X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/9c6a8729f6553615786878b382d4d44d2a54eec0..9c6af4eca6bfb7bed6f86b1f32479f933979c080:/make-secnet-sites

diff --git a/make-secnet-sites b/make-secnet-sites
index 7747c23..f3beffa 100755
--- a/make-secnet-sites
+++ b/make-secnet-sites
@@ -97,7 +97,7 @@ class hash:
 	"A choice of hash function"
 	def __init__(self,w):
 		self.ht=w[1]
-		if (self.ht!='md5' and self.ht!='sha1'):
+		if (self.ht not in ('md5', 'sha1', 'sha512')):
 			complain("unknown hash type %s"%(self.ht))
 	def __str__(self):
 		return '%s'%(self.ht)
@@ -267,7 +267,6 @@ class sitelevel(level):
 	 'networks':None,
 	 'peer':None,
 	 'pubkey':(lambda n,v:"key %s;\n"%v),
-	 'address':(lambda n,v:"address %s;\n"%v),
 	 'mobile':sp,
 	})
 	require_properties={
@@ -381,13 +380,16 @@ def pline(i,allow_include=False):
 			current=nl
 		obstack.append(current)
 		return [i]
-	if current.allow_properties.has_key(keyword):
-		set_property(current,w)
-		return [i]
-	else:
+	if not current.allow_properties.has_key(keyword):
 		complain("Property %s not allowed at %s level"%
 			(keyword,current.type))
 		return []
+	elif current.depth == vpnlevel.depth < allow_defs:
+		complain("Not allowed to set VPN properties here")
+		return []
+	else:
+		set_property(current,w)
+		return [i]
 
 	complain("unknown keyword '%s'"%(keyword))