.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
.
.\"--------------------------------------------------------------------------
-.so ../defs.man.in \" @@@PRE@@@
+.so ../common/defs.man \" @@@PRE@@@
.
.\"--------------------------------------------------------------------------
.TH tripe-admin 5 "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
linefeed character. No command may be longer than 255 characters.
.SS "General structure"
Each command or response line consists of a sequence of
-whitespace-separated words. The number and nature of whitespace
-characters separating two words in a client command is not significant;
-the server always uses a single space character. The first word in a
+whitespace-separated tokens. The number and nature of whitespace
+characters separating two tokens in a client command is not significant;
+the server always uses a single space character. The first token in a
line is a
.I keyword
identifying the type of command or response contained. Keywords in
client commands are not case-sensitive; the server always uses uppercase
for its keywords.
+.PP
+In order to allow tokens to contain internal whitespace, a quoting
+mechanism is provided. Whitespace within matched pairs of quotes \(en
+either single
+.RB ` ' '
+or double
+.RB ` """" '
+\(en is considered to be internal. Any character (other than newline)
+may be escaped by preceding it with a backslash
+.RB ` \e ':
+in particular, this can be used to include quote characters. It is
+impossible for a token to contain a newline character.
+.PP
+On output, the server will use double quotes when necessary.
.SS "Simple commands"
For simple client command, the server responds with zero or more
.B INFO
A background command will never issue an
.B OK
or
-.B BGINFO
+.B INFO
response: it will always detach and then issue any
.B BGINFO
lines followed by
.SP
.BI "SVCCLAIM " service " " version
Another client has claimed a later version of the named
-.I service. The recipient is no longer the provider of this service.
+.IR service .
+The recipient is no longer the provider of this service.
.SP
.BI "SVCJOB " jobid " " service " " command " " args \fR...
Announces the arrival of a new job. The
.BR BG ...
responses when appropriate.)
.SS "Network addresses"
-A network address is a sequence of words. The first is a token
+A network address is a sequence of tokens. The first is a token
identifying the network address family. The length of an address and
-the meanings of the subsequent words depend on the address family.
+the meanings of the subsequent tokens depend on the address family.
Address family tokens are not case-sensitive on input; on output, they
are always in upper-case.
.PP
does not block the main server, but will block the requesting client,
unless the command is run in the background.
.PP
-If, on input, no recognised address family token is found, the following
-words are assumed to represent an
+If, on input, no recognized address family token is found, the following
+tokens are assumed to represent an
.B INET
address. Addresses output by the server always have an address family
token.
.BR SERVINFO )
produce output in the form of
.IB key = value
-pairs, one per word. Neither the
+pairs, one per token. Neither the
.I key
nor the
.I value
option on the command line). The
.I address
is the network address (see above for the format) at which the peer can
-be contacted. The following options are recognised.
+be contacted. The following options are recognized.
.RS
.\"+opts
.TP
for days, hours, minutes, or seconds respectively; if no suffix is
given, seconds are assumed.
.TP
+.BI "\-key " tag
+Use the public key
+.I tag
+to authenticate the peer. The default is to use the key tagged
+.IR peer .
+.TP
+.B "\-mobile"
+The peer is a mobile device, and is likely to change address rapidly.
+If a packet arrives from an unknown address, the server's usual response
+is to log a warning and discard it. If the server knows of any mobile
+peers, however, it will attempt to decrypt the packet using their keys,
+and if one succeeds, the server will update its idea of the peer's
+address and emit an
+.B NEWADDR
+notification.
+.TP
.BI "\-tunnel " tunnel
Use the named tunnel driver, rather than the default.
.\"-opts
.B keepalive
The keepalive interval, in seconds, or zero if no keepalives are to be
sent.
+.TP
+.B key
+The key tag being used for the peer, as passed to the
+.B ADD
+command. (You don't get a full key-id, since that might change while
+the daemon's running.)
.RE
.SP
.BI "PING \fR[" options "\fR] " peer
.B "VERSION"
Causes the server to emit an
.B INFO
-line stating its software version, as two words: the server name, and
+line stating its software version, as two tokens: the server name, and
its version string. The server name
.B tripe
is reserved to the Straylight/Edgeware implementation.
(For any command.) The command couldn't be understood: e.g., the number
of arguments was wrong.
.SP
-.BI "bad-time-spec " word
+.BI "bad-time-spec " token
The
-.I word
+.I token
is not a valid time interval specification. Acceptable time
specifications are nonnegative integers followed optionally by
.BR d ,
.SP
.BI "unknown-command " token
The command
-.B token
-was not recognised.
+.I token
+was not recognized.
+.SP
+.BI "unknown-jobid " jobid
+(For
+.BR SVCOK ,
+.BR SVCFAIL ,
+and
+.BR SVCINFO .)
+The token
+.I jobid
+is not recognized as identifying an outstanding job. It may have just
+been cancelled.
.SP
.BI "unknown-peer " name
(For
has begun or restarted. If key exchange keeps failing, this message
will be repeated periodically.
.SP
+.BI "NEWADDR " peer " " address
+The given mobile
+.IR peer 's
+IP address has been changed to
+.IR address .
+.SP
.BI "NEWIFNAME " peer " " old-name " " new-name
The given
.IR peer 's
An unknown key-exchange message arrived.
.SS "PEER warnings"
These are largely concerned with management of peers and the low-level
-details of the network protocol. The second word is usually the name of
+details of the network protocol. The second token is usually the name of
a peer, or
.RB ` \- '
if none is relevant.
that, or a deliberate attempt at a replay.
.SS "TUN warnings"
These concern the workings of the system-specific tunnel driver. The
-second word is the name of the tunnel interface in question, or
+second token is the name of the tunnel interface in question, or
.RB ` \- '
if none.
.SP
.BI "TUN " ifname " " tun-name " read-error " ecode " " message
Reading from the tunnel device failed.
.SP
+.BI "TUN " ifname " " tun-name " write-error " ecode " " message
+Writing from the tunnel device failed.
+.SP
.BI "TUN " ifname " slip bad-escape"
The SLIP driver encountered a escaped byte it wasn't expecting to see.
The erroneous packet will be ignored.