server/tests.at: Abstract out the wait-for-knock machinery.

[tripe] / server / tripe-admin.5.in

diff --git a/server/tripe-admin.5.in b/server/tripe-admin.5.in
index 66537ad..3e7bd8e 100644 (file)
--- a/server/tripe-admin.5.in
+++ b/server/tripe-admin.5.in
@@ -571,10 +571,24 @@ responses are the same as for the
 .B PING
 command.
 .SP
 .B PING
 command.
 .SP

-.BI "FORCEKX " peer
+.BI "FORCEKX \fR[" options "\fR] " peer

 Requests the server to begin a new key exchange with
 .I peer
 Requests the server to begin a new key exchange with
 .I peer

-immediately.
+immediately.  The following options are recognized.
+.RS
+.\"+opts
+.TP
+.B "\-quiet"
+Don't actually start a new key exchange; just quietly mark any previous
+key exchange as stale so that a fresh attempt from the peer will
+succeed.  This is was introduced for use during testing, but it's also
+useful when a remote peer has forgotten about us: it would be
+annoying if, once it's learns about us and tries to reinitiate a key
+exchange, we ignore it because we think we've already done one recently;
+on the other hand, forcing a key exchange before the remote peer has
+been reinformed about us is a waste of packets.
+.\"-opts
+.RE

 .SP
 .B "GETCHAL"
 Requests a challenge.  The challenge is returned in an
 .SP
 .B "GETCHAL"
 Requests a challenge.  The challenge is returned in an


@@ -614,9 +628,24 @@ line giving the tag for each outstanding background job.
 .BI "KILL " peer
 Causes the server to forget all about
 .IR peer .
 .BI "KILL " peer
 Causes the server to forget all about
 .IR peer .

-All keys are destroyed, and no more packets are sent.  No notification
-is sent to the peer: if it's important that the peer be notified, you
-must think of a way to do that yourself.
+All keys are destroyed, and no more packets are sent.  A
+.B bye
+message is sent to the peer if it's marked as
+.B "\-ephemeral"
+\(en see the
+.B "ADD"
+command.  The following options are
+recognized.
+.RS
+.\"+opts
+.TP
+.B "\-quiet"
+Suppress any
+.B bye
+message to an ephemeral peer: just quietly forget about it.  This is
+used during testing, and is not expected to be generally useful.
+.\"-opts
+.RE

 .SP
 .B "LIST"
 For each currently-known peer, an
 .SP
 .B "LIST"
 For each currently-known peer, an


@@ -1512,8 +1541,9 @@ implementation of HMAC for the selected hash function
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk
 The key specifies the use of an unknown bulk-crypto transform
 .IR bulk .
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-bulk-transform " bulk
 The key specifies the use of an unknown bulk-crypto transform
 .IR bulk .

-Maybe the key was generated wrongly, or maybe the version of Catacomb
-installed is too old.
+Maybe the key was generated wrongly, or maybe the version of
+.BR tripe (8)
+is too old.

 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher
 The key specifies the use of an unknown symmetric encryption algorithm
 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unknown-cipher " cipher
 The key specifies the use of an unknown symmetric encryption algorithm


@@ -1550,7 +1580,9 @@ version of Catacomb installed is too old.
 The key specifies the use of an unknown serialization format
 .I ser
 for hashing group elements.  Maybe the key was generated wrongly, or
 The key specifies the use of an unknown serialization format
 .I ser
 for hashing group elements.  Maybe the key was generated wrongly, or

-maybe the version of Catacomb installed is too old.
+maybe the version of
+.BR tripe (8)
+is too old.

 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unsuitable-aead-cipher " cipher "no-aad"
 The key specifies the use of an authenticated encryption scheme
 .SP
 .BI "KEYMGMT " which "-keyring " file " key " tag " unsuitable-aead-cipher " cipher "no-aad"
 The key specifies the use of an authenticated encryption scheme