Allow different peer associations to use different private keys.

[tripe] / server / admin.c

diff --git a/server/admin.c b/server/admin.c
index 0fb57cd8645e6061f02bf8624ed1c8af6d2e0b41..0e3effb0a00389324e2d1b5939402961809432d5 100644 (file)
--- a/server/admin.c
+++ b/server/admin.c
@@ -1250,6 +1250,7 @@ static void acmd_add(admin *a, unsigned ac, char *av[])
   add = xmalloc(sizeof(*add));
   add->peer.name = 0;
   add->peer.tag = 0;
+  add->peer.privtag = 0;
   add->peer.t_ka = 0;
   add->peer.tops = tun_default;
   add->peer.f = 0;
@@ -1279,6 +1280,11 @@ static void acmd_add(admin *a, unsigned ac, char *av[])
       add->peer.tag = xstrdup(arg);
     })
     OPT("-mobile", { add->peer.f |= PSF_MOBILE; })
+    OPTARG("-priv", arg, {
+      if (add->peer.privtag)
+       xfree(add->peer.privtag);
+      add->peer.privtag = xstrdup(arg);
+    })
   });
 
   /* --- Make sure someone's not got there already --- */
@@ -1304,6 +1310,7 @@ bad_syntax:
 fail:
   if (add->peer.name) xfree(add->peer.name);
   if (add->peer.tag) xfree(add->peer.tag);
+  if (add->peer.privtag) xfree(add->peer.privtag);
   xfree(add);
   return;
 }
@@ -1828,7 +1835,10 @@ static void acmd_peerinfo(admin *a, unsigned ac, char *av[])
   if ((p = a_findpeer(a, av[0])) != 0) {
     ps = p_spec(p);
     a_info(a, "tunnel=%s", ps->tops->name, A_END);
-    a_info(a, "key=%s", p_tag(p), A_END);
+    a_info(a, "key=%s", p_tag(p),
+          "current-key=%s", p->kx.kpub->tag, A_END);
+    a_info(a, "private-key=%s", p_privtag(p),
+          "current-private-key=%s", p->kx.kpriv->tag, A_END);
     a_info(a, "keepalive=%lu", ps->t_ka, A_END);
     a_ok(a);
   }