+ if(s.st_mode & ~0100700)
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for RSA private key file `%s'!", fname);
+#endif
+
+ result = rsa_read_pem_private_key(&myself->connection->rsa, fp);
+ fclose(fp);
+
+ if(!result)
+ logger(DEBUG_ALWAYS, LOG_ERR, "Reading RSA private key file `%s' failed: %s", fname, strerror(errno));
+ free(fname);
+ return result;
+}
+
+static struct event keyexpire_event;
+
+static void keyexpire_handler(int fd, short events, void *data) {
+ regenerate_key();
+}
+
+void regenerate_key(void) {
+ if(timeout_initialized(&keyexpire_event)) {
+ logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
+ event_del(&keyexpire_event);
+ send_key_changed();
+ } else {
+ timeout_set(&keyexpire_event, keyexpire_handler, NULL);
+ }
+
+ event_add(&keyexpire_event, &(struct timeval){keylifetime, 0});
+}
+
+/*
+ Read Subnets from all host config files
+*/
+void load_all_subnets(void) {
+ DIR *dir;
+ struct dirent *ent;
+ char *dname;
+ char *fname;
+ splay_tree_t *config_tree;
+ config_t *cfg;
+ subnet_t *s, *s2;
+ node_t *n;
+
+ xasprintf(&dname, "%s/hosts", confbase);
+ dir = opendir(dname);
+ if(!dir) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
+ free(dname);
+ return;
+ }
+
+ while((ent = readdir(dir))) {
+ if(!check_id(ent->d_name))
+ continue;
+
+ n = lookup_node(ent->d_name);
+ #ifdef _DIRENT_HAVE_D_TYPE
+ //if(ent->d_type != DT_REG)
+ // continue;
+ #endif
+
+ xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
+ init_configuration(&config_tree);
+ read_config_options(config_tree, ent->d_name);
+ read_config_file(config_tree, fname);
+ free(fname);
+
+ if(!n) {
+ n = new_node();
+ n->name = xstrdup(ent->d_name);
+ node_add(n);