+ FILE *f = fopen(filename, "w");
+
+ if(!f) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to create %s: %s\n", filename, strerror(errno));
+ return false;
+ }
+
+ fprintf(f, "Ed25519PublicKey = %s\n", data);
+ fclose(f);
+
+ logger(DEBUG_CONNECTIONS, LOG_INFO, "Key successfully received from %s (%s)", c->name, c->hostname);
+
+ // Call invitation-accepted script
+ environment_t env;
+ char *address, *port;
+
+ environment_init(&env);
+ environment_add(&env, "NODE=%s", c->name);
+ sockaddr2str(&c->address, &address, &port);
+ environment_add(&env, "REMOTEADDRESS=%s", address);
+ environment_add(&env, "NAME=%s", myself->name);
+
+ execute_script("invitation-accepted", &env);
+
+ environment_exit(&env);
+
+ sptps_send_record(&c->sptps, 2, data, 0);
+ return true;
+}
+
+static bool receive_invitation_sptps(void *handle, uint8_t type, const void *data, uint16_t len) {
+ connection_t *c = handle;
+
+ if(type == 128) {
+ return true;
+ }
+
+ if(type == 1 && c->status.invitation_used) {
+ return finalize_invitation(c, data, len);
+ }
+
+ if(type != 0 || len != 18 || c->status.invitation_used) {
+ return false;
+ }
+
+ // Recover the filename from the cookie and the key
+ char *fingerprint = ecdsa_get_base64_public_key(invitation_key);
+ char hashbuf[18 + strlen(fingerprint)];
+ char cookie[64];
+ memcpy(hashbuf, data, 18);
+ memcpy(hashbuf + 18, fingerprint, sizeof(hashbuf) - 18);
+ sha512(hashbuf, sizeof(hashbuf), cookie);
+ b64encode_urlsafe(cookie, cookie, 18);
+ free(fingerprint);
+
+ char filename[PATH_MAX], usedname[PATH_MAX];
+ snprintf(filename, sizeof(filename), "%s" SLASH "invitations" SLASH "%s", confbase, cookie);
+ snprintf(usedname, sizeof(usedname), "%s" SLASH "invitations" SLASH "%s.used", confbase, cookie);
+
+ // Atomically rename the invitation file
+ if(rename(filename, usedname)) {
+ if(errno == ENOENT) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s tried to use non-existing invitation %s\n", c->hostname, cookie);
+ } else {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to rename invitation %s\n", cookie);
+ }
+
+ return false;
+ }
+
+ // Check the timestamp of the invitation
+ struct stat st;
+
+ if(stat(usedname, &st)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat %s", usedname);
+ return false;
+ }
+
+ if(st.st_mtime + invitation_lifetime < now.tv_sec) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s tried to use expired invitation %s", c->hostname, cookie);
+ return false;
+ }
+
+ // Open the renamed file
+ FILE *f = fopen(usedname, "r");
+
+ if(!f) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to open invitation %s\n", cookie);
+ return false;
+ }
+
+ // Read the new node's Name from the file
+ char buf[1024];
+ fgets(buf, sizeof(buf), f);
+
+ if(*buf) {
+ buf[strlen(buf) - 1] = 0;
+ }
+
+ len = strcspn(buf, " \t=");
+ char *name = buf + len;
+ name += strspn(name, " \t");
+
+ if(*name == '=') {
+ name++;
+ name += strspn(name, " \t");
+ }
+
+ buf[len] = 0;
+
+ if(!*buf || !*name || strcasecmp(buf, "Name") || !check_id(name) || !strcmp(name, myself->name)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Invalid invitation file %s\n", cookie);
+ fclose(f);
+ return false;
+ }
+
+ free(c->name);
+ c->name = xstrdup(name);
+
+ // Send the node the contents of the invitation file
+ rewind(f);
+ size_t result;
+
+ while((result = fread(buf, 1, sizeof(buf), f))) {
+ sptps_send_record(&c->sptps, 0, buf, result);
+ }
+
+ sptps_send_record(&c->sptps, 1, buf, 0);
+ fclose(f);
+ unlink(usedname);
+
+ c->status.invitation_used = true;
+
+ logger(DEBUG_CONNECTIONS, LOG_INFO, "Invitation %s successfully sent to %s (%s)", cookie, c->name, c->hostname);
+ return true;
+}
+
+bool id_h(connection_t *c, const char *request) {
+ char name[MAX_STRING_SIZE];
+
+ if(sscanf(request, "%*d " MAX_STRING " %2d.%3d", name, &c->protocol_major, &c->protocol_minor) < 2) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "ID", c->name,
+ c->hostname);
+ return false;
+ }
+
+ /* Check if this is a control connection */
+
+ if(name[0] == '^' && !strcmp(name + 1, controlcookie)) {
+ c->status.control = true;
+ c->allow_request = CONTROL;
+ c->last_ping_time = now.tv_sec + 3600;
+
+ free(c->name);
+ c->name = xstrdup("<control>");
+
+ if(!c->outgoing) {
+ send_id(c);
+ }
+
+ return send_request(c, "%d %d %d", ACK, TINC_CTL_VERSION_CURRENT, getpid());
+ }
+
+ if(name[0] == '?') {
+ if(!invitation_key) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Got invitation from %s but we don't have an invitation key", c->hostname);
+ return false;
+ }
+
+ c->ecdsa = ecdsa_set_base64_public_key(name + 1);
+
+ if(!c->ecdsa) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Got bad invitation from %s", c->hostname);
+ return false;
+ }
+
+ c->status.invitation = true;
+ char *mykey = ecdsa_get_base64_public_key(invitation_key);
+
+ if(!mykey) {
+ return false;
+ }
+
+ if(!c->outgoing) {
+ send_id(c);
+ }
+
+ if(!send_request(c, "%d %s", ACK, mykey)) {
+ return false;
+ }
+
+ free(mykey);
+
+ c->protocol_minor = 2;
+
+ return sptps_start(&c->sptps, c, false, false, invitation_key, c->ecdsa, "tinc invitation", 15, send_meta_sptps, receive_invitation_sptps);
+ }
+