They're now general flags, though they share the bottom bits of the
space with key-exchange flags. This is just a preliminary refactoring:
we'll be adding some peer-specific flags later.
arrange for that directory to exist with the correct permissions.
Don't try to open the log until after dropping privileges, so as to
provide a check that we can reopen them later.
arrange for that directory to exist with the correct permissions.
Don't try to open the log until after dropping privileges, so as to
provide a check that we can reopen them later.
+ * New peer option `mobile' can be set in peers.d files to indicate that
+ the peer's IP address and/or port are highly volatile and the server
+ should try to keep up with changes by attempting to decrypt incoming
+ packets using any available mobile keys.
- -- Mark Wooding <mdw@distorted.org.uk> Mon, 27 Jun 2011 09:51:08 +0100
+ -- Mark Wooding <mdw@distorted.org.uk> Mon, 27 Jun 2011 09:50:31 +0100
tripe (1.0.0pre10) experimental; urgency=low
tripe (1.0.0pre10) experimental; urgency=low
add->peer.tag = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.tag = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
/* --- Parse options --- */
/* --- Parse options --- */
}
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
}
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
- OPT("-cork", { add->peer.kxf |= KXF_CORK; })
+ OPT("-cork", { add->peer.f |= KXF_CORK; })
OPTARG("-key", arg, {
if (add->peer.tag)
xfree(add->peer.tag);
OPTARG("-key", arg, {
if (add->peer.tag)
xfree(add->peer.tag);
T( trace(T_TUNNEL, "peer: attached interface %s to peer `%s'",
p->ifname, p_name(p)); )
p_setkatimer(p);
T( trace(T_TUNNEL, "peer: attached interface %s to peer `%s'",
p->ifname, p_name(p)); )
p_setkatimer(p);
- if (kx_init(&p->kx, p, &p->ks, p->spec.kxf))
+ if (kx_init(&p->kx, p, &p->ks, p->spec.f & PSF_KXMASK))
goto tidy_4;
a_notify("ADD",
"?PEER", p,
"%s", p->ifname,
"?ADDR", &p->spec.sa,
A_END);
goto tidy_4;
a_notify("ADD",
"?PEER", p,
"%s", p->ifname,
"?ADDR", &p->spec.sa,
A_END);
- if (!(p->spec.kxf & KXF_CORK)) {
+ if (!(p->spec.f & KXF_CORK)) {
a_notify("KXSTART", "?PEER", p, A_END);
/* Couldn't tell anyone before */
}
a_notify("KXSTART", "?PEER", p, A_END);
/* Couldn't tell anyone before */
}
unsigned long t_ka; /* Keep alive interval */
addr sa; /* Socket address to speak to */
size_t sasz; /* Socket address size */
unsigned long t_ka; /* Keep alive interval */
addr sa; /* Socket address to speak to */
size_t sasz; /* Socket address size */
- unsigned kxf; /* Key exchange flags to set */
+ unsigned f; /* Flags for the peer */
+#define PSF_KXMASK 255u /* Key exchange flags to set */
} peerspec;
typedef struct peer_byname {
} peerspec;
typedef struct peer_byname {
~mdw / tripe / commitdiff