~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
server/keyexch.c: Check that all of the algorithms match when setting up.
[tripe]
/
server
/
tripe-admin.5.in
diff --git
a/server/tripe-admin.5.in
b/server/tripe-admin.5.in
index
a7aee7c
..
edd5677
100644
(file)
--- a/
server/tripe-admin.5.in
+++ b/
server/tripe-admin.5.in
@@
-27,7
+27,7
@@
.so ../common/defs.man \" @@@PRE@@@
.
.\"--------------------------------------------------------------------------
.so ../common/defs.man \" @@@PRE@@@
.
.\"--------------------------------------------------------------------------
-.TH tripe-admin 5 "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
+.TH tripe-admin 5
tripe
"18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
.
.\"--------------------------------------------------------------------------
.SH "NAME"
.
.\"--------------------------------------------------------------------------
.SH "NAME"
@@
-423,6
+423,12
@@
The mask-generating function in use, e.g.,
.B hashsz
The size of the hash function's output, in octets.
.TP
.B hashsz
The size of the hash function's output, in octets.
.TP
+.B bulk-transform
+The name of the bulk-crypto transform.
+.TP
+.B bulk-overhead
+The amount of overhead, in bytes, caused by the crypto transform.
+.TP
.B cipher
The name of the bulk data cipher in use, e.g.,
.BR blowfish-cbc .
.B cipher
The name of the bulk data cipher in use, e.g.,
.BR blowfish-cbc .
@@
-449,6
+455,16
@@
octets.
.TP
.B mac-tagsz
The length of the message authentication tag, in octets.
.TP
.B mac-tagsz
The length of the message authentication tag, in octets.
+.TP
+.B blkc
+The block cipher in use, e.g.,
+.BR blowfish .
+.TP
+.B blkc-keysz
+The length of key used by the block cipher, in octets.
+.TP
+.B blkc-blksz
+The block size of the block cipher.
.PP
The various sizes are useful, for example, when computing the MTU for a
tunnel interface. If
.PP
The various sizes are useful, for example, when computing the MTU for a
tunnel interface. If
@@
-456,13
+472,12
@@
tunnel interface. If
is the MTU of the path to the peer, then the tunnel MTU should be
.IP
.I MTU
is the MTU of the path to the peer, then the tunnel MTU should be
.IP
.I MTU
-\- 33 \-
-.I cipher-blksz
-\-
-.I mac-tagsz
+\- 29 \-
+.I bulk-overhead
.PP
allowing 20 bytes of IP header, 8 bytes of UDP header, a packet type
.PP
allowing 20 bytes of IP header, 8 bytes of UDP header, a packet type
-octet, a four-octet sequence number, an IV, and a MAC tag.
+octet, and the bulk-crypto transform overhead (which includes the
+sequence number).
.RE
.SP
.BI "BGCANCEL " tag
.RE
.SP
.BI "BGCANCEL " tag
@@
-478,7
+493,7
@@
or in a greeting message.
.SP
.B "DAEMON"
Causes the server to disassociate itself from its terminal and become a
.SP
.B "DAEMON"
Causes the server to disassociate itself from its terminal and become a
-background task. This only works once. A
warning
is issued.
+background task. This only works once. A
notification
is issued.
.SP
.BI "EPING \fR[" options "\fR] " peer
Sends an encrypted ping to the peer, and expects an encrypted response.
.SP
.BI "EPING \fR[" options "\fR] " peer
Sends an encrypted ping to the peer, and expects an encrypted response.
@@
-1261,6
+1276,12
@@
exchange.
.BI "KEYMGMT " which "-keyring " file " io-error " ecode " " message
A system error occurred while opening or reading the keyring file.
.SP
.BI "KEYMGMT " which "-keyring " file " io-error " ecode " " message
A system error occurred while opening or reading the keyring file.
.SP
+.BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk
+The key specifies the use of an unknown bulk-crypto transform
+.IR bulk .
+Maybe the key was generated wrongly, or maybe the version of Catacomb
+installed is too old.
+.SP
.BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher
The key specifies the use of an unknown symmetric encryption algorithm
.IR cipher .
.BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher
The key specifies the use of an unknown symmetric encryption algorithm
.IR cipher .