Merge lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db into lp:hipl
- hidb-db
- Merge into trunk
Status: | Merged |
---|---|
Approved by: | Stefan Götz |
Approved revision: | 6259 |
Merged at revision: | 6260 |
Proposed branch: | lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db |
Merge into: | lp:hipl |
Diff against target: |
633 lines (+78/-151) 9 files modified
hipd/cert.c (+9/-5) hipd/cookie.c (+3/-5) hipd/hadb.c (+6/-9) hipd/hidb.c (+39/-71) hipd/hidb.h (+13/-22) hipd/init.c (+2/-32) hipd/output.c (+2/-3) modules/midauth/hipd/midauth.c (+2/-3) modules/update/hipd/update.c (+2/-1) |
To merge this branch: | bzr merge lp:~stefan.goetz-deactivatedaccount/hipl/hidb-db |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
René Hummen | Approve | ||
Diego Biurrun | Approve | ||
David Martin | Pending | ||
Review via email: mp+88823@code.launchpad.net |
This proposal supersedes a proposal from 2011-05-20.
Commit message
Description of the change
Cleans up the API of the HIDB. It removes all direct external accesses to the HIDB and ensures that the HIDB is only accessed through accessor functions.
Reviewing the individual commits provides additional context.
Changes since the previous merge proposal: re-based on master branch, no functional changes. Please re-review for any issues that would prevent merging this branch.
David Martin (martin-lp) wrote : Posted in a previous version of this proposal | # |
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : Posted in a previous version of this proposal | # |
Hi David!
Thanks for the review!
> In revision 5941:
>> Remove the locking macros for the HIDB because they are not used.
>
> What do you mean with "they are not used"? Because there are lots of calls to lock / unlock that
> you remove and without looking deeper into it seems like it is used here. Or is it because all
> access is done on our local hidb and we are neither multi-threaded nor does it get accessed from
> beyond the file so no locking is necessary?
I believe the locking is not used because:
- The code does not compile when enabling locking (note that locking is disabled
via a '#if 0')
- Locking was disabled by a commit in 2007 and I have no evidence that it was
ever enabled again
- The locking logic in trunk is badly broken. Exhibit 1: the core lookup
function hip_get_
hip_del_host_id() unlocks the database although the code path up to that point
never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
the database, some others do not. The list goes on...
- There is no multi-threading in HIPL (... for all I know. But given the above
reasons, I really really hope so, too)
Thus, I think it makes a lot of sense to remove the locking code because it
needs *major* re-working anyway.
>> -struct local_host_id *hip_get_
>> - const struct in6_addr *hit,
>> +struct local_host_id *hip_get_
>
> "const struct in6_addr *const hit" would be more correct here?
I wanted to address const correctness in one big commit, but anyway. Fixed in
rev. 5954
>> +/**
>> + * A call-back function for finding a host association between a given peer HIT
>> + * and any of the iteratively provided local HIs.
>> + *
>> + * @param lhi Points to a local_host_id object from which contains the
>> + * local HIT of the HA to find.
>
> "Points to a local_host_id object which contains"
Oops. Fixed in rev. 5953
>> -int hip_hidb_
>> +static int hip_hidb_
>
> *const ptr1 and *const ptr2 would be more correct?
Fixed in rev. 5954
> Other than that, as far as I'm able to judge it's looking good. Nice one! :)
Thanks! If this addresses all your concerns, please do not forget to change your
vote to 'accept'.
> PS: hipd crashes on shutdown after doing a base exchange. This has already been fixed in trunk revision 5948 and applying the change fixes it good.
Good to know, thanks!
Stefan
René Hummen (rene-hummen) wrote : Posted in a previous version of this proposal | # |
> Hi David!
>
> Thanks for the review!
>
> > In revision 5941:
> >> Remove the locking macros for the HIDB because they are not used.
> >
> > What do you mean with "they are not used"? Because there are lots of calls
> to lock / unlock that
> > you remove and without looking deeper into it seems like it is used here. Or
> is it because all
> > access is done on our local hidb and we are neither multi-threaded nor does
> it get accessed from
> > beyond the file so no locking is necessary?
>
> I believe the locking is not used because:
>
> - The code does not compile when enabling locking (note that locking is
> disabled
> via a '#if 0')
>
> - Locking was disabled by a commit in 2007 and I have no evidence that it was
> ever enabled again
>
> - The locking logic in trunk is badly broken. Exhibit 1: the core lookup
> function hip_get_
> 2:
> hip_del_host_id() unlocks the database although the code path up to that point
> never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
> the database, some others do not. The list goes on...
>
> - There is no multi-threading in HIPL (... for all I know. But given the above
> reasons, I really really hope so, too)
>
> Thus, I think it makes a lot of sense to remove the locking code because it
> needs *major* re-working anyway.
Miika might be the person to judge this best, but to the best of my knowledge locking is not used in HIPL in the current implementation.
René Hummen (rene-hummen) wrote : Posted in a previous version of this proposal | # |
review needs-fixing
On 20.05.2011, at 23:26, Stefan Götz wrote:
> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>
> Requested reviews:
> HIPL core team (hipl-core)
>
> For more details, see:
> https:/
>
> Cleans up the API of the HIDB. It removes all direct external accesses to the HIDB and ensures that the HIDB is only accessed through accessor functions.
>
> Reviewing the individual commits provides additional context.
[...]
> === modified file 'hipd/hadb.c'
> @@ -983,10 +1001,12 @@
> * Note, that hip_get_host_id() allocates a new buffer and this buffer
> * must be freed in out_err if an error occurs. */
>
> - if (hip_get_
> + if (hip_get_
> &entry->our_pub, &entry-
> - HIP_IFEL(
> - HIP_HI_DSA, &entry->our_pub, &entry-
> + HIP_IFEL(
> + HIP_HI_DSA,
> + &entry->our_pub,
> + &entry-
> -1, "Local host identity not found\n");
> }
Would it be possible to further abstract from the HI algorithm here? Right now, we need to look for an RSA key first and then fall back to DSA. What happens when we add ECDSA? We will need to add that case to many if not all calls to hip_get_
> === modified file 'hipd/hidb.c'
[...]
> - id = hip_get_
> + id = hip_get_
Is there any call to hip_get_
> === modified file 'hipd/hidb.h'
[...]
> void hip_uninit_
This function seems to introduce unnecessary call indirection seeing that hip_uninit_
Otherwise, this merge proposal seems good to me. However, you made changes to core HI handling components of HIPL, so please test your changes extensively. I suggest running tests in your own VMs including BEX and UPDATE exchanges, running Valgrind and making a test deployment in our testbed before committing these changes to trunk.
Thanks for these changes to core components!
--
Dipl.-Inform. Rene Hummen, Ph.D. Student
Chair of Communication and Distributed Systems
RWTH Aachen University, Germany
tel: +49 241 80 20772
web: http://
Miika Komu (miika-iki) wrote : Posted in a previous version of this proposal | # |
We don't have yet threading support, hence there's no need for locking. I think (most of) the old locking code should have been removed by now.
Miika Komu (miika-iki) wrote : Posted in a previous version of this proposal | # |
> Is there any call to hip_get_
> HIP_ANY_ALGO? Furthermore, is there any call with a parameter different from (anon=) -1? If not,
> these point to another possibility of cleaning up the API.
I would encourage to keep it. We need it for RFC5201-bis and crypto agility.
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : Posted in a previous version of this proposal | # |
Hi René!
Thanks for reviewing!
>> - if (hip_get_
>> + if (hip_get_
>> &entry->our_pub, &entry-
>> - HIP_IFEL(
>> - HIP_HI_DSA, &entry->our_pub, &entry-
>> + HIP_IFEL(
>> + HIP_HI_DSA,
>> + &entry->our_pub,
>> + &entry-
>> -1, "Local host identity not found\n");
>> }
>
> Would it be possible to further abstract from the HI algorithm here? Right now, we need to look for an RSA key first and then fall back to DSA. What happens when we add ECDSA? We will need to add that case to many if not all calls to hip_get_
Further abstraction is certainly possible but right now not the focus
of this branch. I have a keys branch for toying around with an
algorithm-agnostic interface to crypto functionality but that is at an
infant's stage. Expect it to be ready anytime around 2020 :)
>> === modified file 'hipd/hidb.c'
> [...]
>> - id = hip_get_
>> + id = hip_get_
>
> Is there any call to hip_get_
We cannot get rid of this function altogether but similar cleanup will
be part of future merge proposals on the HIDB API.
>> void hip_uninit_
>
> This function seems to introduce unnecessary call indirection seeing that hip_uninit_
You are correct in terms of functionality but these are two different
interfaces, one for the HIDB, one for the LSIDB, and they should not
be mixed. A user of the HIDB (who might want to uninitialize it at
some point via this function) should not be exposed to the LSIDB API.
Performance is obviously not an issue here.
> Otherwise, this merge proposal seems good to me. However, you made changes to core HI handling components of HIPL, so please test your changes extensively. I suggest running tests in your own VMs including BEX and UPDATE exchanges, running Valgrind and making a test deployment in our testbed before committing these changes to trunk.
Will do that once the regression test framework is in place and the
current bugs are fixed. That might be a while.
Stefan
David Martin (martin-lp) wrote : Posted in a previous version of this proposal | # |
Hi,
> Thanks for the review!
You are welcome!
> I believe the locking is not used because:
>
> - The code does not compile when enabling locking (note that locking is
> disabled
> via a '#if 0')
oh, I missed the if condition there.
> - Locking was disabled by a commit in 2007 and I have no evidence that it was
> ever enabled again
>
> - The locking logic in trunk is badly broken. Exhibit 1: the core lookup
> function hip_get_
> 2:
> hip_del_host_id() unlocks the database although the code path up to that point
> never acquires a lock. Exhibit 3: Some code paths in hip_del_host_id() unlock
> the database, some others do not. The list goes on...
>
> - There is no multi-threading in HIPL (... for all I know. But given the above
> reasons, I really really hope so, too)
>
> Thus, I think it makes a lot of sense to remove the locking code because it
> needs *major* re-working anyway.
Ok, sounds reasonable, I'm convinced. Thanks for clarifying!
> I wanted to address const correctness in one big commit, but anyway. Fixed in
> rev. 5954
Thanks.
> >> +/**
> >> + * A call-back function for finding a host association between a given
> peer HIT
> >> + * and any of the iteratively provided local HIs.
> >> + *
> >> + * @param lhi Points to a local_host_id object from which contains the
> >> + * local HIT of the HA to find.
> >
> > "Points to a local_host_id object which contains"
>
> Oops. Fixed in rev. 5953
:)
> >> -int hip_hidb_
> >> +static int hip_hidb_
> >
> > *const ptr1 and *const ptr2 would be more correct?
>
> Fixed in rev. 5954
> Thanks! If this addresses all your concerns, please do not forget to change
> your
> vote to 'accept'.
My question has been answered and the minor issues fixed. All good by me! :)
David
Diego Biurrun (diego-biurrun) wrote : Posted in a previous version of this proposal | # |
review needs-fixing
On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>
> --- firewall/
> +++ firewall/
> @@ -824,29 +823,38 @@
>
> +/**
> * flushes all entries in the sadb
> *
> - * @return -1, if error occurred, else 0
> + * @return 0
> */
> int hip_sadb_
> {
> - int err = 0, i = 0;
> - LHASH_NODE *item = NULL, *tmp = NULL;
> - struct hip_sa_entry *entry = NULL;
> -
> - // iterating over all elements
> - list_for_
> - {
> - HIP_IFEL(!(entry = list_entry(item)), -1,
> - "failed to get list entry\n");
> - HIP_IFEL(
> - "failed to delete sa entry\n");
> - }
> + hip_ht_doall(sadb, delete_sa_entry);
>
> HIP_DEBUG("sadb flushed\n");
This debug line is rather pointless IMO, I'd remove it.
> -out_err:
> - return err;
> + return 0;
> }
Why not make the function void instead of always returning the same value?
> --- hipd/cookie.c 2011-05-10 22:14:13 +0000
> +++ hipd/cookie.c 2011-05-20 21:25:59 +0000
> @@ -372,24 +367,10 @@
> /**
> * precreate all R1 packets
> *
> - * @return zero on success or negative on error
> + * @return 0
> */
> int hip_recreate_
> {
> - HIP_HASHTABLE *ht = hip_ht_
> - LHASH_NODE *curr, *iter;
> - struct hip_host_id *tmp;
> - int c;
> -
> - hip_for_
> -
> - list_for_
> - {
> - tmp = list_entry(curr);
> - hip_ht_
> - list_del(tmp, ht);
> - }
> -
> - hip_ht_uninit(ht);
> + hip_for_
> return 0;
> }
ditto
> --- hipd/init.c 2011-05-04 16:20:00 +0000
> +++ hipd/init.c 2011-05-20 21:25:59 +0000
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2010 Aalto University and RWTH Aachen University.
> + * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
> *
> * Permission is hereby granted, free of charge, to any person
> * obtaining a copy of this software and associated documentation
> @@ -28,6 +28,7 @@
> * This file defines initialization functions for the HIP daemon.
> *
> * @note HIPU: BSD platform needs to be autodetected in hip_set_
> + * @author Stefan G??tz <email address hidden>
> */
I'm sceptical that removing a function constitutes a real contribution.
There are more similar cases in this merge request, we need to come to
a conclusion what to do with these cases.
Diego
David Martin (martin-lp) wrote : Posted in a previous version of this proposal | # |
Hi,
On Mon, Aug 8, 2011 at 5:00 PM, Diego Biurrun <email address hidden> wrote:
> review needs-fixing
>
> On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
>> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>>
>> HIP_DEBUG("sadb flushed\n");
>
> This debug line is rather pointless IMO, I'd remove it.
>
>> -out_err:
>> - return err;
>> + return 0;
>> }
>
> Why not make the function void instead of always returning the same value?
>
> There are more similar cases in this merge request, we need to come to
> a conclusion what to do with these cases.
well, shouldn't a merge review focus on the changes to be merged more than
on general problems with the code around it? Your points are valid but if I
see it right those parts of the code weren't touched by Stefan and in my
opinion unrelated to the goal of this branch.
There's the boyscout rule but you can only apply it so far else you never get
done with what you wanted to do in the first place or you needlessly bloat
the merge request, no?
Diego Biurrun (diego-biurrun) wrote : Posted in a previous version of this proposal | # |
On Wed, Aug 10, 2011 at 02:14:13PM +0000, David Martin wrote:
>
> On Mon, Aug 8, 2011 at 5:00 PM, Diego Biurrun <email address hidden> wrote:
> > review needs-fixing
> >
> > On Fri, May 20, 2011 at 09:26:05PM +0000, Stefan Götz wrote:
> >> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
> >>
> >> HIP_DEBUG("sadb flushed\n");
> >
> > This debug line is rather pointless IMO, I'd remove it.
> >
> >> -out_err:
> >> - return err;
> >> + return 0;
> >> }
> >
> > Why not make the function void instead of always returning the same value?
> >
> > There are more similar cases in this merge request, we need to come to
> > a conclusion what to do with these cases.
>
> well, shouldn't a merge review focus on the changes to be merged more than
> on general problems with the code around it? Your points are valid but if I
> see it right those parts of the code weren't touched by Stefan and in my
> opinion unrelated to the goal of this branch.
>
> There's the boyscout rule but you can only apply it so far else you never get
> done with what you wanted to do in the first place or you needlessly bloat
> the merge request, no?
He is changing the whole function anyway, so this seemed relevant...
That said, yes, one has to focus, otherwise you never get finished.
Diego
Diego Biurrun (diego-biurrun) wrote : | # |
review approve
On Tue, Jan 17, 2012 at 09:02:28AM +0000, Stefan Götz wrote:
> Stefan Götz has proposed merging lp:~stefan.goetz/hipl/hidb-db into lp:hipl.
>
> --- hipd/init.c 2011-12-13 13:50:53 +0000
> +++ hipd/init.c 2012-01-17 09:01:25 +0000
> @@ -28,6 +28,7 @@
> * This file defines initialization functions for the HIP daemon.
> *
> * @note HIPU: BSD platform needs to be autodetected in hip_set_
> + * @author Stefan Götz <email address hidden>
> */
We dropped all of these. Please remove before merging.
Diego
- 6259. By Stefan Götz
-
Remove authorship attribution
René Hummen (rene-hummen) wrote : | # |
LGTM. I like the removal of the duplicate functionality in return_first_rsa().
René Hummen (rene-hummen) : | # |
Preview Diff
1 | === modified file 'hipd/cert.c' |
2 | --- hipd/cert.c 2012-01-14 15:29:47 +0000 |
3 | +++ hipd/cert.c 2012-01-18 21:24:26 +0000 |
4 | @@ -1,5 +1,5 @@ |
5 | /* |
6 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
7 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
8 | * |
9 | * Permission is hereby granted, free of charge, to any person |
10 | * obtaining a copy of this software and associated documentation |
11 | @@ -104,8 +104,10 @@ |
12 | |
13 | HIP_DEBUG_HIT("Getting keys for HIT", &cert->issuer_hit); |
14 | |
15 | - HIP_IFEL(hip_get_host_id_and_priv_key(hip_local_hostid_db, &cert->issuer_hit, |
16 | - HIP_ANY_ALGO, &host_id, (void **) &rsa), |
17 | + HIP_IFEL(hip_get_host_id_and_priv_key(&cert->issuer_hit, |
18 | + HIP_ANY_ALGO, |
19 | + &host_id, |
20 | + (void **) &rsa), |
21 | -1, "Private key not found\n"); |
22 | |
23 | algo = host_id->rdata.algorithm; |
24 | @@ -802,8 +804,10 @@ |
25 | |
26 | HIP_DEBUG("Getting the key\n"); |
27 | |
28 | - HIP_IFEL(hip_get_host_id_and_priv_key(hip_local_hostid_db, issuer_hit_n, |
29 | - HIP_ANY_ALGO, &host_id, (void *) &rsa), |
30 | + HIP_IFEL(hip_get_host_id_and_priv_key(issuer_hit_n, |
31 | + HIP_ANY_ALGO, |
32 | + &host_id, |
33 | + (void *) &rsa), |
34 | -1, "Private key not found\n"); |
35 | |
36 | algo = host_id->rdata.algorithm; |
37 | |
38 | === modified file 'hipd/cookie.c' |
39 | --- hipd/cookie.c 2012-01-06 13:19:09 +0000 |
40 | +++ hipd/cookie.c 2012-01-18 21:24:26 +0000 |
41 | @@ -1,5 +1,5 @@ |
42 | /* |
43 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
44 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
45 | * |
46 | * Permission is hereby granted, free of charge, to any person |
47 | * obtaining a copy of this software and associated documentation |
48 | @@ -196,8 +196,7 @@ |
49 | int idx, len; |
50 | |
51 | /* Find the proper R1 table and copy the R1 message from the table */ |
52 | - HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
53 | - our_hit, HIP_ANY_ALGO, -1)), |
54 | + HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(our_hit, HIP_ANY_ALGO, -1)), |
55 | NULL, "Unknown HIT\n"); |
56 | |
57 | hip_r1table = hid->r1; |
58 | @@ -280,8 +279,7 @@ |
59 | int err = 0; |
60 | |
61 | /* Find the proper R1 table */ |
62 | - HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
63 | - &hdr->hitr, |
64 | + HIP_IFEL(!(hid = hip_get_hostid_entry_by_lhi_and_algo(&hdr->hitr, |
65 | HIP_ANY_ALGO, |
66 | -1)), |
67 | -1, "Requested source HIT not (any more) available.\n"); |
68 | |
69 | === modified file 'hipd/hadb.c' |
70 | --- hipd/hadb.c 2011-12-30 23:20:44 +0000 |
71 | +++ hipd/hadb.c 2012-01-18 21:24:26 +0000 |
72 | @@ -1,5 +1,5 @@ |
73 | /* |
74 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
75 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
76 | * |
77 | * Permission is hereby granted, free of charge, to any person |
78 | * obtaining a copy of this software and associated documentation |
79 | @@ -274,8 +274,8 @@ |
80 | * A call-back function for finding a host association between a given peer HIT |
81 | * and any of the iteratively provided local HIs. |
82 | * |
83 | - * @param lhi Points to a local_host_id object from which contains the |
84 | - * local HIT of the HA to find. |
85 | + * @param lhi Points to a local_host_id object which contains the local HIT |
86 | + * of the HA to find. |
87 | * @param context Points to a ha_pattern object which contains the peer HIT of |
88 | * the HA to find and where the result is stored if a HA is |
89 | * found. |
90 | @@ -972,20 +972,17 @@ |
91 | * Note, that hip_get_host_id() allocates a new buffer and this buffer |
92 | * must be freed in out_err if an error occurs. */ |
93 | |
94 | - if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
95 | - hit_our, |
96 | + if (!hip_get_host_id_and_priv_key(hit_our, |
97 | HIP_HI_RSA, |
98 | &entry->our_pub, |
99 | &entry->our_priv_key)) { |
100 | HIP_DEBUG("Found RSA host identity\n"); |
101 | - } else if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
102 | - hit_our, |
103 | + } else if (!hip_get_host_id_and_priv_key(hit_our, |
104 | HIP_HI_DSA, |
105 | &entry->our_pub, |
106 | &entry->our_priv_key)) { |
107 | HIP_DEBUG("Found DSA host identity\n"); |
108 | - } else if (!hip_get_host_id_and_priv_key(HIP_DB_LOCAL_HID, |
109 | - hit_our, |
110 | + } else if (!hip_get_host_id_and_priv_key(hit_our, |
111 | HIP_HI_ECDSA, |
112 | &entry->our_pub, |
113 | &entry->our_priv_key)) { |
114 | |
115 | === modified file 'hipd/hidb.c' |
116 | --- hipd/hidb.c 2011-12-30 23:20:44 +0000 |
117 | +++ hipd/hidb.c 2012-01-18 21:24:26 +0000 |
118 | @@ -1,5 +1,5 @@ |
119 | /* |
120 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
121 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
122 | * |
123 | * Permission is hereby granted, free of charge, to any person |
124 | * obtaining a copy of this software and associated documentation |
125 | @@ -46,6 +46,7 @@ |
126 | #include "lib/core/hostid.h" |
127 | #include "lib/core/hit.h" |
128 | #include "lib/core/ife.h" |
129 | +#include "lib/core/list.h" |
130 | #include "lib/core/prefix.h" |
131 | #include "lib/core/protodefs.h" |
132 | #include "lib/core/straddr.h" |
133 | @@ -223,7 +224,7 @@ |
134 | * @param ptr a pointer to a local_host_id structure |
135 | * @return the calculated hash value |
136 | */ |
137 | -unsigned long hip_hidb_hash(const void *ptr) |
138 | +static unsigned long hip_hidb_hash(const void *ptr) |
139 | { |
140 | const hip_hit_t *hit = &((const struct local_host_id *) ptr)->hit; |
141 | union { |
142 | @@ -249,7 +250,7 @@ |
143 | * @param ptr2 a pointer to local_host_id |
144 | * @return zero on match or non-zero on unmatch |
145 | */ |
146 | -int hip_hidb_match(const void *ptr1, const void *ptr2) |
147 | +static int hip_hidb_match(const void *const ptr1, const void *const ptr2) |
148 | { |
149 | const hip_hit_t *hit1 = &((const struct local_host_id *) ptr1)->hit; |
150 | const hip_hit_t *hit2 = &((const struct local_host_id *) ptr2)->hit; |
151 | @@ -268,26 +269,19 @@ |
152 | * Deletes the given HI (network byte order) from the database. Matches HIs |
153 | * based on the HIT. |
154 | * |
155 | - * @param db database from which to delete. |
156 | * @param hit the HIT to be deleted from the database. |
157 | * @return zero on success, otherwise negative. |
158 | */ |
159 | -static int del_host_id(HIP_HASHTABLE *db, hip_hit_t hit) |
160 | +static int del_host_id(hip_hit_t hit) |
161 | { |
162 | struct local_host_id *id = NULL; |
163 | |
164 | - id = hip_get_hostid_entry_by_lhi_and_algo(db, &hit, HIP_ANY_ALGO, -1); |
165 | + id = hip_get_hostid_entry_by_lhi_and_algo(&hit, HIP_ANY_ALGO, -1); |
166 | if (id == NULL) { |
167 | HIP_ERROR("hit not found\n"); |
168 | return -ENOENT; |
169 | } |
170 | |
171 | - /* Call the handler to execute whatever required after the |
172 | - * host id is no more in the database */ |
173 | - if (id->remove) { |
174 | - id->remove(id, &id->arg); |
175 | - } |
176 | - |
177 | switch (hip_get_host_id_algo(&id->host_id)) { |
178 | case HIP_HI_RSA: |
179 | RSA_free(id->private_key); |
180 | @@ -304,7 +298,7 @@ |
181 | HIP_ERROR("Cannot free key because key type is unknown.\n"); |
182 | } |
183 | |
184 | - list_del(id, db); |
185 | + list_del(id, hip_local_hostid_db); |
186 | free(id); |
187 | id = NULL; |
188 | |
189 | @@ -315,25 +309,23 @@ |
190 | * Uninitializes local/peer Host Id table. All elements of the @c db are |
191 | * deleted. Since local and peer host id databases include dynamically allocated |
192 | * host_id element, it is also freed. |
193 | - * |
194 | - * @param db database structure to delete. |
195 | */ |
196 | -static void uninit_hostid_db(HIP_HASHTABLE *db) |
197 | +static void uninit_hostid_db(void) |
198 | { |
199 | LHASH_NODE *curr, *iter; |
200 | struct local_host_id *tmp; |
201 | int count; |
202 | |
203 | - list_for_each_safe(curr, iter, db, count) { |
204 | + list_for_each_safe(curr, iter, hip_local_hostid_db, count) { |
205 | hip_hit_t hit; |
206 | |
207 | tmp = list_entry(curr); |
208 | |
209 | memcpy(&hit, &tmp->hit, sizeof(hit)); |
210 | - del_host_id(db, hit); |
211 | + del_host_id(hit); |
212 | } |
213 | |
214 | - hip_ht_uninit(db); |
215 | + hip_ht_uninit(hip_local_hostid_db); |
216 | } |
217 | |
218 | /** |
219 | @@ -342,22 +334,19 @@ |
220 | * If @c hit is NULL, finds the first used host id. |
221 | * If algo is HIP_ANY_ALGO, ignore algore comparison. |
222 | * |
223 | - * @param db database to be searched. Usually either HIP_DB_PEER_HID or |
224 | - * HIP_DB_LOCAL_HID |
225 | * @param hit the local host id to be searched |
226 | * @param anon -1 if you don't care, 1 if anon, 0 if public |
227 | * @param algo the algorithm |
228 | * @return NULL, if failed or non-NULL if succeeded. |
229 | */ |
230 | -struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(HIP_HASHTABLE *db, |
231 | - const struct in6_addr *hit, |
232 | - int algo, |
233 | - int anon) |
234 | +struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(const struct in6_addr *const hit, |
235 | + const int algo, |
236 | + const int anon) |
237 | { |
238 | struct local_host_id *id_entry; |
239 | LHASH_NODE *item; |
240 | int c; |
241 | - list_for_each(item, db, c) { |
242 | + list_for_each(item, hip_local_hostid_db, c) { |
243 | id_entry = list_entry(item); |
244 | |
245 | if ((hit == NULL || !ipv6_addr_cmp(&id_entry->hit, hit)) && |
246 | @@ -379,8 +368,7 @@ |
247 | */ |
248 | int hip_hidb_hit_is_our(const hip_hit_t *our) |
249 | { |
250 | - return hip_get_hostid_entry_by_lhi_and_algo(hip_local_hostid_db, our, |
251 | - HIP_ANY_ALGO, -1) != NULL; |
252 | + return hip_get_hostid_entry_by_lhi_and_algo(our, HIP_ANY_ALGO, -1) != NULL; |
253 | } |
254 | |
255 | /** |
256 | @@ -409,11 +397,10 @@ |
257 | /** |
258 | * Assign a free LSI to a host id entry |
259 | * |
260 | - * @param db database structure |
261 | * @param id_entry contains an entry to the db, will contain an unsigned lsi |
262 | * @return zero on success, or negative error value on failure. |
263 | */ |
264 | -static int hidb_add_lsi(HIP_HASHTABLE *db, struct local_host_id *id_entry) |
265 | +static int hidb_add_lsi(struct local_host_id *id_entry) |
266 | { |
267 | struct local_host_id *id_entry_aux; |
268 | LHASH_NODE *item; |
269 | @@ -425,7 +412,7 @@ |
270 | inet_aton(lsi_addresses[i], &lsi_aux); |
271 | used_lsi = 0; |
272 | |
273 | - list_for_each(item, db, c) { |
274 | + list_for_each(item, hip_local_hostid_db, c) { |
275 | id_entry_aux = list_entry(item); |
276 | if (hip_lsi_are_equal(&lsi_aux, &id_entry_aux->lsi)) { |
277 | used_lsi = 1; |
278 | @@ -463,28 +450,23 @@ |
279 | */ |
280 | void hip_uninit_host_id_dbs(void) |
281 | { |
282 | - uninit_hostid_db(hip_local_hostid_db); |
283 | + uninit_hostid_db(); |
284 | } |
285 | |
286 | /** |
287 | * Adds the given HI into the database. Checks for duplicates. If one is found, |
288 | * the current HI is @b NOT stored. |
289 | * |
290 | - * @param db database structure. |
291 | * @param hit HIT |
292 | * @param anon whether the host ID is anonymous or not |
293 | + * @param lsi the LSI |
294 | * @param host_id HI |
295 | - * @param add the handler to call right after the host id is added |
296 | - * @param del the handler to call right before the host id is removed |
297 | - * @param arg argument passed for the handlers |
298 | - * @param lsi the LSI |
299 | * @return 0 on success, otherwise an negative error value is returned. |
300 | */ |
301 | -static int add_host_id(HIP_HASHTABLE *db, const hip_hit_t hit, bool anon, |
302 | - hip_lsi_t *lsi, const struct hip_host_id_priv *host_id, |
303 | - int (*add)(struct local_host_id *, void **arg), |
304 | - int (*del)(struct local_host_id *, void **arg), |
305 | - void *arg) |
306 | +static int add_host_id(const hip_hit_t hit, |
307 | + bool anon, |
308 | + hip_lsi_t *lsi, |
309 | + const struct hip_host_id_priv *host_id) |
310 | { |
311 | int err = 0; |
312 | struct local_host_id *id_entry = NULL; |
313 | @@ -498,8 +480,7 @@ |
314 | id_entry->anonymous = anon; |
315 | |
316 | /* check for duplicates */ |
317 | - old_entry = hip_get_hostid_entry_by_lhi_and_algo(db, &hit, |
318 | - HIP_ANY_ALGO, -1); |
319 | + old_entry = hip_get_hostid_entry_by_lhi_and_algo(&hit, HIP_ANY_ALGO, -1); |
320 | if (old_entry != NULL) { |
321 | HIP_ERROR("Trying to add duplicate local host ID\n"); |
322 | err = -EEXIST; |
323 | @@ -507,14 +488,11 @@ |
324 | } |
325 | |
326 | /* assign a free lsi address */ |
327 | - HIP_IFEL(hidb_add_lsi(db, id_entry) < 0, -EEXIST, "No LSI free\n"); |
328 | + HIP_IFEL(hidb_add_lsi(id_entry) < 0, -EEXIST, "No LSI free\n"); |
329 | |
330 | memcpy(lsi, &id_entry->lsi, sizeof(hip_lsi_t)); |
331 | - id_entry->insert = add; |
332 | - id_entry->remove = del; |
333 | - id_entry->arg = arg; |
334 | |
335 | - list_add(id_entry, db); |
336 | + list_add(id_entry, hip_local_hostid_db); |
337 | |
338 | switch (hip_get_host_id_algo((const struct hip_host_id *) host_id)) { |
339 | case HIP_HI_RSA: |
340 | @@ -560,12 +538,6 @@ |
341 | -ENOENT, |
342 | "Unable to precreate R1s.\n"); |
343 | |
344 | - /* Called while the database is locked, perhaps not the best |
345 | - * option but HIs are not added often */ |
346 | - if (add) { |
347 | - add(id_entry, &arg); |
348 | - } |
349 | - |
350 | out_err: |
351 | if (err && id_entry) { |
352 | switch (hip_get_host_id_algo(&id_entry->host_id)) { |
353 | @@ -639,8 +611,7 @@ |
354 | |
355 | anonymous = (eid_endpoint->endpoint.flags & HIP_ENDPOINT_FLAG_ANON); |
356 | |
357 | - err = add_host_id(HIP_DB_LOCAL_HID, hit, anonymous, &lsi, |
358 | - host_identity, NULL, NULL, NULL); |
359 | + err = add_host_id(hit, anonymous, &lsi, host_identity); |
360 | |
361 | /* Currently only RSA pub is added by default (bug id 592127). |
362 | * Ignore redundant adding in case user wants to enable |
363 | @@ -699,7 +670,7 @@ |
364 | hip_in6_ntop(hit, buf); |
365 | HIP_INFO("del HIT: %s\n", buf); |
366 | |
367 | - if ((err = del_host_id(HIP_DB_LOCAL_HID, *hit))) { |
368 | + if ((err = del_host_id(*hit))) { |
369 | HIP_ERROR("deleting of local host identity failed\n"); |
370 | return err; |
371 | } |
372 | @@ -723,8 +694,7 @@ |
373 | { |
374 | struct local_host_id *entry; |
375 | |
376 | - entry = hip_get_hostid_entry_by_lhi_and_algo(hip_local_hostid_db, |
377 | - NULL, algo, anon); |
378 | + entry = hip_get_hostid_entry_by_lhi_and_algo(NULL, algo, anon); |
379 | if (!entry) { |
380 | return -ENOENT; |
381 | } |
382 | @@ -787,18 +757,16 @@ |
383 | /** |
384 | * find the local host identifier corresponding to the local LSI |
385 | * |
386 | - * @param db the local host identifier database to be searched for |
387 | * @param lsi the local LSI to be matched |
388 | * @return the local host identifier structure |
389 | */ |
390 | -static struct local_host_id *hidb_get_entry_by_lsi(HIP_HASHTABLE *db, |
391 | - const struct in_addr *lsi) |
392 | +static struct local_host_id *hidb_get_entry_by_lsi(const struct in_addr *lsi) |
393 | { |
394 | struct local_host_id *id_entry; |
395 | LHASH_NODE *item; |
396 | int c; |
397 | |
398 | - list_for_each(item, db, c) { |
399 | + list_for_each(item, hip_local_hostid_db, c) { |
400 | id_entry = list_entry(item); |
401 | if (!ipv4_addr_cmp(&id_entry->lsi, lsi)) { |
402 | return id_entry; |
403 | @@ -826,14 +794,13 @@ |
404 | return -1; |
405 | } |
406 | if (ipv4_addr_cmp(&aux_lsi, default_lsi)) { |
407 | - if (!(tmp1 = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
408 | - default_hit, |
409 | + if (!(tmp1 = hip_get_hostid_entry_by_lhi_and_algo(default_hit, |
410 | HIP_ANY_ALGO, |
411 | -1))) { |
412 | HIP_ERROR("Default hit not found in hidb\n"); |
413 | return -1; |
414 | } |
415 | - if (!(tmp2 = hidb_get_entry_by_lsi(HIP_DB_LOCAL_HID, default_lsi))) { |
416 | + if (!(tmp2 = hidb_get_entry_by_lsi(default_lsi))) { |
417 | HIP_ERROR("Default lsi not found in hidb\n"); |
418 | return -1; |
419 | } |
420 | @@ -848,20 +815,21 @@ |
421 | /** |
422 | * find a host identifier from the database |
423 | * |
424 | - * @param db the host identifier databased |
425 | * @param hit the HIT to be searched for |
426 | * @param algo the algorithm for the HI |
427 | * @param host_id A copy of the host is stored here. Caller deallocates. |
428 | * @param key a pointer to the private key (caller should not deallocate) |
429 | * @return zero on success or negative on error |
430 | */ |
431 | -int hip_get_host_id_and_priv_key(HIP_HASHTABLE *db, struct in6_addr *hit, |
432 | - int algo, struct hip_host_id **host_id, void **key) |
433 | +int hip_get_host_id_and_priv_key(struct in6_addr *hit, |
434 | + int algo, |
435 | + struct hip_host_id **host_id, |
436 | + void **key) |
437 | { |
438 | int host_id_len; |
439 | struct local_host_id *entry = NULL; |
440 | |
441 | - entry = hip_get_hostid_entry_by_lhi_and_algo(db, hit, algo, -1); |
442 | + entry = hip_get_hostid_entry_by_lhi_and_algo(hit, algo, -1); |
443 | if (!entry) { |
444 | return -1; |
445 | } |
446 | |
447 | === modified file 'hipd/hidb.h' |
448 | --- hipd/hidb.h 2011-11-25 17:56:24 +0000 |
449 | +++ hipd/hidb.h 2012-01-18 21:24:26 +0000 |
450 | @@ -1,5 +1,5 @@ |
451 | /* |
452 | - * Copyright (c) 2010 Aalto University and RWTH Aachen University. |
453 | + * Copyright (c) 2010,2012 Aalto University and RWTH Aachen University. |
454 | * |
455 | * Permission is hereby granted, free of charge, to any person |
456 | * obtaining a copy of this software and associated documentation |
457 | @@ -26,12 +26,15 @@ |
458 | #ifndef HIPL_HIPD_HIDB_H |
459 | #define HIPL_HIPD_HIDB_H |
460 | |
461 | +/** |
462 | + * @file |
463 | + * Public interface for the HIDB, the database of local host identities (LHIs), |
464 | + * i.e., all the HIP identities known for the local host. |
465 | + */ |
466 | + |
467 | #include <stdbool.h> |
468 | #include <netinet/in.h> |
469 | -#include <openssl/lhash.h> |
470 | |
471 | -#include "lib/core/hashtable.h" |
472 | -#include "lib/core/list.h" |
473 | #include "lib/core/protodefs.h" |
474 | #include "cookie.h" |
475 | |
476 | @@ -43,24 +46,14 @@ |
477 | struct hip_host_id host_id; |
478 | void *private_key; /* RSA or DSA */ |
479 | struct hip_r1entry r1[HIP_R1TABLESIZE]; /* precreated R1s */ |
480 | - /* Handler to call after insert with an argument, return 0 if OK*/ |
481 | - int (*insert)(struct local_host_id *, void **arg); |
482 | - /* Handler to call before remove with an argument, return 0 if OK*/ |
483 | - int (*remove)(struct local_host_id *, void **arg); |
484 | - void *arg; |
485 | }; |
486 | |
487 | -/* Use this to point your target while accessing a database */ |
488 | -#define HIP_DB_LOCAL_HID (hip_local_hostid_db) |
489 | - |
490 | -/* ... and not this! */ |
491 | -extern HIP_HASHTABLE *hip_local_hostid_db; |
492 | - |
493 | -struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(HIP_HASHTABLE *db, |
494 | - const struct in6_addr *hit, |
495 | - int algo, int anon); |
496 | -int hip_get_host_id_and_priv_key(HIP_HASHTABLE *db, struct in6_addr *hit, |
497 | - int algo, struct hip_host_id **host_id, void **key); |
498 | +struct local_host_id *hip_get_hostid_entry_by_lhi_and_algo(const struct in6_addr *const hit, |
499 | + const int algo, const int anon); |
500 | +int hip_get_host_id_and_priv_key(struct in6_addr *hit, |
501 | + int algo, |
502 | + struct hip_host_id **host_id, |
503 | + void **key); |
504 | |
505 | void hip_uninit_host_id_dbs(void); |
506 | |
507 | @@ -77,8 +70,6 @@ |
508 | /* existence */ |
509 | int hip_hidb_hit_is_our(const hip_hit_t *src); |
510 | |
511 | -unsigned long hip_hidb_hash(const void *ptr); |
512 | -int hip_hidb_match(const void *ptr1, const void *ptr2); |
513 | void hip_init_hostid_db(void); |
514 | int hip_get_default_hit(struct in6_addr *hit); |
515 | int hip_get_default_hit_msg(struct hip_common *msg); |
516 | |
517 | === modified file 'hipd/init.c' |
518 | --- hipd/init.c 2011-12-13 13:50:53 +0000 |
519 | +++ hipd/init.c 2012-01-18 21:24:26 +0000 |
520 | @@ -1,5 +1,5 @@ |
521 | /* |
522 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
523 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
524 | * |
525 | * Permission is hereby granted, free of charge, to any person |
526 | * obtaining a copy of this software and associated documentation |
527 | @@ -373,36 +373,6 @@ |
528 | } |
529 | |
530 | /** |
531 | - * find the first RSA-based host id |
532 | - * |
533 | - * @return the host id or NULL if none found |
534 | - */ |
535 | -static struct local_host_id *return_first_rsa(void) |
536 | -{ |
537 | - LHASH_NODE *curr, *iter; |
538 | - struct local_host_id *tmp = NULL; |
539 | - int c; |
540 | - uint16_t algo = 0; |
541 | - |
542 | - list_for_each_safe(curr, iter, hip_local_hostid_db, c) { |
543 | - tmp = list_entry(curr); |
544 | - HIP_DEBUG_HIT("Found HIT", &tmp->hit); |
545 | - algo = hip_get_host_id_algo(&tmp->host_id); |
546 | - HIP_DEBUG("hits algo %d HIP_HI_RSA = %d\n", |
547 | - algo, HIP_HI_RSA); |
548 | - if (algo == HIP_HI_RSA) { |
549 | - goto out_err; |
550 | - } |
551 | - } |
552 | - |
553 | -out_err: |
554 | - if (algo == HIP_HI_RSA) { |
555 | - return tmp; |
556 | - } |
557 | - return NULL; |
558 | -} |
559 | - |
560 | -/** |
561 | * Initialize local host IDs. |
562 | * |
563 | * @return zero on success or negative on failure |
564 | @@ -489,7 +459,7 @@ |
565 | HIP_DEBUG("Configuration file did NOT exist creating it and " |
566 | "filling it with default information\n"); |
567 | /* Fetch the first RSA HIT */ |
568 | - entry = return_first_rsa(); |
569 | + entry = hip_get_hostid_entry_by_lhi_and_algo(NULL, HIP_HI_RSA, -1); |
570 | if (entry == NULL) { |
571 | HIP_DEBUG("Failed to get the first RSA HI"); |
572 | goto out_err; |
573 | |
574 | === modified file 'hipd/output.c' |
575 | --- hipd/output.c 2011-12-29 10:00:51 +0000 |
576 | +++ hipd/output.c 2012-01-18 21:24:26 +0000 |
577 | @@ -1,5 +1,5 @@ |
578 | /* |
579 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
580 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
581 | * |
582 | * Permission is hereby granted, free of charge, to any person |
583 | * obtaining a copy of this software and associated documentation |
584 | @@ -453,8 +453,7 @@ |
585 | /* add host id in plaintext without encrypted wrapper */ |
586 | /* Parameter HOST_ID. Notice that hip_get_public_key overwrites |
587 | * the argument pointer, so we have to allocate some extra memory */ |
588 | - HIP_IFEL(!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
589 | - &ctx->input_msg->hitr, |
590 | + HIP_IFEL(!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(&ctx->input_msg->hitr, |
591 | HIP_ANY_ALGO, |
592 | -1)), |
593 | -1, "Unknown HIT\n"); |
594 | |
595 | === modified file 'modules/midauth/hipd/midauth.c' |
596 | --- modules/midauth/hipd/midauth.c 2011-10-17 15:22:35 +0000 |
597 | +++ modules/midauth/hipd/midauth.c 2012-01-18 21:24:26 +0000 |
598 | @@ -1,5 +1,5 @@ |
599 | /* |
600 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
601 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
602 | * |
603 | * Permission is hereby granted, free of charge, to any person |
604 | * obtaining a copy of this software and associated documentation |
605 | @@ -125,8 +125,7 @@ |
606 | // add HOST_ID to packets containing a CHALLENGE_RESPONSE |
607 | if (challenge_request) { |
608 | const struct local_host_id *const host_id_entry = |
609 | - hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID, |
610 | - &ctx->input_msg->hitr, |
611 | + hip_get_hostid_entry_by_lhi_and_algo(&ctx->input_msg->hitr, |
612 | HIP_ANY_ALGO, |
613 | -1); |
614 | if (!host_id_entry) { |
615 | |
616 | === modified file 'modules/update/hipd/update.c' |
617 | --- modules/update/hipd/update.c 2011-12-14 11:17:58 +0000 |
618 | +++ modules/update/hipd/update.c 2012-01-18 21:24:26 +0000 |
619 | @@ -1,5 +1,5 @@ |
620 | /* |
621 | - * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University. |
622 | + * Copyright (c) 2010-2012 Aalto University and RWTH Aachen University. |
623 | * |
624 | * Permission is hereby granted, free of charge, to any person |
625 | * obtaining a copy of this software and associated documentation |
626 | @@ -52,6 +52,7 @@ |
627 | #include "lib/core/debug.h" |
628 | #include "lib/core/hip_udp.h" |
629 | #include "lib/core/ife.h" |
630 | +#include "lib/core/list.h" |
631 | #include "lib/core/modularization.h" |
632 | #include "lib/core/prefix.h" |
633 | #include "lib/core/state.h" |
Hi,
after having looked through this branch I have one question and only a single remark on your code:
In revision 5941:
> Remove the locking macros for the HIDB because they are not used.
What do you mean with "they are not used"? Because there are lots of calls to lock / unlock that
you remove and without looking deeper into it seems like it is used here. Or is it because all
access is done on our local hidb and we are neither multi-threaded nor does it get accessed from
beyond the file so no locking is necessary?
> -struct local_host_id *hip_get_ hostid_ entry_by_ lhi_and_ algo(HIP_ HASHTABLE *db, hostid_ entry_by_ lhi_and_ algo(const struct in6_addr *hit,
> - const struct in6_addr *hit,
> +struct local_host_id *hip_get_
"const struct in6_addr *const hit" would be more correct here?
> +/**
> + * A call-back function for finding a host association between a given peer HIT
> + * and any of the iteratively provided local HIs.
> + *
> + * @param lhi Points to a local_host_id object from which contains the
> + * local HIT of the HA to find.
"Points to a local_host_id object which contains"
> -int hip_hidb_ match(const void *ptr1, const void *ptr2) match(const void *ptr1, const void *ptr2)
> +static int hip_hidb_
*const ptr1 and *const ptr2 would be more correct?
Other than that, as far as I'm able to judge it's looking good. Nice one! :)
PS: hipd crashes on shutdown after doing a base exchange. This has already been fixed in trunk revision 5948 and applying the change fixes it good.