Merge lp:~stefan.goetz-deactivatedaccount/hipl/style-check-hook-review into lp:hipl
- style-check-hook-review
- Merge into trunk
Proposed by
Stefan Götz
Status: | Merged |
---|---|
Merged at revision: | 5450 |
Proposed branch: | lp:~stefan.goetz-deactivatedaccount/hipl/style-check-hook-review |
Merge into: | lp:hipl |
Diff against target: |
20273 lines (+5450/-3693) 135 files modified
.uncrustify-0.57.cfg (+1376/-0) .uncrustify.cfg (+15/-15) firewall/cache.c (+20/-20) firewall/conntrack.c (+91/-93) firewall/dlist.c (+1/-0) firewall/esp_prot_api.c (+123/-126) firewall/esp_prot_api.h (+10/-10) firewall/esp_prot_config.c (+19/-23) firewall/esp_prot_conntrack.c (+74/-76) firewall/esp_prot_fw_msg.c (+58/-58) firewall/esp_prot_fw_msg.h (+3/-3) firewall/file_buffer.c (+6/-6) firewall/firewall.c (+97/-100) firewall/firewall_control.c (+8/-8) firewall/firewall_defines.h (+30/-30) firewall/helpers.c (+1/-1) firewall/line_parser.c (+2/-2) firewall/lsi.c (+21/-21) firewall/midauth.c (+26/-26) firewall/pisa.c (+28/-27) firewall/pisa_cert.c (+5/-5) firewall/port_bindings.c (+23/-28) firewall/reinject.c (+47/-47) firewall/rule_management.c (+42/-42) firewall/rule_management.h (+12/-12) firewall/sysopp.c (+6/-6) firewall/user_ipsec_api.c (+22/-22) firewall/user_ipsec_api.h (+1/-1) firewall/user_ipsec_esp.c (+44/-44) firewall/user_ipsec_fw_msg.c (+51/-51) firewall/user_ipsec_sadb.c (+28/-29) firewall/user_ipsec_sadb.h (+23/-23) hipd/accessor.c (+1/-1) hipd/accessor.h (+0/-1) hipd/cert.c (+103/-103) hipd/close.c (+36/-36) hipd/configfilereader.c (+3/-3) hipd/configfilereader.h (+1/-1) hipd/cookie.c (+20/-22) hipd/dh.c (+2/-2) hipd/esp_prot_anchordb.c (+14/-14) hipd/esp_prot_hipd_msg.c (+115/-116) hipd/esp_prot_light_update.c (+13/-13) hipd/esp_prot_light_update.h (+1/-1) hipd/hadb.c (+54/-54) hipd/hadb.h (+1/-1) hipd/hadb_legacy.c (+4/-4) hipd/hidb.c (+59/-61) hipd/hidb.h (+4/-4) hipd/hip_socket.c (+13/-13) hipd/hipd.c (+39/-41) hipd/hipd.h (+6/-6) hipd/hiprelay.c (+49/-48) hipd/hiprelay.h (+7/-7) hipd/hit_to_ip.c (+8/-8) hipd/init.c (+45/-48) hipd/input.c (+137/-137) hipd/keymat.c (+22/-23) hipd/maintenance.c (+23/-22) hipd/nat.c (+1/-1) hipd/netdev.c (+80/-83) hipd/nsupdate.c (+17/-17) hipd/oppdb.c (+29/-28) hipd/oppdb.h (+6/-6) hipd/oppipdb.c (+3/-3) hipd/output.c (+81/-81) hipd/pkt_handling.c (+9/-10) hipd/registration.c (+42/-42) hipd/registration.h (+3/-3) hipd/user.c (+39/-42) hipd/user_ipsec_hipd_msg.c (+4/-4) hipd/user_ipsec_sadb_api.c (+4/-4) lib/core/builder.c (+182/-182) lib/core/builder.h (+2/-2) lib/core/capability.c (+6/-6) lib/core/certtools.c (+80/-80) lib/core/certtools.h (+4/-4) lib/core/common.h (+10/-10) lib/core/conf.c (+84/-86) lib/core/conf.h (+1/-1) lib/core/crypto.c (+39/-39) lib/core/crypto.h (+4/-4) lib/core/debug.c (+55/-55) lib/core/debug.h (+15/-15) lib/core/filemanip.c (+8/-8) lib/core/hashchain.c (+5/-7) lib/core/hashchain.h (+7/-7) lib/core/hashchain_store.c (+63/-63) lib/core/hashchain_store.h (+9/-9) lib/core/hashtree.c (+26/-26) lib/core/hashtree.h (+19/-19) lib/core/hostid.c (+67/-69) lib/core/hostsfiles.c (+16/-16) lib/core/icomm.h (+1/-1) lib/core/keylen.c (+0/-2) lib/core/linkedlist.c (+9/-9) lib/core/linkedlist.h (+3/-3) lib/core/message.c (+41/-41) lib/core/modularization.c (+18/-20) lib/core/modularization.h (+6/-6) lib/core/performance.c (+4/-4) lib/core/performance.h (+8/-8) lib/core/prefix.c (+13/-14) lib/core/prefix.h (+10/-10) lib/core/protodefs.h (+79/-79) lib/core/solve.c (+8/-8) lib/core/state.h (+94/-94) lib/core/statistics.c (+2/-3) lib/core/transform.c (+5/-5) lib/tool/checksum.c (+39/-40) lib/tool/lutil.c (+6/-6) lib/tool/nlink.c (+85/-86) lib/tool/nlink.h (+3/-3) lib/tool/pk.c (+18/-18) lib/tool/xfrmapi.c (+29/-29) lib/tool/xfrmapi.h (+1/-1) modules/heartbeat/hipd/heartbeat.c (+63/-64) modules/heartbeat_update/hipd/hb_update.c (+4/-5) modules/update/hipd/update.c (+101/-106) modules/update/hipd/update_builder.c (+6/-6) modules/update/hipd/update_legacy.c (+4/-4) test/auth_performance.c (+17/-17) test/certteststub.c (+9/-9) test/check_firewall.c (+1/-1) test/check_lib_core.c (+3/-4) test/dh_performance.c (+86/-86) test/firewall/file_buffer.c (+8/-8) test/firewall/line_parser.c (+4/-4) test/firewall/port_bindings.c (+1/-1) test/fw_port_bindings_performance.c (+36/-36) test/hc_performance.c (+55/-55) test/lib/core/hit.c (+8/-9) test/lib/core/straddr.c (+3/-3) tools/bazaar/plugins/stylecheck.py (+438/-0) tools/pisacert.c (+8/-8) |
To merge this branch: | bzr merge lp:~stefan.goetz-deactivatedaccount/hipl/style-check-hook-review |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Stefan Götz (community) | Approve | ||
Review via email: mp+45857@code.launchpad.net |
Commit message
Description of the change
1) a pre-commit hook for bazaar that aborts a commit if the code to be committed does not adhere to the HIPL style guide lines.
2) all HIPL code has been automatically beautified so that the pre-commit hook only complains about newly introduced style violations.
To post a comment you must log in.
Revision history for this message
Stefan Götz (stefan.goetz-deactivatedaccount) wrote : | # |
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === added file '.uncrustify-0.57.cfg' |
2 | --- .uncrustify-0.57.cfg 1970-01-01 00:00:00 +0000 |
3 | +++ .uncrustify-0.57.cfg 2011-01-11 14:04:40 +0000 |
4 | @@ -0,0 +1,1376 @@ |
5 | +# Uncrustify 0.57 |
6 | + |
7 | +# |
8 | +# General options |
9 | +# |
10 | + |
11 | +# The type of line endings |
12 | +newlines = lf # auto/lf/crlf/cr |
13 | + |
14 | +# The original size of tabs in the input |
15 | +input_tab_size = 8 # number |
16 | + |
17 | +# The size of tabs in the output (only used if align_with_tabs=true) |
18 | +output_tab_size = 4 # number |
19 | + |
20 | +# The ASCII value of the string escape char, usually 92 (\) or 94 (^). (Pawn) |
21 | +string_escape_char = 92 # number |
22 | + |
23 | +# Alternate string escape char for Pawn. Only works right before the quote char. |
24 | +string_escape_char2 = 0 # number |
25 | + |
26 | +# |
27 | +# Indenting |
28 | +# |
29 | + |
30 | +# The number of columns to indent per level. |
31 | +# Usually 2, 3, 4, or 8. |
32 | +indent_columns = 4 # number |
33 | + |
34 | +# The continuation indent. If non-zero, this overrides the indent of '(' and '=' continuation indents. |
35 | +# For FreeBSD, this is set to 4. |
36 | +indent_continue = 0 # number |
37 | + |
38 | +# How to use tabs when indenting code |
39 | +# 0=spaces only |
40 | +# 1=indent with tabs to brace level, align with spaces |
41 | +# 2=indent and align with tabs, using spaces when not on a tabstop |
42 | +indent_with_tabs = 0 # number |
43 | + |
44 | +# Comments that are not a brace level are indented with tabs on a tabstop. |
45 | +# Requires indent_with_tabs=2. If false, will use spaces. |
46 | +indent_cmt_with_tabs = false # false/true |
47 | + |
48 | +# Whether to indent strings broken by '\' so that they line up |
49 | +indent_align_string = true # false/true |
50 | + |
51 | +# The number of spaces to indent multi-line XML strings. |
52 | +# Requires indent_align_string=True |
53 | +indent_xml_string = 0 # number |
54 | + |
55 | +# Spaces to indent '{' from level |
56 | +indent_brace = 0 # number |
57 | + |
58 | +# Whether braces are indented to the body level |
59 | +indent_braces = false # false/true |
60 | + |
61 | +# Disabled indenting function braces if indent_braces is true |
62 | +indent_braces_no_func = false # false/true |
63 | + |
64 | +# Disabled indenting class braces if indent_braces is true |
65 | +indent_braces_no_class = false # false/true |
66 | + |
67 | +# Disabled indenting struct braces if indent_braces is true |
68 | +indent_braces_no_struct = false # false/true |
69 | + |
70 | +# Indent based on the size of the brace parent, i.e. 'if' => 3 spaces, 'for' => 4 spaces, etc. |
71 | +indent_brace_parent = false # false/true |
72 | + |
73 | +# Whether the 'namespace' body is indented |
74 | +indent_namespace = false # false/true |
75 | + |
76 | +# The number of spaces to indent a namespace block |
77 | +indent_namespace_level = 0 # number |
78 | + |
79 | +# If the body of the namespace is longer than this number, it won't be indented. |
80 | +# Requires indent_namespace=true. Default=0 (no limit) |
81 | +indent_namespace_limit = 0 # number |
82 | + |
83 | +# Whether the 'extern "C"' body is indented |
84 | +indent_extern = false # false/true |
85 | + |
86 | +# Whether the 'class' body is indented |
87 | +indent_class = false # false/true |
88 | + |
89 | +# Whether to indent the stuff after a leading class colon |
90 | +indent_class_colon = false # false/true |
91 | + |
92 | +# False=treat 'else\nif' as 'else if' for indenting purposes |
93 | +# True=indent the 'if' one level |
94 | +indent_else_if = false # false/true |
95 | + |
96 | +# Amount to indent variable declarations after a open brace. neg=relative, pos=absolute |
97 | +indent_var_def_blk = 0 # number |
98 | + |
99 | +# Indent continued variable declarations instead of aligning. |
100 | +indent_var_def_cont = false # false/true |
101 | + |
102 | +# True: indent continued function call parameters one indent level |
103 | +# False: align parameters under the open paren |
104 | +indent_func_call_param = false # false/true |
105 | + |
106 | +# Same as indent_func_call_param, but for function defs |
107 | +indent_func_def_param = false # false/true |
108 | + |
109 | +# Same as indent_func_call_param, but for function protos |
110 | +indent_func_proto_param = false # false/true |
111 | + |
112 | +# Same as indent_func_call_param, but for class declarations |
113 | +indent_func_class_param = false # false/true |
114 | + |
115 | +# Same as indent_func_call_param, but for class variable constructors |
116 | +indent_func_ctor_var_param = false # false/true |
117 | + |
118 | +# Same as indent_func_call_param, but for templates |
119 | +indent_template_param = false # false/true |
120 | + |
121 | +# Double the indent for indent_func_xxx_param options |
122 | +indent_func_param_double = false # false/true |
123 | + |
124 | +# Indentation column for standalone 'const' function decl/proto qualifier |
125 | +indent_func_const = 0 # number |
126 | + |
127 | +# Indentation column for standalone 'throw' function decl/proto qualifier |
128 | +indent_func_throw = 0 # number |
129 | + |
130 | +# The number of spaces to indent a continued '->' or '.' |
131 | +# Usually set to 0, 1, or indent_columns. |
132 | +indent_member = 0 # number |
133 | + |
134 | +# Spaces to indent single line ('//') comments on lines before code |
135 | +indent_sing_line_comments = 0 # number |
136 | + |
137 | +# If set, will indent trailing single line ('//') comments relative |
138 | +# to the code instead of trying to keep the same absolute column |
139 | +indent_relative_single_line_comments = false # false/true |
140 | + |
141 | +# Spaces to indent 'case' from 'switch' |
142 | +# Usually 0 or indent_columns. |
143 | +indent_switch_case = 0 # number |
144 | + |
145 | +# Spaces to shift the 'case' line, without affecting any other lines |
146 | +# Usually 0. |
147 | +indent_case_shift = 0 # number |
148 | + |
149 | +# Spaces to indent '{' from 'case'. |
150 | +# By default, the brace will appear under the 'c' in case. |
151 | +# Usually set to 0 or indent_columns. |
152 | +indent_case_brace = 0 # number |
153 | + |
154 | +# Whether to indent comments found in first column |
155 | +indent_col1_comment = false # false/true |
156 | + |
157 | +# How to indent goto labels |
158 | +# >0 : absolute column where 1 is the leftmost column |
159 | +# <=0 : subtract from brace indent |
160 | +indent_label = 1 # number |
161 | + |
162 | +# Same as indent_label, but for access specifiers that are followed by a colon |
163 | +indent_access_spec = 1 # number |
164 | + |
165 | +# Indent the code after an access specifier by one level. |
166 | +# If set, this option forces 'indent_access_spec=0' |
167 | +indent_access_spec_body = false # false/true |
168 | + |
169 | +# If an open paren is followed by a newline, indent the next line so that it lines up after the open paren (not recommended) |
170 | +indent_paren_nl = false # false/true |
171 | + |
172 | +# Controls the indent of a close paren after a newline. |
173 | +# 0: Indent to body level |
174 | +# 1: Align under the open paren |
175 | +# 2: Indent to the brace level |
176 | +indent_paren_close = 0 # number |
177 | + |
178 | +# Controls the indent of a comma when inside a paren.If TRUE, aligns under the open paren |
179 | +indent_comma_paren = false # false/true |
180 | + |
181 | +# Controls the indent of a BOOL operator when inside a paren.If TRUE, aligns under the open paren |
182 | +indent_bool_paren = false # false/true |
183 | + |
184 | +# If 'indent_bool_paren' is true, controls the indent of the first expression. If TRUE, aligns the first expression to the following ones |
185 | +indent_first_bool_expr = false # false/true |
186 | + |
187 | +# If an open square is followed by a newline, indent the next line so that it lines up after the open square (not recommended) |
188 | +indent_square_nl = false # false/true |
189 | + |
190 | +# Don't change the relative indent of ESQL/C 'EXEC SQL' bodies |
191 | +indent_preserve_sql = false # false/true |
192 | + |
193 | +# Align continued statements at the '='. Default=True |
194 | +# If FALSE or the '=' is followed by a newline, the next line is indent one tab. |
195 | +indent_align_assign = true # false/true |
196 | + |
197 | +# |
198 | +# Spacing options |
199 | +# |
200 | + |
201 | +# Add or remove space around arithmetic operator '+', '-', '/', '*', etc |
202 | +sp_arith = add # ignore/add/remove/force |
203 | + |
204 | +# Add or remove space around assignment operator '=', '+=', etc |
205 | +sp_assign = add # ignore/add/remove/force |
206 | + |
207 | +# Add or remove space around assignment operator '=' in a prototype |
208 | +sp_assign_default = add # ignore/add/remove/force |
209 | + |
210 | +# Add or remove space before assignment operator '=', '+=', etc. Overrides sp_assign. |
211 | +sp_before_assign = ignore # ignore/add/remove/force |
212 | + |
213 | +# Add or remove space after assignment operator '=', '+=', etc. Overrides sp_assign. |
214 | +sp_after_assign = ignore # ignore/add/remove/force |
215 | + |
216 | +# Add or remove space around assignment '=' in enum |
217 | +sp_enum_assign = add # ignore/add/remove/force |
218 | + |
219 | +# Add or remove space before assignment '=' in enum. Overrides sp_enum_assign. |
220 | +sp_enum_before_assign = ignore # ignore/add/remove/force |
221 | + |
222 | +# Add or remove space after assignment '=' in enum. Overrides sp_enum_assign. |
223 | +sp_enum_after_assign = ignore # ignore/add/remove/force |
224 | + |
225 | +# Add or remove space around preprocessor '##' concatenation operator. Default=Add |
226 | +sp_pp_concat = add # ignore/add/remove/force |
227 | + |
228 | +# Add or remove space after preprocessor '#' stringify operator. Also affects the '#@' charizing operator. Default=Add |
229 | +sp_pp_stringify = add # ignore/add/remove/force |
230 | + |
231 | +# Add or remove space around boolean operators '&&' and '||' |
232 | +sp_bool = add # ignore/add/remove/force |
233 | + |
234 | +# Add or remove space around compare operator '<', '>', '==', etc |
235 | +sp_compare = add # ignore/add/remove/force |
236 | + |
237 | +# Add or remove space inside '(' and ')' |
238 | +sp_inside_paren = remove # ignore/add/remove/force |
239 | + |
240 | +# Add or remove space between nested parens |
241 | +sp_paren_paren = remove # ignore/add/remove/force |
242 | + |
243 | +# Whether to balance spaces inside nested parens |
244 | +sp_balance_nested_parens = false # false/true |
245 | + |
246 | +# Add or remove space between ')' and '{' |
247 | +sp_paren_brace = force # ignore/add/remove/force |
248 | + |
249 | +# Add or remove space before pointer star '*' |
250 | +sp_before_ptr_star = add # ignore/add/remove/force |
251 | + |
252 | +# Add or remove space before pointer star '*' that isn't followed by a variable name |
253 | +# If set to 'ignore', sp_before_ptr_star is used instead. |
254 | +sp_before_unnamed_ptr_star = ignore # ignore/add/remove/force |
255 | + |
256 | +# Add or remove space between pointer stars '*' |
257 | +sp_between_ptr_star = remove # ignore/add/remove/force |
258 | + |
259 | +# Add or remove space after pointer star '*', if followed by a word. |
260 | +sp_after_ptr_star = remove # ignore/add/remove/force |
261 | + |
262 | +# Add or remove space after a pointer star '*', if followed by a func proto/def. |
263 | +sp_after_ptr_star_func = remove # ignore/add/remove/force |
264 | + |
265 | +# Add or remove space before a pointer star '*', if followed by a func proto/def. |
266 | +sp_before_ptr_star_func = ignore # ignore/add/remove/force |
267 | + |
268 | +# Add or remove space before a reference sign '&' |
269 | +sp_before_byref = force # ignore/add/remove/force |
270 | + |
271 | +# Add or remove space before a reference sign '&' that isn't followed by a variable name |
272 | +# If set to 'ignore', sp_before_byref is used instead. |
273 | +sp_before_unnamed_byref = add # ignore/add/remove/force |
274 | + |
275 | +# Add or remove space after reference sign '&', if followed by a word. |
276 | +sp_after_byref = ignore # ignore/add/remove/force |
277 | + |
278 | +# Add or remove space after a reference sign '&', if followed by a func proto/def. |
279 | +sp_after_byref_func = ignore # ignore/add/remove/force |
280 | + |
281 | +# Add or remove space before a reference sign '&', if followed by a func proto/def. |
282 | +sp_before_byref_func = ignore # ignore/add/remove/force |
283 | + |
284 | +# Add or remove space between type and word. Default=Force |
285 | +sp_after_type = ignore # ignore/add/remove/force |
286 | + |
287 | +# Add or remove space in 'template <' vs 'template<'. |
288 | +# If set to ignore, sp_before_angle is used. |
289 | +sp_template_angle = ignore # ignore/add/remove/force |
290 | + |
291 | +# Add or remove space before '<>' |
292 | +sp_before_angle = ignore # ignore/add/remove/force |
293 | + |
294 | +# Add or remove space inside '<' and '>' |
295 | +sp_inside_angle = ignore # ignore/add/remove/force |
296 | + |
297 | +# Add or remove space after '<>' |
298 | +sp_after_angle = ignore # ignore/add/remove/force |
299 | + |
300 | +# Add or remove space between '<>' and '(' as found in 'new List<byte>();' |
301 | +sp_angle_paren = ignore # ignore/add/remove/force |
302 | + |
303 | +# Add or remove space between '<>' and a word as in 'List<byte> m;' |
304 | +sp_angle_word = ignore # ignore/add/remove/force |
305 | + |
306 | +# Add or remove space between '>' and '>' in '>>' (template stuff C++/C# only). Default=Add |
307 | +sp_angle_shift = add # ignore/add/remove/force |
308 | + |
309 | +# Add or remove space before '(' of 'if', 'for', 'switch', and 'while' |
310 | +sp_before_sparen = add # ignore/add/remove/force |
311 | + |
312 | +# Add or remove space inside if-condition '(' and ')' |
313 | +sp_inside_sparen = remove # ignore/add/remove/force |
314 | + |
315 | +# Add or remove space before if-condition ')'. Overrides sp_inside_sparen. |
316 | +sp_inside_sparen_close = ignore # ignore/add/remove/force |
317 | + |
318 | +# Add or remove space after ')' of 'if', 'for', 'switch', and 'while' |
319 | +sp_after_sparen = ignore # ignore/add/remove/force |
320 | + |
321 | +# Add or remove space between ')' and '{' of 'if', 'for', 'switch', and 'while' |
322 | +sp_sparen_brace = add # ignore/add/remove/force |
323 | + |
324 | +# Add or remove space between 'invariant' and '(' in the D language. |
325 | +sp_invariant_paren = ignore # ignore/add/remove/force |
326 | + |
327 | +# Add or remove space after the ')' in 'invariant (C) c' in the D language. |
328 | +sp_after_invariant_paren = ignore # ignore/add/remove/force |
329 | + |
330 | +# Add or remove space before empty statement ';' on 'if', 'for' and 'while' |
331 | +sp_special_semi = add # ignore/add/remove/force |
332 | + |
333 | +# Add or remove space before ';'. Default=Remove |
334 | +sp_before_semi = remove # ignore/add/remove/force |
335 | + |
336 | +# Add or remove space before ';' in non-empty 'for' statements |
337 | +sp_before_semi_for = ignore # ignore/add/remove/force |
338 | + |
339 | +# Add or remove space before a semicolon of an empty part of a for statement. |
340 | +sp_before_semi_for_empty = ignore # ignore/add/remove/force |
341 | + |
342 | +# Add or remove space after ';', except when followed by a comment. Default=Add |
343 | +sp_after_semi = add # ignore/add/remove/force |
344 | + |
345 | +# Add or remove space after ';' in non-empty 'for' statements. Default=Force |
346 | +sp_after_semi_for = force # ignore/add/remove/force |
347 | + |
348 | +# Add or remove space after the final semicolon of an empty part of a for statement: for ( ; ; <here> ). |
349 | +sp_after_semi_for_empty = ignore # ignore/add/remove/force |
350 | + |
351 | +# Add or remove space before '[' (except '[]') |
352 | +sp_before_square = remove # ignore/add/remove/force |
353 | + |
354 | +# Add or remove space before '[]' |
355 | +sp_before_squares = ignore # ignore/add/remove/force |
356 | + |
357 | +# Add or remove space inside '[' and ']' |
358 | +sp_inside_square = ignore # ignore/add/remove/force |
359 | + |
360 | +# Add or remove space after ',' |
361 | +sp_after_comma = add # ignore/add/remove/force |
362 | + |
363 | +# Add or remove space before ',' |
364 | +sp_before_comma = remove # ignore/add/remove/force |
365 | + |
366 | +# Add or remove space between an open paren and comma: '(,' vs '( ,' |
367 | +sp_paren_comma = force # ignore/add/remove/force |
368 | + |
369 | +# Add or remove space before the variadic '...' when preceded by a non-punctuator |
370 | +sp_before_ellipsis = ignore # ignore/add/remove/force |
371 | + |
372 | +# Add or remove space after class ':' |
373 | +sp_after_class_colon = ignore # ignore/add/remove/force |
374 | + |
375 | +# Add or remove space before class ':' |
376 | +sp_before_class_colon = ignore # ignore/add/remove/force |
377 | + |
378 | +# Add or remove space before case ':'. Default=Remove |
379 | +sp_before_case_colon = remove # ignore/add/remove/force |
380 | + |
381 | +# Add or remove space between 'operator' and operator sign |
382 | +sp_after_operator = ignore # ignore/add/remove/force |
383 | + |
384 | +# Add or remove space between the operator symbol and the open paren, as in 'operator ++(' |
385 | +sp_after_operator_sym = ignore # ignore/add/remove/force |
386 | + |
387 | +# Add or remove space after C/D cast, i.e. 'cast(int)a' vs 'cast(int) a' or '(int)a' vs '(int) a' |
388 | +sp_after_cast = add # ignore/add/remove/force |
389 | + |
390 | +# Add or remove spaces inside cast parens |
391 | +sp_inside_paren_cast = ignore # ignore/add/remove/force |
392 | + |
393 | +# Add or remove space between the type and open paren in a C++ cast, i.e. 'int(exp)' vs 'int (exp)' |
394 | +sp_cpp_cast_paren = ignore # ignore/add/remove/force |
395 | + |
396 | +# Add or remove space between 'sizeof' and '(' |
397 | +sp_sizeof_paren = remove # ignore/add/remove/force |
398 | + |
399 | +# Add or remove space after the tag keyword (Pawn) |
400 | +sp_after_tag = ignore # ignore/add/remove/force |
401 | + |
402 | +# Add or remove space inside enum '{' and '}' |
403 | +sp_inside_braces_enum = add # ignore/add/remove/force |
404 | + |
405 | +# Add or remove space inside struct/union '{' and '}' |
406 | +sp_inside_braces_struct = add # ignore/add/remove/force |
407 | + |
408 | +# Add or remove space inside '{' and '}' |
409 | +sp_inside_braces = add # ignore/add/remove/force |
410 | + |
411 | +# Add or remove space inside '{}' |
412 | +sp_inside_braces_empty = remove # ignore/add/remove/force |
413 | + |
414 | +# Add or remove space between return type and function name |
415 | +# A minimum of 1 is forced except for pointer return types. |
416 | +sp_type_func = ignore # ignore/add/remove/force |
417 | + |
418 | +# Add or remove space between function name and '(' on function declaration |
419 | +sp_func_proto_paren = remove # ignore/add/remove/force |
420 | + |
421 | +# Add or remove space between function name and '(' on function definition |
422 | +sp_func_def_paren = remove # ignore/add/remove/force |
423 | + |
424 | +# Add or remove space inside empty function '()' |
425 | +sp_inside_fparens = remove # ignore/add/remove/force |
426 | + |
427 | +# Add or remove space inside function '(' and ')' |
428 | +sp_inside_fparen = remove # ignore/add/remove/force |
429 | + |
430 | +# Add or remove space between ']' and '(' when part of a function call. |
431 | +sp_square_fparen = ignore # ignore/add/remove/force |
432 | + |
433 | +# Add or remove space between ')' and '{' of function |
434 | +sp_fparen_brace = add # ignore/add/remove/force |
435 | + |
436 | +# Add or remove space between function name and '(' on function calls |
437 | +sp_func_call_paren = remove # ignore/add/remove/force |
438 | + |
439 | +# Add or remove space between function name and '()' on function calls without parameters. |
440 | +# If set to 'ignore' (the default), sp_func_call_paren is used. |
441 | +sp_func_call_paren_empty = ignore # ignore/add/remove/force |
442 | + |
443 | +# Add or remove space between the user function name and '(' on function calls |
444 | +# You need to set a keyword to be a user function, like this: 'set func_call_user _' in the config file. |
445 | +sp_func_call_user_paren = ignore # ignore/add/remove/force |
446 | + |
447 | +# Add or remove space between a constructor/destructor and the open paren |
448 | +sp_func_class_paren = ignore # ignore/add/remove/force |
449 | + |
450 | +# Add or remove space between 'return' and '(' |
451 | +sp_return_paren = ignore # ignore/add/remove/force |
452 | + |
453 | +# Add or remove space between '__attribute__' and '(' |
454 | +sp_attribute_paren = ignore # ignore/add/remove/force |
455 | + |
456 | +# Add or remove space between 'defined' and '(' in '#if defined (FOO)' |
457 | +sp_defined_paren = ignore # ignore/add/remove/force |
458 | + |
459 | +# Add or remove space between 'throw' and '(' in 'throw (something)' |
460 | +sp_throw_paren = ignore # ignore/add/remove/force |
461 | + |
462 | +# Add or remove space between macro and value |
463 | +sp_macro = ignore # ignore/add/remove/force |
464 | + |
465 | +# Add or remove space between macro function ')' and value |
466 | +sp_macro_func = ignore # ignore/add/remove/force |
467 | + |
468 | +# Add or remove space between 'else' and '{' if on the same line |
469 | +sp_else_brace = force # ignore/add/remove/force |
470 | + |
471 | +# Add or remove space between '}' and 'else' if on the same line |
472 | +sp_brace_else = add # ignore/add/remove/force |
473 | + |
474 | +# Add or remove space between '}' and the name of a typedef on the same line |
475 | +sp_brace_typedef = add # ignore/add/remove/force |
476 | + |
477 | +# Add or remove space between 'catch' and '{' if on the same line |
478 | +sp_catch_brace = ignore # ignore/add/remove/force |
479 | + |
480 | +# Add or remove space between '}' and 'catch' if on the same line |
481 | +sp_brace_catch = ignore # ignore/add/remove/force |
482 | + |
483 | +# Add or remove space between 'finally' and '{' if on the same line |
484 | +sp_finally_brace = ignore # ignore/add/remove/force |
485 | + |
486 | +# Add or remove space between '}' and 'finally' if on the same line |
487 | +sp_brace_finally = ignore # ignore/add/remove/force |
488 | + |
489 | +# Add or remove space between 'try' and '{' if on the same line |
490 | +sp_try_brace = ignore # ignore/add/remove/force |
491 | + |
492 | +# Add or remove space between get/set and '{' if on the same line |
493 | +sp_getset_brace = ignore # ignore/add/remove/force |
494 | + |
495 | +# Add or remove space before the '::' operator |
496 | +sp_before_dc = ignore # ignore/add/remove/force |
497 | + |
498 | +# Add or remove space after the '::' operator |
499 | +sp_after_dc = ignore # ignore/add/remove/force |
500 | + |
501 | +# Add or remove around the D named array initializer ':' operator |
502 | +sp_d_array_colon = ignore # ignore/add/remove/force |
503 | + |
504 | +# Add or remove space after the '!' (not) operator. Default=Remove |
505 | +sp_not = remove # ignore/add/remove/force |
506 | + |
507 | +# Add or remove space after the '~' (invert) operator. Default=Remove |
508 | +sp_inv = remove # ignore/add/remove/force |
509 | + |
510 | +# Add or remove space after the '&' (address-of) operator. Default=Remove |
511 | +# This does not affect the spacing after a '&' that is part of a type. |
512 | +sp_addr = remove # ignore/add/remove/force |
513 | + |
514 | +# Add or remove space around the '.' or '->' operators. Default=Remove |
515 | +sp_member = remove # ignore/add/remove/force |
516 | + |
517 | +# Add or remove space after the '*' (dereference) operator. Default=Remove |
518 | +# This does not affect the spacing after a '*' that is part of a type. |
519 | +sp_deref = remove # ignore/add/remove/force |
520 | + |
521 | +# Add or remove space after '+' or '-', as in 'x = -5' or 'y = +7'. Default=Remove |
522 | +sp_sign = remove # ignore/add/remove/force |
523 | + |
524 | +# Add or remove space before or after '++' and '--', as in '(--x)' or 'y++;'. Default=Remove |
525 | +sp_incdec = remove # ignore/add/remove/force |
526 | + |
527 | +# Add or remove space before a backslash-newline at the end of a line. Default=Add |
528 | +sp_before_nl_cont = add # ignore/add/remove/force |
529 | + |
530 | +# Add or remove space after the scope '+' or '-', as in '-(void) foo;' or '+(int) bar;' |
531 | +sp_after_oc_scope = ignore # ignore/add/remove/force |
532 | + |
533 | +# Add or remove space after the colon in message specs |
534 | +# '-(int) f:(int) x;' vs '-(int) f: (int) x;' |
535 | +sp_after_oc_colon = ignore # ignore/add/remove/force |
536 | + |
537 | +# Add or remove space before the colon in message specs |
538 | +# '-(int) f: (int) x;' vs '-(int) f : (int) x;' |
539 | +sp_before_oc_colon = ignore # ignore/add/remove/force |
540 | + |
541 | +# Add or remove space after the colon in message specs |
542 | +# '[object setValue:1];' vs '[object setValue: 1];' |
543 | +sp_after_send_oc_colon = ignore # ignore/add/remove/force |
544 | + |
545 | +# Add or remove space before the colon in message specs |
546 | +# '[object setValue:1];' vs '[object setValue :1];' |
547 | +sp_before_send_oc_colon = ignore # ignore/add/remove/force |
548 | + |
549 | +# Add or remove space after the (type) in message specs |
550 | +# '-(int)f: (int) x;' vs '-(int)f: (int)x;' |
551 | +sp_after_oc_type = ignore # ignore/add/remove/force |
552 | + |
553 | +# Add or remove space after the first (type) in message specs |
554 | +# '-(int) f:(int)x;' vs '-(int)f:(int)x;' |
555 | +sp_after_oc_return_type = ignore # ignore/add/remove/force |
556 | + |
557 | +# Add or remove space between '@selector' and '(' |
558 | +# '@selector(msgName)' vs '@selector (msgName)' |
559 | +# Also applies to @protocol() constructs |
560 | +sp_after_oc_at_sel = ignore # ignore/add/remove/force |
561 | + |
562 | +# Add or remove space between '@selector(x)' and the following word |
563 | +# '@selector(foo) a:' vs '@selector(foo)a:' |
564 | +sp_after_oc_at_sel_parens = ignore # ignore/add/remove/force |
565 | + |
566 | +# Add or remove space inside '@selector' parens |
567 | +# '@selector(foo)' vs '@selector( foo )' |
568 | +# Also applies to @protocol() constructs |
569 | +sp_inside_oc_at_sel_parens = ignore # ignore/add/remove/force |
570 | + |
571 | +# Add or remove space before a block pointer caret |
572 | +# '^int (int arg){...}' vs. ' ^int (int arg){...}' |
573 | +sp_before_oc_block_caret = ignore # ignore/add/remove/force |
574 | + |
575 | +# Add or remove space after a block pointer caret |
576 | +# '^int (int arg){...}' vs. '^ int (int arg){...}' |
577 | +sp_after_oc_block_caret = ignore # ignore/add/remove/force |
578 | + |
579 | +# Add or remove space around the ':' in 'b ? t : f' |
580 | +sp_cond_colon = add # ignore/add/remove/force |
581 | + |
582 | +# Add or remove space around the '?' in 'b ? t : f' |
583 | +sp_cond_question = add # ignore/add/remove/force |
584 | + |
585 | +# Fix the spacing between 'case' and the label. Only 'ignore' and 'force' make sense here. |
586 | +sp_case_label = ignore # ignore/add/remove/force |
587 | + |
588 | +# Control the space around the D '..' operator. |
589 | +sp_range = ignore # ignore/add/remove/force |
590 | + |
591 | +# Control the space after the opening of a C++ comment '// A' vs '//A' |
592 | +sp_cmt_cpp_start = ignore # ignore/add/remove/force |
593 | + |
594 | +# Controls the spaces between #else or #endif and a trailing comment |
595 | +sp_endif_cmt = force # ignore/add/remove/force |
596 | + |
597 | +# |
598 | +# Code alignment (not left column spaces/tabs) |
599 | +# |
600 | + |
601 | +# Whether to keep non-indenting tabs |
602 | +align_keep_tabs = false # false/true |
603 | + |
604 | +# Whether to use tabs for aligning |
605 | +align_with_tabs = false # false/true |
606 | + |
607 | +# Whether to bump out to the next tab when aligning |
608 | +align_on_tabstop = false # false/true |
609 | + |
610 | +# Whether to left-align numbers |
611 | +align_number_left = false # false/true |
612 | + |
613 | +# Align variable definitions in prototypes and functions |
614 | +align_func_params = false # false/true |
615 | + |
616 | +# Align parameters in single-line functions that have the same name. |
617 | +# The function names must already be aligned with each other. |
618 | +align_same_func_call_params = false # false/true |
619 | + |
620 | +# The span for aligning variable definitions (0=don't align) |
621 | +align_var_def_span = 1 # number |
622 | + |
623 | +# How to align the star in variable definitions. |
624 | +# 0=Part of the type 'void * foo;' |
625 | +# 1=Part of the variable 'void *foo;' |
626 | +# 2=Dangling 'void *foo;' |
627 | +align_var_def_star_style = 2 # number |
628 | + |
629 | +# How to align the '&' in variable definitions. |
630 | +# 0=Part of the type |
631 | +# 1=Part of the variable |
632 | +# 2=Dangling |
633 | +align_var_def_amp_style = 0 # number |
634 | + |
635 | +# The threshold for aligning variable definitions (0=no limit) |
636 | +align_var_def_thresh = 0 # number |
637 | + |
638 | +# The gap for aligning variable definitions |
639 | +align_var_def_gap = 0 # number |
640 | + |
641 | +# Whether to align the colon in struct bit fields |
642 | +align_var_def_colon = false # false/true |
643 | + |
644 | +# Whether to align any attribute after the variable name |
645 | +align_var_def_attribute = false # false/true |
646 | + |
647 | +# Whether to align inline struct/enum/union variable definitions |
648 | +align_var_def_inline = false # false/true |
649 | + |
650 | +# The span for aligning on '=' in assignments (0=don't align) |
651 | +align_assign_span = 1 # number |
652 | + |
653 | +# The threshold for aligning on '=' in assignments (0=no limit) |
654 | +align_assign_thresh = 0 # number |
655 | + |
656 | +# The span for aligning on '=' in enums (0=don't align) |
657 | +align_enum_equ_span = 1 # number |
658 | + |
659 | +# The threshold for aligning on '=' in enums (0=no limit) |
660 | +align_enum_equ_thresh = 0 # number |
661 | + |
662 | +# The span for aligning struct/union (0=don't align) |
663 | +align_var_struct_span = 1 # number |
664 | + |
665 | +# The threshold for aligning struct/union member definitions (0=no limit) |
666 | +align_var_struct_thresh = 0 # number |
667 | + |
668 | +# The gap for aligning struct/union member definitions |
669 | +align_var_struct_gap = 0 # number |
670 | + |
671 | +# The span for aligning struct initializer values (0=don't align) |
672 | +align_struct_init_span = 1 # number |
673 | + |
674 | +# The minimum space between the type and the synonym of a typedef |
675 | +align_typedef_gap = 0 # number |
676 | + |
677 | +# The span for aligning single-line typedefs (0=don't align) |
678 | +align_typedef_span = 0 # number |
679 | + |
680 | +# How to align typedef'd functions with other typedefs |
681 | +# 0: Don't mix them at all |
682 | +# 1: align the open paren with the types |
683 | +# 2: align the function type name with the other type names |
684 | +align_typedef_func = 0 # number |
685 | + |
686 | +# Controls the positioning of the '*' in typedefs. Just try it. |
687 | +# 0: Align on typedef type, ignore '*' |
688 | +# 1: The '*' is part of type name: typedef int *pint; |
689 | +# 2: The '*' is part of the type, but dangling: typedef int *pint; |
690 | +align_typedef_star_style = 0 # number |
691 | + |
692 | +# Controls the positioning of the '&' in typedefs. Just try it. |
693 | +# 0: Align on typedef type, ignore '&' |
694 | +# 1: The '&' is part of type name: typedef int &pint; |
695 | +# 2: The '&' is part of the type, but dangling: typedef int &pint; |
696 | +align_typedef_amp_style = 0 # number |
697 | + |
698 | +# The span for aligning comments that end lines (0=don't align) |
699 | +align_right_cmt_span = 0 # number |
700 | + |
701 | +# If aligning comments, mix with comments after '}' and #endif with less than 3 spaces before the comment |
702 | +align_right_cmt_mix = false # false/true |
703 | + |
704 | +# If a trailing comment is more than this number of columns away from the text it follows, |
705 | +# it will qualify for being aligned. This has to be > 0 to do anything. |
706 | +align_right_cmt_gap = 0 # number |
707 | + |
708 | +# Align trailing comment at or beyond column N; 'pulls in' comments as a bonus side effect (0=ignore) |
709 | +align_right_cmt_at_col = 0 # number |
710 | + |
711 | +# The span for aligning function prototypes (0=don't align) |
712 | +align_func_proto_span = 0 # number |
713 | + |
714 | +# Minimum gap between the return type and the function name. |
715 | +align_func_proto_gap = 0 # number |
716 | + |
717 | +# Align function protos on the 'operator' keyword instead of what follows |
718 | +align_on_operator = false # false/true |
719 | + |
720 | +# Whether to mix aligning prototype and variable declarations. |
721 | +# If true, align_var_def_XXX options are used instead of align_func_proto_XXX options. |
722 | +align_mix_var_proto = false # false/true |
723 | + |
724 | +# Align single-line functions with function prototypes, uses align_func_proto_span |
725 | +align_single_line_func = false # false/true |
726 | + |
727 | +# Aligning the open brace of single-line functions. |
728 | +# Requires align_single_line_func=true, uses align_func_proto_span |
729 | +align_single_line_brace = false # false/true |
730 | + |
731 | +# Gap for align_single_line_brace. |
732 | +align_single_line_brace_gap = 0 # number |
733 | + |
734 | +# The span for aligning ObjC msg spec (0=don't align) |
735 | +align_oc_msg_spec_span = 0 # number |
736 | + |
737 | +# Whether to align macros wrapped with a backslash and a newline. |
738 | +# This will not work right if the macro contains a multi-line comment. |
739 | +align_nl_cont = false # false/true |
740 | + |
741 | +# The minimum space between label and value of a preprocessor define |
742 | +align_pp_define_gap = 0 # number |
743 | + |
744 | +# The span for aligning on '#define' bodies (0=don't align) |
745 | +align_pp_define_span = 0 # number |
746 | + |
747 | +# Align lines that start with '<<' with previous '<<'. Default=true |
748 | +align_left_shift = true # false/true |
749 | + |
750 | +# Span for aligning parameters in an Obj-C message call on the ':' (0=don't align) |
751 | +align_oc_msg_colon_span = 0 # number |
752 | + |
753 | +# Aligning parameters in an Obj-C '+' or '-' declaration on the ':' |
754 | +align_oc_decl_colon = false # false/true |
755 | + |
756 | +# |
757 | +# Newline adding and removing options |
758 | +# |
759 | + |
760 | +# Whether to collapse empty blocks between '{' and '}' |
761 | +nl_collapse_empty_body = false # false/true |
762 | + |
763 | +# Don't split one-line braced assignments - 'foo_t f = { 1, 2 };' |
764 | +nl_assign_leave_one_liners = false # false/true |
765 | + |
766 | +# Don't split one-line braced statements inside a class xx { } body |
767 | +nl_class_leave_one_liners = false # false/true |
768 | + |
769 | +# Don't split one-line enums: 'enum foo { BAR = 15 };' |
770 | +nl_enum_leave_one_liners = false # false/true |
771 | + |
772 | +# Don't split one-line get or set functions |
773 | +nl_getset_leave_one_liners = false # false/true |
774 | + |
775 | +# Don't split one-line function definitions - 'int foo() { return 0; }' |
776 | +nl_func_leave_one_liners = false # false/true |
777 | + |
778 | +# Don't split one-line if/else statements - 'if(a) b++;' |
779 | +nl_if_leave_one_liners = false # false/true |
780 | + |
781 | +# Add or remove newlines at the start of the file |
782 | +nl_start_of_file = remove # ignore/add/remove/force |
783 | + |
784 | +# The number of newlines at the start of the file (only used if nl_start_of_file is 'add' or 'force' |
785 | +nl_start_of_file_min = 0 # number |
786 | + |
787 | +# Add or remove newline at the end of the file |
788 | +nl_end_of_file = force # ignore/add/remove/force |
789 | + |
790 | +# The number of newlines at the end of the file (only used if nl_end_of_file is 'add' or 'force') |
791 | +nl_end_of_file_min = 1 # number |
792 | + |
793 | +# Add or remove newline between '=' and '{' |
794 | +nl_assign_brace = ignore # ignore/add/remove/force |
795 | + |
796 | +# Add or remove newline between '=' and '[' (D only) |
797 | +nl_assign_square = ignore # ignore/add/remove/force |
798 | + |
799 | +# Add or remove newline after '= [' (D only). Will also affect the newline before the ']' |
800 | +nl_after_square_assign = ignore # ignore/add/remove/force |
801 | + |
802 | +# The number of blank lines after a block of variable definitions |
803 | +nl_func_var_def_blk = 0 # number |
804 | + |
805 | +# Add or remove newline between a function call's ')' and '{', as in: |
806 | +# list_for_each(item, &list) { } |
807 | +nl_fcall_brace = ignore # ignore/add/remove/force |
808 | + |
809 | +# Add or remove newline between 'enum' and '{' |
810 | +nl_enum_brace = remove # ignore/add/remove/force |
811 | + |
812 | +# Add or remove newline between 'struct and '{' |
813 | +nl_struct_brace = remove # ignore/add/remove/force |
814 | + |
815 | +# Add or remove newline between 'union' and '{' |
816 | +nl_union_brace = remove # ignore/add/remove/force |
817 | + |
818 | +# Add or remove newline between 'if' and '{' |
819 | +nl_if_brace = remove # ignore/add/remove/force |
820 | + |
821 | +# Add or remove newline between '}' and 'else' |
822 | +nl_brace_else = remove # ignore/add/remove/force |
823 | + |
824 | +# Add or remove newline between 'else if' and '{' |
825 | +# If set to ignore, nl_if_brace is used instead |
826 | +nl_elseif_brace = ignore # ignore/add/remove/force |
827 | + |
828 | +# Add or remove newline between 'else' and '{' |
829 | +nl_else_brace = remove # ignore/add/remove/force |
830 | + |
831 | +# Add or remove newline between 'else' and 'if' |
832 | +nl_else_if = remove # ignore/add/remove/force |
833 | + |
834 | +# Add or remove newline between '}' and 'finally' |
835 | +nl_brace_finally = ignore # ignore/add/remove/force |
836 | + |
837 | +# Add or remove newline between 'finally' and '{' |
838 | +nl_finally_brace = ignore # ignore/add/remove/force |
839 | + |
840 | +# Add or remove newline between 'try' and '{' |
841 | +nl_try_brace = ignore # ignore/add/remove/force |
842 | + |
843 | +# Add or remove newline between get/set and '{' |
844 | +nl_getset_brace = ignore # ignore/add/remove/force |
845 | + |
846 | +# Add or remove newline between 'for' and '{' |
847 | +nl_for_brace = remove # ignore/add/remove/force |
848 | + |
849 | +# Add or remove newline between 'catch' and '{' |
850 | +nl_catch_brace = ignore # ignore/add/remove/force |
851 | + |
852 | +# Add or remove newline between '}' and 'catch' |
853 | +nl_brace_catch = ignore # ignore/add/remove/force |
854 | + |
855 | +# Add or remove newline between 'while' and '{' |
856 | +nl_while_brace = remove # ignore/add/remove/force |
857 | + |
858 | +# Add or remove newline between 'using' and '{' |
859 | +nl_using_brace = ignore # ignore/add/remove/force |
860 | + |
861 | +# Add or remove newline between two open or close braces. |
862 | +# Due to general newline/brace handling, REMOVE may not work. |
863 | +nl_brace_brace = ignore # ignore/add/remove/force |
864 | + |
865 | +# Add or remove newline between 'do' and '{' |
866 | +nl_do_brace = remove # ignore/add/remove/force |
867 | + |
868 | +# Add or remove newline between '}' and 'while' of 'do' statement |
869 | +nl_brace_while = remove # ignore/add/remove/force |
870 | + |
871 | +# Add or remove newline between 'switch' and '{' |
872 | +nl_switch_brace = remove # ignore/add/remove/force |
873 | + |
874 | +# Add a newline between ')' and '{' if the ')' is on a different line than the if/for/etc. |
875 | +# Overrides nl_for_brace, nl_if_brace, nl_switch_brace, nl_while_switch, and nl_catch_brace. |
876 | +nl_multi_line_cond = false # false/true |
877 | + |
878 | +# Force a newline in a define after the macro name for multi-line defines. |
879 | +nl_multi_line_define = false # false/true |
880 | + |
881 | +# Whether to put a newline before 'case' statement |
882 | +nl_before_case = false # false/true |
883 | + |
884 | +# Add or remove newline between ')' and 'throw' |
885 | +nl_before_throw = ignore # ignore/add/remove/force |
886 | + |
887 | +# Whether to put a newline after 'case' statement |
888 | +nl_after_case = false # false/true |
889 | + |
890 | +# Newline between namespace and { |
891 | +nl_namespace_brace = ignore # ignore/add/remove/force |
892 | + |
893 | +# Add or remove newline between 'template<>' and whatever follows. |
894 | +nl_template_class = ignore # ignore/add/remove/force |
895 | + |
896 | +# Add or remove newline between 'class' and '{' |
897 | +nl_class_brace = ignore # ignore/add/remove/force |
898 | + |
899 | +# Add or remove newline after each ',' in the constructor member initialization |
900 | +nl_class_init_args = ignore # ignore/add/remove/force |
901 | + |
902 | +# Add or remove newline between return type and function name in a function definition |
903 | +nl_func_type_name = remove # ignore/add/remove/force |
904 | + |
905 | +# Add or remove newline between return type and function name inside a class {} |
906 | +# Uses nl_func_type_name or nl_func_proto_type_name if set to ignore. |
907 | +nl_func_type_name_class = ignore # ignore/add/remove/force |
908 | + |
909 | +# Add or remove newline between function scope and name in a definition |
910 | +# Controls the newline after '::' in 'void A::f() { }' |
911 | +nl_func_scope_name = ignore # ignore/add/remove/force |
912 | + |
913 | +# Add or remove newline between return type and function name in a prototype |
914 | +nl_func_proto_type_name = remove # ignore/add/remove/force |
915 | + |
916 | +# Add or remove newline between a function name and the opening '(' |
917 | +nl_func_paren = remove # ignore/add/remove/force |
918 | + |
919 | +# Add or remove newline between a function name and the opening '(' in the definition |
920 | +nl_func_def_paren = remove # ignore/add/remove/force |
921 | + |
922 | +# Add or remove newline after '(' in a function declaration |
923 | +nl_func_decl_start = remove # ignore/add/remove/force |
924 | + |
925 | +# Add or remove newline after '(' in a function definition |
926 | +nl_func_def_start = ignore # ignore/add/remove/force |
927 | + |
928 | +# Overrides nl_func_decl_start when there is only one parameter. |
929 | +nl_func_decl_start_single = ignore # ignore/add/remove/force |
930 | + |
931 | +# Overrides nl_func_def_start when there is only one parameter. |
932 | +nl_func_def_start_single = ignore # ignore/add/remove/force |
933 | + |
934 | +# Add or remove newline after each ',' in a function declaration |
935 | +nl_func_decl_args = ignore # ignore/add/remove/force |
936 | + |
937 | +# Add or remove newline after each ',' in a function definition |
938 | +nl_func_def_args = ignore # ignore/add/remove/force |
939 | + |
940 | +# Add or remove newline before the ')' in a function declaration |
941 | +nl_func_decl_end = remove # ignore/add/remove/force |
942 | + |
943 | +# Add or remove newline before the ')' in a function definition |
944 | +nl_func_def_end = remove # ignore/add/remove/force |
945 | + |
946 | +# Overrides nl_func_decl_end when there is only one parameter. |
947 | +nl_func_decl_end_single = ignore # ignore/add/remove/force |
948 | + |
949 | +# Overrides nl_func_def_end when there is only one parameter. |
950 | +nl_func_def_end_single = ignore # ignore/add/remove/force |
951 | + |
952 | +# Add or remove newline between '()' in a function declaration. |
953 | +nl_func_decl_empty = ignore # ignore/add/remove/force |
954 | + |
955 | +# Add or remove newline between '()' in a function definition. |
956 | +nl_func_def_empty = ignore # ignore/add/remove/force |
957 | + |
958 | +# Add or remove newline between function signature and '{' |
959 | +nl_fdef_brace = add # ignore/add/remove/force |
960 | + |
961 | +# Whether to put a newline after 'return' statement |
962 | +nl_after_return = false # false/true |
963 | + |
964 | +# Add or remove a newline between the return keyword and return expression. |
965 | +nl_return_expr = ignore # ignore/add/remove/force |
966 | + |
967 | +# Whether to put a newline after semicolons, except in 'for' statements |
968 | +nl_after_semicolon = true # false/true |
969 | + |
970 | +# Whether to put a newline after brace open. |
971 | +# This also adds a newline before the matching brace close. |
972 | +nl_after_brace_open = false # false/true |
973 | + |
974 | +# If nl_after_brace_open and nl_after_brace_open_cmt are true, a newline is |
975 | +# placed between the open brace and a trailing single-line comment. |
976 | +nl_after_brace_open_cmt = false # false/true |
977 | + |
978 | +# Whether to put a newline after a virtual brace open with a non-empty body. |
979 | +# These occur in un-braced if/while/do/for statement bodies. |
980 | +nl_after_vbrace_open = true # false/true |
981 | + |
982 | +# Whether to put a newline after a virtual brace open with an empty body. |
983 | +# These occur in un-braced if/while/do/for statement bodies. |
984 | +nl_after_vbrace_open_empty = true # false/true |
985 | + |
986 | +# Whether to put a newline after a brace close. |
987 | +# Does not apply if followed by a necessary ';'. |
988 | +nl_after_brace_close = false # false/true |
989 | + |
990 | +# Whether to put a newline after a virtual brace close. |
991 | +# Would add a newline before return in: 'if (foo) a++; return;' |
992 | +nl_after_vbrace_close = false # false/true |
993 | + |
994 | +# Whether to alter newlines in '#define' macros |
995 | +nl_define_macro = false # false/true |
996 | + |
997 | +# Whether to not put blanks after '#ifxx', '#elxx', or before '#endif' |
998 | +nl_squeeze_ifdef = false # false/true |
999 | + |
1000 | +# Add or remove blank line before 'if' |
1001 | +nl_before_if = ignore # ignore/add/remove/force |
1002 | + |
1003 | +# Add or remove blank line after 'if' statement |
1004 | +nl_after_if = ignore # ignore/add/remove/force |
1005 | + |
1006 | +# Add or remove blank line before 'for' |
1007 | +nl_before_for = ignore # ignore/add/remove/force |
1008 | + |
1009 | +# Add or remove blank line after 'for' statement |
1010 | +nl_after_for = ignore # ignore/add/remove/force |
1011 | + |
1012 | +# Add or remove blank line before 'while' |
1013 | +nl_before_while = ignore # ignore/add/remove/force |
1014 | + |
1015 | +# Add or remove blank line after 'while' statement |
1016 | +nl_after_while = ignore # ignore/add/remove/force |
1017 | + |
1018 | +# Add or remove blank line before 'switch' |
1019 | +nl_before_switch = ignore # ignore/add/remove/force |
1020 | + |
1021 | +# Add or remove blank line after 'switch' statement |
1022 | +nl_after_switch = ignore # ignore/add/remove/force |
1023 | + |
1024 | +# Add or remove blank line before 'do' |
1025 | +nl_before_do = ignore # ignore/add/remove/force |
1026 | + |
1027 | +# Add or remove blank line after 'do/while' statement |
1028 | +nl_after_do = ignore # ignore/add/remove/force |
1029 | + |
1030 | +# Whether to double-space commented-entries in struct/enum |
1031 | +nl_ds_struct_enum_cmt = false # false/true |
1032 | + |
1033 | +# Whether to double-space before the close brace of a struct/union/enum |
1034 | +# (lower priority than 'eat_blanks_before_close_brace') |
1035 | +nl_ds_struct_enum_close_brace = false # false/true |
1036 | + |
1037 | +# Add or remove a newline around a class colon. |
1038 | +# Related to pos_class_colon, nl_class_init_args, and pos_comma. |
1039 | +nl_class_colon = ignore # ignore/add/remove/force |
1040 | + |
1041 | +# Change simple unbraced if statements into a one-liner |
1042 | +# 'if(b)\n i++;' => 'if(b) i++;' |
1043 | +nl_create_if_one_liner = false # false/true |
1044 | + |
1045 | +# Change simple unbraced for statements into a one-liner |
1046 | +# 'for (i=0;i<5;i++)\n foo(i);' => 'for (i=0;i<5;i++) foo(i);' |
1047 | +nl_create_for_one_liner = false # false/true |
1048 | + |
1049 | +# Change simple unbraced while statements into a one-liner |
1050 | +# 'while (i<5)\n foo(i++);' => 'while (i<5) foo(i++);' |
1051 | +nl_create_while_one_liner = false # false/true |
1052 | + |
1053 | +# |
1054 | +# Positioning options |
1055 | +# |
1056 | + |
1057 | +# The position of arithmetic operators in wrapped expressions |
1058 | +pos_arith = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1059 | + |
1060 | +# The position of assignment in wrapped expressions. |
1061 | +# Do not affect '=' followed by '{' |
1062 | +pos_assign = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1063 | + |
1064 | +# The position of boolean operators in wrapped expressions |
1065 | +pos_bool = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1066 | + |
1067 | +# The position of comparison operators in wrapped expressions |
1068 | +pos_compare = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1069 | + |
1070 | +# The position of conditional (b ? t : f) operators in wrapped expressions |
1071 | +pos_conditional = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1072 | + |
1073 | +# The position of the comma in wrapped expressions |
1074 | +pos_comma = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1075 | + |
1076 | +# The position of the comma in the constructor initialization list |
1077 | +pos_class_comma = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1078 | + |
1079 | +# The position of colons between constructor and member initialization |
1080 | +pos_class_colon = ignore # ignore/lead/lead_break/lead_force/trail/trail_break/trail_force |
1081 | + |
1082 | +# |
1083 | +# Line Splitting options |
1084 | +# |
1085 | + |
1086 | +# Try to limit code width to N number of columns |
1087 | +code_width = 0 # number |
1088 | + |
1089 | +# Whether to fully split long 'for' statements at semi-colons |
1090 | +ls_for_split_full = false # false/true |
1091 | + |
1092 | +# Whether to fully split long function protos/calls at commas |
1093 | +ls_func_split_full = false # false/true |
1094 | + |
1095 | +# |
1096 | +# Blank line options |
1097 | +# |
1098 | + |
1099 | +# The maximum consecutive newlines |
1100 | +nl_max = 0 # number |
1101 | + |
1102 | +# The number of newlines after a function prototype, if followed by another function prototype |
1103 | +nl_after_func_proto = 0 # number |
1104 | + |
1105 | +# The number of newlines after a function prototype, if not followed by another function prototype |
1106 | +nl_after_func_proto_group = 0 # number |
1107 | + |
1108 | +# The number of newlines after '}' of a multi-line function body |
1109 | +nl_after_func_body = 2 # number |
1110 | + |
1111 | +# The number of newlines after '}' of a single line function body |
1112 | +nl_after_func_body_one_liner = 2 # number |
1113 | + |
1114 | +# The minimum number of newlines before a multi-line comment. |
1115 | +# Doesn't apply if after a brace open or another multi-line comment. |
1116 | +nl_before_block_comment = 0 # number |
1117 | + |
1118 | +# The minimum number of newlines before a single-line C comment. |
1119 | +# Doesn't apply if after a brace open or other single-line C comments. |
1120 | +nl_before_c_comment = 0 # number |
1121 | + |
1122 | +# The minimum number of newlines before a CPP comment. |
1123 | +# Doesn't apply if after a brace open or other CPP comments. |
1124 | +nl_before_cpp_comment = 0 # number |
1125 | + |
1126 | +# Whether to force a newline after a multi-line comment. |
1127 | +nl_after_multiline_comment = false # false/true |
1128 | + |
1129 | +# The number of newlines before a 'private:', 'public:', 'protected:', 'signals:', or 'slots:' label. |
1130 | +# Will not change the newline count if after a brace open. |
1131 | +# 0 = No change. |
1132 | +nl_before_access_spec = 0 # number |
1133 | + |
1134 | +# The number of newlines after a 'private:', 'public:', 'protected:', 'signals:', or 'slots:' label. |
1135 | +# 0 = No change. |
1136 | +nl_after_access_spec = 0 # number |
1137 | + |
1138 | +# The number of newlines between a function def and the function comment. |
1139 | +# 0 = No change. |
1140 | +nl_comment_func_def = 0 # number |
1141 | + |
1142 | +# The number of newlines after a try-catch-finally block that isn't followed by a brace close. |
1143 | +# 0 = No change. |
1144 | +nl_after_try_catch_finally = 0 # number |
1145 | + |
1146 | +# The number of newlines before and after a property, indexer or event decl. |
1147 | +# 0 = No change. |
1148 | +nl_around_cs_property = 0 # number |
1149 | + |
1150 | +# The number of newlines between the get/set/add/remove handlers in C#. |
1151 | +# 0 = No change. |
1152 | +nl_between_get_set = 0 # number |
1153 | + |
1154 | +# Whether to remove blank lines after '{' |
1155 | +eat_blanks_after_open_brace = true # false/true |
1156 | + |
1157 | +# Whether to remove blank lines before '}' |
1158 | +eat_blanks_before_close_brace = true # false/true |
1159 | + |
1160 | +# |
1161 | +# Code modifying options (non-whitespace) |
1162 | +# |
1163 | + |
1164 | +# Add or remove braces on single-line 'do' statement |
1165 | +mod_full_brace_do = add # ignore/add/remove/force |
1166 | + |
1167 | +# Add or remove braces on single-line 'for' statement |
1168 | +mod_full_brace_for = add # ignore/add/remove/force |
1169 | + |
1170 | +# Add or remove braces on single-line function definitions. (Pawn) |
1171 | +mod_full_brace_function = ignore # ignore/add/remove/force |
1172 | + |
1173 | +# Add or remove braces on single-line 'if' statement. Will not remove the braces if they contain an 'else'. |
1174 | +mod_full_brace_if = add # ignore/add/remove/force |
1175 | + |
1176 | +# Make all if/elseif/else statements in a chain be braced or not. Overrides mod_full_brace_if. |
1177 | +# If any must be braced, they are all braced. If all can be unbraced, then the braces are removed. |
1178 | +mod_full_brace_if_chain = false # false/true |
1179 | + |
1180 | +# Don't remove braces around statements that span N newlines |
1181 | +mod_full_brace_nl = 0 # number |
1182 | + |
1183 | +# Add or remove braces on single-line 'while' statement |
1184 | +mod_full_brace_while = add # ignore/add/remove/force |
1185 | + |
1186 | +# Add or remove braces on single-line 'using ()' statement |
1187 | +mod_full_brace_using = add # ignore/add/remove/force |
1188 | + |
1189 | +# Add or remove unnecessary paren on 'return' statement |
1190 | +mod_paren_on_return = remove # ignore/add/remove/force |
1191 | + |
1192 | +# Whether to change optional semicolons to real semicolons |
1193 | +mod_pawn_semicolon = false # false/true |
1194 | + |
1195 | +# Add parens on 'while' and 'if' statement around bools |
1196 | +mod_full_paren_if_bool = false # false/true |
1197 | + |
1198 | +# Whether to remove superfluous semicolons |
1199 | +mod_remove_extra_semicolon = false # false/true |
1200 | + |
1201 | +# If a function body exceeds the specified number of newlines and doesn't have a comment after |
1202 | +# the close brace, a comment will be added. |
1203 | +mod_add_long_function_closebrace_comment = 0 # number |
1204 | + |
1205 | +# If a switch body exceeds the specified number of newlines and doesn't have a comment after |
1206 | +# the close brace, a comment will be added. |
1207 | +mod_add_long_switch_closebrace_comment = 0 # number |
1208 | + |
1209 | +# If an #ifdef body exceeds the specified number of newlines and doesn't have a comment after |
1210 | +# the #else, a comment will be added. |
1211 | +mod_add_long_ifdef_endif_comment = 0 # number |
1212 | + |
1213 | +# If an #ifdef or #else body exceeds the specified number of newlines and doesn't have a comment after |
1214 | +# the #endif, a comment will be added. |
1215 | +mod_add_long_ifdef_else_comment = 0 # number |
1216 | + |
1217 | +# If TRUE, will sort consecutive single-line 'import' statements [Java, D] |
1218 | +mod_sort_import = false # false/true |
1219 | + |
1220 | +# If TRUE, will sort consecutive single-line 'using' statements [C#] |
1221 | +mod_sort_using = false # false/true |
1222 | + |
1223 | +# If TRUE, will sort consecutive single-line '#include' statements [C/C++] and '#import' statements [Obj-C] |
1224 | +# This is generally a bad idea, as it may break your code. |
1225 | +mod_sort_include = false # false/true |
1226 | + |
1227 | +# If TRUE, it will move a 'break' that appears after a fully braced 'case' before the close brace. |
1228 | +mod_move_case_break = false # false/true |
1229 | + |
1230 | +# Will add or remove the braces around a fully braced case statement. |
1231 | +# Will only remove the braces if there are no variable declarations in the block. |
1232 | +mod_case_brace = ignore # ignore/add/remove/force |
1233 | + |
1234 | +# If TRUE, it will remove a void 'return;' that appears as the last statement in a function. |
1235 | +mod_remove_empty_return = false # false/true |
1236 | + |
1237 | +# |
1238 | +# Comment modifications |
1239 | +# |
1240 | + |
1241 | +# Try to wrap comments at cmt_width columns |
1242 | +cmt_width = 0 # number |
1243 | + |
1244 | +# Set the comment reflow mode (default: 0) |
1245 | +# 0: no reflowing (apart from the line wrapping due to cmt_width) |
1246 | +# 1: no touching at all |
1247 | +# 2: full reflow |
1248 | +cmt_reflow_mode = 0 # number |
1249 | + |
1250 | +# If false, disable all multi-line comment changes, including cmt_width. keyword substitution, and leading chars. |
1251 | +# Default is true. |
1252 | +cmt_indent_multi = true # false/true |
1253 | + |
1254 | +# Whether to group c-comments that look like they are in a block |
1255 | +cmt_c_group = false # false/true |
1256 | + |
1257 | +# Whether to put an empty '/*' on the first line of the combined c-comment |
1258 | +cmt_c_nl_start = false # false/true |
1259 | + |
1260 | +# Whether to put a newline before the closing '*/' of the combined c-comment |
1261 | +cmt_c_nl_end = false # false/true |
1262 | + |
1263 | +# Whether to group cpp-comments that look like they are in a block |
1264 | +cmt_cpp_group = false # false/true |
1265 | + |
1266 | +# Whether to put an empty '/*' on the first line of the combined cpp-comment |
1267 | +cmt_cpp_nl_start = false # false/true |
1268 | + |
1269 | +# Whether to put a newline before the closing '*/' of the combined cpp-comment |
1270 | +cmt_cpp_nl_end = false # false/true |
1271 | + |
1272 | +# Whether to change cpp-comments into c-comments |
1273 | +cmt_cpp_to_c = false # false/true |
1274 | + |
1275 | +# Whether to put a star on subsequent comment lines |
1276 | +cmt_star_cont = true # false/true |
1277 | + |
1278 | +# The number of spaces to insert at the start of subsequent comment lines |
1279 | +cmt_sp_before_star_cont = 0 # number |
1280 | + |
1281 | +# The number of spaces to insert after the star on subsequent comment lines |
1282 | +cmt_sp_after_star_cont = 0 # number |
1283 | + |
1284 | +# For multi-line comments with a '*' lead, remove leading spaces if the first and last lines of |
1285 | +# the comment are the same length. Default=True |
1286 | +cmt_multi_check_last = false # false/true |
1287 | + |
1288 | +# The filename that contains text to insert at the head of a file if the file doesn't start with a C/C++ comment. |
1289 | +# Will substitute $(filename) with the current file's name. |
1290 | +cmt_insert_file_header = "" # string |
1291 | + |
1292 | +# The filename that contains text to insert at the end of a file if the file doesn't end with a C/C++ comment. |
1293 | +# Will substitute $(filename) with the current file's name. |
1294 | +cmt_insert_file_footer = "" # string |
1295 | + |
1296 | +# The filename that contains text to insert before a function implementation if the function isn't preceded with a C/C++ comment. |
1297 | +# Will substitute $(function) with the function name and $(javaparam) with the javadoc @param and @return stuff. |
1298 | +# Will also substitute $(fclass) with the class name: void CFoo::Bar() { ... } |
1299 | +cmt_insert_func_header = "" # string |
1300 | + |
1301 | +# The filename that contains text to insert before a class if the class isn't preceded with a C/C++ comment. |
1302 | +# Will substitute $(class) with the class name. |
1303 | +cmt_insert_class_header = "" # string |
1304 | + |
1305 | +# If a preprocessor is encountered when stepping backwards from a function name, then |
1306 | +# this option decides whether the comment should be inserted. |
1307 | +# Affects cmt_insert_func_header and cmt_insert_class_header. |
1308 | +cmt_insert_before_preproc = false # false/true |
1309 | + |
1310 | +# |
1311 | +# Preprocessor options |
1312 | +# |
1313 | + |
1314 | +# Control indent of preprocessors inside #if blocks at brace level 0 |
1315 | +pp_indent = remove # ignore/add/remove/force |
1316 | + |
1317 | +# Whether to indent #if/#else/#endif at the brace level (true) or from column 1 (false) |
1318 | +pp_indent_at_level = false # false/true |
1319 | + |
1320 | +# If pp_indent_at_level=false, specifies the number of columns to indent per level. Default=1. |
1321 | +pp_indent_count = 1 # number |
1322 | + |
1323 | +# Add or remove space after # based on pp_level of #if blocks |
1324 | +pp_space = remove # ignore/add/remove/force |
1325 | + |
1326 | +# Sets the number of spaces added with pp_space |
1327 | +pp_space_count = 0 # number |
1328 | + |
1329 | +# The indent for #region and #endregion in C# and '#pragma region' in C/C++ |
1330 | +pp_indent_region = 0 # number |
1331 | + |
1332 | +# Whether to indent the code between #region and #endregion |
1333 | +pp_region_indent_code = false # false/true |
1334 | + |
1335 | +# If pp_indent_at_level=true, sets the indent for #if, #else, and #endif when not at file-level |
1336 | +pp_indent_if = 0 # number |
1337 | + |
1338 | +# Control whether to indent the code between #if, #else and #endif when not at file-level |
1339 | +pp_if_indent_code = false # false/true |
1340 | + |
1341 | +# Whether to indent '#define' at the brace level (true) or from column 1 (false) |
1342 | +pp_define_at_level = false # false/true |
1343 | + |
1344 | +# You can force a token to be a type with the 'type' option. |
1345 | +# Example: |
1346 | +# type myfoo1 myfoo2 |
1347 | +# |
1348 | +# You can create custom macro-based indentation using macro-open, |
1349 | +# macro-else and macro-close. |
1350 | +# Example: |
1351 | +# macro-open BEGIN_TEMPLATE_MESSAGE_MAP |
1352 | +# macro-open BEGIN_MESSAGE_MAP |
1353 | +# macro-close END_MESSAGE_MAP |
1354 | +# |
1355 | +# You can assign any keyword to any type with the set option. |
1356 | +# set func_call_user _ N_ |
1357 | +# |
1358 | +# The full syntax description of all custom definition config entries |
1359 | +# is shown below: |
1360 | +# |
1361 | +# define custom tokens as: |
1362 | +# - embed whitespace in token using '' escape character, or |
1363 | +# put token in quotes |
1364 | +# - these: ' " and ` are recognized as quote delimiters |
1365 | +# |
1366 | +# type token1 token2 token3 ... |
1367 | +# ^ optionally specify multiple tokens on a single line |
1368 | +# define def_token output_token |
1369 | +# ^ output_token is optional, then NULL is assumed |
1370 | +# macro-open token |
1371 | +# macro-close token |
1372 | +# macro-else token |
1373 | +# set id token1 token2 ... |
1374 | +# ^ optionally specify multiple tokens on a single line |
1375 | +# ^ id is one of the names in token_enum.h sans the CT_ prefix, |
1376 | +# e.g. PP_PRAGMA |
1377 | +# |
1378 | +# all tokens are separated by any mix of ',' commas, '=' equal signs |
1379 | +# and whitespace (space, tab) |
1380 | +# |
1381 | |
1382 | === renamed file 'tools/dot_uncrustify.cfg' => '.uncrustify.cfg' |
1383 | --- tools/dot_uncrustify.cfg 2010-12-31 12:30:21 +0000 |
1384 | +++ .uncrustify.cfg 2011-01-11 14:04:40 +0000 |
1385 | @@ -255,7 +255,7 @@ |
1386 | sp_before_byref_func = ignore # ignore/add/remove/force |
1387 | |
1388 | # Add or remove space between type and word. Default=Force |
1389 | -sp_after_type = force # ignore/add/remove/force |
1390 | +sp_after_type = ignore # ignore/add/remove/force |
1391 | |
1392 | # Add or remove space in 'template <' vs 'template<'. |
1393 | # If set to ignore, sp_before_angle is used. |
1394 | @@ -367,16 +367,16 @@ |
1395 | sp_after_tag = ignore # ignore/add/remove/force |
1396 | |
1397 | # Add or remove space inside enum '{' and '}' |
1398 | -sp_inside_braces_enum = force # ignore/add/remove/force |
1399 | +sp_inside_braces_enum = add # ignore/add/remove/force |
1400 | |
1401 | # Add or remove space inside struct/union '{' and '}' |
1402 | -sp_inside_braces_struct = force # ignore/add/remove/force |
1403 | +sp_inside_braces_struct = add # ignore/add/remove/force |
1404 | |
1405 | # Add or remove space inside '{' and '}' |
1406 | -sp_inside_braces = ignore # ignore/add/remove/force |
1407 | +sp_inside_braces = add # ignore/add/remove/force |
1408 | |
1409 | # Add or remove space inside '{}' |
1410 | -sp_inside_braces_empty = ignore # ignore/add/remove/force |
1411 | +sp_inside_braces_empty = remove # ignore/add/remove/force |
1412 | |
1413 | # Add or remove space between return type and function name |
1414 | # A minimum of 1 is forced except for pointer return types. |
1415 | @@ -560,13 +560,13 @@ |
1416 | align_same_func_call_params = false # false/true |
1417 | |
1418 | # The span for aligning variable definitions (0=don't align) |
1419 | -align_var_def_span = 0 # number |
1420 | +align_var_def_span = 1 # number |
1421 | |
1422 | # How to align the star in variable definitions. |
1423 | # 0=Part of the type 'void * foo;' |
1424 | # 1=Part of the variable 'void *foo;' |
1425 | # 2=Dangling 'void *foo;' |
1426 | -align_var_def_star_style = 0 # number |
1427 | +align_var_def_star_style = 2 # number |
1428 | |
1429 | # How to align the '&' in variable definitions. |
1430 | # 0=Part of the type |
1431 | @@ -590,19 +590,19 @@ |
1432 | align_var_def_inline = false # false/true |
1433 | |
1434 | # The span for aligning on '=' in assignments (0=don't align) |
1435 | -align_assign_span = 4 # number |
1436 | +align_assign_span = 1 # number |
1437 | |
1438 | # The threshold for aligning on '=' in assignments (0=no limit) |
1439 | align_assign_thresh = 0 # number |
1440 | |
1441 | # The span for aligning on '=' in enums (0=don't align) |
1442 | -align_enum_equ_span = 4 # number |
1443 | +align_enum_equ_span = 1 # number |
1444 | |
1445 | # The threshold for aligning on '=' in enums (0=no limit) |
1446 | align_enum_equ_thresh = 0 # number |
1447 | |
1448 | # The span for aligning struct/union (0=don't align) |
1449 | -align_var_struct_span = 4 # number |
1450 | +align_var_struct_span = 1 # number |
1451 | |
1452 | # The threshold for aligning struct/union member definitions (0=no limit) |
1453 | align_var_struct_thresh = 0 # number |
1454 | @@ -611,7 +611,7 @@ |
1455 | align_var_struct_gap = 0 # number |
1456 | |
1457 | # The span for aligning struct initializer values (0=don't align) |
1458 | -align_struct_init_span = 4 # number |
1459 | +align_struct_init_span = 1 # number |
1460 | |
1461 | # The minimum space between the type and the synonym of a typedef |
1462 | align_typedef_gap = 0 # number |
1463 | @@ -1175,8 +1175,8 @@ |
1464 | cmt_sp_after_star_cont = 0 # number |
1465 | |
1466 | # For multi-line comments with a '*' lead, remove leading spaces if the first and last lines of |
1467 | -# the comment are the same length. Default=true |
1468 | -cmt_multi_check_last = true # false/true |
1469 | +# the comment are the same length. Default=True |
1470 | +cmt_multi_check_last = false # false/true |
1471 | |
1472 | # The filename that contains text to insert at the head of a file if the file doesn't start with a C/C++ comment. |
1473 | # Will substitute $(filename) with the current file's name. |
1474 | @@ -1205,7 +1205,7 @@ |
1475 | # |
1476 | |
1477 | # Control indent of preprocessors inside #if blocks at brace level 0 |
1478 | -pp_indent = ignore # ignore/add/remove/force |
1479 | +pp_indent = remove # ignore/add/remove/force |
1480 | |
1481 | # Whether to indent #if/#else/#endif at the brace level (true) or from column 1 (false) |
1482 | pp_indent_at_level = false # false/true |
1483 | @@ -1214,7 +1214,7 @@ |
1484 | pp_indent_count = 1 # number |
1485 | |
1486 | # Add or remove space after # based on pp_level of #if blocks |
1487 | -pp_space = ignore # ignore/add/remove/force |
1488 | +pp_space = remove # ignore/add/remove/force |
1489 | |
1490 | # Sets the number of spaces added with pp_space |
1491 | pp_space_count = 0 # number |
1492 | |
1493 | === modified file 'firewall/cache.c' |
1494 | --- firewall/cache.c 2011-01-09 22:18:11 +0000 |
1495 | +++ firewall/cache.c 2011-01-11 14:04:40 +0000 |
1496 | @@ -66,7 +66,7 @@ |
1497 | struct hip_hadb_user_info_state *hip_cache_create_hl_entry(void) |
1498 | { |
1499 | struct hip_hadb_user_info_state *entry = NULL; |
1500 | - int err = 0; |
1501 | + int err = 0; |
1502 | |
1503 | HIP_IFEL(!(entry = calloc(1, sizeof(struct hip_hadb_user_info_state))), |
1504 | -ENOMEM, "No memory available for firewall database entry\n"); |
1505 | @@ -120,7 +120,7 @@ |
1506 | const void *peer, |
1507 | enum fw_cache_query_type type) |
1508 | { |
1509 | - int err = 0; |
1510 | + int err = 0; |
1511 | struct hip_hadb_user_info_state *ha_ret = NULL; |
1512 | const struct hip_hadb_user_info_state *ha_match = NULL; |
1513 | const struct hip_hadb_user_info_state *ha_curr = NULL; |
1514 | @@ -143,13 +143,13 @@ |
1515 | ha_match = ha_curr; |
1516 | break; |
1517 | } else if (type == FW_CACHE_LSI && |
1518 | - !ipv4_addr_cmp(peer, &ha_curr->lsi_peer) && |
1519 | - (!local || !ipv4_addr_cmp(local, &ha_curr->lsi_our))) { |
1520 | + !ipv4_addr_cmp(peer, &ha_curr->lsi_peer) && |
1521 | + (!local || !ipv4_addr_cmp(local, &ha_curr->lsi_our))) { |
1522 | ha_match = ha_curr; |
1523 | break; |
1524 | } else if (type == FW_CACHE_IP && |
1525 | - !ipv6_addr_cmp(peer, &ha_curr->ip_peer) && |
1526 | - (!local || !ipv6_addr_cmp(local, &ha_curr->ip_our))) { |
1527 | + !ipv6_addr_cmp(peer, &ha_curr->ip_peer) && |
1528 | + (!local || !ipv6_addr_cmp(local, &ha_curr->ip_our))) { |
1529 | ha_match = ha_curr; |
1530 | break; |
1531 | } |
1532 | @@ -179,9 +179,9 @@ |
1533 | enum fw_cache_query_type type, |
1534 | int query_daemon) |
1535 | { |
1536 | - int i; |
1537 | + int i; |
1538 | struct hip_hadb_user_info_state *this = NULL, *ha_match = NULL; |
1539 | - LHASH_NODE *item = NULL, *tmp = NULL; |
1540 | + LHASH_NODE *item = NULL, *tmp = NULL; |
1541 | |
1542 | if (type == FW_CACHE_HIT) { |
1543 | ha_match = hip_ht_find(firewall_cache_db, peer); |
1544 | @@ -204,17 +204,16 @@ |
1545 | ha_match = this; |
1546 | break; |
1547 | } else if (type == FW_CACHE_LSI && |
1548 | - !ipv4_addr_cmp(peer, &this->lsi_peer) && |
1549 | - (!local || !ipv4_addr_cmp(local, &this->lsi_our))) { |
1550 | + !ipv4_addr_cmp(peer, &this->lsi_peer) && |
1551 | + (!local || !ipv4_addr_cmp(local, &this->lsi_our))) { |
1552 | ha_match = this; |
1553 | break; |
1554 | } else if (type == FW_CACHE_IP && |
1555 | - !ipv6_addr_cmp(peer, &this->ip_peer) && |
1556 | - (!local || !ipv6_addr_cmp(local, &this->ip_our))) { |
1557 | + !ipv6_addr_cmp(peer, &this->ip_peer) && |
1558 | + (!local || !ipv6_addr_cmp(local, &this->ip_our))) { |
1559 | ha_match = this; |
1560 | break; |
1561 | } |
1562 | - |
1563 | } |
1564 | HIP_UNLOCK_HT(&firewall_cache_db); |
1565 | |
1566 | @@ -260,7 +259,7 @@ |
1567 | static unsigned long hip_firewall_hash_hit_peer(const void *ptr) |
1568 | { |
1569 | const struct in6_addr *hit_peer = &((const struct hip_hadb_user_info_state *) ptr)->hit_peer; |
1570 | - uint8_t hash[HIP_AH_SHA_LEN]; |
1571 | + uint8_t hash[HIP_AH_SHA_LEN]; |
1572 | |
1573 | hip_build_digest(HIP_DIGEST_SHA1, hit_peer, sizeof(*hit_peer), hash); |
1574 | return *((unsigned long *) hash); |
1575 | @@ -305,9 +304,9 @@ |
1576 | */ |
1577 | void hip_firewall_cache_delete_hldb(int exiting) |
1578 | { |
1579 | - int i; |
1580 | + int i; |
1581 | struct hip_hadb_user_info_state *this = NULL; |
1582 | - LHASH_NODE *item = NULL, *tmp = NULL; |
1583 | + LHASH_NODE *item = NULL, *tmp = NULL; |
1584 | |
1585 | HIP_DEBUG("Start hldb delete\n"); |
1586 | HIP_LOCK_HT(&firewall_cache_db); |
1587 | @@ -324,8 +323,9 @@ |
1588 | * we handle it in firewall_exit(). */ |
1589 | |
1590 | HIP_UNLOCK_HT(&firewall_cache_db); |
1591 | - if (exiting) |
1592 | + if (exiting) { |
1593 | hip_ht_uninit(firewall_cache_db); |
1594 | + } |
1595 | HIP_DEBUG("End hldbdb delete\n"); |
1596 | } |
1597 | |
1598 | @@ -335,12 +335,12 @@ |
1599 | * @param hit_peer Peer HIT |
1600 | * @param state New state |
1601 | * @return 0 on success, negative on error |
1602 | -*/ |
1603 | + */ |
1604 | int hip_firewall_cache_set_bex_state(const struct in6_addr *hit_our, |
1605 | const struct in6_addr *hit_peer, |
1606 | int state) |
1607 | { |
1608 | - int err = 0; |
1609 | + int err = 0; |
1610 | struct hip_hadb_user_info_state *entry; |
1611 | |
1612 | HIP_IFEL(!hit_peer, -1, "Need peer HIT to search\n"); |
1613 | @@ -372,7 +372,7 @@ |
1614 | const struct in6_addr *hit_peer, |
1615 | int state) |
1616 | { |
1617 | - int err = 0; |
1618 | + int err = 0; |
1619 | struct hip_hadb_user_info_state *entry; |
1620 | |
1621 | HIP_IFEL(!ip_peer, -1, "Need peer IP to search\n"); |
1622 | |
1623 | === modified file 'firewall/conntrack.c' |
1624 | --- firewall/conntrack.c 2011-01-09 22:18:11 +0000 |
1625 | +++ firewall/conntrack.c 2011-01-11 14:04:40 +0000 |
1626 | @@ -84,8 +84,8 @@ |
1627 | STATE_CLOSING |
1628 | }; |
1629 | |
1630 | -int timeoutChecking = 0; |
1631 | -unsigned long timeoutValue = 0; |
1632 | +int timeoutChecking = 0; |
1633 | +unsigned long timeoutValue = 0; |
1634 | |
1635 | /*------------print functions-------------*/ |
1636 | /** |
1637 | @@ -223,7 +223,7 @@ |
1638 | const struct in6_addr *ip6_from) |
1639 | { |
1640 | struct dlist *list = (struct dlist *) hip_list; |
1641 | - hip_hit_t phit; |
1642 | + hip_hit_t phit; |
1643 | |
1644 | HIP_DEBUG("updating opportunistic entries\n"); |
1645 | /* the pseudo hit is compared with the hit in the entries */ |
1646 | @@ -259,7 +259,7 @@ |
1647 | OPP const struct in6_addr *ip6_from) |
1648 | { |
1649 | struct hip_tuple *tuple = NULL; |
1650 | - struct dlist *list = hip_list; |
1651 | + struct dlist *list = hip_list; |
1652 | |
1653 | while (list) { |
1654 | tuple = list->data; |
1655 | @@ -295,7 +295,7 @@ |
1656 | static struct esp_address *get_esp_address(const struct slist *addr_list, |
1657 | const struct in6_addr *addr) |
1658 | { |
1659 | - const struct slist *list = addr_list; |
1660 | + const struct slist *list = addr_list; |
1661 | struct esp_address *esp_addr = NULL; |
1662 | |
1663 | HIP_DEBUG("get_esp_address\n"); |
1664 | @@ -403,8 +403,8 @@ |
1665 | struct esp_tuple *find_esp_tuple(const struct slist *search_list, |
1666 | const uint32_t spi) |
1667 | { |
1668 | - const struct slist *list = search_list; |
1669 | - struct esp_tuple *esp_tuple = NULL; |
1670 | + const struct slist *list = search_list; |
1671 | + struct esp_tuple *esp_tuple = NULL; |
1672 | |
1673 | if (!list) { |
1674 | HIP_DEBUG("Esp tuple slist is empty\n"); |
1675 | @@ -438,7 +438,7 @@ |
1676 | //set time stamp |
1677 | gettimeofday(&connection->time_stamp, NULL); |
1678 | #ifdef HIP_CONFIG_MIDAUTH |
1679 | - connection->pisa_state = PISA_STATE_DISALLOW; |
1680 | + connection->pisa_state = PISA_STATE_DISALLOW; |
1681 | #endif |
1682 | |
1683 | //original direction tuple |
1684 | @@ -491,7 +491,6 @@ |
1685 | { |
1686 | if (hip_tuple) { |
1687 | if (hip_tuple->data) { |
1688 | - |
1689 | // free keys depending on cipher |
1690 | if (hip_tuple->data->src_pub_key && hip_tuple->data->src_hi) { |
1691 | if (hip_get_host_id_algo(hip_tuple->data->src_hi) == HIP_HI_RSA) { |
1692 | @@ -520,7 +519,7 @@ |
1693 | static void free_esp_tuple(struct esp_tuple *esp_tuple) |
1694 | { |
1695 | if (esp_tuple) { |
1696 | - struct slist *list = esp_tuple->dst_addr_list; |
1697 | + struct slist *list = esp_tuple->dst_addr_list; |
1698 | struct esp_address *addr = NULL; |
1699 | |
1700 | // remove eventual cached anchor elements for this esp tuple |
1701 | @@ -565,9 +564,9 @@ |
1702 | |
1703 | tuple->esp_tuples = remove_link_slist(tuple->esp_tuples, list); |
1704 | free_esp_tuple(list->data); |
1705 | - list->data = NULL; |
1706 | + list->data = NULL; |
1707 | free(list); |
1708 | - list = tuple->esp_tuples; |
1709 | + list = tuple->esp_tuples; |
1710 | } |
1711 | tuple->esp_tuples = NULL; |
1712 | tuple->connection = NULL; |
1713 | @@ -623,9 +622,9 @@ |
1714 | const struct hip_seq *seq, |
1715 | struct tuple *tuple) |
1716 | { |
1717 | - struct esp_tuple *new_esp = NULL; |
1718 | + struct esp_tuple *new_esp = NULL; |
1719 | const struct hip_locator_info_addr_item *locator_addr = NULL; |
1720 | - int n = 0; |
1721 | + int n = 0; |
1722 | |
1723 | if (esp_info && locator && esp_info->new_spi == esp_info->old_spi) { |
1724 | HIP_DEBUG("esp_tuple_from_esp_info_locator: new spi 0x%lx\n", esp_info->new_spi); |
1725 | @@ -634,8 +633,8 @@ |
1726 | new_esp->spi = ntohl(esp_info->new_spi); |
1727 | new_esp->tuple = tuple; |
1728 | |
1729 | - n = (hip_get_param_total_len(locator) - sizeof(struct hip_locator)) / |
1730 | - sizeof(struct hip_locator_info_addr_item); |
1731 | + n = (hip_get_param_total_len(locator) - sizeof(struct hip_locator)) / |
1732 | + sizeof(struct hip_locator_info_addr_item); |
1733 | HIP_DEBUG("esp_tuple_from_esp_info_locator: %d addresses in locator\n", n); |
1734 | if (n > 0) { |
1735 | locator_addr = (const struct hip_locator_info_addr_item *) |
1736 | @@ -707,7 +706,7 @@ |
1737 | const struct hip_seq *seq) |
1738 | { |
1739 | struct connection *connection = malloc(sizeof(struct connection)); |
1740 | - struct esp_tuple *esp_tuple = NULL; |
1741 | + struct esp_tuple *esp_tuple = NULL; |
1742 | |
1743 | esp_tuple = esp_tuple_from_esp_info_locator(esp_info, locator, seq, |
1744 | &connection->reply); |
1745 | @@ -716,9 +715,9 @@ |
1746 | HIP_DEBUG("insert_connection_from_update: can't create connection\n"); |
1747 | return 0; |
1748 | } |
1749 | - connection->state = STATE_ESTABLISHING_FROM_UPDATE; |
1750 | + connection->state = STATE_ESTABLISHING_FROM_UPDATE; |
1751 | #ifdef HIP_CONFIG_MIDAUTH |
1752 | - connection->pisa_state = PISA_STATE_DISALLOW; |
1753 | + connection->pisa_state = PISA_STATE_DISALLOW; |
1754 | #endif |
1755 | |
1756 | //original direction tuple |
1757 | @@ -736,12 +735,12 @@ |
1758 | |
1759 | |
1760 | //reply direction tuple |
1761 | - connection->reply.state = HIP_STATE_UNASSOCIATED; |
1762 | - connection->reply.direction = REPLY_DIR; |
1763 | + connection->reply.state = HIP_STATE_UNASSOCIATED; |
1764 | + connection->reply.direction = REPLY_DIR; |
1765 | |
1766 | - connection->reply.esp_tuples = NULL; |
1767 | - connection->reply.esp_tuples = append_to_slist(connection->reply.esp_tuples, |
1768 | - esp_tuple); |
1769 | + connection->reply.esp_tuples = NULL; |
1770 | + connection->reply.esp_tuples = append_to_slist(connection->reply.esp_tuples, |
1771 | + esp_tuple); |
1772 | insert_esp_tuple(esp_tuple); |
1773 | |
1774 | connection->reply.connection = connection; |
1775 | @@ -788,11 +787,11 @@ |
1776 | static int hipfw_handle_relay_to_r2(const struct hip_common *common, |
1777 | const struct hip_fw_context *ctx) |
1778 | { |
1779 | - struct iphdr *iph = (struct iphdr *) ctx->ipq_packet->payload; |
1780 | + struct iphdr *iph = (struct iphdr *) ctx->ipq_packet->payload; |
1781 | const struct hip_relay_to *relay_to = NULL; /* same format as relay_from */ |
1782 | - struct tuple *tuple, *reverse_tuple; |
1783 | - int err = 0; |
1784 | - uint32_t spi; |
1785 | + struct tuple *tuple, *reverse_tuple; |
1786 | + int err = 0; |
1787 | + uint32_t spi; |
1788 | const struct hip_esp_info *esp_info; |
1789 | |
1790 | HIP_DEBUG_IN6ADDR("ctx->src", &ctx->src); |
1791 | @@ -801,7 +800,7 @@ |
1792 | HIP_ASSERT((hip_get_msg_type(common) == HIP_R2)); |
1793 | |
1794 | HIP_IFEL(!(relay_to = hip_get_param(common, HIP_PARAM_RELAY_TO)), -1, |
1795 | - "No relay_to, skip\n"); |
1796 | + "No relay_to, skip\n"); |
1797 | |
1798 | HIP_DEBUG_IN6ADDR("relay_to_addr", &relay_to->address); |
1799 | |
1800 | @@ -874,10 +873,10 @@ |
1801 | DBG int verify_responder, |
1802 | UNUSED const struct hip_fw_context *ctx) |
1803 | { |
1804 | - struct in6_addr hit; |
1805 | + struct in6_addr hit; |
1806 | const struct hip_host_id *host_id = NULL; |
1807 | // assume correct packet |
1808 | - int err = 1; |
1809 | + int err = 1; |
1810 | hip_tlv_len len = 0; |
1811 | |
1812 | HIP_DEBUG("verify_responder: %i\n", verify_responder); |
1813 | @@ -951,15 +950,15 @@ |
1814 | static int handle_i2(struct hip_common *common, struct tuple *tuple, |
1815 | const struct hip_fw_context *ctx) |
1816 | { |
1817 | - const struct hip_esp_info *spi = NULL; |
1818 | - const struct slist *other_dir_esps = NULL; |
1819 | - const struct hip_host_id *host_id = NULL; |
1820 | - struct tuple *other_dir = NULL; |
1821 | - struct esp_tuple *esp_tuple = NULL; |
1822 | - struct in6_addr hit; |
1823 | + const struct hip_esp_info *spi = NULL; |
1824 | + const struct slist *other_dir_esps = NULL; |
1825 | + const struct hip_host_id *host_id = NULL; |
1826 | + struct tuple *other_dir = NULL; |
1827 | + struct esp_tuple *esp_tuple = NULL; |
1828 | + struct in6_addr hit; |
1829 | // assume correct packet |
1830 | - int err = 1; |
1831 | - hip_tlv_len len = 0; |
1832 | + int err = 1; |
1833 | + hip_tlv_len len = 0; |
1834 | const struct in6_addr *ip6_src = &ctx->src; |
1835 | |
1836 | HIP_DEBUG("\n"); |
1837 | @@ -1032,9 +1031,9 @@ |
1838 | esp_tuple->dst_addr_list = NULL; |
1839 | esp_tuple->dst_addr_list = update_esp_address(esp_tuple->dst_addr_list, |
1840 | ip6_src, NULL); |
1841 | - esp_tuple->tuple = other_dir; |
1842 | + esp_tuple->tuple = other_dir; |
1843 | |
1844 | - other_dir->esp_tuples = append_to_slist(other_dir->esp_tuples, esp_tuple); |
1845 | + other_dir->esp_tuples = append_to_slist(other_dir->esp_tuples, esp_tuple); |
1846 | |
1847 | insert_esp_tuple(esp_tuple); |
1848 | } |
1849 | @@ -1065,12 +1064,12 @@ |
1850 | static int handle_r2(const struct hip_common *common, struct tuple *tuple, |
1851 | const struct hip_fw_context *ctx) |
1852 | { |
1853 | - const struct hip_esp_info *spi = NULL; |
1854 | - struct tuple *other_dir = NULL; |
1855 | - struct slist *other_dir_esps = NULL; |
1856 | - struct esp_tuple *esp_tuple = NULL; |
1857 | - const struct in6_addr *ip6_src = &ctx->src; |
1858 | - int err = 1; |
1859 | + const struct hip_esp_info *spi = NULL; |
1860 | + struct tuple *other_dir = NULL; |
1861 | + struct slist *other_dir_esps = NULL; |
1862 | + struct esp_tuple *esp_tuple = NULL; |
1863 | + const struct in6_addr *ip6_src = &ctx->src; |
1864 | + int err = 1; |
1865 | |
1866 | HIP_IFEL(!(spi = hip_get_param(common, HIP_PARAM_ESP_INFO)), |
1867 | 0, "no spi found\n"); |
1868 | @@ -1103,7 +1102,7 @@ |
1869 | esp_tuple->dst_addr_list = NULL; |
1870 | esp_tuple->dst_addr_list = update_esp_address(esp_tuple->dst_addr_list, |
1871 | ip6_src, NULL); |
1872 | - esp_tuple->tuple = other_dir; |
1873 | + esp_tuple->tuple = other_dir; |
1874 | |
1875 | insert_esp_tuple(esp_tuple); |
1876 | |
1877 | @@ -1144,8 +1143,8 @@ |
1878 | struct esp_tuple *esp_tuple) |
1879 | { |
1880 | const struct hip_locator_info_addr_item *locator_addr = NULL; |
1881 | - int err = 1; |
1882 | - int n = 0; |
1883 | + int err = 1; |
1884 | + int n = 0; |
1885 | |
1886 | HIP_DEBUG("\n"); |
1887 | |
1888 | @@ -1164,8 +1163,8 @@ |
1889 | esp_tuple->new_spi = ntohl(esp_info->new_spi); |
1890 | esp_tuple->spi_update_id = seq->update_id; |
1891 | |
1892 | - n = (hip_get_param_total_len(locator) - sizeof(struct hip_locator)) |
1893 | - / sizeof(struct hip_locator_info_addr_item); |
1894 | + n = (hip_get_param_total_len(locator) - sizeof(struct hip_locator)) |
1895 | + / sizeof(struct hip_locator_info_addr_item); |
1896 | |
1897 | if (n < 1) { |
1898 | HIP_DEBUG("no locator param found\n"); |
1899 | @@ -1212,7 +1211,7 @@ |
1900 | } |
1901 | |
1902 | n = (hip_get_param_total_len(locator) - sizeof(struct hip_locator)) |
1903 | - / sizeof(struct hip_locator_info_addr_item); |
1904 | + / sizeof(struct hip_locator_info_addr_item); |
1905 | HIP_DEBUG(" %d locator addresses\n", n); |
1906 | |
1907 | locator_addr = (const struct hip_locator_info_addr_item *) |
1908 | @@ -1256,14 +1255,14 @@ |
1909 | struct tuple *tuple, |
1910 | const struct hip_fw_context *ctx) |
1911 | { |
1912 | - const struct hip_seq *seq = NULL; |
1913 | - const struct hip_esp_info *esp_info = NULL; |
1914 | - const struct hip_ack *ack = NULL; |
1915 | - const struct hip_locator *locator = NULL; |
1916 | - const struct hip_spi *spi = NULL; |
1917 | - struct tuple *other_dir_tuple = NULL; |
1918 | - const struct in6_addr *ip6_src = &ctx->src; |
1919 | - int err = 1; |
1920 | + const struct hip_seq *seq = NULL; |
1921 | + const struct hip_esp_info *esp_info = NULL; |
1922 | + const struct hip_ack *ack = NULL; |
1923 | + const struct hip_locator *locator = NULL; |
1924 | + const struct hip_spi *spi = NULL; |
1925 | + struct tuple *other_dir_tuple = NULL; |
1926 | + const struct in6_addr *ip6_src = &ctx->src; |
1927 | + int err = 1; |
1928 | |
1929 | /* get params from UPDATE message */ |
1930 | seq = hip_get_param(common, HIP_PARAM_SEQ); |
1931 | @@ -1316,7 +1315,7 @@ |
1932 | } |
1933 | |
1934 | /* we have to consider the src ip address in case of cascading NATs (see above FIXME) */ |
1935 | - esp_tuple = esp_tuple_from_esp_info(esp_info, ip6_src, other_dir_tuple); |
1936 | + esp_tuple = esp_tuple_from_esp_info(esp_info, ip6_src, other_dir_tuple); |
1937 | |
1938 | other_dir_tuple->esp_tuples = append_to_slist(other_dir_esps, |
1939 | esp_tuple); |
1940 | @@ -1334,8 +1333,8 @@ |
1941 | } |
1942 | } else { |
1943 | /* we already know this connection */ |
1944 | - struct slist *other_dir_esps = NULL; |
1945 | - struct esp_tuple *esp_tuple = NULL; |
1946 | + struct slist *other_dir_esps = NULL; |
1947 | + struct esp_tuple *esp_tuple = NULL; |
1948 | |
1949 | if (tuple->direction == ORIGINAL_DIR) { |
1950 | other_dir_tuple = &tuple->connection->reply; |
1951 | @@ -1523,11 +1522,11 @@ |
1952 | struct hip_fw_context *ctx) |
1953 | { |
1954 | #ifdef CONFIG_HIP_OPPORTUNISTIC |
1955 | - hip_hit_t phit; |
1956 | + hip_hit_t phit; |
1957 | struct in6_addr all_zero_addr; |
1958 | #endif |
1959 | struct in6_addr hit; |
1960 | - int err = 1; |
1961 | + int err = 1; |
1962 | |
1963 | HIP_DEBUG("check packet: type %d \n", common->type_hdr); |
1964 | |
1965 | @@ -1567,7 +1566,6 @@ |
1966 | HIP_DEBUG("verifying signature...\n"); |
1967 | if (tuple->hip_tuple->data->verify(tuple->hip_tuple->data->src_pub_key, |
1968 | common)) { |
1969 | - |
1970 | HIP_INFO("Signature verification failed\n"); |
1971 | |
1972 | err = 0; |
1973 | @@ -1684,14 +1682,14 @@ |
1974 | */ |
1975 | int hipfw_relay_esp(const struct hip_fw_context *ctx) |
1976 | { |
1977 | - struct iphdr *iph = (struct iphdr *) ctx->ipq_packet->payload; |
1978 | - struct udphdr *udph = (struct udphdr *) ((uint8_t *) iph + iph->ihl * 4); |
1979 | - int len = ctx->ipq_packet->data_len - iph->ihl * 4; |
1980 | - struct slist *list = (struct slist *) esp_list; |
1981 | - struct tuple *tuple = NULL; |
1982 | - struct hip_esp *esp = ctx->transport_hdr.esp; |
1983 | - int err = 0; |
1984 | - uint32_t spi; |
1985 | + struct iphdr *iph = (struct iphdr *) ctx->ipq_packet->payload; |
1986 | + struct udphdr *udph = (struct udphdr *) ((uint8_t *) iph + iph->ihl * 4); |
1987 | + int len = ctx->ipq_packet->data_len - iph->ihl * 4; |
1988 | + struct slist *list = (struct slist *) esp_list; |
1989 | + struct tuple *tuple = NULL; |
1990 | + struct hip_esp *esp = ctx->transport_hdr.esp; |
1991 | + int err = 0; |
1992 | + uint32_t spi; |
1993 | |
1994 | HIP_IFEL(!list, -1, "List is empty\n"); |
1995 | HIP_IFEL((iph->protocol != IPPROTO_UDP), -1, |
1996 | @@ -1734,7 +1732,7 @@ |
1997 | HIP_DEBUG_IN6ADDR("esp_relay_addr", &tuple->esp_relay_daddr); |
1998 | |
1999 | udph->source = htons(HIP_NAT_UDP_PORT); |
2000 | - udph->dest = htons(tuple->esp_relay_dport); |
2001 | + udph->dest = htons(tuple->esp_relay_dport); |
2002 | udph->check = 0; |
2003 | |
2004 | HIP_DEBUG("Relaying packet\n"); |
2005 | @@ -1759,13 +1757,13 @@ |
2006 | */ |
2007 | int filter_esp_state(const struct hip_fw_context *ctx) |
2008 | { |
2009 | - const struct in6_addr *dst_addr = NULL; |
2010 | - const struct in6_addr *src_addr = NULL; |
2011 | - struct hip_esp *esp = NULL; |
2012 | - struct tuple *tuple = NULL; |
2013 | - struct esp_tuple *esp_tuple = NULL; |
2014 | + const struct in6_addr *dst_addr = NULL; |
2015 | + const struct in6_addr *src_addr = NULL; |
2016 | + struct hip_esp *esp = NULL; |
2017 | + struct tuple *tuple = NULL; |
2018 | + struct esp_tuple *esp_tuple = NULL; |
2019 | // don't accept packet with this rule by default |
2020 | - int err = 0; |
2021 | + int err = 0; |
2022 | uint32_t spi; |
2023 | |
2024 | dst_addr = &ctx->dst; |
2025 | @@ -1773,7 +1771,7 @@ |
2026 | esp = ctx->transport_hdr.esp; |
2027 | |
2028 | // needed to de-multiplex ESP traffic |
2029 | - spi = ntohl(esp->esp_spi); |
2030 | + spi = ntohl(esp->esp_spi); |
2031 | |
2032 | // match packet against known connections |
2033 | HIP_DEBUG("filtering ESP packet against known connections...\n"); |
2034 | @@ -1839,13 +1837,13 @@ |
2035 | struct hip_common *buf, const struct state_option *option, |
2036 | const int must_accept, struct hip_fw_context *ctx) |
2037 | { |
2038 | - struct hip_data *data = NULL; |
2039 | - struct tuple *tuple = NULL; |
2040 | + struct hip_data *data = NULL; |
2041 | + struct tuple *tuple = NULL; |
2042 | // FIXME results in unsafe use in filter_hip() |
2043 | - int return_value = -1; //invalid value |
2044 | + int return_value = -1; //invalid value |
2045 | |
2046 | // get data form the buffer and put it in a new data structure |
2047 | - data = get_hip_data(buf); |
2048 | + data = get_hip_data(buf); |
2049 | // look up the tuple in the database |
2050 | tuple = get_tuple_by_hip(data, buf->type_hdr, ip6_src); |
2051 | free(data); |
2052 | @@ -1882,11 +1880,11 @@ |
2053 | } else { |
2054 | if ((option->int_opt.value == CONN_ESTABLISHED && option->int_opt.boolean |
2055 | && !must_accept) || (option->int_opt.value == CONN_NEW && |
2056 | - !option->int_opt.boolean && !must_accept)) { |
2057 | + !option->int_opt.boolean && !must_accept)) { |
2058 | remove_connection(tuple->connection); |
2059 | tuple->connection = NULL; |
2060 | |
2061 | - return_value = 1; |
2062 | + return_value = 1; |
2063 | goto out_err; |
2064 | } |
2065 | } |
2066 | @@ -1913,12 +1911,12 @@ |
2067 | struct hip_common *buf, |
2068 | struct hip_fw_context *ctx) |
2069 | { |
2070 | - struct hip_data *data = NULL; |
2071 | - struct tuple *tuple = NULL; |
2072 | - int verdict = 0; |
2073 | + struct hip_data *data = NULL; |
2074 | + struct tuple *tuple = NULL; |
2075 | + int verdict = 0; |
2076 | |
2077 | // convert to new data type |
2078 | - data = get_hip_data(buf); |
2079 | + data = get_hip_data(buf); |
2080 | // look up tuple in the db |
2081 | tuple = get_tuple_by_hip(data, buf->type_hdr, ip6_src); |
2082 | |
2083 | |
2084 | === modified file 'firewall/dlist.c' |
2085 | --- firewall/dlist.c 2011-01-06 17:03:31 +0000 |
2086 | +++ firewall/dlist.c 2011-01-11 14:04:40 +0000 |
2087 | @@ -108,6 +108,7 @@ |
2088 | } |
2089 | return length; |
2090 | } |
2091 | + |
2092 | #endif /* CONFIG_HIP_DEBUG */ |
2093 | |
2094 | /** |
2095 | |
2096 | === modified file 'firewall/esp_prot_api.c' |
2097 | --- firewall/esp_prot_api.c 2011-01-04 14:23:17 +0000 |
2098 | +++ firewall/esp_prot_api.c 2011-01-11 14:04:40 +0000 |
2099 | @@ -100,7 +100,7 @@ |
2100 | // used hash lengths |
2101 | int hash_lengths[NUM_HASH_FUNCTIONS][NUM_HASH_LENGTHS]; |
2102 | /* is used for hash chains and trees simultaneously used hash functions */ |
2103 | -hash_function hash_functions[NUM_HASH_FUNCTIONS] = {(hash_function) SHA1}; |
2104 | +hash_function hash_functions[NUM_HASH_FUNCTIONS] = { (hash_function) SHA1 }; |
2105 | |
2106 | /********* internal settings (derived from config-file) *********/ |
2107 | // lengths of the hash structures in the stores |
2108 | @@ -127,12 +127,12 @@ |
2109 | int *out_length, |
2110 | const struct hip_sa_entry *entry) |
2111 | { |
2112 | - int err = 0, i, j; |
2113 | - int repeat = 1; |
2114 | - int hash_length = 0; |
2115 | + int err = 0, i, j; |
2116 | + int repeat = 1; |
2117 | + int hash_length = 0; |
2118 | uint32_t chosen_el[num_linear_elements + num_random_elements]; |
2119 | - uint32_t rand_el = 0; |
2120 | - int item_length = 0; |
2121 | + uint32_t rand_el = 0; |
2122 | + int item_length = 0; |
2123 | |
2124 | HIP_ASSERT(ring_buffer_size >= num_linear_elements + num_random_elements); |
2125 | |
2126 | @@ -159,7 +159,7 @@ |
2127 | // then add randomly |
2128 | for (i = 0; i < num_random_elements; i++) { |
2129 | while (repeat) { |
2130 | - repeat = 0; |
2131 | + repeat = 0; |
2132 | |
2133 | // draw random element |
2134 | RAND_bytes((unsigned char *) &rand_el, sizeof(uint32_t)); |
2135 | @@ -199,8 +199,8 @@ |
2136 | const uint8_t transform) |
2137 | { |
2138 | struct esp_prot_tfm *prot_transform = NULL; |
2139 | - void *return_item = NULL; |
2140 | - int use_hash_trees = 0, err = 0; |
2141 | + void *return_item = NULL; |
2142 | + int use_hash_trees = 0, err = 0; |
2143 | |
2144 | HIP_ASSERT(item_anchor != NULL); |
2145 | |
2146 | @@ -212,13 +212,13 @@ |
2147 | } |
2148 | |
2149 | HIP_IFEL(!(return_item = |
2150 | - hcstore_get_item_by_anchor(&bex_store, |
2151 | - prot_transform->hash_func_id, |
2152 | - prot_transform->hash_length_id, |
2153 | - NUM_BEX_HIERARCHIES - 1, |
2154 | - item_anchor, use_hash_trees)), |
2155 | - -1, |
2156 | - "unable to retrieve hchain from bex store\n"); |
2157 | + hcstore_get_item_by_anchor(&bex_store, |
2158 | + prot_transform->hash_func_id, |
2159 | + prot_transform->hash_length_id, |
2160 | + NUM_BEX_HIERARCHIES - 1, |
2161 | + item_anchor, use_hash_trees)), |
2162 | + -1, |
2163 | + "unable to retrieve hchain from bex store\n"); |
2164 | |
2165 | // refill bex-store if necessary |
2166 | HIP_IFEL((err = hcstore_refill(&bex_store, use_hash_trees)) < 0, -1, |
2167 | @@ -247,12 +247,12 @@ |
2168 | */ |
2169 | int esp_prot_init(void) |
2170 | { |
2171 | - int bex_function_id = 0, update_function_id = 0; |
2172 | - int bex_hash_length_id = 0, update_hash_length_id = 0; |
2173 | - int use_hash_trees = 0; |
2174 | - int err = 0, i, j, g; |
2175 | - int activate = 1; |
2176 | - config_t *config = NULL; |
2177 | + int bex_function_id = 0, update_function_id = 0; |
2178 | + int bex_hash_length_id = 0, update_hash_length_id = 0; |
2179 | + int use_hash_trees = 0; |
2180 | + int err = 0, i, j, g; |
2181 | + int activate = 1; |
2182 | + config_t *config = NULL; |
2183 | |
2184 | HIP_DEBUG("Initializing the esp protection extension...\n"); |
2185 | |
2186 | @@ -266,8 +266,8 @@ |
2187 | * NOTE internal structure partially more flexible than interface provided by |
2188 | * config-file */ |
2189 | hash_lengths[NUM_HASH_FUNCTIONS - 1][NUM_HASH_LENGTHS - 1] = hash_length_g; |
2190 | - bex_hchain_length = hash_structure_length; |
2191 | - update_hchain_lengths[NUM_UPDATE_HCHAIN_LENGTHS - 1] = hash_structure_length; |
2192 | + bex_hchain_length = hash_structure_length; |
2193 | + update_hchain_lengths[NUM_UPDATE_HCHAIN_LENGTHS - 1] = hash_structure_length; |
2194 | |
2195 | /* activate the extension in hipd |
2196 | * |
2197 | @@ -280,10 +280,10 @@ |
2198 | /* init the hash-chain stores */ |
2199 | HIP_IFEL(hcstore_init(&bex_store, num_hchains_per_item, |
2200 | refill_threshold), -1, |
2201 | - "failed to initialize the bex-store\n"); |
2202 | + "failed to initialize the bex-store\n"); |
2203 | HIP_IFEL(hcstore_init(&update_store, num_hchains_per_item, |
2204 | refill_threshold), -1, |
2205 | - "failed to initialize the update-store\n"); |
2206 | + "failed to initialize the update-store\n"); |
2207 | |
2208 | HIP_DEBUG("setting up esp_prot_transforms...\n"); |
2209 | |
2210 | @@ -303,15 +303,15 @@ |
2211 | for (i = 0; i < NUM_HASH_FUNCTIONS; i++) { |
2212 | // first we have to register the function |
2213 | HIP_IFEL((bex_function_id = |
2214 | - hcstore_register_function(&bex_store, |
2215 | - hash_functions[i])) < 0, |
2216 | - -1, |
2217 | - "failed to register hash-function in bex-store\n"); |
2218 | + hcstore_register_function(&bex_store, |
2219 | + hash_functions[i])) < 0, |
2220 | + -1, |
2221 | + "failed to register hash-function in bex-store\n"); |
2222 | HIP_IFEL((update_function_id = |
2223 | - hcstore_register_function(&update_store, |
2224 | - hash_functions[i])) < 0, |
2225 | - -1, |
2226 | - "failed to register hash-function in update-store\n"); |
2227 | + hcstore_register_function(&update_store, |
2228 | + hash_functions[i])) < 0, |
2229 | + -1, |
2230 | + "failed to register hash-function in update-store\n"); |
2231 | |
2232 | // ensure the 2 stores are in sync |
2233 | HIP_ASSERT(bex_function_id == update_function_id); |
2234 | @@ -320,15 +320,15 @@ |
2235 | if (hash_lengths[i][j] > 0) { |
2236 | // now we can register the hash lengths for this function |
2237 | HIP_IFEL((bex_hash_length_id = |
2238 | - hcstore_register_hash_length(&bex_store, |
2239 | - bex_function_id, |
2240 | - hash_lengths[i][j])) < 0, |
2241 | - -1, |
2242 | - "failed to register hash-length in bex-store\n"); |
2243 | + hcstore_register_hash_length(&bex_store, |
2244 | + bex_function_id, |
2245 | + hash_lengths[i][j])) < 0, |
2246 | + -1, |
2247 | + "failed to register hash-length in bex-store\n"); |
2248 | HIP_IFEL((update_hash_length_id = hcstore_register_hash_length( |
2249 | &update_store, update_function_id, |
2250 | hash_lengths[i][j])) < 0, -1, |
2251 | - "failed to register hash-length in update-store\n"); |
2252 | + "failed to register hash-length in update-store\n"); |
2253 | |
2254 | // ensure the 2 stores are in sync |
2255 | HIP_ASSERT(bex_hash_length_id == update_hash_length_id); |
2256 | @@ -336,36 +336,36 @@ |
2257 | // store these IDs in the transforms array |
2258 | if (esp_prot_transforms[token_transform].is_used) { |
2259 | esp_prot_transforms[token_transform].hash_func_id = |
2260 | - bex_function_id; |
2261 | + bex_function_id; |
2262 | esp_prot_transforms[token_transform].hash_length_id = |
2263 | - bex_hash_length_id; |
2264 | + bex_hash_length_id; |
2265 | } |
2266 | |
2267 | /* also register the the hchain lengths for this function and this |
2268 | * hash length */ |
2269 | HIP_IFEL(hcstore_register_hash_item_length( |
2270 | - &bex_store, bex_function_id, bex_hash_length_id, |
2271 | - bex_hchain_length) < 0, -1, |
2272 | - "failed to register hchain-length in bex-store\n"); |
2273 | + &bex_store, bex_function_id, bex_hash_length_id, |
2274 | + bex_hchain_length) < 0, -1, |
2275 | + "failed to register hchain-length in bex-store\n"); |
2276 | |
2277 | /* register number of hierarchies in BEX-store */ |
2278 | HIP_IFEL(hcstore_register_hash_item_hierarchy( |
2279 | - &bex_store, bex_function_id, bex_hash_length_id, |
2280 | - bex_hchain_length, NUM_BEX_HIERARCHIES) < 0, -1, |
2281 | - "failed to register hchain-hierarchy in bex-store\n"); |
2282 | + &bex_store, bex_function_id, bex_hash_length_id, |
2283 | + bex_hchain_length, NUM_BEX_HIERARCHIES) < 0, -1, |
2284 | + "failed to register hchain-hierarchy in bex-store\n"); |
2285 | |
2286 | for (g = 0; g < NUM_UPDATE_HCHAIN_LENGTHS; g++) { |
2287 | HIP_IFEL(hcstore_register_hash_item_length( |
2288 | - &update_store, update_function_id, |
2289 | - update_hash_length_id, |
2290 | - update_hchain_lengths[g]) < 0, -1, |
2291 | - "failed to register hchain-length in update-store\n"); |
2292 | + &update_store, update_function_id, |
2293 | + update_hash_length_id, |
2294 | + update_hchain_lengths[g]) < 0, -1, |
2295 | + "failed to register hchain-length in update-store\n"); |
2296 | |
2297 | HIP_IFEL(hcstore_register_hash_item_hierarchy( |
2298 | - &update_store, update_function_id, |
2299 | - update_hash_length_id, update_hchain_lengths[g], |
2300 | - num_hierarchies) < 0, -1, |
2301 | - "failed to register hchain-hierarchy in update-store\n"); |
2302 | + &update_store, update_function_id, |
2303 | + update_hash_length_id, update_hchain_lengths[g], |
2304 | + num_hierarchies) < 0, -1, |
2305 | + "failed to register hchain-hierarchy in update-store\n"); |
2306 | } |
2307 | } else { |
2308 | // for this hash-function we have already processed all hash-lengths |
2309 | @@ -441,11 +441,11 @@ |
2310 | unsigned char (*esp_prot_anchors)[MAX_HASH_LENGTH], |
2311 | const int update) |
2312 | { |
2313 | - int hash_length = 0, err = 0; |
2314 | - int use_hash_trees = 0; |
2315 | - struct hash_chain *hchain = NULL; |
2316 | - struct hash_tree *htree = NULL; |
2317 | - uint16_t i; |
2318 | + int hash_length = 0, err = 0; |
2319 | + int use_hash_trees = 0; |
2320 | + struct hash_chain *hchain = NULL; |
2321 | + struct hash_tree *htree = NULL; |
2322 | + uint16_t i; |
2323 | |
2324 | HIP_ASSERT(entry != 0); |
2325 | HIP_ASSERT(entry->direction == 1 || entry->direction == 2); |
2326 | @@ -470,7 +470,7 @@ |
2327 | HIP_DEBUG("found matching esp prot transforms\n"); |
2328 | |
2329 | // we have to get the hash_length |
2330 | - hash_length = esp_prot_get_hash_length(esp_prot_transform); |
2331 | + hash_length = esp_prot_get_hash_length(esp_prot_transform); |
2332 | |
2333 | entry->update_item_length = hash_item_length; |
2334 | |
2335 | @@ -486,14 +486,14 @@ |
2336 | |
2337 | HIP_IFEL(memcmp(&esp_prot_anchors[i][0], |
2338 | htree->root, hash_length), -1, |
2339 | - "received a non-matching root from hipd for next_hchain\n"); |
2340 | + "received a non-matching root from hipd for next_hchain\n"); |
2341 | } else { |
2342 | hchain = entry->next_hash_items[i]; |
2343 | |
2344 | HIP_IFEL(memcmp(&esp_prot_anchors[i][0], |
2345 | hchain_get_anchor(hchain), |
2346 | hash_length), -1, |
2347 | - "received a non-matching anchor from hipd for next_hchain\n"); |
2348 | + "received a non-matching anchor from hipd for next_hchain\n"); |
2349 | } |
2350 | |
2351 | entry->update_item_acked[i] = 1; |
2352 | @@ -519,9 +519,9 @@ |
2353 | if (i < esp_num_anchors) { |
2354 | HIP_IFEL(!(entry->active_hash_items[i] = |
2355 | esp_prot_get_bex_item_by_anchor( |
2356 | - &esp_prot_anchors[i][0], |
2357 | - esp_prot_transform)), |
2358 | - -1, "corresponding hchain not found\n"); |
2359 | + &esp_prot_anchors[i][0], |
2360 | + esp_prot_transform)), |
2361 | + -1, "corresponding hchain not found\n"); |
2362 | } else { |
2363 | entry->active_hash_items[i] = NULL; |
2364 | } |
2365 | @@ -579,7 +579,7 @@ |
2366 | { |
2367 | struct esp_prot_tfm *prot_transform = NULL; |
2368 | hash_function hash_func = NULL; |
2369 | - int err = 0; |
2370 | + int err = 0; |
2371 | |
2372 | HIP_IFEL(!(prot_transform = esp_prot_resolve_transform(transform)), 1, |
2373 | "tried to resolve UNUSED or UNKNOWN transform\n"); |
2374 | @@ -604,7 +604,7 @@ |
2375 | int esp_prot_get_hash_length(const uint8_t transform) |
2376 | { |
2377 | struct esp_prot_tfm *prot_transform = NULL; |
2378 | - int err = 0; |
2379 | + int err = 0; |
2380 | |
2381 | // return length 0 for UNUSED transform |
2382 | HIP_IFEL(!(prot_transform = esp_prot_resolve_transform(transform)), 0, |
2383 | @@ -628,13 +628,13 @@ |
2384 | const uint16_t esp_length, |
2385 | struct hip_sa_entry *entry) |
2386 | { |
2387 | - int err = 0; |
2388 | - hash_function hash_func = NULL; |
2389 | - int hash_length = 0; |
2390 | + int err = 0; |
2391 | + hash_function hash_func = NULL; |
2392 | + int hash_length = 0; |
2393 | |
2394 | // check whether cumulative authentication is active |
2395 | if (entry->esp_prot_transform == ESP_PROT_TFM_CUMULATIVE || |
2396 | - entry->esp_prot_transform == ESP_PROT_TFM_PARA_CUMUL) { |
2397 | + entry->esp_prot_transform == ESP_PROT_TFM_PARA_CUMUL) { |
2398 | hash_length = esp_prot_get_hash_length(entry->esp_prot_transform); |
2399 | hash_func = esp_prot_get_hash_function(entry->esp_prot_transform); |
2400 | |
2401 | @@ -665,13 +665,13 @@ |
2402 | int esp_prot_add_hash(unsigned char *esp_packet, int *out_length, |
2403 | struct hip_sa_entry *entry) |
2404 | { |
2405 | - const unsigned char *tmp_hash = NULL; |
2406 | - int err = 0; |
2407 | - uint32_t htree_index = 0; |
2408 | - uint32_t htree_index_net = 0; |
2409 | - struct hash_chain *hchain = NULL; |
2410 | - struct hash_tree *htree = NULL; |
2411 | - int branch_length = 0; |
2412 | + const unsigned char *tmp_hash = NULL; |
2413 | + int err = 0; |
2414 | + uint32_t htree_index = 0; |
2415 | + uint32_t htree_index_net = 0; |
2416 | + struct hash_chain *hchain = NULL; |
2417 | + struct hash_tree *htree = NULL; |
2418 | + int branch_length = 0; |
2419 | |
2420 | HIP_ASSERT(esp_packet != NULL); |
2421 | HIP_ASSERT(*out_length == 0); |
2422 | @@ -693,39 +693,36 @@ |
2423 | memcpy(esp_packet, &htree_index_net, sizeof(uint32_t)); |
2424 | |
2425 | // get hash token and add it - only returns a reference into the array |
2426 | - tmp_hash = htree_get_data(htree, htree_index, |
2427 | - out_length); |
2428 | + tmp_hash = htree_get_data(htree, htree_index, |
2429 | + out_length); |
2430 | memcpy(esp_packet + sizeof(uint32_t), tmp_hash, *out_length); |
2431 | |
2432 | - *out_length += sizeof(uint32_t); |
2433 | + *out_length += sizeof(uint32_t); |
2434 | |
2435 | // add the verification branch - directly memcpy elements into packet |
2436 | HIP_IFEL(!htree_get_branch(htree, htree_index, |
2437 | esp_packet + *out_length, |
2438 | &branch_length), -1, |
2439 | - "failed to get verification branch\n"); |
2440 | + "failed to get verification branch\n"); |
2441 | |
2442 | *out_length += branch_length; |
2443 | |
2444 | HIP_DEBUG("htree_index: %u\n", htree_index); |
2445 | HIP_DEBUG("htree_index (packet): %u\n", |
2446 | *(uint32_t *) esp_packet); |
2447 | - |
2448 | } else { |
2449 | HIP_DEBUG("htree depleted, dropping packet\n"); |
2450 | |
2451 | err = 1; |
2452 | } |
2453 | - |
2454 | } else { |
2455 | - |
2456 | if (token_transform == ESP_PROT_TFM_PARALLEL) { |
2457 | hchain = entry->active_hash_items[entry->last_used_chain]; |
2458 | |
2459 | HIP_DEBUG("entry->last_used_chain: %i\n", entry->last_used_chain); |
2460 | |
2461 | entry->last_used_chain = |
2462 | - (entry->last_used_chain + 1) % num_parallel_hchains; |
2463 | + (entry->last_used_chain + 1) % num_parallel_hchains; |
2464 | } else { |
2465 | hchain = entry->active_hash_items[0]; |
2466 | } |
2467 | @@ -797,7 +794,7 @@ |
2468 | const int next_root_length) |
2469 | { |
2470 | uint32_t tmp_distance = 0; |
2471 | - int err = 0; |
2472 | + int err = 0; |
2473 | |
2474 | HIP_ASSERT(hash_func != NULL); |
2475 | HIP_ASSERT(hash_length > 0); |
2476 | @@ -891,7 +888,7 @@ |
2477 | const int next_uroot_length, |
2478 | const unsigned char *hash_value) |
2479 | { |
2480 | - int err = 0; |
2481 | + int err = 0; |
2482 | uint32_t data_index = 0; |
2483 | |
2484 | HIP_ASSERT(hash_func != NULL); |
2485 | @@ -968,7 +965,7 @@ |
2486 | HIP_DEBUG("resolving transform: %u\n", transform); |
2487 | |
2488 | if (transform > ESP_PROT_TFM_UNUSED && |
2489 | - esp_prot_transforms[transform].is_used) { |
2490 | + esp_prot_transforms[transform].is_used) { |
2491 | return &esp_prot_transforms[transform]; |
2492 | } else { |
2493 | return NULL; |
2494 | @@ -995,7 +992,7 @@ |
2495 | offset += esp_prot_get_hash_length(entry->esp_prot_transform); |
2496 | |
2497 | if (entry->esp_prot_transform == ESP_PROT_TFM_CUMULATIVE |
2498 | - || entry->esp_prot_transform == ESP_PROT_TFM_PARA_CUMUL) { |
2499 | + || entry->esp_prot_transform == ESP_PROT_TFM_PARA_CUMUL) { |
2500 | offset += ((esp_prot_get_hash_length(entry->esp_prot_transform) + sizeof(uint32_t)) |
2501 | * (num_linear_elements + num_random_elements)); |
2502 | } |
2503 | @@ -1015,20 +1012,20 @@ |
2504 | */ |
2505 | int esp_prot_sadb_maintenance(struct hip_sa_entry *entry) |
2506 | { |
2507 | - int has_linked_anchor = 0, soft_update = 1; |
2508 | - int err = 0; |
2509 | - int anchor_length = 0; |
2510 | - int anchor_offset[MAX_NUM_PARALLEL_HCHAINS]; |
2511 | + int has_linked_anchor = 0, soft_update = 1; |
2512 | + int err = 0; |
2513 | + int anchor_length = 0; |
2514 | + int anchor_offset[MAX_NUM_PARALLEL_HCHAINS]; |
2515 | const unsigned char *anchors[MAX_NUM_PARALLEL_HCHAINS]; |
2516 | struct esp_prot_tfm *prot_transform = NULL; |
2517 | struct hash_tree *htree = NULL; |
2518 | struct hash_chain *hchain = NULL; |
2519 | - struct hash_tree *link_trees[MAX_NUM_PARALLEL_HCHAINS]; |
2520 | - int hash_item_length = 0; |
2521 | - int remaining = 0, i, j; |
2522 | - int threshold = 0; |
2523 | - int use_hash_trees = 0; |
2524 | - int hierarchy_level = 0; |
2525 | + struct hash_tree *link_trees[MAX_NUM_PARALLEL_HCHAINS]; |
2526 | + int hash_item_length = 0; |
2527 | + int remaining = 0, i, j; |
2528 | + int threshold = 0; |
2529 | + int use_hash_trees = 0; |
2530 | + int hierarchy_level = 0; |
2531 | |
2532 | HIP_ASSERT(entry != NULL); |
2533 | |
2534 | @@ -1041,14 +1038,14 @@ |
2535 | htree = entry->active_hash_items[0]; |
2536 | hash_item_length = htree->num_data_blocks; |
2537 | |
2538 | - remaining = htree_get_num_remaining(htree); |
2539 | - threshold = htree->num_data_blocks * update_threshold; |
2540 | + remaining = htree_get_num_remaining(htree); |
2541 | + threshold = htree->num_data_blocks * update_threshold; |
2542 | } else { |
2543 | hchain = entry->active_hash_items[0]; |
2544 | hash_item_length = hchain->hchain_length; |
2545 | |
2546 | - remaining = hchain_get_num_remaining(hchain); |
2547 | - threshold = hchain->hchain_length * update_threshold; |
2548 | + remaining = hchain_get_num_remaining(hchain); |
2549 | + threshold = hchain->hchain_length * update_threshold; |
2550 | } |
2551 | |
2552 | /* ensure that the next hash-items are set up before the active ones |
2553 | @@ -1074,8 +1071,8 @@ |
2554 | } |
2555 | |
2556 | HIP_IFEL(!(prot_transform = |
2557 | - esp_prot_resolve_transform(entry->esp_prot_transform)), |
2558 | - 1, "tried to resolve UNUSED transform\n"); |
2559 | + esp_prot_resolve_transform(entry->esp_prot_transform)), |
2560 | + 1, "tried to resolve UNUSED transform\n"); |
2561 | |
2562 | /* soft-update vs. PK-update |
2563 | * -> do a soft-update */ |
2564 | @@ -1087,19 +1084,19 @@ |
2565 | while (htree_has_more_data(link_trees[i])) { |
2566 | // get the next hchain from the link_tree |
2567 | anchor_offset[i] = |
2568 | - htree_get_next_data_offset(link_trees[i]); |
2569 | - anchors[i] = |
2570 | - htree_get_data(link_trees[i], anchor_offset[i], |
2571 | - &anchor_length); |
2572 | + htree_get_next_data_offset(link_trees[i]); |
2573 | + anchors[i] = |
2574 | + htree_get_data(link_trees[i], anchor_offset[i], |
2575 | + &anchor_length); |
2576 | |
2577 | // set next_hash_item, if linked one is available |
2578 | - if ((entry->next_hash_items[i]= |
2579 | - hcstore_get_item_by_anchor(&update_store, |
2580 | - prot_transform->hash_func_id, |
2581 | - prot_transform->hash_length_id, |
2582 | - hierarchy_level - 1, |
2583 | - anchors[i], |
2584 | - use_hash_trees))) { |
2585 | + if ((entry->next_hash_items[i] = |
2586 | + hcstore_get_item_by_anchor(&update_store, |
2587 | + prot_transform->hash_func_id, |
2588 | + prot_transform->hash_length_id, |
2589 | + hierarchy_level - 1, |
2590 | + anchors[i], |
2591 | + use_hash_trees))) { |
2592 | HIP_DEBUG("linked hchain found in store, soft-update\n"); |
2593 | |
2594 | has_linked_anchor = 1; |
2595 | @@ -1130,7 +1127,7 @@ |
2596 | |
2597 | /* and restart the loop |
2598 | * NOTE continues results in i++ */ |
2599 | - i = -1; |
2600 | + i = -1; |
2601 | |
2602 | continue; |
2603 | } |
2604 | @@ -1145,10 +1142,10 @@ |
2605 | * hchain lengths |
2606 | */ |
2607 | HIP_IFEL(!(entry->next_hash_items[i] = |
2608 | - hcstore_get_hash_item(&update_store, |
2609 | - prot_transform->hash_func_id, |
2610 | - prot_transform->hash_length_id, |
2611 | - update_hchain_lengths[DEFAULT_HCHAIN_LENGTH_ID])), |
2612 | + hcstore_get_hash_item(&update_store, |
2613 | + prot_transform->hash_func_id, |
2614 | + prot_transform->hash_length_id, |
2615 | + update_hchain_lengths[DEFAULT_HCHAIN_LENGTH_ID])), |
2616 | -1, "unable to retrieve hchain from store\n"); |
2617 | |
2618 | if (use_hash_trees) { |
2619 | @@ -1168,7 +1165,7 @@ |
2620 | HIP_IFEL(send_trigger_update_to_hipd(entry, anchors, |
2621 | hash_item_length, soft_update, |
2622 | anchor_offset, link_trees), -1, |
2623 | - "unable to trigger update at hipd\n"); |
2624 | + "unable to trigger update at hipd\n"); |
2625 | |
2626 | // refill update-store |
2627 | HIP_IFEL((err = hcstore_refill(&update_store, use_hash_trees)) < 0, -1, |
2628 | @@ -1177,7 +1174,7 @@ |
2629 | |
2630 | /* activate next hchains if current ones are depleted and update has been acked |
2631 | * -> assume first hchain represents all parallel ones */ |
2632 | - if (entry->next_hash_items[0] && entry->update_item_acked[0]&& remaining == 0) { |
2633 | + if (entry->next_hash_items[0] && entry->update_item_acked[0] && remaining == 0) { |
2634 | for (i = 0; i < num_parallel_hchains; i++) { |
2635 | // this will free all linked elements in the hchain |
2636 | if (use_hash_trees) { |
2637 | |
2638 | === modified file 'firewall/esp_prot_api.h' |
2639 | --- firewall/esp_prot_api.h 2011-01-04 14:23:17 +0000 |
2640 | +++ firewall/esp_prot_api.h 2011-01-11 14:04:40 +0000 |
2641 | @@ -55,19 +55,19 @@ |
2642 | }; |
2643 | |
2644 | |
2645 | -extern int token_transform; |
2646 | -extern int num_parallel_hchains; |
2647 | -extern int ring_buffer_size; |
2648 | -extern int num_linear_elements; |
2649 | -extern int num_random_elements; |
2650 | -extern int hash_length_g; |
2651 | -extern int hash_structure_length; |
2652 | -extern int num_hchains_per_item; |
2653 | -extern int num_hierarchies; |
2654 | +extern int token_transform; |
2655 | +extern int num_parallel_hchains; |
2656 | +extern int ring_buffer_size; |
2657 | +extern int num_linear_elements; |
2658 | +extern int num_random_elements; |
2659 | +extern int hash_length_g; |
2660 | +extern int hash_structure_length; |
2661 | +extern int num_hchains_per_item; |
2662 | +extern int num_hierarchies; |
2663 | extern double refill_threshold; |
2664 | extern double update_threshold; |
2665 | |
2666 | -extern int hash_lengths[NUM_HASH_FUNCTIONS][NUM_HASH_LENGTHS]; |
2667 | +extern int hash_lengths[NUM_HASH_FUNCTIONS][NUM_HASH_LENGTHS]; |
2668 | extern hash_function hash_functions[NUM_HASH_FUNCTIONS]; |
2669 | |
2670 | int esp_prot_init(void); |
2671 | |
2672 | === modified file 'firewall/esp_prot_config.c' |
2673 | --- firewall/esp_prot_config.c 2010-10-15 15:29:14 +0000 |
2674 | +++ firewall/esp_prot_config.c 2011-01-11 14:04:40 +0000 |
2675 | @@ -46,23 +46,23 @@ |
2676 | #include "config.h" |
2677 | |
2678 | |
2679 | -const char *config_file = HIPL_SYSCONFDIR "/esp_prot_config.cfg"; |
2680 | +const char *config_file = HIPL_SYSCONFDIR "/esp_prot_config.cfg"; |
2681 | |
2682 | const char *path_hash_length = "token_config.hash_length"; |
2683 | const char *path_hash_structure_length = "token_config.hash_structure_length"; |
2684 | const char *path_token_transform = "token_config.token_transform"; |
2685 | |
2686 | -const char *path_num_parallel_hchains = "token_config.token_modes.num_parallel_hchains"; |
2687 | -const char *path_ring_buffer_size = "token_config.token_modes.ring_buffer_size"; |
2688 | -const char *path_num_linear_elements = "token_config.token_modes.num_linear_elements"; |
2689 | -const char *path_num_random_elements = "token_config.token_modes.num_random_elements"; |
2690 | - |
2691 | -const char *path_num_hchains_per_item = "sender.hcstore.num_hchains_per_item"; |
2692 | -const char *path_num_hierarchies = "sender.hcstore.num_hierarchies"; |
2693 | -const char *path_refill_threshold = "sender.hcstore.refill_threshold"; |
2694 | -const char *path_update_threshold = "sender.update_threshold"; |
2695 | - |
2696 | -const char *path_window_size = "verifier.window_size"; |
2697 | +const char *path_num_parallel_hchains = "token_config.token_modes.num_parallel_hchains"; |
2698 | +const char *path_ring_buffer_size = "token_config.token_modes.ring_buffer_size"; |
2699 | +const char *path_num_linear_elements = "token_config.token_modes.num_linear_elements"; |
2700 | +const char *path_num_random_elements = "token_config.token_modes.num_random_elements"; |
2701 | + |
2702 | +const char *path_num_hchains_per_item = "sender.hcstore.num_hchains_per_item"; |
2703 | +const char *path_num_hierarchies = "sender.hcstore.num_hierarchies"; |
2704 | +const char *path_refill_threshold = "sender.hcstore.refill_threshold"; |
2705 | +const char *path_update_threshold = "sender.update_threshold"; |
2706 | + |
2707 | +const char *path_window_size = "verifier.window_size"; |
2708 | |
2709 | #ifdef HAVE_LIBCONFIG |
2710 | /** |
2711 | @@ -84,10 +84,10 @@ |
2712 | * libconfig 1.4, remove the ugly workaround below accordingly. See #134. */ |
2713 | #if defined LIBCONFIG_VER_MAJOR && defined LIBCONFIG_VER_MINOR && (((LIBCONFIG_VER_MAJOR == 1) && (LIBCONFIG_VER_MINOR >= 4)) || (LIBCONFIG_VER_MAJOR > 1)) |
2714 | /* libconfig version 1.4 and later */ |
2715 | - int value = 0; |
2716 | + int value = 0; |
2717 | #else |
2718 | /* libconfig version before 1.4 */ |
2719 | - long value = 0; |
2720 | + long value = 0; |
2721 | #endif |
2722 | |
2723 | int success = config_lookup_int(cfg, name, &value); |
2724 | @@ -97,6 +97,7 @@ |
2725 | } |
2726 | return success; |
2727 | } |
2728 | + |
2729 | #endif /* HAVE_LIBCONFIG */ |
2730 | |
2731 | /** |
2732 | @@ -112,7 +113,7 @@ |
2733 | * |
2734 | * FIXME this should be removed once we go tiny */ |
2735 | #ifdef HAVE_LIBCONFIG |
2736 | - int err = 0; |
2737 | + int err = 0; |
2738 | |
2739 | HIP_IFEL(!(cfg = malloc(sizeof(config_t))), -1, |
2740 | "Unable to allocate memory!\n"); |
2741 | @@ -164,7 +165,6 @@ |
2742 | int err = 0; |
2743 | |
2744 | if (cfg) { |
2745 | - |
2746 | #ifdef HAVE_LIBCONFIG |
2747 | // process parallel hchains-related settings |
2748 | if (!esp_prot_wrap_config_lookup_int(cfg, path_token_transform, |
2749 | @@ -198,9 +198,9 @@ |
2750 | num_parallel_hchains = 2; |
2751 | } |
2752 | |
2753 | - ring_buffer_size = 0; |
2754 | - num_linear_elements = 0; |
2755 | - num_random_elements = 0; |
2756 | + ring_buffer_size = 0; |
2757 | + num_linear_elements = 0; |
2758 | + num_random_elements = 0; |
2759 | |
2760 | break; |
2761 | case ESP_PROT_TFM_CUMULATIVE: |
2762 | @@ -263,7 +263,6 @@ |
2763 | err = -1; |
2764 | goto out_err; |
2765 | #endif /* HAVE_LIBCONFIG */ |
2766 | - |
2767 | } else { |
2768 | HIP_ERROR("no configuration file available\n"); |
2769 | |
2770 | @@ -306,7 +305,6 @@ |
2771 | int err = 0; |
2772 | |
2773 | if (cfg) { |
2774 | - |
2775 | #ifdef HAVE_LIBCONFIG |
2776 | // process hcstore-related settings |
2777 | if (!esp_prot_wrap_config_lookup_int(cfg, path_num_hchains_per_item, |
2778 | @@ -335,7 +333,6 @@ |
2779 | err = -1; |
2780 | goto out_err; |
2781 | #endif /* HAVE_LIBCONFIG */ |
2782 | - |
2783 | } else { |
2784 | HIP_ERROR("no configuration file available\n"); |
2785 | |
2786 | @@ -389,7 +386,6 @@ |
2787 | err = -1; |
2788 | goto out_err; |
2789 | #endif /* HAVE_LIBCONFIG */ |
2790 | - |
2791 | } else { |
2792 | HIP_ERROR("no configuration file available\n"); |
2793 | |
2794 | |
2795 | === modified file 'firewall/esp_prot_conntrack.c' |
2796 | --- firewall/esp_prot_conntrack.c 2011-01-09 22:18:11 +0000 |
2797 | +++ firewall/esp_prot_conntrack.c 2011-01-11 14:04:40 +0000 |
2798 | @@ -59,9 +59,9 @@ |
2799 | |
2800 | |
2801 | struct esp_prot_conntrack_tfm { |
2802 | - hash_function hash_function; /* pointer to the hash function */ |
2803 | - int hash_length; /* hash length for this transform */ |
2804 | - int is_used; /* needed as complete transform array is initialized */ |
2805 | + hash_function hash_function; /* pointer to the hash function */ |
2806 | + int hash_length; /* hash length for this transform */ |
2807 | + int is_used; /* needed as complete transform array is initialized */ |
2808 | }; |
2809 | |
2810 | /* cached anchor element updates */ |
2811 | @@ -108,7 +108,7 @@ |
2812 | static void esp_prot_conntrack_free_cached_item(void *cache_item) |
2813 | { |
2814 | struct esp_anchor_item *anchor_item = NULL; |
2815 | - long i; |
2816 | + long i; |
2817 | |
2818 | if (cache_item) { |
2819 | anchor_item = cache_item; |
2820 | @@ -137,7 +137,7 @@ |
2821 | { |
2822 | struct esp_tuple *esp_tuple = NULL; |
2823 | struct slist *list = NULL; |
2824 | - int err = 0; |
2825 | + int err = 0; |
2826 | |
2827 | HIP_DEBUG("\n"); |
2828 | |
2829 | @@ -194,8 +194,8 @@ |
2830 | struct esp_tuple *esp_tuple = NULL; |
2831 | struct esp_prot_conntrack_tfm *conntrack_tfm = NULL; |
2832 | unsigned char *cmp_value = NULL; |
2833 | - int hash_length = 0, err = 0; |
2834 | - long i; |
2835 | + int hash_length = 0, err = 0; |
2836 | + long i; |
2837 | |
2838 | HIP_DEBUG("\n"); |
2839 | |
2840 | @@ -208,10 +208,10 @@ |
2841 | // needed for allocating and copying the anchors |
2842 | conntrack_tfm = esp_prot_conntrack_resolve_transform( |
2843 | esp_anchors[0]->transform); |
2844 | - hash_length = conntrack_tfm->hash_length; |
2845 | + hash_length = conntrack_tfm->hash_length; |
2846 | |
2847 | HIP_IFEL(!(esp_tuple = esp_prot_conntrack_find_esp_tuple( |
2848 | - tuple, &esp_anchors[0]->anchors[0], hash_length)), -1, |
2849 | + tuple, &esp_anchors[0]->anchors[0], hash_length)), -1, |
2850 | "failed to look up matching esp_tuple\n"); |
2851 | |
2852 | HIP_IFEL(!(anchor_item = calloc(1, sizeof(struct esp_anchor_item))), -1, |
2853 | @@ -297,12 +297,12 @@ |
2854 | struct tuple *other_dir_tuple = NULL; |
2855 | struct esp_tuple *esp_tuple = NULL; |
2856 | struct esp_prot_conntrack_tfm *conntrack_tfm = NULL; |
2857 | - int hash_length = 0; |
2858 | + int hash_length = 0; |
2859 | // assume not found |
2860 | - int err = 0; |
2861 | - unsigned element_index = 0; |
2862 | - int found = 0; |
2863 | - long i; |
2864 | + int err = 0; |
2865 | + unsigned element_index = 0; |
2866 | + int found = 0; |
2867 | + long i; |
2868 | |
2869 | HIP_DEBUG("\n"); |
2870 | |
2871 | @@ -327,9 +327,8 @@ |
2872 | HIP_DEBUG("received ack: %u\n", ntohl(ack->peer_update_id)); |
2873 | |
2874 | for (element_index = 0; |
2875 | - element_index < hip_ll_get_size(&esp_tuple->anchor_cache); |
2876 | - element_index++) { |
2877 | - |
2878 | + element_index < hip_ll_get_size(&esp_tuple->anchor_cache); |
2879 | + element_index++) { |
2880 | HIP_IFEL(!(anchor_item = hip_ll_get(&esp_tuple->anchor_cache, |
2881 | element_index)), |
2882 | -1, "failed to look up anchor_item\n"); |
2883 | @@ -348,7 +347,7 @@ |
2884 | // needed for allocating and copying the anchors |
2885 | conntrack_tfm = esp_prot_conntrack_resolve_transform( |
2886 | esp_tuple->esp_prot_tfm); |
2887 | - hash_length = conntrack_tfm->hash_length; |
2888 | + hash_length = conntrack_tfm->hash_length; |
2889 | esp_tuple->hash_item_length = anchor_item->hash_item_length; |
2890 | |
2891 | for (i = 0; i < esp_tuple->num_hchains; i++) { |
2892 | @@ -416,11 +415,11 @@ |
2893 | { |
2894 | struct esp_prot_conntrack_tfm *conntrack_tfm = NULL; |
2895 | struct esp_tuple *esp_tuple = NULL; |
2896 | - int hash_length = 0; |
2897 | - int err = 0; |
2898 | - int i = 0; |
2899 | - uint32_t branch_length = 0; |
2900 | - uint32_t anchor_offset = 0; |
2901 | + int hash_length = 0; |
2902 | + int err = 0; |
2903 | + int i = 0; |
2904 | + uint32_t branch_length = 0; |
2905 | + uint32_t anchor_offset = 0; |
2906 | |
2907 | HIP_DEBUG("\n"); |
2908 | |
2909 | @@ -431,13 +430,13 @@ |
2910 | |
2911 | // needed for allocating and copying the anchors |
2912 | conntrack_tfm = esp_prot_conntrack_resolve_transform( |
2913 | - esp_anchors[0]->transform); |
2914 | + esp_anchors[0]->transform); |
2915 | hash_length = conntrack_tfm->hash_length; |
2916 | |
2917 | HIP_IFEL(!(esp_tuple = esp_prot_conntrack_find_esp_tuple( |
2918 | - tuple, &esp_anchors[0]->anchors[0], |
2919 | - hash_length)), |
2920 | - -1, "failed to look up matching esp_tuple\n"); |
2921 | + tuple, &esp_anchors[0]->anchors[0], |
2922 | + hash_length)), |
2923 | + -1, "failed to look up matching esp_tuple\n"); |
2924 | |
2925 | for (i = 0; i < esp_tuple->num_hchains; i++) { |
2926 | branch_length = ntohl(esp_branches[i]->branch_length); |
2927 | @@ -457,7 +456,6 @@ |
2928 | htree_node_generator, |
2929 | NULL)) { |
2930 | HIP_DEBUG("anchor verified\n"); |
2931 | - |
2932 | } else { |
2933 | HIP_DEBUG("failed to verify branch!\n"); |
2934 | |
2935 | @@ -477,7 +475,7 @@ |
2936 | int esp_prot_conntrack_init(void) |
2937 | { |
2938 | config_t *config = NULL; |
2939 | - int err = 0, i, j; |
2940 | + int err = 0, i, j; |
2941 | |
2942 | HIP_DEBUG("Initializing conntracking of esp protection extension...\n"); |
2943 | |
2944 | @@ -511,9 +509,9 @@ |
2945 | |
2946 | if (esp_prot_conntrack_tfms[token_transform].is_used) { |
2947 | esp_prot_conntrack_tfms[token_transform].hash_function = |
2948 | - hash_functions[i]; |
2949 | + hash_functions[i]; |
2950 | esp_prot_conntrack_tfms[token_transform].hash_length = |
2951 | - hash_lengths[i][j]; |
2952 | + hash_lengths[i][j]; |
2953 | } |
2954 | } |
2955 | } |
2956 | @@ -550,7 +548,7 @@ |
2957 | const struct tuple *tuple) |
2958 | { |
2959 | const struct esp_prot_preferred_tfms *prot_transforms = NULL; |
2960 | - int err = 0, i; |
2961 | + int err = 0, i; |
2962 | |
2963 | if (hip_esp_protection) { |
2964 | // initialize the ESP protection params in the connection |
2965 | @@ -610,9 +608,9 @@ |
2966 | const struct esp_prot_anchor *prot_anchor = NULL; |
2967 | struct esp_tuple *esp_tuple = NULL; |
2968 | struct esp_prot_conntrack_tfm *conntrack_tfm = NULL; |
2969 | - long i = 0; |
2970 | - int hash_length = 0; |
2971 | - int err = 0; |
2972 | + long i = 0; |
2973 | + int hash_length = 0; |
2974 | + int err = 0; |
2975 | |
2976 | if (hip_esp_protection) { |
2977 | HIP_ASSERT(common != NULL); |
2978 | @@ -646,7 +644,7 @@ |
2979 | HIP_DEBUG("using esp prot transform: %u\n", esp_tuple->esp_prot_tfm); |
2980 | |
2981 | if (esp_tuple->esp_prot_tfm > ESP_PROT_TFM_UNUSED) { |
2982 | - conntrack_tfm = esp_prot_conntrack_resolve_transform( |
2983 | + conntrack_tfm = esp_prot_conntrack_resolve_transform( |
2984 | esp_tuple->esp_prot_tfm); |
2985 | hash_length = conntrack_tfm->hash_length; |
2986 | esp_tuple->hash_item_length = ntohl(prot_anchor->hash_item_length); |
2987 | @@ -726,7 +724,7 @@ |
2988 | struct esp_tuple *esp_prot_conntrack_R2_esp_tuple(const struct slist *other_dir_esps) |
2989 | { |
2990 | struct esp_tuple *esp_tuple = NULL; |
2991 | - int err = 0; |
2992 | + int err = 0; |
2993 | |
2994 | if (hip_esp_protection) { |
2995 | /* normally there should NOT be any esp_tuple for the other direction yet, |
2996 | @@ -767,9 +765,9 @@ |
2997 | const struct esp_prot_anchor *prot_anchor = NULL; |
2998 | struct esp_tuple *esp_tuple = NULL; |
2999 | struct esp_prot_conntrack_tfm *conntrack_tfm = NULL; |
3000 | - long i = 0; |
3001 | - int hash_length = 0; |
3002 | - int err = 0; |
3003 | + long i = 0; |
3004 | + int hash_length = 0; |
3005 | + int err = 0; |
3006 | |
3007 | if (hip_esp_protection) { |
3008 | HIP_ASSERT(common != NULL); |
3009 | @@ -794,9 +792,9 @@ |
3010 | HIP_DEBUG("using esp prot transform: %u\n", esp_tuple->esp_prot_tfm); |
3011 | |
3012 | if (esp_tuple->esp_prot_tfm > ESP_PROT_TFM_UNUSED) { |
3013 | - conntrack_tfm = esp_prot_conntrack_resolve_transform( |
3014 | + conntrack_tfm = esp_prot_conntrack_resolve_transform( |
3015 | esp_tuple->esp_prot_tfm); |
3016 | - hash_length = conntrack_tfm->hash_length; |
3017 | + hash_length = conntrack_tfm->hash_length; |
3018 | |
3019 | esp_tuple->hash_item_length = ntohl(prot_anchor->hash_item_length); |
3020 | |
3021 | @@ -867,14 +865,14 @@ |
3022 | int esp_prot_conntrack_update(const struct hip_common *update, |
3023 | const struct tuple *tuple) |
3024 | { |
3025 | - const struct hip_tlv_common *param = NULL; |
3026 | - const struct hip_seq *seq = NULL; |
3027 | - const struct hip_ack *ack = NULL; |
3028 | - const struct hip_esp_info *esp_info = NULL; |
3029 | + const struct hip_tlv_common *param = NULL; |
3030 | + const struct hip_seq *seq = NULL; |
3031 | + const struct hip_ack *ack = NULL; |
3032 | + const struct hip_esp_info *esp_info = NULL; |
3033 | const struct esp_prot_anchor *esp_anchors[MAX_NUM_PARALLEL_HCHAINS]; |
3034 | - const struct esp_prot_root *esp_roots[MAX_NUM_PARALLEL_HCHAINS]; |
3035 | - int err = 0; |
3036 | - long i = 0; |
3037 | + const struct esp_prot_root *esp_roots[MAX_NUM_PARALLEL_HCHAINS]; |
3038 | + int err = 0; |
3039 | + long i = 0; |
3040 | |
3041 | if (hip_esp_protection) { |
3042 | HIP_ASSERT(update != NULL); |
3043 | @@ -887,7 +885,7 @@ |
3044 | esp_info = hip_get_param(update, HIP_PARAM_ESP_INFO); |
3045 | ack = hip_get_param(update, HIP_PARAM_ACK); |
3046 | // there might be several anchor elements |
3047 | - param = hip_get_param(update, HIP_PARAM_ESP_PROT_ANCHOR); |
3048 | + param = hip_get_param(update, HIP_PARAM_ESP_PROT_ANCHOR); |
3049 | |
3050 | // distinguish packet types and process accordingly |
3051 | if (seq && !ack && !esp_info && param) { |
3052 | @@ -897,7 +895,7 @@ |
3053 | for (i = 0; i < num_parallel_hchains; i++) { |
3054 | esp_anchors[i] = (const struct esp_prot_anchor *) param; |
3055 | |
3056 | - param = hip_get_next_param(update, param); |
3057 | + param = hip_get_next_param(update, param); |
3058 | } |
3059 | |
3060 | param = hip_get_param(update, HIP_PARAM_ESP_PROT_ROOT); |
3061 | @@ -906,7 +904,7 @@ |
3062 | for (i = 0; i < num_parallel_hchains; i++) { |
3063 | esp_roots[i] = (const struct esp_prot_root *) param; |
3064 | |
3065 | - param = hip_get_next_param(update, param); |
3066 | + param = hip_get_next_param(update, param); |
3067 | } |
3068 | } |
3069 | |
3070 | @@ -974,18 +972,18 @@ |
3071 | struct tuple *tuple, |
3072 | const struct hip_fw_context *ctx) |
3073 | { |
3074 | - const struct hip_seq *seq = NULL; |
3075 | - const struct hip_tlv_common *param = NULL; |
3076 | + const struct hip_seq *seq = NULL; |
3077 | + const struct hip_tlv_common *param = NULL; |
3078 | const struct esp_prot_anchor *esp_anchors[MAX_NUM_PARALLEL_HCHAINS]; |
3079 | const struct esp_prot_branch *esp_branches[MAX_NUM_PARALLEL_HCHAINS]; |
3080 | const struct esp_prot_secret *esp_secrets[MAX_NUM_PARALLEL_HCHAINS]; |
3081 | - const struct esp_prot_root *esp_roots[MAX_NUM_PARALLEL_HCHAINS]; |
3082 | - const struct hip_ack *ack = NULL; |
3083 | - const struct hip_esp_info *esp_info = NULL; |
3084 | - const struct in6_addr *ip6_src = &ctx->src; |
3085 | - const struct in6_addr *ip6_dst = &ctx->dst; |
3086 | - int err = 0; |
3087 | - long i; |
3088 | + const struct esp_prot_root *esp_roots[MAX_NUM_PARALLEL_HCHAINS]; |
3089 | + const struct hip_ack *ack = NULL; |
3090 | + const struct hip_esp_info *esp_info = NULL; |
3091 | + const struct in6_addr *ip6_src = &ctx->src; |
3092 | + const struct in6_addr *ip6_dst = &ctx->dst; |
3093 | + int err = 0; |
3094 | + long i; |
3095 | |
3096 | if (hip_esp_protection) { |
3097 | HIP_ASSERT(ip6_src != NULL); |
3098 | @@ -1006,21 +1004,21 @@ |
3099 | for (i = 0; i < num_parallel_hchains; i++) { |
3100 | esp_anchors[i] = (const struct esp_prot_anchor *) param; |
3101 | |
3102 | - param = hip_get_next_param(common, param); |
3103 | + param = hip_get_next_param(common, param); |
3104 | } |
3105 | |
3106 | param = hip_get_param(common, HIP_PARAM_ESP_PROT_BRANCH); |
3107 | for (i = 0; i < num_parallel_hchains; i++) { |
3108 | esp_branches[i] = (const struct esp_prot_branch *) param; |
3109 | |
3110 | - param = hip_get_next_param(common, param); |
3111 | + param = hip_get_next_param(common, param); |
3112 | } |
3113 | |
3114 | param = hip_get_param(common, HIP_PARAM_ESP_PROT_SECRET); |
3115 | for (i = 0; i < num_parallel_hchains; i++) { |
3116 | esp_secrets[i] = (const struct esp_prot_secret *) param; |
3117 | |
3118 | - param = hip_get_next_param(common, param); |
3119 | + param = hip_get_next_param(common, param); |
3120 | } |
3121 | |
3122 | param = hip_get_param(common, HIP_PARAM_ESP_PROT_ROOT); |
3123 | @@ -1028,7 +1026,7 @@ |
3124 | for (i = 0; i < num_parallel_hchains; i++) { |
3125 | esp_roots[i] = (const struct esp_prot_root *) param; |
3126 | |
3127 | - param = hip_get_next_param(common, param); |
3128 | + param = hip_get_next_param(common, param); |
3129 | } |
3130 | } else { |
3131 | memset(esp_roots, 0, MAX_NUM_PARALLEL_HCHAINS * sizeof(struct esp_prot_root *)); |
3132 | @@ -1052,7 +1050,7 @@ |
3133 | // verify tree |
3134 | HIP_IFEL(esp_prot_conntrack_verify_branch(tuple, esp_anchors, esp_branches, |
3135 | esp_secrets), -1, |
3136 | - "failed to verify branch\n"); |
3137 | + "failed to verify branch\n"); |
3138 | |
3139 | // cache update_anchor and root |
3140 | HIP_IFEL(esp_prot_conntrack_cache_anchor(tuple, seq, esp_anchors, esp_roots), -1, |
3141 | @@ -1090,17 +1088,17 @@ |
3142 | struct hip_esp *esp = NULL; |
3143 | struct esp_cumulative_item *cached_element = NULL; |
3144 | struct esp_cumulative_item *cumulative_ptr = NULL; |
3145 | - unsigned char packet_hash[MAX_HASH_LENGTH]; |
3146 | - int esp_len = 0, use_hash_trees = 0, active_hchain = 0, err = 0, i; |
3147 | - uint32_t num_verify = 0, current_seq = 0; |
3148 | + unsigned char packet_hash[MAX_HASH_LENGTH]; |
3149 | + int esp_len = 0, use_hash_trees = 0, active_hchain = 0, err = 0, i; |
3150 | + uint32_t num_verify = 0, current_seq = 0; |
3151 | |
3152 | if (hip_esp_protection) { |
3153 | if (esp_tuple->esp_prot_tfm > ESP_PROT_TFM_UNUSED) { |
3154 | conntrack_tfm = esp_prot_conntrack_resolve_transform( |
3155 | esp_tuple->esp_prot_tfm); |
3156 | |
3157 | - esp = ctx->transport_hdr.esp; |
3158 | - esp_len = ctx->ipq_packet->data_len - ctx->ip_hdr_len; |
3159 | + esp = ctx->transport_hdr.esp; |
3160 | + esp_len = ctx->ipq_packet->data_len - ctx->ip_hdr_len; |
3161 | if (ctx->udp_encap_hdr) { |
3162 | esp_len -= sizeof(struct udphdr); |
3163 | } |
3164 | @@ -1136,7 +1134,7 @@ |
3165 | /* calculate difference of SEQ no in order to determine how many hashes |
3166 | * we have to calculate */ |
3167 | if (ntohl(esp->esp_seq) - esp_tuple->seq_no > 0 && |
3168 | - ntohl(esp->esp_seq) - esp_tuple->seq_no <= (unsigned)window_size) { |
3169 | + ntohl(esp->esp_seq) - esp_tuple->seq_no <= (unsigned) window_size) { |
3170 | HIP_DEBUG("seq number within verification window\n"); |
3171 | |
3172 | num_verify = ntohl(esp->esp_seq) - esp_tuple->seq_no; |
3173 | @@ -1224,10 +1222,10 @@ |
3174 | conntrack_tfm->hash_length); |
3175 | } else { |
3176 | // don't copy the next anchor, but the already verified hash |
3177 | - memcpy( &esp_tuple->active_anchors[active_hchain][0], ((unsigned char *) esp) + sizeof(struct hip_esp), |
3178 | - conntrack_tfm->hash_length); |
3179 | - memcpy( &esp_tuple->first_active_anchors[active_hchain][0], &esp_tuple->next_anchors[active_hchain][0], |
3180 | - conntrack_tfm->hash_length); |
3181 | + memcpy(&esp_tuple->active_anchors[active_hchain][0], ((unsigned char *) esp) + sizeof(struct hip_esp), |
3182 | + conntrack_tfm->hash_length); |
3183 | + memcpy(&esp_tuple->first_active_anchors[active_hchain][0], &esp_tuple->next_anchors[active_hchain][0], |
3184 | + conntrack_tfm->hash_length); |
3185 | } |
3186 | |
3187 | // change roots |
3188 | |
3189 | === modified file 'firewall/esp_prot_fw_msg.c' |
3190 | --- firewall/esp_prot_fw_msg.c 2011-01-06 17:05:42 +0000 |
3191 | +++ firewall/esp_prot_fw_msg.c 2011-01-11 14:04:40 +0000 |
3192 | @@ -68,14 +68,14 @@ |
3193 | static struct hip_common *create_bex_store_update_msg(struct hchain_store *hcstore, |
3194 | const int use_hash_trees) |
3195 | { |
3196 | - struct hip_common *msg = NULL; |
3197 | - struct esp_prot_tfm *transform = NULL; |
3198 | - struct hash_chain *hchain = NULL; |
3199 | - struct hash_tree *htree = NULL; |
3200 | - unsigned char *anchor = NULL; |
3201 | - unsigned j = 0; |
3202 | - uint8_t i = 0; |
3203 | - int hash_length = 0, num_hchains = 0, err = 0, hash_item_length = 0; |
3204 | + struct hip_common *msg = NULL; |
3205 | + struct esp_prot_tfm *transform = NULL; |
3206 | + struct hash_chain *hchain = NULL; |
3207 | + struct hash_tree *htree = NULL; |
3208 | + unsigned char *anchor = NULL; |
3209 | + unsigned j = 0; |
3210 | + uint8_t i = 0; |
3211 | + int hash_length = 0, num_hchains = 0, err = 0, hash_item_length = 0; |
3212 | |
3213 | HIP_ASSERT(hcstore != NULL); |
3214 | |
3215 | @@ -185,10 +185,10 @@ |
3216 | */ |
3217 | int send_esp_prot_to_hipd(const int activate) |
3218 | { |
3219 | - struct hip_common *msg = NULL; |
3220 | - int num_transforms = 0; |
3221 | - int err = 0, i; |
3222 | - uint8_t transform = 0; |
3223 | + struct hip_common *msg = NULL; |
3224 | + int num_transforms = 0; |
3225 | + int err = 0, i; |
3226 | + uint8_t transform = 0; |
3227 | |
3228 | HIP_ASSERT(activate >= 0); |
3229 | |
3230 | @@ -285,7 +285,7 @@ |
3231 | const int use_hash_trees) |
3232 | { |
3233 | struct hip_common *msg = NULL; |
3234 | - int err = 0; |
3235 | + int err = 0; |
3236 | |
3237 | HIP_ASSERT(hcstore != NULL); |
3238 | |
3239 | @@ -328,19 +328,19 @@ |
3240 | const int *anchor_offset, |
3241 | struct hash_tree *link_trees[MAX_NUM_PARALLEL_HCHAINS]) |
3242 | { |
3243 | - int err = 0; |
3244 | - int i = 0; |
3245 | - struct hip_common *msg = NULL; |
3246 | - int hash_length = 0; |
3247 | - struct hash_chain *hchain = NULL; |
3248 | - struct hash_tree *htree = NULL; |
3249 | - struct hash_tree *link_tree = NULL; |
3250 | - int secret_length = 0; |
3251 | - int branch_length = 0; |
3252 | - int root_length = 0; |
3253 | - const unsigned char *secret = NULL; |
3254 | - unsigned char *branch_nodes = NULL; |
3255 | - const unsigned char *root = NULL; |
3256 | + int err = 0; |
3257 | + int i = 0; |
3258 | + struct hip_common *msg = NULL; |
3259 | + int hash_length = 0; |
3260 | + struct hash_chain *hchain = NULL; |
3261 | + struct hash_tree *htree = NULL; |
3262 | + struct hash_tree *link_tree = NULL; |
3263 | + int secret_length = 0; |
3264 | + int branch_length = 0; |
3265 | + int root_length = 0; |
3266 | + const unsigned char *secret = NULL; |
3267 | + unsigned char *branch_nodes = NULL; |
3268 | + const unsigned char *root = NULL; |
3269 | |
3270 | HIP_ASSERT(entry != NULL); |
3271 | |
3272 | @@ -358,17 +358,17 @@ |
3273 | HIP_DEBUG_HIT("src_hit", &entry->inner_src_addr); |
3274 | HIP_IFEL(hip_build_param_contents(msg, &entry->inner_src_addr, |
3275 | HIP_PARAM_HIT, sizeof(struct in6_addr)), |
3276 | - -1, "build param contents failed\n"); |
3277 | + -1, "build param contents failed\n"); |
3278 | |
3279 | HIP_DEBUG_HIT("dst_hit", &entry->inner_dst_addr); |
3280 | HIP_IFEL(hip_build_param_contents(msg, &entry->inner_dst_addr, |
3281 | HIP_PARAM_HIT, sizeof(struct in6_addr)), |
3282 | - -1, "build param contents failed\n"); |
3283 | + -1, "build param contents failed\n"); |
3284 | |
3285 | HIP_DEBUG("esp_prot_transform: %u\n", entry->esp_prot_transform); |
3286 | HIP_IFEL(hip_build_param_contents(msg, &entry->esp_prot_transform, |
3287 | HIP_PARAM_ESP_PROT_TFM, sizeof(uint8_t)), |
3288 | - -1, "build param contents failed\n"); |
3289 | + -1, "build param contents failed\n"); |
3290 | |
3291 | // also send the hchain/htree length for all update items |
3292 | HIP_IFEL(hip_build_param_contents(msg, &hash_item_length, HIP_PARAM_INT, |
3293 | @@ -386,7 +386,7 @@ |
3294 | HIP_IFEL(hip_build_param_contents(msg, anchors[i], |
3295 | HIP_PARAM_HCHAIN_ANCHOR, |
3296 | hash_length), -1, |
3297 | - "build param contents failed\n"); |
3298 | + "build param contents failed\n"); |
3299 | } |
3300 | |
3301 | // now transmit root for each next hash item for tree-based updates, if available |
3302 | @@ -411,7 +411,7 @@ |
3303 | HIP_IFEL(hip_build_param_contents(msg, &root_length, |
3304 | HIP_PARAM_INT, |
3305 | sizeof(int)), -1, |
3306 | - "build param contents failed\n"); |
3307 | + "build param contents failed\n"); |
3308 | } |
3309 | |
3310 | if (root) { |
3311 | @@ -425,7 +425,7 @@ |
3312 | HIP_DEBUG("soft_update: %i\n", soft_update); |
3313 | HIP_IFEL(hip_build_param_contents(msg, &soft_update, HIP_PARAM_INT, |
3314 | sizeof(int)), -1, |
3315 | - "build param contents failed\n"); |
3316 | + "build param contents failed\n"); |
3317 | |
3318 | if (soft_update) { |
3319 | for (i = 0; i < num_parallel_hchains; i++) { |
3320 | @@ -434,37 +434,37 @@ |
3321 | HIP_IFEL(!(branch_nodes = htree_get_branch(link_trees[i], |
3322 | anchor_offset[i], NULL, |
3323 | &branch_length)), -1, |
3324 | - "failed to get branch nodes\n"); |
3325 | + "failed to get branch nodes\n"); |
3326 | |
3327 | HIP_DEBUG("anchor_offset: %i\n", anchor_offset[i]); |
3328 | HIP_IFEL(hip_build_param_contents(msg, &anchor_offset[i], |
3329 | HIP_PARAM_INT, |
3330 | sizeof(int)), -1, |
3331 | - "build param contents failed\n"); |
3332 | + "build param contents failed\n"); |
3333 | |
3334 | HIP_DEBUG("secret_length: %i\n", secret_length); |
3335 | HIP_IFEL(hip_build_param_contents(msg, &secret_length, |
3336 | HIP_PARAM_INT, |
3337 | sizeof(int)), -1, |
3338 | - "build param contents failed\n"); |
3339 | + "build param contents failed\n"); |
3340 | |
3341 | HIP_DEBUG("branch_length: %i\n", branch_length); |
3342 | HIP_IFEL(hip_build_param_contents(msg, &branch_length, |
3343 | HIP_PARAM_INT, |
3344 | sizeof(int)), -1, |
3345 | - "build param contents failed\n"); |
3346 | + "build param contents failed\n"); |
3347 | |
3348 | HIP_HEXDUMP("secret: ", secret, secret_length); |
3349 | HIP_IFEL(hip_build_param_contents(msg, secret, |
3350 | HIP_PARAM_SECRET, |
3351 | secret_length), -1, |
3352 | - "build param contents failed\n"); |
3353 | + "build param contents failed\n"); |
3354 | |
3355 | HIP_HEXDUMP("branch_nodes: ", branch_nodes, branch_length); |
3356 | HIP_IFEL(hip_build_param_contents(msg, branch_nodes, |
3357 | HIP_PARAM_BRANCH_NODES, |
3358 | branch_length), -1, |
3359 | - "build param contents failed\n"); |
3360 | + "build param contents failed\n"); |
3361 | } |
3362 | } |
3363 | |
3364 | @@ -493,13 +493,13 @@ |
3365 | */ |
3366 | int send_anchor_change_to_hipd(const struct hip_sa_entry *entry) |
3367 | { |
3368 | - int err = 0; |
3369 | - int hash_length = 0; |
3370 | - long i = 0; |
3371 | - unsigned char *anchor = NULL; |
3372 | - struct hip_common *msg = NULL; |
3373 | - struct hash_chain *hchain = NULL; |
3374 | - struct hash_tree *htree = NULL; |
3375 | + int err = 0; |
3376 | + int hash_length = 0; |
3377 | + long i = 0; |
3378 | + unsigned char *anchor = NULL; |
3379 | + struct hip_common *msg = NULL; |
3380 | + struct hash_chain *hchain = NULL; |
3381 | + struct hash_tree *htree = NULL; |
3382 | |
3383 | HIP_ASSERT(entry != NULL); |
3384 | HIP_ASSERT(entry->direction == HIP_SPI_DIRECTION_OUT); |
3385 | @@ -518,22 +518,22 @@ |
3386 | HIP_DEBUG_HIT("src_hit", &entry->inner_src_addr); |
3387 | HIP_IFEL(hip_build_param_contents(msg, &entry->inner_src_addr, |
3388 | HIP_PARAM_HIT, sizeof(struct in6_addr)), |
3389 | - -1, "build param contents failed\n"); |
3390 | + -1, "build param contents failed\n"); |
3391 | |
3392 | HIP_DEBUG_HIT("dst_hit", &entry->inner_dst_addr); |
3393 | HIP_IFEL(hip_build_param_contents(msg, &entry->inner_dst_addr, |
3394 | HIP_PARAM_HIT, sizeof(struct in6_addr)), |
3395 | - -1, "build param contents failed\n"); |
3396 | + -1, "build param contents failed\n"); |
3397 | |
3398 | HIP_DEBUG("direction: %i\n", entry->direction); |
3399 | HIP_IFEL(hip_build_param_contents(msg, &entry->direction, |
3400 | HIP_PARAM_INT, sizeof(int)), -1, |
3401 | - "build param contents failed\n"); |
3402 | + "build param contents failed\n"); |
3403 | |
3404 | HIP_DEBUG("esp_prot_transform: %u\n", entry->esp_prot_transform); |
3405 | HIP_IFEL(hip_build_param_contents(msg, &entry->esp_prot_transform, |
3406 | HIP_PARAM_ESP_PROT_TFM, sizeof(uint8_t)), |
3407 | - -1, "build param contents failed\n"); |
3408 | + -1, "build param contents failed\n"); |
3409 | |
3410 | HIP_DEBUG("esp_prot_num_parallel_hchains: %i\n", num_parallel_hchains); |
3411 | HIP_IFEL(hip_build_param_contents(msg, &num_parallel_hchains, |
3412 | @@ -553,7 +553,7 @@ |
3413 | HIP_HEXDUMP("anchor: ", anchor, hash_length); |
3414 | HIP_IFEL(hip_build_param_contents(msg, anchor, |
3415 | HIP_PARAM_HCHAIN_ANCHOR, hash_length), |
3416 | - -1, "build param contents failed\n"); |
3417 | + -1, "build param contents failed\n"); |
3418 | } |
3419 | |
3420 | HIP_DUMP_MSG(msg); |
3421 | @@ -582,15 +582,15 @@ |
3422 | * @return 0 on success, -1 on error |
3423 | */ |
3424 | int esp_prot_handle_sa_add_request(const struct hip_common *msg, |
3425 | - uint8_t *esp_prot_transform, |
3426 | - uint16_t *num_anchors, |
3427 | - unsigned char (*esp_prot_anchors)[MAX_HASH_LENGTH], |
3428 | - uint32_t *hash_item_length) |
3429 | + uint8_t *esp_prot_transform, |
3430 | + uint16_t *num_anchors, |
3431 | + unsigned char (*esp_prot_anchors)[MAX_HASH_LENGTH], |
3432 | + uint32_t *hash_item_length) |
3433 | { |
3434 | - const struct hip_tlv_common *param = NULL; |
3435 | - int hash_length = 0, err = 0; |
3436 | - const unsigned char *anchor = NULL; |
3437 | - uint16_t i; |
3438 | + const struct hip_tlv_common *param = NULL; |
3439 | + int hash_length = 0, err = 0; |
3440 | + const unsigned char *anchor = NULL; |
3441 | + uint16_t i; |
3442 | *num_anchors = 0; |
3443 | *esp_prot_transform = 0; |
3444 | |
3445 | |
3446 | === modified file 'firewall/esp_prot_fw_msg.h' |
3447 | --- firewall/esp_prot_fw_msg.h 2011-01-04 14:23:17 +0000 |
3448 | +++ firewall/esp_prot_fw_msg.h 2011-01-11 14:04:40 +0000 |
3449 | @@ -53,9 +53,9 @@ |
3450 | struct hash_tree *link_trees[MAX_NUM_PARALLEL_HCHAINS]); |
3451 | int send_anchor_change_to_hipd(const struct hip_sa_entry *entry); |
3452 | int esp_prot_handle_sa_add_request(const struct hip_common *msg, |
3453 | - uint8_t *esp_prot_transform, |
3454 | - uint16_t *num_anchors, |
3455 | + uint8_t * esp_prot_transform, |
3456 | + uint16_t * num_anchors, |
3457 | unsigned char (*esp_prot_anchors)[MAX_HASH_LENGTH], |
3458 | - uint32_t *hash_item_length); |
3459 | + uint32_t * hash_item_length); |
3460 | |
3461 | #endif /* HIP_FIREWALL_ESP_PROT_FW_MSG_H */ |
3462 | |
3463 | === modified file 'firewall/file_buffer.c' |
3464 | --- firewall/file_buffer.c 2010-11-12 17:49:42 +0000 |
3465 | +++ firewall/file_buffer.c 2011-01-11 14:04:40 +0000 |
3466 | @@ -80,8 +80,8 @@ |
3467 | /* First, we try to determine the current file size for the new buffer size. |
3468 | * If that fails (it does, e.g., for proc files), we just increase the |
3469 | * current buffer size. */ |
3470 | - errno = 0; |
3471 | - file_size = lseek(fb->fd, 0, SEEK_END); |
3472 | + errno = 0; |
3473 | + file_size = lseek(fb->fd, 0, SEEK_END); |
3474 | if (file_size != -1 || EINVAL == errno) { |
3475 | if (file_size != -1) { |
3476 | fb->buffer_size = file_size + HIP_FB_HEADROOM; // add a little head room |
3477 | @@ -191,8 +191,8 @@ |
3478 | fb->fd = -1; |
3479 | } |
3480 | free(fb->ma.start); |
3481 | - fb->ma.start = NULL; |
3482 | - fb->ma.end = NULL; |
3483 | + fb->ma.start = NULL; |
3484 | + fb->ma.end = NULL; |
3485 | } |
3486 | } |
3487 | |
3488 | @@ -217,7 +217,7 @@ |
3489 | |
3490 | while (1) { |
3491 | ssize_t bytes; |
3492 | - off_t seek_offset; |
3493 | + off_t seek_offset; |
3494 | |
3495 | // can we re-read the whole file into the memory buffer? |
3496 | seek_offset = lseek(fb->fd, 0, SEEK_SET); |
3497 | @@ -232,7 +232,7 @@ |
3498 | HIP_ERROR("Reading the contents of the file descriptor %d via read() into a memory buffer of size %d failed with the error %s\n", |
3499 | fb->fd, fb->buffer_size, strerror(errno)); |
3500 | break; |
3501 | - } else if ((size_t)bytes == fb->buffer_size) { |
3502 | + } else if ((size_t) bytes == fb->buffer_size) { |
3503 | // we can't fit the file into the memory buffer -> resize it |
3504 | if (hip_fb_resize(fb) == 0) { |
3505 | // successful resize -> retry reading |
3506 | |
3507 | === modified file 'firewall/firewall.c' |
3508 | --- firewall/firewall.c 2011-01-10 10:14:22 +0000 |
3509 | +++ firewall/firewall.c 2011-01-11 14:04:40 +0000 |
3510 | @@ -142,14 +142,14 @@ |
3511 | |
3512 | /* externally used state */ |
3513 | // TODO try to decrease number of globally used variables |
3514 | -int filter_traffic = HIP_FW_FILTER_TRAFFIC_BY_DEFAULT; |
3515 | -int hip_kernel_ipsec_fallback = 0; |
3516 | -int hip_lsi_support = 0; |
3517 | -int system_based_opp_mode = 0; |
3518 | -int esp_relay = 0; |
3519 | -int hip_esp_protection = 0; |
3520 | +int filter_traffic = HIP_FW_FILTER_TRAFFIC_BY_DEFAULT; |
3521 | +int hip_kernel_ipsec_fallback = 0; |
3522 | +int hip_lsi_support = 0; |
3523 | +int system_based_opp_mode = 0; |
3524 | +int esp_relay = 0; |
3525 | +int hip_esp_protection = 0; |
3526 | #ifdef CONFIG_HIP_MIDAUTH |
3527 | -int use_midauth = 0; |
3528 | +int use_midauth = 0; |
3529 | #endif |
3530 | |
3531 | /** Use this to send and receive responses to hipd. Notice that |
3532 | @@ -162,12 +162,12 @@ |
3533 | * |
3534 | * @todo make accessible through send function, no-one should read on that |
3535 | */ |
3536 | -int hip_fw_sock = 0; |
3537 | +int hip_fw_sock = 0; |
3538 | /** |
3539 | * Use this socket *only* for receiving async messages from hipd |
3540 | * @todo make static, no-one should read on that |
3541 | */ |
3542 | -int hip_fw_async_sock = 0; |
3543 | +int hip_fw_async_sock = 0; |
3544 | |
3545 | /** |
3546 | * display usage of firewall to stdout |
3547 | @@ -213,8 +213,8 @@ |
3548 | */ |
3549 | static int hip_fw_init_userspace_ipsec(void) |
3550 | { |
3551 | - int err = 0; |
3552 | - int ver_c; |
3553 | + int err = 0; |
3554 | + int ver_c; |
3555 | struct utsname name; |
3556 | |
3557 | HIP_IFEL(uname(&name), -1, "Failed to retrieve kernel information: %s\n", |
3558 | @@ -301,7 +301,7 @@ |
3559 | |
3560 | // userspace ipsec is a prerequisite for esp protection |
3561 | if (hip_esp_protection && hip_userspace_ipsec) { |
3562 | - HIP_IFEL(esp_prot_init(), -1, "failed to init esp protection\n"); |
3563 | + HIP_IFEL(esp_prot_init(), -1, "failed to init esp protection\n"); |
3564 | } else { |
3565 | HIP_ERROR("userspace ipsec needs to be turned on for this to work\n"); |
3566 | |
3567 | @@ -435,7 +435,6 @@ |
3568 | return err; |
3569 | } |
3570 | |
3571 | - |
3572 | /* |
3573 | * Initialize rules for filtering traffic |
3574 | * |
3575 | @@ -551,7 +550,7 @@ |
3576 | /* Still accept HIP traffic as if the -A flag had been given |
3577 | * instead of -F */ |
3578 | accept_hip_esp_traffic_by_default = 1; |
3579 | - restore_accept_hip_esp_traffic = 1; |
3580 | + restore_accept_hip_esp_traffic = 1; |
3581 | |
3582 | firewall_init_filter_traffic(); |
3583 | } |
3584 | @@ -604,11 +603,11 @@ |
3585 | */ |
3586 | static int hip_query_default_local_hit_from_hipd(void) |
3587 | { |
3588 | - int err = 0; |
3589 | - struct hip_common *msg = NULL; |
3590 | + int err = 0; |
3591 | + struct hip_common *msg = NULL; |
3592 | const struct hip_tlv_common *param = NULL; |
3593 | - const hip_hit_t *hit = NULL; |
3594 | - const hip_lsi_t *lsi = NULL; |
3595 | + const hip_hit_t *hit = NULL; |
3596 | + const hip_lsi_t *lsi = NULL; |
3597 | |
3598 | HIP_IFE(!(msg = hip_msg_alloc()), -1); |
3599 | HIP_IFEL(hip_build_user_hdr(msg, HIP_MSG_DEFAULT_HIT, 0), -1, |
3600 | @@ -742,9 +741,9 @@ |
3601 | */ |
3602 | static void firewall_probe_kernel_modules(void) |
3603 | { |
3604 | - int count, err, status; |
3605 | - char cmd[40]; |
3606 | - int mod_total; |
3607 | + int count, err, status; |
3608 | + char cmd[40]; |
3609 | + int mod_total; |
3610 | const char *mod_name[] = |
3611 | { "ip_queue", "ip6_queue", "iptable_filter", "ip6table_filter" }; |
3612 | |
3613 | @@ -855,9 +854,9 @@ |
3614 | |
3615 | if (esp_relay && ctx->udp_encap_hdr && |
3616 | ((ret = hipfw_relay_esp(ctx)) <= 0)) { |
3617 | - /* 0: drop original and reinject new packet |
3618 | - -1: accept reinject packet and avoid filter_esp_state |
3619 | - 1: just let it pass => proceed to filter */ |
3620 | + /* 0: drop original and reinject new packet |
3621 | + * -1: accept reinject packet and avoid filter_esp_state |
3622 | + * 1: just let it pass => proceed to filter */ |
3623 | if (ret == 0) { |
3624 | HIP_DEBUG("Drop original and reinject relayed ESP packet\n"); |
3625 | verdict = 0; |
3626 | @@ -865,7 +864,7 @@ |
3627 | HIP_DEBUG("Accept reinjected packet\n"); |
3628 | verdict = 1; |
3629 | } else { |
3630 | - HIP_ASSERT(0); |
3631 | + HIP_ASSERT(0); |
3632 | } |
3633 | } else if (filter_esp_state(ctx) > 0) { |
3634 | verdict = 1; |
3635 | @@ -900,14 +899,14 @@ |
3636 | struct hip_fw_context *ctx) |
3637 | { |
3638 | // complete rule list for hook (== IN / OUT / FORWARD) |
3639 | - struct dlist *list = get_rule_list(hook); |
3640 | - struct rule *rule = NULL; |
3641 | + struct dlist *list = get_rule_list(hook); |
3642 | + struct rule *rule = NULL; |
3643 | // assume match for current rule |
3644 | - int match = 1, print_addr = 0; |
3645 | + int match = 1, print_addr = 0; |
3646 | // assume packet has not yet passed connection tracking |
3647 | - int conntracked = 0; |
3648 | + int conntracked = 0; |
3649 | // block traffic by default |
3650 | - int verdict = 0; |
3651 | + int verdict = 0; |
3652 | |
3653 | HIP_DEBUG("\n"); |
3654 | |
3655 | @@ -922,25 +921,25 @@ |
3656 | if (buf->type_hdr == HIP_I1) { |
3657 | HIP_INFO("received packet type: I1\n"); |
3658 | print_addr = 1; |
3659 | - } else if (buf->type_hdr == HIP_R1) { |
3660 | + } else if (buf->type_hdr == HIP_R1) { |
3661 | HIP_INFO("received packet type: R1\n"); |
3662 | print_addr = 1; |
3663 | - } else if (buf->type_hdr == HIP_I2) { |
3664 | + } else if (buf->type_hdr == HIP_I2) { |
3665 | HIP_INFO("received packet type: I2\n"); |
3666 | print_addr = 1; |
3667 | - } else if (buf->type_hdr == HIP_R2) { |
3668 | + } else if (buf->type_hdr == HIP_R2) { |
3669 | HIP_INFO("received packet type: R2\n"); |
3670 | print_addr = 1; |
3671 | - } else if (buf->type_hdr == HIP_UPDATE) { |
3672 | + } else if (buf->type_hdr == HIP_UPDATE) { |
3673 | HIP_INFO("received packet type: UPDATE\n"); |
3674 | print_addr = 1; |
3675 | - } else if (buf->type_hdr == HIP_CLOSE) { |
3676 | + } else if (buf->type_hdr == HIP_CLOSE) { |
3677 | HIP_INFO("received packet type: CLOSE\n"); |
3678 | print_addr = 1; |
3679 | - } else if (buf->type_hdr == HIP_CLOSE_ACK) { |
3680 | + } else if (buf->type_hdr == HIP_CLOSE_ACK) { |
3681 | HIP_INFO("received packet type: CLOSE_ACK\n"); |
3682 | print_addr = 1; |
3683 | - } else if (buf->type_hdr == HIP_NOTIFY) { |
3684 | + } else if (buf->type_hdr == HIP_NOTIFY) { |
3685 | HIP_DEBUG("received packet type: NOTIFY\n"); |
3686 | } else if (buf->type_hdr == HIP_LUPDATE) { |
3687 | HIP_DEBUG("received packet type: LIGHT UPDATE\n"); |
3688 | @@ -1039,7 +1038,6 @@ |
3689 | if (!filter_state(ip6_src, ip6_dst, buf, rule->state, rule->accept, |
3690 | ctx)) { |
3691 | match = 0; |
3692 | - |
3693 | } else { |
3694 | // if it is a valid packet, this also tracked the packet |
3695 | conntracked = 1; |
3696 | @@ -1140,7 +1138,8 @@ |
3697 | * |
3698 | * @return the verdict (1 for pass and 0 for drop) |
3699 | */ |
3700 | -static int hip_fw_handle_hip_output(struct hip_fw_context *ctx){ |
3701 | +static int hip_fw_handle_hip_output(struct hip_fw_context *ctx) |
3702 | +{ |
3703 | int verdict = accept_hip_esp_traffic_by_default; |
3704 | |
3705 | HIP_DEBUG("hip_fw_handle_hip_output \n"); |
3706 | @@ -1198,7 +1197,6 @@ |
3707 | accept_normal_traffic_by_default); |
3708 | |
3709 | if (ctx->ip_version == 6 && hip_userspace_ipsec) { |
3710 | - |
3711 | hip_hit_t *def_hit = hip_fw_get_default_hit(); |
3712 | HIP_DEBUG_HIT("destination hit: ", &ctx->dst); |
3713 | |
3714 | @@ -1229,7 +1227,7 @@ |
3715 | } |
3716 | } else if (system_based_opp_mode) { |
3717 | verdict = hip_fw_handle_outgoing_system_based_opp(ctx, |
3718 | - accept_normal_traffic_by_default); |
3719 | + accept_normal_traffic_by_default); |
3720 | } |
3721 | } |
3722 | |
3723 | @@ -1428,10 +1426,10 @@ |
3724 | NF_IP_FORWARD); |
3725 | |
3726 | // funtion pointers for the respective packet handlers |
3727 | - fw_handlers[NF_IP_LOCAL_IN][OTHER_PACKET] = hip_fw_handle_other_input; |
3728 | - fw_handlers[NF_IP_LOCAL_IN][HIP_PACKET] = hip_fw_handle_hip_input; |
3729 | - fw_handlers[NF_IP_LOCAL_IN][ESP_PACKET] = hip_fw_handle_esp_input; |
3730 | - fw_handlers[NF_IP_LOCAL_IN][TCP_PACKET] = hip_fw_handle_tcp_input; |
3731 | + fw_handlers[NF_IP_LOCAL_IN][OTHER_PACKET] = hip_fw_handle_other_input; |
3732 | + fw_handlers[NF_IP_LOCAL_IN][HIP_PACKET] = hip_fw_handle_hip_input; |
3733 | + fw_handlers[NF_IP_LOCAL_IN][ESP_PACKET] = hip_fw_handle_esp_input; |
3734 | + fw_handlers[NF_IP_LOCAL_IN][TCP_PACKET] = hip_fw_handle_tcp_input; |
3735 | |
3736 | fw_handlers[NF_IP_LOCAL_OUT][OTHER_PACKET] = hip_fw_handle_other_output; |
3737 | fw_handlers[NF_IP_LOCAL_OUT][HIP_PACKET] = hip_fw_handle_hip_output; |
3738 | @@ -1439,10 +1437,10 @@ |
3739 | fw_handlers[NF_IP_LOCAL_OUT][TCP_PACKET] = hip_fw_handle_tcp_output; |
3740 | |
3741 | //apply rules for forwarded hip and esp traffic |
3742 | - fw_handlers[NF_IP_FORWARD][HIP_PACKET] = hip_fw_handle_hip_forward; |
3743 | - fw_handlers[NF_IP_FORWARD][ESP_PACKET] = hip_fw_handle_esp_forward; |
3744 | + fw_handlers[NF_IP_FORWARD][HIP_PACKET] = hip_fw_handle_hip_forward; |
3745 | + fw_handlers[NF_IP_FORWARD][ESP_PACKET] = hip_fw_handle_esp_forward; |
3746 | //do not drop those files by default |
3747 | - fw_handlers[NF_IP_FORWARD][TCP_PACKET] = hip_fw_handle_tcp_forward; |
3748 | + fw_handlers[NF_IP_FORWARD][TCP_PACKET] = hip_fw_handle_tcp_forward; |
3749 | |
3750 | HIP_DEBUG("Enabling forwarding for IPv4 and IPv6\n"); |
3751 | system_print("echo 1 >/proc/sys/net/ipv4/conf/all/forwarding"); |
3752 | @@ -1498,9 +1496,9 @@ |
3753 | { |
3754 | int ip_hdr_len, err = 0; |
3755 | // length of packet starting at udp header |
3756 | - uint16_t udp_len = 0; |
3757 | - struct udphdr *udphdr = NULL; |
3758 | - int udp_encap_zero_bytes = 0; |
3759 | + uint16_t udp_len = 0; |
3760 | + struct udphdr *udphdr = NULL; |
3761 | + int udp_encap_zero_bytes = 0; |
3762 | |
3763 | // default assumption |
3764 | ctx->packet_type = OTHER_PACKET; |
3765 | @@ -1529,9 +1527,9 @@ |
3766 | /* ip_hl is given in multiple of 4 bytes |
3767 | * |
3768 | * NOTE: not sizeof(struct ip) as we might have options */ |
3769 | - ip_hdr_len = (iphdr->ip_hl * 4); |
3770 | + ip_hdr_len = (iphdr->ip_hl * 4); |
3771 | // needed for opportunistic TCP |
3772 | - ctx->ip_hdr_len = ip_hdr_len; |
3773 | + ctx->ip_hdr_len = ip_hdr_len; |
3774 | HIP_DEBUG("ip_hdr_len is: %d\n", ip_hdr_len); |
3775 | HIP_DEBUG("total length: %u\n", ntohs(iphdr->ip_len)); |
3776 | HIP_DEBUG("ttl: %u\n", iphdr->ip_ttl); |
3777 | @@ -1553,7 +1551,7 @@ |
3778 | |
3779 | ctx->packet_type = HIP_PACKET; |
3780 | ctx->transport_hdr.hip = (struct hip_common *) |
3781 | - (((char *) iphdr) + ip_hdr_len); |
3782 | + (((char *) iphdr) + ip_hdr_len); |
3783 | |
3784 | goto end_init; |
3785 | } else if (iphdr->ip_p == IPPROTO_ESP) { |
3786 | @@ -1562,7 +1560,7 @@ |
3787 | |
3788 | ctx->packet_type = ESP_PACKET; |
3789 | ctx->transport_hdr.esp = (struct hip_esp *) |
3790 | - (((char *) iphdr) + ip_hdr_len); |
3791 | + (((char *) iphdr) + ip_hdr_len); |
3792 | |
3793 | goto end_init; |
3794 | } else if (iphdr->ip_p == IPPROTO_TCP) { |
3795 | @@ -1570,7 +1568,7 @@ |
3796 | HIP_DEBUG("plain TCP packet\n"); |
3797 | |
3798 | ctx->packet_type = TCP_PACKET; |
3799 | - ctx->transport_hdr.tcp = (struct tcphdr*) |
3800 | + ctx->transport_hdr.tcp = (struct tcphdr *) |
3801 | (((char *) iphdr) + ip_hdr_len); |
3802 | |
3803 | HIP_DEBUG("src port: %u\n", ntohs(ctx->transport_hdr.tcp->source)); |
3804 | @@ -1585,9 +1583,9 @@ |
3805 | } |
3806 | |
3807 | // need UDP header to look for encapsulated ESP |
3808 | - udp_len = ntohs(iphdr->ip_len); |
3809 | - udphdr = ((struct udphdr *) |
3810 | - (((char *) iphdr) + ip_hdr_len)); |
3811 | + udp_len = ntohs(iphdr->ip_len); |
3812 | + udphdr = ((struct udphdr *) |
3813 | + (((char *) iphdr) + ip_hdr_len)); |
3814 | |
3815 | // add UDP header to context |
3816 | ctx->udp_encap_hdr = udphdr; |
3817 | @@ -1597,9 +1595,9 @@ |
3818 | ctx->ip_hdr.ipv6 = ip6_hdr; |
3819 | |
3820 | // Ipv6 has fixed header length |
3821 | - ip_hdr_len = sizeof(struct ip6_hdr); |
3822 | + ip_hdr_len = sizeof(struct ip6_hdr); |
3823 | // needed for opportunistic TCP |
3824 | - ctx->ip_hdr_len = ip_hdr_len; |
3825 | + ctx->ip_hdr_len = ip_hdr_len; |
3826 | HIP_DEBUG("ip_hdr_len is: %d\n", ip_hdr_len); |
3827 | HIP_DEBUG("payload length: %u\n", ntohs(ip6_hdr->ip6_plen)); |
3828 | HIP_DEBUG("ttl: %u\n", ip6_hdr->ip6_hlim); |
3829 | @@ -1622,7 +1620,7 @@ |
3830 | |
3831 | ctx->packet_type = HIP_PACKET; |
3832 | ctx->transport_hdr.hip = (struct hip_common *) |
3833 | - (((char *) ip6_hdr) + sizeof(struct ip6_hdr)); |
3834 | + (((char *) ip6_hdr) + sizeof(struct ip6_hdr)); |
3835 | |
3836 | goto end_init; |
3837 | } else if (ip6_hdr->ip6_nxt == IPPROTO_ESP) { |
3838 | @@ -1631,7 +1629,7 @@ |
3839 | |
3840 | ctx->packet_type = ESP_PACKET; |
3841 | ctx->transport_hdr.esp = (struct hip_esp *) |
3842 | - (((char *) ip6_hdr) + sizeof(struct ip6_hdr)); |
3843 | + (((char *) ip6_hdr) + sizeof(struct ip6_hdr)); |
3844 | |
3845 | goto end_init; |
3846 | } else if (ip6_hdr->ip6_nxt == IPPROTO_TCP) { |
3847 | @@ -1639,7 +1637,7 @@ |
3848 | HIP_DEBUG("plain TCP packet\n"); |
3849 | |
3850 | ctx->packet_type = TCP_PACKET; |
3851 | - ctx->transport_hdr.tcp = (struct tcphdr*) |
3852 | + ctx->transport_hdr.tcp = (struct tcphdr *) |
3853 | (((char *) ip6_hdr) + sizeof(struct ip6_hdr)); |
3854 | |
3855 | HIP_DEBUG("src port: %u\n", ntohs(ctx->transport_hdr.tcp->source)); |
3856 | @@ -1661,9 +1659,9 @@ |
3857 | * |
3858 | * NOTE: the length will include optional extension headers |
3859 | * -> handle this */ |
3860 | - udp_len = ntohs(ip6_hdr->ip6_plen); |
3861 | - udphdr = ((struct udphdr *) |
3862 | - (((char *) ip6_hdr) + ip_hdr_len)); |
3863 | + udp_len = ntohs(ip6_hdr->ip6_plen); |
3864 | + udphdr = ((struct udphdr *) |
3865 | + (((char *) ip6_hdr) + ip_hdr_len)); |
3866 | |
3867 | // add udp header to context |
3868 | ctx->udp_encap_hdr = udphdr; |
3869 | @@ -1682,7 +1680,6 @@ |
3870 | if (ctx->ip_version == 4) { |
3871 | // we might have only received a UDP packet with headers only |
3872 | if (udp_len >= sizeof(struct ip) + sizeof(struct udphdr) + HIP_UDP_ZERO_BYTES_LEN) { |
3873 | - |
3874 | uint32_t *zero_bytes = NULL; |
3875 | |
3876 | // we can distinguish UDP encapsulated control and data traffic with 32 zero bits |
3877 | @@ -1715,16 +1712,16 @@ |
3878 | /* check if zero byte hint is correct and we are processing a |
3879 | * HIP control message */ |
3880 | if (!hip_check_network_msg((struct hip_common *) (((char *) udphdr) |
3881 | - + sizeof(struct udphdr) |
3882 | - + HIP_UDP_ZERO_BYTES_LEN))) { |
3883 | + + sizeof(struct udphdr) |
3884 | + + HIP_UDP_ZERO_BYTES_LEN))) { |
3885 | // we found an UDP encapsulated HIP control packet |
3886 | HIP_DEBUG("UDP encapsulated HIP control packet\n"); |
3887 | |
3888 | // add to context |
3889 | ctx->packet_type = HIP_PACKET; |
3890 | ctx->transport_hdr.hip = (struct hip_common *) (((char *) udphdr) |
3891 | - + sizeof(struct udphdr) |
3892 | - + HIP_UDP_ZERO_BYTES_LEN); |
3893 | + + sizeof(struct udphdr) |
3894 | + + HIP_UDP_ZERO_BYTES_LEN); |
3895 | |
3896 | goto end_init; |
3897 | } |
3898 | @@ -1932,21 +1929,21 @@ |
3899 | */ |
3900 | int main(int argc, char **argv) |
3901 | { |
3902 | - int err = 0, highest_descriptor, i; |
3903 | - int n, len; |
3904 | - struct ipq_handle *h4 = NULL, *h6 = NULL; |
3905 | - int ch; |
3906 | - char *rule_file = NULL; |
3907 | - int errflg = 0, killold = 0; |
3908 | - struct hip_common *msg = NULL; |
3909 | - struct sockaddr_in6 sock_addr; |
3910 | - socklen_t alen; |
3911 | - fd_set read_fdset; |
3912 | - struct timeval timeout; |
3913 | - unsigned char buf[HIP_MAX_PACKET]; |
3914 | + int err = 0, highest_descriptor, i; |
3915 | + int n, len; |
3916 | + struct ipq_handle *h4 = NULL, *h6 = NULL; |
3917 | + int ch; |
3918 | + char *rule_file = NULL; |
3919 | + int errflg = 0, killold = 0; |
3920 | + struct hip_common *msg = NULL; |
3921 | + struct sockaddr_in6 sock_addr; |
3922 | + socklen_t alen; |
3923 | + fd_set read_fdset; |
3924 | + struct timeval timeout; |
3925 | + unsigned char buf[HIP_MAX_PACKET]; |
3926 | struct hip_fw_context ctx; |
3927 | - int limit_capabilities = 0; |
3928 | - int is_root = 0, access_ok = 0, msg_type = 0; //variables for accepting user messages only from hipd |
3929 | + int limit_capabilities = 0; |
3930 | + int is_root = 0, access_ok = 0, msg_type = 0; //variables for accepting user messages only from hipd |
3931 | |
3932 | /* Make sure that root path is set up correcly (e.g. on Fedora 9). |
3933 | * Otherwise may get warnings from system_print() commands. |
3934 | @@ -2007,7 +2004,7 @@ |
3935 | rule_file = optarg; |
3936 | break; |
3937 | case 'F': |
3938 | - filter_traffic = 0; |
3939 | + filter_traffic = 0; |
3940 | restore_filter_traffic = filter_traffic; |
3941 | break; |
3942 | case 'h': |
3943 | @@ -2018,11 +2015,11 @@ |
3944 | accept_normal_traffic_by_default = 0; |
3945 | break; |
3946 | case 'i': |
3947 | - hip_userspace_ipsec = 1; |
3948 | + hip_userspace_ipsec = 1; |
3949 | hip_kernel_ipsec_fallback = 0; |
3950 | break; |
3951 | case 'I': |
3952 | - hip_userspace_ipsec = 1; |
3953 | + hip_userspace_ipsec = 1; |
3954 | hip_kernel_ipsec_fallback = 1; |
3955 | break; |
3956 | case 'k': |
3957 | @@ -2034,7 +2031,7 @@ |
3958 | case 'm': |
3959 | #ifdef CONFIG_HIP_MIDAUTH |
3960 | filter_traffic = 1; |
3961 | - use_midauth = 1; |
3962 | + use_midauth = 1; |
3963 | break; |
3964 | #endif |
3965 | case 'o': |
3966 | @@ -2082,11 +2079,11 @@ |
3967 | HIP_IFEL((hip_fw_sock < 0), 1, "Could not create socket for firewall.\n"); |
3968 | memset(&sock_addr, 0, sizeof(sock_addr)); |
3969 | sock_addr.sin6_family = AF_INET6; |
3970 | - sock_addr.sin6_port = htons(HIP_FIREWALL_SYNC_PORT); |
3971 | - sock_addr.sin6_addr = in6addr_loopback; |
3972 | + sock_addr.sin6_port = htons(HIP_FIREWALL_SYNC_PORT); |
3973 | + sock_addr.sin6_addr = in6addr_loopback; |
3974 | |
3975 | - for (i=0; i<2; i++) { |
3976 | - err = bind(hip_fw_sock, (struct sockaddr *)& sock_addr, |
3977 | + for (i = 0; i < 2; i++) { |
3978 | + err = bind(hip_fw_sock, (struct sockaddr *) &sock_addr, |
3979 | sizeof(sock_addr)); |
3980 | if (err == 0) { |
3981 | break; |
3982 | @@ -2103,9 +2100,9 @@ |
3983 | HIP_IFEL((hip_fw_async_sock < 0), 1, "Could not create socket for firewall.\n"); |
3984 | memset(&sock_addr, 0, sizeof(sock_addr)); |
3985 | sock_addr.sin6_family = AF_INET6; |
3986 | - sock_addr.sin6_port = htons(HIP_FIREWALL_PORT); |
3987 | - sock_addr.sin6_addr = in6addr_loopback; |
3988 | - HIP_IFEL(bind(hip_fw_async_sock, (struct sockaddr *)& sock_addr, sizeof(sock_addr)), -1, |
3989 | + sock_addr.sin6_port = htons(HIP_FIREWALL_PORT); |
3990 | + sock_addr.sin6_addr = in6addr_loopback; |
3991 | + HIP_IFEL(bind(hip_fw_async_sock, (struct sockaddr *) &sock_addr, sizeof(sock_addr)), -1, |
3992 | "Bind on firewall socket addr failed. Give -k option to kill old hipfw\n"); |
3993 | HIP_IFEL(hip_daemon_connect(hip_fw_async_sock), -1, |
3994 | "connecting socket failed\n"); |
3995 | @@ -2175,7 +2172,7 @@ |
3996 | FD_SET(h4->fd, &read_fdset); |
3997 | FD_SET(h6->fd, &read_fdset); |
3998 | |
3999 | - timeout.tv_sec = HIP_SELECT_TIMEOUT; |
4000 | + timeout.tv_sec = HIP_SELECT_TIMEOUT; |
4001 | timeout.tv_usec = 0; |
4002 | |
4003 | // get handle with queued packet and process |
4004 | @@ -2238,8 +2235,8 @@ |
4005 | |
4006 | HIP_DEBUG("Receiving message type %d (%d bytes)\n", |
4007 | hip_get_msg_type(msg), len); |
4008 | - n = recvfrom(hip_fw_async_sock, msg, len, 0, |
4009 | - (struct sockaddr *) &sock_addr, &alen); |
4010 | + n = recvfrom(hip_fw_async_sock, msg, len, 0, |
4011 | + (struct sockaddr *) &sock_addr, &alen); |
4012 | |
4013 | if (n < 0) { |
4014 | HIP_ERROR("Error receiving message parameters from daemon.\n"); |
4015 | |
4016 | === modified file 'firewall/firewall_control.c' |
4017 | --- firewall/firewall_control.c 2010-11-30 14:50:30 +0000 |
4018 | +++ firewall/firewall_control.c 2011-01-11 14:04:40 +0000 |
4019 | @@ -60,20 +60,20 @@ |
4020 | */ |
4021 | static int hip_handle_bex_state_update(struct hip_common *msg) |
4022 | { |
4023 | - const struct in6_addr *src_hit = NULL, *dst_hit = NULL; |
4024 | - const struct hip_tlv_common *param = NULL; |
4025 | - int err = 0, msg_type = 0; |
4026 | + const struct in6_addr *src_hit = NULL, *dst_hit = NULL; |
4027 | + const struct hip_tlv_common *param = NULL; |
4028 | + int err = 0, msg_type = 0; |
4029 | |
4030 | msg_type = hip_get_msg_type(msg); |
4031 | |
4032 | /* src_hit */ |
4033 | - param = hip_get_param(msg, HIP_PARAM_HIT); |
4034 | - src_hit = hip_get_param_contents_direct(param); |
4035 | + param = hip_get_param(msg, HIP_PARAM_HIT); |
4036 | + src_hit = hip_get_param_contents_direct(param); |
4037 | HIP_DEBUG_HIT("Source HIT: ", src_hit); |
4038 | |
4039 | /* dst_hit */ |
4040 | - param = hip_get_next_param(msg, param); |
4041 | - dst_hit = hip_get_param_contents_direct(param); |
4042 | + param = hip_get_next_param(msg, param); |
4043 | + dst_hit = hip_get_param_contents_direct(param); |
4044 | HIP_DEBUG_HIT("Destination HIT: ", dst_hit); |
4045 | |
4046 | /* update bex_state in firewalldb */ |
4047 | @@ -100,7 +100,7 @@ |
4048 | */ |
4049 | int hip_handle_msg(struct hip_common *msg) |
4050 | { |
4051 | - int type, err = 0; |
4052 | + int type, err = 0; |
4053 | struct hip_common *msg_out = NULL; |
4054 | |
4055 | HIP_DEBUG("Handling message from hipd\n"); |
4056 | |
4057 | === modified file 'firewall/firewall_defines.h' |
4058 | --- firewall/firewall_defines.h 2011-01-04 14:32:37 +0000 |
4059 | +++ firewall/firewall_defines.h 2011-01-11 14:04:40 +0000 |
4060 | @@ -48,9 +48,9 @@ |
4061 | ipq_packet_msg_t *ipq_packet; |
4062 | |
4063 | // IP layer information |
4064 | - int ip_version; /* 4, 6 */ |
4065 | - int ip_hdr_len; |
4066 | - struct in6_addr src, dst; |
4067 | + int ip_version; /* 4, 6 */ |
4068 | + int ip_hdr_len; |
4069 | + struct in6_addr src, dst; |
4070 | union { |
4071 | struct ip6_hdr *ipv6; |
4072 | struct ip *ipv4; |
4073 | @@ -65,43 +65,43 @@ |
4074 | } transport_hdr; |
4075 | struct udphdr *udp_encap_hdr; |
4076 | |
4077 | - int modified; |
4078 | + int modified; |
4079 | }; |
4080 | |
4081 | /********** State table structures **************/ |
4082 | |
4083 | struct esp_address { |
4084 | - struct in6_addr dst_addr; |
4085 | - uint32_t *update_id; // null or pointer to the update id from the packet |
4086 | + struct in6_addr dst_addr; |
4087 | + uint32_t *update_id; // null or pointer to the update id from the packet |
4088 | // that announced this address. |
4089 | // when ack with the update id is seen all esp_addresses with |
4090 | // null update_id can be removed. |
4091 | }; |
4092 | |
4093 | struct esp_tuple { |
4094 | - uint32_t spi; |
4095 | - uint32_t new_spi; |
4096 | - uint32_t spi_update_id; |
4097 | - struct slist *dst_addr_list; |
4098 | - struct tuple *tuple; |
4099 | + uint32_t spi; |
4100 | + uint32_t new_spi; |
4101 | + uint32_t spi_update_id; |
4102 | + struct slist *dst_addr_list; |
4103 | + struct tuple *tuple; |
4104 | /* tracking of the ESP SEQ number */ |
4105 | - uint32_t seq_no; |
4106 | + uint32_t seq_no; |
4107 | /* members needed for ESP protection extension */ |
4108 | - uint8_t esp_prot_tfm; |
4109 | - uint32_t hash_item_length; |
4110 | - uint32_t hash_tree_depth; |
4111 | - long num_hchains; |
4112 | - unsigned char active_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4113 | + uint8_t esp_prot_tfm; |
4114 | + uint32_t hash_item_length; |
4115 | + uint32_t hash_tree_depth; |
4116 | + long num_hchains; |
4117 | + unsigned char active_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4118 | // need for verification of anchor updates |
4119 | - unsigned char first_active_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4120 | - unsigned char next_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4121 | - int active_root_length; |
4122 | - unsigned char *active_roots[MAX_NUM_PARALLEL_HCHAINS]; |
4123 | - int next_root_length[MAX_NUM_PARALLEL_HCHAINS]; |
4124 | - unsigned char *next_roots[MAX_NUM_PARALLEL_HCHAINS]; |
4125 | + unsigned char first_active_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4126 | + unsigned char next_anchors[MAX_NUM_PARALLEL_HCHAINS][MAX_HASH_LENGTH]; |
4127 | + int active_root_length; |
4128 | + unsigned char *active_roots[MAX_NUM_PARALLEL_HCHAINS]; |
4129 | + int next_root_length[MAX_NUM_PARALLEL_HCHAINS]; |
4130 | + unsigned char *next_roots[MAX_NUM_PARALLEL_HCHAINS]; |
4131 | /** List temporarily storing anchor elements until the consecutive update |
4132 | * msg reveals that all on-path devices know the new anchor. */ |
4133 | - struct hip_ll anchor_cache; |
4134 | + struct hip_ll anchor_cache; |
4135 | /** buffer storing hashes of previous packets for cumulative authentication */ |
4136 | struct esp_cumulative_item hash_buffer[MAX_RING_BUFFER_SIZE]; |
4137 | }; |
4138 | @@ -130,9 +130,9 @@ |
4139 | struct connection *connection; |
4140 | int state; |
4141 | uint32_t lupdate_seq; |
4142 | - int esp_relay; |
4143 | - struct in6_addr esp_relay_daddr; |
4144 | - in_port_t esp_relay_dport; |
4145 | + int esp_relay; |
4146 | + struct in6_addr esp_relay_daddr; |
4147 | + in_port_t esp_relay_dport; |
4148 | }; |
4149 | |
4150 | struct connection { |
4151 | @@ -142,10 +142,10 @@ |
4152 | int state; |
4153 | struct timeval time_stamp; |
4154 | /* members needed for ESP protection extension */ |
4155 | - int num_esp_prot_tfms; |
4156 | - uint8_t esp_prot_tfms[MAX_NUM_TRANSFORMS]; |
4157 | + int num_esp_prot_tfms; |
4158 | + uint8_t esp_prot_tfms[MAX_NUM_TRANSFORMS]; |
4159 | #ifdef CONFIG_HIP_MIDAUTH |
4160 | - int pisa_state; |
4161 | + int pisa_state; |
4162 | #endif |
4163 | }; |
4164 | |
4165 | |
4166 | === modified file 'firewall/helpers.c' |
4167 | --- firewall/helpers.c 2010-12-13 21:15:07 +0000 |
4168 | +++ firewall/helpers.c 2011-01-11 14:04:40 +0000 |
4169 | @@ -71,7 +71,7 @@ |
4170 | struct in6_addr *numeric_to_addr(const char *num) |
4171 | { |
4172 | static struct in6_addr ap; |
4173 | - int err; |
4174 | + int err; |
4175 | if ((err = inet_pton(AF_INET6, num, &ap)) == 1) { |
4176 | return ≈ |
4177 | } |
4178 | |
4179 | === modified file 'firewall/line_parser.c' |
4180 | --- firewall/line_parser.c 2010-11-30 14:40:39 +0000 |
4181 | +++ firewall/line_parser.c 2011-01-11 14:04:40 +0000 |
4182 | @@ -110,8 +110,8 @@ |
4183 | return NULL; |
4184 | } |
4185 | |
4186 | - remaining = lp->ma->end - lp->cur; |
4187 | - lp->cur = memchr(lp->cur, '\n', remaining); |
4188 | + remaining = lp->ma->end - lp->cur; |
4189 | + lp->cur = memchr(lp->cur, '\n', remaining); |
4190 | |
4191 | // given the rest of the parsing code, we should always find a \n, but |
4192 | // let's check to be sure |
4193 | |
4194 | === modified file 'firewall/lsi.c' |
4195 | --- firewall/lsi.c 2011-01-04 13:57:31 +0000 |
4196 | +++ firewall/lsi.c 2011-01-11 14:04:40 +0000 |
4197 | @@ -84,7 +84,7 @@ |
4198 | * @param src_ip an optional source IP address for the I1 |
4199 | * @param dst_ip a destination IP for the I1 |
4200 | * @return zero on success or negative on error |
4201 | - |
4202 | + * |
4203 | * @note Many of the parameters are optional, but at least a |
4204 | * destination LSI, HIT or IP (for opportunistic BEX) must to be |
4205 | * provided |
4206 | @@ -97,7 +97,7 @@ |
4207 | const struct in6_addr *dst_ip) |
4208 | { |
4209 | struct hip_common *msg = NULL; |
4210 | - int err = 0; |
4211 | + int err = 0; |
4212 | HIP_IFE(!(msg = hip_msg_alloc()), -1); |
4213 | HIP_IFEL(!dst_hit && !dst_ip && !dst_lsi, |
4214 | -1, "no destination hit, ip or lsi provided\n"); |
4215 | @@ -181,7 +181,7 @@ |
4216 | int hip_is_packet_lsi_reinjection(hip_lsi_t *lsi) |
4217 | { |
4218 | hip_lsi_t *local_lsi; |
4219 | - int err = 0; |
4220 | + int err = 0; |
4221 | HIP_IFEL(!(local_lsi = hip_fw_get_default_lsi()), -1, |
4222 | "Failed to get default LSI"); |
4223 | if (local_lsi->s_addr == lsi->s_addr) { |
4224 | @@ -212,13 +212,13 @@ |
4225 | const int ipOrigTraffic, |
4226 | const int incoming) |
4227 | { |
4228 | - int err = 0; |
4229 | - int ip_hdr_size = 0; |
4230 | - int packet_length = 0; |
4231 | - int protocol = 0; |
4232 | - int ttl = 0; |
4233 | - uint8_t *msg = NULL; |
4234 | - struct icmphdr *icmp = NULL; |
4235 | + int err = 0; |
4236 | + int ip_hdr_size = 0; |
4237 | + int packet_length = 0; |
4238 | + int protocol = 0; |
4239 | + int ttl = 0; |
4240 | + uint8_t *msg = NULL; |
4241 | + struct icmphdr *icmp = NULL; |
4242 | |
4243 | if (ipOrigTraffic == 4) { |
4244 | const struct ip *iphdr = (const struct ip *) m->payload; |
4245 | @@ -238,7 +238,7 @@ |
4246 | HIP_DEBUG_IN6ADDR("New packet dst address: ", dst_hit); |
4247 | } |
4248 | |
4249 | - if ((int)m->data_len <= (BUFSIZE - ip_hdr_size)) { |
4250 | + if ((int) m->data_len <= (BUFSIZE - ip_hdr_size)) { |
4251 | packet_length = m->data_len - ip_hdr_size; |
4252 | HIP_DEBUG("packet size smaller than buffer size\n"); |
4253 | } else { |
4254 | @@ -308,16 +308,16 @@ |
4255 | const struct in6_addr *ip_dst, |
4256 | const int lsi_support) |
4257 | { |
4258 | - int err = 0; |
4259 | - int verdict = 1; |
4260 | - int ip_hdr_size = 0; |
4261 | - int portDest = 0; |
4262 | - struct hip_hadb_user_info_state *entry = NULL; |
4263 | - enum hip_port_binding port_binding = HIP_PORT_INFO_UNKNOWN; |
4264 | - const struct ip6_hdr *ip6_hdr = NULL; |
4265 | - struct in6_addr src_addr, dst_addr; |
4266 | + int err = 0; |
4267 | + int verdict = 1; |
4268 | + int ip_hdr_size = 0; |
4269 | + int portDest = 0; |
4270 | + struct hip_hadb_user_info_state *entry = NULL; |
4271 | + enum hip_port_binding port_binding = HIP_PORT_INFO_UNKNOWN; |
4272 | + const struct ip6_hdr *ip6_hdr = NULL; |
4273 | + struct in6_addr src_addr, dst_addr; |
4274 | |
4275 | - ip6_hdr = (const struct ip6_hdr *) m->payload; |
4276 | + ip6_hdr = (const struct ip6_hdr *) m->payload; |
4277 | ip_hdr_size = sizeof(struct ip6_hdr); |
4278 | |
4279 | switch (ip6_hdr->ip6_nxt) { |
4280 | @@ -398,7 +398,7 @@ |
4281 | int hip_fw_handle_outgoing_lsi(ipq_packet_msg_t *m, struct in_addr *lsi_src, |
4282 | struct in_addr *lsi_dst) |
4283 | { |
4284 | - int err = 0; |
4285 | + int err = 0; |
4286 | struct hip_hadb_user_info_state *entry_peer = NULL; |
4287 | |
4288 | if (lsi_dst) { |
4289 | |
4290 | === modified file 'firewall/midauth.c' |
4291 | --- firewall/midauth.c 2011-01-07 16:09:23 +0000 |
4292 | +++ firewall/midauth.c 2011-01-11 14:04:40 +0000 |
4293 | @@ -71,7 +71,7 @@ |
4294 | static void update_ipv4_header(struct iphdr *ip, int len) |
4295 | { |
4296 | unsigned short *w = (unsigned short *) ip; |
4297 | - int hdrlen, checksum = 0; |
4298 | + int hdrlen, checksum = 0; |
4299 | |
4300 | ip->tot_len = htons(len); |
4301 | ip->check = 0; |
4302 | @@ -113,16 +113,16 @@ |
4303 | */ |
4304 | static void update_udp_header(struct iphdr *ip, int len) |
4305 | { |
4306 | - unsigned long sum; |
4307 | - uint16_t *w = (uint16_t *) ((unsigned char *) ip + (ip->ihl * 4)); |
4308 | - uint16_t protocol = ntohs(IPPROTO_UDP); |
4309 | - int i; |
4310 | + unsigned long sum; |
4311 | + uint16_t *w = (uint16_t *) ((unsigned char *) ip + (ip->ihl * 4)); |
4312 | + uint16_t protocol = ntohs(IPPROTO_UDP); |
4313 | + int i; |
4314 | struct udphdr *udp = (struct udphdr *) w; |
4315 | |
4316 | len -= ip->ihl * 4; |
4317 | |
4318 | udp->check = 0; |
4319 | - udp->len = htons(len); |
4320 | + udp->len = htons(len); |
4321 | |
4322 | /* UDP header and data */ |
4323 | sum = 0; |
4324 | @@ -133,11 +133,11 @@ |
4325 | if (len == 1) { |
4326 | unsigned short padding = 0; |
4327 | *(unsigned char *) (&padding) = *(unsigned char *) w; |
4328 | - sum += padding; |
4329 | + sum += padding; |
4330 | } |
4331 | |
4332 | /* add UDP pseudoheader */ |
4333 | - w = (uint16_t *) &ip->saddr; |
4334 | + w = (uint16_t *) &ip->saddr; |
4335 | for (i = 0; i < 4; w++, i++) { |
4336 | sum += *w; |
4337 | } |
4338 | @@ -171,9 +171,9 @@ |
4339 | memcpy(&dst.sin_addr, &ip->daddr, sizeof(uint32_t)); |
4340 | |
4341 | hip_zero_msg_checksum(msg); |
4342 | - msg->checksum = hip_checksum_packet((char *) msg, |
4343 | - (struct sockaddr *) &src, |
4344 | - (struct sockaddr *) &dst); |
4345 | + msg->checksum = hip_checksum_packet((char *) msg, |
4346 | + (struct sockaddr *) &src, |
4347 | + (struct sockaddr *) &dst); |
4348 | } |
4349 | |
4350 | /** |
4351 | @@ -184,8 +184,8 @@ |
4352 | static void update_hip_checksum_ipv6(struct ip6_hdr *ip) |
4353 | { |
4354 | struct sockaddr_in6 src, dst; |
4355 | - struct hip_common *msg = (struct hip_common *) ((char *) ip + |
4356 | - sizeof(struct ip6_hdr)); |
4357 | + struct hip_common *msg = (struct hip_common *) ((char *) ip + |
4358 | + sizeof(struct ip6_hdr)); |
4359 | |
4360 | memset(&src, 0, sizeof(src)); |
4361 | memset(&dst, 0, sizeof(dst)); |
4362 | @@ -197,9 +197,9 @@ |
4363 | memcpy(&dst.sin6_addr, &ip->ip6_dst, sizeof(struct in6_addr)); |
4364 | |
4365 | hip_zero_msg_checksum(msg); |
4366 | - msg->checksum = hip_checksum_packet((char *) msg, |
4367 | - (struct sockaddr *) &src, |
4368 | - (struct sockaddr *) &dst); |
4369 | + msg->checksum = hip_checksum_packet((char *) msg, |
4370 | + (struct sockaddr *) &src, |
4371 | + (struct sockaddr *) &dst); |
4372 | } |
4373 | |
4374 | /** |
4375 | @@ -210,9 +210,9 @@ |
4376 | */ |
4377 | static void midauth_update_all_headers(struct hip_fw_context *ctx) |
4378 | { |
4379 | - struct iphdr *ipv4 = NULL; |
4380 | + struct iphdr *ipv4 = NULL; |
4381 | struct ip6_hdr *ipv6 = NULL; |
4382 | - size_t len = 0; |
4383 | + size_t len = 0; |
4384 | |
4385 | len = hip_get_msg_total_len(ctx->transport_hdr.hip); |
4386 | |
4387 | @@ -253,9 +253,9 @@ |
4388 | int midauth_verify_challenge_response(struct hip_common *hip, |
4389 | struct hip_challenge_response *s) |
4390 | { |
4391 | - int err = 0; |
4392 | + int err = 0; |
4393 | struct hip_solution solution; |
4394 | - uint8_t digist[HIP_AH_SHA_LEN]; |
4395 | + uint8_t digist[HIP_AH_SHA_LEN]; |
4396 | |
4397 | HIP_IFEL(hip_build_digest(HIP_DIGEST_SHA1, s->opaque, 24, digist) < 0, |
4398 | -1, "Building of SHA1 Random seed I failed\n"); |
4399 | @@ -282,10 +282,10 @@ |
4400 | */ |
4401 | static int midauth_relocate_last_hip_parameter(struct hip_common *hip) |
4402 | { |
4403 | - int err = 0, len, total_len, offset; |
4404 | - char buffer[HIP_MAX_PACKET], *ptr = (char *) hip; |
4405 | + int err = 0, len, total_len, offset; |
4406 | + char buffer[HIP_MAX_PACKET], *ptr = (char *) hip; |
4407 | struct hip_tlv_common *i = NULL, *last = NULL; |
4408 | - hip_tlv type; |
4409 | + hip_tlv type; |
4410 | |
4411 | while ((i = hip_get_next_param_readwrite(hip, i))) { |
4412 | last = i; |
4413 | @@ -297,7 +297,7 @@ |
4414 | len = hip_get_param_total_len(last); |
4415 | type = hip_get_param_type(last); |
4416 | |
4417 | - HIP_IFEL(len > (int)sizeof(buffer), -1, |
4418 | + HIP_IFEL(len > (int) sizeof(buffer), -1, |
4419 | "Last parameter's length exceeds HIP_MAX_PACKET\n"); |
4420 | |
4421 | /* @todo check for signature parameter to avoid broken packets */ |
4422 | @@ -337,7 +337,7 @@ |
4423 | uint8_t opaque_len) |
4424 | { |
4425 | struct hip_common *hip = ctx->transport_hdr.hip; |
4426 | - int err = 0; |
4427 | + int err = 0; |
4428 | |
4429 | ctx->modified = 1; |
4430 | |
4431 | @@ -398,7 +398,7 @@ |
4432 | */ |
4433 | int midauth_filter_hip(struct hip_fw_context *ctx) |
4434 | { |
4435 | - int verdict = NF_ACCEPT; |
4436 | + int verdict = NF_ACCEPT; |
4437 | midauth_handler h = NULL; |
4438 | midauth_handler h_default = midauth_handler_accept; |
4439 | /* @todo change this default value to midauth_handler_drop to |
4440 | |
4441 | === modified file 'firewall/pisa.c' |
4442 | --- firewall/pisa.c 2011-01-09 22:18:11 +0000 |
4443 | +++ firewall/pisa.c 2011-01-11 14:04:40 +0000 |
4444 | @@ -71,7 +71,7 @@ |
4445 | * call */ |
4446 | #define PISA_RANDOM_TTL 2.0 |
4447 | |
4448 | -static char pisa_random_data[2][PISA_RANDOM_LEN]; |
4449 | +static char pisa_random_data[2][PISA_RANDOM_LEN]; |
4450 | static struct in6_addr community_operator_hit; |
4451 | |
4452 | /* @todo make this configurable, issuer HIT */ |
4453 | @@ -127,7 +127,7 @@ |
4454 | void pisa_check_for_random_update(void) |
4455 | { |
4456 | static time_t lastupdate = 0; |
4457 | - time_t now; |
4458 | + time_t now; |
4459 | |
4460 | time(&now); |
4461 | if (difftime(now, lastupdate) > PISA_RANDOM_TTL) { |
4462 | @@ -149,8 +149,8 @@ |
4463 | static int pisa_append_hmac(struct in6_addr *hit1, struct in6_addr *hit2, |
4464 | int rnd, void *data, int data_len) |
4465 | { |
4466 | - uint8_t key[32 + PISA_RANDOM_LEN]; |
4467 | - int err = 0; |
4468 | + uint8_t key[32 + PISA_RANDOM_LEN]; |
4469 | + int err = 0; |
4470 | unsigned int len = HIP_AH_SHA_LEN; |
4471 | |
4472 | /* sanity checks for arguments */ |
4473 | @@ -187,8 +187,8 @@ |
4474 | { |
4475 | uint8_t opaque[PISA_PUZZLE_OPAQUE_LEN]; |
4476 | |
4477 | - struct hip_common *hip = ctx->transport_hdr.hip; |
4478 | - int seed = PISA_PUZZLE_SEED; |
4479 | + struct hip_common *hip = ctx->transport_hdr.hip; |
4480 | + int seed = PISA_PUZZLE_SEED; |
4481 | |
4482 | memcpy(&opaque, &seed, 4); |
4483 | |
4484 | @@ -206,12 +206,12 @@ |
4485 | * @return pointer to the puzzle we accepted or NULL at failure |
4486 | */ |
4487 | static struct hip_challenge_response *pisa_check_challenge_response( |
4488 | - struct hip_fw_context *ctx) |
4489 | + struct hip_fw_context *ctx) |
4490 | { |
4491 | struct hip_challenge_response *response; |
4492 | - struct hip_common *hip = ctx->transport_hdr.hip; |
4493 | - uint8_t hash[2][PISA_PUZZLE_OPAQUE_LEN]; |
4494 | - int seed = PISA_PUZZLE_SEED; |
4495 | + struct hip_common *hip = ctx->transport_hdr.hip; |
4496 | + uint8_t hash[2][PISA_PUZZLE_OPAQUE_LEN]; |
4497 | + int seed = PISA_PUZZLE_SEED; |
4498 | |
4499 | memcpy(&hash[0][0], &seed, 4); |
4500 | memcpy(&hash[1][0], &seed, 4); |
4501 | @@ -235,7 +235,7 @@ |
4502 | |
4503 | response = (struct hip_challenge_response *) |
4504 | hip_get_next_param_readwrite(hip, |
4505 | - (struct hip_tlv_common *) response); |
4506 | + (struct hip_tlv_common *) response); |
4507 | } |
4508 | |
4509 | return NULL; |
4510 | @@ -249,19 +249,19 @@ |
4511 | */ |
4512 | static int pisa_check_certificate(struct hip_fw_context *ctx) |
4513 | { |
4514 | - struct hip_common *hip = ctx->transport_hdr.hip; |
4515 | - const struct hip_cert *cert; |
4516 | + struct hip_common *hip = ctx->transport_hdr.hip; |
4517 | + const struct hip_cert *cert; |
4518 | struct hip_cert_spki_info ci; |
4519 | - struct pisa_cert pc; |
4520 | - char *buf = NULL; |
4521 | - int err = 0, len; |
4522 | - time_t now = time(NULL); |
4523 | + struct pisa_cert pc; |
4524 | + char *buf = NULL; |
4525 | + int err = 0, len; |
4526 | + time_t now = time(NULL); |
4527 | |
4528 | cert = hip_get_param(hip, HIP_PARAM_CERT); |
4529 | HIP_IFEL(cert == NULL, -1, "No certificate found.\n"); |
4530 | |
4531 | - len = ntohs(cert->length); |
4532 | - buf = calloc(1, len); |
4533 | + len = ntohs(cert->length); |
4534 | + buf = calloc(1, len); |
4535 | memcpy(buf, cert + 1, len); |
4536 | |
4537 | HIP_IFEL(hip_cert_spki_char2certinfo(buf, &ci), -1, |
4538 | @@ -307,7 +307,7 @@ |
4539 | static void pisa_accept_connection(const struct hip_fw_context *ctx) |
4540 | { |
4541 | struct hip_common *hip = ctx->transport_hdr.hip; |
4542 | - struct tuple *t = get_tuple_by_hits(&hip->hits, &hip->hitr); |
4543 | + struct tuple *t = get_tuple_by_hits(&hip->hits, &hip->hitr); |
4544 | |
4545 | if (t) { |
4546 | t->connection->pisa_state = PISA_STATE_ALLOW; |
4547 | @@ -326,7 +326,7 @@ |
4548 | static void pisa_remove_connection(const struct hip_fw_context *ctx) |
4549 | { |
4550 | struct hip_common *hip = ctx->transport_hdr.hip; |
4551 | - struct tuple *t = get_tuple_by_hits(&hip->hits, &hip->hitr); |
4552 | + struct tuple *t = get_tuple_by_hits(&hip->hits, &hip->hitr); |
4553 | |
4554 | if (t) { |
4555 | t->connection->pisa_state = PISA_STATE_DISALLOW; |
4556 | @@ -422,7 +422,7 @@ |
4557 | */ |
4558 | static int pisa_handler_r2(struct hip_fw_context *ctx) |
4559 | { |
4560 | - int verdict = NF_DROP, sig = 0, cert = 0; |
4561 | + int verdict = NF_DROP, sig = 0, cert = 0; |
4562 | struct hip_challenge_response *solution = NULL; |
4563 | |
4564 | #ifdef CONFIG_HIP_PERFORMANCE |
4565 | @@ -477,9 +477,9 @@ |
4566 | */ |
4567 | static int pisa_handler_u2(struct hip_fw_context *ctx) |
4568 | { |
4569 | - int verdict = NF_DROP; |
4570 | - int sig = 0; |
4571 | - int cert = 0; |
4572 | + int verdict = NF_DROP; |
4573 | + int sig = 0; |
4574 | + int cert = 0; |
4575 | struct hip_challenge_response *solution = NULL; |
4576 | |
4577 | solution = pisa_check_challenge_response(ctx); |
4578 | @@ -507,8 +507,8 @@ |
4579 | */ |
4580 | static int pisa_handler_u3(struct hip_fw_context *ctx) |
4581 | { |
4582 | - int verdict = NF_DROP; |
4583 | - int sig = 0; |
4584 | + int verdict = NF_DROP; |
4585 | + int sig = 0; |
4586 | struct hip_challenge_response *solution = NULL; |
4587 | |
4588 | solution = pisa_check_challenge_response(ctx); |
4589 | @@ -538,6 +538,7 @@ |
4590 | pisa_remove_connection(ctx); |
4591 | return NF_ACCEPT; |
4592 | } |
4593 | + |
4594 | /** |
4595 | * Initialize basic PISA functionality |
4596 | * |
4597 | |
4598 | === modified file 'firewall/pisa_cert.c' |
4599 | --- firewall/pisa_cert.c 2010-10-15 15:29:14 +0000 |
4600 | +++ firewall/pisa_cert.c 2011-01-11 14:04:40 +0000 |
4601 | @@ -54,8 +54,8 @@ |
4602 | */ |
4603 | static char *pisa_cert_get_part(char *cert, const char *name, char *r) |
4604 | { |
4605 | - int level = 0, len = 0; |
4606 | - char *p = cert, *start = NULL; |
4607 | + int level = 0, len = 0; |
4608 | + char *p = cert, *start = NULL; |
4609 | |
4610 | if (!r) { |
4611 | return NULL; |
4612 | @@ -137,7 +137,7 @@ |
4613 | static void pisa_cert_get_content(char *cert, const char *name, char *r) |
4614 | { |
4615 | char *start = cert; |
4616 | - int len = 0; |
4617 | + int len = 0; |
4618 | |
4619 | if (!r) { |
4620 | return; |
4621 | @@ -180,8 +180,8 @@ |
4622 | */ |
4623 | void pisa_split_cert(char *cert, struct pisa_cert *pc) |
4624 | { |
4625 | - struct tm t; |
4626 | - char buffer1[224], buffer2[224]; |
4627 | + struct tm t; |
4628 | + char buffer1[224], buffer2[224]; |
4629 | struct in6_addr addr; |
4630 | |
4631 | pisa_cert_get_part(cert, "not-before", buffer1); |
4632 | |
4633 | === modified file 'firewall/port_bindings.c' |
4634 | --- firewall/port_bindings.c 2010-11-29 08:58:13 +0000 |
4635 | +++ firewall/port_bindings.c 2011-01-11 14:04:40 +0000 |
4636 | @@ -75,10 +75,10 @@ |
4637 | */ |
4638 | static uint8_t *cache = NULL; |
4639 | |
4640 | -static const unsigned int CACHE_SIZE_PROTOS = 2; |
4641 | -static const unsigned int CACHE_SIZE_PORTS = 1 << (sizeof(in_port_t) * 8); |
4642 | -static unsigned int cache_size_entries = 0; |
4643 | -static unsigned int cache_size_bytes = 0; |
4644 | +static const unsigned int CACHE_SIZE_PROTOS = 2; |
4645 | +static const unsigned int CACHE_SIZE_PORTS = 1 << (sizeof(in_port_t) * 8); |
4646 | +static unsigned int cache_size_entries = 0; |
4647 | +static unsigned int cache_size_bytes = 0; |
4648 | |
4649 | /** |
4650 | * Allocate and initializes the cache resources. |
4651 | @@ -93,17 +93,17 @@ |
4652 | { |
4653 | HIP_ASSERT(!cache); |
4654 | |
4655 | - cache_size_entries = CACHE_SIZE_PROTOS * CACHE_SIZE_PORTS; |
4656 | - cache_size_bytes = cache_size_entries * sizeof(*cache); |
4657 | + cache_size_entries = CACHE_SIZE_PROTOS * CACHE_SIZE_PORTS; |
4658 | + cache_size_bytes = cache_size_entries * sizeof(*cache); |
4659 | |
4660 | // check that the conversion used in the cache from enum hip_port_binding |
4661 | // to uint8_t is consistent |
4662 | - HIP_ASSERT(HIP_PORT_INFO_IPV6UNBOUND == (enum hip_port_binding)(uint8_t)HIP_PORT_INFO_IPV6UNBOUND); |
4663 | - HIP_ASSERT(HIP_PORT_INFO_IPV6BOUND == (enum hip_port_binding)(uint8_t)HIP_PORT_INFO_IPV6BOUND); |
4664 | + HIP_ASSERT(HIP_PORT_INFO_IPV6UNBOUND == (enum hip_port_binding) (uint8_t) HIP_PORT_INFO_IPV6UNBOUND); |
4665 | + HIP_ASSERT(HIP_PORT_INFO_IPV6BOUND == (enum hip_port_binding) (uint8_t) HIP_PORT_INFO_IPV6BOUND); |
4666 | |
4667 | /* We zero the cache on allocation assuming that HIP_PORT_INFO_UNKNOWN |
4668 | - is 0 and thus the whole cache initially has that value. */ |
4669 | - HIP_ASSERT((uint8_t)HIP_PORT_INFO_UNKNOWN == 0); |
4670 | + * is 0 and thus the whole cache initially has that value. */ |
4671 | + HIP_ASSERT((uint8_t) HIP_PORT_INFO_UNKNOWN == 0); |
4672 | cache = calloc(1, cache_size_bytes); |
4673 | if (cache) { |
4674 | return 0; |
4675 | @@ -146,8 +146,8 @@ |
4676 | static inline unsigned int get_cache_index(const uint8_t protocol, |
4677 | const uint16_t port) |
4678 | { |
4679 | - unsigned int index = 0; |
4680 | - unsigned int protocol_offset = 0; |
4681 | + unsigned int index = 0; |
4682 | + unsigned int protocol_offset = 0; |
4683 | |
4684 | // determine the offset into the first (protocol) dimension |
4685 | if (IPPROTO_TCP == protocol) { |
4686 | @@ -190,7 +190,7 @@ |
4687 | const unsigned int index = get_cache_index(protocol, port); |
4688 | |
4689 | // convert the port binding to the cache storage type |
4690 | - const uint8_t value = (uint8_t)binding; |
4691 | + const uint8_t value = (uint8_t) binding; |
4692 | |
4693 | cache[index] = value; |
4694 | } |
4695 | @@ -225,7 +225,7 @@ |
4696 | if (cache) { |
4697 | const unsigned int index = get_cache_index(protocol, port); |
4698 | |
4699 | - binding = (enum hip_port_binding)cache[index]; |
4700 | + binding = (enum hip_port_binding) cache[index]; |
4701 | } |
4702 | |
4703 | return binding; |
4704 | @@ -244,11 +244,6 @@ |
4705 | } |
4706 | } |
4707 | |
4708 | - |
4709 | - |
4710 | - |
4711 | - |
4712 | - |
4713 | static struct hip_file_buffer tcp6_file; |
4714 | static struct hip_file_buffer udp6_file; |
4715 | |
4716 | @@ -321,11 +316,11 @@ |
4717 | static enum hip_port_binding hip_port_bindings_get_from_proc(const uint8_t protocol, |
4718 | const uint16_t port) |
4719 | { |
4720 | - const unsigned int PORT_STR_OFFSET = 39; |
4721 | - const unsigned int PORT_STR_LEN = 4; |
4722 | - enum hip_port_binding result = HIP_PORT_INFO_IPV6UNBOUND; |
4723 | - const struct hip_mem_area *ma = NULL; |
4724 | - char *line; |
4725 | + const unsigned int PORT_STR_OFFSET = 39; |
4726 | + const unsigned int PORT_STR_LEN = 4; |
4727 | + enum hip_port_binding result = HIP_PORT_INFO_IPV6UNBOUND; |
4728 | + const struct hip_mem_area *ma = NULL; |
4729 | + char *line; |
4730 | // the files /proc/net/{udp,tcp}6 are line-based and the line number of the |
4731 | // port to look up is not known in advance |
4732 | // -> use a parser that lets us iterate over the lines in the files |
4733 | @@ -353,11 +348,11 @@ |
4734 | |
4735 | // is the current line valid and is it long enough to hold a port binding? |
4736 | while (line && ma->end > (line + PORT_STR_OFFSET + PORT_STR_LEN)) { |
4737 | - const unsigned int PORT_BASE_HEX = 16; |
4738 | - unsigned long proc_port = 0; |
4739 | + const unsigned int PORT_BASE_HEX = 16; |
4740 | + unsigned long proc_port = 0; |
4741 | // note that strtoul() is about 10 times faster than sscanf(). |
4742 | - errno = 0; |
4743 | - proc_port = strtoul(line + PORT_STR_OFFSET, NULL, PORT_BASE_HEX); |
4744 | + errno = 0; |
4745 | + proc_port = strtoul(line + PORT_STR_OFFSET, NULL, PORT_BASE_HEX); |
4746 | if (0 == errno) { |
4747 | if (proc_port == port) { |
4748 | result = HIP_PORT_INFO_IPV6BOUND; |
4749 | |
4750 | === modified file 'firewall/reinject.c' |
4751 | --- firewall/reinject.c 2011-01-09 14:59:33 +0000 |
4752 | +++ firewall/reinject.c 2011-01-11 14:04:40 +0000 |
4753 | @@ -77,8 +77,8 @@ |
4754 | err = setsockopt(*firewall_raw_sock_v6, IPPROTO_IPV6, |
4755 | IPV6_RECVERR, &off, sizeof(on)); |
4756 | HIP_IFEL(err, -1, "setsockopt recverr failed\n"); |
4757 | - err = setsockopt(*firewall_raw_sock_v6, IPPROTO_IPV6, |
4758 | - IPV6_2292PKTINFO, &on, sizeof(on)); |
4759 | + err = setsockopt(*firewall_raw_sock_v6, IPPROTO_IPV6, |
4760 | + IPV6_2292PKTINFO, &on, sizeof(on)); |
4761 | HIP_IFEL(err, -1, "setsockopt pktinfo failiped\n"); |
4762 | err = setsockopt(*firewall_raw_sock_v6, SOL_SOCKET, |
4763 | SO_REUSEADDR, &on, sizeof(on)); |
4764 | @@ -365,16 +365,16 @@ |
4765 | int proto, |
4766 | int ttl) |
4767 | { |
4768 | - int err = 0, sent, sa_size; |
4769 | - int firewall_raw_sock = 0, is_ipv6 = 0, on = 1; |
4770 | - struct ip *iphdr = NULL; |
4771 | - struct udphdr *udp = NULL; |
4772 | - struct tcphdr *tcp = NULL; |
4773 | - struct icmphdr *icmp = NULL; |
4774 | + int err = 0, sent, sa_size; |
4775 | + int firewall_raw_sock = 0, is_ipv6 = 0, on = 1; |
4776 | + struct ip *iphdr = NULL; |
4777 | + struct udphdr *udp = NULL; |
4778 | + struct tcphdr *tcp = NULL; |
4779 | + struct icmphdr *icmp = NULL; |
4780 | struct sockaddr_storage src, dst; |
4781 | - struct sockaddr_in6 *sock_src6 = NULL, *sock_dst6 = NULL; |
4782 | - struct sockaddr_in *sock_src4 = NULL, *sock_dst4 = NULL; |
4783 | - struct in6_addr any = IN6ADDR_ANY_INIT; |
4784 | + struct sockaddr_in6 *sock_src6 = NULL, *sock_dst6 = NULL; |
4785 | + struct sockaddr_in *sock_src4 = NULL, *sock_dst4 = NULL; |
4786 | + struct in6_addr any = IN6ADDR_ANY_INIT; |
4787 | |
4788 | HIP_ASSERT(src_hit != NULL && dst_hit != NULL); |
4789 | |
4790 | @@ -391,7 +391,7 @@ |
4791 | sock_dst4->sin_family = AF_INET; |
4792 | IPV6_TO_IPV4_MAP(src_hit, &(sock_src4->sin_addr)); |
4793 | IPV6_TO_IPV4_MAP(dst_hit, &(sock_dst4->sin_addr)); |
4794 | - sa_size = sizeof(struct sockaddr_in); |
4795 | + sa_size = sizeof(struct sockaddr_in); |
4796 | HIP_DEBUG_LSI("src4 addr ", &(sock_src4->sin_addr)); |
4797 | HIP_DEBUG_LSI("dst4 addr ", &(sock_dst4->sin_addr)); |
4798 | } else { |
4799 | @@ -399,8 +399,8 @@ |
4800 | ipv6_addr_copy(&sock_src6->sin6_addr, src_hit); |
4801 | sock_dst6->sin6_family = AF_INET6; |
4802 | ipv6_addr_copy(&sock_dst6->sin6_addr, dst_hit); |
4803 | - sa_size = sizeof(struct sockaddr_in6); |
4804 | - is_ipv6 = 1; |
4805 | + sa_size = sizeof(struct sockaddr_in6); |
4806 | + is_ipv6 = 1; |
4807 | } |
4808 | |
4809 | switch (proto) { |
4810 | @@ -409,21 +409,21 @@ |
4811 | HIP_DEBUG(" IPPROTO_UDP v6\n"); |
4812 | firewall_raw_sock = firewall_raw_sock_udp_v6; |
4813 | ((struct udphdr *) msg)->check = ipv6_checksum(IPPROTO_UDP, |
4814 | - &sock_src6->sin6_addr, |
4815 | - &sock_dst6->sin6_addr, msg, len); |
4816 | + &sock_src6->sin6_addr, |
4817 | + &sock_dst6->sin6_addr, msg, len); |
4818 | } else { |
4819 | HIP_DEBUG(" IPPROTO_UDP v4\n"); |
4820 | firewall_raw_sock = firewall_raw_sock_udp_v4; |
4821 | |
4822 | - udp = (struct udphdr *) msg; |
4823 | - |
4824 | - sa_size = sizeof(struct sockaddr_in); |
4825 | - |
4826 | - udp->check = htons(0); |
4827 | - udp->check = ipv4_checksum(IPPROTO_UDP, |
4828 | - (uint8_t *) &(sock_src4->sin_addr), |
4829 | - (uint8_t *) &(sock_dst4->sin_addr), |
4830 | - (uint8_t *) udp, len); |
4831 | + udp = (struct udphdr *) msg; |
4832 | + |
4833 | + sa_size = sizeof(struct sockaddr_in); |
4834 | + |
4835 | + udp->check = htons(0); |
4836 | + udp->check = ipv4_checksum(IPPROTO_UDP, |
4837 | + (uint8_t *) &(sock_src4->sin_addr), |
4838 | + (uint8_t *) &(sock_dst4->sin_addr), |
4839 | + (uint8_t *) udp, len); |
4840 | memmove(msg + sizeof(struct ip), udp, len); |
4841 | } |
4842 | break; |
4843 | @@ -440,10 +440,10 @@ |
4844 | HIP_DEBUG(" IPPROTO_TCP v4\n"); |
4845 | firewall_raw_sock = firewall_raw_sock_tcp_v4; |
4846 | |
4847 | - tcp->check = ipv4_checksum(IPPROTO_TCP, |
4848 | - (uint8_t *) &(sock_src4->sin_addr), |
4849 | - (uint8_t *) &(sock_dst4->sin_addr), |
4850 | - (uint8_t *) tcp, len); |
4851 | + tcp->check = ipv4_checksum(IPPROTO_TCP, |
4852 | + (uint8_t *) &(sock_src4->sin_addr), |
4853 | + (uint8_t *) &(sock_dst4->sin_addr), |
4854 | + (uint8_t *) tcp, len); |
4855 | |
4856 | memmove(msg + sizeof(struct ip), tcp, len); |
4857 | } |
4858 | @@ -486,7 +486,7 @@ |
4859 | sent = sendto(firewall_raw_sock, iphdr, |
4860 | iphdr->ip_len, 0, |
4861 | (struct sockaddr *) &dst, sa_size); |
4862 | - if (sent != (int)(len + sizeof(struct ip))) { |
4863 | + if (sent != (int) (len + sizeof(struct ip))) { |
4864 | HIP_ERROR("Could not send the all requested" \ |
4865 | " data (%d/%d)\n", sent, |
4866 | iphdr->ip_len); |
4867 | @@ -535,9 +535,9 @@ |
4868 | int firewall_raw_sock = 0, is_ipv6 = 0; |
4869 | |
4870 | struct sockaddr_storage src, dst; |
4871 | - struct sockaddr_in6 *sock_src6, *sock_dst6; |
4872 | - struct sockaddr_in *sock_src4, *sock_dst4; |
4873 | - struct in6_addr any = IN6ADDR_ANY_INIT; |
4874 | + struct sockaddr_in6 *sock_src6, *sock_dst6; |
4875 | + struct sockaddr_in *sock_src4, *sock_dst4; |
4876 | + struct in6_addr any = IN6ADDR_ANY_INIT; |
4877 | |
4878 | HIP_ASSERT(src_hit != NULL && dst_hit != NULL); |
4879 | |
4880 | @@ -554,7 +554,7 @@ |
4881 | IPV6_TO_IPV4_MAP(src_hit, &sock_src4->sin_addr); |
4882 | sock_dst4->sin_family = AF_INET; |
4883 | IPV6_TO_IPV4_MAP(dst_hit, &sock_dst4->sin_addr); |
4884 | - sa_size = sizeof(struct sockaddr_in); |
4885 | + sa_size = sizeof(struct sockaddr_in); |
4886 | HIP_DEBUG_LSI("src4 addr ", &(sock_src4->sin_addr)); |
4887 | HIP_DEBUG_LSI("dst4 addr ", &(sock_dst4->sin_addr)); |
4888 | } else { |
4889 | @@ -562,8 +562,8 @@ |
4890 | ipv6_addr_copy(&sock_src6->sin6_addr, src_hit); |
4891 | sock_dst6->sin6_family = AF_INET6; |
4892 | ipv6_addr_copy(&sock_dst6->sin6_addr, dst_hit); |
4893 | - sa_size = sizeof(struct sockaddr_in6); |
4894 | - is_ipv6 = 1; |
4895 | + sa_size = sizeof(struct sockaddr_in6); |
4896 | + is_ipv6 = 1; |
4897 | HIP_DEBUG_HIT("src6 addr ", &(sock_src6->sin6_addr)); |
4898 | HIP_DEBUG_HIT("dst6 addr ", &(sock_dst6->sin6_addr)); |
4899 | } |
4900 | @@ -574,13 +574,13 @@ |
4901 | if (is_ipv6) { |
4902 | firewall_raw_sock = firewall_raw_sock_tcp_v6; |
4903 | ((struct tcphdr *) msg)->check |
4904 | - = ipv6_checksum(IPPROTO_TCP, &sock_src6->sin6_addr, |
4905 | - &sock_dst6->sin6_addr, msg, len); |
4906 | + = ipv6_checksum(IPPROTO_TCP, &sock_src6->sin6_addr, |
4907 | + &sock_dst6->sin6_addr, msg, len); |
4908 | } else { |
4909 | firewall_raw_sock = firewall_raw_sock_tcp_v4; |
4910 | ((struct tcphdr *) msg)->check |
4911 | - = ipv4_checksum(IPPROTO_TCP, (uint8_t *) &(sock_src4->sin_addr), |
4912 | - (uint8_t *) &(sock_dst4->sin_addr), msg, len); |
4913 | + = ipv4_checksum(IPPROTO_TCP, (uint8_t *) &(sock_src4->sin_addr), |
4914 | + (uint8_t *) &(sock_dst4->sin_addr), msg, len); |
4915 | } |
4916 | break; |
4917 | case IPPROTO_UDP: |
4918 | @@ -592,13 +592,13 @@ |
4919 | if (is_ipv6) { |
4920 | firewall_raw_sock = firewall_raw_sock_udp_v6; |
4921 | ((struct udphdr *) msg)->check |
4922 | - = ipv6_checksum(IPPROTO_UDP, &sock_src6->sin6_addr, |
4923 | - &sock_dst6->sin6_addr, msg, len); |
4924 | + = ipv6_checksum(IPPROTO_UDP, &sock_src6->sin6_addr, |
4925 | + &sock_dst6->sin6_addr, msg, len); |
4926 | } else { |
4927 | firewall_raw_sock = firewall_raw_sock_udp_v4; |
4928 | ((struct udphdr *) msg)->check |
4929 | - = ipv4_checksum(IPPROTO_UDP, (uint8_t *) &(sock_src4->sin_addr), |
4930 | - (uint8_t *) &(sock_dst4->sin_addr), msg, len); |
4931 | + = ipv4_checksum(IPPROTO_UDP, (uint8_t *) &(sock_src4->sin_addr), |
4932 | + (uint8_t *) &(sock_dst4->sin_addr), msg, len); |
4933 | } |
4934 | break; |
4935 | case IPPROTO_ICMP: |
4936 | @@ -613,11 +613,11 @@ |
4937 | |
4938 | break; |
4939 | case IPPROTO_ICMPV6: |
4940 | - firewall_raw_sock = firewall_raw_sock_icmp_v6; |
4941 | + firewall_raw_sock = firewall_raw_sock_icmp_v6; |
4942 | ((struct icmp6_hdr *) msg)->icmp6_cksum = htons(0); |
4943 | ((struct icmp6_hdr *) msg)->icmp6_cksum |
4944 | - = ipv6_checksum(IPPROTO_ICMPV6, &sock_src6->sin6_addr, |
4945 | - &sock_dst6->sin6_addr, msg, len); |
4946 | + = ipv6_checksum(IPPROTO_ICMPV6, &sock_src6->sin6_addr, |
4947 | + &sock_dst6->sin6_addr, msg, len); |
4948 | break; |
4949 | |
4950 | case IPPROTO_ESP: |
4951 | |
4952 | === modified file 'firewall/rule_management.c' |
4953 | --- firewall/rule_management.c 2011-01-10 15:23:36 +0000 |
4954 | +++ firewall/rule_management.c 2011-01-11 14:04:40 +0000 |
4955 | @@ -127,9 +127,9 @@ |
4956 | static void check_and_write_default_config(const char *file) |
4957 | { |
4958 | struct stat status; |
4959 | - FILE *fp = NULL; |
4960 | - ssize_t items; |
4961 | - int i = 0; |
4962 | + FILE *fp = NULL; |
4963 | + ssize_t items; |
4964 | + int i = 0; |
4965 | |
4966 | /* Firewall depends on hipd to create HIPL_SYSCONFDIR */ |
4967 | for (i = 0; i < 5; i++) { |
4968 | @@ -269,8 +269,8 @@ |
4969 | */ |
4970 | void print_rule_tables(void) |
4971 | { |
4972 | - struct dlist *list = input_rules; |
4973 | - struct rule *rule = NULL; |
4974 | + struct dlist *list = input_rules; |
4975 | + struct rule *rule = NULL; |
4976 | while (list != NULL) { |
4977 | rule = list->data; |
4978 | print_rule(rule); |
4979 | @@ -359,7 +359,7 @@ |
4980 | static struct hit_option *parse_hit(char *token) |
4981 | { |
4982 | struct hit_option *option = malloc(sizeof(struct hit_option)); |
4983 | - struct in6_addr *hit = NULL; |
4984 | + struct in6_addr *hit = NULL; |
4985 | |
4986 | if (!strcmp(token, NEGATE_STR)) { |
4987 | option->boolean = 0; |
4988 | @@ -388,10 +388,10 @@ |
4989 | */ |
4990 | static int load_rsa_file(FILE *fp, struct hip_host_id *hi) |
4991 | { |
4992 | - int err = 0; |
4993 | - RSA *rsa = NULL; |
4994 | - unsigned char *rsa_key_rr = NULL; |
4995 | - int rsa_key_rr_len; |
4996 | + int err = 0; |
4997 | + RSA *rsa = NULL; |
4998 | + unsigned char *rsa_key_rr = NULL; |
4999 | + int rsa_key_rr_len; |
5000 |
The diff has been truncated for viewing.
As promised last week, this branch will be merged very soon now. Any last minute comments are welcome, of course.