Merge lp:~rene-hummen/hipl/mobility-fixes into lp:hipl
- mobility-fixes
- Merge into trunk
Status: | Superseded |
---|---|
Proposed branch: | lp:~rene-hummen/hipl/mobility-fixes |
Merge into: | lp:hipl |
Diff against target: |
1769 lines (+820/-743) 5 files modified
modules/heartbeat_update/hipd/hb_update.c (+4/-16) modules/update/hipd/update.c (+474/-654) modules/update/hipd/update.h (+7/-10) modules/update/hipd/update_param_handling.c (+308/-60) modules/update/hipd/update_param_handling.h (+27/-3) |
To merge this branch: | bzr merge lp:~rene-hummen/hipl/mobility-fixes |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Stefan Götz (community) | Abstain | ||
Diego Biurrun | Needs Fixing | ||
Review via email: mp+49604@code.launchpad.net |
This proposal has been superseded by a proposal from 2011-04-13.
Commit message
Description of the change
This branch refactors the update code to allow hooking into the modularization on a parameter level. Midauth functionality depends on this branch.
René Hummen (rene-hummen) wrote : | # |
- 5619. By Diego Biurrun
-
configfilereader: Refactor some redundant return statements.
In hip_cvl_add() 'return 0' statements were present in all branches of an
if/else block as well as directly below the block. - 5620. By Diego Biurrun
-
Convert some instances of malloc() + memset(0) to calloc().
- 5621. By Diego Biurrun
-
Replace some memset(0) invocations by zero initializations.
- 5622. By Diego Biurrun
-
hipd: Get rid of some unnecessary zeroing of memory.
- 5623. By Diego Biurrun
-
lib: Get rid of some unnecessary zeroing of memory.
- 5624. By Diego Biurrun
-
Remove more instances of unnecessary zeroing of memory.
- 5625. By Diego Biurrun
-
Update links to bug tracker and revision control browser on Launchpad.
- 5626. By Diego Biurrun
-
doxygen: Drop unnecessary '*' from function parameter names.
- 5627. By Diego Biurrun
-
Fix the names of some multiple inclusion guards.
The multiple inclusion guards should be derived from filename and path.
Diego Biurrun (diego-biurrun) wrote : | # |
review needs-fixing
On Mon, Feb 14, 2011 at 10:45:32AM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/mobility-fixes into lp:hipl.
>
> Requested reviews:
> HIPL core team (hipl-core)
>
> For more details, see:
> https:/
>
> This branch refactors the update code to allow hooking into the modularization on a parameter level. Midauth functionality depends on this branch.
This is laaaarge and hard to review. Maybe you can split off the code
moves? They're likely fine to commit as-is anyway...
> --- hipd/input.c 2011-02-14 08:44:19 +0000
> +++ hipd/input.c 2011-02-14 10:44:59 +0000
> @@ -654,6 +654,7 @@
> }
>
> /**
> +<<<<<<< TREE
> * This function stores the LOCATOR parameter into the hadb entry
> * of a connection in question. The whole LOCATOR is stored and
> * handled later as the LOCATOR is received before the connection
> @@ -683,6 +684,8 @@
> }
>
> /**
> +=======
> +>>>>>>> MERGE-SOURCE
> * Check a received R1 control packet.
> *
> * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
It could be considered a bug in Bazaar/launchpad that it is possible at
all to submit branches with merge conflicts for merging, but this should
still not happen.
> --- hipd/output.c 2011-02-03 14:32:39 +0000
> +++ hipd/output.c 2011-02-14 10:44:59 +0000
> @@ -274,37 +274,27 @@
>
> -int hip_sign_
> - UNUSED const uint32_t ha_state,
> - struct hip_packet_context *ctx)
> +int hip_mac_
> + struct hip_hadb_state *hadb_entry)
Why the rename? Seems pointless to me...
> --- lib/core/builder.c 2011-02-06 10:08:14 +0000
> +++ lib/core/builder.c 2011-02-14 10:44:59 +0000
> @@ -3037,6 +3037,8 @@
> int err = 0;
> struct hip_esp_info esp_info;
>
> + HIP_DEBUG(
Unrelated; we have enough debugging output, I suggest dropping this.
> --- modules/
> +++ modules/
> @@ -28,398 +28,70 @@
> * This file defines various functions for sending, handling and receiving
> * UPDATE packets for the Host Identity Protocol (HIP)
> *
> - * @author Baris Boyvat <baris#boyvat.com>
> + * @author Baris Boyvat <baris#boyvat.com>
> + * @author Rene Hummen
> */
Unrelated; push right away.
> +/**
> + * Prepare the creation of a new UPDATE packet.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param *ctx Pointer to the packet context, containing all information for
> + * the packet handling (received message, source and destination
> + * address, the ports and the corresponding entry from the host
> + * association database).
Drop the * from the parameter name.
> @@ -1134,87 +276,235 @@
>
> /**
> + * Send an UPDATE packet depending on the updat...
- 5628. By Diego Biurrun
-
cookie.c: Remove write-only all_zero_hit variables.
- 5629. By Diego Biurrun
-
maintenance.c: Remove pointless hip_fw_addr variable indirection.
- 5630. By Diego Biurrun
-
Replace bzero() invocations by zero initializations.
bzero() is deprecated, so this is doubly good.
- 5631. By Diego Biurrun
-
firewall: Replace bzero() invocation by memset(0).
bzero() is deprecated, memset(0) should be used instead.
- 5632. By Diego Biurrun
-
Remove secret member from struct netdev_address.
According to Samu it was part of the OpenDHT rm-message code that was
removed a while ago. - 5633. By Diego Biurrun
-
build system: Ensure that version.h is created before compiling header files.
- 5634. By Diego Biurrun
-
Simplify the string length passed to gethostname().
It should just use the length of the character array, which is simpler
than the current construction and does not waste a byte. - 5635. By Diego Biurrun
-
Fix error handling of gethostname().
The instance of gethostname in lib/core/hostid.c was handled differently
than the other instances in HIPL and negating the result of the function
invocation rendered the check ineffective anyway. - 5636. By Diego Biurrun
-
hipd: Drop an instance of unnecessary memory zeroing with bzero().
- 5637. By Diego Biurrun
-
doxygen: Document return value of hip_netdev_
white_list_ add(). - 5638. By Diego Biurrun
-
Clean up hip_netdev_
white_list_ add(). Remove a pointless cast and assignment; make function parameter const correct.
- 5639. By Diego Biurrun
-
lib: Simplify string prefixing in hip_conf_
handle_ load(). Thanks to Stefan Götz for the idea and initial implementation.
- 5640. By Diego Biurrun
-
whitespace cosmetics: Consistently format sections in HACKING document.
- 5641. By Diego Biurrun
-
doc: Remove a stray reference to blind mode, which was removed.
- 5642. By Diego Biurrun
-
doc: Fix a bunch of typos and grammar errors.
- 5643. By Diego Biurrun
-
doc: Reword and fix the Bazaar section of HACKING.
- 5644. By Diego Biurrun
-
Restore some instances of memory zeroing, as discussed with Miika.
- 5645. By Samuel Richter
-
fix hipdnsproxy debian package
debhelper automatically tries to configure the DNS python module if python-support is installed.
This is done by dh_pysupport, but since our 'make install' already does all the work right, it just breaks things.
dh_pysupport is now disabled with an empty override_dh_pysupport rule. - 5646. By Diego Biurrun
-
Restore some more zeroing of memory as the result of Miika's review.
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
Hi Rene!
> René Hummen has proposed merging lp:~rene-hummen/hipl/mobility-fixes into
> lp:hipl. For more details, see:
> https:/
>
> This branch refactors the update code to allow hooking into the
> modularization on a parameter level. Midauth functionality depends on this
> branch.
Ooof, even after looking at the individual commits, I was not able to do a
meaningful review. Esp. revision 5610 is so large it makes my limited brain
overflow - sorry :-(
Stefan
- 5647. By Diego Biurrun
-
hipd: Explicitly initialize variable in static storage to zero.
The C standard guarantees that variables in static storage get initialized to
zero, but to keep with the intentional programming paradigm it is preferable
to make this implicit guarantee explicit. - 5648. By Diego Biurrun
-
build system: Really ensure that version.h is created before compiling headers.
- 5649. By Diego Biurrun
-
tests: Replace forward declarations for unit tests by proper header files.
Previously unit test functions were handled through forward declarations in
order to avoid adding one header file for each file that contained unit tests.
Adding one general header file for unit tests to each unit test subdirectory
avoids the header file clutter without ugly forward declaration hacks. - 5650. By Diego Biurrun
-
Remove two outdated comments that referred to the long-gone blind mode.
- 5651. By Diego Biurrun
-
packaging: Drop -rpm suffix from HIPL specfile name.
Now that the spec file is only used for RPM systems and not for Debian-based
systems, it is no longer necessary to carry the suffix in the name. - 5652. By Diego Biurrun
-
build system: Add header files in the test directory to the list of headers.
This guarantees that these headers show up in the dist tarball and get
compiled by the 'checkheaders' target. - 5653. By Diego Biurrun
-
Restore initialization of req structure in hip_xfrm_
policy_ modify( ) to zero. This should (hopefully) fix the breakage introduced by the memset(0) removals
in r5623. Sending pings between HIP hosts works again now. - 5654. By Diego Biurrun
-
Replace instances of memset(0) by zero initializations.
Now that we have found a way to avoid warnings with zero initializations
they are a cleaner way of making sure that structures are zeroed. - 5655. By Diego Biurrun
-
Skip redundantly zeroing the timestamp member in hip_add_
address_ to_list( ). The timestamp member is part of struct netdev_address, which was already
allocated with calloc and thus has all members zeroed. - 5656. By Diego Biurrun
-
Skip redundantly zeroing the peer_hostname member in hip_hadb_
add_peer_ info(). The containing struct is already initialized to zero.
- 5657. By Diego Biurrun
-
Restore zeroing the retransmission buffer in hip_queue_packet().
While there is no hard evidence that this is strictly necessary, Miika's gut
feeling is to err on the safe side and zero the buffer just in case. Trusting
Miika's intuition around HIPL is usually a good thing(TM), so zero the buffer. - 5658. By Diego Biurrun
-
Remove one level of pointless variable indirection in hip_xfrm_
policy_ modify( ). The tmpl struct was declared as a pointer, which then was aliased to a char
array of sufficient size to hold the contents of the struct. Get rid of this
pointless and confusing indirecton by directly declaring tmpl as a struct and
setting its members directly. - 5659. By Christoph Viethen
-
Fix defective handling of return code from EVP_EncodeBlock(). This function
only ever returns the number of bytes which it output, so the only kind of
"error" that could happen is if that number is 0. - 5660. By Christoph Viethen
-
Fix crashing bug: EVP_EncodeBlock() happily stomped over memory it wasn't
supposed to hit, due to insufficient size of allocated memory. Considering
that EVP_EncodeBlock(), since the old SSLeay days, never had any real
documentation beyond its source code: added a clear word of warning and
made a few places in the code rather obvious, to keep others from falling
into the same trap. - 5661. By Christoph Viethen
-
Correct a few places where the wrong amount of memory gets allocated (too
much, typically) - now at least the RSA parts of hip_cert_spki_sign( )
should be pretty exact in terms of allocated vs. actually needed memory.
(Plus slight cosmetics in one place.) - 5662. By Christoph Viethen
-
Minor code cleanup. Oh, and look, a free() was missing ...
- 5663. By Diego Biurrun
-
Only compile hip_dump_msg() if debug is enabled.
This helps avoid warnings with -Wunused-
but-set- variable. - 5664. By Diego Biurrun
-
Give more suitable names to the parameters of ipv{4|6}
_addr_copy( ). a1 and a2 are completely non-descriptive while dest and src explain everything.
- 5665. By Diego Biurrun
-
Fix return value of hipfw_handle_
relay_to_ r2(). The function was unconditionally returning 0, not just on success as the
documentation claimed it would do. - 5666. By Diego Biurrun
-
Rewrite hip_cache_
create_ hl_entry( ) without the use of HIP_IFEL. This helps avoid a warning with -Wunused-
but-set- variable in gcc 4.6. - 5667. By Diego Biurrun
-
firewall: Refactor hip_firewall_
cache_hadb_ match() . Merge redundant if-else statements and get rid of two variable indirections.
- 5668. By Diego Biurrun
-
Fix @return doxygen for hip_netlink_
receive( ); it does not always return zero. - 5669. By Diego Biurrun
-
Make hip_iproute_
modify( ) return negative values on error. - 5670. By Diego Biurrun
-
Directly initialize struct array idxmap to zero instead of via a for loop.
- 5671. By Diego Biurrun
-
Remove pointless continue statement directly after return.
- 5672. By Diego Biurrun
-
Refactor error handling in netlink_talk() to work without goto.
- 5673. By Diego Biurrun
-
prettyprinting cosmetics
- 5674. By Diego Biurrun
-
Make hip_opp_
get_hadb_ entry and hip_opp_ get_hadb_ entry_i1_ r1 work without goto. - 5675. By Diego Biurrun
-
Refactor make_env() helper function.
Merge some error checks, avoid the use of goto and be const correct.
- 5676. By Diego Biurrun
-
Get rid of a variable indirection in hip_map_
first_hostname_ to_ip_from_ hosts() . - 5677. By Diego Biurrun
-
Delete a duplicate error check in hip_send_i2().
- 5678. By Diego Biurrun
-
Merge if-blocks in are_addresses_
compatible( ). - 5679. By Diego Biurrun
-
Do not lie about return values from functions; avoid goto where unnecessary.
- 5680. By Diego Biurrun
-
Refactor hip_hmac2_
and_sign( ) to avoid the use of goto. - 5681. By Diego Biurrun
-
Refactor hip_sign_
and_mac_ packet( ) to avoid the use of goto. - 5682. By Diego Biurrun
-
Refactor hip_add_
signed_ echo_response( ) / hip_add_ unsigned_ echo_response( ). The functions just differed in two parameters passed to helper functions.
Extract the code into a helper function that receives a parameter telling
it which packet variant to build. - 5683. By Diego Biurrun
-
cosmetics: prettyprinting; remove pointless parentheses; kill leftover comment
- 5684. By Diego Biurrun
-
Refactor hip_check_i1() control flow to work without goto.
- 5685. By Diego Biurrun
-
Refactor hip_handle_i1() control flow to work without goto.
This eliminates the last instances of the HIP_IFF macro, so delete it.
- 5686. By Miika Komu
-
Solved a problem with RPM packaged DNS proxy.
Bug id #715607 describes a problem with RPM packaged DNS proxy:
The DNS proxy is not using python APIs in way compatible with python
2.7. Can we support both 2.6 and 2.7?hipserver # /etc/init.
d/hipdnsproxy start
Starting : [ OK ]
[root@hipserver hipl]# Traceback (most recent call last):
File "/usr/sbin/hipdnsproxy" , line 1029, in <module>
main(sys.argv)
File "/usr/sbin/hipdnsproxy" , line 1026, in main
gp.doit(args)
File "/usr/sbin/hipdnsproxy" , line 731, in doit
gp.write_local_ hits_to_ hosts()
File "/usr/sbin/hipdnsproxy" , line 535, in write_local_ hits_to_ hosts
if not gp.getaddr(hit):
File "/usr/sbin/hipdnsproxy" , line 410, in getaddr
r = h.getaddr(ahn)
AttributeError: Hosts instance has no attribute 'getaddr'The problem was that the system had also /usr/sbin/hosts.py which was
located before the HIPL version of hosts.py in the module search path. I
rolled the DNS proxy path to the front path and it started working
again. Tested on Fedora Core 14 and Ubuntu Maverick.If you have a more elegant solution, feel free to contribute.
- 5687. By Diego Biurrun
-
hipd does not depend on iptables, hipfw does; update package deps accordingly.
- 5688. By Diego Biurrun
-
cookie: Replace some goto/HIP_
IFE/HIP_ IFEL statements by return error handling. - 5689. By Diego Biurrun
-
doxygen: Fix @return comment for hip_create_r1().
- 5690. By Diego Biurrun
-
Rewrite error handling in hip_create_r1().
Currently error values are set to -1 via HIP_IFEL macros, but in the end
NULL is returned in case of error and the error values are ignored. Change
the HIP_IFEL instances to set the pointer holding the return value to NULL
instead and get rid of the int variable for the error values.This code will not win a beauty contest, but it eliminates the write-only
integer variable err, which caused warnings with -Wunused-but-set- variable. - 5691. By Diego Biurrun
-
whitespace cosmetics
- 5692. By Diego Biurrun
-
firewall: Remove write-only variables.
This avoids a bunch of warnings with -Wunused-
but-set- variable in gcc 4.6. - 5693. By Diego Biurrun
-
hipd: Remove write-only variables.
This avoids a bunch of warnings with -Wunused-
but-set- variable in gcc 4.6. - 5694. By Diego Biurrun
-
Fix return value of hip_ipaddr_
modify( ). The function was unconditionally returning 0 even though the Doxygen header
claimed it returns negative on error. Make it return the error integer
variable that is set in error conditions throughout the function instead. - 5695. By Diego Biurrun
-
Remove write-only variables from the lib and tools subdirectories.
This avoids a bunch of warnings with -Wunused-
but-set- variable in gcc 4.6. - 5696. By Diego Biurrun
-
Rewrite error handling in hip_firewall_
cache_hadb_ match() . Currently error values are set to -1 via HIP_IFEL macros, but in the end
NULL is returned in case of error and the error values are ignored. Change
the HIP_IFEL instances to set the pointer holding the return value to NULL
instead and get rid of the int variable for the error values.This code will not win a beauty contest, but it eliminates the write-only
integer variable err, which caused warnings with -Wunused-but-set- variable. - 5697. By Diego Biurrun
-
Avoid using a write-only variable in time_clock().
This avoids a warning with -Wunused-
but-set- variable in gcc 4.6. - 5698. By Diego Biurrun
-
Remove some write-only variables from fw_port_
bindings_ performance. The return value of the benchmarked functions is now discarded instead
of captured in a variable. Stefan and I doublechecked that gcc does not
optimize away the function invocations.This avoids a bunch of warnings with -Wunused-
but-set- variable in gcc 4.6. - 5699. By David Martin
-
Rename hip_init_sockets() to hip_register_
sockets( ). Add doxygen documentation. hip_init_sockets() is misleading as the function does not initialise the sockets.
Initialisation of the sockets happens in hipd_init(). Instead it registers the
sockets with their associated handler functions and it should be named accordingly.Added a doxygen comment as well.
- 5700. By David Martin
-
Add doxygen documentation for hip_register_
socket( ). - 5701. By Diego Biurrun
-
Replace u_char BSD type by standard unsigned char.
- 5702. By Diego Biurrun
-
Update comment that explains the createion of struct inet6_pktinfo.
It is a GNUism that was copied into HIPL and should eventually be removed.
- 5703. By David Martin
-
Add hip_unregister_
sockets( ) to free socket list. The memory allocated by hip_register_
sockets( ) was not freed on exit
resulting in a memory leak. This fixes it. - 5704. By David Martin
-
Rewrite error handling in hip_register_
socket( ) and catch possible memory leak. Due to the simplicity of hip_register_
socket( ) the HIP_IFEL macro is not necessary.
The memory allocated for the socketfd struct should be freed in case of an error
to avoid memory leakage. - 5705. By Diego Biurrun
-
RPM: Remove unnecessary CentOS hack for installing pixmaps directory.
HIPL does not require that directory and RPMs build fine without the hack.
- 5706. By Diego Biurrun
-
build system: Consolidate all CentOS 5.5 hacks in configure.ac.
Carrying around CentOS 5.5 hacks in Makefile.am has sideeffects on non-broken
platforms, which is unacceptable. Forcing the user to pass flags to configure
for CentOS is a burden. Adding workarounds in configure.ac is ugly, because
the platform shortcomings are ugly, but causes the least amount of pain. - 5707. By Diego Biurrun
-
build system: Fix docdir declaration for CentOS; the hipl/ subdir was missing.
- 5708. By Diego Biurrun
-
RPM: Place HIPL packages in the correct package groups/sections.
It should be 'System Environment/
Daemons' and 'Documentation' for hipl-doc. - 5709. By Diego Biurrun
-
RPM: Split summary and description fields in individual package stanzas.
The summary field should just contain a one-line short description.
- 5710. By Diego Biurrun
-
RPM: Preserve timestamps when installing HIPL init scripts.
- 5711. By Diego Biurrun
-
RPM: Run setup in quiet mode; this avoids a ton of useless debugging output.
- 5712. By Diego Biurrun
-
RPM: Fix infrahip HIPL source URL, MIT license name, spelling nits.
- 5713. By Diego Biurrun
-
RPM: Use SMP flags set by RPM instead of hardcoding '-j 32' as make parameter.
- 5714. By Diego Biurrun
-
RPM: Use predefined RPM variables when installing files into system paths.
- 5715. By Diego Biurrun
-
RPM: Remove unused/unwanted files from buildroot after make install.
This avoids some rpmbuild warnings about installed but unpackaged files.
- 5716. By Diego Biurrun
-
RPM: Add Python (>= 2.4.3) to BuildRequires.
- 5717. By Diego Biurrun
-
RPM: Set proper attributes on installed files.
This fixes a ton of rpmlint warnings.
- 5718. By Diego Biurrun
-
RPM: Exit build with unpackaged files.
Now that we have worked around the previously generated warnings we can be
strict about this and avoid further issues from slipping in. - 5719. By David Martin
-
Cosmetics: fix some typos in doxygen documentation.
- 5720. By David Martin
-
Bring back HIP_IFEL error handling for hip_register_
socket( ). A HIP_IFEL occurrence was removed by myself in an earlier commit. This commit
reverts it and adds a second HIP_IFEL check. - 5721. By René Hummen
-
add missing netinet/in.h includes
- 5722. By René Hummen
-
remove enabling of ip forwarding in /proc at firewall startup
I removed this for several reasons:
1) It was not disabled at hipfw shutdown.
2) The firewall can also be run on end-hosts, where forwarding is not
desired.
3) There might be situations where IP forwarding is unwanted. However,
in such case, hipfw could not be executed.NOTE: Enabling of IP forwarding is already mentioned in the HOWTO.
- 5723. By René Hummen
-
remove unloading of kernel modules on hipd exit
This functionality is removed for several reasons:
1.) other programs started subsequent to hipd might depend on the loaded
modules, and
2.) HIPL does currently not support reloading modules on OpenWRT. - 5724. By René Hummen
-
rename dummy0 interface to hipl0
The rational behind this change is:
1.) dummy0 does not convey the purpose of the device, and
2.) the name does not instill trust in the maturity of HIPL
as mentioned by Stefan in the corresponding bug entry.NOTE: The HOWTO does currently not mention retrieving the default HIT
from the output of ifconfig and similar applications. Hence, there
there is no need of modifying the documentation. - 5725. By René Hummen
-
add HITs from HIP header contents to packet dump
- 5726. By René Hummen
-
change checksum comment to reflect truth
- 5727. By René Hummen
-
check packet content before printing debug
- 5728. By René Hummen
-
replace int state value with corresponding string
NOTE: the packet type will already be shown in the packet dump
- 5729. By René Hummen
-
modify misleading comment
- 5730. By René Hummen
-
remove redundant comments
- 5731. By René Hummen
-
remove incorrect comment
- 5732. By René Hummen
-
remove redundant address check
hip_hidb_hit_is_our will do the deal.
- 5733. By René Hummen
-
check dst hit and controls for _all_ BEX messages
- 5734. By René Hummen
-
remove more redundant per-packet output
- 5735. By René Hummen
-
mark function parameters as unused
- 5736. By René Hummen
-
fix setting of dummy interface MTU
dummy0 was hard-coded in the string executed as a command. Replaced
dummy0 by HIP_HIT_DEV to reflect the renaming of the device. - 5737. By Diego Biurrun
-
doc: Add section about fixing bzr mistakes and warn against 'bzr uncommit'.
To drive the point about 'bzr uncommit' on central, published repositories
being evil home, the section comes with a tongue-in-cheek warning about the
dire straits awaiting perpetrators :) - 5738. By Diego Biurrun
-
doc: Add section about avoiding C system and POSIX namespace pollution.
- 5739. By Diego Biurrun
-
doc: Adjust path to uncrustify configuration file.
- 5740. By Diego Biurrun
-
doc: FIX description of the 'make dist' automake target.
- 5741. By Diego Biurrun
-
doc: Fix sections about RPM and Debian packaging to match current behavior.
- 5742. By Diego Biurrun
-
doc: Fix a multitude of spelling, wording, formatting and style issues.
- 5743. By Diego Biurrun
-
Remove unused HIPL_OPENSSL_100 #define.
- 5744. By Diego Biurrun
-
Remove unnecessary HIPL_OPENSSL_100 macro indirection.
HIPL_OPENSSL_100 was semantically the same as LHASH_OF, so use the latter.
- 5745. By Diego Biurrun
-
OpenSSL: Restructure LHASH100_CAST handling.
Make the macro a complete cast statement, rename it to LHASH_CAST and skip
defining the macro when LHASH_OF is undefined. - 5746. By Diego Biurrun
-
OpenSSL: Add back mistakenly removed LHASH_CAST #define.
LHASH_CAST needs to be #defined both when LHASH_OF is available or not,
so add an empty #define for the latter case. - 5747. By Diego Biurrun
-
hashtable.h: Remove unnecessary list.h #include.
- 5748. By Diego Biurrun
-
Use the LHASH_CAST definition from hashtable.h instead of duplicating it.
- 5749. By David Martin
-
Cosmetics: make error prints in lmod_register_
parameter_ type a bit more pretty. - 5750. By David Martin
-
Const correctness for lmod_register_
parameter_ type. - 5751. By David Martin
-
Fix typos, clarify doxygen doc and error output for lmod_register_
parameter_ type. Typos:
The method registers parameters and not packets.Parameter types get freed by lmod_uninit_
parameter_ types and not by
lmod_uninit_packet_ types as stated in the doxygen documentation. Make it clear
that the call frees all allocated memory as well.Error output should reflect what went wrong. In this case a missing identifier
or an already registered parameter type. - 5752. By David Martin
-
Fix memory leak, check successful registration in lmod_register_
parameter_ type(). The allocated memory has to be freed in case of an error.
Check the return value of hip_ll_add() to make sure the parameter does get
registered successfully. - 5753. By David Martin
-
Check whether firewall cache db was initialised in hip_firewall_
cache_delete_ hldb(). Before deleting entries from the database make sure that it was actually
initialised. This fixes the segfault reported in bug 695328. - 5754. By David Martin
-
Cosmetics: fix typo in hip_firewall_
cache_delete_ hldb() debug output. - 5755. By Christof Mroz
-
Also free list links in free_esp_tuple().
Rather than just the data they contain.
- 5756. By Christof Mroz
-
Enable doxygen comment for hip_fw_
handle_ hip_output( ). - 5757. By Christof Mroz
-
Emit a more specific debug message.
- 5758. By Christof Mroz
-
Actually do return a negative value on failure, where it is stated in the documentation.
- 5759. By Christof Mroz
-
Declare hip_list and esp_list as static.
- 5760. By René Hummen
-
revert revision 5724 -> renaming of dummy device
Aparently, the dummy device dummy0 is created automatically on
insertion of the dummy module. The only option to rename the device
actually would be to create another device via udev as described
here: http://bugs.debian. org/cgi- bin/bugreport. cgi?bug= 430528 An even better way would be to get rid of the dummy device althogther
and to replace it with a tun device. This way we could also get rid of
the Linux-specific raw sockets. - 5761. By Christof Mroz
-
Simplify command line string concatenation.
- 5762. By David Martin
-
Const-correctness for lmod_register_
packet_ type(). - 5763. By David Martin
-
Add two missing consts in modularization.h.
Const-correctness of lmod_register_
parameter_ type() and lmod_register_ packet_ type()
was added in revision 5750 and 5762 but only in modularization.c. This applies
the change to modularization.h as well. - 5764. By Christof Mroz
-
Remove virtual interface address (i.e., the HIT) before assigning it.
Because revision 5723 disabled module unloading, the dummy device was shut down but otherwise left in a non-initialized state.
In particular, the address (HIT) was kept. So on the next start of hipd, assigning the HIT again did not set up the 2001:10::/28 route correctly. Presumably, to netlink it looked like a no-op, because the address is set to the current value after all.
As an added bonus, removing the address probably triggers other side-effects of RTM_NEWADDR that you'd have with a blank interface. - 5765. By Christof Mroz
-
Remove all assigned local HITs from the virtual interface on exit.
Also refactored hip_add_
iface_local_ hit() a bit in the process. - 5766. By René Hummen
-
fix IS_LSI32 and IS_IPV4_LOOPBACK macros
Both macros checked for the wrong addresses on ARM platforms.
Specifically, they matched x.y.z.1 and x.y.z.127 respectively. - 5767. By René Hummen
-
output error message in case hit/lsi resolves to hit/lsi
- 5768. By Christof Mroz
-
Fix const-correctness of hip_manage_
iface_local_ hit() - 5769. By Christof Mroz
-
Define a more readable interface to hip_manage_
iface_local_ hit(). - 5770. By Christof Mroz
-
Merged rename-camelcased branch.
- 5771. By René Hummen
-
change startup option of hipfw on OpenWRT
The midauth extensions is currently broken and needs fixing. Furthermore,
use the firewall's kill switch in order to have comparable start-up
behaviour as hipd. - 5772. By David Martin
-
Do not reset or free DH shared key in hip_handle_r1().
This fixes a memory leak as the reference to the allocated memory was lost by
resetting the pointer to NULL. The memory gets free'd during close procedure
in hip_del_peer_info_ entry() , therefore remove the free() call in hip_handle_r1()
and adjust the comment in hip_create_keying_ material( ) to reflect the change. - 5773. By David Martin
-
Actually return -1 on error in hip_insert_dh() as stated in the documentation.
- 5774. By David Martin
-
Const-correctness for hip_generate_
dh_key( ). - 5775. By David Martin
-
Cosmetics: fix two typos and correct the placement of a parameter documentation.
in hip_produce_
keying_ material( ): the documentation for the parameters should be
in the same order as the parameters themselves. - 5776. By David Martin
-
On exit free memory allocated for Diffie-Hellman key generation.
Not all memory allocated with DH_new() gets free'd by DH_free(). Calling
CRYPTO_cleanup_ all_ex_ data() in hip_dh_uninit() when exiting hipd takes
care of that. - 5777. By David Martin
-
Free memory allocated for state initialization functions on hipd exit.
During startup memory gets allocated for a linked list holding state initialization
functions but it is not free'd again. This commit introduces
lmod_uninit_state_init_ functions( ) which frees the allocated memory and is called
by hip_exit() on shutdown. - 5778. By Christof Mroz
-
Handle multiple invocations of signal handler.
- 5779. By Christof Mroz
-
Attempt graceful exit on failed assert(), using a SIGABRT handler.
- 5780. By Christof Mroz
-
Merged hipfw-split-main branch.
- 5781. By David Martin
-
Always close the opened file after reading / writing the certificate config.
During startup the certificate config file is read with fopen() but only
closed again when it is not yet existing. Make sure to close it in any case
to free the memory allocated during the access. - 5782. By Diego Biurrun
-
autobuilder: Fix path to scratchbox environment, which was moved on the server.
- 5783. By Diego Biurrun
-
autobuild: Reenable scratchbox compilation test.
Now that the scratchbox environment is set up again, it should work.
- 5784. By Christof Mroz
-
Don't call cleanup routine on assertion.
This reverts revision 5779.
- 5785. By Diego Biurrun
-
Replace some pointless instances of HIP_IFEL by returns.
When HIP_IFEL is just used to return an integer, it makes more sense
to avoid the goto and the macro indirection. - 5786. By Diego Biurrun
-
Remove some completely pointless debug statements.
- 5787. By Diego Biurrun
-
Remove some completely pointless debug statements.
- 5788. By Diego Biurrun
-
cosmetics: Place some '*' differently to make uncrustify happy.
- 5789. By Diego Biurrun
-
Remove unused struct hip_entry_list.
- 5790. By Diego Biurrun
-
Merge c99_declarations branch to get rid of most C++/C99 declarations.
- 5791. By Diego Biurrun
-
test/firewall: Add stdlib.h #include for mkstemp.
- 5792. By Diego Biurrun
-
autobuilder: Disable scratchbox test again until scratchbox is properly set up.
- 5793. By Diego Biurrun
-
build system: Link against firewall object files instead of #including .c files.
If a .c file needs symbols from other .c files then either all of them have to
be #included or the object files linked to the unit test; just link them to the
unit test right away.This will simplify some firewall unit tests being added in other branches.
- 5794. By Diego Biurrun
-
cosmetics: Remove redundant parentheses around complete expressions.
- 5795. By Diego Biurrun
-
Mark hip_opp_
get_hadb_ entry() as static; it is only used within the file. - 5796. By Diego Biurrun
-
Remove declaration for nonexisting hip_uninit_cipher() function.
- 5797. By Diego Biurrun
-
Move declaration for hip_init_cipher() to hipd/dh.h, where it belongs.
- 5798. By Diego Biurrun
-
Mark hip_get_
any_localhost_ hit() as static; it is only used within the file. - 5799. By Stefan Götz
-
Introduce an initializer for 'struct hip_ll'. This allows to initialize a 'struct hip_ll' object statically in addition to the 'hip_ll_init()' function that needs to be called at runtime.
- 5800. By Stefan Götz
-
Add a necessary cast to the list initialization.
Without the cast, the code doesn't compile. It's rice cake, baby.
- 5801. By Stefan Götz
-
Add error handling to insert_
connection_ from_update( ). So far, this function assumed that all memory allocations succeed without
checking that. This change introduces these checks and makes sure that
there are no memory leaks when the function aborts with an error. - 5802. By Diego Biurrun
-
Mark hip_remove_
iface_local_ hit() as static; it is only used within the file. - 5803. By Diego Biurrun
-
Make hip_del_
pending_ request_ by_type( ) static; it is only used within the file. - 5804. By Diego Biurrun
-
Move hip_use_
userspace_ ipsec extern declaration to hipd.h, where it belongs. - 5805. By Diego Biurrun
-
Remove unused global variable hip_user_addr from hipd.
- 5806. By Diego Biurrun
-
Make hip_cert_
spki_create_ cert_sock( ) static; it is unused outside of the file. - 5807. By Diego Biurrun
-
Make hip_dsa_*/hip_rsa_* functions only used within the file static.
- 5808. By Diego Biurrun
-
Make hip_reinject_
packet( ) static, it is unused outside of the file. - 5809. By Diego Biurrun
-
Make list_last() static, it is unused outside of its source file.
- 5810. By Stefan Götz
-
In insert_
connection_ from_update( ), add NULL-pointer checks to error handler to avoid derefencing NULL pointers. Thanks to Christof for spotting this in rev 5801.
- 5811. By David Martin
-
Cosmetics: reorder comparisons in if-statements in modularization.c.
When comparing the return value of a function to an integer, place the latter
on the right side of the equation. - 5812. By Stefan Götz
-
Merge lp:~stefan.goetz/hipl/esp-destination-addresses / merge proposal 55640
https://code.launchpad .net/~stefan. goetz/hipl/ esp-destination -addresses/ +merge/ 55640 - 5813. By Miika Komu
-
Documented an issue related to the DNS proxy.
DNS proxy succeeded in injecting HITs from /etc/hip/hosts when invoked
with e.g. "host" command. However, the same failed to occur with a
normal application such as ssh.Artturi spotted that the issue was not with the DNS proxy itself. After
some inspecting, I believe something has changed in libc of Ubuntu Lucid
and onwards because there hasn't been virtually any changes in the DNS
proxy.The issue can be solved by modifying /etc/nsswitch.conf as I have now
documented in HOWTO.xml. See bug id #724246 in launchpad for further
information. - 5814. By Christof Mroz
-
Revert update_
esp_address( ) signature, and replace one inlined instance of it by a function call. This was refactored to eliminate the esp_tuple parameter.
But Passing the whole tuple is actually nice: There is one unified hook to catch all address updates per-tuple, e.g. for writing extensions. - 5815. By Christof Mroz
-
Revert one more inlining of update_
esp_address( ). Same rationale as detailed in commit log of rev 5814.
- 5816. By Christof Mroz
-
Clarify documentation of update_
esp_address( ). - 5817. By Stefan Götz
-
misc const correctness fixes
This was extracted from the hip-ll-extensions branch, courtesy of Stefan Götz.
- 5818. By Diego Biurrun
-
cosmetics: Reorder #includes to follow coding guidelines.
- 5819. By Diego Biurrun
-
Move esp_prot_transforms declaration to the only place it is used.
- 5820. By Diego Biurrun
-
Eliminate write-only variable load_time.
- 5821. By Diego Biurrun
-
Add some required #includes that were previously missed and used implicitly.
- 5822. By Diego Biurrun
-
Remove a bunch of unused global variables.
- 5823. By Diego Biurrun
-
Move number_dh_keys global variable into the only scope it is used in.
- 5824. By Diego Biurrun
-
Eliminate unnecessary global variables in test programs.
- 5825. By René Hummen
-
enable building HIPL for maemo5
directly use our make setup instead of dpkg-buildpackage.
- 5826. By René Hummen
-
fix copy-paste error in auto-builder
Replace $VERSION variable with regular expression.
- 5827. By Christof Mroz
-
Merged lp:~christof-mroz/hipl/mock-functions branch.
- 5828. By Christof Mroz
-
Merged lp:~christof-mroz/hipl/hipfw-timeout branch.
- 5829. By Christof Mroz
-
Merged lp:~christof-mroz/hipl/hipfw-esp-speedup branch.
- 5830. By Christof Mroz
-
Added missing doxygen parameter documentation.
- 5831. By Diego Biurrun
-
Fix copyright year in newly-added file.
- 5832. By Diego Biurrun
-
cosmetics: Sort entries in HIPL_HEADER_
LOCATIONS differently. - 5833. By Diego Biurrun
-
Move hip_firewall_
is_alive( ) declaration to maintenance.h, where it belongs. - 5834. By Diego Biurrun
-
Move extern variable declarations for maintenance.c to maintenance.h.
- 5835. By Diego Biurrun
-
Mark hip_private_
rsa_host_ id_to_hit( ) as static. The function is unused outside of the file it is defined in.
- 5836. By Diego Biurrun
-
Mark action_handler function as static, it is unused outside of the file.
- 5837. By Diego Biurrun
-
Mark global variables unused outside of their translation units as static.
- 5838. By René Hummen
-
add missing includes
Missing <string.h> cause compiler issues in scratchbox environment.
- 5839. By René Hummen
-
remove constness from esp_tuple pointer
The scratchbox environment would not compile otherwise.
- 5840. By René Hummen
-
remove unnecessary include for tcp
- 5841. By René Hummen
-
remove configure option "opportunistic" and related ifdefs
We have always been running HIPL with the remaining basic opportunistic
mode enabled. The functionality didn't cause any trouble (fairly limited
code size). So, removing an unnecessary compilation path. - 5842. By René Hummen
-
Minor refactoring of struct hip_fw_context
Make packet type constants globally available as an enum, and remove
unused TCP packet type. This change was originally made by Christof Mroz. - 5843. By René Hummen
-
Unit test for IPv4 and UDP checksum routines.
These unit-tests have originally been implemented by Christof Mroz.
- 5844. By Christof Mroz
-
Don't export fixed return value of system(3) mock as a (currently unused) global variable.
This can easily be reintroduced when needed later.
- 5845. By Christof Mroz
-
Specify correct year in license boilerplate for newly added files.
- 5846. By René Hummen
-
fix unused variable issue
Some variables are only used with CONFIG_HIP_RVS enabled. Before, these
variables were dependent on CONFIG_HIP_OPPORTUNIST IC, which was removed
earlier. - 5847. By René Hummen
-
remove --enable/
--disable- opportunistic from autobuilder options - 5848. By René Hummen
-
Split monolithic R1 handler into a number of smaller handlers.
This allows for more granular module hooking. The current R1 handler was too
monolithic to incorporate midauth as a module, for example. This is mostly
needed to ensure the correct parameter order in the packet. This split has
originally been done by Christof Mroz. - 5849. By Christof Mroz
-
Move keymat generation code back to its original place.
The keymat must be generated before producing any parameters. This was violated by the previous commit but has been restored now.
Also added some (related) const qualifiers to ensure that the input packet is not modified, avoiding confusion in subsequently called handler functions.
We are striving for modularization in this branch, after all. - 5850. By René Hummen
-
remove unused parameter from hip_produce_
keying_ material( ) - 5851. By René Hummen
-
remove pointless changing of byte-order
- 5852. By René Hummen
-
remove write-only variables solved_puzzle and I
- 5853. By Diego Biurrun
-
Remove unused function hip_del_
peer_info( ). - 5854. By Diego Biurrun
-
Fix compilation when libconfig is not available on the system.
Some symbols were recently made static, but only used if libconfig was
detected during compilation. Surround these symbols by the appropriate
#ifdef to protect against the compiler complaining about unused symbols. - 5856. By René Hummen
-
split mac and sign function into parameter handler and general function
We now have the function with an API to be used directly and one
to be used in combination with packet handling. This will be needed
by the mobility extension. - 5857. By René Hummen
-
add test/check_lib_tool to bzr ignore list
- 5858. By René Hummen
-
rename update_legacy.{c,h} to update_
locator. {c,h} The only code in update_legacy.c is locator related. Furthermore, locator-
related functionality is also located in update.c. This prepares moving
of locator-related functionality to the renamed file. - 5859. By René Hummen
-
fixed return value for failing malloc
- 5860. By René Hummen
-
add constness to hip_mac_
and_sign_ packet( ) - 5861. By René Hummen
-
document cron integration of the auto-builder
- 5862. By David Martin
-
On hipd exit free memory allocated for parameter types.
hip_exit() now calls lmod_uninit_
parameter_ types() so that memory allocated
for the parameter types will be free'd on exit. - 5863. By David Martin
-
In make_env() use strcpy() instead of strcat() to copy a string to allocated memory.
strcat() uses the null-termination of the destination to decide where to append
a string. Using it to write into freshly allocated uninitialised memory results
in undefined behaviour as it writes wherever the first \0 occurs. Use strcpy()
instead. - 5864. By René Hummen
-
fix inclusion guards
- 5865. By René Hummen
-
refactor update functions to work on packets instead of parameters
This step has been done to prepare for the upcoming update refactoring.
- 5866. By René Hummen
-
move handle_locator() to update module
- 5867. By René Hummen
-
move locator-related functionality to update_locator.c
- 5868. By René Hummen
-
make update_types available to modules depending on update
- 5869. By René Hummen
-
move hip_handle_
locator_ parameter( ) to new file also move dependent static functions to the same file and make
struct update_state accessible outside update.c. - 5870. By René Hummen
-
fix doxygen comments
- 5871. By René Hummen
-
split mobility handle functions into parameter handle functions
Hook the new parameter handle functions into the modularization
framework.NOTE: We cannot differentiate between different UPDATE packets by packet
type and hook the corresponding parameter handle functions
correspondingly. Instead, we need to classify the packet at the
beginning of each parameter handler. - 5872. By René Hummen
-
make check for locator conditional
The locator parameter is only included in the first update packet.
- 5873. By René Hummen
-
remove UNUSED keyword from parameter in header
- 5874. By René Hummen
-
make update of SAs dependent on packet classification
- 5875. By René Hummen
-
always reply to an echo request parameter independent from classification
- 5876. By René Hummen
-
remove variable indirection of update_type
- 5877. By René Hummen
-
fix doxygen comments
René Hummen (rene-hummen) wrote : | # |
> > +/**
> > + * Retrieve the number of locators inside a LOCATOR parameter.
> > + * Type 1 and 2 parameters are supported.
> > + *
> > + * @param locator a LOCATOR parameter
> > + * @return the number of locators
> > + */
> > +int hip_get_
> > +{
> > + const char *address_pointer = (const char *) (locator + 1);
> > + int loc_count = 0;
> > + uint8_t type;
> > +
> > + while (address_pointer <
> > + ((const char *) locator) + hip_get_
> {
> > + type = ((const struct hip_locator_
> > + address_
>
> The casting is making my head spin.
>
> > + if (type == HIP_LOCATOR_
> > + address_pointer += sizeof(struct hip_locator_
> > + loc_count += 1;
> > + } else if (type == HIP_LOCATOR_
> > + || type == HIP_LOCATOR_
>
> nit: This could be more readable with the || on the previous line.
>
> > + address_pointer += sizeof(struct hip_locator_
> > + loc_count += 1;
> > + } else {
> > + address_pointer += sizeof(struct hip_locator_
> > + }
> > + }
> > + return loc_count;
> > +}
>
> I know HIPL is full of similar stuff, but all this pointer arithmetic
> trickery is brittle and not the way forward. We should try to work
> with assignments and accessor functions instead IMO.
While I agree that pointer arithmetic is not we want to go, refactoring of the LOCATOR parameter is not in the focus of this branch.
- 5878. By René Hummen
-
fix inclusion guards
- 5879. By René Hummen
-
replace HIP_IFELs by if statements where appropriate
- 5880. By René Hummen
-
replace ipv6_addr_copy() by assignments
- 5881. By René Hummen
-
remove mask variable
it is only used once in a function call as an input parameter.
- 5882. By René Hummen
-
add const-correctness
- 5883. By René Hummen
-
remove unnecessary variable-
indirection - 5884. By René Hummen
-
fix doxygen comments
- 5885. By René Hummen
-
merge trunk revision 5879
Unmerged revisions
- 5885. By René Hummen
-
merge trunk revision 5879
- 5884. By René Hummen
-
fix doxygen comments
- 5883. By René Hummen
-
remove unnecessary variable-
indirection - 5882. By René Hummen
-
add const-correctness
- 5881. By René Hummen
-
remove mask variable
it is only used once in a function call as an input parameter.
- 5880. By René Hummen
-
replace ipv6_addr_copy() by assignments
- 5879. By René Hummen
-
replace HIP_IFELs by if statements where appropriate
- 5878. By René Hummen
-
fix inclusion guards
- 5877. By René Hummen
-
fix doxygen comments
- 5876. By René Hummen
-
remove variable indirection of update_type
Preview Diff
1 | === modified file 'modules/heartbeat_update/hipd/hb_update.c' |
2 | --- modules/heartbeat_update/hipd/hb_update.c 2011-04-13 09:15:41 +0000 |
3 | +++ modules/heartbeat_update/hipd/hb_update.c 2011-04-13 13:57:39 +0000 |
4 | @@ -58,10 +58,8 @@ |
5 | static int hip_hb_update_trigger(struct hip_hadb_state *hadb_entry, |
6 | UNUSED void *opaque) |
7 | { |
8 | - int err = 0; |
9 | - uint8_t *heartbeat_counter = NULL; |
10 | - struct hip_common *locator_msg = NULL; |
11 | - struct hip_locator_info_addr_item *locators = NULL; |
12 | + int err = 0; |
13 | + uint8_t *heartbeat_counter = NULL; |
14 | |
15 | if ((hadb_entry->state == HIP_STATE_ESTABLISHED) && |
16 | (hadb_entry->outbound_sa_count > 0)) { |
17 | @@ -71,24 +69,14 @@ |
18 | if (*heartbeat_counter >= hip_heartbeat_trigger_update_threshold) { |
19 | HIP_DEBUG("HEARTBEAT counter reached threshold, trigger UPDATE\n"); |
20 | |
21 | - HIP_IFEL(!(locator_msg = hip_msg_alloc()), -ENOMEM, |
22 | - "Out of memory while allocation memory for the packet\n"); |
23 | - HIP_IFE(hip_create_locators(locator_msg, &locators), -1); |
24 | - |
25 | - HIP_IFEL(hip_send_update_to_one_peer(NULL, |
26 | - hadb_entry, |
27 | - &hadb_entry->our_addr, |
28 | - &hadb_entry->peer_addr, |
29 | - locators, |
30 | - HIP_UPDATE_LOCATOR), |
31 | - -1, "Failed to trigger update\n"); |
32 | + HIP_IFEL(hip_trigger_update(hadb_entry), |
33 | + -1, "failed to trigger update\n"); |
34 | |
35 | *heartbeat_counter = 0; |
36 | } |
37 | } |
38 | |
39 | out_err: |
40 | - free(locator_msg); |
41 | return err; |
42 | } |
43 | |
44 | |
45 | === modified file 'modules/update/hipd/update.c' |
46 | --- modules/update/hipd/update.c 2011-04-13 13:32:46 +0000 |
47 | +++ modules/update/hipd/update.c 2011-04-13 13:57:39 +0000 |
48 | @@ -28,297 +28,70 @@ |
49 | * This file defines various functions for sending, handling and receiving |
50 | * UPDATE packets for the Host Identity Protocol (HIP) |
51 | * |
52 | - * @author Baris Boyvat <baris#boyvat.com> |
53 | + * @author Baris Boyvat <baris#boyvat.com> |
54 | + * @author Rene Hummen |
55 | */ |
56 | |
57 | #define _BSD_SOURCE |
58 | |
59 | #include <errno.h> |
60 | -#include <stdint.h> |
61 | #include <string.h> |
62 | -#include <arpa/inet.h> |
63 | -#include <netinet/in.h> |
64 | -#include <openssl/lhash.h> |
65 | -#include <openssl/rand.h> |
66 | |
67 | #include "config.h" |
68 | #include "hipd/cookie.h" |
69 | -#include "hipd/esp_prot_hipd_msg.h" |
70 | #include "hipd/hadb.h" |
71 | +#include "hipd/hidb.h" |
72 | #include "hipd/hipd.h" |
73 | #include "hipd/input.h" |
74 | #include "hipd/maintenance.h" |
75 | #include "hipd/netdev.h" |
76 | #include "hipd/nsupdate.h" |
77 | #include "hipd/output.h" |
78 | -#include "hipd/pisa.h" |
79 | #include "hipd/pkt_handling.h" |
80 | #include "hipd/user.h" |
81 | -#include "lib/core/common.h" |
82 | -#include "lib/core/crypto.h" |
83 | +#include "lib/core/builder.h" |
84 | #include "lib/core/debug.h" |
85 | -#include "lib/core/hashtable.h" |
86 | #include "lib/core/hip_udp.h" |
87 | #include "lib/core/ife.h" |
88 | -#include "lib/core/list.h" |
89 | -#include "lib/core/performance.h" |
90 | +#include "lib/core/modularization.h" |
91 | #include "lib/core/prefix.h" |
92 | -#include "lib/core/protodefs.h" |
93 | -#include "lib/core/solve.h" |
94 | -#include "lib/core/modularization.h" |
95 | +#include "lib/core/state.h" |
96 | #include "update_builder.h" |
97 | #include "update_locator.h" |
98 | #include "update_param_handling.h" |
99 | #include "update.h" |
100 | |
101 | - |
102 | -/** |
103 | - * hip_update_get_out_id |
104 | - * |
105 | - * @note RFC 5201 Section 5.2.13: |
106 | - * Notice that the section says 'The Update ID is an unsigned quantity, |
107 | - * initialized by a host to zero upon moving to ESTABLISHED state' and |
108 | - * 'The Update ID is incremented by one before each new UPDATE that is |
109 | - * sent by the host; the first UPDATE packet originated by a host has |
110 | - * an Update ID of 0'. Therefore we initialize the Update ID with 0 and |
111 | - * increment this value before a new UPDATE packet is sent. Because the |
112 | - * first UPDATE packet should contain 0 as value, we need to decrement |
113 | - * the packet value by one for each UPDATE packet. |
114 | - * |
115 | - * @param state Pointer to the update state. |
116 | - * |
117 | - * @return The next UPDATE out ID if state is set, -1 on error |
118 | - */ |
119 | -static inline uint32_t hip_update_get_out_id(struct update_state *state) |
120 | -{ |
121 | - if (state) { |
122 | - return state->update_id_out - 1; |
123 | - } else { |
124 | - return -1; |
125 | - } |
126 | -} |
127 | - |
128 | -/** |
129 | - * construct any UPDATE message based on an incoming UPDATE packet |
130 | - * |
131 | - * @param received_update_packet the received UPDATE packet if any |
132 | - * @param ha the related host association |
133 | - * @param update_packet_to_send a preallocated message where the UPDATE |
134 | - * packet will be written |
135 | - * @param locators the locators of the local host |
136 | - * @param type the type of the incoming packet |
137 | - * @return zero on success or negative on failure |
138 | - * |
139 | - * @todo : should we implement base draft update with ifindex 0 stuff ?? |
140 | - * @todo : Divide this function into more pieces, handle_spi, handle_seq, etc |
141 | - * @todo : Remove the uncommented lines? |
142 | - */ |
143 | -static int hip_create_update_msg(struct hip_common *received_update_packet, |
144 | - struct hip_hadb_state *ha, |
145 | - struct hip_common *update_packet_to_send, |
146 | - struct hip_locator_info_addr_item *locators, |
147 | - int type) |
148 | -{ |
149 | - int err = 0; |
150 | - uint32_t esp_info_old_spi = 0, esp_info_new_spi = 0; |
151 | - uint16_t mask = 0; |
152 | - const struct hip_seq *seq = NULL; |
153 | - const struct hip_echo_request *echo_request = NULL; |
154 | - struct update_state *localstate = NULL; |
155 | - |
156 | - HIP_DEBUG("Creating the UPDATE packet\n"); |
157 | - |
158 | - if (type != HIP_UPDATE_LOCATOR) { |
159 | - HIP_DEBUG("UPDATE without locators\n"); |
160 | - } |
161 | - |
162 | - hip_build_network_hdr(update_packet_to_send, |
163 | +/** |
164 | + * Prepare the creation of a new UPDATE packet. |
165 | + * |
166 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
167 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
168 | + * @param ctx Pointer to the packet context, containing all information for |
169 | + * the packet handling (received message, source and destination |
170 | + * address, the ports and the corresponding entry from the host |
171 | + * association database). |
172 | + * |
173 | + * @return zero on success, or negative error value on error. |
174 | + */ |
175 | +static int hip_prepare_update_response(UNUSED const uint8_t packet_type, |
176 | + UNUSED const uint32_t ha_state, |
177 | + struct hip_packet_context *ctx) |
178 | +{ |
179 | + uint16_t mask = 0; |
180 | + |
181 | + hip_msg_init(ctx->output_msg); |
182 | + |
183 | + hip_build_network_hdr(ctx->output_msg, |
184 | HIP_UPDATE, |
185 | mask, |
186 | - &ha->hit_our, |
187 | - &ha->hit_peer); |
188 | - |
189 | - // Add ESP_INFO |
190 | - if (type == HIP_UPDATE_LOCATOR || |
191 | - type == HIP_UPDATE_ECHO_REQUEST || |
192 | - type == HIP_UPDATE_ESP_ANCHOR_ACK) { |
193 | - // Handle SPI numbers |
194 | - esp_info_old_spi = ha->spi_inbound_current; |
195 | - esp_info_new_spi = ha->spi_inbound_current; |
196 | - |
197 | - HIP_DEBUG("esp_info_old_spi=0x%x esp_info_new_spi=0x%x\n", |
198 | - esp_info_old_spi, esp_info_new_spi); |
199 | - |
200 | - HIP_IFEL(hip_build_param_esp_info(update_packet_to_send, |
201 | - ha->current_keymat_index, |
202 | - esp_info_old_spi, esp_info_new_spi), |
203 | - -1, "Building of ESP_INFO param failed\n"); |
204 | - } |
205 | - |
206 | - // Add LOCATOR |
207 | - if (type == HIP_UPDATE_LOCATOR) { |
208 | - HIP_DEBUG("locators = 0x%p locator_count = %d\n", locators, address_count); |
209 | - err = hip_build_param_locator(update_packet_to_send, locators, address_count); |
210 | - } |
211 | - |
212 | -#ifdef CONFIG_HIP_MIDAUTH |
213 | - /* TODO: no caching is done for PUZZLE_M parameters. This may be |
214 | - * a DOS attack vector. |
215 | - */ |
216 | - if (received_update_packet && type == HIP_UPDATE_ECHO_REQUEST) { |
217 | - HIP_IFEL(hip_solve_puzzle_m(update_packet_to_send, received_update_packet), -1, |
218 | - "Building of Challenge_Response failed\n"); |
219 | - } else { |
220 | - HIP_DEBUG("msg is NULL, midauth parameters not included in reply\n"); |
221 | - } |
222 | - |
223 | - /* TODO: no caching is done for PUZZLE_M parameters. This may be |
224 | - * a DOS attack vector. |
225 | - */ |
226 | - if (type == HIP_UPDATE_ECHO_RESPONSE) { |
227 | - HIP_IFEL(hip_solve_puzzle_m(update_packet_to_send, received_update_packet), -1, |
228 | - "Building of Challenge_Response failed\n"); |
229 | - } |
230 | -#endif |
231 | - |
232 | - // Add SEQ |
233 | - if (type == HIP_UPDATE_LOCATOR || |
234 | - type == HIP_UPDATE_ECHO_REQUEST || |
235 | - type == HIP_UPDATE_ESP_ANCHOR) { |
236 | - localstate = lmod_get_state_item(ha->hip_modular_state, "update"); |
237 | - localstate->update_id_out++; |
238 | - HIP_DEBUG("outgoing UPDATE ID=%u\n", hip_update_get_out_id(localstate)); |
239 | - /** @todo Handle this case. */ |
240 | - HIP_IFEL(hip_build_param_seq(update_packet_to_send, |
241 | - hip_update_get_out_id(localstate)), |
242 | - -1, |
243 | - "Building of SEQ parameter failed\n"); |
244 | - |
245 | - /************************************************/ |
246 | - } |
247 | - |
248 | - // Add ACK |
249 | - if (type == HIP_UPDATE_ECHO_REQUEST || |
250 | - type == HIP_UPDATE_ECHO_RESPONSE || |
251 | - type == HIP_UPDATE_ESP_ANCHOR_ACK) { |
252 | - HIP_IFEL(!(seq = hip_get_param(received_update_packet, |
253 | - HIP_PARAM_SEQ)), |
254 | - -1, "SEQ not found\n"); |
255 | - |
256 | - HIP_IFEL(hip_build_param_ack(update_packet_to_send, |
257 | - ntohl(seq->update_id)), |
258 | - -1, "Building of ACK failed\n"); |
259 | - } |
260 | - |
261 | - if (type == HIP_UPDATE_ESP_ANCHOR) { |
262 | - HIP_IFEL(esp_prot_update_add_anchor(update_packet_to_send, ha), |
263 | - -1, "failed to add esp_prot anchor element\n"); |
264 | - } |
265 | - |
266 | -#ifdef CONFIG_HIP_MIDAUTH |
267 | - |
268 | - if (type == HIP_UPDATE_ECHO_RESPONSE) { |
269 | - HIP_IFEL(hip_build_param(update_packet_to_send, ha->our_pub), -1, |
270 | - "Building of host id failed\n"); |
271 | - } |
272 | - |
273 | - if (type == HIP_UPDATE_ECHO_REQUEST) { |
274 | - char *midauth_cert = hip_pisa_get_certificate(); |
275 | - |
276 | - HIP_IFEL(hip_build_param(update_packet_to_send, ha->our_pub), -1, |
277 | - "Building of host id failed\n"); |
278 | - |
279 | - /* For now we just add some random data to see if it works */ |
280 | - HIP_IFEL(hip_build_param_cert(update_packet_to_send, |
281 | - 1, |
282 | - 1, |
283 | - 1, |
284 | - 1, |
285 | - midauth_cert, |
286 | - strlen(midauth_cert)), |
287 | - -1, |
288 | - "Building of cert failed\n"); |
289 | - } |
290 | - |
291 | -#endif |
292 | - |
293 | - /* Add ECHO_REQUEST (signed) |
294 | - * Notice that ECHO_REQUEST is same for the identical UPDATE packets |
295 | - * sent between different address combinations. |
296 | - */ |
297 | - if (type == HIP_UPDATE_ECHO_REQUEST) { |
298 | - HIP_HEXDUMP("ECHO_REQUEST in the host association", |
299 | - ha->echo_data, sizeof(ha->echo_data)); |
300 | - HIP_IFEL(hip_build_param_echo(update_packet_to_send, |
301 | - ha->echo_data, |
302 | - sizeof(ha->echo_data), |
303 | - 1, |
304 | - 1), |
305 | - -1, |
306 | - "Building of ECHO_REQUEST failed\n"); |
307 | - } |
308 | - |
309 | - /* Add ECHO_RESPONSE (signed) */ |
310 | - if (type == HIP_UPDATE_ECHO_RESPONSE) { |
311 | - echo_request = hip_get_param(received_update_packet, |
312 | - HIP_PARAM_ECHO_REQUEST_SIGN); |
313 | - HIP_IFEL(!echo_request, -1, "ECHO REQUEST not found!\n"); |
314 | - |
315 | - HIP_DEBUG("echo opaque data len=%d\n", |
316 | - hip_get_param_contents_len(echo_request)); |
317 | - HIP_HEXDUMP("ECHO_REQUEST ", |
318 | - (const uint8_t *) echo_request + sizeof(struct hip_tlv_common), |
319 | - hip_get_param_contents_len(echo_request)); |
320 | - HIP_IFEL(hip_build_param_echo(update_packet_to_send, |
321 | - (const uint8_t *) echo_request + sizeof(struct hip_tlv_common), |
322 | - hip_get_param_contents_len(echo_request), 1, 0), |
323 | - -1, "Building of ECHO_RESPONSE failed\n"); |
324 | - } |
325 | - |
326 | - // Add HMAC |
327 | - HIP_IFEL(hip_build_param_hmac_contents(update_packet_to_send, |
328 | - &ha->hip_hmac_out), -1, "Building of HMAC failed\n"); |
329 | - |
330 | - // Add SIGNATURE |
331 | - HIP_IFEL(ha->sign(ha->our_priv_key, update_packet_to_send), -EINVAL, |
332 | - "Could not sign UPDATE. Failing\n"); |
333 | - |
334 | - |
335 | -out_err: |
336 | - return err; |
337 | -} |
338 | - |
339 | -/** |
340 | - * deliver an UPDATE packet to the network |
341 | - * |
342 | - * @param update_packet_to_send the packet to deliver |
343 | - * @param ha host association |
344 | - * @param src_addr the source address to use for sending |
345 | - * @param dst_addr the destination address to use for sending |
346 | - * @return zero on success or negative on failure |
347 | - */ |
348 | -static int hip_send_update_pkt(struct hip_common *update_packet_to_send, |
349 | - struct hip_hadb_state *ha, |
350 | - const struct in6_addr *src_addr, |
351 | - const struct in6_addr *dst_addr) |
352 | -{ |
353 | - int err = 0; |
354 | - const int retransmit = 1; |
355 | - |
356 | - /** @todo set the local address unverified for that dst_hit(); */ |
357 | - err = hip_send_pkt(src_addr, |
358 | - dst_addr, |
359 | - (ha->nat_mode ? hip_get_local_nat_udp_port() : 0), |
360 | - ha->peer_udp_port, |
361 | - update_packet_to_send, |
362 | - ha, |
363 | - retransmit); |
364 | - |
365 | - return err; |
366 | -} |
367 | - |
368 | -/** |
369 | - * choose a sensible source address for an UPDATE packet with LOCATOR |
370 | + &ctx->hadb_entry->hit_our, |
371 | + &ctx->hadb_entry->hit_peer); |
372 | + |
373 | + return 0; |
374 | +} |
375 | + |
376 | +/** |
377 | + * Choose a sensible source address for an UPDATE packet with LOCATOR |
378 | * |
379 | * @param ha the related host association |
380 | * @param src_addr currently unused |
381 | @@ -383,353 +156,6 @@ |
382 | } |
383 | |
384 | /** |
385 | - * a wrapper function to handle any incoming UPDATE packet |
386 | - * |
387 | - * @param received_update_packet the received UPDATE packet if any |
388 | - * @param ha the related host association |
389 | - * @param src_addr the source address of the received packet |
390 | - * @param dst_addr the destination address of the received packet |
391 | - * @param locators the locators of the local host |
392 | - * @param type the type of the received packet |
393 | - * @return zero on success or negative on failure |
394 | - * |
395 | - * @todo locators should be sent to the whole verified addresses? |
396 | - */ |
397 | -int hip_send_update_to_one_peer(struct hip_common *received_update_packet, |
398 | - struct hip_hadb_state *ha, |
399 | - struct in6_addr *src_addr, |
400 | - struct in6_addr *dst_addr, |
401 | - struct hip_locator_info_addr_item *locators, |
402 | - int type) |
403 | -{ |
404 | - int err = 0, i = 0; |
405 | - LHASH_NODE *item = NULL, *tmp = NULL; |
406 | - struct hip_common *update_packet_to_send = NULL; |
407 | - struct update_state *localstate = NULL; |
408 | - struct in6_addr local_addr; |
409 | - |
410 | - HIP_IFEL(!(update_packet_to_send = hip_msg_alloc()), -ENOMEM, |
411 | - "Out of memory while allocation memory for the update packet\n"); |
412 | - err = hip_create_update_msg(received_update_packet, ha, |
413 | - update_packet_to_send, locators, type); |
414 | - if (err) { |
415 | - goto out_err; |
416 | - } |
417 | - |
418 | - switch (type) { |
419 | - case HIP_UPDATE_LOCATOR: |
420 | - HIP_IFEL(hip_select_local_addr_for_first_update(ha, |
421 | - src_addr, |
422 | - dst_addr, |
423 | - &local_addr), |
424 | - -1, |
425 | - "No source address found for first update\n"); |
426 | - HIP_DEBUG_IN6ADDR("Sending update from", &local_addr); |
427 | - HIP_DEBUG_IN6ADDR("to", dst_addr); |
428 | - |
429 | - hip_send_update_pkt(update_packet_to_send, ha, &local_addr, |
430 | - dst_addr); |
431 | - |
432 | - break; |
433 | - case HIP_UPDATE_ECHO_RESPONSE: |
434 | - HIP_DEBUG_IN6ADDR("Sending update from", src_addr); |
435 | - HIP_DEBUG_IN6ADDR("to", dst_addr); |
436 | - |
437 | - hip_send_update_pkt(update_packet_to_send, ha, src_addr, |
438 | - dst_addr); |
439 | - |
440 | - break; |
441 | - case HIP_UPDATE_ECHO_REQUEST: |
442 | - localstate = lmod_get_state_item(ha->hip_modular_state, "update"); |
443 | - |
444 | - // Randomize the echo response opaque data before sending ECHO_REQUESTS. |
445 | - // Notice that we're using the same opaque value for the identical |
446 | - // UPDATE packets sent between different address combinations. |
447 | - RAND_bytes(ha->echo_data, sizeof(ha->echo_data)); |
448 | - |
449 | - list_for_each_safe(item, tmp, localstate->addresses_to_send_echo_request, i) { |
450 | - dst_addr = list_entry(item); |
451 | - |
452 | - if (!are_addresses_compatible(src_addr, dst_addr)) { |
453 | - continue; |
454 | - } |
455 | - |
456 | - HIP_DEBUG_IN6ADDR("Sending echo requests from", src_addr); |
457 | - HIP_DEBUG_IN6ADDR("to", dst_addr); |
458 | - |
459 | - hip_send_update_pkt(update_packet_to_send, ha, |
460 | - src_addr, dst_addr); |
461 | - } |
462 | - |
463 | - break; |
464 | - case HIP_UPDATE_ESP_ANCHOR: |
465 | - case HIP_UPDATE_ESP_ANCHOR_ACK: |
466 | - // TODO re-implement sending of esp prot anchors |
467 | - HIP_DEBUG_IN6ADDR("Sending update from", src_addr); |
468 | - HIP_DEBUG_IN6ADDR("to", dst_addr); |
469 | - |
470 | - hip_send_update_pkt(update_packet_to_send, ha, src_addr, dst_addr); |
471 | - break; |
472 | - } |
473 | - |
474 | -out_err: |
475 | - free(update_packet_to_send); |
476 | - return err; |
477 | -} |
478 | - |
479 | -/** |
480 | - * publish the locator set of the local host to all peers |
481 | - * |
482 | - * @return zero on success or negative on failure |
483 | - */ |
484 | -static int hip_send_locators_to_all_peers(void) |
485 | -{ |
486 | - int err = 0, i = 0; |
487 | - struct hip_locator_info_addr_item *locators; |
488 | - struct hip_hadb_state *ha = NULL; |
489 | - struct hip_common *locator_msg = NULL; |
490 | - LHASH_NODE *item = NULL, *tmp = NULL; |
491 | - |
492 | - HIP_IFEL(!(locator_msg = hip_msg_alloc()), -ENOMEM, |
493 | - "Out of memory while allocation memory for the packet\n"); |
494 | - HIP_IFE(hip_create_locators(locator_msg, &locators), -1); |
495 | - |
496 | - // Go through all the peers and send update packets |
497 | - list_for_each_safe(item, tmp, hadb_hit, i) { |
498 | - ha = list_entry(item); |
499 | - |
500 | - if (ha->hastate == HIP_HASTATE_VALID && |
501 | - ha->state == HIP_STATE_ESTABLISHED) { |
502 | - err = hip_send_update_to_one_peer(NULL, |
503 | - ha, |
504 | - &ha->our_addr, |
505 | - &ha->peer_addr, |
506 | - locators, |
507 | - HIP_UPDATE_LOCATOR); |
508 | - if (err) { |
509 | - goto out_err; |
510 | - } |
511 | - } |
512 | - } |
513 | - |
514 | -out_err: |
515 | - /* Update DNS data in hit-to-ip domain name. This is done after |
516 | - * sending UPDATE packets. See the discussion for the reasoning: |
517 | - * http://www.freelists.org/post/hipl-users/HIP-UPDATE-select-error-Interrupted-system-call,2 */ |
518 | - if (hip_get_nsupdate_status()) { |
519 | - nsupdate(0); |
520 | - } |
521 | - |
522 | - if (hip_locator_status == HIP_MSG_SET_LOCATOR_ON) { |
523 | - hip_recreate_all_precreated_r1_packets(); |
524 | - } |
525 | - free(locator_msg); |
526 | - return err; |
527 | -} |
528 | - |
529 | -/** |
530 | - * process the first UPDATE packet (i.e. with a LOCATOR parameter) |
531 | - * |
532 | - * @param ctx the packet context |
533 | - * @return zero on success or negative on failure |
534 | - */ |
535 | -static int hip_handle_first_update_packet(struct hip_packet_context *const ctx) |
536 | -{ |
537 | - const struct hip_esp_info *esp_info = NULL; |
538 | - struct hip_locator *locator = NULL; |
539 | - const struct hip_seq *seq = NULL; |
540 | - struct update_state *localstate = NULL; |
541 | - int err = 0; |
542 | - |
543 | - esp_info = hip_get_param(ctx->input_msg, HIP_PARAM_ESP_INFO); |
544 | - locator = hip_get_param_readwrite(ctx->input_msg, HIP_PARAM_LOCATOR); |
545 | - seq = hip_get_param(ctx->input_msg, HIP_PARAM_SEQ); |
546 | - |
547 | - HIP_IFEL(!(localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, |
548 | - "update")), |
549 | - -1, |
550 | - "failed to look up UPDATE-specific state\n"); |
551 | - |
552 | - HIP_IFEL(hip_handle_locator_parameter(ctx->hadb_entry, |
553 | - &ctx->src_addr, |
554 | - locator), |
555 | - -1, |
556 | - "failed to process LOCATOR parameter\n"); |
557 | - |
558 | - // set the new spi value for the association |
559 | - ctx->hadb_entry->spi_outbound_new = ntohl(esp_info->new_spi); |
560 | - |
561 | - // progress update sequence to currently processed update |
562 | - if (localstate->update_id_in < ntohl(seq->update_id)) { |
563 | - localstate->update_id_in = ntohl(seq->update_id); |
564 | - } |
565 | - |
566 | - HIP_IFEL(hip_send_update_to_one_peer(ctx->input_msg, |
567 | - ctx->hadb_entry, |
568 | - &ctx->dst_addr, |
569 | - &ctx->src_addr, |
570 | - NULL, |
571 | - HIP_UPDATE_ECHO_REQUEST), |
572 | - -1, |
573 | - "failed to send UPDATE\n"); |
574 | - |
575 | -out_err: |
576 | - return err; |
577 | -} |
578 | - |
579 | -/** |
580 | - * process the second UPDATE packet (i.e. with echo request) |
581 | - * |
582 | - * @param ctx the packet context |
583 | - * @return zero on success or negative on failure |
584 | - */ |
585 | -static int hip_handle_second_update_packet(struct hip_packet_context *const ctx) |
586 | -{ |
587 | - const struct hip_esp_info *esp_info = NULL; |
588 | - const struct hip_seq *seq = NULL; |
589 | - struct update_state *localstate = NULL; |
590 | - int err = 0; |
591 | - |
592 | - esp_info = hip_get_param(ctx->input_msg, HIP_PARAM_ESP_INFO); |
593 | - seq = hip_get_param(ctx->input_msg, HIP_PARAM_SEQ); |
594 | - |
595 | - HIP_IFEL(!(localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, |
596 | - "update")), |
597 | - -1, |
598 | - "failed to look up UPDATE-specific state\n"); |
599 | - |
600 | - // set active addresses |
601 | - ipv6_addr_copy(&ctx->hadb_entry->our_addr, |
602 | - &ctx->dst_addr); |
603 | - ipv6_addr_copy(&ctx->hadb_entry->peer_addr, |
604 | - &ctx->src_addr); |
605 | - |
606 | - // set the new spi value for the association |
607 | - ctx->hadb_entry->spi_outbound_new = ntohl(esp_info->new_spi); |
608 | - |
609 | - // progress update sequence to currently processed update |
610 | - if (localstate->update_id_in < ntohl(seq->update_id)) { |
611 | - localstate->update_id_in = ntohl(seq->update_id); |
612 | - } |
613 | - |
614 | - HIP_IFEL(hip_send_update_to_one_peer(ctx->input_msg, |
615 | - ctx->hadb_entry, |
616 | - &ctx->dst_addr, |
617 | - &ctx->src_addr, |
618 | - NULL, |
619 | - HIP_UPDATE_ECHO_RESPONSE), |
620 | - -1, |
621 | - "failed to send UPDATE\n"); |
622 | - |
623 | -out_err: |
624 | - return err; |
625 | -} |
626 | - |
627 | -/** |
628 | - * process the third update (i.e. with echo response) |
629 | - * |
630 | - * @param ctx the packet context |
631 | - * @return zero on success or negative on failure |
632 | - */ |
633 | -static void hip_handle_third_update_packet(struct hip_packet_context *ctx) |
634 | -{ |
635 | - // set active addresses |
636 | - ipv6_addr_copy(&ctx->hadb_entry->our_addr, |
637 | - &ctx->dst_addr); |
638 | - ipv6_addr_copy(&ctx->hadb_entry->peer_addr, |
639 | - &ctx->src_addr); |
640 | -} |
641 | - |
642 | -static int hip_update_ipsec_sa(UNUSED const uint8_t packet_type, |
643 | - UNUSED const uint32_t ha_state, |
644 | - struct hip_packet_context *ctx) |
645 | -{ |
646 | - int err = 0; |
647 | - |
648 | - // don't update IPsec SAs and SPs for 1st UPDATE packet |
649 | - if (!hip_get_param(ctx->input_msg, HIP_PARAM_LOCATOR)) { |
650 | - HIP_IFEL(hip_create_or_update_security_associations_and_sp(ctx->hadb_entry, |
651 | - &ctx->src_addr, |
652 | - &ctx->dst_addr), |
653 | - -1, "failed to update IPsec SAs and SPs\n"); |
654 | - } |
655 | - |
656 | -out_err: |
657 | - return err; |
658 | -} |
659 | - |
660 | -/** |
661 | - * Thin wrapper function around hip_send_locators_to_all_peers. Needed for |
662 | - * registration as user message handle function. |
663 | - * |
664 | - * @param msg unused, needed due to type check of handle functions |
665 | - * @param src unused, needed due to type check of handle functions |
666 | - * |
667 | - * @return zero on success or negative on failure |
668 | - */ |
669 | -static int hip_update_manual_update(UNUSED struct hip_common *msg, |
670 | - UNUSED struct sockaddr_in6 *src) |
671 | -{ |
672 | - HIP_DEBUG("Manual UPDATE triggered.\n"); |
673 | - return hip_send_locators_to_all_peers(); |
674 | -} |
675 | - |
676 | -/** |
677 | - * Check if update should be sent. |
678 | - * |
679 | - * @return 0 on success, else negative value |
680 | - */ |
681 | -static int hip_update_maintenance(void) |
682 | -{ |
683 | - int err = 0; |
684 | - |
685 | - if (address_change_time_counter == 0) { |
686 | - address_change_time_counter = -1; |
687 | - |
688 | - HIP_DEBUG("Triggering UPDATE\n"); |
689 | - err = hip_send_locators_to_all_peers(); |
690 | - |
691 | - if (err) { |
692 | - HIP_ERROR("Error sending UPDATE\n"); |
693 | - } |
694 | - } else if (address_change_time_counter > 0) { |
695 | - HIP_DEBUG("Delay mobility triggering (count %d)\n", |
696 | - address_change_time_counter - 1); |
697 | - address_change_time_counter--; |
698 | - } |
699 | - |
700 | - return err; |
701 | -} |
702 | - |
703 | -/** |
704 | - * Initialize an update_state instance. |
705 | - * |
706 | - * Allocates the required memory and sets the members to the start values. |
707 | - * |
708 | - * @return Success = Index of the update state item in the global state. (>0) |
709 | - * Error = -1 |
710 | - */ |
711 | -static int hip_update_init_state(struct modular_state *state) |
712 | -{ |
713 | - int err = 0; |
714 | - struct update_state *update_state = NULL; |
715 | - |
716 | - HIP_IFEL(!(update_state = malloc(sizeof(struct update_state))), |
717 | - -1, |
718 | - "Error on allocating memory for a update state instance.\n"); |
719 | - |
720 | - update_state->update_state = 0; |
721 | - update_state->addresses_to_send_echo_request = hip_linked_list_init(); |
722 | - update_state->update_id_out = 0; |
723 | - update_state->update_id_in = 0; |
724 | - |
725 | - err = lmod_add_state_item(state, update_state, "update"); |
726 | - |
727 | -out_err: |
728 | - return err; |
729 | -} |
730 | - |
731 | -/** |
732 | * Check if UPDATE sequence and acknowledgment numbers are as expected. |
733 | * |
734 | * @param packet_type the packet type |
735 | @@ -846,61 +272,241 @@ |
736 | } |
737 | |
738 | /** |
739 | - * Process an received and checked UPDATE packet. |
740 | - * |
741 | - * @param packet_type the packet type |
742 | - * @param ha_state the HA state |
743 | - * @param ctx the packet context |
744 | + * Send an UPDATE packet depending on the update type. |
745 | + * |
746 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
747 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
748 | + * @param ctx Pointer to the packet context, containing all information for |
749 | + * the packet handling (received message, source and destination |
750 | + * address, the ports and the corresponding entry from the host |
751 | + * association database). |
752 | + * |
753 | + * @return zero on success, or negative error value on error. |
754 | + */ |
755 | +static int hip_send_update_packet(UNUSED const uint8_t packet_type, |
756 | + UNUSED const uint32_t ha_state, |
757 | + struct hip_packet_context *ctx) |
758 | +{ |
759 | + int err = 0, i = 0; |
760 | + LHASH_NODE *item = NULL, *tmp = NULL; |
761 | + struct in6_addr *dst_addr = NULL; |
762 | + struct update_state *localstate = NULL; |
763 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
764 | + const int retransmit = 1; |
765 | + |
766 | + update_type = hip_classify_update_type(ctx->input_msg); |
767 | + |
768 | + switch (update_type) { |
769 | + case FIRST_UPDATE_PACKET: |
770 | + // send challenge to all advertised locators |
771 | + localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, "update"); |
772 | + |
773 | + list_for_each_safe(item, tmp, localstate->addresses_to_send_echo_request, i) { |
774 | + dst_addr = list_entry(item); |
775 | + |
776 | + if (!are_addresses_compatible(&ctx->dst_addr, dst_addr)) { |
777 | + continue; |
778 | + } |
779 | + |
780 | + HIP_DEBUG_IN6ADDR("Sending echo requests from", &ctx->dst_addr); |
781 | + HIP_DEBUG_IN6ADDR("to", dst_addr); |
782 | + |
783 | + err = hip_send_pkt(&ctx->dst_addr, |
784 | + dst_addr, |
785 | + (ctx->hadb_entry->nat_mode ? hip_get_local_nat_udp_port() : 0), |
786 | + ctx->hadb_entry->peer_udp_port, |
787 | + ctx->output_msg, |
788 | + ctx->hadb_entry, |
789 | + retransmit); |
790 | + } |
791 | + break; |
792 | + case THIRD_UPDATE_PACKET: |
793 | + // mobility update is concluded after 3rd packet has been received |
794 | + break; |
795 | + default: |
796 | + // send a response to default peer IP |
797 | + err = hip_send_pkt(&ctx->hadb_entry->our_addr, |
798 | + &ctx->hadb_entry->peer_addr, |
799 | + (ctx->hadb_entry->nat_mode ? hip_get_local_nat_udp_port() : 0), |
800 | + ctx->hadb_entry->peer_udp_port, |
801 | + ctx->output_msg, |
802 | + ctx->hadb_entry, |
803 | + retransmit); |
804 | + } |
805 | + |
806 | + return err; |
807 | +} |
808 | + |
809 | +/** |
810 | + * publish the locator set of the local host to all peers |
811 | + * |
812 | * @return zero on success or negative on failure |
813 | */ |
814 | -static int hip_handle_update_packet(UNUSED const uint8_t packet_type, |
815 | +static int hip_trigger_update_for_all_peers(void) |
816 | +{ |
817 | + int err = 0, i = 0; |
818 | + struct hip_hadb_state *ha = NULL; |
819 | + LHASH_NODE *item = NULL, *tmp = NULL; |
820 | + |
821 | + // Go through all the peers and send update packets |
822 | + list_for_each_safe(item, tmp, hadb_hit, i) { |
823 | + ha = list_entry(item); |
824 | + |
825 | + if (ha->hastate == HIP_HASTATE_VALID && |
826 | + ha->state == HIP_STATE_ESTABLISHED) { |
827 | + err = hip_trigger_update(ha); |
828 | + if (err) { |
829 | + goto out_err; |
830 | + } |
831 | + } |
832 | + } |
833 | + |
834 | +out_err: |
835 | + /* Update DNS data in hit-to-ip domain name. This is done after |
836 | + * sending UPDATE packets. See the discussion for the reasoning: |
837 | + * http://www.freelists.org/post/hipl-users/HIP-UPDATE-select-error-Interrupted-system-call,2 */ |
838 | + if (hip_get_nsupdate_status()) { |
839 | + nsupdate(0); |
840 | + } |
841 | + |
842 | + if (hip_locator_status == HIP_MSG_SET_LOCATOR_ON) { |
843 | + hip_recreate_all_precreated_r1_packets(); |
844 | + } |
845 | + |
846 | + return err; |
847 | +} |
848 | + |
849 | +/** |
850 | + * Update the port and IP address information. |
851 | + * |
852 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
853 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
854 | + * @param ctx Pointer to the packet context, containing all information for |
855 | + * the packet handling (received message, source and destination |
856 | + * address, the ports and the corresponding entry from the host |
857 | + * association database). |
858 | + * |
859 | + * @return zero on success, or negative error value on error. |
860 | + */ |
861 | +static int hip_set_active_addresses(UNUSED const uint8_t packet_type, |
862 | UNUSED const uint32_t ha_state, |
863 | struct hip_packet_context *ctx) |
864 | { |
865 | - enum update_types update_type = UNKNOWN_PACKET; |
866 | - int err = 0; |
867 | - |
868 | /* set local UDP port just in case the original communications |
869 | * changed from raw to UDP or vice versa */ |
870 | ctx->hadb_entry->local_udp_port = ctx->msg_ports.dst_port; |
871 | /* @todo: a workaround for bug id 592200 */ |
872 | ctx->hadb_entry->peer_udp_port = ctx->msg_ports.src_port; |
873 | |
874 | + ipv6_addr_copy(&ctx->hadb_entry->our_addr, |
875 | + &ctx->dst_addr); |
876 | + ipv6_addr_copy(&ctx->hadb_entry->peer_addr, |
877 | + &ctx->src_addr); |
878 | + |
879 | + return 0; |
880 | +} |
881 | + |
882 | +/** |
883 | + * Update the IPsec security associations of the current connection. |
884 | + * |
885 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
886 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
887 | + * @param ctx Pointer to the packet context, containing all information for |
888 | + * the packet handling (received message, source and destination |
889 | + * address, the ports and the corresponding entry from the host |
890 | + * association database). |
891 | + * |
892 | + * @return zero on success, or negative error value on error. |
893 | + */ |
894 | +static int hip_update_ipsec_sa(UNUSED const uint8_t packet_type, |
895 | + UNUSED const uint32_t ha_state, |
896 | + struct hip_packet_context *ctx) |
897 | +{ |
898 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
899 | + int err = 0; |
900 | + |
901 | update_type = hip_classify_update_type(ctx->input_msg); |
902 | - switch (update_type) { |
903 | - case FIRST_PACKET: |
904 | - err = hip_handle_first_update_packet(ctx); |
905 | - break; |
906 | - case SECOND_PACKET: |
907 | - err = hip_handle_second_update_packet(ctx); |
908 | - break; |
909 | - case THIRD_PACKET: |
910 | - hip_handle_third_update_packet(ctx); |
911 | - break; |
912 | - default: |
913 | - if (esp_prot_update_type(ctx->input_msg) |
914 | - == ESP_PROT_FIRST_UPDATE_PACKET) { |
915 | - esp_prot_handle_first_update_packet(ctx->input_msg, |
916 | - ctx->hadb_entry, |
917 | - &ctx->src_addr, |
918 | - &ctx->dst_addr); |
919 | - } else if (esp_prot_update_type(ctx->input_msg) |
920 | - == ESP_PROT_SECOND_UPDATE_PACKET) { |
921 | - esp_prot_handle_second_update_packet(ctx->hadb_entry, |
922 | - &ctx->src_addr, |
923 | - &ctx->dst_addr); |
924 | - } else { |
925 | - HIP_ERROR("UPDATE packet unknown\n"); |
926 | - err = -1; |
927 | - goto out_err; |
928 | + |
929 | + // don't update IPsec SAs and SPs for 1st UPDATE packet |
930 | + if (update_type == SECOND_UPDATE_PACKET || |
931 | + update_type == THIRD_UPDATE_PACKET) { |
932 | + HIP_IFEL(hip_create_or_update_security_associations_and_sp(ctx->hadb_entry, |
933 | + &ctx->src_addr, |
934 | + &ctx->dst_addr), |
935 | + -1, "failed to update IPsec SAs and SPs\n"); |
936 | + } |
937 | + |
938 | +out_err: |
939 | + return err; |
940 | +} |
941 | + |
942 | +/** |
943 | + * Check if update should be sent. |
944 | + * |
945 | + * @return 0 on success, else negative value |
946 | + */ |
947 | +static int hip_update_maintenance(void) |
948 | +{ |
949 | + int err = 0; |
950 | + |
951 | + if (address_change_time_counter == 0) { |
952 | + address_change_time_counter = -1; |
953 | + |
954 | + HIP_DEBUG("Triggering UPDATE\n"); |
955 | + err = hip_trigger_update_for_all_peers(); |
956 | + |
957 | + if (err) { |
958 | + HIP_ERROR("Error sending UPDATE\n"); |
959 | } |
960 | + } else if (address_change_time_counter > 0) { |
961 | + HIP_DEBUG("Delay mobility triggering (count %d)\n", |
962 | + address_change_time_counter - 1); |
963 | + address_change_time_counter--; |
964 | } |
965 | |
966 | + return err; |
967 | +} |
968 | + |
969 | +/** |
970 | + * Initialize an update_state instance. |
971 | + * |
972 | + * Allocates the required memory and sets the members to the start values. |
973 | + * |
974 | + * @return Success = Index of the update state item in the global state. (>0) |
975 | + * Error = -1 |
976 | + */ |
977 | +static int hip_update_init_state(struct modular_state *state) |
978 | +{ |
979 | + int err = 0; |
980 | + struct update_state *update_state = NULL; |
981 | + |
982 | + HIP_IFEL(!(update_state = malloc(sizeof(struct update_state))), |
983 | + -1, |
984 | + "Error on allocating memory for a update state instance.\n"); |
985 | + |
986 | + update_state->update_state = 0; |
987 | + update_state->addresses_to_send_echo_request = hip_linked_list_init(); |
988 | + update_state->update_id_out = 0; |
989 | + update_state->update_id_in = 0; |
990 | + |
991 | + err = lmod_add_state_item(state, update_state, "update"); |
992 | + |
993 | out_err: |
994 | - ctx->error = err; |
995 | return err; |
996 | } |
997 | |
998 | +/** |
999 | + * Transition the connection state based on a successful update. |
1000 | + * |
1001 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1002 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1003 | + * @param ctx Pointer to the packet context, containing all information for |
1004 | + * the packet handling (received message, source and destination |
1005 | + * address, the ports and the corresponding entry from the host |
1006 | + * association database). |
1007 | + * |
1008 | + * @return zero on success, or negative error value on error. |
1009 | + */ |
1010 | static int hip_update_change_state(UNUSED const uint8_t packet_type, |
1011 | UNUSED const uint32_t ha_state, |
1012 | struct hip_packet_context *ctx) |
1013 | @@ -926,9 +532,51 @@ |
1014 | } |
1015 | |
1016 | /** |
1017 | - * Classifies an UPDATE packet by means of contained parameters. |
1018 | - * |
1019 | - * @param hip_msg the received packet |
1020 | + * Thin wrapper function around hip_send_locators_to_all_peers. Needed for |
1021 | + * registration as user message handle function. |
1022 | + * |
1023 | + * @param msg unused, needed due to type check of handle functions |
1024 | + * @param src unused, needed due to type check of handle functions |
1025 | + * |
1026 | + * @return zero on success or negative on failure |
1027 | + */ |
1028 | +static int hip_update_manual_update(UNUSED struct hip_common *msg, |
1029 | + UNUSED struct sockaddr_in6 *src) |
1030 | +{ |
1031 | + HIP_DEBUG("Manual UPDATE triggered.\n"); |
1032 | + return hip_trigger_update_for_all_peers(); |
1033 | +} |
1034 | + |
1035 | +/** |
1036 | + * Getter for the sequence number value. |
1037 | + * |
1038 | + * @note RFC 5201 Section 5.2.13: |
1039 | + * Notice that the section says 'The Update ID is an unsigned quantity, |
1040 | + * initialized by a host to zero upon moving to ESTABLISHED state' and |
1041 | + * 'The Update ID is incremented by one before each new UPDATE that is |
1042 | + * sent by the host; the first UPDATE packet originated by a host has |
1043 | + * an Update ID of 0'. Therefore we initialize the Update ID with 0 and |
1044 | + * increment this value before a new UPDATE packet is sent. Because the |
1045 | + * first UPDATE packet should contain 0 as value, we need to decrement |
1046 | + * the packet value by one for each UPDATE packet. |
1047 | + * |
1048 | + * @param state Pointer to the update state. |
1049 | + * |
1050 | + * @return The next UPDATE out ID if state is set, -1 on error |
1051 | + */ |
1052 | +uint32_t hip_update_get_out_id(struct update_state *state) |
1053 | +{ |
1054 | + if (state) { |
1055 | + return state->update_id_out - 1; |
1056 | + } else { |
1057 | + return -1; |
1058 | + } |
1059 | +} |
1060 | + |
1061 | +/** |
1062 | + * Classify an UPDATE packet by means of contained parameters. |
1063 | + * |
1064 | + * @param hip_msg The update message to be classified. |
1065 | * @return member of enum update_types |
1066 | */ |
1067 | enum update_types hip_classify_update_type(const struct hip_common *const hip_msg) |
1068 | @@ -951,17 +599,89 @@ |
1069 | echo_response = hip_get_param(hip_msg, HIP_PARAM_ECHO_RESPONSE_SIGN); |
1070 | |
1071 | if (esp_info && locator && seq) { |
1072 | - return FIRST_PACKET; |
1073 | + return FIRST_UPDATE_PACKET; |
1074 | } else if (esp_info && seq && ack && echo_request) { |
1075 | - return SECOND_PACKET; |
1076 | + return SECOND_UPDATE_PACKET; |
1077 | } else if (ack && echo_response) { |
1078 | - return THIRD_PACKET; |
1079 | + return THIRD_UPDATE_PACKET; |
1080 | } else { |
1081 | - return UNKNOWN_PACKET; |
1082 | + return UNKNOWN_UPDATE_PACKET; |
1083 | } |
1084 | } |
1085 | |
1086 | /** |
1087 | + * Trigger the update for a specific connection. |
1088 | + * |
1089 | + * @param hadb_entry the association state of the connection to be updated |
1090 | + * @return 0 on success, negative value in case of an error |
1091 | + */ |
1092 | +int hip_trigger_update(struct hip_hadb_state *hadb_entry) |
1093 | +{ |
1094 | + struct hip_common *locator_update_packet = NULL; |
1095 | + struct hip_common *locator_msg = NULL; |
1096 | + struct hip_locator_info_addr_item *locators = NULL; |
1097 | + struct update_state *localstate = NULL; |
1098 | + uint16_t mask = 0; |
1099 | + struct in6_addr local_addr; |
1100 | + int err = 0; |
1101 | + const int retransmit = 1; |
1102 | + |
1103 | + localstate = lmod_get_state_item(hadb_entry->hip_modular_state, "update"); |
1104 | + |
1105 | + HIP_IFEL(!(locator_update_packet = hip_msg_alloc()), -ENOMEM, |
1106 | + "Out of memory while allocation memory for the update packet\n"); |
1107 | + |
1108 | + hip_build_network_hdr(locator_update_packet, |
1109 | + HIP_UPDATE, |
1110 | + mask, |
1111 | + &hadb_entry->hit_our, |
1112 | + &hadb_entry->hit_peer); |
1113 | + |
1114 | + HIP_IFEL(hip_build_param_esp_info(locator_update_packet, |
1115 | + hadb_entry->current_keymat_index, |
1116 | + hadb_entry->spi_inbound_current, |
1117 | + hadb_entry->spi_inbound_current), |
1118 | + -1, "Building of ESP_INFO param failed\n"); |
1119 | + |
1120 | + HIP_IFEL(!(locator_msg = hip_msg_alloc()), |
1121 | + -ENOMEM, "Out of memory while allocation memory for the packet\n"); |
1122 | + HIP_IFE(hip_create_locators(locator_msg, &locators), -1); |
1123 | + |
1124 | + HIP_IFEL(hip_build_param_locator(locator_update_packet, |
1125 | + locators, |
1126 | + address_count), |
1127 | + -1, "failed to build locator parameter\n"); |
1128 | + |
1129 | + localstate->update_id_out++; |
1130 | + HIP_DEBUG("outgoing UPDATE ID=%u\n", hip_update_get_out_id(localstate)); |
1131 | + HIP_IFEL(hip_build_param_seq(locator_update_packet, |
1132 | + hip_update_get_out_id(localstate)), |
1133 | + -1, "Building of SEQ parameter failed\n"); |
1134 | + |
1135 | + hip_mac_and_sign_packet(locator_update_packet, hadb_entry); |
1136 | + |
1137 | + HIP_IFEL(hip_select_local_addr_for_first_update(hadb_entry, |
1138 | + &hadb_entry->our_addr, |
1139 | + &hadb_entry->peer_addr, |
1140 | + &local_addr), |
1141 | + -1, "No source address found for first update\n"); |
1142 | + HIP_DEBUG_IN6ADDR("Sending update from", &local_addr); |
1143 | + HIP_DEBUG_IN6ADDR("to", &hadb_entry->peer_addr); |
1144 | + |
1145 | + err = hip_send_pkt(&local_addr, |
1146 | + &hadb_entry->peer_addr, |
1147 | + (hadb_entry->nat_mode ? hip_get_local_nat_udp_port() : 0), |
1148 | + hadb_entry->peer_udp_port, |
1149 | + locator_update_packet, |
1150 | + hadb_entry, |
1151 | + retransmit); |
1152 | + |
1153 | +out_err: |
1154 | + free(locator_update_packet); |
1155 | + return err; |
1156 | +} |
1157 | + |
1158 | +/** |
1159 | * Initialization function for update module. |
1160 | * |
1161 | * @return Success = 0 |
1162 | @@ -987,7 +707,57 @@ |
1163 | -1, "Error on registering UPDATE handle function.\n"); |
1164 | HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1165 | HIP_STATE_R2_SENT, |
1166 | - &hip_handle_update_packet, |
1167 | + &hip_prepare_update_response, |
1168 | + 20200), |
1169 | + -1, "Error on registering UPDATE handle function.\n"); |
1170 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1171 | + HIP_STATE_R2_SENT, |
1172 | + &hip_add_esp_info_param, |
1173 | + 20300), |
1174 | + -1, "Error on registering UPDATE handle function.\n"); |
1175 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1176 | + HIP_STATE_R2_SENT, |
1177 | + &hip_handle_esp_info_param, |
1178 | + 20400), |
1179 | + -1, "Error on registering UPDATE handle function.\n"); |
1180 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1181 | + HIP_STATE_R2_SENT, |
1182 | + &hip_handle_locator_parameter, |
1183 | + 20500), |
1184 | + -1, "Error on registering UPDATE handle function.\n"); |
1185 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1186 | + HIP_STATE_R2_SENT, |
1187 | + &hip_add_seq_param, |
1188 | + 20600), |
1189 | + -1, "Error on registering UPDATE handle function.\n"); |
1190 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1191 | + HIP_STATE_R2_SENT, |
1192 | + &hip_handle_seq_param, |
1193 | + 20700), |
1194 | + -1, "Error on registering UPDATE handle function.\n"); |
1195 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1196 | + HIP_STATE_R2_SENT, |
1197 | + &hip_add_echo_request_param, |
1198 | + 20800), |
1199 | + -1, "Error on registering UPDATE handle function.\n"); |
1200 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1201 | + HIP_STATE_R2_SENT, |
1202 | + &hip_handle_echo_request_param, |
1203 | + 20900), |
1204 | + -1, "Error on registering UPDATE handle function.\n"); |
1205 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1206 | + HIP_STATE_R2_SENT, |
1207 | + &hip_set_active_addresses, |
1208 | + 21000), |
1209 | + -1, "Error on registering UPDATE handle function.\n"); |
1210 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1211 | + HIP_STATE_R2_SENT, |
1212 | + &hip_mac_and_sign_handler, |
1213 | + 29900), |
1214 | + -1, "Error on registering UPDATE handle function.\n"); |
1215 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1216 | + HIP_STATE_R2_SENT, |
1217 | + &hip_send_update_packet, |
1218 | 30000), |
1219 | -1, "Error on registering UPDATE handle function.\n"); |
1220 | HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1221 | @@ -1013,7 +783,57 @@ |
1222 | -1, "Error on registering UPDATE handle function.\n"); |
1223 | HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1224 | HIP_STATE_ESTABLISHED, |
1225 | - &hip_handle_update_packet, |
1226 | + &hip_prepare_update_response, |
1227 | + 20200), |
1228 | + -1, "Error on registering UPDATE handle function.\n"); |
1229 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1230 | + HIP_STATE_ESTABLISHED, |
1231 | + &hip_add_esp_info_param, |
1232 | + 20300), |
1233 | + -1, "Error on registering UPDATE handle function.\n"); |
1234 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1235 | + HIP_STATE_ESTABLISHED, |
1236 | + &hip_handle_esp_info_param, |
1237 | + 20400), |
1238 | + -1, "Error on registering UPDATE handle function.\n"); |
1239 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1240 | + HIP_STATE_ESTABLISHED, |
1241 | + &hip_handle_locator_parameter, |
1242 | + 20500), |
1243 | + -1, "Error on registering UPDATE handle function.\n"); |
1244 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1245 | + HIP_STATE_ESTABLISHED, |
1246 | + &hip_add_seq_param, |
1247 | + 20600), |
1248 | + -1, "Error on registering UPDATE handle function.\n"); |
1249 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1250 | + HIP_STATE_ESTABLISHED, |
1251 | + &hip_handle_seq_param, |
1252 | + 20700), |
1253 | + -1, "Error on registering UPDATE handle function.\n"); |
1254 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1255 | + HIP_STATE_ESTABLISHED, |
1256 | + &hip_add_echo_request_param, |
1257 | + 20800), |
1258 | + -1, "Error on registering UPDATE handle function.\n"); |
1259 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1260 | + HIP_STATE_ESTABLISHED, |
1261 | + &hip_handle_echo_request_param, |
1262 | + 20900), |
1263 | + -1, "Error on registering UPDATE handle function.\n"); |
1264 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1265 | + HIP_STATE_ESTABLISHED, |
1266 | + &hip_set_active_addresses, |
1267 | + 21000), |
1268 | + -1, "Error on registering UPDATE handle function.\n"); |
1269 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1270 | + HIP_STATE_ESTABLISHED, |
1271 | + &hip_mac_and_sign_handler, |
1272 | + 29900), |
1273 | + -1, "Error on registering UPDATE handle function.\n"); |
1274 | + HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1275 | + HIP_STATE_ESTABLISHED, |
1276 | + &hip_send_update_packet, |
1277 | 30000), |
1278 | -1, "Error on registering UPDATE handle function.\n"); |
1279 | HIP_IFEL(hip_register_handle_function(HIP_UPDATE, |
1280 | |
1281 | === modified file 'modules/update/hipd/update.h' |
1282 | --- modules/update/hipd/update.h 2011-04-13 13:28:58 +0000 |
1283 | +++ modules/update/hipd/update.h 2011-04-13 13:57:39 +0000 |
1284 | @@ -30,8 +30,8 @@ |
1285 | * @date 3.5.2009 |
1286 | */ |
1287 | |
1288 | -#ifndef HIP_MODULES_HIPD_UPDATE_H |
1289 | -#define HIP_MODULES_HIPD_UPDATE_H |
1290 | +#ifndef MODULES_UPDATE_HIPD_UPDATE_H |
1291 | +#define MODULES_UPDATE_HIPD_UPDATE_H |
1292 | |
1293 | #include <stdint.h> |
1294 | #include <netinet/in.h> |
1295 | @@ -51,7 +51,8 @@ |
1296 | #define HIP_LOCATOR_LOCATOR_TYPE_ESP_SPI 1 |
1297 | #define HIP_LOCATOR_LOCATOR_TYPE_UDP 2 |
1298 | |
1299 | -enum update_types { UNKNOWN_PACKET, FIRST_PACKET, SECOND_PACKET, THIRD_PACKET }; |
1300 | +enum update_types { UNKNOWN_UPDATE_PACKET, FIRST_UPDATE_PACKET, |
1301 | + SECOND_UPDATE_PACKET, THIRD_UPDATE_PACKET }; |
1302 | |
1303 | struct update_state { |
1304 | /** A kludge to get the UPDATE retransmission to work. |
1305 | @@ -121,16 +122,12 @@ |
1306 | struct hip_locator_info_addr_item2 type2; |
1307 | } __attribute__ ((packed)); |
1308 | |
1309 | +uint32_t hip_update_get_out_id(struct update_state *state); |
1310 | |
1311 | -int hip_send_update_to_one_peer(struct hip_common *received_update_packet, |
1312 | - struct hip_hadb_state *ha, |
1313 | - struct in6_addr *src_addr, |
1314 | - struct in6_addr *dst_addr, |
1315 | - struct hip_locator_info_addr_item *locators, |
1316 | - int type); |
1317 | +int hip_trigger_update(struct hip_hadb_state *ha_entry); |
1318 | |
1319 | enum update_types hip_classify_update_type(const struct hip_common *const hip_msg); |
1320 | |
1321 | int hip_update_init(void); |
1322 | |
1323 | -#endif /* HIP_MODULES_HIPD_UPDATE_H */ |
1324 | +#endif /* MODULES_UPDATE_HIPD_UPDATE_H */ |
1325 | |
1326 | === modified file 'modules/update/hipd/update_param_handling.c' |
1327 | --- modules/update/hipd/update_param_handling.c 2011-04-13 13:28:58 +0000 |
1328 | +++ modules/update/hipd/update_param_handling.c 2011-04-13 13:57:39 +0000 |
1329 | @@ -31,11 +31,14 @@ |
1330 | * @author Rene Hummen |
1331 | */ |
1332 | |
1333 | +#include <openssl/rand.h> |
1334 | + |
1335 | #include "lib/core/builder.h" |
1336 | #include "lib/core/debug.h" |
1337 | #include "lib/core/ife.h" |
1338 | #include "lib/core/list.h" |
1339 | #include "lib/core/prefix.h" |
1340 | +#include "update_builder.h" |
1341 | #include "update_locator.h" |
1342 | #include "update_param_handling.h" |
1343 | |
1344 | @@ -43,6 +46,7 @@ |
1345 | /** |
1346 | * Removes all the addresses from the addresses_to_send_echo_request list |
1347 | * and deallocates them. |
1348 | + * |
1349 | * @param state pointer to a host association |
1350 | */ |
1351 | static void hip_remove_addresses_to_send_echo_request(struct update_state *state) |
1352 | @@ -80,16 +84,253 @@ |
1353 | } |
1354 | |
1355 | /** |
1356 | - * process a LOCATOR paramter |
1357 | - * |
1358 | - * @param ha the related host association |
1359 | - * @param src_addr the source address where the locator arrived from |
1360 | - * @param locator the LOCATOR parameter |
1361 | - * @return zero on success or negative on failure |
1362 | - */ |
1363 | -int hip_handle_locator_parameter(struct hip_hadb_state *ha, |
1364 | - const struct in6_addr *src_addr, |
1365 | - struct hip_locator *locator) |
1366 | + * Add ESP_INFO parameter to second update packet. |
1367 | + * |
1368 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1369 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1370 | + * @param ctx Pointer to the packet context, containing all information for |
1371 | + * the packet handling (received message, source and destination |
1372 | + * address, the ports and the corresponding entry from the host |
1373 | + * association database). |
1374 | + * |
1375 | + * @return zero on success, or negative error value on error. |
1376 | + */ |
1377 | +int hip_add_esp_info_param(UNUSED const uint8_t packet_type, |
1378 | + UNUSED const uint32_t ha_state, |
1379 | + struct hip_packet_context *ctx) |
1380 | +{ |
1381 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
1382 | + int err = 0; |
1383 | + |
1384 | + update_type = hip_classify_update_type(ctx->input_msg); |
1385 | + |
1386 | + if (update_type == FIRST_UPDATE_PACKET) { |
1387 | + HIP_IFEL(hip_build_param_esp_info(ctx->output_msg, |
1388 | + ctx->hadb_entry->current_keymat_index, |
1389 | + ctx->hadb_entry->spi_inbound_current, |
1390 | + ctx->hadb_entry->spi_inbound_current), |
1391 | + -1, "Building of ESP_INFO param failed\n"); |
1392 | + } |
1393 | + |
1394 | +out_err: |
1395 | + return err; |
1396 | +} |
1397 | + |
1398 | +/** |
1399 | + * Handle ESP_INFO parameter in first and second update packet. |
1400 | + * |
1401 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1402 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1403 | + * @param ctx Pointer to the packet context, containing all information for |
1404 | + * the packet handling (received message, source and destination |
1405 | + * address, the ports and the corresponding entry from the host |
1406 | + * association database). |
1407 | + * |
1408 | + * @return zero on success, or negative error value on error. |
1409 | + */ |
1410 | +int hip_handle_esp_info_param(UNUSED const uint8_t packet_type, |
1411 | + UNUSED const uint32_t ha_state, |
1412 | + struct hip_packet_context *ctx) |
1413 | +{ |
1414 | + const struct hip_esp_info *esp_info = NULL; |
1415 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
1416 | + int err = 0; |
1417 | + |
1418 | + update_type = hip_classify_update_type(ctx->input_msg); |
1419 | + |
1420 | + if (update_type == FIRST_UPDATE_PACKET || |
1421 | + update_type == SECOND_UPDATE_PACKET) { |
1422 | + HIP_IFEL(!(esp_info = hip_get_param(ctx->input_msg, HIP_PARAM_ESP_INFO)), |
1423 | + -1, "no ESP_INFO parameter found\n"); |
1424 | + |
1425 | + // set the new spi value for the association |
1426 | + // TODO add rekeying functionality here |
1427 | + ctx->hadb_entry->spi_outbound_new = ntohl(esp_info->new_spi); |
1428 | + } |
1429 | + |
1430 | +out_err: |
1431 | + return err; |
1432 | +} |
1433 | + |
1434 | +/** |
1435 | + * Add SEQ parameter to second update packet. |
1436 | + * |
1437 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1438 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1439 | + * @param ctx Pointer to the packet context, containing all information for |
1440 | + * the packet handling (received message, source and destination |
1441 | + * address, the ports and the corresponding entry from the host |
1442 | + * association database). |
1443 | + * |
1444 | + * @return zero on success, or negative error value on error. |
1445 | + */ |
1446 | +int hip_add_seq_param(UNUSED const uint8_t packet_type, |
1447 | + UNUSED const uint32_t ha_state, |
1448 | + struct hip_packet_context *ctx) |
1449 | +{ |
1450 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
1451 | + struct update_state *localstate = NULL; |
1452 | + int err = 0; |
1453 | + |
1454 | + update_type = hip_classify_update_type(ctx->input_msg); |
1455 | + |
1456 | + if (update_type == FIRST_UPDATE_PACKET) { |
1457 | + HIP_IFEL(!(localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, |
1458 | + "update")), |
1459 | + -1, "failed to look up update state\n"); |
1460 | + localstate->update_id_out++; |
1461 | + HIP_DEBUG("outgoing UPDATE ID=%u\n", hip_update_get_out_id(localstate)); |
1462 | + HIP_IFEL(hip_build_param_seq(ctx->output_msg, |
1463 | + hip_update_get_out_id(localstate)), |
1464 | + -1, |
1465 | + "Building of SEQ parameter failed\n"); |
1466 | + } |
1467 | + |
1468 | +out_err: |
1469 | + return err; |
1470 | +} |
1471 | + |
1472 | +/** |
1473 | + * Handle SEQ parameter in first and second update packet. |
1474 | + * |
1475 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1476 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1477 | + * @param ctx Pointer to the packet context, containing all information for |
1478 | + * the packet handling (received message, source and destination |
1479 | + * address, the ports and the corresponding entry from the host |
1480 | + * association database). |
1481 | + * |
1482 | + * @return zero on success, or negative error value on error. |
1483 | + */ |
1484 | +int hip_handle_seq_param(UNUSED const uint8_t packet_type, |
1485 | + UNUSED const uint32_t ha_state, |
1486 | + struct hip_packet_context *ctx) |
1487 | +{ |
1488 | + const struct hip_seq *seq = NULL; |
1489 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
1490 | + struct update_state *localstate = NULL; |
1491 | + int err = 0; |
1492 | + |
1493 | + update_type = hip_classify_update_type(ctx->input_msg); |
1494 | + |
1495 | + if (update_type == FIRST_UPDATE_PACKET || |
1496 | + update_type == SECOND_UPDATE_PACKET) { |
1497 | + HIP_IFEL(!(seq = hip_get_param(ctx->input_msg, HIP_PARAM_SEQ)), |
1498 | + -1, "SEQ parameter not found\n"); |
1499 | + |
1500 | + HIP_IFEL(!(localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, |
1501 | + "update")), |
1502 | + -1, "failed to look up update state\n"); |
1503 | + |
1504 | + // progress update sequence to currently processed update |
1505 | + if (localstate->update_id_in < ntohl(seq->update_id)) { |
1506 | + localstate->update_id_in = ntohl(seq->update_id); |
1507 | + } |
1508 | + |
1509 | + HIP_IFEL(hip_build_param_ack(ctx->output_msg, ntohl(seq->update_id)), |
1510 | + -1, "Building of ACK parameter failed\n"); |
1511 | + } |
1512 | + |
1513 | +out_err: |
1514 | + return err; |
1515 | +} |
1516 | + |
1517 | +/** |
1518 | + * Add ECHO_REQUEST parameter to second update packet. |
1519 | + * |
1520 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1521 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1522 | + * @param ctx Pointer to the packet context, containing all information for |
1523 | + * the packet handling (received message, source and destination |
1524 | + * address, the ports and the corresponding entry from the host |
1525 | + * association database). |
1526 | + * |
1527 | + * @return zero on success, or negative error value on error. |
1528 | + */ |
1529 | +int hip_add_echo_request_param(UNUSED const uint8_t packet_type, |
1530 | + UNUSED const uint32_t ha_state, |
1531 | + struct hip_packet_context *ctx) |
1532 | +{ |
1533 | + enum update_types update_type = UNKNOWN_UPDATE_PACKET; |
1534 | + int err = 0; |
1535 | + |
1536 | + update_type = hip_classify_update_type(ctx->input_msg); |
1537 | + |
1538 | + if (update_type == FIRST_UPDATE_PACKET) { |
1539 | + // Randomize the echo response opaque data before sending ECHO_REQUESTS. |
1540 | + // Notice that we're using the same opaque value for the identical |
1541 | + // UPDATE packets sent between different address combinations. |
1542 | + RAND_bytes(ctx->hadb_entry->echo_data, |
1543 | + sizeof(ctx->hadb_entry->echo_data)); |
1544 | + |
1545 | + HIP_HEXDUMP("ECHO_REQUEST in the host association", |
1546 | + ctx->hadb_entry->echo_data, |
1547 | + sizeof(ctx->hadb_entry->echo_data)); |
1548 | + HIP_IFEL(hip_build_param_echo(ctx->output_msg, |
1549 | + ctx->hadb_entry->echo_data, |
1550 | + sizeof(ctx->hadb_entry->echo_data), |
1551 | + 1, |
1552 | + 1), |
1553 | + -1, |
1554 | + "Building of ECHO_REQUEST failed\n"); |
1555 | + } |
1556 | + |
1557 | +out_err: |
1558 | + return err; |
1559 | +} |
1560 | + |
1561 | +/** |
1562 | + * Handle ECHO_REQUEST parameter in second update packet. |
1563 | + * |
1564 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1565 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1566 | + * @param ctx Pointer to the packet context, containing all information for |
1567 | + * the packet handling (received message, source and destination |
1568 | + * address, the ports and the corresponding entry from the host |
1569 | + * association database). |
1570 | + * |
1571 | + * @return zero on success, or negative error value on error. |
1572 | + */ |
1573 | +int hip_handle_echo_request_param(UNUSED const uint8_t packet_type, |
1574 | + UNUSED const uint32_t ha_state, |
1575 | + struct hip_packet_context *ctx) |
1576 | +{ |
1577 | + const struct hip_echo_request *echo_request = NULL; |
1578 | + int err = 0; |
1579 | + |
1580 | + HIP_IFEL(!(echo_request = hip_get_param(ctx->input_msg, |
1581 | + HIP_PARAM_ECHO_REQUEST_SIGN)), |
1582 | + -1, "ECHO_REQUEST parameter not found!\n"); |
1583 | + |
1584 | + HIP_DEBUG("echo opaque data len=%d\n", |
1585 | + hip_get_param_contents_len(echo_request)); |
1586 | + HIP_HEXDUMP("ECHO_REQUEST ", |
1587 | + (const uint8_t *) echo_request + sizeof(struct hip_tlv_common), |
1588 | + hip_get_param_contents_len(echo_request)); |
1589 | + HIP_IFEL(hip_build_param_echo(ctx->output_msg, |
1590 | + (const uint8_t *) echo_request + sizeof(struct hip_tlv_common), |
1591 | + hip_get_param_contents_len(echo_request), 1, 0), |
1592 | + -1, "Building of ECHO_RESPONSE failed\n"); |
1593 | + |
1594 | +out_err: |
1595 | + return err; |
1596 | +} |
1597 | + |
1598 | +/** |
1599 | + * Handle LOCATOR parameter in first update packet. |
1600 | + * |
1601 | + * @param packet_type The packet type of the control message (RFC 5201, 5.3.) |
1602 | + * @param ha_state The host association state (RFC 5201, 4.4.1.) |
1603 | + * @param ctx Pointer to the packet context, containing all information for |
1604 | + * the packet handling (received message, source and destination |
1605 | + * address, the ports and the corresponding entry from the host |
1606 | + * association database). |
1607 | + * |
1608 | + * @return zero on success, or negative error value on error. |
1609 | + */ |
1610 | +int hip_handle_locator_parameter(UNUSED const uint8_t packet_type, |
1611 | + UNUSED const uint32_t ha_state, |
1612 | + struct hip_packet_context *ctx) |
1613 | { |
1614 | int err = 0; |
1615 | int locator_addr_count = 0; |
1616 | @@ -99,56 +340,63 @@ |
1617 | struct hip_locator_info_addr_item *locator_address_item = NULL; |
1618 | struct in6_addr *peer_addr = 0; |
1619 | struct update_state *localstate = NULL; |
1620 | - |
1621 | - HIP_IFEL(!locator, -1, "locator is NULL"); |
1622 | - |
1623 | - locator_addr_count = hip_get_locator_addr_item_count(locator); |
1624 | - |
1625 | - HIP_DEBUG("LOCATOR has %d address(es), loc param len=%d\n", |
1626 | - locator_addr_count, hip_get_param_total_len(locator)); |
1627 | - |
1628 | - // Empty the addresses_to_send_echo_request list before adding the |
1629 | - // new addresses |
1630 | - localstate = lmod_get_state_item(ha->hip_modular_state, "update"); |
1631 | - HIP_DEBUG("hip_get_state_item returned localstate: %p\n", localstate); |
1632 | - hip_remove_addresses_to_send_echo_request(localstate); |
1633 | - |
1634 | - locator_address_item = (struct hip_locator_info_addr_item *) (locator + 1); |
1635 | - for (i = 0; i < locator_addr_count; i++) { |
1636 | - locator_info_addr = hip_get_locator_item(locator_address_item, i); |
1637 | - |
1638 | - peer_addr = malloc(sizeof(struct in6_addr)); |
1639 | - if (!peer_addr) { |
1640 | - HIP_ERROR("Couldn't allocate memory for peer_addr.\n"); |
1641 | - return -1; |
1642 | - } |
1643 | - |
1644 | - ipv6_addr_copy(peer_addr, hip_get_locator_item_address(locator_info_addr)); |
1645 | - |
1646 | - list_add(peer_addr, localstate->addresses_to_send_echo_request); |
1647 | - |
1648 | - HIP_DEBUG_IN6ADDR("Comparing", src_addr); |
1649 | - HIP_DEBUG_IN6ADDR("to ", peer_addr); |
1650 | - |
1651 | - if (ipv6_addr_cmp(src_addr, peer_addr) == 0) { |
1652 | - src_addr_included = 1; |
1653 | - } |
1654 | - } |
1655 | - |
1656 | - if (!src_addr_included) { |
1657 | - HIP_DEBUG("Preferred address was not in locator (NAT?)\n"); |
1658 | - |
1659 | - peer_addr = malloc(sizeof(struct in6_addr)); |
1660 | - if (!peer_addr) { |
1661 | - HIP_ERROR("Couldn't allocate memory for peer_addr.\n"); |
1662 | - return -1; |
1663 | - } |
1664 | - |
1665 | - ipv6_addr_copy(peer_addr, src_addr); |
1666 | - list_add(peer_addr, localstate->addresses_to_send_echo_request); |
1667 | - } |
1668 | - |
1669 | - hip_print_addresses_to_send_update_request(ha); |
1670 | + struct hip_locator *locator = NULL; |
1671 | + |
1672 | + if (hip_classify_update_type(ctx->input_msg) == FIRST_UPDATE_PACKET) { |
1673 | + HIP_IFEL(!(locator = hip_get_param_readwrite(ctx->input_msg, |
1674 | + HIP_PARAM_LOCATOR)), |
1675 | + -1, "no LOCATOR parameter found\n"); |
1676 | + |
1677 | + locator_addr_count = hip_get_locator_addr_item_count(locator); |
1678 | + |
1679 | + HIP_DEBUG("LOCATOR has %d address(es), loc param len=%d\n", |
1680 | + locator_addr_count, hip_get_param_total_len(locator)); |
1681 | + |
1682 | + // Empty the addresses_to_send_echo_request list before adding the |
1683 | + // new addresses |
1684 | + localstate = lmod_get_state_item(ctx->hadb_entry->hip_modular_state, |
1685 | + "update"); |
1686 | + |
1687 | + HIP_DEBUG("hip_get_state_item returned localstate: %p\n", localstate); |
1688 | + hip_remove_addresses_to_send_echo_request(localstate); |
1689 | + |
1690 | + locator_address_item = (struct hip_locator_info_addr_item *) (locator + 1); |
1691 | + for (i = 0; i < locator_addr_count; i++) { |
1692 | + locator_info_addr = hip_get_locator_item(locator_address_item, i); |
1693 | + |
1694 | + peer_addr = malloc(sizeof(struct in6_addr)); |
1695 | + if (!peer_addr) { |
1696 | + HIP_ERROR("Couldn't allocate memory for peer_addr.\n"); |
1697 | + return -1; |
1698 | + } |
1699 | + |
1700 | + ipv6_addr_copy(peer_addr, hip_get_locator_item_address(locator_info_addr)); |
1701 | + |
1702 | + list_add(peer_addr, localstate->addresses_to_send_echo_request); |
1703 | + |
1704 | + HIP_DEBUG_IN6ADDR("Comparing", &ctx->src_addr); |
1705 | + HIP_DEBUG_IN6ADDR("to ", peer_addr); |
1706 | + |
1707 | + if (ipv6_addr_cmp(&ctx->src_addr, peer_addr) == 0) { |
1708 | + src_addr_included = 1; |
1709 | + } |
1710 | + } |
1711 | + |
1712 | + if (!src_addr_included) { |
1713 | + HIP_DEBUG("Preferred address was not in locator (NAT?)\n"); |
1714 | + |
1715 | + peer_addr = malloc(sizeof(struct in6_addr)); |
1716 | + if (!peer_addr) { |
1717 | + HIP_ERROR("Couldn't allocate memory for peer_addr.\n"); |
1718 | + return -1; |
1719 | + } |
1720 | + |
1721 | + ipv6_addr_copy(peer_addr, &ctx->src_addr); |
1722 | + list_add(peer_addr, localstate->addresses_to_send_echo_request); |
1723 | + } |
1724 | + |
1725 | + hip_print_addresses_to_send_update_request(ctx->hadb_entry); |
1726 | + } |
1727 | |
1728 | out_err: |
1729 | return err; |
1730 | |
1731 | === modified file 'modules/update/hipd/update_param_handling.h' |
1732 | --- modules/update/hipd/update_param_handling.h 2011-04-13 13:28:58 +0000 |
1733 | +++ modules/update/hipd/update_param_handling.h 2011-04-13 13:57:39 +0000 |
1734 | @@ -37,8 +37,32 @@ |
1735 | #include "lib/core/protodefs.h" |
1736 | #include "update.h" |
1737 | |
1738 | -int hip_handle_locator_parameter(struct hip_hadb_state *ha, |
1739 | - const struct in6_addr *src_addr, |
1740 | - struct hip_locator *locator); |
1741 | +int hip_add_esp_info_param(const uint8_t packet_type, |
1742 | + const uint32_t ha_state, |
1743 | + struct hip_packet_context *ctx); |
1744 | + |
1745 | +int hip_handle_esp_info_param(const uint8_t packet_type, |
1746 | + const uint32_t ha_state, |
1747 | + struct hip_packet_context *ctx); |
1748 | + |
1749 | +int hip_add_seq_param(const uint8_t packet_type, |
1750 | + const uint32_t ha_state, |
1751 | + struct hip_packet_context *ctx); |
1752 | + |
1753 | +int hip_handle_seq_param(const uint8_t packet_type, |
1754 | + const uint32_t ha_state, |
1755 | + struct hip_packet_context *ctx); |
1756 | + |
1757 | +int hip_add_echo_request_param(const uint8_t packet_type, |
1758 | + const uint32_t ha_state, |
1759 | + struct hip_packet_context *ctx); |
1760 | + |
1761 | +int hip_handle_echo_request_param(const uint8_t packet_type, |
1762 | + const uint32_t ha_state, |
1763 | + struct hip_packet_context *ctx); |
1764 | + |
1765 | +int hip_handle_locator_parameter(const uint8_t packet_type, |
1766 | + const uint32_t ha_state, |
1767 | + struct hip_packet_context *ctx); |
1768 | |
1769 | #endif /* MODULES_UPDATE_HIPD_UPDATE_PARAM_HANDLING_H */ |
To support reviewers, that's what actually happened in this branch: update_ msg(): split into smaller parameter handling functions update_ to_one_ peer(): packet type-specific code moved to the corresponding parameter handle functions X_update_ packet( ): split into smaller parameter handling functions
- hip_create_
- hip_send_
- hip_handle_
Otherwise, existing code has merely been moved into different files.