chiark / gitweb /
server: Use the new kdata system.
Challenges use the algorithms associated with the master key. This will
continue to be the case, since there isn't a specific private or public
key to associate with the challenge.
It looks like the keyexch subsystem has been turned upside-down, but
apart from the initialization and key refresh it's all just a matter of
adding the necessary indirections into group and algorithm lookups.
Since algorithms are now (logically, at least) distinct for different
peer associations, allow a `peer' argument to the ALGS command, and pass
the correct information to the ifup script so that it can calculate the
MTU properly.
At this point, we no longer need the compatibility interface in keymgmt,
so remove it, and the molly-guard preventing updates to the master key.