "lib/hipdaemon/maintenance.h"
2755 #include "lib/core/builder.h"
2756 #include "lib/core/debug.h"
2757 #include "lib/core/ife.h"
2758
2759=== added file 'test/check_hipnetcat.c'
2760--- test/check_hipnetcat.c 1970-01-01 00:00:00 +0000
2761+++ test/check_hipnetcat.c 2012-02-09 14:35:25 +0000
2762@@ -0,0 +1,208 @@
2763+/*
2764+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
2765+ *
2766+ * Permission is hereby granted, free of charge, to any person
2767+ * obtaining a copy of this software and associated documentation
2768+ * files (the "Software"), to deal in the Software without
2769+ * restriction, including without limitation the rights to use,
2770+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
2771+ * copies of the Software, and to permit persons to whom the
2772+ * Software is furnished to do so, subject to the following
2773+ * conditions:
2774+ *
2775+ * The above copyright notice and this permission notice shall be
2776+ * included in all copies or substantial portions of the Software.
2777+ *
2778+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
2779+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
2780+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
2781+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
2782+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
2783+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
2784+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
2785+ * OTHER DEALINGS IN THE SOFTWARE.
2786+ */
2787+
2788+/**
2789+ * @file
2790+ * @brief Tests of libhip (see doc/HACKING on unit tests).
2791+ */
2792+
2793+#include <arpa/inet.h>
2794+#include <stdlib.h>
2795+#include <stdio.h>
2796+#include <sys/wait.h>
2797+#include <sys/select.h>
2798+#include <unistd.h>
2799+#include <check.h>
2800+
2801+#include "lib/hipdaemon/hidb.h"
2802+#include "lib/hipdaemon/init.h"
2803+
2804+#define TEST_HIPNC_TIMEOUT 10
2805+
2806+static Suite *hipnc_suite(void);
2807+static void hipnc_test_start(char *serv_argv[], char *client_argv[]);
2808+
2809+START_TEST(test_hipnc_lo_tcp)
2810+{
2811+ char *serv_argv[16];
2812+ char *client_argv[16];
2813+ struct in6_addr local_hit = { { { 0 } } };
2814+ char hit_buf[128];
2815+ int idx = 0;
2816+
2817+ /* init */
2818+ fail_if(libhipd_init(), "fail to init libhip");
2819+ fail_if(hip_get_default_hit(&local_hit),
2820+ "fail to load local hit for hipnetcat startup");
2821+ fail_if(inet_ntop(AF_INET6, &local_hit, hit_buf, 128) == NULL,
2822+ "fail to parse hit to string.");
2823+
2824+ serv_argv[idx++] = strdup("hipnetcat");
2825+ serv_argv[idx++] = strdup("-l");
2826+ serv_argv[idx++] = strdup("-p");
2827+ serv_argv[idx++] = strdup("22300");
2828+ serv_argv[idx++] = strdup("-s");
2829+ serv_argv[idx++] = strdup("127.0.0.1");
2830+ serv_argv[idx++] = strdup("-t");
2831+ serv_argv[idx++] = (char *) 0;
2832+
2833+ idx = 0;
2834+ client_argv[idx++] = strdup("hipnetcat");
2835+ client_argv[idx++] = strdup("-p");
2836+ client_argv[idx++] = strdup("22345");
2837+ client_argv[idx++] = strdup("-s");
2838+ client_argv[idx++] = strdup("127.0.0.1");
2839+ client_argv[idx++] = strdup("-d");
2840+ client_argv[idx++] = strdup("22300");
2841+ client_argv[idx++] = strdup("-t");
2842+ client_argv[idx++] = strdup("127.0.0.1");
2843+ client_argv[idx++] = hit_buf;
2844+ client_argv[idx++] = (char *) 0;
2845+
2846+ hipnc_test_start(serv_argv, client_argv);
2847+}
2848+END_TEST
2849+
2850+START_TEST(test_hipnc_lo_udp)
2851+{
2852+ char *serv_argv[16];
2853+ char *client_argv[16];
2854+ struct in6_addr local_hit = { { { 0 } } };
2855+ char hit_buf[128];
2856+ int idx = 0;
2857+
2858+ /* init */
2859+ fail_if(libhipd_init(), "fail to init libhip");
2860+ fail_if(hip_get_default_hit(&local_hit),
2861+ "fail to load local hit for hipnetcat startup");
2862+ fail_if(inet_ntop(AF_INET6, &local_hit, hit_buf, 128) == NULL,
2863+ "fail to parse hit to string.");
2864+
2865+ serv_argv[idx++] = strdup("hipnetcat");
2866+ serv_argv[idx++] = strdup("-l");
2867+ serv_argv[idx++] = strdup("-p");
2868+ serv_argv[idx++] = strdup("22300");
2869+ serv_argv[idx++] = strdup("-s");
2870+ serv_argv[idx++] = strdup("127.0.0.1");
2871+ serv_argv[idx++] = (char *) 0;
2872+
2873+ idx = 0;
2874+ client_argv[idx++] = strdup("hipnetcat");
2875+ client_argv[idx++] = strdup("-p");
2876+ client_argv[idx++] = strdup("22345");
2877+ client_argv[idx++] = strdup("-s");
2878+ client_argv[idx++] = strdup("127.0.0.1");
2879+ client_argv[idx++] = strdup("-d");
2880+ client_argv[idx++] = strdup("22300");
2881+ client_argv[idx++] = strdup("127.0.0.1");
2882+ client_argv[idx++] = hit_buf;
2883+ client_argv[idx++] = (char *) 0;
2884+
2885+ hipnc_test_start(serv_argv, client_argv);
2886+}
2887+END_TEST
2888+
2889+static void hipnc_test_start(char *serv_argv[], char *client_argv[])
2890+{
2891+ pid_t serv_pid, client_pid, pid;
2892+ int status, i, j, round;
2893+ struct timeval tv;
2894+ int remain_cld = 2;
2895+
2896+ /* start hipnetcat server */
2897+ if ((pid = fork()) > 0) {
2898+ serv_pid = pid;
2899+ printf("server pid: %d\n", serv_pid);
2900+ }
2901+
2902+ if (pid == 0) {
2903+ if (execv("test/hipnetcat", serv_argv)) {
2904+ perror("execv");
2905+ return;
2906+ }
2907+ }
2908+
2909+ /* start hipnetcat client */
2910+ if ((pid = fork()) > 0) {
2911+ client_pid = pid;
2912+ printf("client_pid: %d\n", client_pid);
2913+ }
2914+
2915+ if (pid == 0) {
2916+ sleep(1);
2917+ if (execv("test/hipnetcat", client_argv)) {
2918+ perror("execv");
2919+ return;
2920+ }
2921+ }
2922+
2923+ /* check server & client status */
2924+ for (i = 0; i < TEST_HIPNC_TIMEOUT; i++) {
2925+ tv.tv_sec = 1;
2926+ tv.tv_usec = 0;
2927+ select(0, NULL, NULL, NULL, &tv);
2928+ round = remain_cld;
2929+ for (j = 0; j < round; j++) {
2930+ pid = waitpid(-1, &status, WNOHANG);
2931+ fail_if(pid > 0 && status != 0,
2932+ "hipnetcat failed");
2933+ if (pid > 0 && status == 0) {
2934+ remain_cld--;
2935+ if (remain_cld == 0) {
2936+ break;
2937+ }
2938+ }
2939+ }
2940+ }
2941+
2942+ fail_if(remain_cld > 0, "hipnetcat test timeout!");
2943+}
2944+
2945+static Suite *hipnc_suite()
2946+{
2947+ Suite *s = suite_create("hipnc");
2948+
2949+ TCase *tc_hipnc_lo = tcase_create("hipnc_lo");
2950+ tcase_add_test(tc_hipnc_lo, test_hipnc_lo_udp);
2951+ tcase_add_test(tc_hipnc_lo, test_hipnc_lo_tcp);
2952+ tcase_set_timeout(tc_hipnc_lo, 20);
2953+ suite_add_tcase(s, tc_hipnc_lo);
2954+
2955+ return s;
2956+}
2957+
2958+int main(void)
2959+{
2960+ int number_failed;
2961+
2962+ Suite *s = hipnc_suite();
2963+ SRunner *sr = srunner_create(s);
2964+ srunner_run_all(sr, CK_NORMAL);
2965+
2966+ number_failed = srunner_ntests_failed(sr);
2967+ srunner_free(sr);
2968+
2969+ return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2970+}
2971
2972=== modified file 'test/hipd/lsidb.c'
2973--- test/hipd/lsidb.c 2012-01-18 21:09:47 +0000
2974+++ test/hipd/lsidb.c 2012-02-09 14:35:25 +0000
2975@@ -26,7 +26,7 @@
2976 #include <check.h>
2977 #include <stdlib.h>
2978
2979-#include "hipd/lsidb.c"
2980+#include "lib/hipdaemon/lsidb.c"
2981 #include "test_suites.h"
2982
2983 START_TEST(test_lsidb_allocate_lsi_valid)
2984
2985=== added file 'test/hipnetcat.c'
2986--- test/hipnetcat.c 1970-01-01 00:00:00 +0000
2987+++ test/hipnetcat.c 2012-02-09 14:35:25 +0000
2988@@ -0,0 +1,370 @@
2989+/*
2990+ * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University.
2991+ *
2992+ * Permission is hereby granted, free of charge, to any person
2993+ * obtaining a copy of this software and associated documentation
2994+ * files (the "Software"), to deal in the Software without
2995+ * restriction, including without limitation the rights to use,
2996+ * copy, modify, merge, publish, distribute, sublicense, and/or sell
2997+ * copies of the Software, and to permit persons to whom the
2998+ * Software is furnished to do so, subject to the following
2999+ * conditions:
3000+ *
3001+ * The above copyright notice and this permission notice shall be
3002+ * included in all copies or substantial portions of the Software.
3003+ *
3004+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
3005+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
3006+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
3007+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
3008+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
3009+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
3010+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
3011+ * OTHER DEALINGS IN THE SOFTWARE.
3012+ */
3013+
3014+/**
3015+ * @file
3016+ * The hipnetcat sample program using libhip.
3017+ *
3018+ */
3019+
3020+#define _BSD_SOURCE
3021+
3022+#include <arpa/inet.h>
3023+#include <errno.h>
3024+#include <netdb.h>
3025+#include <netinet/in.h>
3026+#include <stdio.h>
3027+#include <stdlib.h>
3028+#include <string.h>
3029+#include <unistd.h>
3030+
3031+#include "lib/core/debug.h"
3032+#include "lib/core/hip_udp.h"
3033+#include "lib/core/ife.h"
3034+#include "lib/core/linkedlist.h"
3035+#include "lib/core/prefix.h"
3036+#include "lib/hipdaemon/init.h"
3037+#include "lib/hipdaemon/socket_wrapper.h"
3038+
3039+#define HIPNC_SERVER_MODE 0x0001
3040+#define HIPNC_UDP_MODE 0x0002
3041+#define HIPNC_IP6 0x0004
3042+
3043+static int dst_port = HIP_NAT_UDP_PORT;
3044+static unsigned int hipnc_flag = HIPNC_UDP_MODE & ~HIPNC_SERVER_MODE & ~HIPNC_IP6;
3045+static struct sockaddr_storage local_ss = { 0 };
3046+static struct hip_ll hit_list = HIP_LL_INIT;
3047+static struct hip_ll locator_list = HIP_LL_INIT;
3048+
3049+
3050+static int create_hip_socket(unsigned int flag)
3051+{
3052+ return hip_socket((flag & HIPNC_IP6) ? AF_INET6 : AF_INET,
3053+ (flag & HIPNC_UDP_MODE) ? SOCK_DGRAM : SOCK_STREAM,
3054+ (flag & HIPNC_UDP_MODE) ? IPPROTO_UDP : IPPROTO_TCP);
3055+}
3056+
3057+static int hipnc_run_client(const unsigned int flag, struct sockaddr *local_addr,
3058+ socklen_t addr_len,
3059+ struct sockaddr_in6 *peer_hit_saddr)
3060+{
3061+ int fd, err = 0, len = 0;
3062+ char buf[256] = { 0 };
3063+
3064+ fd = create_hip_socket(flag);
3065+ HIP_IFEL(fd < 0, -1, "Fail to create hip socket: %s\n", strerror(errno));
3066+
3067+ HIP_IFEL(hip_bind(fd, local_addr, addr_len), -1, "HIP bind error\n");
3068+
3069+ if (!(flag & HIPNC_UDP_MODE)) {
3070+ HIP_IFEL(hip_connect(fd, (struct sockaddr *) peer_hit_saddr,
3071+ sizeof(struct sockaddr_in6)),
3072+ -1, "connect()\n");
3073+ }
3074+
3075+ sprintf(buf, "Hello, sailor!");
3076+ len = hip_sendto(fd, buf, sizeof(buf), 0,
3077+ (struct sockaddr *) peer_hit_saddr,
3078+ sizeof(struct sockaddr_in6));
3079+
3080+ HIP_INFO("Sent %d bytes\n", len);
3081+ if (len < 0) {
3082+ err = -1;
3083+ }
3084+
3085+out_err:
3086+ if (fd > 0) {
3087+ hip_close(fd);
3088+ }
3089+
3090+ return err;
3091+}
3092+
3093+static int hipnc_run_server(const unsigned int flag, struct sockaddr *local_addr,
3094+ socklen_t addr_len)
3095+{
3096+ int fd;
3097+ int err = 0, len = 0;
3098+ int new_fd = 0;
3099+ struct sockaddr_in6 peer_hit_saddr = { 0 };
3100+ socklen_t socklen = sizeof(peer_hit_saddr);
3101+ char buf[256] = { 0 };
3102+
3103+ fd = create_hip_socket(flag);
3104+ HIP_IFEL(fd < 0, -1, "Fail to create hip socket\n", strerror(errno));
3105+
3106+ HIP_IFEL(hip_bind(fd, local_addr, addr_len), -1, "HIP bind error\n");
3107+
3108+ if (!(flag & HIPNC_UDP_MODE)) {
3109+ HIP_IFEL(listen(fd, 0), -1, "listen()\n");
3110+ new_fd = hip_accept(fd, (struct sockaddr *) &peer_hit_saddr, &socklen);
3111+ HIP_IFEL(new_fd < 0, -1, "accept()\n");
3112+ } else {
3113+ new_fd = fd;
3114+ }
3115+
3116+ while ((len = hip_recvfrom(new_fd, buf, sizeof(buf), 0,
3117+ (struct sockaddr *) &peer_hit_saddr,
3118+ &socklen)) > 0) {
3119+ HIP_INFO("Received %d bytes\n", len);
3120+ printf("%s\n", buf);
3121+ HIP_INFO_IN6ADDR("Peer HIT", &peer_hit_saddr.sin6_addr);
3122+ }
3123+
3124+ if (len < 0) {
3125+ perror("hip_recvfrom");
3126+ err = len;
3127+ }
3128+
3129+out_err:
3130+ if (new_fd > 0) {
3131+ close(new_fd);
3132+ }
3133+ if (fd > 0) {
3134+ hip_close(fd);
3135+ }
3136+
3137+ return err;
3138+}
3139+
3140+static void usage(void)
3141+{
3142+ printf("HIP netcat program.\n"
3143+ "Usage: hipnetcat [-hlt] [-p source_port] [-s source_ip_address]\n"
3144+ " [-d dest_port] [peer_identifier[s]]\n\n"
3145+ " -h: help\n"
3146+ " -l: Listening mode, hip netcat acts as the server side.\n"
3147+ " -t: Using TCP as transportation protocol, otherwise UDP will be used.\n");
3148+}
3149+
3150+static int parse_source_to_ss(const char *ip, int port, struct sockaddr_storage *ss)
3151+{
3152+ struct sockaddr_in *sa4;
3153+ struct sockaddr_in6 *sa6;
3154+ int err = 0;
3155+
3156+ sa4 = (struct sockaddr_in *) ss;
3157+ sa6 = (struct sockaddr_in6 *) ss;
3158+
3159+ ss->ss_family = AF_INET;
3160+ sa4->sin_port = htons(port);
3161+ hipnc_flag &= ~HIPNC_IP6;
3162+ err = inet_pton(AF_INET, ip, &sa4->sin_addr);
3163+
3164+ if (err <= 0) {
3165+ memset(ss, 0, sizeof(*ss));
3166+ ss->ss_family = AF_INET6;
3167+ sa6->sin6_port = htons(port);
3168+ hipnc_flag |= HIPNC_IP6;
3169+ err = inet_pton(AF_INET6, ip, &sa6->sin6_addr);
3170+ }
3171+
3172+ return (err <= 0) ? -1 : 0;
3173+}
3174+
3175+static int parse_arguments(int argc, char *argv[])
3176+{
3177+ int err = 0;
3178+ char opt = 0, *arg = NULL;
3179+ const char *src_ip = "0.0.0.0";
3180+ int src_port = HIP_NAT_UDP_PORT;
3181+ struct in_addr inaddr4;
3182+ struct in6_addr inaddr6;
3183+ struct in6_addr *paddr6 = NULL;
3184+ char addr_buf[256];
3185+
3186+ /* Parsing input arguments */
3187+ while ((opt = getopt(argc, argv, "hltp:d:s:")) != -1) {
3188+ switch (opt) {
3189+ case 'l':
3190+ hipnc_flag |= HIPNC_SERVER_MODE;
3191+ break;
3192+ case 'p':
3193+ src_port = atoi(optarg);
3194+ break;
3195+ case 'd':
3196+ dst_port = atoi(optarg);
3197+ break;
3198+ case 's':
3199+ src_ip = optarg;
3200+ break;
3201+ case 't':
3202+ hipnc_flag &= ~HIPNC_UDP_MODE;
3203+ break;
3204+ case 'u':
3205+ hipnc_flag |= HIPNC_UDP_MODE;
3206+ break;
3207+ case 'h':
3208+ usage();
3209+ exit(EXIT_SUCCESS);
3210+ default:
3211+ HIP_ERROR("Invalid option.\n");
3212+ return -1;
3213+ }
3214+ }
3215+
3216+ if (parse_source_to_ss(src_ip, src_port, &local_ss) < 0) {
3217+ HIP_ERROR("Failed to parse source ip address.\n");
3218+ return -1;
3219+ }
3220+
3221+ if (!(hipnc_flag & HIPNC_SERVER_MODE) && optind == argc) {
3222+ HIP_ERROR("No identifier has been provided.\n");
3223+ return -1;
3224+ }
3225+
3226+ /* parse identifiers */
3227+ while (optind < argc) {
3228+ arg = argv[optind++];
3229+ if (inet_pton(AF_INET, arg, (void *) &inaddr4)) {
3230+ /* if it is a V4 addr, map it to V6 and add it to locator_list */
3231+ HIP_DEBUG("%s is parsed to v4", arg);
3232+ sprintf(addr_buf, "::FFFF:");
3233+ strcat(addr_buf, arg);
3234+ inet_pton(AF_INET6, addr_buf, (void *) &inaddr6);
3235+ HIP_DEBUG(". Map to v6: %s\n", addr_buf);
3236+ paddr6 = (struct in6_addr *) malloc(sizeof(struct in6_addr));
3237+ HIP_IFEL(!paddr6, -1, "malloc() failed\n");
3238+ memcpy(paddr6, &inaddr6, sizeof(struct in6_addr));
3239+ hip_ll_add_last(&locator_list, (void *) paddr6);
3240+ } else if (inet_pton(AF_INET6, arg, (void *) &inaddr6)) {
3241+ /* if it is a V6 addr, add it to locator_list or hit_list */
3242+ HIP_DEBUG("%s is parsed to v6, is HIT: %d\n", arg,
3243+ ipv6_addr_is_hit(&inaddr6));
3244+ paddr6 = (struct in6_addr *) malloc(sizeof(struct in6_addr));
3245+ HIP_IFEL(!paddr6, -1, "malloc() failed\n");
3246+ memcpy(paddr6, &inaddr6, sizeof(struct in6_addr));
3247+ if (ipv6_addr_is_hit(&inaddr6)) {
3248+ hip_ll_add_last(&hit_list, (void *) paddr6);
3249+ } else {
3250+ hip_ll_add_last(&locator_list, (void *) paddr6);
3251+ }
3252+ } else {
3253+ //Parse hostname
3254+ struct addrinfo *res;
3255+ struct addrinfo addr_hint = { 0 };
3256+ struct sockaddr_in *sa4;
3257+ struct sockaddr_in6 *sa6;
3258+
3259+ addr_hint.ai_family = AF_UNSPEC;
3260+
3261+ HIP_DEBUG("Parse identifier: %s\n", arg);
3262+ err = getaddrinfo(arg, NULL, &addr_hint, &res);
3263+ HIP_IFEL(err, -1,
3264+ "failed to parse: %s, %s\n", arg, gai_strerror(err));
3265+ for (; res != NULL; res = res->ai_next) {
3266+ paddr6 = (struct in6_addr *) malloc(sizeof(struct in6_addr));
3267+ HIP_IFEL(!paddr6, -1, "malloc() failed\n");
3268+ if (res->ai_family == AF_INET) {
3269+ sa4 = (struct sockaddr_in *) res->ai_addr;
3270+ IPV4_TO_IPV6_MAP(&sa4->sin_addr, paddr6);
3271+ hip_ll_add_last(&locator_list, (void *) paddr6);
3272+ } else if (res->ai_family == AF_INET6) {
3273+ sa6 = (struct sockaddr_in6 *) res->ai_addr;
3274+ memcpy(paddr6, &sa6->sin6_addr, sizeof(struct in6_addr));
3275+ if (ipv6_addr_is_hit(paddr6)) {
3276+ hip_ll_add_last(&hit_list, (void *) paddr6);
3277+ } else {
3278+ hip_ll_add_last(&locator_list, (void *) paddr6);
3279+ }
3280+ }
3281+ }
3282+ freeaddrinfo(res);
3283+ }
3284+ }
3285+
3286+ if (!(hipnc_flag & HIPNC_SERVER_MODE) && locator_list.element_count == 0) {
3287+ HIP_ERROR("No locator is provided.\n");
3288+ return -1;
3289+ }
3290+
3291+out_err:
3292+ if (err) {
3293+ free(paddr6);
3294+ }
3295+ return err;
3296+}
3297+
3298+int main(int argc, char *argv[])
3299+{
3300+ int err = 0;
3301+ struct sockaddr_in6 peer_hit_saddr = { 0 };
3302+
3303+ /* Parsing input arguments */
3304+ if (parse_arguments(argc, argv)) {
3305+ usage();
3306+ exit(EXIT_FAILURE);
3307+ }
3308+
3309+ /* libhip init */
3310+ if (libhipd_init() < 0) {
3311+ HIP_ERROR("libhipd init failed.\n");
3312+ return -1;
3313+ }
3314+
3315+ /* add peer hit-addr mapping */
3316+ if (hit_list.element_count != 0) {
3317+ const struct hip_ll_node *hit_i = NULL;
3318+ const struct hip_ll_node *locator_i = NULL;
3319+ struct in6_addr *p_hit;
3320+ struct in6_addr *p_locator;
3321+ while ((hit_i = hip_ll_iterate(&hit_list, hit_i))) {
3322+ p_hit = (struct in6_addr *) hit_i->ptr;
3323+ while ((locator_i = hip_ll_iterate(&locator_list, locator_i))) {
3324+ p_locator = (struct in6_addr *) locator_i->ptr;
3325+ HIP_DEBUG_HIT("HIPNC input hit:", p_hit);
3326+ add_peer_info(p_hit, p_locator);
3327+ }
3328+ }
3329+ }
3330+
3331+ HIP_DEBUG("hipnc_flag = %08x\n", hipnc_flag);
3332+
3333+ if (hipnc_flag & HIPNC_SERVER_MODE) {
3334+ return hipnc_run_server(hipnc_flag, (struct sockaddr *) &local_ss,
3335+ sizeof(local_ss));
3336+ } else if (hit_list.element_count != 0) {
3337+ const struct hip_ll_node *hit_i = NULL;
3338+ while ((hit_i = hip_ll_iterate(&hit_list, hit_i))) {
3339+ memcpy(&peer_hit_saddr.sin6_addr, hit_i->ptr, sizeof(struct in6_addr));
3340+ peer_hit_saddr.sin6_port = htons(dst_port);
3341+ HIP_DEBUG_HIT("Connect to hit", &peer_hit_saddr.sin6_addr);
3342+ HIP_DEBUG("Connect to port: %d\n", dst_port);
3343+
3344+ err = hipnc_run_client(hipnc_flag, (struct sockaddr *) &local_ss,
3345+ sizeof(local_ss), &peer_hit_saddr);
3346+
3347+ /* if no errors, finish execution, otherwise we try another hit */
3348+ if (err == 0) {
3349+ return 0;
3350+ }
3351+ }
3352+ return err;
3353+ } else {
3354+ //TODO opportunistic mode
3355+ HIP_ERROR("opportunistic mode not supported. Please provide a HIT\n");
3356+ return 0;
3357+ }
3358+}

Subscribers

People subscribed via source and target branches

to all changes: