{ 't', T_TUNNEL, "tunnel events" },
{ 'r', T_PEER, "peer events" },
{ 'a', T_ADMIN, "admin interface" },
- { 'p', T_PACKET, "packet contents" },
- { 'c', T_CRYPTO, "crypto details" },
{ 's', T_KEYSET, "symmetric keyset management" },
{ 'x', T_KEYEXCH, "key exchange" },
{ 'm', T_KEYMGMT, "key management" },
+ { 'l', T_CHAL, "challenge management" },
+ { 'p', T_PACKET, "packet contents" },
+ { 'c', T_CRYPTO, "crypto details" },
{ 'A', T_ALL, "all of the above" },
{ 0, 0, 0 }
};
goto again;
if (errno != EAGAIN && errno != EWOULDBLOCK) {
a_destroy(a);
- a_warn("ADMIN client-read-error -- %s", strerror(errno));
+ a_warn("ADMIN", "client-write-error", "?ERRNO", A_END);
return (-1);
}
}
/*----- Utility functions -------------------------------------------------*/
+/* --- @quotify@ --- *
+ *
+ * Arguments: @dstr *d@ = where to write the answer
+ * @const char *p@ = string to quotify
+ *
+ * Returns: ---
+ *
+ * Use: Quotes the given string if necessary, according to our
+ * quoting rules.
+ */
+
+static void quotify(dstr *d, const char *p)
+{
+ if (d->len)
+ dstr_putc(d, ' ');
+ if (*p && !p[strcspn(p, "\"' \t\n\v")])
+ dstr_puts(d, p);
+ else {
+ dstr_putc(d, '\"');
+ while (*p) {
+ if (*p == '\\' || *p == '\"')
+ dstr_putc(d, '\\');
+ dstr_putc(d, *p++);
+ }
+ dstr_putc(d, '\"');
+ }
+}
+
+/* --- @a_vformat@ --- *
+ *
+ * Arguments: @dstr *d@ = where to leave the formatted message
+ * @const char *fmt@ = pointer to format string
+ * @va_list ap@ = arguments in list
+ *
+ * Returns: ---
+ *
+ * Use: Main message token formatting driver.
+ */
+
+static void a_vformat(dstr *d, const char *fmt, va_list ap)
+{
+ dstr dd = DSTR_INIT;
+
+ while (fmt) {
+ if (*fmt == '*') {
+ dstr_putc(d, ' ');
+ dstr_vputf(d, fmt + 1, &ap);
+ } else if (*fmt == '?') {
+ if (strcmp(fmt, "?ADDR") == 0) {
+ const addr *a = va_arg(ap, const addr *);
+ switch (a->sa.sa_family) {
+ case AF_INET:
+ quotify(d, "INET");
+ quotify(d, inet_ntoa(a->sin.sin_addr));
+ dstr_putf(d, " %u", (unsigned)ntohs(a->sin.sin_port));
+ break;
+ default:
+ abort();
+ }
+ } else if (strcmp(fmt, "?B64") == 0) {
+ const octet *p = va_arg(ap, const octet *);
+ size_t n = va_arg(ap, size_t);
+ base64_ctx b64;
+ dstr_putc(d, ' ');
+ base64_init(&b64);
+ b64.indent = "";
+ b64.maxline = 0;
+ base64_encode(&b64, p, n, d);
+ base64_encode(&b64, 0, 0, d);
+ while (d->len && d->buf[d->len - 1] == '=') d->len--;
+ } else if (strcmp(fmt, "?PEER") == 0)
+ quotify(d, p_name(va_arg(ap, peer *)));
+ else if (strcmp(fmt, "?ERRNO") == 0) {
+ dstr_putf(d, " E%d", errno);
+ quotify(d, strerror(errno));
+ } else
+ abort();
+ } else {
+ if (*fmt == '!') fmt++;
+ DRESET(&dd);
+ dstr_vputf(&dd, fmt, &ap);
+ quotify(d, dd.buf);
+ }
+ fmt = va_arg(ap, const char *);
+ }
+
+ dstr_destroy(&dd);
+}
+
/* --- @a_write@, @a_vwrite@ --- *
*
* Arguments: @admin *a@ = admin connection to write to
const char *fmt, va_list ap)
{
dstr d = DSTR_INIT;
-
if (tag) dstr_puts(&d, "BG");
dstr_puts(&d, status);
- if (tag) {
- dstr_putc(&d, ' ');
- dstr_puts(&d, tag);
- }
- if (fmt) {
- dstr_putc(&d, ' ');
- dstr_vputf(&d, fmt, &ap);
- }
+ if (tag) quotify(&d, tag);
+ a_vformat(&d, fmt, ap);
dstr_putc(&d, '\n');
dosend(a, d.buf, d.len);
dstr_destroy(&d);
* Use: Convenience functions for @a_write@.
*/
-static void a_ok(admin *a) { a_write(a, "OK", 0, 0); }
+static void a_ok(admin *a) { a_write(a, "OK", 0, A_END); }
static void a_info(admin *a, const char *fmt, ...)
{
if (!(flags & F_INIT))
return;
- if (fmt)
- dstr_vputf(&d, fmt, &ap);
+ a_vformat(&d, fmt, ap);
a_rawalert(f_and, f_eq, tag, fmt ? d.buf : 0, fmt ? d.len : 0);
dstr_destroy(&d);
}
if (flags & F_INIT)
a_valert(0, 0, "WARN", fmt, ap);
else {
+ dstr d = DSTR_INIT;
fprintf(stderr, "%s: ", QUIS);
- vfprintf(stderr, fmt, ap);
- fputc('\n', stderr);
+ a_vformat(&d, fmt, ap);
+ dstr_putc(&d, '\n');
+ dstr_write(&d, stderr);
+ dstr_destroy(&d);
}
va_end(ap);
}
p = buf;
break;
}
- a_warn("SERVER quit signal %s", p);
+ a_warn("SERVER", "quit", "signal", "%s", p, A_END);
a_quit();
}
static void a_sighup(int sig, void *v)
{
- a_warn("SERVER ignore signal SIGHUP");
+ a_warn("SERVER", "ignore", "signal", "SIGHUP", A_END);
}
/* --- @a_parsetime@ --- *
return (t);
}
+/* --- @a_findpeer@ --- *
+ *
+ * Arguments: @admin *a@ = admin connection
+ * @const char *pn@ = peer name
+ *
+ * Returns: The peer, or null if not there.
+ *
+ * Use: Finds a peer, reporting an error if it failed.
+ */
+
+static peer *a_findpeer(admin *a, const char *pn)
+{
+ peer *p;
+
+ if ((p = p_find(pn)) == 0)
+ a_fail(a, "unknown-peer", "%s", pn, A_END);
+ return (p);
+}
+
/*----- Backgrounded operations -------------------------------------------*/
#define BGTAG(bg) \
*/
static void a_bgok(admin_bgop *bg)
- { a_write(bg->a, "OK", bg->tag, 0); }
+ { a_write(bg->a, "OK", bg->tag, A_END); }
static void a_bginfo(admin_bgop *bg, const char *fmt, ...)
{
a->bg = bg;
a_lock(a);
T( trace(T_ADMIN, "admin: add bgop %s", BGTAG(bg)); )
- if (tag) a_write(a, "DETACH", tag, 0);
+ if (tag) a_write(a, "DETACH", tag, A_END);
}
-/*----- Adding peers ------------------------------------------------------*/
+/*----- Name resolution operations ----------------------------------------*/
-/* --- @a_addfree@ --- *
+/* --- @a_resolved@ --- *
*
- * Arguments: @admin_addop *add@ = operation block
+ * Arguments: @struct hostent *h@ = pointer to resolved hostname
+ * @void *v@ = pointer to resolver operation
*
* Returns: ---
*
- * Use: Frees an add operation.
+ * Use: Handles a completed name resolution.
*/
-static void a_addfree(admin_addop *add)
+static void a_resolved(struct hostent *h, void *v)
{
- T( trace(T_ADMIN, "admin: free add op %s", BGTAG(add)); )
- if (add->peer.name) xfree(add->peer.name);
- if (add->paddr) xfree(add->paddr);
-}
+ admin_resop *r = v;
+
+ T( trace(T_ADMIN, "admin: resop %s resolved", BGTAG(r)); )
+ TIMER;
+ if (!h) {
+ a_bgfail(&r->bg, "resolve-error", "%s", r->addr, A_END);
+ r->func(r, ARES_FAIL);
+ } else {
+ memcpy(&r->sa.sin.sin_addr, h->h_addr, sizeof(struct in_addr));
+ r->func(r, ARES_OK);
+ }
+ sel_rmtimer(&r->t);
+ xfree(r->addr);
+ a_bgrelease(&r->bg);
+}
-/* --- @a_addcancel@ --- *
+/* --- @a_restimer@ --- *
*
- * Arguments: @admin_bgop *bg@ = background operation
+ * Arguments: @struct timeval *tv@ = timer
+ * @void *v@ = pointer to resolver operation
*
* Returns: ---
*
- * Use: Cancels an add operation.
+ * Use: Times out a resolver.
*/
-static void a_addcancel(admin_bgop *bg)
+static void a_restimer(struct timeval *tv, void *v)
{
- admin_addop *add = (admin_addop *)bg;
-
- T( trace(T_ADMIN, "admin: cancel add op %s", BGTAG(add)); )
- sel_rmtimer(&add->t);
- bres_abort(&add->r);
- a_addfree(add);
+ admin_resop *r = v;
+
+ T( trace(T_ADMIN, "admin: resop %s timeout", BGTAG(r)); )
+ a_bgfail(&r->bg, "resolver-timeout", "%s", r->addr, A_END);
+ r->func(r, ARES_FAIL);
+ bres_abort(&r->r);
+ xfree(r->addr);
+ a_bgrelease(&r->bg);
}
-/* --- @a_doadd@ --- *
+/* --- @a_rescancel@ --- *
*
- * Arguments: @admin_addop *add@ = operation block
+ * Arguments: @admin_bgop *bg@ = background operation
*
* Returns: ---
*
- * Use: Does the peer add thing.
+ * Use: Cancels an add operation.
*/
-static void a_doadd(admin_addop *add)
+static void a_rescancel(admin_bgop *bg)
{
- if (p_find(add->peer.name))
- a_bgfail(&add->bg, "peer-exists %s", add->peer.name);
- else if (!p_create(&add->peer))
- a_bgfail(&add->bg, "peer-create-fail %s", add->peer.name);
- else
- a_bgok(&add->bg);
+ admin_resop *r = (admin_resop *)bg;
+
+ T( trace(T_ADMIN, "admin: cancel resop %s", BGTAG(r)); )
+ r->func(r, ARES_FAIL);
+ sel_rmtimer(&r->t);
+ xfree(r->addr);
+ bres_abort(&r->r);
}
-
-/* --- @a_addresolve@ --- *
+
+/* --- @a_resolve@ --- *
*
- * Arguments: @struct hostent *h@ = pointer to resolved hostname
- * @void *v@ = pointer to add operation
+ * Arguments: @admin *a@ = administration connection
+ * @admin_resop *r@ = resolver operation to run
+ * @const char *tag@ = background operation tag
+ * @void (*func)(struct admin_resop *, int@ = handler function
+ * @unsigned ac@ = number of remaining arguments
+ * @char *av[]@ = pointer to remaining arguments
*
* Returns: ---
*
- * Use: Handles a completed name resolution.
+ * Use: Cranks up a resolver job.
*/
-static void a_addresolve(struct hostent *h, void *v)
+static void a_resolve(admin *a, admin_resop *r, const char *tag,
+ void (*func)(struct admin_resop *, int),
+ unsigned ac, char *av[])
{
- admin_addop *add = v;
+ struct timeval tv;
+ unsigned long pt;
+ char *p;
+ int i = 0;
- T( trace(T_ADMIN, "admin: add op %s resolved", BGTAG(add)); )
- TIMER;
- if (!h)
- a_bgfail(&add->bg, "resolve-error %s", add->paddr);
- else {
- memcpy(&add->peer.sa.sin.sin_addr, h->h_addr, sizeof(struct in_addr));
- a_doadd(add);
+ /* --- Fill in the easy bits of address --- */
+
+ r->addr = 0;
+ r->func = func;
+ if (mystrieq(av[i], "inet")) i++;
+ if (ac - i != 2) {
+ a_fail(a, "bad-addr-syntax", "[inet] ADDRESS PORT", A_END);
+ goto fail;
+ }
+ r->sa.sin.sin_family = AF_INET;
+ r->sasz = sizeof(r->sa.sin);
+ r->addr = xstrdup(av[i]);
+ pt = strtoul(av[i + 1], &p, 0);
+ if (*p) {
+ struct servent *s = getservbyname(av[i + 1], "udp");
+ if (!s) {
+ a_fail(a, "unknown-service", "%s", av[i + 1], A_END);
+ goto fail;
+ }
+ pt = ntohs(s->s_port);
+ }
+ if (pt == 0 || pt >= 65536) {
+ a_fail(a, "invalid-port", "%lu", pt, A_END);
+ goto fail;
+ }
+ r->sa.sin.sin_port = htons(pt);
+
+ /* --- Report backgrounding --- *
+ *
+ * Do this for consistency of interface, even if we're going to get the
+ * answer straight away.
+ */
+
+ a_bgadd(a, &r->bg, tag, a_rescancel);
+ T( trace(T_ADMIN, "admin: %u, resop %s, hostname `%s'",
+ a->seq, BGTAG(r), r->addr); )
+
+ /* --- If the name is numeric, do it the easy way --- */
+
+ if (inet_aton(av[i], &r->sa.sin.sin_addr)) {
+ T( trace(T_ADMIN, "admin: resop %s done the easy way", BGTAG(r)); )
+ func(r, ARES_OK);
+ xfree(r->addr);
+ a_bgrelease(&r->bg);
+ return;
}
- sel_rmtimer(&add->t);
- a_addfree(add);
- a_bgrelease(&add->bg);
+
+ /* --- Store everything for later and crank up the resolver --- */
+
+ gettimeofday(&tv, 0);
+ tv.tv_sec += T_RESOLVE;
+ sel_addtimer(&sel, &r->t, &tv, a_restimer, r);
+ bres_byname(&r->r, r->addr, a_resolved, r);
+ return;
+
+fail:
+ func(r, ARES_FAIL);
+ if (r->addr) xfree(r->addr);
+ xfree(r);
}
-/* --- @a_addtimer@ --- *
+/*----- Adding peers ------------------------------------------------------*/
+
+/* --- @a_doadd@ --- *
*
- * Arguments: @struct timeval *tv@ = timer
- * @void *v@ = pointer to add operation
+ * Arguments: @admin_resop *r@ = resolver operation
+ * @int rc@ = how it worked
*
* Returns: ---
*
- * Use: Times out a resolver.
+ * Use: Handles a completed resolution.
*/
-static void a_addtimer(struct timeval *tv, void *v)
+static void a_doadd(admin_resop *r, int rc)
{
- admin_addop *add = v;
+ admin_addop *add = (admin_addop *)r;
- T( trace(T_ADMIN, "admin: add op %s timeout", BGTAG(add)); )
- a_bgfail(&add->bg, "resolver-timeout %s\n", add->paddr);
- bres_abort(&add->r);
- a_addfree(add);
- a_bgrelease(&add->bg);
+ T( trace(T_ADMIN, "admin: done add op %s", BGTAG(add)); )
+
+ if (rc == ARES_OK) {
+ add->peer.sasz = add->r.sasz;
+ add->peer.sa = add->r.sa;
+ if (p_find(add->peer.name))
+ a_bgfail(&add->r.bg, "peer-exists", "%s", add->peer.name, A_END);
+ else if (!p_create(&add->peer))
+ a_bgfail(&add->r.bg, "peer-create-fail", "%s", add->peer.name, A_END);
+ else
+ a_bgok(&add->r.bg);
+ }
+
+ xfree(add->peer.name);
}
/* --- @acmd_add@ --- *
static void acmd_add(admin *a, unsigned ac, char *av[])
{
- unsigned long pt;
- struct timeval tv;
unsigned i, j;
- char *p;
const char *tag = 0;
admin_addop *add = 0;
- /* --- Make sure someone's not got there already --- */
-
- if (p_find(av[0])) {
- a_fail(a, "peer-exists %s", av[0]);
- goto fail;
- }
-
/* --- Set stuff up --- */
add = xmalloc(sizeof(*add));
add->peer.name = xstrdup(av[0]);
add->peer.t_ka = 0;
add->peer.tops = tun_default;
- add->paddr = 0;
+
+ /* --- Make sure someone's not got there already --- */
+
+ if (p_find(av[0])) {
+ a_fail(a, "peer-exists", "%s", av[0], A_END);
+ goto fail;
+ }
/* --- Parse options --- */
if (!av[++i]) goto bad_syntax;
for (j = 0;; j++) {
if (!tunnels[j]) {
- a_fail(a, "unknown-tunnel %s", av[i]);
- return;
+ a_fail(a, "unknown-tunnel", "%s", av[i], A_END);
+ goto fail;
}
if (mystrieq(av[i], tunnels[j]->name)) {
add->peer.tops = tunnels[j];
long t;
if (!av[++i]) goto bad_syntax;
if ((t = a_parsetime(av[i])) < 0) {
- a_fail(a, "bad-time-spec %s", av[i]);
- return;
+ a_fail(a, "bad-time-spec", "%s", av[i], A_END);
+ goto fail;
}
add->peer.t_ka = t;
} else if (mystrieq(av[i], "--")) {
i++;
}
- /* --- Fill in the easy bits of address --- */
+ /* --- Crank up the resolver --- */
- if (mystrieq(av[i], "inet")) i++;
- if (ac - i != 2) {
- a_fail(a, "bad-syntax -- add PEER [OPTIONS] [inet] ADDRESS PORT");
- goto fail;
- }
- add->peer.sa.sin.sin_family = AF_INET;
- add->peer.sasz = sizeof(add->peer.sa.sin);
- add->paddr = xstrdup(av[i]);
- pt = strtoul(av[i + 1], &p, 0);
- if (*p) {
- struct servent *s = getservbyname(av[i + 1], "udp");
- if (!s) {
- a_fail(a, "unknown-service %s", av[i + 1]);
- goto fail;
- }
- pt = ntohs(s->s_port);
- }
- if (pt == 0 || pt >= 65536) {
- a_fail(a, "invalid-port %lu", pt);
- goto fail;
- }
- add->peer.sa.sin.sin_port = htons(pt);
-
- /* --- Report backgrounding --- *
- *
- * Do this for consistency of interface, even if we're going to get the
- * answer straight away.
- */
-
- a_bgadd(a, &add->bg, tag, a_addcancel);
- T( trace(T_ADMIN, "admin: %u, add op %s resolving hostname `%s'",
- a->seq, BGTAG(add), add->paddr); )
-
- /* --- If the name is numeric, do it the easy way --- */
-
- if (inet_aton(av[i], &add->peer.sa.sin.sin_addr)) {
- T( trace(T_ADMIN, "admin: add op %s done the easy way", BGTAG(add)); )
- a_doadd(add);
- a_addfree(add);
- a_bgrelease(&add->bg);
- return;
- }
-
- /* --- Store everything for later and crank up the resolver --- */
-
- gettimeofday(&tv, 0);
- tv.tv_sec += T_RESOLVE;
- sel_addtimer(&sel, &add->t, &tv, a_addtimer, add);
- bres_byname(&add->r, add->paddr, a_addresolve, add);
+ a_resolve(a, &add->r, tag, a_doadd, ac - i, av + i);
return;
+ /* --- Clearing up --- */
+
bad_syntax:
- a_fail(a, "bad-syntax -- add PEER [OPTIONS] ADDR ...");
+ a_fail(a, "bad-syntax", "add", "PEER [OPTIONS] ADDR ...", A_END);
fail:
- if (add) {
- a_addfree(add);
- xfree(add);
- }
+ xfree(add->peer.name);
+ xfree(add);
return;
}
gettimeofday(&tv, 0);
tv_sub(&tv, &tv, &pg->pingtime);
millis = (double)tv.tv_sec * 1000 + (double)tv.tv_usec/1000;
- a_bginfo(&pg->bg, "ping-ok %.1f", millis);
+ a_bginfo(&pg->bg, "ping-ok", "%.1f", millis, A_END);
a_bgok(&pg->bg);
break;
case PING_TIMEOUT:
- a_bginfo(&pg->bg, "ping-timeout");
+ a_bginfo(&pg->bg, "ping-timeout", A_END);
a_bgok(&pg->bg);
break;
case PING_PEERDIED:
- a_bginfo(&pg->bg, "ping-peer-died");
+ a_bginfo(&pg->bg, "ping-peer-died", A_END);
a_bgok(&pg->bg);
break;
default:
} else if (mystrieq(av[i], "-timeout")) {
if (!av[++i]) goto bad_syntax;
if ((t = a_parsetime(av[i])) < 0) {
- a_fail(a, "bad-time-spec %s", av[i]);
+ a_fail(a, "bad-time-spec", "%s", av[i], A_END);
return;
}
} else if (mystrieq(av[i], "--")) {
}
if (!av[i]) goto bad_syntax;
- if ((p = p_find(av[i])) == 0) {
- a_fail(a, "unknown-peer %s", av[i]);
+ if ((p = a_findpeer(a, av[i])) == 0)
return;
- }
pg = xmalloc(sizeof(*pg));
gettimeofday(&pg->pingtime, 0);
a_bgadd(a, &pg->bg, tag, a_pingcancel);
T( trace(T_ADMIN, "admin: ping op %s: %s to %s",
BGTAG(pg), cmd, p_name(p)); )
if (p_pingsend(p, &pg->ping, msg, t, a_pong, pg)) {
- a_bgfail(&pg->bg, "ping-send-failed");
+ a_bgfail(&pg->bg, "ping-send-failed", A_END);
a_bgrelease(&pg->bg);
}
return;
bad_syntax:
- a_fail(a, "bad-syntax -- %s [OPTIONS] PEER", cmd);
+ a_fail(a, "bad-syntax", "%s", cmd, "[OPTIONS] PEER", cmd, A_END);
return;
}
if (!ac || strcmp(av[0], "?") == 0) {
const trace_opt *t;
for (t = tt; t->ch; t++) {
- a_info(a, "%c%c %s",
- t->ch, (*ff & t->f) == t->f ? '+' : ' ', t->help);
+ a_info(a, "*%c%c %s",
+ t->ch, (*ff & t->f) == t->f ? '+' : ' ', t->help, A_END);
}
} else {
unsigned sense = 1;
goto tropt_ok;
}
}
- a_fail(a, "bad-%s-option %c", what, *p);
+ a_fail(a, "bad-%s-option", what, "%c", *p, A_END);
return (0);
tropt_ok:;
break;
traceish(a, ac, av, "watch", w_opts, &a->f);
}
-static void quotify(dstr *d, const char *p)
-{
- if (d->len)
- dstr_putc(d, ' ');
- if (*p && !p[strcspn(p, "\"' \t\n\v")])
- dstr_puts(d, p);
- else {
- dstr_putc(d, '\"');
- while (*p) {
- if (*p == '\\' || *p == '\"')
- dstr_putc(d, '\\');
- dstr_putc(d, *p++);
- }
- dstr_putc(d, '\"');
- }
-}
-
static void alertcmd(admin *a, unsigned f_and, unsigned f_eq,
const char *tag, unsigned ac, char *av[])
{
static void acmd_port(admin *a, unsigned ac, char *av[])
{
- a_info(a, "%u", p_port());
+ a_info(a, "%u", p_port(), A_END);
a_ok(a);
}
static void acmd_daemon(admin *a, unsigned ac, char *av[])
{
if (flags & F_DAEMON)
- a_fail(a, "already-daemon");
+ a_fail(a, "already-daemon", A_END);
else {
- a_notify("DAEMON");
+ a_notify("DAEMON", A_END);
if (a_stdin)
a_destroy(a_stdin);
if (u_daemon())
- a_fail(a, "daemon-error -- %s", strerror(errno));
+ a_fail(a, "daemon-error", "?ERRNO", A_END);
else {
flags |= F_DAEMON;
a_ok(a);
{
peer *p;
for (p = p_first(); p; p = p_next(p))
- a_info(a, "%s", p_name(p));
+ a_info(a, "%s", p_name(p), A_END);
a_ok(a);
}
{
peer *p;
- if ((p = p_find(av[0])) == 0)
- a_fail(a, "unknown-peer %s", av[0]);
- else {
- a_info(a, "%s", p_ifname(p));
+ if ((p = a_findpeer(a, av[0])) != 0) {
+ a_info(a, "%s", p_ifname(p), A_END);
+ a_ok(a);
+ }
+}
+
+static void acmd_getchal(admin *a, unsigned ac, char *av[])
+{
+ buf b;
+
+ buf_init(&b, buf_i, PKBUFSZ);
+ c_new(&b);
+ a_info(a, "?B64", BBASE(&b), (size_t)BLEN(&b), A_END);
+ a_ok(a);
+}
+
+static void acmd_checkchal(admin *a, unsigned ac, char *av[])
+{
+ base64_ctx b64;
+ buf b;
+ dstr d = DSTR_INIT;
+
+ base64_init(&b64);
+ base64_decode(&b64, av[0], strlen(av[0]), &d);
+ base64_decode(&b64, 0, 0, &d);
+ buf_init(&b, d.buf, d.len);
+ if (c_check(&b) || BBAD(&b) || BLEFT(&b))
+ a_fail(a, "invalid-challenge", A_END);
+ else
+ a_ok(a);
+ dstr_destroy(&d);
+}
+
+static void acmd_greet(admin *a, unsigned ac, char *av[])
+{
+ peer *p;
+ base64_ctx b64;
+ dstr d = DSTR_INIT;
+
+ if ((p = a_findpeer(a, av[0])) != 0) {
+ base64_init(&b64);
+ base64_decode(&b64, av[1], strlen(av[1]), &d);
+ base64_decode(&b64, 0, 0, &d);
+ p_greet(p, d.buf, d.len);
+ dstr_destroy(&d);
a_ok(a);
}
}
peer *p;
const addr *ad;
- if ((p = p_find(av[0])) == 0)
- a_fail(a, "unknown-peer %s", av[0]);
- else {
+ if ((p = a_findpeer(a, av[0])) != 0) {
ad = p_addr(p);
assert(ad->sa.sa_family == AF_INET);
- a_info(a, "INET %s %u",
- inet_ntoa(ad->sin.sin_addr),
- (unsigned)ntohs(ad->sin.sin_port));
+ a_info(a, "?ADDR", ad, A_END);
a_ok(a);
}
}
peer *p;
const peerspec *ps;
- if ((p = p_find(av[0])) == 0) {
- a_fail(a, "unknown-peer %s", av[0]);
- return;
+ if ((p = a_findpeer(a, av[0])) != 0) {
+ ps = p_spec(p);
+ a_info(a, "tunnel=%s", ps->tops->name, A_END);
+ a_info(a, "keepalive=%lu", ps->t_ka, A_END);
+ a_ok(a);
}
-
- ps = p_spec(p);
- a_info(a, "tunnel=%s", ps->tops->name);
- a_info(a, "keepalive=%lu", ps->t_ka);
- a_ok(a);
}
static void acmd_servinfo(admin *a, unsigned ac, char *av[])
{
- a_info(a, "implementation=edgeware-tripe");
- a_info(a, "version=%s", VERSION);
- a_info(a, "daemon=%s", BOOL(flags & F_DAEMON));
+ a_info(a, "implementation=edgeware-tripe", A_END);
+ a_info(a, "version=%s", VERSION, A_END);
+ a_info(a, "daemon=%s", BOOL(flags & F_DAEMON), A_END);
a_ok(a);
}
peer *p;
stats *st;
- if ((p = p_find(av[0])) == 0) {
- a_fail(a, "unknown-peer %s", av[0]);
+ if ((p = a_findpeer(a, av[0])) == 0)
return;
- }
st = p_stats(p);
- a_info(a, "start-time=%s", timestr(st->t_start));
- a_info(a, "last-packet-time=%s", timestr(st->t_last));
- a_info(a, "last-keyexch-time=%s", timestr(st->t_kx));
- a_info(a, "packets-in=%lu bytes-in=%lu", st->n_in, st->sz_in);
+ a_info(a, "start-time=%s", timestr(st->t_start), A_END);
+ a_info(a, "last-packet-time=%s", timestr(st->t_last), A_END);
+ a_info(a, "last-keyexch-time=%s", timestr(st->t_kx), A_END);
+ a_info(a, "packets-in=%lu bytes-in=%lu", st->n_in, st->sz_in, A_END);
a_info(a, "packets-out=%lu bytes-out=%lu",
- st->n_out, st->sz_out);
+ st->n_out, st->sz_out, A_END);
a_info(a, "keyexch-packets-in=%lu keyexch-bytes-in=%lu",
- st->n_kxin, st->sz_kxin);
+ st->n_kxin, st->sz_kxin, A_END);
a_info(a, "keyexch-packets-out=%lu keyexch-bytes-out=%lu",
- st->n_kxout, st->sz_kxout);
+ st->n_kxout, st->sz_kxout, A_END);
a_info(a, "ip-packets-in=%lu ip-bytes-in=%lu",
- st->n_ipin, st->sz_ipin);
+ st->n_ipin, st->sz_ipin, A_END);
a_info(a, "ip-packets-out=%lu ip-bytes-out=%lu",
- st->n_ipout, st->sz_ipout);
- a_info(a, "rejected-packets=%lu", st->n_reject);
+ st->n_ipout, st->sz_ipout, A_END);
+ a_info(a, "rejected-packets=%lu", st->n_reject, A_END);
a_ok(a);
}
static void acmd_kill(admin *a, unsigned ac, char *av[])
{
peer *p;
- if ((p = p_find(av[0])) == 0)
- a_fail(a, "unknown-peer %s", av[0]);
- else {
+ if ((p = a_findpeer(a, av[0])) != 0) {
p_destroy(p);
a_ok(a);
}
static void acmd_forcekx(admin *a, unsigned ac, char *av[])
{
peer *p;
- if ((p = p_find(av[0])) == 0)
- a_fail(a, "unknown-peer %s", av[0]);
- else {
+ if ((p = a_findpeer(a, av[0])) != 0) {
kx_start(&p->kx, 1);
a_ok(a);
}
static void acmd_quit(admin *a, unsigned ac, char *av[])
{
- a_warn("SERVER quit admin-request");
+ a_warn("SERVER", "quit", "admin-request", A_END);
a_ok(a);
a_unlock(a);
a_quit();
static void acmd_version(admin *a, unsigned ac, char *av[])
{
- a_info(a, "%s %s", PACKAGE, VERSION);
+ a_info(a, "%s", PACKAGE, "%s", VERSION, A_END);
a_ok(a);
}
{
int i;
for (i = 0; tunnels[i]; i++)
- a_info(a, "%s", tunnels[i]->name);
+ a_info(a, "%s", tunnels[i]->name, A_END);
a_ok(a);
}
static void acmd_help(admin */*a*/, unsigned /*ac*/, char */*av*/[]);
static const acmd acmdtab[] = {
- { "add", "add PEER [OPTIONS] ADDR ...",
- 2, 0xffff, acmd_add },
- { "addr", "addr PEER", 1, 1, acmd_addr },
- { "daemon", "daemon", 0, 0, acmd_daemon },
- { "eping", "eping [OPTIONS] PEER", 1, 0xffff, acmd_eping },
- { "forcekx", "forcekx PEER", 1, 1, acmd_forcekx },
- { "help", "help", 0, 0, acmd_help },
- { "ifname", "ifname PEER", 1, 1, acmd_ifname },
- { "kill", "kill PEER", 1, 1, acmd_kill },
- { "list", "list", 0, 0, acmd_list },
- { "notify", "notify MESSAGE ...", 1, 0xffff, acmd_notify },
- { "peerinfo", "peerinfo PEER", 1, 1, acmd_peerinfo },
- { "ping", "ping [OPTIONS] PEER", 1, 0xffff, acmd_ping },
- { "port", "port", 0, 0, acmd_port },
- { "quit", "quit", 0, 0, acmd_quit },
- { "reload", "reload", 0, 0, acmd_reload },
- { "servinfo", "servinfo", 0, 0, acmd_servinfo },
- { "stats", "stats PEER", 1, 1, acmd_stats },
+ { "add", "PEER [OPTIONS] ADDR ...", 2, 0xffff, acmd_add },
+ { "addr", "PEER", 1, 1, acmd_addr },
+ { "checkchal", "CHAL", 1, 1, acmd_checkchal },
+ { "daemon", 0, 0, 0, acmd_daemon },
+ { "eping", "[OPTIONS] PEER", 1, 0xffff, acmd_eping },
+ { "forcekx", "PEER", 1, 1, acmd_forcekx },
+ { "getchal", 0, 0, 0, acmd_getchal },
+ { "greet", "PEER CHAL", 2, 2, acmd_greet },
+ { "help", 0, 0, 0, acmd_help },
+ { "ifname", "PEER", 1, 1, acmd_ifname },
+ { "kill", "PEER", 1, 1, acmd_kill },
+ { "list", 0, 0, 0, acmd_list },
+ { "notify", "MESSAGE ...", 1, 0xffff, acmd_notify },
+ { "peerinfo", "PEER", 1, 1, acmd_peerinfo },
+ { "ping", "[OPTIONS] PEER", 1, 0xffff, acmd_ping },
+ { "port", 0, 0, 0, acmd_port },
+ { "quit", 0, 0, 0, acmd_quit },
+ { "reload", 0, 0, 0, acmd_reload },
+ { "servinfo", 0, 0, 0, acmd_servinfo },
+ { "stats", "PEER", 1, 1, acmd_stats },
#ifndef NTRACE
- { "trace", "trace [OPTIONS]", 0, 1, acmd_trace },
+ { "trace", "[OPTIONS]", 0, 1, acmd_trace },
#endif
- { "tunnels", "tunnels", 0, 0, acmd_tunnels },
- { "version", "version", 0, 0, acmd_version },
- { "warn", "warn MESSAGE ...", 1, 0xffff, acmd_warn },
- { "watch", "watch [OPTIONS]", 0, 1, acmd_watch },
+ { "tunnels", 0, 0, 0, acmd_tunnels },
+ { "version", 0, 0, 0, acmd_version },
+ { "warn", "MESSAGE ...", 1, 0xffff, acmd_warn },
+ { "watch", "[OPTIONS]", 0, 1, acmd_watch },
{ 0, 0, 0, 0, 0 }
};
static void acmd_help(admin *a, unsigned ac, char *av[])
{
const acmd *c;
- for (c = acmdtab; c->name; c++)
- a_info(a, "%s", c->help);
+ for (c = acmdtab; c->name; c++) {
+ if (c->help)
+ a_info(a, "%s", c->name, "*%s", c->help, A_END);
+ else
+ a_info(a, "%s", c->name, A_END);
+ }
a_ok(a);
}
for (c = acmdtab; c->name; c++) {
if (mystrieq(av[0], c->name)) {
ac--;
- if (c->argmin > ac || ac > c->argmax)
- a_fail(a, "bad-syntax -- %s", c->help);
- else {
+ if (c->argmin > ac || ac > c->argmax) {
+ if (!c->help)
+ a_fail(a, "bad-syntax", "%s", c->name, "", A_END);
+ else
+ a_fail(a, "bad-syntax", "%s", c->name, "%s", c->help, A_END);
+ } else {
a_lock(a);
c->func(a, ac, av + 1);
a_unlock(a);
return;
}
}
- a_fail(a, "unknown-command %s", av[0]);
+ a_fail(a, "unknown-command", "%s", av[0], A_END);
}
/* --- @a_create@ --- *
a->seq = seq++; )
T( trace(T_ADMIN, "admin: accepted connection %u", a->seq); )
a->bg = 0;
+ a->ref = 0;
a->f = f;
if (fd_in == STDIN_FILENO) a_stdin = a;
fdflags(fd_in, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
if ((nfd = accept(fd, (struct sockaddr *)&sun, &sz)) < 0) {
if (errno != EINTR && errno != EAGAIN && errno != EWOULDBLOCK &&
errno != ECONNABORTED && errno != EPROTO)
- a_warn("ADMIN accept-error -- %s", strerror(errno));
+ a_warn("ADMIN", "accept-error", "?ERRNO", A_END);
return;
}
a_create(nfd, nfd, 0);
~mdw / tripe / blobdiff