Merge lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db into lp:hipl
- hidb-db
- Merge into trunk
Status: | Superseded |
---|---|
Proposed branch: | lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db |
Merge into: | lp:hipl |
Diff against target: |
641 lines (+79/-151) 9 files modified
hipd/cert.c (+9/-5) hipd/cookie.c (+3/-5) hipd/hadb.c (+6/-9) hipd/hidb.c (+39/-71) hipd/hidb.h (+13/-22) hipd/init.c (+3/-32) hipd/output.c (+2/-3) modules/midauth/hipd/midauth.c (+2/-3) modules/update/hipd/update.c (+2/-1) |
To merge this branch: | bzr merge lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Diego Biurrun | Needs Fixing | ||
David Martin | Approve | ||
Review via email: mp+61832@code.launchpad.net |
This proposal has been superseded by a proposal from 2012-01-17.
Commit message
Description of the change
Cleans up the API of the HIDB. It removes all direct external accesses to the HIDB and ensures that the HIDB is only accessed through accessor functions.
Reviewing the individual commits provides additional context.
- 5938. By Stefan Götz
-
Merge the delist branch.
Branch: https://code.launchpad .net/~stefan. goetz/hipl/ delist
Merge proposal: https://code.launchpad .net/~stefan. goetz/hipl/ delist/ +merge/ 60724 Remove some uses of the various linked list implementations from HIPL.
- 5939. By Stefan Götz
-
Store commit message in file so it can be retrieved later instead of being
lost on a closed terminal. This feature was requested by Diego. - 5940. By David Martin
-
Allow hipd to exit gracefully in openwrt init-script.
When issuing a restart command and hipd is running, sleep for 5 seconds before
calling hipd again to allow it to exit gracefully. This simulates the behaviour
from the debian init scripts where start-stop-daemon does this automatically.
The latter is not available on the routers so we use this workaround. - 5941. By David Martin
-
Add restart action to hipfw openwrt init-script.
By default the openwrt call stops and starts hipfw when 'restart' is called.
As hipfw gets started with the -k option by default it is not exited gracefully.
Define the 'restart' call in the init script and sleep for 2 seconds after
calling killall on hipfw. This should be sufficient to clear the firewall rules
and free any states. - 5943. By Diego Biurrun
-
Eliminate some unnecessary HIP_IFEL instances from lib/core/conf.c.
- 5944. By Miika Komu
-
Updated ubuntu-specific instructions on compilation.
Added debhelper as a dependency.
- 5945. By David Martin
-
Do not print errors in killall call of hipd and hipfw init scripts.
When hipd or hipfw is not running and killall is called it usually prints
a notice that no process was killed. As the killall implementation on the
routers has no quiet option redirect stderr to /dev/null instead. - 5946. By René Hummen
-
add script enabling building of HIPL on remote host
Detailed setup information can be found within the script itself.
- 5947. By Stefan Götz
-
Fix the file encoding comment so it correctly states that the file is in UTF-8
- 5948. By Miika Komu
-
Applied a bug fix from Stefan Götz to fix "hipconf rst all" crash.
Stefan Götz in #789298: In revno 5938, a hash table disguised as a list
was replaced by an array. In one place, I forgot to replace the hash
table handling code which was then erroneously invoked on the array
which leads to the described crash and bug. - 5949. By Miika Komu
-
A bug fix from Joakim Koskela to "hipconf add map" failure (bug id 789306)
As bug id 789306 reports, "hipconf add map" is defunctional. This patch
(provided by Joakim) fixes the problem.Feel free to polish the bug fix directly if there's need for that.
- 5950. By David Martin
-
Add sanity check against netlink handle and header in netlink_talk().
netlink_talk() should check if it gets a valid netlink handle and message
header before it tries to access them as it is not guaranteed that they are
properly set up. For example when the initialization fails early and the
default policies are nevertheless attempted to be removed on exit.This fixes bug 790679 (https:/
/bugs.launchpad .net/hipl/ +bug/790679). - 5951. By David Martin
-
Rephrase ambiguous error message in hip_xfrm_
policy_ delete( ). If the call to netlink_talk() fails when a policy is to be deleted
it does not mean that there has been no associated policy. It can
fail for any number of reasons (no socket has been set up, a malformed
message was provided etc.). Thus only state that the policy deletion
failed.
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
Hi David!
Thanks for the review!
> In revision 5941:
>> Remove the locking macros for the HIDB because they are not used.
>
> What do you mean with "they are not used"? Because there are lots of calls to lock / unlock that
> you remove and without looking deeper into it seems like it is used here. Or is it because all
> access is done on our local hidb and we are neither multi-threaded nor does it get accessed from
> beyond the file so no locking is necessary?
I believe the locking is not used because:
- The code does not compile when enabling locking (note that locking is disabled
via a '#if 0')
- Locking was disabled by a commit in 2007 and I have no evidence that it was
ever enabled again
- The locking logic in trunk is badly broken. Exhibit 1: the core lookup
function hip_get_
hip_del_host_id() unlocks the database although the code path up to that point
never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
the database, some others do not. The list goes on...
- There is no multi-threading in HIPL (... for all I know. But given the above
reasons, I really really hope so, too)
Thus, I think it makes a lot of sense to remove the locking code because it
needs *major* re-working anyway.
>> -struct local_host_id *hip_get_
>> - const struct in6_addr *hit,
>> +struct local_host_id *hip_get_
>
> "const struct in6_addr *const hit" would be more correct here?
I wanted to address const correctness in one big commit, but anyway. Fixed in
rev. 5954
>> +/**
>> + * A call-back function for finding a host association between a given peer HIT
>> + * and any of the iteratively provided local HIs.
>> + *
>> + * @param lhi Points to a local_host_id object from which contains the
>> + * local HIT of the HA to find.
>
> "Points to a local_host_id object which contains"
Oops. Fixed in rev. 5953
>> -int hip_hidb_
>> +static int hip_hidb_
>
> *const ptr1 and *const ptr2 would be more correct?
Fixed in rev. 5954
> Other than that, as far as I'm able to judge it's looking good. Nice one! :)
Thanks! If this addresses all your concerns, please do not forget to change your
vote to 'accept'.
> PS: hipd crashes on shutdown after doing a base exchange. This has already been fixed in trunk revision 5948 and applying the change fixes it good.
Good to know, thanks!
Stefan
René Hummen (rene-hummen) wrote : | # |
> Hi David!
>
> Thanks for the review!
>
> > In revision 5941:
> >> Remove the locking macros for the HIDB because they are not used.
> >
> > What do you mean with "they are not used"? Because there are lots of calls
> to lock / unlock that
> > you remove and without looking deeper into it seems like it is used here. Or
> is it because all
> > access is done on our local hidb and we are neither multi-threaded nor does
> it get accessed from
> > beyond the file so no locking is necessary?
>
> I believe the locking is not used because:
>
> - The code does not compile when enabling locking (note that locking is
> disabled
> via a '#if 0')
>
> - Locking was disabled by a commit in 2007 and I have no evidence that it was
> ever enabled again
>
> - The locking logic in trunk is badly broken. Exhibit 1: the core lookup
> function hip_get_
> 2:
> hip_del_host_id() unlocks the database although the code path up to that point
> never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
> the database, some others do not. The list goes on...
>
> - There is no multi-threading in HIPL (... for all I know. But given the above
> reasons, I really really hope so, too)
>
> Thus, I think it makes a lot of sense to remove the locking code because it
> needs *major* re-working anyway.
Miika might be the person to judge this best, but to the best of my knowledge locking is not used in HIPL in the current implementation.
René Hummen (rene-hummen) wrote : | # |
review needs-fixing
On 20.05.2011, at 23:26, Stefan Götz wrote:
> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>
> Requested reviews:
> HIPL core team (hipl-core)
>
> For more details, see:
> https:/
>
> Cleans up the API of the HIDB. It removes all direct external accesses to the HIDB and ensures that the HIDB is only accessed through accessor functions.
>
> Reviewing the individual commits provides additional context.
[...]
> === modified file 'hipd/hadb.c'
> @@ -983,10 +1001,12 @@
> * Note, that hip_get_host_id() allocates a new buffer and this buffer
> * must be freed in out_err if an error occurs. */
>
> - if (hip_get_
> + if (hip_get_
> &entry->our_pub, &entry-
> - HIP_IFEL(
> - HIP_HI_DSA, &entry->our_pub, &entry-
> + HIP_IFEL(
> + HIP_HI_DSA,
> + &entry->our_pub,
> + &entry-
> -1, "Local host identity not found\n");
> }
Would it be possible to further abstract from the HI algorithm here? Right now, we need to look for an RSA key first and then fall back to DSA. What happens when we add ECDSA? We will need to add that case to many if not all calls to hip_get_
> === modified file 'hipd/hidb.c'
[...]
> - id = hip_get_
> + id = hip_get_
Is there any call to hip_get_
> === modified file 'hipd/hidb.h'
[...]
> void hip_uninit_
This function seems to introduce unnecessary call indirection seeing that hip_uninit_
Otherwise, this merge proposal seems good to me. However, you made changes to core HI handling components of HIPL, so please test your changes extensively. I suggest running tests in your own VMs including BEX and UPDATE exchanges, running Valgrind and making a test deployment in our testbed before committing these changes to trunk.
Thanks for these changes to core components!
--
Dipl.-Inform. Rene Hummen, Ph.D. Student
Chair of Communication and Distributed Systems
RWTH Aachen University, Germany
tel: +49 241 80 20772
web: http://
Miika Komu (miika-iki) wrote : | # |
We don't have yet threading support, hence there's no need for locking. I think (most of) the old locking code should have been removed by now.
Miika Komu (miika-iki) wrote : | # |
> Is there any call to hip_get_
> HIP_ANY_ALGO? Furthermore, is there any call with a parameter different from (anon=) -1? If not,
> these point to another possibility of cleaning up the API.
I would encourage to keep it. We need it for RFC5201-bis and crypto agility.
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
Hi René!
Thanks for reviewing!
>> - if (hip_get_
>> + if (hip_get_
>> &entry->our_pub, &entry-
>> - HIP_IFEL(
>> - HIP_HI_DSA, &entry->our_pub, &entry-
>> + HIP_IFEL(
>> + HIP_HI_DSA,
>> + &entry->our_pub,
>> + &entry-
>> -1, "Local host identity not found\n");
>> }
>
> Would it be possible to further abstract from the HI algorithm here? Right now, we need to look for an RSA key first and then fall back to DSA. What happens when we add ECDSA? We will need to add that case to many if not all calls to hip_get_
Further abstraction is certainly possible but right now not the focus
of this branch. I have a keys branch for toying around with an
algorithm-agnostic interface to crypto functionality but that is at an
infant's stage. Expect it to be ready anytime around 2020 :)
>> === modified file 'hipd/hidb.c'
> [...]
>> - id = hip_get_
>> + id = hip_get_
>
> Is there any call to hip_get_
We cannot get rid of this function altogether but similar cleanup will
be part of future merge proposals on the HIDB API.
>> void hip_uninit_
>
> This function seems to introduce unnecessary call indirection seeing that hip_uninit_
You are correct in terms of functionality but these are two different
interfaces, one for the HIDB, one for the LSIDB, and they should not
be mixed. A user of the HIDB (who might want to uninitialize it at
some point via this function) should not be exposed to the LSIDB API.
Performance is obviously not an issue here.
> Otherwise, this merge proposal seems good to me. However, you made changes to core HI handling components of HIPL, so please test your changes extensively. I suggest running tests in your own VMs including BEX and UPDATE exchanges, running Valgrind and making a test deployment in our testbed before committing these changes to trunk.
Will do that once the regression test framework is in place and the
current bugs are fixed. That might be a while.
Stefan
- 5952. By David Martin
-
Require network and local filesystem to be initialized in init scripts.
The HIPL daemons should only be started after the filesystems and the
network have been already set up. They should be exited before the
filesystems and network gets teared down as well.Documentation on possible boot dependencies can be found here:
http://refspecs. freestandards. org/LSB_ 3.1.0/LSB- Core-generic/ \
LSB-Core-generic/ facilname. html - 5953. By David Martin
-
Print notices when starting / stopping hipd via init script.
When hipd is already running or already stopped when calling start
or stop in the init script it should print a notice about it and
not just report OK. - 5954. By David Martin
-
Do not depend on network and local filesystem in debian init script.
To avoid having network communication leaked without being handled by
hipd or hipfw we should not force it to be started after the network
has been established.
We are only working on our local filesystem and should not wait for
the setup of the remote filesystem either.This commit is a follow up to the review of commit 5952 archived
here: http://www.freelists. org/post/ hipl-dev/
Branch-hiplcorehipltru nk-Rev- 5952-Require- network- and-local
-filesystem- to-be-initializ ed-in-init- scripts - 5955. By David Martin
-
Check whether daemon is running in openwrt init scripts.
Both hipd and hipfw create a PID file with their process id. Check against
it to determine whether we actually have to start or stop the daemon.
In case the daemon is already running or stopped print a notice respectively. - 5956. By Diego Biurrun
-
autobuild: Ensure that check_dist_
tarball( ) runs quiet by default. - 5957. By Diego Biurrun
-
autobuild: Run diff against /dev/null instead of an empty file.
- 5958. By Diego Biurrun
-
conf: Remove empty Doxygen block and docs for a nonexisting function parameter.
- 5959. By Diego Biurrun
-
Add a note about the --author parameter of 'bzr commit' to the HACKING guide.
- 5960. By Diego Biurrun
-
cosmetics: Add whitespace after shell output redirection operator.
- 5961. By Diego Biurrun
-
debian packaging: Integrate Bazaar revision number in package version.
- 5962. By Miika Komu
-
Updated binary dependency instructions
"make bin" had an extra dependency on a clean ubuntu/fedora installation.
- 5963. By Miika Komu
-
Text alignment
Aligned the Ubuntu installation line with Fedora in INSTALL.
- 5964. By Diego Biurrun
-
debian packaging: Make changelog a template file updated during package build.
This allows adding a Bazaar revision number to the changelog and thus to the
Debian package version without files under revision control getting modified. - 5965. By Stefan Götz
-
Fix bug #789327:
Add missing initialization to 'peer_addr' variable. Revision 5938 erroneously
removed code that was necessary to change the value of the peer_addr pointer
to an actual peer address. This caused a NULL pointer access and segmentation
fault when handling a locator parameter during an UPDATE message.
This merges the branch lp:~stefan.goetz/hipl/mobility-bug - 5966. By Diego Biurrun
-
doxygen: Warn if parameter documentation is missing for a function.
- 5967. By David Martin
-
Remove needless stdout redirection from openwrt init scripts.
Kill does not print anything, there is no need to redirect its output
to /dev/null.
David Martin (martin-lp) wrote : | # |
Hi,
> Thanks for the review!
You are welcome!
> I believe the locking is not used because:
>
> - The code does not compile when enabling locking (note that locking is
> disabled
> via a '#if 0')
oh, I missed the if condition there.
> - Locking was disabled by a commit in 2007 and I have no evidence that it was
> ever enabled again
>
> - The locking logic in trunk is badly broken. Exhibit 1: the core lookup
> function hip_get_
> 2:
> hip_del_host_id() unlocks the database although the code path up to that point
> never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
> the database, some others do not. The list goes on...
>
> - There is no multi-threading in HIPL (... for all I know. But given the above
> reasons, I really really hope so, too)
>
> Thus, I think it makes a lot of sense to remove the locking code because it
> needs *major* re-working anyway.
Ok, sounds reasonable, I'm convinced. Thanks for clarifying!
> I wanted to address const correctness in one big commit, but anyway. Fixed in
> rev. 5954
Thanks.
> >> +/**
> >> + * A call-back function for finding a host association between a given
> peer HIT
> >> + * and any of the iteratively provided local HIs.
> >> + *
> >> + * @param lhi Points to a local_host_id object from which contains the
> >> + * local HIT of the HA to find.
> >
> > "Points to a local_host_id object which contains"
>
> Oops. Fixed in rev. 5953
:)
> >> -int hip_hidb_
> >> +static int hip_hidb_
> >
> > *const ptr1 and *const ptr2 would be more correct?
>
> Fixed in rev. 5954
> Thanks! If this addresses all your concerns, please do not forget to change
> your
> vote to 'accept'.
My question has been answered and the minor issues fixed. All good by me! :)
David
- 5968. By David Martin
-
Use start-stop-daemon in dnsproxy and hipfw debian init scripts.
Both dnsproxy and hipfw init scripts now use the start-stop-daemon
in a similar fashion as the hipd. This means:
- it is not an error when the daemon is already running and start
is called again, print a notice instead
- let start-stop-daemon take care of exiting the daemon, it will
send a TERM and wait for three seconds before killing it,
there is no additional shell script magic necessary to test if the
daemon is runningThis commit fixes the error return value of the dnsproxy in bug 795848.
- 5969. By David Martin
-
Do not exit on iptable flush error in hipfw init script.
We are running the scripts with set -e, that means every unchecked
command returning an error exits the script. In this case the
function to flash the firewall rules prematurely exited the script
when the rules had already been flushed.
We now check the return value of the flush_iptables() function and
print a notice if an error occurs.This commit fixes the error return value of the hipfw in bug 795848.
- 5970. By Miika Komu
-
Updated a maintainer script.
Configuration for building binaries for Fedora and Ubuntu are now
up-to-date with the latest distributions. - 5971. By David Martin
-
Print warning for conflicting firewall options iff latter are set by user.
Instead of printing the misleading warning "Warning: timeouts (-t) have no
effect with connection tracking disabled (-F)" everytime the firewall is
started with -F, print it only when -t _and_ -F are specified by the user. - 5972. By David Martin
-
Cosmetics: do not break "cond ? foo : bar" at colon in hipfw main.c.
It looks neater with the full expression including ? on the next line.
- 5973. By René Hummen
-
fix regression in esp_tuple_
from_esp_ info() The conditional depended on new_esp instead of esp_info and the
function always returned NULL to the caller signaling an error. - 5974. By René Hummen
-
remove insertion of esp_tuple on 1st update
The same operations are already performed in
insert_connection_ from_update( ). - 5975. By René Hummen
-
add error handling for connection insertion by update
- 5976. By René Hummen
-
remove remove_connection from debug in remove_connection()
- 5977. By René Hummen
-
silence configure run by autobuilder for dist checks
- 5978. By Diego Biurrun
-
Add .dir-locals.el file that enforces the HIPL coding style for Emacs users.
This works similar to the .vimrc file we already have for Vim users.
- 5979. By Diego Biurrun
-
build: Add .dir-locals.el to distribution tarball.
- 5980. By Stefan Götz
-
Merged lp:hipl/peeraddr
- 5981. By Henrik Ziegeldorf
-
The error value must be set to non-zero in order to drop invalid loopback packets.
- 5982. By Henrik Ziegeldorf
-
Check packet destination hit when receiving a control packet.
Drop packets destined for a hit that does not belong to the receiver.
- 5983. By Henrik Ziegeldorf
-
Check control packet size before sending.
Issue a warning if packet size exceeds MTU.
- 5984. By Miika Komu
-
A bug fix to configuration file reading.
Configuration file reading failed to read any lines from configuration
file because newline wasn't removed. Fixed. - 5985. By Diego Biurrun
-
doc: Fix wrong instructions for building the HIPL HOWTO.
- 5986. By Diego Biurrun
-
hipconf: Remove outdated reference to a hipconf-related build system bug.
- 5987. By Christoph Viethen
-
Fix a bug in hip_opportunist
ic_ipv6_ to_hit( ), introduced in rev. 4843,
which caused hip_build_digest() to be erroneously called with "length of
pointer to IPv6 address" instead of "length of IPv6 address". This made
hip_build_digest() calculate, platform-dependently, a digest of only
the first quarter or the first half of the given IPv6 address.(Considering that in our case, most of the time, the IPv6 address in
actual fact is an IPv4-mapped IPv6 address (cf. RFC 4291, 2.5.5.2.),
where (more than) the first half consists of null bytes, the bug caused
hip_build_digest() to always return the same digest no matter what
(transformed) IPv4 address had been passed in. Consequently, pseudo HITs
as generated for opportunistic base exchanges always were the same,
causing trouble e.g. in HADB lookups.) - 5988. By Diego Biurrun
-
common.h: Put parentheses around #defines that are expressions and not values.
Otherwise all hell can break loose if the #defines are evaluated in a place
where operator precedence may mess with the intended semantics. - 5989. By Diego Biurrun
-
output.c: eliminate an unneeded variable indirection
- 5990. By Henrik Ziegeldorf
-
Replaced strlen with sizeof for string defined as macro in save_rsa/
dsa_private_ key. strlen() equals sizeof() - 1 in these cases.
- 5991. By Henrik Ziegeldorf
-
Minor improvements of const correctness in rule_management.c
- 5992. By Henrik Ziegeldorf
-
Replace if statement for crypto algorithm differentiation with switch statement and add error case.
- 5993. By Henrik Ziegeldorf
-
Simplified implementation of function hip_private_
host_id_ to_hit( ). Replaced if/else by switch case statement.
Removed cumbersome error handling. - 5994. By Henrik Ziegeldorf
-
Remove useless comments.
- 5995. By Henrik Ziegeldorf
-
Use hip_get_
host_id_ algo directly without indirection through variable declaration. - 5996. By Henrik Ziegeldorf
-
Inserted missing break in switch case statement.
- 5997. By Henrik Ziegeldorf
-
Use switch case statement for differentiating cryptographic algorithms.
This simplifies adding new algorithms (e.g. ECDSA).
- 5998. By Henrik Ziegeldorf
-
Completed doxygen of function dsa_to_hip_endpoint
- 5999. By Henrik Ziegeldorf
-
Replaced if-err-goto code with HIP_IFEL in rsa/dsa_
to_hip_ endpoint - 6000. By Henrik Ziegeldorf
-
Remove unused function declarations.
- 6001. By Henrik Ziegeldorf
-
Remove duplicate checks of fp in save_rsa/
dsa_private_ key. - 6002. By Henrik Ziegeldorf
-
Use HIP_IFEL for if-err-goto code.
- 6003. By Henrik Ziegeldorf
-
Removed useless abstractions for hip_host_id_to_it calls.
- 6004. By Henrik Ziegeldorf
-
Improved documentation of hip_host_id_to_hit and hip_private_
dsa/rsa_ host_id_ to_hit. - 6005. By Henrik Ziegeldorf
-
Remove unused define.
- 6006. By Henrik Ziegeldorf
-
Check input to verify function to avoid segmentation faults.
- 6007. By René Hummen
-
handle missing ECHO_REQUEST parameter gracefully
- 6008. By René Hummen
-
add handler for ECHO_REQUEST_
UNSIGNED parameter in UPDATE packets - 6009. By René Hummen
-
add missing doygen to hip_conf_
add_id_ to_ip_map( ) - 6010. By René Hummen
-
update Copyright-Header to year of latest change
- 6011. By Diego Biurrun
-
hostid: fix a small typo in doxygen documentation
- 6012. By Diego Biurrun
-
cert: drop an unnecessary cast
- 6013. By Miika Komu
-
A tentative fix to a compilation problem in tools/pisacert.c
As reported in bug id #788578, pisacert.c fails to compile on various
Redhat-based systems. I think this will finally sort out the problem. - 6014. By Miika Komu
-
A bug fix to "make bin" on CentOS.
As reported in bug id #811538, CentOS 5.6 fails to build due to a
missing directory. Fixed. - 6015. By Miika Komu
-
Documented a workaround for binary building
Documented the workaround of the previous revision for CentOS 5.6.
- 6016. By René Hummen
-
remove, rephrase and add conntrack debug output
- 6017. By Henrik Ziegeldorf
-
Merged lp:~hipl-core/hipl/ecc revision 5442.
- 6018. By René Hummen
-
add IP src address to locator set first
This enables HIPL to first reply to locator that is known to work.
- 6019. By René Hummen
-
move internal peer address update before sending of UPDATE
This fixes a bug, where clients move behind a new NAT and get a new
src ip AND src port. - 6020. By René Hummen
-
remove existing hip state when receiving I2
Note that this patch does not consider retransmissions of I2 packets yet
and might result state with the same content to be first removed and then
recreated. But at least, we clean-up possibly old state now and allow
new connection establishment in case of inconsitent state. - 6021. By Diego Biurrun
-
Fix moduels ---> modules typo.
- 6022. By Diego Biurrun
-
build: clean up .bzrignore
Restore alphabetical order, remove duplicates, use wildcard for config.foo
entries, do not globally ignore .lo and .la files. - 6023. By Diego Biurrun
-
create_ecdsa_key(): bandaid compilation fix for gcc 4.6
The err variable was write-only since the function returns EC_KEY* and not int.
Change err variable to type EC_KEY* and return it instead of NULL. - 6024. By Diego Biurrun
-
cosmetics: remove some unnecessary parentheses from pointer expressions
The struct member selection operators '.' and '->' have higher precedence than
the address operator '&'. Remove parentheses made unnecessary by this order
in cases where they add no readability or even impair readability. - 6025. By René Hummen
-
replace code with hip_ifel abuse
- 6026. By Diego Biurrun
-
doxygen: exclude directory generated by 'make dist' from list of source files
- 6027. By Diego Biurrun
-
build: ignore directory generated by 'make dist'
- 6028. By Diego Biurrun
-
Merge vestigial locking macros removal branch.
- 6029. By Diego Biurrun
-
uncrustify: force END_TEST to be treated as macro-close token
This allows uncrustify to deal with the unit test code without completely
messing up its formatting. - 6030. By Diego Biurrun
-
unit tests: reformat struct declaration in a way that survives uncrustify
- 6031. By Diego Biurrun
-
stylecheck: fix description of this pre-commit hook's dependencies
There is nothing GNU in the way diff/patch are used; mention both diff and
patch as dependencies; remove some stray trailing whitespace. - 6032. By Diego Biurrun
-
cosmetics: drop some redundant ';' pointed out by uncrustify; merge two lines
- 6033. By Diego Biurrun
-
stylecheck.py: fix some typos
- 6034. By Diego Biurrun
-
cosmetics: fix some incorrect spacing found while playing with uncrustify
- 6035. By Diego Biurrun
-
INSTALL: add a short sentence on contributing; mention HACKING
- 6036. By Diego Biurrun
-
Drop unnecessary return statements at the end of void functions.
- 6037. By Miika Komu
-
Added a note on an experimental bzr hook to the HACKING file
Stefan Götz has developed a pre-commit hook for the Copyright. While
the pre-commit has not been merged yet, it pops up on the mailing list
every now and then. Therefore, I decided to note it on the HACKING
instructions and advocate Stefan to merge it! - 6038. By Diego Biurrun
-
Merge uncrustify improvements branch.
- 6039. By Stefan Götz
-
Completely removes the files lib/tool/
lutil.{ c.h}. They primarily contain a list
implementation which is only used for string parsing. This string parsing is
actually implemented much better directly via strtok(). This also removes a
source of GPL infection.Merge of branch https:/
/code.launchpad .net/~stefan. goetz/hipl/ delist
Merge proposal https://code.launchpad .net/~stefan. goetz/hipl/ delist/ +merge/ 62559 - 6040. By Diego Biurrun
-
Merge demodularization branch that pulls together Makefile.am snippets.
- 6041. By Henrik Ziegeldorf
-
Fix incorrect use of sizeof.
- 6042. By Henrik Ziegeldorf
-
Fixed tests for ECC functionality, such that all tests are passed.
- 6043. By Diego Biurrun
-
cosmetics: fix 'null' vs. 'NULL' typo
- 6044. By Diego Biurrun
-
builder: clean up return handling
Return values directly instead of setting a variable, jumping
to a goto label and returning the variable there. - 6045. By Diego Biurrun
-
nlink: drop some pointless void* casts
Diego Biurrun (diego-biurrun) wrote : | # |
review needs-fixing
On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>
> --- firewall/
> +++ firewall/
> @@ -824,29 +823,38 @@
>
> +/**
> * flushes all entries in the sadb
> *
> - * @return -1, if error occurred, else 0
> + * @return 0
> */
> int hip_sadb_
> {
> - int err = 0, i = 0;
> - LHASH_NODE *item = NULL, *tmp = NULL;
> - struct hip_sa_entry *entry = NULL;
> -
> - // iterating over all elements
> - list_for_
> - {
> - HIP_IFEL(!(entry = list_entry(item)), -1,
> - "failed to get list entry\n");
> - HIP_IFEL(
> - "failed to delete sa entry\n");
> - }
> + hip_ht_doall(sadb, delete_sa_entry);
>
> HIP_DEBUG("sadb flushed\n");
This debug line is rather pointless IMO, I'd remove it.
> -out_err:
> - return err;
> + return 0;
> }
Why not make the function void instead of always returning the same value?
> --- hipd/cookie.c 2011-05-10 22:14:13 +0000
> +++ hipd/cookie.c 2011-05-20 21:25:59 +0000
> @@ -372,24 +367,10 @@
> /**
> * precreate all R1 packets
> *
> - * @return zero on success or negative on error
> + * @return 0
> */
> int hip_recreate_
> {
> - HIP_HASHTABLE *ht = hip_ht_
> - LHASH_NODE *curr, *iter;
> - struct hip_host_id *tmp;
> - int c;
> -
> - hip_for_
> -
> - list_for_
> - {
> - tmp = list_entry(curr);
> - hip_ht_
> - list_del(tmp, ht);
> - }
> -
> - hip_ht_uninit(ht);
> + hip_for_
> return 0;
> }
ditto
> --- hipd/init.c 2011-05-04 16:20:00 +0000
> +++ hipd/init.c 2011-05-20 21:25:59 +0000
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2010 Aalto University and RWTH Aachen University.
> + * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
> *
> * Permission is hereby granted, free of charge, to any person
> * obtaining a copy of this software and associated documentation
> @@ -28,6 +28,7 @@
> * This file defines initialization functions for the HIP daemon.
> *
> * @note HIPU: BSD platform needs to be autodetected in hip_set_
> + * @author Stefan G??tz <email address hidden>
> */
I'm sceptical that removing a function constitutes a real contribution.
There are more similar cases in this merge request, we need to come to
a conclusion what to do with these cases.
Diego
- 6046. By René Hummen
-
merge re-implements the hipd-related part of draft-heer-
hip-middle- auth-02 An extensive merge proposal and discussion can be found at:
https://code.launchpad .net/~rene- hummen/ hipl/midauth- hipd/+merge/ 70736 - 6047. By René Hummen
-
move xml tag to top of file for correct parsing
- 6048. By Diego Biurrun
-
user_ipsec_api: move #include to the correct place
David Martin (martin-lp) wrote : | # |
Hi,
On Mon, Aug 8, 2011 at 5:00 PM, Diego Biurrun <email address hidden> wrote:
> review needs-fixing
>
> On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
>> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>>
>> HIP_DEBUG("sadb flushed\n");
>
> This debug line is rather pointless IMO, I'd remove it.
>
>> -out_err:
>> - return err;
>> + return 0;
>> }
>
> Why not make the function void instead of always returning the same value?
>
> There are more similar cases in this merge request, we need to come to
> a conclusion what to do with these cases.
well, shouldn't a merge review focus on the changes to be merged more than
on general problems with the code around it? Your points are valid but if I
see it right those parts of the code weren't touched by Stefan and in my
opinion unrelated to the goal of this branch.
There's the boyscout rule but you can only apply it so far else you never get
done with what you wanted to do in the first place or you needlessly bloat
the merge request, no?
Diego Biurrun (diego-biurrun) wrote : | # |
On Wed, Aug 10, 2011 at 02:14:13PM +0000, David Martin wrote:
>
> On Mon, Aug 8, 2011 at 5:00 PM, Diego Biurrun <email address hidden> wrote:
> > review needs-fixing
> >
> > On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
> >> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
> >>
> >> HIP_DEBUG("sadb flushed\n");
> >
> > This debug line is rather pointless IMO, I'd remove it.
> >
> >> -out_err:
> >> - return err;
> >> + return 0;
> >> }
> >
> > Why not make the function void instead of always returning the same value?
> >
> > There are more similar cases in this merge request, we need to come to
> > a conclusion what to do with these cases.
>
> well, shouldn't a merge review focus on the changes to be merged more than
> on general problems with the code around it? Your points are valid but if I
> see it right those parts of the code weren't touched by Stefan and in my
> opinion unrelated to the goal of this branch.
>
> There's the boyscout rule but you can only apply it so far else you never get
> done with what you wanted to do in the first place or you needlessly bloat
> the merge request, no?
He is changing the whole function anyway, so this seemed relevant...
That said, yes, one has to focus, otherwise you never get finished.
Diego
- 6049. By Diego Biurrun
-
openwrt: cosmetics: drop some unnecessary backslashes
- 6050. By Diego Biurrun
-
sync-all: drop version number from temporary directory name
The version number keeps changing and this script is simple enough not to
need it. Having it generated by configure would thus be overkill. - 6051. By Diego Biurrun
-
openwrt: generate Makefile from a template by configure to substitute version
This saves the trouble of changing HIPL version numbers in multiple
places after each release. - 6052. By Diego Biurrun
-
hipd: eliminate some HIP_IFE(L) abuse; simplify return handling
- 6053. By David Martin
-
Free allocated memory in case of error in hip_update_
init_state( ). - 6054. By Miika Komu
-
Updated Debian and Redhat dependencies in INSTALL.
Added "check" to optional dependencies.
- 6055. By Diego Biurrun
-
patches: remove outdated kernel patches, version < 2.6.18
- 6056. By Diego Biurrun
-
autobuild: test existence of OpenWrt directory before copying
- 6057. By Diego Biurrun
-
INSTALL: remove duplicate 'check' entries from required packages list
- 6058. By Diego Biurrun
-
HACKING: update one Doxygen example to reflect current practice
- 6059. By Diego Biurrun
-
doxygen: drop redundant @author, @version and @date tags
Bazaar is tracking this information in a more accurate and less error-prone
fashion already, no need to manually repeat its job (badly). - 6060. By René Hummen
-
merge conntrack-cleanup branch revision 6083
The merge proposal has been discussed at:
https://code.launchpad .net/~rene- hummen/ hipl/conntrack- cleanup/ +merge/ 71550 - 6061. By David Martin
-
Make lmod_get_
state_item( ) more robust. Perform sanity checks on passed parameters and do not pass a possibly
negative return value as an unsigned int. - 6062. By David Martin
-
Merge update_ack_handling branch revision 6053.
Merge proposal:
https://code.launchpad .net/~martin- lp/hipl/ update_ ack_handling/ +merge/ 71328 Accept ACKs for all outstanding Update packets instead of most recent one.
Previously only ACKs for the most recent sent Update packet were accepted.
This merge introduces a boundary for yet to be acknowledged Update packets
which allows to correctly deal with ACKs for more than one outstanding
Update packet.This fixes a bug where ACKs were falsely dropped when both hosts initiated
an update at the same time. - 6063. By David Martin
-
Include string.h in test/*/
midauth_ builder. c to fix N900 compile issue. The N900 build script now successfully builds again.
- 6064. By Artturi Karila
-
Don't drop packets with non-local dst HIT if RVS is active
Packets with a non-local destination HIT were being dropped in
hip_receive_control_ packet( ) before the check for whether they should be
relayed.hip_check_i1() (which would only be called after hip_receive_
control_ packet( ))
had redundant code doing the same except with a provision for opportunistic I1
packets.I removed the redundancy and changed the code to be executed only if we are not
offering RVS or relay service. - 6065. By Diego Biurrun
-
Remove some redundant, write-only variables.
- 6066. By Diego Biurrun
-
conntrack: simplify handle_update()
Change a pointer to pointer function argument to a simple pointer. The
argument is always dereferenced before use, effectively turning it into
a simple pointer argument. - 6067. By Diego Biurrun
-
midauth: Fix compilation with --enable-midauth.
A #include and a variable initialization were missing from the midauth branch
merge, resulting in compilation failures with --enable-midauth. - 6068. By René Hummen
-
fix autobuilder
if update is excluded from build, so should be its dependencies,
including midauth. - 6069. By Diego Biurrun <email address hidden>
-
conntrack: change if/else cascade to switch statement
- 6070. By Diego Biurrun <email address hidden>
-
conntrack: replace some pointless gotos by direct return
- 6071. By David Martin
-
conntrack: avoid code duplication in get_tuple_by_hip().
get_tuple_by_hits() performs the same iteration on the list of
connection tuples, call this instead of having it twice in the
code. - 6072. By Henrik Ziegeldorf
-
Added tests for serialization and deserialization of RSA keys.
- 6073. By David Martin
-
Remove unused state attribute from firewall connection tuples.
The state exists for both initiator and responder but it's only changed
initially on creation and when the connection is closed. It's never read
or used in any way. Therefore scrap it. - 6074. By David Martin
-
Use /lib/core/ state definitions instead of local ones in conntrack.c.
The prior definitions weren't used except for the initial state making
the enum rather pointless. As of now the state in connections is still
unused but it will be used to track connection information in the
future. - 6075. By Diego Biurrun
-
debian: reflect dependency on (possibly remotely-mounted) /usr in init scripts
The HIPL init scripts depend on /usr to start the HIPL binaries. /usr may be
remotely-mounted, so depend on remote filesystems being mounted before running.
reference: http://wiki.debian. org/LSBInitScri pts - 6076. By Miika Komu
-
Changed start-up priority of the DNS proxy in Ubuntu/Debian
As bug id #845677 states, I've had some problems during boot in my
Ubuntu Natty when both DNS proxy and dnsmasq are installed. The root of
the problem seems to be that DNS proxy starts too fast and there's a
race condition with dnsmasq. Diego suggested a fix the bug in init.d
scripts and it seems to work just fine. - 6077. By Miika Komu
-
Another stab to fix DNS proxy boot-up problems in Ubuntu Natty.
Revision 6076 did not do the trick to fix DNS problems when dnsmasq and
DNS proxy are running in the same system (#845677). The issue was subtle
and seems to reappear randomly. This commit has an additional safe guard
(higher priority for init.d) which I hope will fix the problem. I have
tested the bug fix both in LTS and Natty. - 6078. By Miika Komu
-
Re-enabled "shotgun" extension for hipconf
The shotgun extension sends multiple I1/UPDATE messages to find a
working address pair. Somebody disabled the extension in hipconf, but
just partially. This commit re-enables the shotgun functionality (which
seems to working as reported in bug report lp:592177). - 6079. By David Martin
-
Move debug RSA key creation announcement before the actual generation.
It doesn't make much sense to notify about an upcoming key generation
when it is already finished. - 6080. By Diego Biurrun <email address hidden>
-
Bazaar is a build-time dependency of HIPL.
- 6081. By Diego Biurrun <email address hidden>
-
Restructure commands used to satisfy optional and required dependencies.
Split into lists of packages necessary for building HIPL, those for optional
functionality and those required for building binary distribution packages. - 6082. By Diego Biurrun <email address hidden>
-
RPM: drop rpm-build package from BuildRequires list
The rpmbuild program is an implied dependency of RPM package building, so it
ought to be safe to leave it out of BuildRequires. This allows using the
specfile on other RPM-based distributions like openSUSE where rpmbuild is
part of the rpm package and no separate rpm-build package exists. - 6083. By David Martin
-
Cosmetics: Spaces in array definition in test/lib/
core/hostid. c - 6084. By David Martin
-
Merge n900-build-fix branch revision rev 6083 into trunk.
Merge-proposal:
https://code.launchpad .net/~martin- lp/hipl/ n900-build- fix/+merge/ 78551 Set hostid unit test timeouts to 120 seconds to fix broken package
building for the N900. - 6085. By René Hummen
-
minor beautification of script output
- 6086. By René Hummen
-
add error output for conflicting handle function priorities
- 6087. By René Hummen
-
fix issue where update causes old ipsec sa not to be removed at responder
The altering IPsec SAs requires knowlege about the IP addresses of the
peer. During updates, we update the IPs to the new locators. Hence, we
need to remove IPsec SAs before resetting the IPs and set up new SAs
afterwards. This commit splits removal and setup into two parts. - 6088. By René Hummen
-
fix long handover delays in case locators are unreachable for responder
In some situations, the network stack of the responder cannot deliver
HIP UPDATE messages to the signaled locators. In this case, sendto()
returns a length != packet_length. Until now, HIPL tried three times
to send undeliverable packets with a timeout of 2 seconds each. As the
hipd is single-threaded, this caused a delay of 4+ seconds per
undeliverable locator.
HIPL also implements a retransmission mechanisms (for UPDATEs).
Undeliverable packets are handled there as well. Hence, I removed the
intrusive special handling for the case where the network stack reports
an error. This fixes the problem of overly long handovers. - 6089. By David Martin
-
Rename hip_hastate to hip_ha_state.
Changed are both the enum and the variables using it. This way it is more
conform with the naming in the rest of the codebase. - 6090. By David Martin
-
Move hip_state #defines into enum, use enum instead of int in functions.
Basically lots and lots of function parameters that needed rewriting.
Noteworthy change in hip_state_str() which does not use that weird
array construction anymore but a proper switch case and
lib/core/state.h where the defines have been moved into the enum. - 6091. By David Martin
-
Include lib/core/state.h where it's required in header files.
make checkheaders now makes no trouble no more.
- 6092. By Diego Biurrun
-
Remove stray duplicate license statement.
- 6093. By Diego Biurrun
-
Fix compilation errors in gcc 4.5/4.6 due to failed inlining with -Os.
Newer gcc versions fail to inline a few functions when optimizing for size.
Drop the inline keyword from these functions. In the case of hip_state_str()
this also required moving the function from a header file to a normal .c file. - 6094. By David Martin
-
Track connection state in firewall connection tracking.
Before, the state variable was only initially set but never
actually changed or used. This commit uses it to track the state
of the connection. For this reason three new states (R1-SENT,
U1-SENT, U2-SENT) are added which are only used by the firewall.State updates happen in the handle functions after successful
processing of the respective packets. - 6095. By David Martin
-
Cosmetics: remove superfluous parentheses in hip_purge_
closing_ ha(). - 6096. By David Martin
-
Fix recurring typo in lib/core/message.c doxygen documentation.
- 6097. By Diego Biurrun
-
Add missing semicolons after macro invocations.
- 6098. By Diego Biurrun
-
Drop pointless hip_ prefixes from static functions.
There is no point in prefixing static functions as there is no risk of
namespace collisions. Dropping the prefix reduces clutter. - 6099. By Diego Biurrun
-
Drop unnecessary end-of-line backslashes.
In many places lines end in backslashes, probably due to the wrong assumption
that a newline acts as an argument separator, which it does not in C. - 6100. By Diego Biurrun
-
firewall: Drop inline keyword from get_cache_index().
gcc 4.5.1 fails to inline that function when optimizing for size. Since gcc can
generally be trusted about inlining decisions, dropping the inline keyword and
letting the compiler decide about inlining appears to be the sensible choice. - 6101. By Diego Biurrun
-
cosmetics: adjust some accidentally introduced indentation messups
- 6102. By Diego Biurrun
-
firewall: K&R indentation cosmetics
- 6103. By Diego Biurrun
-
Drop trailing semicolons from macro declarations.
This is more consistent, most macro declarations do not end in semicolons,
and avoids issues with some automatic tools like uncrustify. - 6104. By Diego Biurrun
-
vimrc: improve whitespace highlighting
- 6105. By Miika Komu
-
Building and packaging for OpenSUSE
From Diego: I have a notebook that runs OpenSUSE, so I quickly ported
the packaging infrastructure. I'm not sure this is worth the future
maintenance burden, but I thought I might send it anyway. - 6106. By Miika Komu
-
Reverted revision 6105
I applied the patch incorrectly and the need for OpenSUSE build
instructions should be further discussed before applying. - 6107. By David Martin
-
Cosmetics: Fix some typos in documentation.
- 6108. By Diego Biurrun
-
packaging: port package building script to openSUSE
- 6109. By Diego Biurrun
-
INSTALL: Add list of required packages for OpenSUSE.
- 6110. By René Hummen
-
merge lp:~rene-hummen/hipl/logging
This merge updates the logging facilities of HIPL and adds a new log
level "LOW".Macros are now mapped to the debug levels as follows:
============== ======= ======= ======= ======
| NONE | DIE, ASSERT
-------------- ------- ------- ------- -------
| LOW | DIE, ASSERT, ERROR
-------------- ------- ------- ------- -------
| MEDIUM | DIE, ASSERT, ERROR, INFO
-------------- ------- ------- ------- -------
| ALL | DIE, ASSERT, ERROR, INFO, DEBUG
============== ======= ======= ======= ======= Also see merge proposal:
https://code.launchpad .net/~rene- hummen/ hipl/logging/ +merge/ 81065 - 6111. By Miika Komu
-
Fixed an annoyance in a maintainer script
From bug #795846: The "make syncrepo" target seems to unnecessarily copy also
old packages to the repository. Fixed by including the revision number also. - 6112. By David Martin
-
Cosmetics: Move comment in queue_packet() to where it belongs.
- 6113. By David Martin
-
Make hipconf_usage string static as it is local to lib/core/conf.c.
- 6114. By David Martin
-
Revert accidental hipl-daemon dependency change applied with rev. 6113.
- 6115. By Henrik Ziegeldorf
-
Fixed specification of return value of function fw_verify_
and_store_ host_id. The function returns 0 for valid packets, 1 if signature verification failed and -1 on other errors.
- 6116. By Henrik Ziegeldorf
-
Added asserts in function fw_verify_
and_store_ host_id. - 6117. By Henrik Ziegeldorf
-
replace fw_verify_packet with fw_verify_
and_store_ host_id for U2 and U3. - 6118. By Miika Komu
-
Relaxed uncrustify rules to allow #endif after a function body
The uncrustify configuration now allows #endif after closing of the
function body as follows:#ifdef SOMETHING
int foo(void) {
}
#endif /* SOMETHING */As a side effect, I believe this now allows the following violation
(which should be prohibited via manual inspection):int foo(void) {
}
int bar(void) {
} - 6119. By Miika Komu
-
Removed some empty lines between function bodies and #endif statements
The update to the crustify policy in revision 6118 removed the need to
have an empty line between the end of a function body (closing curly
bracket) and following #endif (if any present). I grepped the source
files for occurrences of this and adjusted according to the new policy. - 6120. By David Martin
-
Revert r6118: Relaxed uncrustify rules to allow #endif after a function body.
Setting the number of newlines after functions to 1 in uncrustify rules
enforces it for all functions. The effect: no more blank lines between
functions. This commit reverts the change. - 6121. By David Martin
-
Merge lp:~martin-lp/hipl/hipfwconf into trunk.
This merge updates the hipconf API and makes it possible to retrieve the
active connections from hipfw.Changes in the hipconf API:
- hipconf commands have to include the keyword 'daemon' or 'hipfw' to
address the respective process
- eg. 'hipconf get ha all' is now 'hipconf daemon get ha all'
- other than the daemon process keyword there are no changes to the
hipconf commands; config file syntax stays the same as well
- active connections from the firewall can be retrieved with
'hipconf firewall get ha all'Merge request:
https://code.launchpad .net/~martin- lp/hipl/ hipfwconf/ +merge/ 81612 - 6122. By Henrik Ziegeldorf
- 6123. By René Hummen
-
lp:~hipl-core/hipl/ecdsa-redhat with trunk
- 6124. By René Hummen
-
remove compile-time conditional for midauth and related code
This should satisfy the auto-builder.
NOTE: Midauth and PISA certificate handling was intertwined in the code
whereas it should really be separate. This separation is now
enforced by merging the midauth branches. However, PISA
functionality is still broken. This will be fixed by the upcoming
merge of the PISA branch. Until then, I have removed the conditional
code of PISA from the codebase. - 6125. By René Hummen
-
remove midauth compilation flag from the auto-builder
- 6126. By Miika Komu
-
Fixed most of "make check" compilation errors for Fedora.
A resolution for bug id #838116 was merged but "make check" and "make
"alltests" still failed to compile. This commit fixes most of them but
one is still left. - 6127. By Miika Komu
-
Fixed a problem with "make dist"
Three source files were missing from "make dist". I decided to move
them to EXTRA_DIST as a compromise because they were not compiled. I
assume that they are needed in the future. - 6128. By Miika Komu
-
Fixed a problem with ARM build
Autobuilder failed to build ARM binaries. I hope this commit fixes the
problem. I believe the problematic source file had also another
compilation issue with missing ifdefs, so I fixed it too.The error from the autobuilder was as follows:
branch: trunk
revision: 6127
configuration: Scratchbox ARM crosscompile
command: /opt/scratchbox/login -d hipl-[0-9.]* make deb
compiler output:./packaging/
create- package. sh deb
.....
test/firewall/midauth. c:220: warning:
'test_hipfw_midauth_ verify_ challenge_ NULL_ctx' defined but not used - 6129. By Miika Komu
-
Another fix to the ARM build
Arm build still failed:
..
test/firewall/midauth. c:289: error: 'test_hip_ challenge_ response_ opaque_ len' undeclared (first use in this function) I hope this is fixed in this commit. I also reduced one ifdef by moving a function in the same file.
- 6130. By Miika Komu
-
Bumped version number up
Release 1.0.6 was published, so bumped the version number up.
- 6131. By Diego Biurrun
-
build: Trigger build errors on Doxygen warnings.
- 6132. By Diego Biurrun
-
doxygen: exclude generated dir from list of source files in out-of-tree builds
- 6133. By Diego Biurrun
-
Revert previous commit for out-of-tree Doxygen builds; it was wrong.
During out-of-tree builds only directories in the actual build directory
should be ignored, not ones that happen to be in the source directory by
some unlucky coincidence. - 6134. By David Martin
-
Cosmetics: Fix some typos in documentation.
- 6135. By David Martin
-
Cosmetics: Complete documentation of hadb_init_entry().
- 6136. By David Martin
-
Add error handling for lmod init error to hadb_init_entry().
- 6137. By David Martin
-
Add error handling for HA initialization to hip_hadb_
create_ state() . - 6138. By Diego Biurrun
-
Do not ignore hipl-VERSION directories.
These directories are remnants from failed build processes and can cause
trouble at least for Doxygen building, so ignoring them is counterproductive. - 6139. By Diego Biurrun
-
Replace memset(0) calls by direct zero initializations.
- 6140. By Diego Biurrun
-
Remove unused sa_eid_t typedef.
- 6141. By Diego Biurrun
-
drop all obsolete patches and related documentation
The new baseline we require is CentOS 6. Older systems will no longer
be supported by adding patches and workarounds to HIPL. - 6142. By Diego Biurrun
-
build: drop workarounds for CentOS 5.5; the new required baseline is CentOS 6.
- 6143. By Diego Biurrun
-
Stop setting the PATH environment variable; also drop an outdated comment
This workaround was added for obsolete Fedora versions (9) and should no
longer be necessary. Besides, mucking with PATH is a bad idea. - 6144. By Miika Komu
-
A small improvement to maintainer script
tools/maintaine
r/sync- all was not obeying correct "make dist" directory
naming convention. This commit fixes this. - 6145. By Miika Komu
-
Fixed contradictory statements in the Makefile.am
According to Diego, tools/maintaine
r/sync- all was both included and
excluded in Makefile.am from "make dist". Removed the inclusion part. - 6146. By Diego Biurrun
-
sync-all: extract into current directory instead of subdir with version in name
This allows simplifying the script and the build system. Substituting the HIPL
version number into a script template is no longer necessary. - 6147. By Diego Biurrun
-
sync-all: drop bash-specific time measurement around execution loop
- 6148. By Diego Biurrun
-
sync-all: properly clean up before and after execution
- 6149. By Diego Biurrun
-
build: pass '-z muldefs' via -Wl option to the linker
This is the correct, or at least a more robust, way to pass options to the
linker when gcc is used as the linker frontend. This fixes a linking
failure on Maemo where the linker had trouble grokking that option otherwise.Idea initially suggested by Christoph Mroz.
- 6150. By Diego Biurrun
-
build: do not discard stdout during Doxygen documentation generation
Thanks to Samuel Richter for help with some shell trickery.
- 6151. By Diego Biurrun
-
Remove unused hip_set_
firewall_ status( ) prototype. - 6152. By Diego Biurrun
-
Replace redundant hip_get_
firewall_ status( ) by hip_firewall_ is_alive( ). - 6153. By Diego Biurrun
-
Consistently use "hipfw" in filenames for the HIPL firewall.
- 6154. By Diego Biurrun
-
Replace "hip_firewall_" function/variable prefixes by "hipfw_".
- 6155. By Diego Biurrun
-
Replace "HIP_" prefix in multiple inclusion guards by "HIPL_".
The name of the project is HIPL, HIP is just the protocol.
- 6156. By Diego Biurrun
-
rule_management: Drop stray @file Doxygen directive.
- 6157. By Diego Biurrun
-
Give consistent names to all configuration files used within HIPL:
firewall_conf ---> hipfw.conf
hip_cert.cnf ---> hip_cert.conf
hipd_config ---> hipd.conf
nsupdate.conf ---> nsupdate.conf
relay_config ---> relay.conf - 6158. By Henrik Ziegeldorf
-
Merged lp:~henrik-ziegeldorf/hipl/locator-type1-fix into trunk.
- 6159. By Miika Komu
-
A bug fix to opportunistic RVS re-registration
As reported in bug #894029, opportunistic re-registration fails. This
revision fixes the problem in a different way than suggested in the bug
id. Namely, the problem fixed directly at the client-side registration
code to minimize the impact of the changes.This bug fix complements bug id #592135 in the sense that now we have
workaround for both opportunistic and normal registrations. One design
criteria for this bug fix was to streamline with #592135, so that when
it is eventually solved, the code of this revision can also be removed.I have tested the code successfully with multiple consequtive opp. and
normal registrations. - 6160. By Miika Komu
-
A compilation fix to revision 6159
Code failed to build with --disable-rvs in revision 6159, fixed.
- 6161. By Miika Komu
-
Removed pointless parenthesis
As Diego noticed, revision 6159 introduces pointless parentheses around
one reference of a variable. Removed. - 6162. By Miika Komu
-
Fixed a suspicious condition in the registration code.
Christof Mroz noticed a no-op in revision 6159. This fixes the
condition to something more sensible. - 6163. By David Martin
-
Cosmetics: fix stray non-uncrustified lines in modules/
update/ hipd/update. c. - 6164. By Joakim Koskela <email address hidden>
-
A bug fix to "del server rvs" handling in hipconf
As reported in lp:894030, deleting of rvs should work also without HIT
(i.e. with opportunistic mode). This patch fixes the problem. - 6165. By Diego Biurrun
-
Move hip_id_type_match() to the only file it is used and fix the implementation.
- 6166. By Diego Biurrun
-
hostfiles: cleanup error and return value handling
Drop pointless variable indirections, eliminate HIP_IFELs and code duplication.
- 6167. By Diego Biurrun
-
hostsfiles: fix return argument doxy of hip_map_
id_to_ip_ from_hosts_ files() - 6168. By Diego Biurrun
-
HOWTO: Fix a bunch of spelling and wording errors; add more semantic markup.
- 6169. By Diego Biurrun
-
openwrt: use the same package names as for RPM/DEB packages
- 6170. By Diego Biurrun
-
doc: remove reference to non-existing prebuilt RPM packages
- 6171. By Diego Biurrun
-
rpm: Mention GPLv2 as license, not GPLv2 and MIT.
The latter will only confuse people and the license for all of HIPL is GPLv2.
- 6172. By Diego Biurrun
-
rpm: Add BASENAME to dnsproxy init.d file.
Without it, no name is printed when hipdnsproxy is started or stopped.
- 6173. By Diego Biurrun
-
rpm: Replace '%config /etc/rc.d/init.d' by the more correct %{_initddir}.
- 6174. By Diego Biurrun
-
rpm: Remove pointless "ExclusiveOS" and "Prefix" tags.
- 6175. By Diego Biurrun
-
rpm: Drop "--prefix=/usr --sysconfdir=/etc" from %configure macro invocation.
These options are added automatically by the RPM build process anyway.
- 6176. By Diego Biurrun
-
rpm: Do not strip binaries during Make run; rpm does this automatically.
- 6177. By Diego Biurrun
-
rpm: remove apparently unnecessary %defattr directives
Permissions are set correctly without them, so drop them for now at least.
- 6178. By Diego Biurrun
-
rpm: Do not start services by default to comply with Fedora packaging policy.
- 6179. By Diego Biurrun
-
rpm: Drop Packager tag to conform with Fedora policy.
A suitable value can be inferred from the local rpmbuild configuration.
- 6180. By Diego Biurrun
-
rpm: fix source URL at infrahip.hiit.fi
- 6181. By Diego Biurrun
-
rpm: add version information to Obsoletes tag
This fixes rpmlint warnings about unversioned-
explicit- obsoletes. - 6182. By David Martin
-
Fix logic errors of for_each_
hosts_file_ line() error handling in hostsfiles.c. Revision 6166 introduced some logic errors where return values where falsely
handled. This fixes it. - 6183. By David Martin
-
Cosmetics: Fix typo in handle_
retransmissions () code documentation. - 6184. By David Martin
-
Remove needless retransmission buffer sanity checks.
Memory for the retransmission buffer is always allocated when a
host association is set up in hip_hadb_init_entry( ). If the
allocation fails the creation of the respective HA fails as well.
Deallocation only happens during teardown of the HA in
hadb_delete_state() . As a consequence the sanity checks on the retransmission buffer
during packet handling are not necessary. Therefore get rid of them. - 6185. By Fahad Aizaz
-
HIP configuration files.
The following configuration files are part of HIP package:
1. hipd.conf
2. hosts
3. nsupdate.conf
4. relay.conf - 6186. By Fahad Aizaz
-
Stylecheck fix.
The stylecheck added a newline.
- 6187. By Fahad Aizaz
-
Neccessary changes to Debian package for HIP.
Creation of 'etc/hip/' path and placing the configuration files during
installation using the pre-build debian binaries. - 6188. By Fahad Aizaz
-
Removal of code for run-time generation of configuration files.
The code for creation of the following configuration files needs to be
removed:1. hipd.conf
2. hosts
3. nsupdate.conf
4. relay.conf - 6189. By Fahad Aizaz
-
RPM spec file update.
The 'hipl.spec' file is updated to place the configuration files at
the necessary path location during installation via RPM packages. - 6190. By Fahad Aizaz
-
Update to OpenWRT package.
Neccessary modification for handling the configuration files in
OpenWRT package. - 6191. By Fahad Aizaz
-
Update to HIP Makefile.am
Modifications to handle configuration file in Makefile.am.
- 6192. By Henrik Ziegeldorf
-
Merged branch lp:~henrik-ziegeldorf/hipl/locators-type0-fix
- 6193. By Henrik Ziegeldorf
-
Alphabetical order of includes.
- 6194. By Henrik Ziegeldorf
-
Act on error return values of registered packet handlers.
- 6195. By Fahad Aizaz
-
Merging branch lp:~fahad-aizaz/hipl/hipd-hipfw-conf
Removing runtime generation of hipfw configuration file. Thus the code
to generate hipfw.conf is removed from the HIP source. Instead a
default hipfw configuration file is included with HIP source.To distribute and install hipfw configuration file Makefile.am is
also modified. Similar modifications for distribution and installation
of hipfw configuration file for other distributions (Debian, RPM and
OpenWRT) are also incorporated. - 6196. By David Martin
-
Cosmetics: uncrustify modules/
update/ hipd/update. h. - 6197. By David Martin
-
Remove unused / broken update_state variables.
The update_state variables defined in state.h and update.h are initially
set but never changed. As a consequence update retransmission are currently
broken. Get rid of these variables as a fix is being developed
on a different branch.This commit does not change hipd behaviour.
- 6198. By David Martin
-
Drop pointless (time_t *) cast from handle_
retransmission( ). - 6199. By David Martin
-
Cosmetics: Remove pointless parentheses and comment in handle_
retransmission( ). - 6200. By Diego Biurrun
-
autobuild: Properly clean up Scratchbox and host Debian packaging.
- 6201. By Diego Biurrun
-
autobuild: Remove log.txt in case of error after mailing out its content.
- 6202. By Diego Biurrun
-
autobuild: Remove HIPL tarballs in OpenWrt download directory before building.
This should ensure that no old tarball is used if several are available after
a version bump. Also adjust tarball wildcard name for consistency. - 6203. By Diego Biurrun
-
openwrt: Create system configuration directory before installing files there.
- 6204. By Diego Biurrun
-
hipfw: remove some duplicate #defines
INDEX_HASH_FN and INDEX_HASH_LENGTH were being doubly defined in the same file.
- 6205. By Diego Biurrun
-
hadb: do not dereference a void* argument to derive memory size to set to zero
In file included from /usr/include/
string. h:643,
from hipd/hadb.c:64:
In function ‘memset’,
inlined from ‘lsi_assigned’ at hipd/hadb.c:1320,
inlined from ‘hip_generate_peer_lsi’ at hipd/hadb.c:1380:
/usr/include/bits/string3. h:86: error: call to __builtin_ __memset_ chk will always overflow destination buffer - 6206. By David Martin
-
Merge lp:~martin-lp/hipl/hipl_retransmissions into trunk.
This merge fixes and improves the currently partially broken retransmissions
in HIPL.In short:
- buffer up to three retransmissions in simple round-robin style
-> this does not affect regular management packets during BEX but makes it
possible to retransmit the locators of the second UPDATE packet- we remove buffered retransmission based on incoming packets from the peer
-> hip_update_retransmissions () in input.c takes care of that
-> for example an incoming R1 invalidates or acknowledges our buffered I1
retransmission
-> it's the same for UPDATE packets. incoming U2 invalidates buffered U1,
and U3 invalidates U2 respectively
-> the rationale: if we do not get a response from the peer we can assume our
or their packet was lost, so we retransmit. A received packet from the peer
acts as acknowledgment and we remove the retransmissions. For this reason
R2 and U3 packets do not get buffered for retransmission. Their
retransmission is triggered by the peers retransmission of I2 or U2
respectively.Merge proposal:
https://code.launchpad .net/~martin- lp/hipl/ hipl_retransmis sions/+ merge/87072 - 6207. By David Martin
-
Remove HIP_IFEL in hip_periodic_
maintenance( ), always return 0 on success. All the HIP_IFEL does is return an error value -> replace it with proper
return statements.
One semantic change is in case of more than zero open connections in
HIP_STATE_CLOSING. Previously the number of open connections was
returned even though the documentation states differently. Return
zero now in this case. - 6208. By Diego Biurrun
-
autobuild: Adjust doxygen check after recent changes to 'make doxygen'.
The check was discarding stdout, which is where doxygen warnings now appear.
- 6209. By Diego Biurrun
-
nsupdate.conf: delete trailing whitespace
- 6210. By Diego Biurrun
-
Update Doxygen of sa_entry_hash() / link_entry_hash() return value.
- 6211. By Diego Biurrun
-
cosmetics: Adjust some comment lengths and drop a trailing whitespace character.
- 6212. By Diego Biurrun
-
hipconf: Eliminate HIP_IFEL.
- 6213. By Diego Biurrun
-
Simplify logic in sa_entry_hash() / link_entry_hash() to drop some HIP_IFELs.
- 6214. By Diego Biurrun
-
Replace several instances of pointer type punning by proper union punning.
Fixes several warnings that appear without -fno-strict-
aliasing in CFLAGS like
hipd/hadb.c:133: error: dereferencing type-punned pointer will break strict-aliasing rules - 6215. By David Martin
-
Drop received I1 in state I1_SENT when peer HIT is greater.
As demanded in RFC 5201 table 3. This fixes a bug where it was not possible
to initiate a successful BEX on two machines with each other at the same time. - 6216. By Diego Biurrun
-
build: Show gcc warnings for strict aliasing violations.
Previously those warnings were suppressed, resulting in more issues being
added without anybody noticing. Now the warnings are shown without being
made into errors. Development can thus continue normally while the issue
remains on the radar and will hopefully be fixed eventually. - 6217. By Diego Biurrun
-
autobuild: Discard first line of output from "make doxygen".
The first line just consists of the command that Make invokes and should
not be considered error output. - 6218. By Diego Biurrun
-
hipfw: Use consistent name for ESP protection extension configuration file.
All other configuration files in HIPL use a .conf suffix.
- 6219. By Diego Biurrun
-
hipfw: Also install configuration file for ESP protection extension.
- 6220. By Diego Biurrun
-
esp_prot_config: Clean up error handling; eliminate HIP_IFEL.
- 6221. By Diego Biurrun
-
esp_prot_config: Drop pointless esp_prot_ prefix from static function.
- 6222. By Diego Biurrun
-
esp_prot_config: Drop redundant "_config" part of esp_prot_
config. conf name. - 6223. By Diego Biurrun
-
Remove leftover reference to removed HIPL_CONFIG_FILE_EX #define.
- 6224. By Diego Biurrun
-
Remove unnecessary NULL checks before freeaddrinfo().
- 6225. By Diego Biurrun
-
build: Move definition of config file names for hipd and hosts out of config.h.
This makes the handling of configuration file names consistent and simplifies
the build system. - 6226. By Diego Biurrun
-
nsupdate: Move nsupdate.pl and its config file to a separate directory.
Previously the nsupdate configuration file was in the hipd directory
where it did not belong. - 6227. By Diego Biurrun
-
conf: cosmetics - merge some lines, drop parentheses, whitespace
- 6228. By Diego Biurrun
-
hiprelay: Clean up error handling; drop some HIP_IFELs; fix Doxygen comments.
- 6229. By Diego Biurrun
-
Fix a bunch of typos.
- 6230. By Diego Biurrun
-
configfilereader: Move some code and documentation from the .h to the .c file.
The moved #defines are only used in the .c file and thus belong there.
The large Doxygen documentation block is also more at home in the .c file
where the bulk of the rest of the Doxygen documentation is. - 6231. By Diego Biurrun
-
certtools: Clean up error handling; eliminate some HIP_IFELs; whitespace.
- 6232. By Diego Biurrun
-
certtools: Refactor configuration file opening/reading.
Do not load a configuration file again when reading sections, hip_cert_open()
takes care of that already. Also amend Doxygen documentation to match. - 6233. By Miika Komu
-
Updated manual.
Added a note to the manual that AppArmor works well with HIPL (where as
SElinux is problematic). - 6234. By Diego Biurrun
-
certtools: Refactor configuration file reading functions.
Add a filename parameter to the open function to allow reading arbitrary
configuration files, drop the "cert" from the name as the functions are
general and not just useful for reading certificate configuration files. - 6235. By Diego Biurrun
-
Merge lp:~diego-biurrun/hipl/dead_code into lp:hipl
Eliminate some dead code from HIPL.
- 6236. By Diego Biurrun
-
openwrt: No longer add -lz to LIBS in configure run.
This was a workaround for some weird issue that no longer occurs in the
OpenWrt version we now use. HIPL itself does not use zlib anywhere. - 6237. By Diego Biurrun
-
openwrt: Remove file with list of modules to load for hipd/hipfw at startup.
Adding such a file to /etc/modules.d is not the correct way to have kernel
modules loaded in OpenWrt, there should be package dependencies on the relevant
kernel modules instead. - 6238. By Diego Biurrun
-
openwrt: Run 'make install' instead of 'make install-strip'.
No other packages do this as part of the OpenWrt build process, so let us
rely on OpenWrt as well to strip binaries for us if deemed appropriate. - 6239. By Diego Biurrun
-
openwrt: Drop redundant --sysconfdir from configure command line.
OpenWrt already adds --sysconfdir, so no need to repeat it.
- 6240. By Diego Biurrun
-
openwrt: Eliminate hipl-common package clutch.
The hipl-common package served no purpose apart from collecting dependencies
shared between the hipd and hipfw packages, but no longer contained any files.
Sharing settings is better achieved by declaring package defaults. - 6241. By Diego Biurrun
-
openwrt: Merge two make invocations during package compilation phase.
- 6242. By Miika Komu
-
Uncrustifying code
bzr hooks caught a number of slipped files with coding policy
violations. Crustified only the files that were a problem on one
branch; there's probably more to solve. - 6243. By Miika Komu
-
Uncrustified code
Cleaned up the code base as tipped by Diego:
find . -name \*.[ch] | xargs uncrustify -c .uncrustify-
0.57.cfg --no-backup --replace - 6244. By Miika Komu
-
Updated HACKING on uncrustifying
Added an example on how to uncrustify the code manually according to
the tip from Diego. - 6245. By Diego Biurrun
-
uncrustify: Explicitly mark OpenSSL STACK_OF type wrapper macro as such.
Otherwise uncrustify misinterprets pointer declarations involving STACK_OF
as multiplications and does not format the code in K&R style. - 6246. By Diego Biurrun
-
cosmetics: K&R formatting from the freshly improved uncrustify configuration
- 6247. By Diego Biurrun
-
cosmetics: Drop some unnecessary end of line backslashes from shell commands.
- 6248. By Stefan Götz
-
Remove support for call-back functions to be invoked when adding or removing
a local host identity from the HIDB. This functionality was not used. - 6249. By Stefan Götz
-
From hip_local_
hostid_ db(), remove the 'db' argument because the only
database this function was ever used on was the HIDB. - 6250. By Stefan Götz
-
From hip_get_
host_id_ and_priv_ key(), remove the 'db' parameter because the
function was only ever invoked on the HIDB. - 6251. By Stefan Götz
-
Remove the function hip_return_
first_rsa( ) because it can be trivially replaced
with a call to the existing hip_get_hostid_ entry_by_ lhi_and_ algo() function. - 6252. By Stefan Götz
-
Replace the macro HIP_DB_LOCAL_HID with its expansion hip_local_hostid_db
- 6253. By Stefan Götz
-
Remove the HIP_DB_LOCAL_HID macro because it is unused.
Remove the external declaration of hip_local_hostid_db because it is not
accessed and required outside the HIDB implementation. - 6254. By Stefan Götz
-
Remove the public declarations of hip_hidb_hash() and hip_hidb_match() because
they are not used outside the HIDB implementation itself. - 6255. By Stefan Götz
-
Remove unused #include statements from hipd/hidb.h
Add #include "lib/core/list.h" statements in files that were missing them. - 6256. By Stefan Götz
-
Remove the hashtable/database parameters from all internal HIDB functions
because all functions operate on the global HIDB anyway.
Adapt all callers accordingly. - 6257. By Stefan Götz
-
Fix grammar in documentation (cf. https:/
/code.launchpad .net/~stefan. goetz/hipl/ hidb-db/ +merge/ 61832/comments/ 137513/) - 6258. By Stefan Götz
-
Fix const correctness in function arguments (cf. https:/
/code.launchpad .net/~stefan. goetz/hipl/ hidb-db/ +merge/ 61832/comments/ 137513) - 6259. By Stefan Götz
-
Remove authorship attribution
Unmerged revisions
Preview Diff
1 | === modified file 'hipd/cert.c' |
2 | --- hipd/cert.c 2012-01-14 15:29:47 +0000 |
3 | +++ hipd/cert.c 2012-01-17 08:56:30 +0000 |
4 | @@ -1,5 +1,5 @@ |
5 | /* |
6 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
7 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
8 | * |
9 | * Permission is hereby granted, free of charge, to any person |
10 | * obtaining a copy of this software and associated documentation |
11 | @@ -104,8 +104,10 @@ |
12 | |
13 | HIP_DEBUG_HIT("Getting keys for HIT", &cert->issuer_hit); |
14 | |
15 | - HIP_IFEL(hip_get_host_id_and_priv_key(hip_local_hostid_db, &cert->issuer_hit, |
16 | - HIP_ANY_ALGO, &host_id, (void **) &rsa), |
17 | + HIP_IFEL(hip_get_host_id_and_priv_key(&cert->issuer_hit, |
18 | + HIP_ANY_ALGO, |
19 | + &host_id, |
20 | + (void **) &rsa), |
21 | -1, "Private key not found\n"); |
22 | |
23 | algo = host_id->rdata.algorithm; |
24 | @@ -802,8 +804,10 @@ |
25 | |
26 | HIP_DEBUG("Getting the key\n"); |
27 | |
28 | - HIP_IFEL(hip_get_host_id_and_priv_key(hip_local_hostid_db, issuer_hit_n, |
29 | - HIP_ANY_ALGO, &host_id, (void *) &rsa), |
30 | + HIP_IFEL(hip_get_host_id_and_priv_key(issuer_hit_n, |
31 | + HIP_ANY_ALGO, |
32 | + &host_id, |
33 | + (void *) &rsa), |
34 | -1, "Private key not found\n"); |
35 | |
36 | algo = host_id->rdata.algorithm; |
37 | |
38 | === modified file 'hipd/cookie.c' |
39 | --- hipd/cookie.c 2012-01-06 13:19:09 +0000 |
40 | +++ hipd/cookie.c 2012-01-17 08:56:30 +0000 |
41 | @@ -1,5 +1,5 @@ |
42 | /* |
43 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
44 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
45 | * |
46 | * Permission is hereby granted, free of charge, to any person |
47 | * obtaining a copy of this software and associated documentation |
48 | @@ -196,8 +196,7 @@ |
49 | int idx, len; |
50 | |
51 | /* Find the proper R1 table and copy the R1 message from the table */ |
52 | - HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
53 | - our_hit, HIP_ANY_ALGO, -1)), |
54 | + HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(our_hit, HIP_ANY_ALGO, -1)), |
55 | NULL, "Unknown HIT\n"); |
56 | |
57 | hip_r1table = hid->r1; |
58 | @@ -280,8 +279,7 @@ |
59 | int err = 0; |
60 | |
61 | /* Find the proper R1 table */ |
62 | - HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
63 | - &hdr->hitr, |
64 | + HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(&hdr->hitr, |
65 | HIP_ANY_ALGO, |
66 | -1)), |
67 | -1, "Requested source HIT not (any more) available.\n"); |
68 | |
69 | === modified file 'hipd/hadb.c' |
70 | --- hipd/hadb.c 2011-12-30 23:20:44 +0000 |
71 | +++ hipd/hadb.c 2012-01-17 08:56:30 +0000 |
72 | @@ -1,5 +1,5 @@ |
73 | /* |
74 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
75 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
76 | * |
77 | * Permission is hereby granted, free of charge, to any person |
78 | * obtaining a copy of this software and associated documentation |
79 | @@ -274,8 +274,8 @@ |
80 | * A call-back function for finding a host association between a given peer HIT |
81 | * and any of the iteratively provided local HIs. |
82 | * |
83 | - * @param lhi Points to a local_host_id object from which contains the |
84 | - * local HIT of the HA to find. |
85 | + * @param lhi Points to a local_host_id object which contains the local HIT |
86 | + * of the HA to find. |
87 | * @param context Points to a ha_pattern object which contains the peer HIT of |
88 | * the HA to find and where the result is stored if a HA is |
89 | * found. |
90 | @@ -972,20 +972,17 @@ |
91 | * Note, that hip_get_host_id() allocates a new buffer and this buffer |
92 | * must be freed in out_err if an error occurs. */ |
93 | |
94 | - if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
95 | - hit_our, |
96 | + if (!hip_get_host_id_and_priv_key(hit_our, |
97 | HIP_HI_RSA, |
98 | &entry->our_pub, |
99 | &entry->our_priv_key)) { |
100 | HIP_DEBUG("Found RSA host identity\n"); |
101 | - } else if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
102 | - hit_our, |
103 | + } else if (!hip_get_host_id_and_priv_key(hit_our, |
104 | HIP_HI_DSA, |
105 | &entry->our_pub, |
106 | &entry->our_priv_key)) { |
107 | HIP_DEBUG("Found DSA host identity\n"); |
108 | - } else if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
109 | - hit_our, |
110 | + } else if (!hip_get_host_id_and_priv_key(hit_our, |
111 | HIP_HI_ECDSA, |
112 | &entry->our_pub, |
113 | &entry->our_priv_key)) { |
114 | |
115 | === modified file 'hipd/hidb.c' |
116 | --- hipd/hidb.c 2011-12-30 23:20:44 +0000 |
117 | +++ hipd/hidb.c 2012-01-17 08:56:30 +0000 |
118 | @@ -1,5 +1,5 @@ |
119 | /* |
120 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
121 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
122 | * |
123 | * Permission is hereby granted, free of charge, to any person |
124 | * obtaining a copy of this software and associated documentation |
125 | @@ -46,6 +46,7 @@ |
126 | #include "lib/core/hostid.h" |
127 | #include "lib/core/hit.h" |
128 | #include "lib/core/ife.h" |
129 | +#include "lib/core/list.h" |
130 | #include "lib/core/prefix.h" |
131 | #include "lib/core/protodefs.h" |
132 | #include "lib/core/straddr.h" |
133 | @@ -223,7 +224,7 @@ |
134 | * @param ptr a pointer to a local_host_id structure |
135 | * @return the calculated hash value |
136 | */ |
137 | -unsigned long hip_hidb_hash(const void *ptr) |
138 | +static unsigned long hip_hidb_hash(const void *ptr) |
139 | { |
140 | const hip_hit_t *hit = &((const struct local_host_id *) ptr)->hit; |
141 | union { |
142 | @@ -249,7 +250,7 @@ |
143 | * @param ptr2 a pointer to local_host_id |
144 | * @return zero on match or non-zero on unmatch |
145 | */ |
146 | -int hip_hidb_match(const void *ptr1, const void *ptr2) |
147 | +static int hip_hidb_match(const void *const ptr1, const void *const ptr2) |
148 | { |
149 | const hip_hit_t *hit1 = &((const struct local_host_id *) ptr1)->hit; |
150 | const hip_hit_t *hit2 = &((const struct local_host_id *) ptr2)->hit; |
151 | @@ -268,26 +269,19 @@ |
152 | * Deletes the given HI (network byte order) from the database. Matches HIs |
153 | * based on the HIT. |
154 | * |
155 | - * @param db database from which to delete. |
156 | * @param hit the HIT to be deleted from the database. |
157 | * @return zero on success, otherwise negative. |
158 | */ |
159 | -static int del_host_id(HIP_HASHTABLE *db, hip_hit_t hit) |
160 | +static int del_host_id(hip_hit_t hit) |
161 | { |
162 | struct local_host_id *id = NULL; |
163 | |
164 | - id = hip_get_hostid_entry_by_lhi_and_algo(db, &hit, HIP_ANY_ALGO, -1); |
165 | + id = hip_get_hostid_entry_by_lhi_and_algo(&hit, HIP_ANY_ALGO, -1); |
166 | if (id == NULL) { |
167 | HIP_ERROR("hit not found\n"); |
168 | return -ENOENT; |
169 | } |
170 | |
171 | - /* Call the handler to execute whatever required after the |
172 | - * host id is no more in the database */ |
173 | - if (id->remove) { |
174 | - id->remove(id, &id->arg); |
175 | - } |
176 | - |
177 | switch (hip_get_host_id_algo(&id->host_id)) { |
178 | case HIP_HI_RSA: |
179 | RSA_free(id->private_key); |
180 | @@ -304,7 +298,7 @@ |
181 | HIP_ERROR("Cannot free key because key type is unknown.\n"); |
182 | } |
183 | |
184 | - list_del(id, db); |
185 | + list_del(id, hip_local_hostid_db); |
186 | free(id); |
187 | id = NULL; |
188 | |
189 | @@ -315,25 +309,23 @@ |
190 | * Uninitializes local/peer Host Id table. All elements of the @c db are |
191 | * deleted. Since local and peer host id databases include dynamically allocated |
192 | * host_id element, it is also freed. |
193 | - * |
194 | - * @param db database structure to delete. |
195 | */ |
196 | -static void uninit_hostid_db(HIP_HASHTABLE *db) |
197 | +static void uninit_hostid_db(void) |
198 | { |
199 | LHASH_NODE *curr, *iter; |
200 | struct local_host_id *tmp; |
201 | int count; |
202 | |
203 | - list_for_each_safe(curr, iter, db, count) { |
204 | + list_for_each_safe(curr, iter, hip_local_hostid_db, count) { |
205 | hip_hit_t hit; |
206 | |
207 | tmp = list_entry(curr); |
208 | |
209 | memcpy(&hit, &tmp->hit, sizeof(hit)); |
210 | - del_host_id(db, hit); |
211 | + del_host_id(hit); |
212 | } |
213 | |
214 | - hip_ht_uninit(db); |
215 | + hip_ht_uninit(hip_local_hostid_db); |
216 | } |
217 | |
218 | /** |
219 | @@ -342,22 +334,19 @@ |
220 | * If @c hit is NULL, finds the first used host id. |
221 | * If algo is HIP_ANY_ALGO, ignore algore comparison. |
222 | * |
223 | - * @param db database to be searched. Usually either HIP_DB_PEER_HID or |
224 | - * HIP_DB_LOCAL_HID |
225 | * @param hit the local host id to be searched |
226 | * @param anon -1 if you don't care, 1 if anon, 0 if public |
227 | * @param algo the algorithm |
228 | * @return NULL, if failed or non-NULL if succeeded. |
229 | */ |
230 | -struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(HIP_HASHTABLE *db, |
231 | - const struct in6_addr *hit, |
232 | - int algo, |
233 | - int anon) |
234 | +struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(const struct in6_addr *const hit, |
235 | + const int algo, |
236 | + const int anon) |
237 | { |
238 | struct local_host_id *id_entry; |
239 | LHASH_NODE *item; |
240 | int c; |
241 | - list_for_each(item, db, c) { |
242 | + list_for_each(item, hip_local_hostid_db, c) { |
243 | id_entry = list_entry(item); |
244 | |
245 | if ((hit == NULL || !ipv6_addr_cmp(&id_entry->hit, hit)) && |
246 | @@ -379,8 +368,7 @@ |
247 | */ |
248 | int hip_hidb_hit_is_our(const hip_hit_t *our) |
249 | { |
250 | - return hip_get_hostid_entry_by_lhi_and_algo(hip_local_hostid_db, our, |
251 | - HIP_ANY_ALGO, -1) != NULL; |
252 | + return hip_get_hostid_entry_by_lhi_and_algo(our, HIP_ANY_ALGO, -1) != NULL; |
253 | } |
254 | |
255 | /** |
256 | @@ -409,11 +397,10 @@ |
257 | /** |
258 | * Assign a free LSI to a host id entry |
259 | * |
260 | - * @param db database structure |
261 | * @param id_entry contains an entry to the db, will contain an unsigned lsi |
262 | * @return zero on success, or negative error value on failure. |
263 | */ |
264 | -static int hidb_add_lsi(HIP_HASHTABLE *db, struct local_host_id *id_entry) |
265 | +static int hidb_add_lsi(struct local_host_id *id_entry) |
266 | { |
267 | struct local_host_id *id_entry_aux; |
268 | LHASH_NODE *item; |
269 | @@ -425,7 +412,7 @@ |
270 | inet_aton(lsi_addresses[i], &lsi_aux); |
271 | used_lsi = 0; |
272 | |
273 | - list_for_each(item, db, c) { |
274 | + list_for_each(item, hip_local_hostid_db, c) { |
275 | id_entry_aux = list_entry(item); |
276 | if (hip_lsi_are_equal(&lsi_aux, &id_entry_aux->lsi)) { |
277 | used_lsi = 1; |
278 | @@ -463,28 +450,23 @@ |
279 | */ |
280 | void hip_uninit_host_id_dbs(void) |
281 | { |
282 | - uninit_hostid_db(hip_local_hostid_db); |
283 | + uninit_hostid_db(); |
284 | } |
285 | |
286 | /** |
287 | * Adds the given HI into the database. Checks for duplicates. If one is found, |
288 | * the current HI is @b NOT stored. |
289 | * |
290 | - * @param db database structure. |
291 | * @param hit HIT |
292 | * @param anon whether the host ID is anonymous or not |
293 | + * @param lsi the LSI |
294 | * @param host_id HI |
295 | - * @param add the handler to call right after the host id is added |
296 | - * @param del the handler to call right before the host id is removed |
297 | - * @param arg argument passed for the handlers |
298 | - * @param lsi the LSI |
299 | * @return 0 on success, otherwise an negative error value is returned. |
300 | */ |
301 | -static int add_host_id(HIP_HASHTABLE *db, const hip_hit_t hit, bool anon, |
302 | - hip_lsi_t *lsi, const struct hip_host_id_priv *host_id, |
303 | - int (*add)(struct local_host_id *, void **arg), |
304 | - int (*del)(struct local_host_id *, void **arg), |
305 | - void *arg) |
306 | +static int add_host_id(const hip_hit_t hit, |
307 | + bool anon, |
308 | + hip_lsi_t *lsi, |
309 | + const struct hip_host_id_priv *host_id) |
310 | { |
311 | int err = 0; |
312 | struct local_host_id *id_entry = NULL; |
313 | @@ -498,8 +480,7 @@ |
314 | id_entry->anonymous = anon; |
315 | |
316 | /* check for duplicates */ |
317 | - old_entry = hip_get_hostid_entry_by_lhi_and_algo(db, &hit, |
318 | - HIP_ANY_ALGO, -1); |
319 | + old_entry = hip_get_hostid_entry_by_lhi_and_algo(&hit, HIP_ANY_ALGO, -1); |
320 | if (old_entry != NULL) { |
321 | HIP_ERROR("Trying to add duplicate local host ID\n"); |
322 | err = -EEXIST; |
323 | @@ -507,14 +488,11 @@ |
324 | } |
325 | |
326 | /* assign a free lsi address */ |
327 | - HIP_IFEL(hidb_add_lsi(db, id_entry) < 0, -EEXIST, "No LSI free\n"); |
328 | + HIP_IFEL(hidb_add_lsi(id_entry) < 0, -EEXIST, "No LSI free\n"); |
329 | |
330 | memcpy(lsi, &id_entry->lsi, sizeof(hip_lsi_t)); |
331 | - id_entry->insert = add; |
332 | - id_entry->remove = del; |
333 | - id_entry->arg = arg; |
334 | |
335 | - list_add(id_entry, db); |
336 | + list_add(id_entry, hip_local_hostid_db); |
337 | |
338 | switch (hip_get_host_id_algo((const struct hip_host_id *) host_id)) { |
339 | case HIP_HI_RSA: |
340 | @@ -560,12 +538,6 @@ |
341 | -ENOENT, |
342 | "Unable to precreate R1s.\n"); |
343 | |
344 | - /* Called while the database is locked, perhaps not the best |
345 | - * option but HIs are not added often */ |
346 | - if (add) { |
347 | - add(id_entry, &arg); |
348 | - } |
349 | - |
350 | out_err: |
351 | if (err && id_entry) { |
352 | switch (hip_get_host_id_algo(&id_entry->host_id)) { |
353 | @@ -639,8 +611,7 @@ |
354 | |
355 | anonymous = (eid_endpoint->endpoint.flags & HIP_ENDPOINT_FLAG_ANON); |
356 | |
357 | - err = add_host_id(HIP_DB_LOCAL_HID, hit, anonymous, &lsi, |
358 | - host_identity, NULL, NULL, NULL); |
359 | + err = add_host_id(hit, anonymous, &lsi, host_identity); |
360 | |
361 | /* Currently only RSA pub is added by default (bug id 592127). |
362 | * Ignore redundant adding in case user wants to enable |
363 | @@ -699,7 +670,7 @@ |
364 | hip_in6_ntop(hit, buf); |
365 | HIP_INFO("del HIT: %s\n", buf); |
366 | |
367 | - if ((err = del_host_id(HIP_DB_LOCAL_HID, *hit))) { |
368 | + if ((err = del_host_id(*hit))) { |
369 | HIP_ERROR("deleting of local host identity failed\n"); |
370 | return err; |
371 | } |
372 | @@ -723,8 +694,7 @@ |
373 | { |
374 | struct local_host_id *entry; |
375 | |
376 | - entry = hip_get_hostid_entry_by_lhi_and_algo(hip_local_hostid_db, |
377 | - NULL, algo, anon); |
378 | + entry = hip_get_hostid_entry_by_lhi_and_algo(NULL, algo, anon); |
379 | if (!entry) { |
380 | return -ENOENT; |
381 | } |
382 | @@ -787,18 +757,16 @@ |
383 | /** |
384 | * find the local host identifier corresponding to the local LSI |
385 | * |
386 | - * @param db the local host identifier database to be searched for |
387 | * @param lsi the local LSI to be matched |
388 | * @return the local host identifier structure |
389 | */ |
390 | -static struct local_host_id *hidb_get_entry_by_lsi(HIP_HASHTABLE *db, |
391 | - const struct in_addr *lsi) |
392 | +static struct local_host_id *hidb_get_entry_by_lsi(const struct in_addr *lsi) |
393 | { |
394 | struct local_host_id *id_entry; |
395 | LHASH_NODE *item; |
396 | int c; |
397 | |
398 | - list_for_each(item, db, c) { |
399 | + list_for_each(item, hip_local_hostid_db, c) { |
400 | id_entry = list_entry(item); |
401 | if (!ipv4_addr_cmp(&id_entry->lsi, lsi)) { |
402 | return id_entry; |
403 | @@ -826,14 +794,13 @@ |
404 | return -1; |
405 | } |
406 | if (ipv4_addr_cmp(&aux_lsi, default_lsi)) { |
407 | - if (!(tmp1 = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
408 | - default_hit, |
409 | + if (!(tmp1 = hip_get_hostid_entry_by_lhi_and_algo(default_hit, |
410 | HIP_ANY_ALGO, |
411 | -1))) { |
412 | HIP_ERROR("Default hit not found in hidb\n"); |
413 | return -1; |
414 | } |
415 | - if (!(tmp2 = hidb_get_entry_by_lsi(HIP_DB_LOCAL_HID, default_lsi))) { |
416 | + if (!(tmp2 = hidb_get_entry_by_lsi(default_lsi))) { |
417 | HIP_ERROR("Default lsi not found in hidb\n"); |
418 | return -1; |
419 | } |
420 | @@ -848,20 +815,21 @@ |
421 | /** |
422 | * find a host identifier from the database |
423 | * |
424 | - * @param db the host identifier databased |
425 | * @param hit the HIT to be searched for |
426 | * @param algo the algorithm for the HI |
427 | * @param host_id A copy of the host is stored here. Caller deallocates. |
428 | * @param key a pointer to the private key (caller should not deallocate) |
429 | * @return zero on success or negative on error |
430 | */ |
431 | -int hip_get_host_id_and_priv_key(HIP_HASHTABLE *db, struct in6_addr *hit, |
432 | - int algo, struct hip_host_id **host_id, void **key) |
433 | +int hip_get_host_id_and_priv_key(struct in6_addr *hit, |
434 | + int algo, |
435 | + struct hip_host_id **host_id, |
436 | + void **key) |
437 | { |
438 | int host_id_len; |
439 | struct local_host_id *entry = NULL; |
440 | |
441 | - entry = hip_get_hostid_entry_by_lhi_and_algo(db, hit, algo, -1); |
442 | + entry = hip_get_hostid_entry_by_lhi_and_algo(hit, algo, -1); |
443 | if (!entry) { |
444 | return -1; |
445 | } |
446 | |
447 | === modified file 'hipd/hidb.h' |
448 | --- hipd/hidb.h 2011-11-25 17:56:24 +0000 |
449 | +++ hipd/hidb.h 2012-01-17 08:56:30 +0000 |
450 | @@ -1,5 +1,5 @@ |
451 | /* |
452 | - * Copyright (c) 2010 Aalto University and RWTH Aachen University. |
453 | + * Copyright (c) 2010,2012 Aalto University and RWTH Aachen University. |
454 | * |
455 | * Permission is hereby granted, free of charge, to any person |
456 | * obtaining a copy of this software and associated documentation |
457 | @@ -26,12 +26,15 @@ |
458 | #ifndef HIPL_HIPD_HIDB_H |
459 | #define HIPL_HIPD_HIDB_H |
460 | |
461 | +/** |
462 | + * @file |
463 | + * Public interface for the HIDB, the database of local host identities (LHIs), |
464 | + * i.e., all the HIP identities known for the local host. |
465 | + */ |
466 | + |
467 | #include <stdbool.h> |
468 | #include <netinet/in.h> |
469 | -#include <openssl/lhash.h> |
470 | |
471 | -#include "lib/core/hashtable.h" |
472 | -#include "lib/core/list.h" |
473 | #include "lib/core/protodefs.h" |
474 | #include "cookie.h" |
475 | |
476 | @@ -43,24 +46,14 @@ |
477 | struct hip_host_id host_id; |
478 | void *private_key; /* RSA or DSA */ |
479 | struct hip_r1entry r1[HIP_R1TABLESIZE]; /* precreated R1s */ |
480 | - /* Handler to call after insert with an argument, return 0 if OK*/ |
481 | - int (*insert)(struct local_host_id *, void **arg); |
482 | - /* Handler to call before remove with an argument, return 0 if OK*/ |
483 | - int (*remove)(struct local_host_id *, void **arg); |
484 | - void *arg; |
485 | }; |
486 | |
487 | -/* Use this to point your target while accessing a database */ |
488 | -#define HIP_DB_LOCAL_HID (hip_local_hostid_db) |
489 | - |
490 | -/* ... and not this! */ |
491 | -extern HIP_HASHTABLE *hip_local_hostid_db; |
492 | - |
493 | -struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(HIP_HASHTABLE *db, |
494 | - const struct in6_addr *hit, |
495 | - int algo, int anon); |
496 | -int hip_get_host_id_and_priv_key(HIP_HASHTABLE *db, struct in6_addr *hit, |
497 | - int algo, struct hip_host_id **host_id, void **key); |
498 | +struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(const struct in6_addr *const hit, |
499 | + const int algo, const int anon); |
500 | +int hip_get_host_id_and_priv_key(struct in6_addr *hit, |
501 | + int algo, |
502 | + struct hip_host_id **host_id, |
503 | + void **key); |
504 | |
505 | void hip_uninit_host_id_dbs(void); |
506 | |
507 | @@ -77,8 +70,6 @@ |
508 | /* existence */ |
509 | int hip_hidb_hit_is_our(const hip_hit_t *src); |
510 | |
511 | -unsigned long hip_hidb_hash(const void *ptr); |
512 | -int hip_hidb_match(const void *ptr1, const void *ptr2); |
513 | void hip_init_hostid_db(void); |
514 | int hip_get_default_hit(struct in6_addr *hit); |
515 | int hip_get_default_hit_msg(struct hip_common *msg); |
516 | |
517 | === modified file 'hipd/init.c' |
518 | --- hipd/init.c 2011-12-13 13:50:53 +0000 |
519 | +++ hipd/init.c 2012-01-17 08:56:30 +0000 |
520 | @@ -1,5 +1,5 @@ |
521 | /* |
522 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
523 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
524 | * |
525 | * Permission is hereby granted, free of charge, to any person |
526 | * obtaining a copy of this software and associated documentation |
527 | @@ -28,6 +28,7 @@ |
528 | * This file defines initialization functions for the HIP daemon. |
529 | * |
530 | * @note HIPU: BSD platform needs to be autodetected in hip_set_lowcapability |
531 | + * @author Stefan Götz <stefan.goetz@web.de> |
532 | */ |
533 | |
534 | #define _BSD_SOURCE |
535 | @@ -373,36 +374,6 @@ |
536 | } |
537 | |
538 | /** |
539 | - * find the first RSA-based host id |
540 | - * |
541 | - * @return the host id or NULL if none found |
542 | - */ |
543 | -static struct local_host_id *return_first_rsa(void) |
544 | -{ |
545 | - LHASH_NODE *curr, *iter; |
546 | - struct local_host_id *tmp = NULL; |
547 | - int c; |
548 | - uint16_t algo = 0; |
549 | - |
550 | - list_for_each_safe(curr, iter, hip_local_hostid_db, c) { |
551 | - tmp = list_entry(curr); |
552 | - HIP_DEBUG_HIT("Found HIT", &tmp->hit); |
553 | - algo = hip_get_host_id_algo(&tmp->host_id); |
554 | - HIP_DEBUG("hits algo %d HIP_HI_RSA = %d\n", |
555 | - algo, HIP_HI_RSA); |
556 | - if (algo == HIP_HI_RSA) { |
557 | - goto out_err; |
558 | - } |
559 | - } |
560 | - |
561 | -out_err: |
562 | - if (algo == HIP_HI_RSA) { |
563 | - return tmp; |
564 | - } |
565 | - return NULL; |
566 | -} |
567 | - |
568 | -/** |
569 | * Initialize local host IDs. |
570 | * |
571 | * @return zero on success or negative on failure |
572 | @@ -489,7 +460,7 @@ |
573 | HIP_DEBUG("Configuration file did NOT exist creating it and " |
574 | "filling it with default information\n"); |
575 | /* Fetch the first RSA HIT */ |
576 | - entry = return_first_rsa(); |
577 | + entry = hip_get_hostid_entry_by_lhi_and_algo(NULL, HIP_HI_RSA, -1); |
578 | if (entry == NULL) { |
579 | HIP_DEBUG("Failed to get the first RSA HI"); |
580 | goto out_err; |
581 | |
582 | === modified file 'hipd/output.c' |
583 | --- hipd/output.c 2011-12-29 10:00:51 +0000 |
584 | +++ hipd/output.c 2012-01-17 08:56:30 +0000 |
585 | @@ -1,5 +1,5 @@ |
586 | /* |
587 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
588 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
589 | * |
590 | * Permission is hereby granted, free of charge, to any person |
591 | * obtaining a copy of this software and associated documentation |
592 | @@ -453,8 +453,7 @@ |
593 | /* add host id in plaintext without encrypted wrapper */ |
594 | /* Parameter HOST_ID. Notice that hip_get_public_key overwrites |
595 | * the argument pointer, so we have to allocate some extra memory */ |
596 | - HIP_IFEL(!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
597 | - &ctx->input_msg->hitr, |
598 | + HIP_IFEL(!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(&ctx->input_msg->hitr, |
599 | HIP_ANY_ALGO, |
600 | -1)), |
601 | -1, "Unknown HIT\n"); |
602 | |
603 | === modified file 'modules/midauth/hipd/midauth.c' |
604 | --- modules/midauth/hipd/midauth.c 2011-10-17 15:22:35 +0000 |
605 | +++ modules/midauth/hipd/midauth.c 2012-01-17 08:56:30 +0000 |
606 | @@ -1,5 +1,5 @@ |
607 | /* |
608 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
609 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
610 | * |
611 | * Permission is hereby granted, free of charge, to any person |
612 | * obtaining a copy of this software and associated documentation |
613 | @@ -125,8 +125,7 @@ |
614 | // add HOST_ID to packets containing a CHALLENGE_RESPONSE |
615 | if (challenge_request) { |
616 | const struct local_host_id *const host_id_entry = |
617 | - hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
618 | - &ctx->input_msg->hitr, |
619 | + hip_get_hostid_entry_by_lhi_and_algo(&ctx->input_msg->hitr, |
620 | HIP_ANY_ALGO, |
621 | -1); |
622 | if (!host_id_entry) { |
623 | |
624 | === modified file 'modules/update/hipd/update.c' |
625 | --- modules/update/hipd/update.c 2011-12-14 11:17:58 +0000 |
626 | +++ modules/update/hipd/update.c 2012-01-17 08:56:30 +0000 |
627 | @@ -1,5 +1,5 @@ |
628 | /* |
629 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
630 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
631 | * |
632 | * Permission is hereby granted, free of charge, to any person |
633 | * obtaining a copy of this software and associated documentation |
634 | @@ -52,6 +52,7 @@ |
635 | #include "lib/core/debug.h" |
636 | #include "lib/core/hip_udp.h" |
637 | #include "lib/core/ife.h" |
638 | +#include "lib/core/list.h" |
639 | #include "lib/core/modularization.h" |
640 | #include "lib/core/prefix.h" |
641 | #include "lib/core/state.h" |
Hi,
after having looked through this branch I have one question and only a single remark on your code:
In revision 5941:
> Remove the locking macros for the HIDB because they are not used.
What do you mean with "they are not used"? Because there are lots of calls to lock / unlock that
you remove and without looking deeper into it seems like it is used here. Or is it because all
access is done on our local hidb and we are neither multi-threaded nor does it get accessed from
beyond the file so no locking is necessary?
> -struct local_host_id *hip_get_ hostid_ entry_by_ lhi_and_ algo(HIP_ HASHTABLE *db, hostid_ entry_by_ lhi_and_ algo(const struct in6_addr *hit,
> - const struct in6_addr *hit,
> +struct local_host_id *hip_get_
"const struct in6_addr *const hit" would be more correct here?
> +/**
> + * A call-back function for finding a host association between a given peer HIT
> + * and any of the iteratively provided local HIs.
> + *
> + * @param lhi Points to a local_host_id object from which contains the
> + * local HIT of the HA to find.
"Points to a local_host_id object which contains"
> -int hip_hidb_ match(const void *ptr1, const void *ptr2) match(const void *ptr1, const void *ptr2)
> +static int hip_hidb_
*const ptr1 and *const ptr2 would be more correct?
Other than that, as far as I'm able to judge it's looking good. Nice one! :)
PS: hipd crashes on shutdown after doing a base exchange. This has already been fixed in trunk revision 5948 and applying the change fixes it good.