From 5c09779adcdcf723755b5692a20eeaa3664a7fea Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Sun, 4 Aug 2002 13:23:20 +0000 Subject: [PATCH] Added example files for backup router in doc/examples. Fixed rekey protocol with backup router, fixed memory leaks in backup router support. --- CHANGES | 13 +++++- TODO | 6 --- apps/silcd/packet_send.c | 13 +++--- apps/silcd/server.c | 19 +++++---- apps/silcd/server_backup.c | 24 ++++++++++- apps/silcd/server_backup.h | 5 +++ doc/examples/README | 23 +++-------- doc/examples/cell1_backup.conf | 65 ------------------------------ doc/examples/cell1_router.conf | 71 --------------------------------- doc/examples/cell1_server1.conf | 60 ---------------------------- doc/examples/cell1_server2.conf | 60 ---------------------------- doc/examples/cell2_router.conf | 70 -------------------------------- doc/examples/cell2_server1.conf | 58 --------------------------- doc/examples/cell2_server2.conf | 58 --------------------------- doc/examples/cell3_router.conf | 71 --------------------------------- doc/examples/cell3_server1.conf | 58 --------------------------- doc/examples/cell3_server2.conf | 58 --------------------------- doc/examples/cell_backup.conf | 59 +++++++++++++++++++++++++++ doc/examples/cell_router.conf | 13 +++++- doc/examples/cell_server1.conf | 61 ++++++++++++++++++++++++++++ doc/examples/cell_server2.conf | 50 +++++++++++++++++++++++ 21 files changed, 244 insertions(+), 671 deletions(-) delete mode 100644 doc/examples/cell1_backup.conf delete mode 100644 doc/examples/cell1_router.conf delete mode 100644 doc/examples/cell1_server1.conf delete mode 100644 doc/examples/cell1_server2.conf delete mode 100644 doc/examples/cell2_router.conf delete mode 100644 doc/examples/cell2_server1.conf delete mode 100644 doc/examples/cell2_server2.conf delete mode 100644 doc/examples/cell3_router.conf delete mode 100644 doc/examples/cell3_server1.conf delete mode 100644 doc/examples/cell3_server2.conf create mode 100644 doc/examples/cell_backup.conf create mode 100644 doc/examples/cell_server1.conf create mode 100644 doc/examples/cell_server2.conf diff --git a/CHANGES b/CHANGES index 7050f2c6..2a3f0de2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,9 +1,20 @@ -Sun Aug 4 13:23:40 CEST 2002 Pekka Riikonen +Sun Aug 4 15:55:40 CEST 2002 Pekka Riikonen * More fixed for not having purge timeout for global clients that are on channel. Affected files silcd/command_reply.c and server_util.c. + * Fixed the rekey protocol to work with backup router connections. + Rekey packets are now allowed on disabled connections as + well. Affected files silcd/packet_send.c and server.c. + + * Do not switch to be as backup router when shutting down and + closing the primary connection. Affected file silcd/server.c. + + * Fixed memory leaks in backup router deleting. Added + silc_server_backup_free to free all data during shutdown of + server. Affected files silcd/server_backup.[ch]. + Sun Jul 14 21:33:32 EEST 2002 Pekka Riikonen * Do not process commands if the sock->user_data is NULL. diff --git a/TODO b/TODO index 97449344..1078a4c7 100644 --- a/TODO +++ b/TODO @@ -26,12 +26,6 @@ TODO/bugs In SILC Client Library TODO/bugs In SILC Server ======================== - o Rekey protocol does not work with backup router (due to disabled - connections)!? - - o Do not switch to primary router on backup if server is shutting - (the backup) down. - o Implement the and the Attribute Payload to the core library, client and server. Maybe implementations of RFC 2425 and RFC 2426 to make it complete. diff --git a/apps/silcd/packet_send.c b/apps/silcd/packet_send.c index dbf8fb77..9c721ab0 100644 --- a/apps/silcd/packet_send.c +++ b/apps/silcd/packet_send.c @@ -1,6 +1,6 @@ /* - packet_send.c + packet_send.c Author: Pekka Riikonen @@ -8,9 +8,8 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - + the Free Software Foundation; version 2 of the License. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the @@ -96,9 +95,11 @@ void silc_server_packet_send(SilcServer server, if (SILC_IS_DISCONNECTING(sock)) return; - /* If entry is disabled do not sent anything. */ + /* If entry is disabled do not sent anything. Allow hearbeat and + rekeys, though */ if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED && - type != SILC_PACKET_HEARTBEAT) || + type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY && + type != SILC_PACKET_REKEY_DONE) || sock->user_data == server->id_entry) { SILC_LOG_DEBUG(("Connection is disabled")); return; diff --git a/apps/silcd/server.c b/apps/silcd/server.c index a5b956f2..b5594385 100644 --- a/apps/silcd/server.c +++ b/apps/silcd/server.c @@ -1,6 +1,6 @@ /* - server.c + server.c Author: Pekka Riikonen @@ -8,8 +8,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. + the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -96,6 +95,7 @@ void silc_server_free(SilcServer server) } #endif + silc_server_backup_free(server); silc_server_config_unref(&server->config_ref); if (server->rng) silc_rng_free(server->rng); @@ -2244,13 +2244,9 @@ SILC_TASK_CALLBACK(silc_server_packet_parse_real) ret = silc_packet_parse_special(packet, idata ? idata->receive_key : NULL); /* If entry is disabled ignore what we got. */ - if (ret != SILC_PACKET_RESUME_ROUTER && - idata && idata->status & SILC_IDLIST_STATUS_DISABLED) { - SILC_LOG_DEBUG(("Connection is disabled")); - goto out; - } - if (ret != SILC_PACKET_HEARTBEAT && - idata && idata->status & SILC_IDLIST_STATUS_DISABLED) { + if (idata && idata->status & SILC_IDLIST_STATUS_DISABLED && + ret != SILC_PACKET_HEARTBEAT && ret != SILC_PACKET_RESUME_ROUTER && + ret != SILC_PACKET_REKEY && ret != SILC_PACKET_REKEY_DONE) { SILC_LOG_DEBUG(("Connection is disabled")); goto out; } @@ -3084,6 +3080,9 @@ void silc_server_free_sock_user_data(SilcServer server, sock->type != SILC_SOCKET_TYPE_ROUTER) backup_router = NULL; + if (server->server_shutdown) + backup_router = NULL; + /* If this was our primary router connection then we're lost to the outside world. */ if (server->router == user_data) { diff --git a/apps/silcd/server_backup.c b/apps/silcd/server_backup.c index bfd39977..ae8d0a76 100644 --- a/apps/silcd/server_backup.c +++ b/apps/silcd/server_backup.c @@ -149,7 +149,7 @@ void silc_server_backup_del(SilcServer server, SilcServerEntry server_entry) int i; if (!server->backup) - return ; + return; for (i = 0; i < server->backup->servers_count; i++) { if (server->backup->servers[i].server == server_entry) { @@ -163,6 +163,28 @@ void silc_server_backup_del(SilcServer server, SilcServerEntry server_entry) } } +/* Frees all data allocated for backup routers. Call this after deleting + all backup routers and when new routers are added no more, for example + when shutting down the server. */ + +void silc_server_backup_free(SilcServer server) +{ + int i; + + if (!server->backup) + return; + + /* Delete existing servers if caller didn't do it */ + for (i = 0; i < server->backup->servers_count; i++) { + if (server->backup->servers[i].server) + silc_server_backup_del(server, server->backup->servers[i].server); + } + + silc_free(server->backup->servers); + silc_free(server->backup); + server->backup = NULL; +} + /* Marks the IP address and port from the `server_id' as being replaced by backup router indicated by the `server'. If the router connects at a later time we can check whether it has been replaced by an backup diff --git a/apps/silcd/server_backup.h b/apps/silcd/server_backup.h index 66984b13..2ca105b3 100644 --- a/apps/silcd/server_backup.h +++ b/apps/silcd/server_backup.h @@ -45,6 +45,11 @@ SilcServerEntry silc_server_backup_get(SilcServer server, /* Deletes the backup server `server_entry'. */ void silc_server_backup_del(SilcServer server, SilcServerEntry server_entry); +/* Frees all data allocated for backup routers. Call this after deleting + all backup routers and when new routers are added no more, for example + when shutting down the server. */ +void silc_server_backup_free(SilcServer server); + /* Marks the IP address and port from the `server_id' as being replaced by backup router indicated by the `server'. If the router connects at a later time we can check whether it has been replaced by an backup diff --git a/doc/examples/README b/doc/examples/README index fa0b5520..ba2831fc 100644 --- a/doc/examples/README +++ b/doc/examples/README @@ -1,23 +1,12 @@ This directory includes example files for a small SILC network. The -network consists of three (3) routers, and seven (7) servers. One of -the cell also has a backup router too. The topology of the network is -as follows: +network consists of one router, and three (3) servers. The cell also +has one backup router. Cell 1: -Router 212.146.42.250 cell1_router.conf - Backup router 212.146.42.100 cell1_backup.conf - Server1 212.146.42.101 cell1_server1.conf - Server2 212.146.42.102 cell1_server2.conf - -Cell 2: -Router 212.146.42.251 cell2_router.conf - Server1 212.146.42.130 cell2_server1.conf - Server2 212.146.42.131 cell2_server2.conf - -Cell 3: -Router 212.146.42.252 cell3_router.conf - Server1 212.146.42.150 cell3_server1.conf - Server2 212.146.42.151 cell3_server2.conf +Router 212.146.42.250 cell_router.conf + Backup router 212.146.42.100 cell_backup.conf + Server1 212.146.42.101 cell_server1.conf + Server2 212.146.42.102 cell_server2.conf To make it simple all servers and routers use the same public and private keys. They are the silcd.pub and silcd.prv in this directory. Also, to diff --git a/doc/examples/cell1_backup.conf b/doc/examples/cell1_backup.conf deleted file mode 100644 index 00a076ed..00000000 --- a/doc/examples/cell1_backup.conf +++ /dev/null @@ -1,65 +0,0 @@ -# -# CELL 1 Backup Router 212.146.42.100 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell1:Backup:Administrator:admin@cell1backup.com - -[ServerInfo] -backup.cell1.com:212.146.42.100:Kuopio, Finland:706 - -[ListenPort] -212.146.42.100:212.146.42.100:706 - -[Logging] -infologfile:cell1_backup.log: -warninglogfile:cell1_backup.log: -errorlogfile:cell1_backup.log: -fatallogfile:cell1_backup.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] -# backup connections -212.146.42.101:passwd:priikone:706:1:1:1 -212.146.42.102:passwd:priikone:706:1:1:1 - -[RouterConnection] -# my primary -212.146.42.250:passwd:priikone:706:1:1:1 -# backup connection to my primary's primary -212.146.42.251:passwd:priikone:706:1:1:1:212.146.42.250:706 -# this use my primary as it's primary and me as backup -212.146.42.252:passwd:priikone:706:1:1:0:212.146.42.250:706 - -[DenyConnection] diff --git a/doc/examples/cell1_router.conf b/doc/examples/cell1_router.conf deleted file mode 100644 index 1c9e41a4..00000000 --- a/doc/examples/cell1_router.conf +++ /dev/null @@ -1,71 +0,0 @@ -# -# CELL 1 Router 212.146.42.250 on port 706 -# -# CELL 1 is: -# -# Router 212.146.42.250 -# Backup router 212.146.42.100 -# Server1 212.146.42.101 -# Server2 212.146.42.102 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell1:Router:Administrator:admin@cell1router.com - -[ServerInfo] -router.cell1.com:212.146.42.250:Kuopio, Finland:706 - -[ListenPort] -212.146.42.250:212.146.42.250:706 - -[Logging] -infologfile:cell1_router.log: -warninglogfile:cell1_router.log: -errorlogfile:cell1_router.log: -fatallogfile:cell1_router.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] -212.146.42.101:passwd:priikone:706:1:1 -212.146.42.102:passwd:priikone:706:1:1 - -[RouterConnection] -# my primary -212.146.42.251:passwd:priikone:706:1:1:1 -# this use me as primary -212.146.42.252:passwd:priikone:706:1:1:0 -# our backup router (it will replace me if I'll go down) -212.146.42.100:passwd:priikone:706:1:1:0:212.146.42.250:706:1 - -[DenyConnection] diff --git a/doc/examples/cell1_server1.conf b/doc/examples/cell1_server1.conf deleted file mode 100644 index 7f0019ba..00000000 --- a/doc/examples/cell1_server1.conf +++ /dev/null @@ -1,60 +0,0 @@ -# -# CELL 1 Server 212.146.42.101 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell1:Server1:Administrator:admin@cell1server1.com - -[ServerInfo] -server1.cell1.com:212.146.42.101:Kuopio, Finland:706 - -[ListenPort] -212.146.42.101:212.146.42.101:706 - -[Logging] -infologfile:cell1_server1.log: -warninglogfile:cell1_server1.log: -errorlogfile:cell1_server1.log: -fatallogfile:cell1_server1.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.250:passwd:priikone:706:1:1:1 -# our backup router in the cell -212.146.42.100:passwd:priikone:706:1:1:1:212.146.42.250:706:1 - -[DenyConnection] diff --git a/doc/examples/cell1_server2.conf b/doc/examples/cell1_server2.conf deleted file mode 100644 index 6037c841..00000000 --- a/doc/examples/cell1_server2.conf +++ /dev/null @@ -1,60 +0,0 @@ -# -# CELL 1 Server 212.146.42.102 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell1:Server2:Administrator:admin@cell1server2.com - -[ServerInfo] -server2.cell1.com:212.146.42.102:Kuopio, Finland:706 - -[ListenPort] -212.146.42.102:212.146.42.102:706 - -[Logging] -infologfile:cell1_server2.log: -warninglogfile:cell1_server2.log: -errorlogfile:cell1_server2.log: -fatallogfile:cell1_server2.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.250:passwd:priikone:706:1:1:1 -# our backup router in the cell -212.146.42.100:passwd:priikone:706:1:1:1:212.146.42.250:706:1 - -[DenyConnection] diff --git a/doc/examples/cell2_router.conf b/doc/examples/cell2_router.conf deleted file mode 100644 index 46168b95..00000000 --- a/doc/examples/cell2_router.conf +++ /dev/null @@ -1,70 +0,0 @@ -# -# CELL 2 Router 212.146.42.251 on port 706 -# -# CELL 2 is: -# -# Router 212.146.42.251 -# Server1 212.146.42.130 -# Server2 212.146.42.131 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell2:Router:Administrator:admin@cell2router.com - -[ServerInfo] -router.cell2.com:212.146.42.251:Kuopio, Finland:706 - -[ListenPort] -212.146.42.251:212.146.42.251:706 - -[Logging] -infologfile:cell2_router.log: -warninglogfile:cell2_router.log: -errorlogfile:cell2_router.log: -fatallogfile:cell2_router.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] -212.146.42.130:passwd:priikone:706:1:1 -212.146.42.131:passwd:priikone:706:1:1 - -[RouterConnection] -# my primary -212.146.42.252:passwd:priikone:706:1:1:1 -# this use me as primary -212.146.42.250:passwd:priikone:706:1:1:0 -# this is the 212.146.42.250 router's backup router -212.146.42.100:passwd:priikone:706:1:1:0:212.146.42.250:706:0 - -[DenyConnection] diff --git a/doc/examples/cell2_server1.conf b/doc/examples/cell2_server1.conf deleted file mode 100644 index 76726f0f..00000000 --- a/doc/examples/cell2_server1.conf +++ /dev/null @@ -1,58 +0,0 @@ -# -# CELL 2 Server 212.146.42.130 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell2:Server1:Administrator:admin@cell2server1.com - -[ServerInfo] -server1.cell2.com:212.146.42.130:Kuopio, Finland:706 - -[ListenPort] -212.146.42.130:212.146.42.130:706 - -[Logging] -infologfile:cell2_server1.log: -warninglogfile:cell2_server1.log: -errorlogfile:cell2_server1.log: -fatallogfile:cell2_server1.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.251:passwd:priikone:706:1:1:1 - -[DenyConnection] diff --git a/doc/examples/cell2_server2.conf b/doc/examples/cell2_server2.conf deleted file mode 100644 index 9c013268..00000000 --- a/doc/examples/cell2_server2.conf +++ /dev/null @@ -1,58 +0,0 @@ -# -# CELL 2 Server 212.146.42.131 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell2:Server2:Administrator:admin@cell2server2.com - -[ServerInfo] -server2.cell2.com:212.146.42.131:Kuopio, Finland:706 - -[ListenPort] -212.146.42.131:212.146.42.131:706 - -[Logging] -infologfile:cell2_server2.log: -warninglogfile:cell2_server2.log: -errorlogfile:cell2_server2.log: -fatallogfile:cell2_server2.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.251:passwd:priikone:706:1:1:1 - -[DenyConnection] diff --git a/doc/examples/cell3_router.conf b/doc/examples/cell3_router.conf deleted file mode 100644 index d215f630..00000000 --- a/doc/examples/cell3_router.conf +++ /dev/null @@ -1,71 +0,0 @@ -# -# CELL 3 Router 212.146.42.252 on port 706 -# -# CELL 3 is: -# -# Router 212.146.42.252 -# Server1 212.146.42.150 -# Server2 212.146.42.151 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell3:Router:Administrator:admin@cell3router.com - -[ServerInfo] -router.cell3.com:212.146.42.252:Kuopio, Finland:706 - -[ListenPort] -212.146.42.252:212.146.42.252:706 - -[Logging] -infologfile:cell3_router.log: -warninglogfile:cell3_router.log: -errorlogfile:cell3_router.log: -fatallogfile:cell3_router.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] -212.146.42.150:passwd:priikone:706:1:1 -212.146.42.151:passwd:priikone:706:1:1 - -[RouterConnection] -# my primary -212.146.42.250:passwd:priikone:706:1:1:1 -# this use me as primary -212.146.42.251:passwd:priikone:706:1:1:0 -# this is 212.146.42.250 router's (my primary's) backup router -212.146.42.100:passwd:priikone:706:1:1:1:212.146.42.250:706:0 - - -[DenyConnection] diff --git a/doc/examples/cell3_server1.conf b/doc/examples/cell3_server1.conf deleted file mode 100644 index a0b6953e..00000000 --- a/doc/examples/cell3_server1.conf +++ /dev/null @@ -1,58 +0,0 @@ -# -# CELL 3 Server 212.146.42.150 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell3:Server1:Administrator:admin@cell3server1.com - -[ServerInfo] -server1.cell3.com:212.146.42.150:Kuopio, Finland:706 - -[ListenPort] -212.146.42.150:212.146.42.150:706 - -[Logging] -infologfile:cell3_server1.log: -warninglogfile:cell3_server1.log: -errorlogfile:cell3_server1.log: -fatallogfile:cell3_server1.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.252:passwd:priikone:706:1:1:1 - -[DenyConnection] diff --git a/doc/examples/cell3_server2.conf b/doc/examples/cell3_server2.conf deleted file mode 100644 index 7f219286..00000000 --- a/doc/examples/cell3_server2.conf +++ /dev/null @@ -1,58 +0,0 @@ -# -# CELL 3 Server 212.146.42.151 on port 706 -# - -[Cipher] -aes-256-cbc::32:16 - -[Hash] -md5::64:16 -sha1::64:20 - -[hmac] -hmac-sha1-96:sha1:12 -hmac-md5-96:md5:12 -hmac-sha1:sha1:20 -hmac-md5:md5:16 - -[PKCS] -rsa - -[serverkeys] -./silcd.pub:./silcd.prv - -[Identity] -nobody:nobody - -[AdminInfo] -Cell3:Server2:Administrator:admin@cell3server2.com - -[ServerInfo] -server2.cell3.com:212.146.42.151:Kuopio, Finland:706 - -[ListenPort] -212.146.42.151:212.146.42.151:706 - -[Logging] -infologfile:cell3_server2.log: -warninglogfile:cell3_server2.log: -errorlogfile:cell3_server2.log: -fatallogfile:cell3_server2.log: - -[ConnectionClass] -1:100:100:100 -2:200:300:400 - -[ClientConnection] -:::706:1 - -[AdminConnection] -*:priikone:*:passwd:testi - -[ServerConnection] - -[RouterConnection] -# my primary -212.146.42.252:passwd:priikone:706:1:1:1 - -[DenyConnection] diff --git a/doc/examples/cell_backup.conf b/doc/examples/cell_backup.conf new file mode 100644 index 00000000..0a322086 --- /dev/null +++ b/doc/examples/cell_backup.conf @@ -0,0 +1,59 @@ +# +# Backup router + Normal server +# 212.146.24.252 on 1335 +# + +General { + key_exchange_rekey = 30; + #key_exchange_pfs = true; +}; + +ServerInfo { + hostname = "pelle.kuo.fi.ssh.com"; + primary { ip = "212.146.42.252"; port = 1335; }; + servertype = "mun servo"; + location = "mun huone"; + admin = "Pekka Riikonen"; + adminemail = "priikone@silcnet.org"; + user = "nobody"; + group = "nobody"; + publickey = "./silcd.pub"; + privatekey = "./silcd.prv"; + motdfile = "./motd"; +}; + +Logging { + quicklogs = true; + info { file = "silcd.log"; }; +}; + +ConnectionParams { + name = "foo"; + key_exchange_pfs = true; +}; + +Client { }; + +Admin { + user = "priikone"; + passphrase = "testi"; +}; + +############################################################################# + +# This server use me as primary router +ServerConnection { + host = "212.146.42.251"; + passphrase = "priikone"; + backup = true; +}; + +############################################################################# + +# My primary router +RouterConnection { + host = "212.146.42.253"; + port = 1334; + passphrase = "priikone"; + initiator = true; +}; diff --git a/doc/examples/cell_router.conf b/doc/examples/cell_router.conf index 99d6bdc4..be55cd19 100644 --- a/doc/examples/cell_router.conf +++ b/doc/examples/cell_router.conf @@ -8,6 +8,11 @@ Include "silcalgs.conf"; +General { + key_exchange_rekey = 30; + #key_exchange_pfs = true; +}; + ServerInfo { hostname = "lassi.kuo.fi.ssh.com"; primary { ip = "212.146.42.253"; port = 1334; }; @@ -45,13 +50,19 @@ Client { }; ############################################################################## # -# This server use me as primary router. It is normal server in the cell. +# These servers use me as primary router. They are normal servers in the +# cell. # ServerConnection { host = "212.146.42.251"; passphrase = "priikone"; }; +ServerConnection { + host = "212.146.42.250"; + passphrase = "priikone"; +}; + ############################################################################## # # This server is our backup router (it will replace me if I go down). It diff --git a/doc/examples/cell_server1.conf b/doc/examples/cell_server1.conf new file mode 100644 index 00000000..a24a6130 --- /dev/null +++ b/doc/examples/cell_server1.conf @@ -0,0 +1,61 @@ +# +# Normal server 1 +# 212.146.24.251 on 1333 +# + +General { + key_exchange_rekey = 30; + #key_exchange_pfs = true; +}; + +ServerInfo { + hostname = "leevi.kuo.fi.ssh.com"; + primary { ip = "212.146.42.251"; port = 1333; }; + servertype = "mun servo"; + location = "mun huone"; + admin = "Pekka Riikonen"; + adminemail = "priikone@silcnet.org"; + user = "nobody"; + group = "nobody"; + publickey = "./silcd.pub"; + privatekey = "./silcd.prv"; + motdfile = "./motd"; +}; + +Logging { + quicklogs = true; + info { file = "silcd.log"; }; +}; + +ConnectionParams { + name = "foo"; + key_exchange_pfs = true; +}; + +Client { }; + +Admin { + user = "priikone"; + passphrase = "testi"; +}; + +############################################################################# + +# My primary router +RouterConnection { + host = "212.146.42.253"; + port = 1334; + passphrase = "priikone"; + initiator = true; +}; + +# Our cell's backup router +RouterConnection { + host = "212.146.42.252"; + port = 1335; + passphrase = "priikone"; + initiator = true; + backuphost = "212.146.42.253"; + backupport = 1334; + backuplocal = true; +}; diff --git a/doc/examples/cell_server2.conf b/doc/examples/cell_server2.conf new file mode 100644 index 00000000..3d635ff4 --- /dev/null +++ b/doc/examples/cell_server2.conf @@ -0,0 +1,50 @@ +# +# Normal server 2 +# 212.146.24.250 on 1334 +# + +General { + key_exchange_rekey = 30; + #key_exchange_pfs = true; +}; + +ServerInfo { + hostname = "huuhaa.ssh.com"; + primary { ip = "212.146.42.250"; port = 1334; }; + servertype = "mun servo"; + location = "mun huone"; + admin = "Pekka Riikonen"; + adminemail = "priikone@silcnet.org"; + user = "nobody"; + group = "nobody"; + publickey = "./silcd.pub"; + privatekey = "./silcd.prv"; + motdfile = "./motd"; +}; + +Logging { + quicklogs = true; + info { file = "silcd.log"; }; +}; + +ConnectionParams { + name = "foo"; + key_exchange_pfs = true; +}; + +Client { }; + +Admin { + user = "priikone"; + passphrase = "testi"; +}; + +############################################################################# + +# My primary router +RouterConnection { + host = "212.146.42.253"; + port = 1334; + passphrase = "priikone"; + initiator = true; +}; -- 2.24.0