add = xmalloc(sizeof(*add));
add->peer.name = 0;
add->peer.tag = 0;
+ add->peer.privtag = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.f = 0;
add->peer.tag = xstrdup(arg);
})
OPT("-mobile", { add->peer.f |= PSF_MOBILE; })
+ OPTARG("-priv", arg, {
+ if (add->peer.privtag)
+ xfree(add->peer.privtag);
+ add->peer.privtag = xstrdup(arg);
+ })
});
/* --- Make sure someone's not got there already --- */
fail:
if (add->peer.name) xfree(add->peer.name);
if (add->peer.tag) xfree(add->peer.tag);
+ if (add->peer.privtag) xfree(add->peer.privtag);
xfree(add);
return;
}
static void acmd_algs(admin *a, unsigned ac, char *av[])
{
+ peer *p;
+ const kdata *kd;
+ const group *g;
+ const algswitch *algs;
+
+ if (!ac)
+ kd = master;
+ else {
+ if ((p = a_findpeer(a, av[0])) == 0) return;
+ kd = p->kx.kpriv;
+ }
+ g = kd->g;
+ algs = &kd->algs;
+
a_info(a,
- "kx-group=%s", gg->ops->name,
- "kx-group-order-bits=%lu", (unsigned long)mp_bits(gg->r),
- "kx-group-elt-bits=%lu", (unsigned long)gg->nbits,
+ "kx-group=%s", g->ops->name,
+ "kx-group-order-bits=%lu", (unsigned long)mp_bits(g->r),
+ "kx-group-elt-bits=%lu", (unsigned long)g->nbits,
A_END);
a_info(a,
- "hash=%s", algs.h->name,
- "mgf=%s", algs.mgf->name,
- "hash-sz=%lu", (unsigned long)algs.h->hashsz,
+ "hash=%s", algs->h->name,
+ "mgf=%s", algs->mgf->name,
+ "hash-sz=%lu", (unsigned long)algs->h->hashsz,
A_END);
a_info(a,
- "cipher=%s", algs.c->name,
- "cipher-keysz=%lu", (unsigned long)algs.cksz,
- "cipher-blksz=%lu", (unsigned long)algs.c->blksz,
+ "cipher=%s", algs->c->name,
+ "cipher-keysz=%lu", (unsigned long)algs->cksz,
+ "cipher-blksz=%lu", (unsigned long)algs->c->blksz,
A_END);
a_info(a,
- "cipher-data-limit=%lu", (unsigned long)algs.expsz,
+ "cipher-data-limit=%lu", (unsigned long)algs->expsz,
A_END);
a_info(a,
- "mac=%s", algs.m->name,
- "mac-keysz=%lu", (unsigned long)algs.mksz,
- "mac-tagsz=%lu", (unsigned long)algs.tagsz,
+ "mac=%s", algs->m->name,
+ "mac-keysz=%lu", (unsigned long)algs->mksz,
+ "mac-tagsz=%lu", (unsigned long)algs->tagsz,
A_END);
a_ok(a);
}
{
peer *p;
const peerspec *ps;
+ const char *ptag;
if ((p = a_findpeer(a, av[0])) != 0) {
ps = p_spec(p);
a_info(a, "tunnel=%s", ps->tops->name, A_END);
- a_info(a, "key=%s", p_tag(p), A_END);
+ a_info(a, "key=%s", p_tag(p),
+ "current-key=%s", p->kx.kpub->tag, A_END);
+ if ((ptag = p_privtag(p)) == 0) ptag = "(default)";
+ a_info(a, "private-key=%s", ptag,
+ "current-private-key=%s", p->kx.kpriv->tag, A_END);
a_info(a, "keepalive=%lu", ps->t_ka, A_END);
a_ok(a);
}
static const acmd acmdtab[] = {
{ "add", "[OPTIONS] PEER ADDR ...", 2, 0xffff, acmd_add },
{ "addr", "PEER", 1, 1, acmd_addr },
- { "algs", 0, 0, 0, acmd_algs },
+ { "algs", "[PEER]", 0, 1, acmd_algs },
{ "bgcancel", "TAG", 1, 1, acmd_bgcancel },
{ "checkchal", "CHAL", 1, 1, acmd_checkchal },
{ "daemon", 0, 0, 0, acmd_daemon },
~mdw / tripe / blobdiff