X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=1007f699d397db88c520b132c83f259cdb8567c7;hb=cfe9285adf391ab66faeb5def811fe08e47a221a;hp=665e3c66b68e5da98c914bb93adc43b7ba1fb5d4;hpb=826ad11e419db90b66b3f76a90b54df021bb39fc;p=tinc diff --git a/src/net_setup.c b/src/net_setup.c index 665e3c66..1007f699 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -44,6 +44,7 @@ #include "xalloc.h" char *myport; +static char *myname; static io_t device_io; devops_t devops; bool device_standby = false; @@ -144,6 +145,7 @@ bool read_ecdsa_public_key(connection_t *c) { return c->ecdsa; } +#ifndef DISABLE_LEGACY bool read_rsa_public_key(connection_t *c) { if(ecdsa_active(c->ecdsa)) return true; @@ -181,6 +183,7 @@ bool read_rsa_public_key(connection_t *c) { free(fname); return c->rsa; } +#endif static bool read_ecdsa_private_key(void) { FILE *fp; @@ -247,6 +250,7 @@ static bool read_invitation_key(void) { return invitation_key; } +#ifndef DISABLE_LEGACY static bool read_rsa_private_key(void) { FILE *fp; char *fname; @@ -276,6 +280,8 @@ static bool read_rsa_private_key(void) { if(!fp) { logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s", fname, strerror(errno)); + if(errno == ENOENT) + logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: "."); free(fname); return false; } @@ -301,6 +307,7 @@ static bool read_rsa_private_key(void) { free(fname); return myself->connection->rsa; } +#endif static timeout_t keyexpire_timeout; @@ -715,7 +722,7 @@ void device_enable(void) { xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - xasprintf(&envp[3], "NAME=%s", myself->name); + xasprintf(&envp[3], "NAME=%s", myname); execute_script("tinc-up", envp); @@ -728,7 +735,7 @@ void device_disable(void) { xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - xasprintf(&envp[3], "NAME=%s", myself->name); + xasprintf(&envp[3], "NAME=%s", myname); execute_script("tinc-down", envp); @@ -752,6 +759,7 @@ static bool setup_myself(void) { return false; } + myname = xstrdup(name); myself = new_node(); myself->connection = new_connection(); myself->name = name; @@ -769,6 +777,13 @@ static bool setup_myself(void) { myself->options |= PROT_MINOR << 24; +#ifdef DISABLE_LEGACY + experimental = read_ecdsa_private_key(); + if(!experimental) { + logger(DEBUG_ALWAYS, LOG_ERR, "No private key available, cannot start tinc!"); + return false; + } +#else if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) { experimental = read_ecdsa_private_key(); if(!experimental) @@ -778,8 +793,15 @@ static bool setup_myself(void) { return false; } - if(!read_rsa_private_key()) - return false; + if(!read_rsa_private_key()) { + if(experimental) { + logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled."); + } else { + logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!"); + return false; + } + } +#endif /* Ensure myport is numeric */ @@ -844,6 +866,7 @@ static bool setup_myself(void) { sptps_replaywin = replaywin; } +#ifndef DISABLE_LEGACY /* Generate packet encryption key */ if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) @@ -881,6 +904,7 @@ static bool setup_myself(void) { } free(digest); +#endif /* Compression */ @@ -1112,7 +1136,7 @@ void close_network_connections(void) { if (!device_standby) device_disable(); - if(myport) free(myport); + free(myport); if (device_fd >= 0) io_del(&device_io); @@ -1121,5 +1145,9 @@ void close_network_connections(void) { exit_control(); + free(myname); + free(scriptextension); + free(scriptinterpreter); + return; }