return c->ecdsa;
}
+#ifndef DISABLE_LEGACY
bool read_rsa_public_key(connection_t *c) {
if(ecdsa_active(c->ecdsa))
return true;
free(fname);
return c->rsa;
}
+#endif
static bool read_ecdsa_private_key(void) {
FILE *fp;
return invitation_key;
}
+#ifndef DISABLE_LEGACY
static bool read_rsa_private_key(void) {
FILE *fp;
char *fname;
if(!fp) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s",
fname, strerror(errno));
+ if(errno == ENOENT)
+ logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: ".");
free(fname);
return false;
}
free(fname);
return myself->connection->rsa;
}
+#endif
static timeout_t keyexpire_timeout;
if(myself->options & OPTION_TCPONLY)
myself->options |= OPTION_INDIRECT;
+ get_config_bool(lookup_config(config_tree, "UDPDiscovery"), &udp_discovery);
+ get_config_int(lookup_config(config_tree, "UDPDiscoveryInterval"), &udp_discovery_interval);
+ get_config_int(lookup_config(config_tree, "UDPDiscoveryTimeout"), &udp_discovery_timeout);
+
get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
myself->options |= PROT_MINOR << 24;
+#ifdef DISABLE_LEGACY
+ experimental = read_ecdsa_private_key();
+ if(!experimental) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "No private key available, cannot start tinc!");
+ return false;
+ }
+#else
if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) {
experimental = read_ecdsa_private_key();
if(!experimental)
return false;
}
- if(!read_rsa_private_key())
- return false;
+ if(!read_rsa_private_key()) {
+ if(experimental) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled.");
+ } else {
+ logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!");
+ return false;
+ }
+ }
+#endif
/* Ensure myport is numeric */
sptps_replaywin = replaywin;
}
+#ifndef DISABLE_LEGACY
/* Generate packet encryption key */
if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
}
free(digest);
+#endif
/* Compression */
if (!device_standby)
device_disable();
- if(myport) free(myport);
+ free(myport);
if (device_fd >= 0)
io_del(&device_io);
exit_control();
free(myname);
- myname = NULL;
+ free(scriptextension);
+ free(scriptinterpreter);
return;
}