X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/fc916a0942e6ef8f63aefb96119d0e4fd7c7efbb..449991a38a59d04c723791a3ca2897da5f2d9709:/server/tripe-admin.5.in diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in index 201b464b..c493d187 100644 --- a/server/tripe-admin.5.in +++ b/server/tripe-admin.5.in @@ -344,6 +344,78 @@ Emits an line reporting the IP address and port number stored for .IR peer . .SP +.B "ALGS" +Emits information about the cryptographic algorithms in use, in +key-value form. The keys are as follows. +.RS +.TP +.B kx-group +Type of key-exchange group in use, currently either +.B ec +or +.BR prime . +.TP +.B kx-group-order-bits +Length of the group order, in bits. This gives an approximate measure +of the group strength. +.TP +.B kx-group-elt-bits +Length of a group element, in bits. This may be useful when analyzing +protocol traces. +.TP +.B hash +The hash function in use, e.g., +.BR sha256 . +.TP +.B mgf +The mask-generating function in use, e.g., +.BR whirlpool-mgf . +.TP +.B hashsz +The size of the hash function's output, in octets. +.TP +.B cipher +The name of the bulk data cipher in use, e.g., +.BR blowfish-cbc . +.TP +.B cipher-keysz +The length of key used by the bulk data cipher, in octets. +.TP +.B cipher-blksz +The block size of the bulk data cipher, or zero if it's not based on a +block cipher. +.TP +.B cipher-data-limit +The maximum amount of data to be encrypted using a single key. (A new +key exchange is instigated well before the limit is reached, in order to +allow for a seamless changeover of keys.) +.TP +.B mac +The message authentication algorithm in use, e.g., +.BR ripemd160-hmac .. +.TP +.B mac-keysz +The length of the key used by the message authentication algorithm, in +octets. +.TP +.B mac-tagsz +The length of the message authentication tag, in octets. +.PP +The various sizes are useful, for example, when computing the MTU for a +tunnel interface. If +.I MTU +is the MTU of the path to the peer, then the tunnel MTU should be +.IP +.I MTU +\- 33 \- +.I cipher-blksz +\- +.I mac-tagsz +.PP +allowing 20 bytes of IP header, 8 bytes of UDP header, a packet type +octet, a four-octet sequence number, an IV, and a MAC tag. +.RE +.SP .BI "BGCANCEL " tag Cancels the background job with the named .IR tag . @@ -836,6 +908,12 @@ Adding failed for some reason. A warning should have been emitted explaining why. .SP +.BI "peer-addr-exists " address\fR... +(For +.BR ADD .) +There is already a peer with the given +.IR address . +.SP .BI "peer-exists " peer (For .BR ADD .) @@ -1276,6 +1354,11 @@ A client of the administration interface issued a .B QUIT command. .SP +.BI "SERVER quit foreground-eof" +The server is running in foreground mode (the +.B \-F +option), and encountered end-of-file on standard input. +.SP .BI "SERVER select-error " ecode " " message An error occurred in the server's main event loop. This is bad: if it happens too many times, the server will abort.