allowing another attempt [20000]
renegotiate-time (integer): if we see traffic on the link after this time
then renegotiate another session key immediately [depends on key-lifetime]
- keepalive (bool): if True then attempt always to keep a valid session key
+ keepalive (bool): if True then attempt always to keep a valid session key.
+ Not actually currently implemented. [false]
log-events (string list): types of events to log for this site
unexpected: unexpected key setup packets (may be late retransmissions)
setup-init: start of attempt to setup a session key
int32_t key_renegotiate_time; /* If we see traffic (or a keepalive)
after this time, initiate a new
key exchange */
- bool_t keepalive; /* Send keepalives to detect peer failure (not yet
- implemented) */
uint8_t *setupsig; /* Expected signature of incoming MSG1 packets */
int32_t setupsiglen; /* Allows us to discard packets quickly if
cfgfatal(loc,"site",
"renegotiate-time must be less than key-lifetime\n");
}
- st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
st->log_events=string_list_to_word(dict_lookup(dict,"log-events"),
log_event_table,"site");