+ /* Check for PrivateKeyFile statement and read it */
+
+ if(!get_config_string(lookup_config(config_tree, "ECDSAPrivateKeyFile"), &fname))
+ xasprintf(&fname, "%s" SLASH "ecdsa_key.priv", confbase);
+
+ fp = fopen(fname, "r");
+
+ if(!fp) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA private key file `%s': %s", fname, strerror(errno));
+ if(errno == ENOENT)
+ logger(DEBUG_ALWAYS, LOG_INFO, "Create an ECDSA keypair with `tinc -n %s generate-ecdsa-keys'.", netname ?: ".");
+ free(fname);
+ return false;
+ }
+
+#if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
+ struct stat s;
+
+ if(fstat(fileno(fp), &s)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat ECDSA private key file `%s': %s'", fname, strerror(errno));
+ free(fname);
+ return false;
+ }
+
+ if(s.st_mode & ~0100700)
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for ECDSA private key file `%s'!", fname);
+#endif
+
+ myself->connection->ecdsa = ecdsa_read_pem_private_key(fp);
+ fclose(fp);
+
+ if(!myself->connection->ecdsa)
+ logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno));
+ free(fname);
+ return myself->connection->ecdsa;
+}
+
+static bool read_invitation_key(void) {
+ FILE *fp;
+ char *fname;
+
+ if(invitation_key) {
+ ecdsa_free(invitation_key);
+ invitation_key = NULL;
+ }
+
+ xasprintf(&fname, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase);
+
+ fp = fopen(fname, "r");
+
+ if(fp) {
+ invitation_key = ecdsa_read_pem_private_key(fp);
+ fclose(fp);
+ if(!invitation_key)
+ logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno));
+ }
+
+ free(fname);
+ return invitation_key;
+}
+
+static bool read_rsa_private_key(void) {
+ FILE *fp;
+ char *fname;
+ char *n, *d;
+
+ /* First, check for simple PrivateKey statement */
+
+ if(get_config_string(lookup_config(config_tree, "PrivateKey"), &d)) {
+ if(!get_config_string(lookup_config(config_tree, "PublicKey"), &n)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "PrivateKey used but no PublicKey found!");
+ free(d);
+ return false;
+ }
+ myself->connection->rsa = rsa_set_hex_private_key(n, "FFFF", d);
+ free(n);
+ free(d);
+ return myself->connection->rsa;
+ }
+
+ /* Else, check for PrivateKeyFile statement and read it */