X-Git-Url: http://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=97f3d2a4a9ea8dc6ce7639b4dfe5e557d6f94147;hb=7939ee12836bf2ef772f2a6a1e805ee0d64a8e70;hp=a7ed3a8995750b45ece4fe82f437fbd2bbe5bcf9;hpb=3df86ef17bce9f24c3dad79ccc2b17aa6e93ea34;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index a7ed3a89..97f3d2a4 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -145,6 +145,7 @@ bool read_ecdsa_public_key(connection_t *c) {
 	return c->ecdsa;
 }
 
+#ifndef DISABLE_LEGACY
 bool read_rsa_public_key(connection_t *c) {
 	if(ecdsa_active(c->ecdsa))
 		return true;
@@ -182,6 +183,7 @@ bool read_rsa_public_key(connection_t *c) {
 	free(fname);
 	return c->rsa;
 }
+#endif
 
 static bool read_ecdsa_private_key(void) {
 	FILE *fp;
@@ -248,6 +250,7 @@ static bool read_invitation_key(void) {
 	return invitation_key;
 }
 
+#ifndef DISABLE_LEGACY
 static bool read_rsa_private_key(void) {
 	FILE *fp;
 	char *fname;
@@ -277,6 +280,8 @@ static bool read_rsa_private_key(void) {
 	if(!fp) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s",
 			   fname, strerror(errno));
+		if(errno == ENOENT)
+			logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: ".");
 		free(fname);
 		return false;
 	}
@@ -302,6 +307,7 @@ static bool read_rsa_private_key(void) {
 	free(fname);
 	return myself->connection->rsa;
 }
+#endif
 
 static timeout_t keyexpire_timeout;
 
@@ -504,6 +510,10 @@ bool setup_myself_reloadable(void) {
 	if(myself->options & OPTION_TCPONLY)
 		myself->options |= OPTION_INDIRECT;
 
+	get_config_bool(lookup_config(config_tree, "UDPDiscovery"), &udp_discovery);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryInterval"), &udp_discovery_interval);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryTimeout"), &udp_discovery_timeout);
+
 	get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
 	get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
 
@@ -771,6 +781,13 @@ static bool setup_myself(void) {
 
 	myself->options |= PROT_MINOR << 24;
 
+#ifdef DISABLE_LEGACY
+	experimental = read_ecdsa_private_key();
+	if(!experimental) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "No private key available, cannot start tinc!");
+		return false;
+	}
+#else
 	if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) {
 		experimental = read_ecdsa_private_key();
 		if(!experimental)
@@ -780,8 +797,15 @@ static bool setup_myself(void) {
 			return false;
 	}
 
-	if(!read_rsa_private_key())
-		return false;
+	if(!read_rsa_private_key()) {
+		if(experimental) {
+			logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled.");
+		} else {
+			logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!");
+			return false;
+		}
+	}
+#endif
 
 	/* Ensure myport is numeric */
 
@@ -846,6 +870,7 @@ static bool setup_myself(void) {
 		sptps_replaywin = replaywin;
 	}
 
+#ifndef DISABLE_LEGACY
 	/* Generate packet encryption key */
 
 	if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
@@ -883,6 +908,7 @@ static bool setup_myself(void) {
 	}
 
 	free(digest);
+#endif
 
 	/* Compression */