HIPL

Merge lp:~rene-hummen/hipl/midauth-hipd into lp:hipl

midauth-hipd
Merge into trunk

Proposed by René Hummen on 2011-08-08

Status:	Merged
Approved by:	René Hummen on 2011-08-09
Approved revision:	6095
Merged at revision:	6046
Proposed branch:	lp:~rene-hummen/hipl/midauth-hipd
Merge into:	lp:hipl
Diff against target:	1713 lines (+1157/-250) 21 files modified .bzrignore (+1/-0) Makefile.am (+20/-5) firewall/midauth.h (+2/-1) hipd/hipd.c (+2/-47) hipd/hipd.h (+3/-0) hipd/main.c (+84/-0) hipd/output.c (+0/-10) lib/core/builder.c (+8/-93) lib/core/builder.h (+0/-10) lib/core/protodefs.h (+0/-23) lib/core/solve.c (+1/-57) lib/core/solve.h (+1/-4) modules/midauth/hipd/midauth.c (+229/-0) modules/midauth/hipd/midauth.h (+34/-0) modules/midauth/lib/midauth_builder.c (+181/-0) modules/midauth/lib/midauth_builder.h (+79/-0) modules/midauth/module_info.xml (+47/-0) test/check_modules_midauth.c (+46/-0) test/modules/midauth/hipd/midauth.c (+120/-0) test/modules/midauth/lib/midauth_builder.c (+265/-0) test/modules/midauth/test_suites.h (+34/-0)
To merge this branch:	bzr merge lp:~rene-hummen/hipl/midauth-hipd
Related bugs:	Link a bug report

Reviewer	Date Requested	Status
Diego Biurrun	2011-08-08	Needs Fixing on 2011-08-08
Stefan Götz	2011-08-08	Pending
Christof Mroz	2011-08-08	Pending
Review via email: mp+70736@code.launchpad.net

This proposal supersedes a proposal from 2011-07-19.

Description of the change

I have added unit tests and applied the feedback of the previous merge proposal. I will merge the code tomorrow afternoon if I do not receive further feedback. Please indicate your approval of the code by then.

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-19: Posted in a previous version of this proposal

review needs-fixing

review: Needs Fixing

Revision history for this message

Christof Mroz (christof-mroz) wrote on 2011-07-22: Posted in a previous version of this proposal

Aside from Diego's comment's, it looks good to me. Minor point:

> + static const size_t min_length = sizeof(*request)
> + - sizeof(request->tlv)
> + - sizeof(request->opaque);

This exact same computation is used in other functions, so it could be refactored into a global... But OTOH this is unlikely to change anyway.

More ideally, a separate branch could rewrite all HIPL structures to utilize zero-length arrays (a C99 feature AFAIK), which would lead to a simpler length calculations and more flexibility when working with preallocated packet buffers (by not fixing their length in the struct itself).
This was already briefly discussed on the list before though.

review: Approve

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-07-25: Posted in a previous version of this proposal

On 23.07.2011, at 00:59, Christof Mroz wrote:
> Review: Approve
> Aside from Diego's comment's, it looks good to me. Minor point:
>
>> + static const size_t min_length = sizeof(*request)
>> + - sizeof(request->tlv)
>> + - sizeof(request->opaque);
>
> This exact same computation is used in other functions, so it could be refactored into a global... But OTOH this is unlikely to change anyway.

This code is just repeated once for request and response respectively. I'm leaving it as it is.

René

--
Dipl.-Inform. Rene Hummen, Ph.D. Student
Chair of Communication and Distributed Systems
RWTH Aachen University, Germany
tel: +49 241 80 20772
web: http://www.comsys.rwth-aachen.de/team/rene-hummen/

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-07-25: Posted in a previous version of this proposal

Diego, I have addressed the issues that you mentioned. Can you please approve the merge or give further feedback.

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-25: Posted in a previous version of this proposal

On Mon, Jul 25, 2011 at 09:06:20AM +0000, René Hummen wrote:
> Diego, I have addressed the issues that you mentioned.

Where? I have not seen any commits from you nor an updated merge
proposal...

Diego

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-25: Posted in a previous version of this proposal

Download full text (3.5 KiB)

review needs-fixing

On Tue, Jul 19, 2011 at 05:18:19PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>
> --- modules/midauth/hipd/midauth.c 1970-01-01 00:00:00 +0000
> +++ modules/midauth/hipd/midauth.c 2011-07-19 17:18:04 +0000
> @@ -0,0 +1,257 @@
> +
> +#include <errno.h>
> +#include <string.h>

You should add stdint.h for the POSIX integer types you use.

> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + * the packet handling (received message, source and destination
> + * address, the ports and the corresponding entry from the host
> + * association database).

nit: The one-space indentation for the description block looks weird.

more below

HIP_IFEL abuse

> --- modules/midauth/lib/midauth_builder.c 1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.c 2011-07-19 17:18:04 +0000
> @@ -0,0 +1,199 @@
> +
> +#include <string.h>

stdint.h

nit: These would IMO look slightly more readable with the '-' at the
end of the line.

review needs-fixing

On Tue, Jul 19, 2011 at 05:18:19PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
> 
> --- modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
> +++ modules/midauth/hipd/midauth.c	2011-07-19 17:18:04 +0000
> @@ -0,0 +1,257 @@
> +
> +#include <errno.h>
> +#include <string.h>

You should add stdint.h for the POSIX integer types you use.

> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).

nit: The one-space indentation for the description block looks weird.

more below

> +int hip_midauth_init(void)
> +{
> +    int err = 0;
> +
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
> +                                          "HIP_PARAM_CHALLENGE_REQUEST"),
> +             -1, "failed to register parameter type\n");
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
> +                                          "HIP_PARAM_CHALLENGE_RESPONSE"),
> +             -1, "failed to register parameter type\n");
> +
> +    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
> +                                          HIP_STATE_R2_SENT,
> +                                          &hip_add_host_id_param_update,
> +                                          20750),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
> +                                          HIP_STATE_ESTABLISHED,
> +                                          &hip_add_host_id_param_update,
> +                                          20750),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +
> +out_err:
> +    return err;
> +}

HIP_IFEL abuse

> --- modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.c	2011-07-19 17:18:04 +0000
> @@ -0,0 +1,199 @@
> +
> +#include <string.h>

stdint.h

> +    static const size_t min_length = sizeof(*request)
> +                                     - sizeof(request->tlv)
> +                                     - sizeof(request->opaque);
> +
> +
> +    static const size_t min_length = sizeof(response)
> +                                     - sizeof(response.tlv)
> +                                     - sizeof(response.opaque);

nit: These would IMO look slightly more readable with the '-' at the
end of the line.

> +    /* note: the length cannot be calculated with calc_param_len() */
> +    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
> +    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
> +
> +    memcpy(response.J, val_J, PUZZLE_LENGTH);
> +    response.K        = request->K;
> +    response.lifetime = request->lifetime;
> +    memcpy(response.opaque, request->opaque, opaque_len);
> +
> +    HIP_IFEL(hip_build_param(msg, &response), -1, "failed to build parameter\n");
> +
> +out_err:
> +    return err;
> +}

more HIP_IFEL abuse

> +/**
> + * Compute length of opaque field in CHALLENGE_RESPONSE parameter

I would end sentences in a period in Doxygen comments; here and
everywhere else.

Diego

review: Needs Fixing

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-07-30: Posted in a previous version of this proposal

Download full text (11.2 KiB)

Hi Rene!

> 4) There are no unit-tests for the hipd-related functionality as of now.
> However, we have tested the code extensively in three demos and I will add the
> tests at a later point in time.

Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

> === modified file 'firewall/midauth.h'
> === modified file 'lib/core/solve.c'
> === modified file 'lib/core/solve.h'

Please don't forget to update the Copyright dates when you modify files with
Copyright headers. Scatterbrains like myself may want to try out the pre-commit
hook in https://code.launchpad.net/~stefan.goetz/hipl/commitguard that
automatically checks for that.

> === added file 'modules/midauth/Makefile.am'

This file lacks a copyright statement.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + * the packet handling (received message, source and destination
> + * address, the ports and the corresponding entry from the host
> + * association database).
> + *
> + * @return zero if the challenge was processed correctly or no challenge was
> + * attached to the packet, negative value otherwise

So it is not an error for a CHALLENGE_REQUEST parameter to be present but an actual challenge to be missing at the same time? Sounds like a protocol violation to me, though I haven't checked the RFC.

> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
> + UNUSED const uint32_t ha_state,
> + struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> + const struct hip_challenge_request *request = NULL;
> +
> + request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
> + if (!request) {
> + return 0;
> + }
> + // each on-path middlebox may add a challenge on its own
> + do {

> + // process next challenge parameter, if available
> + request = (const struct hip_challenge_request *)
> + hip_get_next_param(ctx->input_msg, &request->tlv);
> + } while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST);

[L] simplicity: the 'if' check for '!request' and its extra 'return' statement could be avoided if a 'while(){}' loop was used instead of the 'do {} while ()' loop. That would make the code more readable in my opinion.

Hi Rene!

> 4) There are no unit-tests for the hipd-related functionality as of now.
> However, we have tested the code extensively in three demos and I will add the
> tests at a later point in time.

Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

> === modified file 'firewall/midauth.h'
> === modified file 'lib/core/solve.c'
> === modified file 'lib/core/solve.h'

> === added file 'modules/midauth/Makefile.am'

This file lacks a copyright statement.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).
> + *
> + * @return zero if the challenge was processed correctly or no challenge was
> + * attached to the packet, negative value otherwise

So it is not an error for a CHALLENGE_REQUEST parameter to be present but an actual challenge to be missing at the same time? Sounds like a protocol violation to me, though I haven't checked the RFC.

> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
> +                                          UNUSED const uint32_t ha_state,
> +                                          struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> +    const struct hip_challenge_request *request = NULL;
> +
> +    request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
> +    if (!request) {
> +        return 0;
> +    }
> +    // each on-path middlebox may add a challenge on its own
> +    do {

> +        // process next challenge parameter, if available
> +        request = (const struct hip_challenge_request *)
> +                  hip_get_next_param(ctx->input_msg, &request->tlv);
> +    } while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST);

> +/**
> + * Add a HOST_ID parameter corresponding to the local HIT of the association to
> + * an UPDATE packet.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).
> + *
> + * @return zero on success, negative value otherwise
> + */
> +static int add_host_id_param_update(UNUSED const uint8_t packet_type,
> +                                    UNUSED const uint32_t ha_state,
> +                                    struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> +    const struct hip_challenge_request *challenge_request = NULL;
> +    struct local_host_id               *host_id_entry     = NULL;
> +
> +    challenge_request = hip_get_param(ctx->input_msg,
> +                                      HIP_PARAM_CHALLENGE_REQUEST);

[L] const correctness paranoia: by merging the declaration and assignment of 'challenge_request', it could be declared as a 'const' pointer.
[L] 'local_host_id' is only used within the 'if' scope below - thus it should be declared within that scope, not outside of it.

> +    // add HOST_ID to packets containing a CHALLENGE_RESPONSE
> +    if (challenge_request) {
> +        if (!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID,
> +                                                                   &ctx->input_msg->hitr,
> +                                                                   HIP_ANY_ALGO,
> +                                                                   -1))) {
> +            HIP_ERROR("Unknown HIT\n");
> +            return -1;
> +        }
> +
> +        if (hip_build_param_host_id(ctx->output_msg, &host_id_entry->host_id)) {
> +            HIP_ERROR("Building of host id failed\n");
> +            return -1;
> +        }
> +    }
> +
> +    return 0;
> +}
> +

> === added file 'modules/midauth/lib/midauth_builder.c'
> +/**
> + * Build and append a HIP CHALLENGE_REQUEST to the message.
> + *
> + * @param msg           the message where the CHALLENGE_REQUEST is appended
> + * @param val_K         the difficulty for the CHALLENGE_REQUEST

[M] is there an important reason for this cryptic name? I would find 'difficulty' much more intuitive. What are the semantics of this value? The sentence 'difficulty for the CHALLENGE_REQUEST' does not really document anything much, i.e., after reading it, I still don't know how to use this function.

> + * @param lifetime      lifetime of the CHALLENGE_REQUEST

[M] same as above: what are the semantics of 'lifetime'? At least: in which unit/interval does it need to be specified?

> + * @param opaque        the opaque data of the CHALLENGE_REQUEST

[M] same as above: huh?

> + * @param opaque_len    the length of the opaque data
> + *
> + * @return zero for success, or non-zero on error
> + */
> +int hip_build_param_challenge_request(struct hip_common *msg,
> +                                      uint8_t val_K,
> +                                      uint8_t lifetime,
> +                                      uint8_t *opaque,
> +                                      uint8_t opaque_len)

[M] policy: lack of const correctness.

> +{
> +    struct hip_challenge_request request;
> +
> +    HIP_ASSERT(val_K <= 8);

[L] some justification of this assertion would be useful to the reader.

> +/**
> + * Build and append a HIP CHALLENGE_RESPONSE into the message.

[L] nit: 'append to' instead of 'append into'

> + * @param msg       the message where the CHALLENGE_RESPONSE is appended
> + * @param request   the corresponding CHALLENGE_REQUEST parameter
> + * @param val_J     value for the solution (in host byte order)

[M] cryptic "documentation", please provide more helpful information.

> + * @return zero for success, or non-zero on error
> + */
> +int hip_build_param_challenge_response(struct hip_common *msg,
> +                                       const struct hip_challenge_request *request,
> +                                       uint8_t val_J[PUZZLE_LENGTH])

[M] policy: lack of const correctness

> +{
> +    struct hip_challenge_response response;
> +    int                           opaque_len = 0;
> +    int                           err        = 0;
> +
> +    opaque_len = hip_challenge_request_opaque_len(request);

[L] const correctness paranoia: by merging the declaration and assignment of 'opaque_len', it could be declared as 'const'.

> +
> +    static const size_t min_length = sizeof(response)
> +                                     - sizeof(response.tlv)
> +                                     - sizeof(response.opaque);
> +
> +    /* note: the length cannot be calculated with calc_param_len() */
> +    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
> +    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
> +
> +    memcpy(response.J, val_J, PUZZLE_LENGTH);
> +    response.K        = request->K;
> +    response.lifetime = request->lifetime;
> +    memcpy(response.opaque, request->opaque, opaque_len);
> +
> +    HIP_IFEL(hip_build_param(msg, &response), -1, "failed to build parameter\n");

[L] HIP_IFEL() abuse

> +
> +out_err:
> +    return err;
> +}
> +
> +/**
> + * Compute length of opaque field in CHALLENGE_RESPONSE parameter
> + *
> + * @param response  the CHALLENGE_RESPONSE parameter
> + * @return length of the opaque field
> + */
> +uint8_t hip_challenge_response_opaque_len(const struct hip_challenge_response *response)

[M] lack of const correctness

> +{
> +    static const size_t min_len = sizeof(*response) -
> +                                  sizeof(response->tlv) -
> +                                  sizeof(response->opaque);
> +
> +    return hip_get_param_contents_len(&response->tlv) - min_len;

[L] Personally, I don't like the unchecked implicit cast of the result of this subtraction to 'uint8_t' - it might lead to over/underflows. Also, I don't see the point of the return type of this function being 'uint8_t' - the function returns a length so shouldn't the return type be 'unsigned'?

> +/**
> + * Compute length of opaque field in CHALLENGE_REQUEST parameter
> + *
> + * @param request  the CHALLENGE_REQUEST parameter
> + * @return length of the opaque field
> + */
> +uint8_t hip_challenge_request_opaque_len(const struct hip_challenge_request *request)

[M] lack of const correctness
> +{
> +    static const size_t min_len = sizeof(*request) -
> +                                  sizeof(request->tlv) -
> +                                  sizeof(request->opaque);
> +
> +    return hip_get_param_contents_len(&request->tlv) - min_len;
> +}

[L] same 'uint8_t' issues as above

> +/**
> + * Convert opaque value in the CHALLENGE_REQUEST to seed value I of a HIP puzzle
> + *
> + * @param opaque            the opaque value in the CHALLENGE_REQUEST
> + * @param opaque_len        length of the opaque value
> + * @param[out] puzzle_value the generated puzzle value
> + * @return zero on success, -1 in case of an error
> + */

[L] I don't find this documentation particularly helpful. Please also use full English sentences for readability and clarity.

[M] consistency: please do not use doxygen's [in]/[out] tags - this has been discussed before on the list.

> +int hip_midauth_puzzle_seed(const uint8_t opaque[],
> +                            const uint8_t opaque_len,
> +                            uint8_t puzzle_value[PUZZLE_LENGTH])

[M] lack of const correctness

> +{
> +    unsigned char sha_digest[SHA_DIGEST_LENGTH];
> +
> +    // the hashed opaque field is used as puzzle seed
> +    if (hip_build_digest(HIP_DIGEST_SHA1,
> +                         opaque,
> +                         opaque_len,
> +                         sha_digest)) {
> +        HIP_ERROR("Building of SHA1 Random seed I failed\n");

[L] nit: 'random'

> === added file 'modules/midauth/lib/midauth_builder.h'
> --- modules/midauth/lib/midauth_builder.h	1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.h	2011-07-25 08:58:34 +0000
> @@ -0,0 +1,86 @@
> +/*
> + * Copyright (c) 2010 Aalto University and RWTH Aachen University.

[L] the year seems odd - maybe 2010-2011?

> +//
> +// TODO: flexible arrays

[L] what do you mean? If no one but the original implementer understands this comment, it should either be elaborated or removed.

Stefan

review: Needs Fixing

Revision history for this message

Christof Mroz (christof-mroz) wrote on 2011-07-30: Posted in a previous version of this proposal

On Sat, 30 Jul 2011 17:01:37 +0200, Stefan Götz
<email address hidden> wrote:

>> +{
>> + const struct hip_challenge_request *request = NULL;
>> +
>> + request = hip_get_param(ctx->input_msg,
>> HIP_PARAM_CHALLENGE_REQUEST);
>> + if (!request) {
>> + return 0;
>> + }
>> + // each on-path middlebox may add a challenge on its own
>> + do {
>
>> + // process next challenge parameter, if available
>> + request = (const struct hip_challenge_request *)
>> + hip_get_next_param(ctx->input_msg, &request->tlv);
>> + } while (request && hip_get_param_type(request) ==
>> HIP_PARAM_CHALLENGE_REQUEST);
>
> [L] simplicity: the 'if' check for '!request' and its extra 'return'
> statement could be avoided if a 'while(){}' loop was used instead of the
> 'do {} while ()' loop. That would make the code more readable in my
> opinion.

Could you elaborate? I originally wrote it this way because of the
"asymmetry" between hip_get_param() and hip_get_next_param().

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-07-31: Posted in a previous version of this proposal

> Could you elaborate? I originally wrote it this way because of the
> "asymmetry" between hip_get_param() and hip_get_next_param().

Something like:

request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST) {
    [...]
    request = (const struct hip_challenge_request *)
              hip_get_next_param(ctx->input_msg, &request->tlv);
}

Perfectly valid, but less common would also be

for (request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST); request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST; request = (const struct hip_challenge_request *) hip_get_next_param(ctx->input_msg, &request->tlv)) {
[...]
}

Stefan

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-08-01: Posted in a previous version of this proposal

On Sat, Jul 30, 2011 at 03:01:37PM +0000, Stefan Götz wrote:
>
> > === added file 'modules/midauth/Makefile.am'
>
> This file lacks a copyright statement.

All subdirectory Makefile.am snippets do. It is part of the modularization
silliness. I have a patch pending that merges the snippets into the
top-level Makefile.am.

Diego

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-03: Posted in a previous version of this proposal

Thanks for your extensive review!

On 30.07.2011, at 17:01, Stefan Götz wrote:
> Review: Needs Fixing
> Hi Rene!
>
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
>
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

Well, you are right. I'll add them now.

>> === modified file 'firewall/midauth.h'
>> === modified file 'lib/core/solve.c'
>> === modified file 'lib/core/solve.h'
>
> Please don't forget to update the Copyright dates when you modify files with
> Copyright headers. Scatterbrains like myself may want to try out the pre-commit
> hook in https://code.launchpad.net/~stefan.goetz/hipl/commitguard that
> automatically checks for that.

I just started using your commit guard after finishing this branch. Future commit should be bullet proof.

>> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
>> + UNUSED const uint32_t ha_state,
>> + struct hip_packet_context *ctx)
>
> [M] policy: please ensure full const correctness for the 'ctx' function argument

Handle functions currently require the non-constness. This should be fixed in trunk.

>> +int hip_midauth_puzzle_seed(const uint8_t opaque[],
>> + const uint8_t opaque_len,
>> + uint8_t puzzle_value[PUZZLE_LENGTH])
>
> [M] lack of const correctness

I don't know how to make this more const correct. The prototype uses the pointer notation with complete const-correctness instead of arrays though.

René

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-04: Posted in a previous version of this proposal

On 30.07.2011, at 17:01, Stefan Götz wrote:

> Review: Needs Fixing
> Hi Rene!
>
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
>
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

I have added unit tests for all but the function below:

static int add_host_id_param_update(UNUSED const uint8_t packet_type,
UNUSED const uint32_t ha_state,
struct hip_packet_context *ctx)

The problem here is that hip_init_host_ids() is needed to set up the host id db for host id lookup within add_host_id_param_update(). However, hip_init_host_ids() requires root access to the file system. I have appended the unit test that I have written already, but is not included in my latest changes due to the restrictions I just explained.

START_TEST(test_midauth_add_host_id_param_update_CORRECT)
{
    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
    struct hip_packet_context ctx = { 0 };

ctx.input_msg = hip_msg_alloc();
ctx.output_msg = hip_msg_alloc();

    hip_init_hostid_db();
    hip_init_host_ids();
    hip_get_default_hit(&ctx.input_msg->hitr);

    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque,
                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
                0, NULL);
    fail_unless(add_host_id_param_update(0, 0, &ctx) == 0, NULL);
    fail_unless((hip_get_param(ctx.output_msg,
                                         HIP_PARAM_HOST_ID)) != NULL,
                    NULL);
}
END_TEST

Ciao,
René

On 30.07.2011, at 17:01, Stefan Götz wrote:

> Review: Needs Fixing
> Hi Rene!
> 
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
> 
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

I have added unit tests for all but the function below:

static int add_host_id_param_update(UNUSED const uint8_t packet_type,
                                    UNUSED const uint32_t ha_state,
                                    struct hip_packet_context *ctx)

ctx.input_msg = hip_msg_alloc();
    ctx.output_msg = hip_msg_alloc();

hip_init_hostid_db();
    hip_init_host_ids();
    hip_get_default_hit(&ctx.input_msg->hitr);

Ciao,
René

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-08-04: Posted in a previous version of this proposal

Download full text (4.3 KiB)

Hi Rene!

Thanks for all the not so trivial improvements! Almost happy now :)

> === modified file 'Makefile.am'
> --- Makefile.am 2011-07-11 12:50:33 +0000
> +++ Makefile.am 2011-08-04 17:15:48 +0000
> @@ -215,10 +220,16 @@
> test/lib/tool/checksum.c \
> test/lib/tool/pk.c
>
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
> + test/modules/midauth/lib/midauth_builder.c \
> + test/modules/midauth/hipd/midauth.c \
> + $(hipd_hipd_sources)
> +
> # Include module Makefile.am's.
> # TODO: Make this inclusion dynamic
> include modules/heartbeat/Makefile.am
> include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
> include modules/update/Makefile.am

[L] I think with Diego's recent change, the contents of the module Makefile.am should be moved into the top-level Makefile.am? Not sure.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Initialization function for the midauth module.
> + *
> + * @return zero on success, negative value otherwise
> + */
> +int hip_midauth_init(void)

[L] I don't like the code duplication in this function very much, even if it's just boiler plate code. Here are some optional suggestions for improvement.

> +{
> + int err = 0;

[L] Get rid of this and don't use HIP_IFEL at all because there is no cleanup.

> +
> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
> + "HIP_PARAM_CHALLENGE_REQUEST"),
> + -1, "failed to register parameter type\n");
> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
> + "HIP_PARAM_CHALLENGE_RESPONSE"),
> + -1, "failed to register parameter type\n");

[L] Is the second parameter always the string version of the the first? If so, a macro with stringification would avoid that duplication.

Hi Rene!

Thanks for all the not so trivial improvements! Almost happy now :)

> === modified file 'Makefile.am'
> --- Makefile.am	2011-07-11 12:50:33 +0000
> +++ Makefile.am	2011-08-04 17:15:48 +0000
> @@ -215,10 +220,16 @@
>                                test/lib/tool/checksum.c       \
>                                test/lib/tool/pk.c
>  
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
> +                                     test/modules/midauth/lib/midauth_builder.c \
> +                                     test/modules/midauth/hipd/midauth.c        \
> +                                     $(hipd_hipd_sources)
> +
>  # Include module Makefile.am's.
>  # TODO: Make this inclusion dynamic
>  include modules/heartbeat/Makefile.am
>  include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
>  include modules/update/Makefile.am

[L] I think with Diego's recent change, the contents of the module Makefile.am should be moved into the top-level Makefile.am? Not sure.

[L] I don't like the code duplication in this function very much, even if it's just boiler plate code. Here are some optional suggestions for improvement.

> +{
> +    int err = 0;

[L] Get rid of this and don't use HIP_IFEL at all because there is no cleanup.

> +
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
> +                                          "HIP_PARAM_CHALLENGE_REQUEST"),
> +             -1, "failed to register parameter type\n");
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
> +                                          "HIP_PARAM_CHALLENGE_RESPONSE"),
> +             -1, "failed to register parameter type\n");

[L] Is the second parameter always the string version of the the first? If so, a macro with stringification would avoid that duplication.

> +
> +    HIP_IFEL(hip_register_handle_function(HIP_R1,
> +                                          HIP_STATE_I1_SENT,
> +                                          &handle_challenge_request_param,
> +                                          32500),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +    HIP_IFEL(hip_register_handle_function(HIP_R1,
> +                                          HIP_STATE_I2_SENT,
> +                                          &handle_challenge_request_param,
> +                                          32500),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +    HIP_IFEL(hip_register_handle_function(HIP_R1,
> +                                          HIP_STATE_CLOSING,
> +                                          &handle_challenge_request_param,
> +                                          32500),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +    HIP_IFEL(hip_register_handle_function(HIP_R1,
> +                                          HIP_STATE_CLOSED,
> +                                          &handle_challenge_request_param,
> +                                          32500),
> +             -1, "Error on registering MIDAUTH handle function.\n");

[M] as I just see this: the magic numbers 32500 really must be replaced with something more meaningful!

[L] How about:

int states[4] = { HIP_STATE_I1_SENT, [...] };
for (unsigned i = 0; i < ARRAY_SIZE(states); i++) {
    if (hip_register_handle_function(HIP_R1,
                                     states[i],
                                     &handle_challenge_request_param,
                                     32500)) {
    	HIP_ERROR("Error on registering MIDAUTH handle function.\n");
    	return -1;
	}
}

and similar for all the registrations below?

> === added file 'modules/midauth/module_info.xml'
> --- modules/midauth/module_info.xml	1970-01-01 00:00:00 +0000
> +++ modules/midauth/module_info.xml	2011-08-04 17:15:48 +0000
> @@ -0,0 +1,22 @@
> +<?xml version="1.0" encoding="UTF-8"?>

[L] I believe it would make sense to add a Copyright and license header into these XML files.

> === added file 'test/check_modules_midauth.c'

Nice, it's great to see that unit tests make their way into HIPL - I think that's a really good direction :)

Cheers,
	Stefan

review: Needs Fixing

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-08-04: Posted in a previous version of this proposal

Hi Rene!

> I have added unit tests for all but the function below:

Cool!

> The problem here is that hip_init_host_ids() is needed to set up the host id db for host id lookup within add_host_id_param_update(). However, hip_init_host_ids() requires root access to the file system. I have appended the unit test that I have written already, but is not included in my latest changes due to the restrictions I just explained.

How about adding the check 'if (!getuid()) { [UNIT TEST CODE] } else {
printf("The unit test %s requires root privileges.\n", __FUNCTION__); }' to the
unit test? Would that seem like a reasonable thing to do?

Stefan

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-05: Posted in a previous version of this proposal

Download full text (3.3 KiB)

On 04.08.2011, at 20:41, Stefan Götz wrote:
> Review: Needs Fixing
> Hi Rene!
>
> Thanks for all the not so trivial improvements! Almost happy now :)
>
>> === modified file 'Makefile.am'
>> --- Makefile.am 2011-07-11 12:50:33 +0000
>> +++ Makefile.am 2011-08-04 17:15:48 +0000
>> @@ -215,10 +220,16 @@
>> test/lib/tool/checksum.c \
>> test/lib/tool/pk.c
>>
>> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
>> + test/modules/midauth/lib/midauth_builder.c \
>> + test/modules/midauth/hipd/midauth.c \
>> + $(hipd_hipd_sources)
>> +
>> # Include module Makefile.am's.
>> # TODO: Make this inclusion dynamic
>> include modules/heartbeat/Makefile.am
>> include modules/heartbeat_update/Makefile.am
>> +include modules/midauth/Makefile.am
>> include modules/update/Makefile.am
>
> [L] I think with Diego's recent change, the contents of the module Makefile.am should be moved into the top-level Makefile.am? Not sure.

Diego's changes have not yet been merged to trunk. Hence, I would prefer to modify the Makefile with his merge.

>> +
>> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
>> + "HIP_PARAM_CHALLENGE_REQUEST"),
>> + -1, "failed to register parameter type\n");
>> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
>> + "HIP_PARAM_CHALLENGE_RESPONSE"),
>> + -1, "failed to register parameter type\n");
>
> [L] Is the second parameter always the string version of the the first? If so, a macro with stringification would avoid that duplication.

They need not be the same, but it makes sense to do so. The string is used for debugging output. Feel free to adjust and improve lmod_register_parameter_type() globally. I don't see that such a change is in the scope of this branch though.

You are right. The priority is for handle functions is somewhat random at the moment. This should be fixed for all handle functions in a separate branch.

> [L] How about:
>
> int states[4] = { HIP_STATE_I1_SENT, [...] };
> for (unsigned i = 0; i < ARRAY_SIZE(states); i++) {
> if (hip_register_handle_function(HIP_R1,
> states[i],
> &handle_challenge_request_param,
> 32500)) {
> HIP_ERROR("Error on registering MIDAUTH handle function.\n");
> return -1;
> }
> }
>
> and similar for all the registrations below?

Good idea. I changed the code accordingly.

--
Dipl.-Inform...

On 04.08.2011, at 20:41, Stefan Götz wrote:
> Review: Needs Fixing
> Hi Rene!
> 
> Thanks for all the not so trivial improvements! Almost happy now :)
> 
>> === modified file 'Makefile.am'
>> --- Makefile.am	2011-07-11 12:50:33 +0000
>> +++ Makefile.am	2011-08-04 17:15:48 +0000
>> @@ -215,10 +220,16 @@
>>                               test/lib/tool/checksum.c       \
>>                               test/lib/tool/pk.c
>> 
>> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
>> +                                     test/modules/midauth/lib/midauth_builder.c \
>> +                                     test/modules/midauth/hipd/midauth.c        \
>> +                                     $(hipd_hipd_sources)
>> +
>> # Include module Makefile.am's.
>> # TODO: Make this inclusion dynamic
>> include modules/heartbeat/Makefile.am
>> include modules/heartbeat_update/Makefile.am
>> +include modules/midauth/Makefile.am
>> include modules/update/Makefile.am
> 
> [L] I think with Diego's recent change, the contents of the module Makefile.am should be moved into the top-level Makefile.am? Not sure.

Diego's changes have not yet been merged to trunk. Hence, I would prefer to modify the Makefile with his merge.

>> +
>> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
>> +                                          "HIP_PARAM_CHALLENGE_REQUEST"),
>> +             -1, "failed to register parameter type\n");
>> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
>> +                                          "HIP_PARAM_CHALLENGE_RESPONSE"),
>> +             -1, "failed to register parameter type\n");
> 
> [L] Is the second parameter always the string version of the the first? If so, a macro with stringification would avoid that duplication.

>> +    HIP_IFEL(hip_register_handle_function(HIP_R1,
>> +                                          HIP_STATE_CLOSED,
>> +                                          &handle_challenge_request_param,
>> +                                          32500),
>> +             -1, "Error on registering MIDAUTH handle function.\n");
> 
> [M] as I just see this: the magic numbers 32500 really must be replaced with something more meaningful!

You are right. The priority is for handle functions is somewhat random at the moment. This should be fixed for all handle functions in a separate branch.

> [L] How about:
> 
> int states[4] = { HIP_STATE_I1_SENT, [...] };
> for (unsigned i = 0; i < ARRAY_SIZE(states); i++) {
>    if (hip_register_handle_function(HIP_R1,
>                                     states[i],
>                                     &handle_challenge_request_param,
>                                     32500)) {
>    	HIP_ERROR("Error on registering MIDAUTH handle function.\n");
>    	return -1;
> 	}
> }
> 
> and similar for all the registrations below?

Good idea. I changed the code accordingly.

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-08:

On 08.08.2011, at 15:05, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>
> Requested reviews:
> Christof Mroz (christof-mroz)
> Diego Biurrun (diego-biurrun)
> Stefan Götz (stefan.goetz)
>
> For more details, see:
> https://code.launchpad.net/~rene-hummen/hipl/midauth-hipd/+merge/70736
>
> I have added unit tests and applied the feedback of the previous merge proposal. I will merge the code tomorrow afternoon if I do not receive further feedback. Please indicate your approval of the code by then.

> +<<<<<<< TREE
> +=======
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
> + test/modules/midauth/lib/midauth_builder.c \
> + test/modules/midauth/hipd/midauth.c \
> + $(hipd_hipd_sources)
> +
> +# Include module Makefile.am's.
> +# TODO: Make this inclusion dynamic
> +include modules/heartbeat/Makefile.am
> +include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
> +include modules/update/Makefile.am
> +
> +>>>>>>> MERGE-SOURCE

I'll resolve this conflict during the merge by only using the main makefile.

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-08-08:

review needs-fixing

On Mon, Aug 08, 2011 at 01:05:16PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>
> --- Makefile.am 2011-08-05 11:00:52 +0000
> +++ Makefile.am 2011-08-08 13:01:27 +0000
> @@ -91,7 +93,7 @@
>
> -hipd_hipd_SOURCES = hipd/accessor.c \
> +hipd_hipd_sources = hipd/accessor.c \

Hmmmm...

> @@ -128,9 +130,12 @@
>
> if HIP_MIDAUTH
> -hipd_hipd_SOURCES += hipd/pisa.c
> +hipd_hipd_sources += hipd/pisa.c
> endif
>
> +hipd_hipd_SOURCES = $(hipd_hipd_sources) \
> + hipd/main.c

Umm, this looks like a giant hack. Why is the main function moved around
like this?

> @@ -220,6 +225,21 @@
>
> +<<<<<<< TREE
> +=======
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
> + test/modules/midauth/lib/midauth_builder.c \
> + test/modules/midauth/hipd/midauth.c \
> + $(hipd_hipd_sources)
> +
> +# Include module Makefile.am's.
> +# TODO: Make this inclusion dynamic
> +include modules/heartbeat/Makefile.am
> +include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
> +include modules/update/Makefile.am
> +
> +>>>>>>> MERGE-SOURCE

Umm, no. Sorry to be blunt here, but this is not acceptable. We need
to find a way to block merge requests with conflicts. Yes, it's a bug
in Bazaar to accept them in the first place, but if our tools are not
smart enough we will need to find a protocol to work around this.

Submitting merge requests with conflicts is a needless waste of reviewer
time. Now that I'm no longer a paid member of the project I'll exercise
my privilege of free time allocation and refuse to review such merge
requests outright. :)

Any branch that gets submitted for merging and not just as an RFC needs
to pass all mechanical checks that we have. That means compiling and
passing the test suite, ideally plus a few manual tests. There is no
point in using humans to check a branch before feeding it to the compiler.
Plus, reviewer time is the scarce resource that we need to preserve.

I also think we need to rethink this whole "modularization" thing that
is adding complication in return for no practical benefit before we
entrench it further via more "modules".

Diego

review needs-fixing

On Mon, Aug 08, 2011 at 01:05:16PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
> 
> --- Makefile.am	2011-08-05 11:00:52 +0000
> +++ Makefile.am	2011-08-08 13:01:27 +0000
> @@ -91,7 +93,7 @@
>  
> -hipd_hipd_SOURCES = hipd/accessor.c              \
> +hipd_hipd_sources = hipd/accessor.c              \

Hmmmm...

> @@ -128,9 +130,12 @@
>  
>  if HIP_MIDAUTH
> -hipd_hipd_SOURCES +=  hipd/pisa.c
> +hipd_hipd_sources += hipd/pisa.c
>  endif
>  
> +hipd_hipd_SOURCES = $(hipd_hipd_sources)        \
> +                    hipd/main.c

Umm, this looks like a giant hack. Why is the main function moved around
like this?

> @@ -220,6 +225,21 @@
>  
> +<<<<<<< TREE
> +=======
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
> +                                     test/modules/midauth/lib/midauth_builder.c \
> +                                     test/modules/midauth/hipd/midauth.c        \
> +                                     $(hipd_hipd_sources)
> +
> +# Include module Makefile.am's.
> +# TODO: Make this inclusion dynamic
> +include modules/heartbeat/Makefile.am
> +include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
> +include modules/update/Makefile.am
> +
> +>>>>>>> MERGE-SOURCE

Umm, no.  Sorry to be blunt here, but this is not acceptable.  We need
to find a way to block merge requests with conflicts.  Yes, it's a bug
in Bazaar to accept them in the first place, but if our tools are not
smart enough we will need to find a protocol to work around this.

Submitting merge requests with conflicts is a needless waste of reviewer
time.  Now that I'm no longer a paid member of the project I'll exercise
my privilege of free time allocation and refuse to review such merge
requests outright. :)

Any branch that gets submitted for merging and not just as an RFC needs
to pass all mechanical checks that we have.  That means compiling and
passing the test suite, ideally plus a few manual tests.  There is no
point in using humans to check a branch before feeding it to the compiler.
Plus, reviewer time is the scarce resource that we need to preserve.

I also think we need to rethink this whole "modularization" thing that
is adding complication in return for no practical benefit before we
entrench it further via more "modules".

Diego

review: Needs Fixing

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-08-08

6043. By Diego Biurrun on 2011-08-08

cosmetics: fix 'null' vs. 'NULL' typo

6044. By Diego Biurrun on 2011-08-08

builder: clean up return handling

Return values directly instead of setting a variable, jumping
to a goto label and returning the variable there.

6045. By Diego Biurrun on 2011-08-08

nlink: drop some pointless void* casts

Revision history for this message

Christof Mroz (christof-mroz) wrote on 2011-08-08:

Looks good, aside from what Diego mentioned already (I'll approve as soon as the conflict is resolved). One minor point:

+/**
+ * Convert the opaque value in the CHALLENGE_REQUEST to the seed value I of a
+ * HIP puzzle.
+ *
+ * The opaque value plays a dual role in a CHALLENGE_REQUEST:
+ * i) it is a challenge that needs to be echoed back by the responder and
+ * ii) it is used to derive the seed value for a cryptographic puzzle. The
+ * puzzle is defined in RFC5201.
+ *
+ * @param opaque the nonce (challenge) in the CHALLENGE_REQUEST
+ * @param opaque_len the length of the nonce
+ * @param puzzle_value the puzzle value generated from the nonce
+ * @return zero on success, -1 in case of an error
+ */
+int hip_midauth_puzzle_seed(const uint8_t opaque[],
+ const unsigned int opaque_len,
+ uint8_t puzzle_value[PUZZLE_LENGTH])
+{
+ unsigned char sha_digest[SHA_DIGEST_LENGTH];
+

+ if (!puzzle_value) {
+ HIP_ERROR("Parameter puzzle_value is not allocated\n");
+ return -1;
+ }

This looks like it should never happen, i.e. an assertion would be more appropriate. Same for the opaque parameter.

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-08-09

6094. By René Hummen on 2011-08-09

replace if statement by HIP_ASSERT

Modify unit test accordingly.

6095. By René Hummen on 2011-08-09

move instruction from module Makefile to central one

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-09:

On 08.08.2011, at 17:01, Christof Mroz wrote:
> Looks good, aside from what Diego mentioned already (I'll approve as soon as the conflict is resolved). One minor point:
>
> +/**
> + * Convert the opaque value in the CHALLENGE_REQUEST to the seed value I of a
> + * HIP puzzle.
> + *
> + * The opaque value plays a dual role in a CHALLENGE_REQUEST:
> + * i) it is a challenge that needs to be echoed back by the responder and
> + * ii) it is used to derive the seed value for a cryptographic puzzle. The
> + * puzzle is defined in RFC5201.
> + *
> + * @param opaque the nonce (challenge) in the CHALLENGE_REQUEST
> + * @param opaque_len the length of the nonce
> + * @param puzzle_value the puzzle value generated from the nonce
> + * @return zero on success, -1 in case of an error
> + */
> +int hip_midauth_puzzle_seed(const uint8_t opaque[],
> + const unsigned int opaque_len,
> + uint8_t puzzle_value[PUZZLE_LENGTH])
> +{
> + unsigned char sha_digest[SHA_DIGEST_LENGTH];
> +
>
> + if (!puzzle_value) {
> + HIP_ERROR("Parameter puzzle_value is not allocated\n");
> + return -1;
> + }
>
> This looks like it should never happen, i.e. an assertion would be more appropriate. Same for the opaque parameter.

You are right. I implemented it as an if statement because in contrast to asserts HIP_ASSERTs are always executed. I changed this to HIP_ASSERT nevertheless in order to make a transition to assert() less painful in the future.

Ciao,
René

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-09:

I resolved the remaining issues. No further feedback has been given, so I will merge the code as announced yesterday.

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-10:

Download full text (3.7 KiB)

On 08.08.2011, at 16:31, Diego Biurrun wrote:
> Review: Needs Fixing
> review needs-fixing
>
> On Mon, Aug 08, 2011 at 01:05:16PM +0000, René Hummen wrote:
>> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>>
>> --- Makefile.am 2011-08-05 11:00:52 +0000
>> +++ Makefile.am 2011-08-08 13:01:27 +0000
>> @@ -91,7 +93,7 @@
>>
>> -hipd_hipd_SOURCES = hipd/accessor.c \
>> +hipd_hipd_sources = hipd/accessor.c \
>
> Hmmmm...
>
>> @@ -128,9 +130,12 @@
>>
>> if HIP_MIDAUTH
>> -hipd_hipd_SOURCES += hipd/pisa.c
>> +hipd_hipd_sources += hipd/pisa.c
>> endif
>>
>> +hipd_hipd_SOURCES = $(hipd_hipd_sources) \
>> + hipd/main.c
>
> Umm, this looks like a giant hack. Why is the main function moved around
> like this?

It was necessary to exclude the main function of the hipd for enabling unit tests (they ship their own main). One option was to move the main of the hipd to a different file and another one to exclude it by means of #ifdef. I chose to first option to be consistent with the unit tests in the firewall. hipd_hipd_sources are now used by hipd and the unit tests, so I don't see the point in keeping the list twice instead of maintaining it in a separate variable (same as for the firewall again).

>> @@ -220,6 +225,21 @@
>>
>> +<<<<<<< TREE
>> +=======
>> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
>> + test/modules/midauth/lib/midauth_builder.c \
>> + test/modules/midauth/hipd/midauth.c \
>> + $(hipd_hipd_sources)
>> +
>> +# Include module Makefile.am's.
>> +# TODO: Make this inclusion dynamic
>> +include modules/heartbeat/Makefile.am
>> +include modules/heartbeat_update/Makefile.am
>> +include modules/midauth/Makefile.am
>> +include modules/update/Makefile.am
>> +
>> +>>>>>>> MERGE-SOURCE
>
> Umm, no. Sorry to be blunt here, but this is not acceptable. We need
> to find a way to block merge requests with conflicts. Yes, it's a bug
> in Bazaar to accept them in the first place, but if our tools are not
> smart enough we will need to find a protocol to work around this.
>
> Submitting merge requests with conflicts is a needless waste of reviewer
> time. Now that I'm no longer a paid member of the project I'll exercise
> my privilege of free time allocation and refuse to review such merge
> requests outright. :)
>
> Any branch that gets submitted for merging and not just as an RFC needs
> to pass all mechanical checks that we have. That means compiling and
> passing the test suite, ideally plus a few manual tests. There is no
> point in using humans to check a branch before feeding it to the compiler.
> Plus, reviewer time is the scarce resource that we need to preserve.

I forgot your merge between my rebase and my merge proposal. That's why I didn't apply step (3) of the workflow below. I would have resubmitted my proposal after realizing this if the conflicts have been more serious. Of course you can refuse to review the merge request because of this.

IMO, we should have a merge proposal workflow t...

On 08.08.2011, at 16:31, Diego Biurrun wrote:
> Review: Needs Fixing
> review needs-fixing
> 
> On Mon, Aug 08, 2011 at 01:05:16PM +0000, René Hummen wrote:
>> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>> 
>> --- Makefile.am	2011-08-05 11:00:52 +0000
>> +++ Makefile.am	2011-08-08 13:01:27 +0000
>> @@ -91,7 +93,7 @@
>> 
>> -hipd_hipd_SOURCES = hipd/accessor.c              \
>> +hipd_hipd_sources = hipd/accessor.c              \
> 
> Hmmmm...
> 
>> @@ -128,9 +130,12 @@
>> 
>> if HIP_MIDAUTH
>> -hipd_hipd_SOURCES +=  hipd/pisa.c
>> +hipd_hipd_sources += hipd/pisa.c
>> endif
>> 
>> +hipd_hipd_SOURCES = $(hipd_hipd_sources)        \
>> +                    hipd/main.c
> 
> Umm, this looks like a giant hack. Why is the main function moved around
> like this?

>> @@ -220,6 +225,21 @@
>> 
>> +<<<<<<< TREE
>> +=======
>> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
>> +                                     test/modules/midauth/lib/midauth_builder.c \
>> +                                     test/modules/midauth/hipd/midauth.c        \
>> +                                     $(hipd_hipd_sources)
>> +
>> +# Include module Makefile.am's.
>> +# TODO: Make this inclusion dynamic
>> +include modules/heartbeat/Makefile.am
>> +include modules/heartbeat_update/Makefile.am
>> +include modules/midauth/Makefile.am
>> +include modules/update/Makefile.am
>> +
>> +>>>>>>> MERGE-SOURCE
> 
> Umm, no.  Sorry to be blunt here, but this is not acceptable.  We need
> to find a way to block merge requests with conflicts.  Yes, it's a bug
> in Bazaar to accept them in the first place, but if our tools are not
> smart enough we will need to find a protocol to work around this.
> 
> Submitting merge requests with conflicts is a needless waste of reviewer
> time.  Now that I'm no longer a paid member of the project I'll exercise
> my privilege of free time allocation and refuse to review such merge
> requests outright. :)
> 
> Any branch that gets submitted for merging and not just as an RFC needs
> to pass all mechanical checks that we have.  That means compiling and
> passing the test suite, ideally plus a few manual tests.  There is no
> point in using humans to check a branch before feeding it to the compiler.
> Plus, reviewer time is the scarce resource that we need to preserve.

IMO, we should have a merge proposal workflow that states:
1.) Prepare your branch to an extend that you would except it yourself.
2.) Ensure that policies are followed (no compile warnings, correct coding style, const correctness, and unit tests).
3.) Locally merge to trunk in order to check for merge conflicts.
4.) If (1) - (3) have successfully been applied, propose your branch for merge.

Did I forget anything important?

Ciao,
René

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-08-10:

On Wed, Aug 10, 2011 at 08:26:01AM +0000, René Hummen wrote:
>
> IMO, we should have a merge proposal workflow that states:
> 1.) Prepare your branch to an extend that you would except it yourself.
> 2.) Ensure that policies are followed (no compile warnings, correct
> coding style, const correctness, and unit tests).
> 3.) Locally merge to trunk in order to check for merge conflicts.
> 4.) If (1) - (3) have successfully been applied, propose your branch for merge.

The order is wrong, trunk should be merged or rebased *before* running
tests and preparing the branch. Nobody cares if the branch works, the
important thing is trunk.

> Did I forget anything important?

Yes:

5) Do not push your branch before addressing review comments.

Diego

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

HIPL core team

René Hummen

 === modified file '.bzrignore'
 --- .bzrignore	2011-07-21 17:27:23 +0000
 +++ .bzrignore	2011-08-09 11:19:24 +0000
@@ -56,6 +56,7 @@
  test/check_firewall
  test/check_lib_core
  test/check_lib_tool
++test/check_modules_midauth
  test/dh_performance
  test/fw_port_bindings_performance
  test/hc_performance
 === modified file 'Makefile.am'
 --- Makefile.am	2011-08-05 11:00:52 +0000
 +++ Makefile.am	2011-08-09 11:19:24 +0000
@@ -70,10 +70,12 @@
  if HIP_UNITTESTS
  TESTS           = test/check_firewall \
                    test/check_lib_core \
--                  test/check_lib_tool
++                  test/check_lib_tool \
++                  test/check_modules_midauth
  check_PROGRAMS  = test/check_firewall \
                    test/check_lib_core \
--                  test/check_lib_tool
++                  test/check_lib_tool \
++                  test/check_modules_midauth
  endif
@@ -91,7 +93,7 @@
  tools_hipconf_SOURCES  = tools/hipconf.c
  tools_pisacert_SOURCES = tools/pisacert.c
--hipd_hipd_SOURCES = hipd/accessor.c              \
++hipd_hipd_sources = hipd/accessor.c              \
                      hipd/cert.c                  \
                      hipd/close.c                 \
                      hipd/configfilereader.c      \
@@ -122,15 +124,20 @@
                      hipd/user_ipsec_sadb_api.c   \
                      modules/heartbeat/hipd/heartbeat.c          \
                      modules/heartbeat_update/hipd/hb_update.c   \
++                    modules/midauth/lib/midauth_builder.c       \
                      modules/update/hipd/update.c                \
                      modules/update/hipd/update_builder.c        \
                      modules/update/hipd/update_locator.c        \
                      modules/update/hipd/update_param_handling.c
  if HIP_MIDAUTH
--hipd_hipd_SOURCES +=  hipd/pisa.c
++hipd_hipd_sources += hipd/pisa.c
  endif
++hipd_hipd_SOURCES = $(hipd_hipd_sources)                \
++                    modules/midauth/hipd/midauth.c      \
++                    hipd/main.c
++
  firewall_hipfw_sources = firewall/cache.c               \
                           firewall/dlist.c               \
                           firewall/esp_prot_api.c        \
@@ -150,7 +157,8 @@
                           firewall/user_ipsec_api.c      \
                           firewall/user_ipsec_esp.c      \
                           firewall/user_ipsec_fw_msg.c   \
--                         firewall/user_ipsec_sadb.c
++                         firewall/user_ipsec_sadb.c     \
++                         modules/midauth/lib/midauth_builder.c
  if HIP_MIDAUTH
  firewall_hipfw_sources += firewall/midauth.c   \
@@ -220,6 +228,12 @@
                                test/lib/tool/checksum.c       \
                                test/lib/tool/pk.c
++test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
++                                     test/modules/midauth/lib/midauth_builder.c \
++                                     test/modules/midauth/hipd/midauth.c        \
++                                     $(hipd_hipd_sources)
++
++
  ### static library dependencies ###
  firewall_hipfw_LDADD                     = lib/core/libhipcore.la
@@ -228,6 +242,7 @@
  test_check_firewall_LDADD                = lib/core/libhipcore.la
  test_check_lib_core_LDADD                = lib/core/libhipcore.la
  test_check_lib_tool_LDADD                = lib/core/libhipcore.la
++test_check_modules_midauth_LDADD         = lib/core/libhipcore.la
  test_certteststub_LDADD                  = lib/core/libhipcore.la
  test_dh_performance_LDADD                = lib/core/libhipcore.la
  test_fw_port_bindings_performance_LDADD  = lib/core/libhipcore.la
 === modified file 'firewall/midauth.h'
 --- firewall/midauth.h	2011-04-20 09:10:18 +0000
 +++ firewall/midauth.h	2011-08-09 11:19:24 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -36,6 +36,7 @@
  #include <stdint.h>
  #include "lib/core/protodefs.h"
++#include "modules/midauth/lib/midauth_builder.h"
  #include "firewall_defines.h"
  typedef int (*midauth_handler)(struct hip_fw_context *ctx);
 === modified file 'hipd/hipd.c'
 --- hipd/hipd.c	2011-05-16 11:39:06 +0000
 +++ hipd/hipd.c	2011-08-09 11:19:24 +0000
@@ -205,7 +205,7 @@
   * @param flags pointer to the startup flags container
   * @return      nonzero if the caller should exit, 0 otherwise
   */
--static int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t *flags)
++int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t *flags)
+ {
      int c;
@@ -276,7 +276,7 @@
   * @param flags startup flags
   * @return      0 on success, negative error code otherwise
   */
--static int hipd_main(uint64_t flags)
++int hipd_main(uint64_t flags)
+ {
      int                       highest_descriptor = 0, err = 0;
      struct timeval            timeout;
@@ -422,48 +422,3 @@
      return err;
+ }
--
--/**
-- * the main function for hipd
-- *
-- * @param argc number of command line arguments
-- * @param argv the command line arguments
-- * @return zero on success or negative on error
-- */
--int main(int argc, char *argv[])
--{
--    uint64_t sflags = HIPD_START_FOREGROUND | HIPD_START_LOWCAP;
--
--    /* The flushing is enabled by default. The reason for this is that
--     * people are doing some very experimental features on some branches
--     * that may crash the daemon and leave the SAs floating around to
--     * disturb further base exchanges. Use -N flag to disable this. */
--    sflags |= HIPD_START_FLUSH_IPSEC;
--
--    /* The default behaviour is to allow hipd to load the required modules
--     * and unload them when exiting.
--     */
--    sflags |= HIPD_START_LOAD_KMOD;
--
--    /* set the initial verbosity level */
--    hip_set_logdebug(LOGDEBUG_MEDIUM);
--
--    /* One should be able to check the hipd version and usage,
--     * even without having root privileges.
--     */
--    if (hipd_parse_cmdline_opts(argc, argv, &sflags)) {
--        return EXIT_SUCCESS;
--    }
--
--    /* We need to recreate the NAT UDP sockets to bind to the new port. */
--    if (getuid()) {
--        HIP_ERROR("hipd must be started as root!\n");
--        return EXIT_FAILURE;
--    }
--
--    if (hipd_main(sflags)) {
--        return EXIT_FAILURE;
--    }
--
--    return EXIT_SUCCESS;
--}
 === modified file 'hipd/hipd.h'
 --- hipd/hipd.h	2011-05-16 11:00:04 +0000
 +++ hipd/hipd.h	2011-08-09 11:19:24 +0000
@@ -112,4 +112,7 @@
  /* Functions for handling outgoing packets. */
  int hip_sendto_firewall(const struct hip_common *msg);
++int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t * flags);
++int hipd_main(uint64_t flags);
++
  #endif /* HIP_HIPD_HIPD_H */
 === added file 'hipd/main.c'
 --- hipd/main.c	1970-01-01 00:00:00 +0000
 +++ hipd/main.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,84 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * The HIPL main file containing the daemon main function.
++ */
++
++#include <stdint.h>
++#include <unistd.h>
++#include <sys/types.h>
++
++
++#include "hipd/hipd.h"
++#include "init.h"
++#include "lib/core/debug.h"
++
++
++/**
++ * the main function for hipd
++ *
++ * @param argc number of command line arguments
++ * @param argv the command line arguments
++ * @return zero on success or negative on error
++ */
++int main(int argc, char *argv[])
++{
++    uint64_t sflags = HIPD_START_FOREGROUND | HIPD_START_LOWCAP;
++
++    /* The flushing is enabled by default. The reason for this is that
++     * people are doing some very experimental features on some branches
++     * that may crash the daemon and leave the SAs floating around to
++     * disturb further base exchanges. Use -N flag to disable this. */
++    sflags |= HIPD_START_FLUSH_IPSEC;
++
++    /* The default behaviour is to allow hipd to load the required modules
++     * and unload them when exiting.
++     */
++    sflags |= HIPD_START_LOAD_KMOD;
++
++    /* set the initial verbosity level */
++    hip_set_logdebug(LOGDEBUG_MEDIUM);
++
++    /* One should be able to check the hipd version and usage,
++     * even without having root privileges.
++     */
++    if (hipd_parse_cmdline_opts(argc, argv, &sflags)) {
++        return EXIT_SUCCESS;
++    }
++
++    /* We need to recreate the NAT UDP sockets to bind to the new port. */
++    if (getuid()) {
++        HIP_ERROR("hipd must be started as root!\n");
++        return EXIT_FAILURE;
++    }
++
++    if (hipd_main(sflags)) {
++        return EXIT_FAILURE;
++    }
++
++    return EXIT_SUCCESS;
++}
 === modified file 'hipd/output.c'
 --- hipd/output.c	2011-08-08 13:33:21 +0000
 +++ hipd/output.c	2011-08-09 11:19:24 +0000
@@ -1050,16 +1050,6 @@
      /********** CHALLENGE_RESPONSE **********/
  #ifdef CONFIG_HIP_MIDAUTH
--    /** @todo no caching is done for PUZZLE_M parameters. This may be
--     *        a DOS attack vector.
--     */
--    HIP_IFEL(hip_solve_puzzle_m(ctx->output_msg, ctx->input_msg),
--             -1, "Building of Challenge_Response failed\n");
--    midauth_cert = hip_pisa_get_certificate();
--
--    HIP_IFEL(hip_build_param(ctx->output_msg, ctx->hadb_entry->our_pub), -1,
--             "Building of host id failed\n");
--
      /* For now we just add some random data to see if it works */
      HIP_IFEL(hip_build_param_cert(ctx->output_msg, 1, 1, 1, 1, midauth_cert,
                                    strlen(midauth_cert)),
 === modified file 'lib/core/builder.c'
 --- lib/core/builder.c	2011-08-08 14:35:56 +0000
 +++ lib/core/builder.c	2011-08-09 11:19:24 +0000
@@ -679,13 +679,6 @@
          HIP_PARAM_ESP_PROT_BRANCH,
          HIP_PARAM_ESP_PROT_SECRET,
          HIP_PARAM_ESP_PROT_ROOT
--#ifdef CONFIG_HIP_MIDAUTH
--        ,
--        HIP_PARAM_ECHO_REQUEST_M,
--        HIP_PARAM_ECHO_RESPONSE_M,
--        HIP_PARAM_CHALLENGE_REQUEST,
--        HIP_PARAM_CHALLENGE_RESPONSE
--#endif /* CONFIG_HIP_MIDAUTH */
      };
      hip_tlv type = hip_get_param_type(param);
@@ -1166,10 +1159,8 @@
      case HIP_PARAM_DST_ADDR:        return "HIP_PARAM_DST_ADDR";
      case HIP_PARAM_ECHO_REQUEST:    return "HIP_PARAM_ECHO_REQUEST";
      case HIP_PARAM_ECHO_REQUEST_SIGN: return "HIP_PARAM_ECHO_REQUEST_SIGN";
--    case HIP_PARAM_ECHO_REQUEST_M:  return "HIP_PARAM_ECHO_REQUEST_M";
      case HIP_PARAM_ECHO_RESPONSE:   return "HIP_PARAM_ECHO_RESPONSE";
      case HIP_PARAM_ECHO_RESPONSE_SIGN: return "HIP_PARAM_ECHO_RESPONSE_SIGN";
--    case HIP_PARAM_ECHO_RESPONSE_M: return "HIP_PARAM_ECHO_RESPONSE_M";
      case HIP_PARAM_EID_ADDR:        return "HIP_PARAM_EID_ADDR";
      case HIP_PARAM_EID_ENDPOINT:    return "HIP_PARAM_EID_ENDPOINT";
      case HIP_PARAM_EID_IFACE:       return "HIP_PARAM_EID_IFACE";
@@ -1200,7 +1191,6 @@
      case HIP_PARAM_NOTIFICATION:    return "HIP_PARAM_NOTIFICATION";
      case HIP_PARAM_PORTPAIR:        return "HIP_PARAM_PORTPAIR";
      case HIP_PARAM_PUZZLE:          return "HIP_PARAM_PUZZLE";
--    case HIP_PARAM_CHALLENGE_REQUEST:       return "HIP_PARAM_CHALLENGE_REQUEST";
      case HIP_PARAM_R1_COUNTER:      return "HIP_PARAM_R1_COUNTER";
      case HIP_PARAM_REG_FAILED:      return "HIP_PARAM_REG_FAILED";
      case HIP_PARAM_REG_FROM:        return "HIP_PARAM_REG_FROM";
@@ -1213,7 +1203,6 @@
      case HIP_PARAM_RVS_HMAC:        return "HIP_PARAM_RVS_HMAC";
      case HIP_PARAM_SEQ:             return "HIP_PARAM_SEQ";
      case HIP_PARAM_SOLUTION:        return "HIP_PARAM_SOLUTION";
--    case HIP_PARAM_CHALLENGE_RESPONSE:      return "HIP_PARAM_CHALLENGE_RESPONSE";
      case HIP_PARAM_SRC_ADDR:        return "HIP_PARAM_SRC_ADDR";
      case HIP_PARAM_TO_PEER:         return "HIP_PARAM_TO_PEER";
      case HIP_PARAM_UINT:            return "HIP_PARAM_UINT";
@@ -2339,88 +2328,6 @@
                                     hip_get_param_contents_direct(&puzzle));
+ }
--#ifdef CONFIG_HIP_MIDAUTH
--/**
-- * Build and append a HIP challenge_request to the message.
-- *
-- * The puzzle mechanism assumes that every value is in network byte order
-- * except for the hip_birthday_cookie.cv union, where the value is in
-- * host byte order. This is an exception to the normal builder rules, where
-- * input arguments are normally always in host byte order.
-- *
-- * @param msg the message where the puzzle_m is to be appended
-- * @param val_K the K value for the puzzle_m
-- * @param lifetime lifetime field of the puzzle_m
-- * @param opaque the opaque data filed of the puzzle_m
-- * @param opaque_len the length uf the opaque data field
-- *
-- * @return zero for success, or non-zero on error
-- */
--int hip_build_param_challenge_request(struct hip_common *msg,
--                                      uint8_t val_K,
--                                      uint8_t lifetime,
--                                      uint8_t *opaque,
--                                      uint8_t opaque_len)
--{
--    struct hip_challenge_request puzzle;
--
--    /* note: the length cannot be calculated with calc_param_len() */
--    hip_set_param_contents_len((struct hip_tlv_common *) &puzzle,
--                               sizeof(struct hip_challenge_request) -
--                               sizeof(struct hip_tlv_common));
--    /* Type 2 (in R1) or 3 (in I2) */
--    hip_set_param_type((struct hip_tlv_common *) &puzzle,
--                       HIP_PARAM_CHALLENGE_REQUEST);
--
--    /* only the random_j_k is in host byte order */
--    puzzle.K        = val_K;
--    puzzle.lifetime = lifetime;
--    memcpy(&puzzle.opaque, opaque, opaque_len);
--
--    return hip_build_generic_param(msg, &puzzle, sizeof(struct hip_tlv_common),
--                                   hip_get_param_contents_direct(&puzzle));
--}
--
--/**
-- * Build and append a HIP solution into the message.
-- *
-- * The puzzle mechanism assumes that every value is in network byte order
-- * except for the hip_birthday_cookie.cv union, where the value is in
-- * host byte order. This is an exception to the normal builder rules, where
-- * input arguments are normally always in host byte order.
-- *
-- * @param msg       the message where the solution is to be appended
-- * @param pz        values from the corresponding hip_challenge_request copied to the solution
-- * @param solution  value for the solution (in host byte order)
-- *
-- * @return zero for success, or non-zero on error
-- */
--int hip_build_param_challenge_response(struct hip_common *const msg,
--                                       const struct hip_challenge_request *const pz,
--                                       const uint8_t solution[PUZZLE_LENGTH])
--{
--    struct hip_challenge_response cookie;
--    int                           opaque_len = 0;
--
--    /* note: the length cannot be calculated with calc_param_len() */
--    hip_set_param_contents_len((struct hip_tlv_common *) &cookie,
--                               sizeof(struct hip_challenge_response) -
--                               sizeof(struct hip_tlv_common));
--    /* Type 2 (in R1) or 3 (in I2) */
--    hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_CHALLENGE_RESPONSE);
--
--    memcpy(cookie.J, solution, PUZZLE_LENGTH);
--    cookie.K        = pz->K;
--    cookie.lifetime = pz->K;
--    opaque_len      = sizeof(pz->opaque) / sizeof(pz->opaque[0]);
--    memcpy(&cookie.opaque, pz->opaque, opaque_len);
--
--    return hip_build_generic_param(msg, &cookie, sizeof(struct hip_tlv_common),
--                                   hip_get_param_contents_direct(&cookie));
--}
--
--#endif /* CONFIG_HIP_MIDAUTH */
--
  /**
   * Build and append a HIP solution into the message.
+  *
@@ -3850,6 +3757,14 @@
      SHA_CTX sha;
      MD5_CTX md5;
++    HIP_ASSERT(in != NULL);
++    HIP_ASSERT(out != NULL);
++
++    if (in_len <= 0) {
++        HIP_ERROR("invalid input length: %i\n", in_len);
++        return -1;
++    }
++
      switch (type) {
      case HIP_DIGEST_SHA1:
          SHA1_Init(&sha);
 === modified file 'lib/core/builder.h'
 --- lib/core/builder.h	2011-07-18 13:10:26 +0000
 +++ lib/core/builder.h	2011-08-09 11:19:24 +0000
@@ -133,12 +133,6 @@
                             const uint32_t opaque,
                             const uint8_t *const random_i);
--int hip_build_param_challenge_request(struct hip_common *,
--                                      uint8_t,
--                                      uint8_t,
--                                      uint8_t *,
--                                      uint8_t);
--
  int hip_build_param_r1_counter(struct hip_common *, uint64_t);
  int hip_build_param_signature2_contents(struct hip_common *,
@@ -153,10 +147,6 @@
                               const struct hip_puzzle *,
                               uint8_t *const);
--int hip_build_param_challenge_response(struct hip_common *const msg,
--                                       const struct hip_challenge_request *const pz,
--                                       const uint8_t *const solution);
--
  int hip_build_param(struct hip_common *, const void *);
  void hip_set_msg_response(struct hip_common *msg, uint8_t on);
  uint8_t hip_get_msg_response(struct hip_common *msg);
 === modified file 'lib/core/protodefs.h'
 --- lib/core/protodefs.h	2011-07-28 18:11:17 +0000
 +++ lib/core/protodefs.h	2011-08-09 11:19:24 +0000
@@ -140,7 +140,6 @@
  #define HIP_PARAM_LOCATOR              193
  #define HIP_PARAM_PUZZLE               257
  #define HIP_PARAM_SOLUTION             321
--#define HIP_PARAM_CHALLENGE_RESPONSE   322
  #define HIP_PARAM_SEQ                  385
  #define HIP_PARAM_ACK                  449
  #define HIP_PARAM_DIFFIE_HELLMAN       513
@@ -156,7 +155,6 @@
  #define HIP_PARAM_REG_FAILED           936
  #define HIP_PARAM_REG_FROM             950
  #define HIP_PARAM_ECHO_RESPONSE_SIGN   961
--#define HIP_PARAM_ECHO_RESPONSE_M      962
  #define HIP_PARAM_ESP_TRANSFORM        4095
  #define HIP_PARAM_ESP_PROT_TRANSFORMS  4120
  #define HIP_PARAM_ESP_PROT_ANCHOR      4121
@@ -230,8 +228,6 @@
  //#define HIP_PARAM_REG_FROM            64010
  #define HIP_PARAM_TO_PEER               64006
  #define HIP_PARAM_FROM_PEER             64008
--#define HIP_PARAM_ECHO_REQUEST_M        65332
--#define HIP_PARAM_CHALLENGE_REQUEST     65334
  #define HIP_PARAM_FROM                  65498
  #define HIP_PARAM_RVS_HMAC              65500
  #define HIP_PARAM_VIA_RVS               65502
@@ -783,25 +779,6 @@
      uint8_t     J[PUZZLE_LENGTH];
  } __attribute__((packed));
--
--
--struct hip_challenge_request {
--    hip_tlv     type;
--    hip_tlv_len length;
--    uint8_t     K;
--    uint8_t     lifetime;
--    uint8_t     opaque[24];           /**< variable length */
--} __attribute__((packed));
--
--struct hip_challenge_response {
--    hip_tlv     type;
--    hip_tlv_len length;
--    uint8_t     K;
--    uint8_t     lifetime;
--    uint8_t     J[PUZZLE_LENGTH];
--    uint8_t     opaque[24];           /**< variable length */
--} __attribute__((packed));
--
  struct hip_dh_public_value {
      uint8_t  group_id;
      uint16_t pub_len;
 === modified file 'lib/core/solve.c'
 --- lib/core/solve.c	2011-04-20 09:38:33 +0000
 +++ lib/core/solve.c	2011-08-09 11:19:24 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -174,59 +174,3 @@
      return 0;
+ }
--
--#ifdef CONFIG_HIP_MIDAUTH
--/**
-- * solve a midauth puzzle which is essentially a normal HIP cookie
-- * with some extra whipped cream on the top
-- *
-- * @param out the received R1 message
-- * @param in an I2 message where the solution will be written
-- * @return zero on success and negative on error
-- * @see <a
-- * href="http://tools.ietf.org/id/draft-heer-hip-middle-auth">Heer et
-- * al, End-Host Authentication for HIP Middleboxes, Internet draft,
-- * work in progress, February 2009</a>
-- */
--int hip_solve_puzzle_m(struct hip_common *const out,
--                       const struct hip_common *const in)
--{
--    struct puzzle_hash_input            puzzle_input;
--    const struct hip_challenge_request *pz;
--    uint8_t                             digest[HIP_AH_SHA_LEN];
--
--    pz = hip_get_param(in, HIP_PARAM_CHALLENGE_REQUEST);
--    while (pz) {
--        if (hip_get_param_type(pz) != HIP_PARAM_CHALLENGE_REQUEST) {
--            break;
--        }
--
--        if (hip_build_digest(HIP_DIGEST_SHA1, pz->opaque, 24, digest) < 0) {
--            HIP_ERROR("Building of SHA1 Random seed I failed\n");
--            return -1;
--        }
--
--        memcpy(puzzle_input.puzzle,
--               &digest[HIP_AH_SHA_LEN - PUZZLE_LENGTH],
--               PUZZLE_LENGTH);
--        puzzle_input.initiator_hit = out->hits;
--        puzzle_input.responder_hit = out->hitr;
--        RAND_bytes(puzzle_input.solution, PUZZLE_LENGTH);
--
--        if ((hip_solve_puzzle(&puzzle_input, pz->K))) {
--            HIP_ERROR("Solving of puzzle failed\n");
--            return -EINVAL;
--        }
--
--        if (hip_build_param_challenge_response(out, pz, puzzle_input.solution) < 0) {
--            HIP_ERROR("Error while creating solution_m reply parameter\n");
--            return -1;
--        }
--        pz = (const struct hip_challenge_request *)
--             hip_get_next_param(in, (const struct hip_tlv_common *) pz);
--    }
--
--    return 0;
--}
--
--#endif /* CONFIG_HIP_MIDAUTH */
 === modified file 'lib/core/solve.h'
 --- lib/core/solve.h	2011-07-28 18:11:17 +0000
 +++ lib/core/solve.h	2011-08-09 11:19:24 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -55,7 +55,4 @@
  int hip_verify_puzzle_solution(const struct puzzle_hash_input *const puzzle_input,
                                 const uint8_t difficulty);
--int hip_solve_puzzle_m(struct hip_common *const out,
--                       const struct hip_common *const in);
--
  #endif /* HIP_LIB_CORE_SOLVE_H */
 === added directory 'modules/midauth'
 === added directory 'modules/midauth/hipd'
 === added file 'modules/midauth/hipd/midauth.c'
 --- modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
 +++ modules/midauth/hipd/midauth.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,229 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains the implementation for the middlebox authentication
++ * extension.
++ *
++ * @author Rene Hummen
++ */
++
++#include <errno.h>
++#include <stdint.h>
++#include <string.h>
++
++#include "hipd/hidb.h"
++#include "hipd/pkt_handling.h"
++#include "lib/core/builder.h"
++#include "lib/core/common.h"
++#include "lib/core/ife.h"
++#include "lib/core/modularization.h"
++#include "lib/core/protodefs.h"
++#include "lib/core/solve.h"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "modules/update/hipd/update.h"
++#include "midauth.h"
++
++
++/**
++ * Handle the CHALLENGE_REQUEST parameter.
++ *
++ * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
++ * @param ha_state The host association state (RFC 5201, 4.4.1.)
++ * @param ctx Pointer to the packet context, containing all information for
++ *            the packet handling (received message, source and destination
++ *            address, the ports and the corresponding entry from the host
++ *            association database).
++ *
++ * @return zero if the challenge was processed correctly or no challenge
++ * parameter was attached to the packet, negative value otherwise.
++ */
++static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
++                                          UNUSED const uint32_t ha_state,
++                                          struct hip_packet_context *ctx)
++{
++    const struct hip_challenge_request *request = NULL;
++
++    request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
++
++    // each on-path middlebox may add a challenge on its own
++    while (request &&
++           hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST) {
++        struct puzzle_hash_input tmp_puzzle;
++        const unsigned int       len = hip_challenge_request_opaque_len(request);
++
++        if (hip_midauth_puzzle_seed(request->opaque, len, tmp_puzzle.puzzle)) {
++            HIP_ERROR("failed to derive midauth puzzle\n");
++            return -1;
++        }
++
++        tmp_puzzle.initiator_hit = ctx->input_msg->hitr;
++        tmp_puzzle.responder_hit = ctx->input_msg->hits;
++
++        if (hip_solve_puzzle(&tmp_puzzle, request->K)) {
++            HIP_ERROR("Solving of middlebox challenge failed\n");
++            return -EINVAL;
++        }
++
++        if (hip_build_param_challenge_response(ctx->output_msg,
++                                               request,
++                                               tmp_puzzle.solution) < 0) {
++            HIP_ERROR("Error while creating CHALLENGE_RESPONSE parameter\n");
++            return -1;
++        }
++
++        // process next challenge parameter, if available
++        request = (const struct hip_challenge_request *)
++                  hip_get_next_param(ctx->input_msg, &request->tlv);
++    }
++
++    return 0;
++}
++
++/**
++ * Add a HOST_ID parameter corresponding to the local HIT of the association to
++ * an UPDATE packet.
++ *
++ * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
++ * @param ha_state The host association state (RFC 5201, 4.4.1.)
++ * @param ctx Pointer to the packet context, containing all information for
++ *            the packet handling (received message, source and destination
++ *            address, the ports and the corresponding entry from the host
++ *            association database).
++ *
++ * @return zero on success, negative value otherwise
++ */
++static int add_host_id_param_update(UNUSED const uint8_t packet_type,
++                                    UNUSED const uint32_t ha_state,
++                                    struct hip_packet_context *ctx)
++{
++    const struct hip_challenge_request *const challenge_request =
++        hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
++
++    // add HOST_ID to packets containing a CHALLENGE_RESPONSE
++    if (challenge_request) {
++        const struct local_host_id *const host_id_entry =
++            hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID,
++                                                 &ctx->input_msg->hitr,
++                                                 HIP_ANY_ALGO,
++                                                 -1);
++        if (!host_id_entry) {
++            HIP_ERROR("Unknown HIT\n");
++            return -1;
++        }
++
++        if (hip_build_param_host_id(ctx->output_msg, &host_id_entry->host_id)) {
++            HIP_ERROR("Building of host id failed\n");
++            return -1;
++        }
++    }
++
++    return 0;
++}
++
++/**
++ * Initialization function for the midauth module.
++ *
++ * @return zero on success, negative value otherwise
++ */
++int hip_midauth_init(void)
++{
++    if (lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
++                                     "HIP_PARAM_CHALLENGE_REQUEST")) {
++        HIP_ERROR("failed to register parameter type\n");
++        return -1;
++    }
++
++    if (lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
++                                     "HIP_PARAM_CHALLENGE_RESPONSE")) {
++        HIP_ERROR("failed to register parameter type\n");
++        return -1;
++    }
++
++    const int challenge_request_R1_states[] = { HIP_STATE_I1_SENT,
++                                                HIP_STATE_I2_SENT,
++                                                HIP_STATE_CLOSING,
++                                                HIP_STATE_CLOSED };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_R1_states); i++) {
++        if (hip_register_handle_function(HIP_R1,
++                                         challenge_request_R1_states[i],
++                                         &handle_challenge_request_param,
++                                         32500)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    //
++    // we hook on every occasion that causes an R2 to get sent.
++    // R2 packet is first allocated at 40000, so we use a higher
++    // base priority here.
++    //
++    const int challenge_request_I2_states[] = { HIP_STATE_UNASSOCIATED,
++                                                HIP_STATE_I1_SENT,
++                                                HIP_STATE_I2_SENT,
++                                                HIP_STATE_R2_SENT,
++                                                HIP_STATE_ESTABLISHED,
++                                                HIP_STATE_CLOSING,
++                                                HIP_STATE_CLOSED,
++                                                HIP_STATE_NONE };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_I2_states); i++) {
++        if (hip_register_handle_function(HIP_I2,
++                                         challenge_request_I2_states[i],
++                                         &handle_challenge_request_param,
++                                         40322)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    //
++    // Priority computed the same as above, but UPDATE response is sent at
++    // priority 30000 already (checking is 20000) and we must add our
++    // CHALLENGE_REQUEST verification in between, hence a lower base priority.
++    //
++    const int challenge_request_UPDATE_states[] = { HIP_STATE_R2_SENT,
++                                                    HIP_STATE_ESTABLISHED };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_UPDATE_states); i++) {
++        if (hip_register_handle_function(HIP_UPDATE,
++                                         challenge_request_UPDATE_states[i],
++                                         &handle_challenge_request_param,
++                                         20322)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++
++        if (hip_register_handle_function(HIP_UPDATE,
++                                         challenge_request_UPDATE_states[i],
++                                         &add_host_id_param_update,
++                                         20750)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    return 0;
++}
 === added file 'modules/midauth/hipd/midauth.h'
 --- modules/midauth/hipd/midauth.h	1970-01-01 00:00:00 +0000
 +++ modules/midauth/hipd/midauth.h	2011-08-09 11:19:24 +0000
@@ -0,0 +1,34 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#ifndef MODULES_MIDAUTH_HIPD_MIDAUTH_H
++#define MODULES_MIDAUTH_HIPD_MIDAUTH_H
++
++#define HIP_PARAM_CHALLENGE_REQUEST  65334
++#define HIP_PARAM_CHALLENGE_RESPONSE 322
++
++int hip_midauth_init(void);
++
++#endif /* MODULES_MIDAUTH_HIPD_MIDAUTH_H */
 === added directory 'modules/midauth/lib'
 === added file 'modules/midauth/lib/midauth_builder.c'
 --- modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
 +++ modules/midauth/lib/midauth_builder.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,181 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains parameter handling functionality for the middlebox
++ * authentication extension.
++ *
++ * @author Rene Hummen
++ * @author Christof Mroz <christof.mroz@rwth-aachen.de>
++ */
++
++#include <stdint.h>
++#include <string.h>
++
++#include "lib/core/ife.h"
++#include "modules/midauth/hipd/midauth.h"
++#include "midauth_builder.h"
++
++
++/**
++ * Build and append a HIP CHALLENGE_REQUEST to the message.
++ *
++ * @param msg           the message where the CHALLENGE_REQUEST is appended
++ * @param difficulty    the puzzle difficulty for the CHALLENGE_REQUEST
++ * @param lifetime      lifetime the puzzle nonce
++ * @param opaque        the nonce (challenge) of the CHALLENGE_REQUEST
++ * @param opaque_len    the length of the nonce
++ *
++ * @return zero for success, or negative value on error
++ */
++int hip_build_param_challenge_request(struct hip_common *const msg,
++                                      const uint8_t difficulty,
++                                      const uint8_t lifetime,
++                                      const uint8_t *opaque,
++                                      const uint8_t opaque_len)
++{
++    struct hip_challenge_request request;
++    static const size_t          min_length = sizeof(request) -
++                                              sizeof(request.tlv) -
++                                              sizeof(request.opaque);
++
++    HIP_ASSERT(opaque);
++
++    /* note: the length cannot be calculated with calc_param_len() */
++    hip_set_param_contents_len(&request.tlv, min_length + opaque_len);
++    hip_set_param_type(&request.tlv, HIP_PARAM_CHALLENGE_REQUEST);
++
++    /* only the random_j_k is in host byte order */
++    request.K        = difficulty;
++    request.lifetime = lifetime;
++    memcpy(&request.opaque, opaque, opaque_len);
++
++    if (hip_build_param(msg, &request) != 0) {
++        HIP_ERROR("failed to build parameter\n");
++        return -1;
++    }
++
++    return 0;
++}
++
++/**
++ * Build and append a HIP CHALLENGE_RESPONSE to the message.
++ *
++ * @param msg       the message where the CHALLENGE_RESPONSE is appended
++ * @param request   the received CHALLENGE_REQUEST parameter for this response
++ * @param solution  the solution for the puzzle in the CHALLENGE_REQUEST
++ *
++ * @return zero for success, or negative value on error
++ */
++int hip_build_param_challenge_response(struct hip_common *const msg,
++                                       const struct hip_challenge_request *const request,
++                                       const uint8_t solution[PUZZLE_LENGTH])
++{
++    struct hip_challenge_response response;
++    static const size_t           min_length = sizeof(response) -
++                                               sizeof(response.tlv) -
++                                               sizeof(response.opaque);
++
++    if (!request || !solution) {
++        HIP_ERROR("Unexpected input parameter values (NULL).\n");
++        return -1;
++    }
++
++    const int opaque_len = hip_challenge_request_opaque_len(request);
++
++    /* note: the length cannot be calculated with calc_param_len() */
++    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
++    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
++
++    memcpy(response.J, solution, PUZZLE_LENGTH);
++    response.K        = request->K;
++    response.lifetime = request->lifetime;
++    memcpy(response.opaque, request->opaque, opaque_len);
++
++    if (hip_build_param(msg, &response)) {
++        HIP_ERROR("failed to build parameter\n");
++        return -1;
++    }
++
++    return 0;
++}
++
++/**
++ * Compute length of opaque field in CHALLENGE_REQUEST parameter.
++ *
++ * @param request  the CHALLENGE_REQUEST parameter
++ * @return length of the opaque field; 0 in case of error or if length equals 0
++ */
++unsigned int hip_challenge_request_opaque_len(const struct hip_challenge_request *const request)
++{
++    if (!request) {
++        return 0;
++    }
++
++    static const size_t min_len = sizeof(*request) -
++                                  sizeof(request->tlv) -
++                                  sizeof(request->opaque);
++
++    return hip_get_param_contents_len(&request->tlv) - min_len;
++}
++
++/**
++ * Convert the opaque value in the CHALLENGE_REQUEST to the seed value I of a
++ * HIP puzzle.
++ *
++ * The opaque value plays a dual role in a CHALLENGE_REQUEST:
++ * i)  it is a challenge that needs to be echoed back by the responder and
++ * ii) it is used to derive the seed value for a cryptographic puzzle. The
++ *     puzzle is defined in RFC5201.
++ *
++ * @param opaque            the nonce (challenge) in the CHALLENGE_REQUEST
++ * @param opaque_len        the length of the nonce
++ * @param puzzle_value      the puzzle value generated from the nonce
++ * @return zero on success, -1 in case of an error
++ */
++int hip_midauth_puzzle_seed(const uint8_t opaque[],
++                            const unsigned int opaque_len,
++                            uint8_t puzzle_value[PUZZLE_LENGTH])
++{
++    unsigned char sha_digest[SHA_DIGEST_LENGTH];
++
++    HIP_ASSERT(puzzle_value != NULL);
++
++    // the hashed opaque field is used as puzzle seed
++    if (hip_build_digest(HIP_DIGEST_SHA1,
++                         opaque,
++                         opaque_len,
++                         sha_digest)) {
++        HIP_ERROR("Building of SHA1 random seed I failed\n");
++        return -1;
++    }
++
++    memcpy(puzzle_value,
++           &sha_digest[SHA_DIGEST_LENGTH - PUZZLE_LENGTH],
++           PUZZLE_LENGTH);
++
++    return 0;
++}
 === added file 'modules/midauth/lib/midauth_builder.h'
 --- modules/midauth/lib/midauth_builder.h	1970-01-01 00:00:00 +0000
 +++ modules/midauth/lib/midauth_builder.h	2011-08-09 11:19:24 +0000
@@ -0,0 +1,79 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains parameter handling functionality for the middlebox
++ * authentication extension.
++ *
++ * @author Rene Hummen
++ * @author Christof Mroz <christof.mroz@rwth-aachen.de>
++ */
++
++#ifndef MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H
++#define MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H
++
++#include <stdint.h>
++
++#include "lib/core/builder.h"
++#include "lib/core/protodefs.h"
++
++
++#define MAX_CHALLENGE_LENGTH 256
++
++
++struct hip_challenge_request {
++    struct hip_tlv_common tlv;
++    uint8_t               K;
++    uint8_t               lifetime;
++    uint8_t               opaque[MAX_CHALLENGE_LENGTH];           /**< variable length */
++} __attribute__ ((packed));
++
++struct hip_challenge_response {
++    struct hip_tlv_common tlv;
++    uint8_t               K;
++    uint8_t               lifetime;
++    uint8_t               J[PUZZLE_LENGTH];
++    uint8_t               opaque[MAX_CHALLENGE_LENGTH]; /**< variable length */
++} __attribute__ ((packed));
++
++
++int hip_build_param_challenge_request(struct hip_common *const msg,
++                                      const uint8_t difficulty,
++                                      const uint8_t lifetime,
++                                      const uint8_t *opaque,
++                                      const uint8_t opaque_len);
++
++int hip_build_param_challenge_response(struct hip_common *const msg,
++                                       const struct hip_challenge_request *const request,
++                                       const uint8_t *const solution);
++
++unsigned int hip_challenge_request_opaque_len(const struct hip_challenge_request *const request);
++
++int hip_midauth_puzzle_seed(const uint8_t *const opaque,
++                            const unsigned int opaque_len,
++                            uint8_t *const puzzle_value);
++
++#endif /* MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H */
 === added file 'modules/midauth/module_info.xml'
 --- modules/midauth/module_info.xml	1970-01-01 00:00:00 +0000
 +++ modules/midauth/module_info.xml	2011-08-09 11:19:24 +0000
@@ -0,0 +1,47 @@
++<!--
++Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++
++Permission is hereby granted, free of charge, to any person
++obtaining a copy of this software and associated documentation
++files (the "Software"), to deal in the Software without
++restriction, including without limitation the rights to use,
++copy, modify, merge, publish, distribute, sublicense, and/or sell
++copies of the Software, and to permit persons to whom the
++Software is furnished to do so, subject to the following
++conditions:
++
++The above copyright notice and this permission notice shall be
++included in all copies or substantial portions of the Software.
++
++THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++OTHER DEALINGS IN THE SOFTWARE.
++-->
++
++<?xml version="1.0" encoding="UTF-8"?>
++
++<!-- Mandatory: name, version -->
++<module
++    name="midauth"
++    version="0.0.1"
++    description="Middlebox authentication functionality for the hip daemon."
++    developer=""
++    bugaddress="hipl-users@freelists.org"
++    webpage="http://infrahip.hiit.fi/">
++
++    <requires>
++        <module name="update" minversion="0.0.1" />
++    </requires>
++
++    <!-- Mandatory: name, header_file, init_function -->
++    <application
++        name="hipd"
++        header_file="modules/midauth/hipd/midauth.h"
++        init_function="hip_midauth_init" />
++</module>
++
 === added file 'test/check_modules_midauth.c'
 --- test/check_modules_midauth.c	1970-01-01 00:00:00 +0000
 +++ test/check_modules_midauth.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,46 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * @brief Unit tests of modules/midauth (see doc/HACKING on unit tests).
++ */
++
++#include <stdlib.h>
++#include <check.h>
++
++#include "test/modules/midauth/test_suites.h"
++
++int main(void)
++{
++    int      number_failed;
++    SRunner *sr = srunner_create(modules_midauth_lib_builder());
++    srunner_add_suite(sr, modules_midauth_hipd_midauth());
++
++    srunner_run_all(sr, CK_NORMAL);
++    number_failed = srunner_ntests_failed(sr);
++    srunner_free(sr);
++    return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
++}
 === added directory 'test/modules'
 === added directory 'test/modules/midauth'
 === added directory 'test/modules/midauth/hipd'
 === added file 'test/modules/midauth/hipd/midauth.c'
 --- test/modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/hipd/midauth.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,120 @@
++/*
++ * Copyright (c) 2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <check.h>
++#include <stdint.h>
++
++#include "modules/midauth/hipd/midauth.c"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "../test_suites.h"
++
++#define MIDAUTH_DEFAULT_NONCE_LENGTH 18
++
++/* Test where the HIP packet does not contain any CHALLANGE_REQUESTs */
++START_TEST(test_midauth_handle_challenge_request_param_0_CORRECT)
++{
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) == NULL,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_handle_challenge_request_param_1_CORRECT)
++{
++    const uint8_t opaque1[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque1,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_handle_challenge_request_param_2_CORRECT)
++{
++    const uint8_t opaque1[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const uint8_t opaque2[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0d";
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque1,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque2,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++    fail_unless(hip_get_next_param(ctx.output_msg,
++                                   (const struct hip_tlv_common *) response) !=
++                NULL, NULL);
++}
++END_TEST
++
++Suite *modules_midauth_hipd_midauth(void)
++{
++    Suite *s = suite_create("modules/midauth/hipd/midauth");
++    TCase *tc_midauth = tcase_create("Midauth");
++
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_0_CORRECT);
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_1_CORRECT);
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_2_CORRECT);
++
++    suite_add_tcase(s, tc_midauth);
++
++    return s;
++}
 === added directory 'test/modules/midauth/lib'
 === added file 'test/modules/midauth/lib/midauth_builder.c'
 --- test/modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/lib/midauth_builder.c	2011-08-09 11:19:24 +0000
@@ -0,0 +1,265 @@
++/*
++ * Copyright (c) 2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <check.h>
++#include <stdint.h>
++
++#include "lib/core/protodefs.h"
++#include "modules/midauth/hipd/midauth.h"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "../test_suites.h"
++
++#define MIDAUTH_DEFAULT_NONCE_LENGTH 18
++
++START_TEST(test_midauth_builder_build_param_challenge_request_NULL_msg)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++
++    fail_unless(hip_build_param_challenge_request(NULL, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                -1, NULL);
++}
++END_TEST
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++START_TEST(test_midauth_builder_build_param_challenge_request_NULL_opaque)
++{
++    struct hip_common *const msg = hip_msg_alloc();
++
++    hip_build_param_challenge_request(msg, 0, 0, NULL,
++                                      MIDAUTH_DEFAULT_NONCE_LENGTH);
++}
++END_TEST
++#endif /* HAVE_TCASE_ADD_EXIT_TEST */
++
++START_TEST(test_midauth_builder_build_param_challenge_request_0_opaque_len)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  0) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_request_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const char cmp_challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                         "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                         "\x15\x06\x08\x49\x50\x0C";
++    const struct hip_challenge_request *request = NULL;
++    struct hip_common *const            msg     = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless((request = hip_get_param(msg, HIP_PARAM_CHALLENGE_REQUEST)) != NULL,
++                NULL);
++    fail_unless(memcmp(request, &cmp_challenge_request,
++                       hip_get_param_total_len(request)) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_msg)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const uint8_t                       solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request    =
++        (const struct hip_challenge_request *) challenge_request;
++
++    fail_unless(hip_build_param_challenge_response(NULL, request, solution) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_request)
++{
++    const uint8_t                       solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request    = NULL;
++    struct hip_common *const            msg        = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, solution) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_solution)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const struct hip_challenge_request *request =
++        (const struct hip_challenge_request *) challenge_request;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, NULL) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_CORRECT)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const char cmp_challenge_response[] = "\x01\x42\x00\x1C\x00\x00\x01\x41\x01"
++                                          "\x14\x05\x00\x48\x49\x01\x41\x01\x14"
++                                          "\x05\x00\x48\x49\x0b\x02\x42\x02\x15"
++                                          "\x06\x08\x49\x50\x0c";
++    const uint8_t                       solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request    =
++        (const struct hip_challenge_request *) challenge_request;
++    const struct hip_challenge_response *response = NULL;
++    struct hip_common *const             msg      = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, solution) == 0,
++                NULL);
++    fail_unless((response = hip_get_param(msg, HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++    fail_unless(memcmp(response, &cmp_challenge_response,
++                       hip_get_param_total_len(response)) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_challenge_request_opaque_len_NULL)
++{
++    fail_unless(hip_challenge_request_opaque_len(NULL) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_challenge_request_opaque_len_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const struct hip_challenge_request *request = NULL;
++    struct hip_common *const            msg     = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless((request = hip_get_param(msg, HIP_PARAM_CHALLENGE_REQUEST)) != NULL,
++                NULL);
++    fail_unless(hip_challenge_request_opaque_len(request) ==
++                MIDAUTH_DEFAULT_NONCE_LENGTH, NULL);
++}
++END_TEST
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++START_TEST(test_midauth_builder_puzzle_seed_NULL_opaque)
++{
++    const uint8_t *const opaque = NULL;
++    uint8_t              puzzle_value[PUZZLE_LENGTH];
++
++    hip_midauth_puzzle_seed(opaque, MIDAUTH_DEFAULT_NONCE_LENGTH, puzzle_value);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_puzzle_seed_NULL_puzzle_value)
++{
++    const uint8_t opaque[] = "\x01\x41\x00\x14\x05\x00\x48\x49\x0b";
++
++    hip_midauth_puzzle_seed(opaque,
++                            MIDAUTH_DEFAULT_NONCE_LENGTH,
++                            NULL);
++}
++END_TEST
++#endif /* HAVE_TCASE_ADD_EXIT_TEST */
++
++START_TEST(test_midauth_builder_puzzle_seed_0_opaque_len)
++{
++    const uint8_t opaque[] = "\x01\x41\x00\x14\x05\x00\x48\x49\x0b";
++    uint8_t       puzzle_value[PUZZLE_LENGTH];
++
++    fail_unless(hip_midauth_puzzle_seed(opaque,
++                                        0,
++                                        puzzle_value) == -1, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_puzzle_seed_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    uint8_t puzzle_value[PUZZLE_LENGTH];
++    uint8_t correct_puzzle_value[] = "\x43\x03\x8F\xD7\x2F\xC7\xD2\xF3";
++
++    fail_unless(hip_midauth_puzzle_seed(opaque,
++                                        MIDAUTH_DEFAULT_NONCE_LENGTH,
++                                        puzzle_value) == 0, NULL);
++    fail_unless(memcmp(correct_puzzle_value, puzzle_value, PUZZLE_LENGTH) == 0,
++                NULL);
++}
++END_TEST
++
++Suite *modules_midauth_lib_builder(void)
++{
++    Suite *s                  = suite_create("modules/midauth/lib/midauth_builder");
++    TCase *tc_midauth_builder = tcase_create("Midauth_builder");
++
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_NULL_msg);
++// the tcase_add_exit_test macro is only available in check 0.9.8 or later but
++// scratchbox uses an older version of checkc so we try to avoid this macro
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++    tcase_add_exit_test(tc_midauth_builder,
++                        test_midauth_builder_build_param_challenge_request_NULL_opaque,
++                        1);
++#endif
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_0_opaque_len);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_CORRECT);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_msg);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_request);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_solution);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_CORRECT);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_challenge_request_opaque_len_NULL);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_challenge_request_opaque_len_CORRECT);
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++    tcase_add_exit_test(tc_midauth_builder,
++                        test_midauth_builder_puzzle_seed_NULL_opaque, 1);
++    tcase_add_exit_test(tc_midauth_builder,
++                        test_midauth_builder_puzzle_seed_NULL_puzzle_value, 1);
++#endif
++    tcase_add_test(tc_midauth_builder, test_midauth_builder_puzzle_seed_0_opaque_len);
++    tcase_add_test(tc_midauth_builder, test_midauth_builder_puzzle_seed_CORRECT);
++
++    suite_add_tcase(s, tc_midauth_builder);
++
++    return s;
++}
 === added file 'test/modules/midauth/test_suites.h'
 --- test/modules/midauth/test_suites.h	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/test_suites.h	2011-08-09 11:19:24 +0000
@@ -0,0 +1,34 @@
++/*
++ * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#ifndef HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H
++#define HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H
++
++#include <check.h>
++
++Suite *modules_midauth_lib_builder(void);
++Suite *modules_midauth_hipd_midauth(void);
++
++#endif /* HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H */

HIPL

Merge lp:~rene-hummen/hipl/midauth-hipd into lp:hipl

Commit message

Description of the change

Preview Diff

Subscribers