Copyright 1995-2003 Peter Benie
Copyright 2011 Richard Kettlewell
Copyright 2012 Matthew Vernon
- Copyright 2013 Mark Wooding
+ Copyright 2013-2019 Mark Wooding
Copyright 1995-2013 Simon Tatham
secnet is distributed under the terms of the GNU General Public
--help display this help and exit
--version output version information and exit
+* base91s
+
+secnet defines a variant of the base91 encoding `basE91', from
+ http://base91.sourceforge.net/
+
+base91s is the same as baseE91 except that:
+ - in the encoded charset, `"' is replaced with `-'
+ - spaces, newlines etc. and other characters outside the charset
+ are not permitted (although in some places they may be ignored,
+ this is not guaranteed).
+
* secnet builtin modules
** resolver
syslog (closure => log closure)
logfile: dict argument
- filename (string): where to log to
+ filename (string): where to log to; default is stderr
+ prefix (string): added to messages [""]
class (string list): what type of messages to log
{ "debug-config", M_DEBUG_CONFIG },
{ "debug-phase", M_DEBUG_PHASE },
packet [5; mobile: 30]
setup-timeout (integer): time between retransmissions of key negotiation
packets, in ms [2000; mobile: 1000]
- wait-time (integer): after failed key setup, wait this long (in ms) before
- allowing another attempt [20000; mobile: 10000]
+ wait-time (integer): after failed key setup, wait roughly this long
+ (in ms) before allowing another attempt [20000; mobile: 10000]
+ Actual wait time is randomly chosen between ~0.5x and ~1.5x this.
renegotiate-time (integer): if we see traffic on the link after this time
then renegotiate another session key immediately (in ms)
[half key-lifetime, or key-lifetime minus 5 mins (mobile: 12 hours),
I recommend you don't specify the 'interface' option unless you're
doing something that requires the interface name to be constant.
+** privcache
+
+Cache of dynamically loaded private keys.
+
+Defines:
+ priv-cache (closure => privcache closure)
+
+priv-cache: dict argument
+ privkeys (string): path prefix for private keys. Each key is
+ looked for at this path prefix followed by the 10-character
+ hex key id.
+ privcache-size (integer): optional, maximum number of private
+ keys to retain at once. [5]
+ privkey-max (integer): optional, maximum size of private key
+ file in bytes. [4095]
+
** rsa
Defines: