- if(!strncmp(key, "ECDH:", 5)) {
- logger(LOG_DEBUG, "Got ECDH key from %s", from->name);
+ if(experimental && !strncmp(key, "ECDH:", 5)) {
+ char *pubkey = strchr(key + 5, ':');
+ if(pubkey)
+ *pubkey++ = 0;
+
+ /* Check if we already have an ECDSA public key for this node.
+ * If not, use the one from the key exchange, and store it. */
+
+ if(!node_read_ecdsa_public_key(from)) {
+ if(!pubkey) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "No ECDSA public key known for %s (%s), cannot verify ECDH key exchange!", from->name, from->hostname);
+ return true;
+ }
+
+ if(!ecdsa_set_base64_public_key(&from->ecdsa, pubkey))
+ return true;
+
+ append_config_file(from->name, "ECDSAPublicKey", pubkey);
+ }