From c60b5015074146ea1fe5c438f5727e5f5cc08782 Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Mon, 25 May 2020 16:17:50 +0100 Subject: [PATCH] server/admin.c: Don't automatically mark `knock' peers as ephemeral. Organization: Straylight/Edgeware From: Mark Wooding This was a bad idea on my part. Consider a server which lives behind NAT, and therefore needs to use `knock' or some similar dynamic arrangement so as to inform its peers of its current public address. This shouldn't be considered ephemeral. In particular, if its peer decides, because of flaky networking, say, that it's no longer available, and sends a `BYE' packet, our server shouldn't actually stop trying to re-establish the connection. --- server/admin.c | 3 +-- server/tripe-admin.5.in | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/server/admin.c b/server/admin.c index ad44132f..b653522c 100644 --- a/server/admin.c +++ b/server/admin.c @@ -1457,7 +1457,7 @@ static void acmd_add(admin *a, unsigned ac, char *av[]) if (add->peer.tag) xfree(add->peer.tag); add->peer.tag = xstrdup(arg); }) - OPT("-mobile", { add->peer.f |= PSF_MOBILE | PSF_EPHEM; }) + OPT("-mobile", { add->peer.f |= PSF_MOBILE; }) OPTARG("-priv", arg, { if (add->peer.privtag) xfree(add->peer.privtag); add->peer.privtag = xstrdup(arg); @@ -1465,7 +1465,6 @@ static void acmd_add(admin *a, unsigned ac, char *av[]) OPTARG("-knock", arg, { if (add->peer.knock) xfree(add->peer.knock); add->peer.knock = xstrdup(arg); - add->peer.f |= PSF_EPHEM; }) }); diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in index bd2cce89..2055c9ab 100644 --- a/server/tripe-admin.5.in +++ b/server/tripe-admin.5.in @@ -414,7 +414,7 @@ emits a .B KNOCK notification stating the peer's (claimed) name and address. The server will already have verified that the sender is using the peer's private -key by this point. This option implies +key by this point. Prior to version 1.6.0, this option used to imply .BR \-ephemeral . .TP .B "\-mobile" @@ -425,7 +425,7 @@ peers, however, it will attempt to decrypt the packet using their keys, and if one succeeds, the server will update its idea of the peer's address and emit an .B NEWADDR -notification. This option implies +notification. Prior to version 1.6.0, this option used to imply .BR \-ephemeral . .TP .BI "\-priv " tag -- [mdw]