X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=site.c;h=b83919c3b4467bc484a5a18fbea78373d6920044;hb=e0d2e637f0931a4a3c897abbc4e38a3f357ba3d4;hp=70cc3166231df1cd1bcccf3943d6f3b87ef98c0f;hpb=92ae57c54d1d725a6ff4e4e37fc1e20774261058;p=secnet.git

diff --git a/site.c b/site.c
index 70cc316..b83919c 100644
--- a/site.c
+++ b/site.c
@@ -296,6 +296,7 @@ struct site {
 /* configuration information */
     string_t localname;
     string_t remotename;
+    bool_t keepalive;
     bool_t local_mobile, peer_mobile; /* Mobile client support */
     int32_t transport_peers_max;
     string_t tunname; /* localname<->remotename by default, used in logs */
@@ -1146,6 +1147,10 @@ static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
     case LABEL_MSG7:
 	/* We must forget about the current session. */
 	delete_keys(st,"request from peer",LOG_SEC);
+	/* probably, the peer is shutting down, and this is going to fail,
+	 * but we need to be trying to bring the link up again */
+	if (st->keepalive)
+	    initiate_key_setup(st,"peer requested key teardown",0);
 	return True;
     case LABEL_MSG9:
 	/* Deliver to netlink layer */
@@ -1429,6 +1434,9 @@ static void enter_state_run(struct site *st)
     memset(st->dhsecret,0,st->dh->len);
     memset(st->sharedsecret,0,st->sharedsecretlen);
     set_link_quality(st);
+
+    if (st->keepalive && !current_valid(st))
+	initiate_key_setup(st, "keepalive", 0);
 }
 
 static bool_t ensure_resolving(struct site *st)
@@ -1967,6 +1975,8 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     st->localname=dict_read_string(dict, "local-name", True, "site", loc);
     st->remotename=dict_read_string(dict, "name", True, "site", loc);
 
+    st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
+
     st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
     st->local_mobile=
 	dict_read_bool(dict,"local-mobile",False,"site",loc,False);