X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=ipif%2Fforwarder.c;h=d3a0f0fc24804bd882b00789dedd0e9ac700f26a;hb=ed509ebded419ce594b9c6a6942cf41033a7a16b;hp=58678329378e2bb04ac5c8b08e77c101bea138fb;hpb=b18a1d7b97679cf304b8badd9d011dffd0e7bcdf;p=userv-utils.git

diff --git a/ipif/forwarder.c b/ipif/forwarder.c
index 5867832..d3a0f0f 100644
--- a/ipif/forwarder.c
+++ b/ipif/forwarder.c
@@ -7,8 +7,8 @@
  *                      <encdec-keys-fd>
  *                      <mtu> <keepalive> <timeout>
  *                      <public-remote-addr> [<public-remote-port>]
- *                      !<mech1> [<mech1-params> ...]
- *                      !<mech2> [<mech2-params> ...]
+ *                      |<mech1> [<mech1-params> ...]
+ *                      |<mech2> [<mech2-params> ...]
  *                      ''
  *
  * Remote addr may '' to mean wait to receive a packet and reply to
@@ -19,6 +19,10 @@
  *    w   means generate and write encdec keys, rather than reading them
  *    K   means do crypto debug (use with care!)
  *
+ * encdec keys datastream has keys for packets from key datastream
+ * writer to reader first, then keys for packets from reader to
+ * writer.
+ *
  * Every must be numeric.  There is very little argument checking.
  *
  * Exit status:
@@ -71,8 +75,8 @@ static time_t nextsendka;
 
 static void cdebug(int mechno /*or -1*/, const char *msg) {
   if (!crypto_debug) return;
-  printf("%s: CRYPTO: %-20s %s\n",
-	 programid,
+  printf("%-8.8s: CRYPTO: %-20s %s\n",
+	 uname_result.nodename,
 	 mechno >= 0 ? mechs[mechno]->name : "",
 	 msg);
 }
@@ -127,6 +131,7 @@ void random_key(void *ptr, size_t sz) {
     write_must(encdec_keys_fd,ptr,sz,"write keys datastream");
   } else {
     read_must(encdec_keys_fd,ptr,sz,"read keys datastream");
+    cdebughex(-1, "random_key", ptr, sz, 0,0,0);
   }
 }
 
@@ -335,18 +340,26 @@ int main(int argc, const char *const *const argv_in) {
   maxprefix= 0;
   i= 0;
   while ((arg= *++argv)) {
-    arg_assert(*arg++ == '!');
+    arg_assert(*arg++ == '|');
     arg_assert(i <= MAXMECHS);
     mechs[i]= find_mech(arg);
-    cdebug(i,"encsetup");
 
+    cdebug(i,"writer->reader setup");
     argv_save= argv;
-    mechs[i]->encsetup(&md_out[i], &maxprefix, &maxsuffix);
+
+    if (encdec_keys_write)
+      mechs[i]->encsetup(&md_out[i], &maxprefix, &maxsuffix);
+    else
+      mechs[i]->decsetup(&md_in[i]);
 
     argv_done= argv;
     argv= argv_save;
-    cdebug(i,"decsetup");
-    mechs[i]->decsetup(&md_in[i]);
+    cdebug(i,"reader->writer setup");
+
+    if (encdec_keys_write)
+      mechs[i]->decsetup(&md_in[i]);
+    else
+      mechs[i]->encsetup(&md_out[i], &maxprefix, &maxsuffix);
 
     assert(argv == argv_done);