{
close(sock.fd);
unlink(sockname);
- FOREACH_PEER(p, { p_destroy(p); });
+ FOREACH_PEER(p, { p_destroy(p, 1); });
ps_quit();
exit(0);
}
{ fam = "ANY"; af = AF_UNSPEC; i++; }
else for (j = 0; j < NADDRFAM; j++) {
if (mystrieq(av[i], aftab[j].name)) {
- if (udpsock[j].fd < 0) {
+ if (udpsock[j].sf.fd < 0) {
a_fail(a, "disabled-address-family", "%s", aftab[j].name, A_END);
goto fail;
}
aihint.ai_flags = AI_NUMERICHOST;
if (!getaddrinfo(av[i], 0, &aihint, &ailist)) {
for (ai = ailist; ai; ai = ai->ai_next) {
- if ((j = afix(ai->ai_family)) >= 0 && udpsock[j].fd >= 0)
+ if ((j = afix(ai->ai_family)) >= 0 && udpsock[j].sf.fd >= 0)
break;
}
if (!ai) {
#ifdef HAVE_LIBADNS
qf = adns_qf_search;
for (j = 0; j < NADDRFAM; j++) {
- if ((af == AF_UNSPEC || af == aftab[i].af) && udpsock[j].fd >= 0)
+ if ((af == AF_UNSPEC || af == aftab[i].af) && udpsock[j].sf.fd >= 0)
qf |= aftab[j].qf;
}
if ((err = adns_submit(ads, r->addr, adns_r_addr, qf, r, &r->q)) != 0) {
a_bgfail(&r->bg, "resolve-error", "%s", r->addr, A_END);
goto fail_release;
}
- if (udpsock[AFIX_INET].fd < 0) {
+ if (udpsock[AFIX_INET].sf.fd < 0) {
a_bgfail(&r->bg, "disabled-address-family", "INET", A_END);
goto fail_release;
}
if (add->peer.tag) xfree(add->peer.tag);
if (add->peer.privtag) xfree(add->peer.privtag);
+ if (add->peer.knock) xfree(add->peer.knock);
xfree(add->peer.name);
}
add->peer.name = 0;
add->peer.tag = 0;
add->peer.privtag = 0;
+ add->peer.knock = 0;
add->peer.t_ka = 0;
add->peer.tops = tun_default;
add->peer.f = 0;
})
OPTTIME("-keepalive", t, { add->peer.t_ka = t; })
OPT("-cork", { add->peer.f |= KXF_CORK; })
+ OPT("-ephemeral", { add->peer.f |= PSF_EPHEM; })
OPTARG("-key", arg, {
if (add->peer.tag) xfree(add->peer.tag);
add->peer.tag = xstrdup(arg);
})
- OPT("-mobile", { add->peer.f |= PSF_MOBILE; })
+ OPT("-mobile", { add->peer.f |= PSF_MOBILE | PSF_EPHEM; })
OPTARG("-priv", arg, {
if (add->peer.privtag) xfree(add->peer.privtag);
add->peer.privtag = xstrdup(arg);
})
+ OPTARG("-knock", arg, {
+ if (add->peer.knock) xfree(add->peer.knock);
+ add->peer.knock = xstrdup(arg);
+ add->peer.f |= PSF_EPHEM;
+ })
});
/* --- Make sure someone's not got there already --- */
if (add->peer.name) xfree(add->peer.name);
if (add->peer.tag) xfree(add->peer.tag);
if (add->peer.privtag) xfree(add->peer.privtag);
+ if (add->peer.knock) xfree(add->peer.knock);
xfree(add);
return;
}
a_fail(a, "unknown-address-family", "%s", av[0], A_END);
return;
found:
- if (udpsock[i].fd < 0) {
+ if (udpsock[i].sf.fd < 0) {
a_fail(a, "disabled-address-family", "%s", aftab[i].name, A_END);
return;
}
} else {
for (i = 0; i < NADDRFAM; i++)
- if (udpsock[i].fd >= 0) goto found;
+ if (udpsock[i].sf.fd >= 0) goto found;
abort();
}
- a_info(a, "%u", p_port(i), A_END);
+ a_info(a, "%u", udpsock[i].port, A_END);
a_ok(a);
}
buf b;
buf_init(&b, buf_i, PKBUFSZ);
- c_new(&b);
+ c_new(0, 0, &b);
a_info(a, "?B64", BBASE(&b), (size_t)BLEN(&b), A_END);
a_ok(a);
}
a_fail(a, "bad-base64", "%s", codec_strerror(err), A_END);
else {
buf_init(&b, d.buf, d.len);
- if (c_check(&b) || BBAD(&b) || BLEFT(&b))
+ if (c_check(0, 0, &b) || BBAD(&b) || BLEFT(&b))
a_fail(a, "invalid-challenge", A_END);
else
a_ok(a);
if ((p = a_findpeer(a, av[0])) != 0) {
ps = p_spec(p);
a_info(a, "tunnel=%s", ps->tops->name, A_END);
+ if (ps->knock) a_info(a, "knock=%s", ps->knock, A_END);
a_info(a, "key=%s", p_tag(p),
"current-key=%s", p->kx.kpub->tag, A_END);
if ((ptag = p_privtag(p)) == 0) ptag = "(default)";
a_info(a, "keepalive=%lu", ps->t_ka, A_END);
a_info(a, "corked=%s", BOOL(p->kx.f&KXF_CORK),
"mobile=%s", BOOL(ps->f&PSF_MOBILE),
+ "ephemeral=%s", BOOL(ps->f&PSF_EPHEM),
A_END);
a_ok(a);
}
peer *p;
if ((p = a_findpeer(a, av[0])) != 0) {
- p_destroy(p);
+ p_destroy(p, 1);
a_ok(a);
}
}