* <encdec-keys-fd>
* <mtu> <keepalive> <timeout>
* <public-remote-addr> [<public-remote-port>]
- * !<mech1> [<mech1-params> ...]
- * !<mech2> [<mech2-params> ...]
+ * |<mech1> [<mech1-params> ...]
+ * |<mech2> [<mech2-params> ...]
* ''
*
* Remote addr may '' to mean wait to receive a packet and reply to
* w means generate and write encdec keys, rather than reading them
* K means do crypto debug (use with care!)
*
+ * encdec keys datastream has keys for packets from key datastream
+ * writer to reader first, then keys for packets from reader to
+ * writer.
+ *
* Every must be numeric. There is very little argument checking.
*
* Exit status:
static void cdebug(int mechno /*or -1*/, const char *msg) {
if (!crypto_debug) return;
- printf("%s: CRYPTO: %-20s %s\n",
- programid,
+ printf("%-8.8s: CRYPTO: %-20s %s\n",
+ uname_result.nodename,
mechno >= 0 ? mechs[mechno]->name : "",
msg);
}
write_must(encdec_keys_fd,ptr,sz,"write keys datastream");
} else {
read_must(encdec_keys_fd,ptr,sz,"read keys datastream");
+ cdebughex(-1, "random_key", ptr, sz, 0,0,0);
}
}
maxprefix= 0;
i= 0;
while ((arg= *++argv)) {
- arg_assert(*arg++ == '!');
+ arg_assert(*arg++ == '|');
arg_assert(i <= MAXMECHS);
mechs[i]= find_mech(arg);
- cdebug(i,"encsetup");
+ cdebug(i,"writer->reader setup");
argv_save= argv;
- mechs[i]->encsetup(&md_in[i], &maxprefix, &maxsuffix);
+
+ if (encdec_keys_write)
+ mechs[i]->encsetup(&md_out[i], &maxprefix, &maxsuffix);
+ else
+ mechs[i]->decsetup(&md_in[i]);
argv_done= argv;
argv= argv_save;
- cdebug(i,"decsetup");
- mechs[i]->decsetup(&md_out[i]);
+ cdebug(i,"reader->writer setup");
+
+ if (encdec_keys_write)
+ mechs[i]->decsetup(&md_in[i]);
+ else
+ mechs[i]->encsetup(&md_out[i], &maxprefix, &maxsuffix);
assert(argv == argv_done);