+tripe (1.0.0pre9maemo1) experimental; urgency=low
+
+ * Make conntrack rather more robust against errors.
+ * Logically separate key tags from peer names.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Mon, 17 May 2010 20:27:33 +0100
+
tripe (1.0.0pre8.1maemo1) experimental; urgency=low
* Maemo-specific hacking: remove GUI stuff and Wireshark integration;
[parent]
detail = in parent
blurb = expand $(detail)
-
-.PP
+.VE
Apart from its effect on lookups, as just described, the
.B @inherits
key is entirely ignored. In particular, it is never written to the
Interval for sending keepalive pings. Used by
.BR connect (8).
.TP
+.B key
+Key tag to use to authenticate the peer. Used by
+.BR connect (8).
+.TP
.B mtu
Maximum transmission unit for the tunnel interface. Used by
.BR tripe-ifup (8).
def add(me, peer, *addr, **kw):
return _simple(me.command(bg = True,
*['ADD'] +
- _kwopts(kw, ['tunnel', 'keepalive', 'cork']) +
+ _kwopts(kw, ['tunnel', 'keepalive',
+ 'key', 'cork']) +
[peer] +
list(addr)))
def addr(me, peer):
a_bgok(&add->r.bg);
}
+ if (add->peer.tag) xfree(add->peer.tag);
xfree(add->peer.name);
}
add = xmalloc(sizeof(*add));
add->peer.name = 0;
+ add->peer.tag = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.kxf = 0;
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
OPT("-cork", { add->peer.kxf |= KXF_CORK; })
+ OPTARG("-key", arg, {
+ if (add->peer.tag)
+ xfree(add->peer.tag);
+ add->peer.tag = xstrdup(arg);
+ })
});
/* --- Make sure someone's not got there already --- */
a_fail(a, "bad-syntax", "add", "[OPTIONS] PEER ADDR ...", A_END);
fail:
if (add->peer.name) xfree(add->peer.name);
+ if (add->peer.tag) xfree(add->peer.tag);
xfree(add);
return;
}
if ((p = a_findpeer(a, av[0])) != 0) {
ps = p_spec(p);
a_info(a, "tunnel=%s", ps->tops->name, A_END);
+ a_info(a, "key=%s", ps->tag, A_END);
a_info(a, "keepalive=%lu", ps->t_ka, A_END);
a_ok(a);
}
void kx_newkeys(keyexch *kx)
{
- if (km_getpubkey(p_name(kx->p), kx->kpub, &kx->texp_kpub))
+ if (km_getpubkey(p_tag(kx->p), kx->kpub, &kx->texp_kpub))
return;
kx->f |= KXF_PUBKEY;
if ((kx->f & KXF_DEAD) || kx->s != KXS_SWITCH) {
kx->ks = ks;
kx->p = p;
kx->kpub = G_CREATE(gg);
- if (km_getpubkey(p_name(p), kx->kpub, &kx->texp_kpub)) {
+ if (km_getpubkey(p_tag(p), kx->kpub, &kx->texp_kpub)) {
G_DESTROY(gg, kx->kpub);
return (-1);
}
T( trace(T_PEER, "peer: creating new peer `%s'", spec->name); )
p->spec = *spec;
p->spec.name = (/*unconst*/ char *)SYM_NAME(p->byname);
+ if (spec->tag)
+ p->spec.tag = xstrdup(spec->tag);
p->ks = 0;
p->pings = 0;
p->ifname = 0;
if (fd >= 0) close(fd);
tidy_2:
am_remove(&byaddr, p->byaddr);
+ if (p->spec.tag) xfree(p->spec.tag);
tidy_1:
sym_remove(&byname, p->byname);
tidy_0:
const char *p_name(peer *p) { return (p->spec.name); }
+/* --- @p_tag@ --- *
+ *
+ * Arguments: @peer *p@ = pointer to a peer block
+ *
+ * Returns: A pointer to the peer's public key tag.
+ */
+
+const char *p_tag(peer *p)
+ { return (p->spec.tag ? p->spec.tag : p->spec.name); }
+
/* --- @p_spec@ --- *
*
* Arguments: @peer *p@ = pointer to a peer block
kx_free(&p->kx);
if (p->ifname)
xfree(p->ifname);
+ if (p->spec.tag)
+ xfree(p->spec.tag);
p->t->ops->destroy(p->t);
if (p->spec.t_ka)
sel_rmtimer(&p->tka);
AT_CHECK([TRIPECTL -dalice ADD bob INET 127.0.0.1 $(cat bob/port)])
echo >>bob/expected-server-output \
"WARN PEER - unexpected-source INET 127.0.0.1 $(cat alice/port)"
- AT_CHECK([TRIPECTL -dbob ADD alice INET 127.0.0.1 $(cat alice/port)])
+ AT_CHECK([TRIPECTL -dbob ADD -key alice not-alice \
+ INET 127.0.0.1 $(cat alice/port)])
## Check transport pinging.
AT_CHECK([TRIPECTL -dalice PING bob],, [ignore])
- AT_CHECK([TRIPECTL -dbob PING alice],, [ignore])
+ AT_CHECK([TRIPECTL -dbob PING not-alice],, [ignore])
## Wait for the completion announcement.
wait
## Check encrypted pinging.
AT_CHECK([TRIPECTL -dalice EPING bob],, [ignore])
- AT_CHECK([TRIPECTL -dbob EPING alice],, [ignore])
+ AT_CHECK([TRIPECTL -dbob EPING not-alice],, [ignore])
## Check that packets can flow from one to the other.
AT_CHECK([echo "from alice" | USLIP -p alice/bob])
- AT_CHECK([USLIP -g bob/alice],, [from alice[]nl])
+ AT_CHECK([USLIP -g bob/not-alice],, [from alice[]nl])
- AT_CHECK([echo "from bob" | USLIP -p bob/alice])
+ AT_CHECK([echo "from bob" | USLIP -p bob/not-alice])
AT_CHECK([USLIP -g alice/bob],, [from bob[]nl])
])
for days, hours, minutes, or seconds respectively; if no suffix is
given, seconds are assumed.
.TP
+.BI "\-key " tag
+Use the public key
+.I tag
+to authenticate the peer. The default is to use the key tagged
+.IR peer .
+.TP
.BI "\-tunnel " tunnel
Use the named tunnel driver, rather than the default.
.\"-opts
.B keepalive
The keepalive interval, in seconds, or zero if no keepalives are to be
sent.
+.TP
+.B key
+The key tag being used for the peer, as passed to the
+.B ADD
+command. (You don't get a full key-id, since that might change while
+the daemon's running.)
.RE
.SP
.BI "PING \fR[" options "\fR] " peer
typedef struct peerspec {
char *name; /* Peer's name */
+ char *tag; /* Public key tag */
const tunnel_ops *tops; /* Tunnel operations */
unsigned long t_ka; /* Keep alive interval */
addr sa; /* Socket address to speak to */
extern const char *p_name(peer */*p*/);
+/* --- @p_tag@ --- *
+ *
+ * Arguments: @peer *p@ = pointer to a peer block
+ *
+ * Returns: A pointer to the peer's public key tag.
+ */
+
+extern const char *p_tag(peer */*p*/);
+
/* --- @p_spec@ --- *
*
* Arguments: @peer *p@ = pointer to a peer block
.RB [ \-cork ]
.RB [ \-keepalive
.IR time ]
+.RB [ \-key
+.IR tag ]
.RB [ \-tunnel
.IR driver ]
.I address
key.
.hP \*o
The option
+.B \-key
+.I tag
+is provided if the database record assigns a value
+.I tag
+to the
+.B key
+key.
+.hP \*o
+The option
.B \-tunnel
.I driver
is provided if the database record assigns a value
S.add(peer.name,
tunnel = peer.get('tunnel', None),
keepalive = peer.get('keepalive', None),
+ key = peer.get('key', None),
cork = peer.get('cork', 'nil') in ['t', 'true', 'y', 'yes', 'on'],
*addr)
except T.TripeError, exc:
begin with the tokens
.BR "USER conntrack" .
.SP
+.BI "USER conntrack dbus-connection " status
+The service's connection to D-Bus has changed state. The
+.I status
+is one of the following.
+.RS
+.TP
+.B startup
+Initially trying to connect.
+.TP
+.B connected
+Successfully established a connection to the bus.
+.TP
+.B lost
+A connection has been lost.
+.TP
+.BI state= label
+The service's internal state machine is confused.
+.SP
.BI "USER conntrack " up \fR| down " " reason\fR...
The network connection has apparently gone up or down, and
.B conntrack
token names a Python exception; the
.I error-text
describes the problem encountered, though it may not be very useful.
+.SP
+.BI "USER conntrack connect-failed " peer " " tokens\fR...
+An attempt to connect the named
+.I peer
+failed; the error message is given by the
+.IR tokens .
.
.\"--------------------------------------------------------------------------
.SH "SUMMARY"
if what == 'up':
found = True
elif what == 'down':
- changes.append(lambda p=p: SM.kill(p))
+ def _(p = p):
+ try:
+ SM.kill(p)
+ except T.TripeError, exc:
+ if exc.args[0] == 'unknown-peer':
+ ## Inherently racy; don't worry about this.
+ pass
+ else:
+ raise
+ changes.append(_)
## Start the right one if necessary.
if want is not None and (not found or ip != lastip.get(g, None)):
- changes.append(lambda: T._simple(SM.svcsubmit('connect', 'active',
- want)))
+ def _(want = want):
+ try:
+ SM.svcsubmit('connect', 'active', want)
+ except T.TripeError, exc:
+ SM.warn('conntrack', 'connect-failed', want, *exc.args)
+ changes.append(_)
lastip[g] = ip
## Commit the changes.
~mdw / tripe / commitdiff