X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=83fbc2da38a92228b164f60bd83c96a03277378d;hp=0a99daad5ec9bc9406e5f5f7802e85d0ba148a29;hb=76a9be5bce43a1a7363c670882f5315c824c903c;hpb=d00d8dbb9b122a17ef93090de10396ebdd2c4a84

diff --git a/src/net_setup.c b/src/net_setup.c
index 0a99daad..83fbc2da 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -137,14 +137,16 @@ bool read_ecdsa_public_key(connection_t *c) {
 	}
 
 	c->ecdsa = ecdsa_read_pem_public_key(fp);
-	fclose(fp);
 
-	if(!c->ecdsa)
+	if(!c->ecdsa && errno != ENOENT)
 		logger(DEBUG_ALWAYS, LOG_ERR, "Parsing Ed25519 public key file `%s' failed.", fname);
+
+	fclose(fp);
 	free(fname);
 	return c->ecdsa;
 }
 
+#ifndef DISABLE_LEGACY
 bool read_rsa_public_key(connection_t *c) {
 	if(ecdsa_active(c->ecdsa))
 		return true;
@@ -182,6 +184,7 @@ bool read_rsa_public_key(connection_t *c) {
 	free(fname);
 	return c->rsa;
 }
+#endif
 
 static bool read_ecdsa_private_key(void) {
 	FILE *fp;
@@ -248,6 +251,7 @@ static bool read_invitation_key(void) {
 	return invitation_key;
 }
 
+#ifndef DISABLE_LEGACY
 static bool read_rsa_private_key(void) {
 	FILE *fp;
 	char *fname;
@@ -277,6 +281,8 @@ static bool read_rsa_private_key(void) {
 	if(!fp) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s",
 			   fname, strerror(errno));
+		if(errno == ENOENT)
+			logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: ".");
 		free(fname);
 		return false;
 	}
@@ -302,6 +308,7 @@ static bool read_rsa_private_key(void) {
 	free(fname);
 	return myself->connection->rsa;
 }
+#endif
 
 static timeout_t keyexpire_timeout;
 
@@ -313,6 +320,8 @@ static void keyexpire_handler(void *data) {
 void regenerate_key(void) {
 	logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
 	send_key_changed();
+	for splay_each(node_t, n, node_tree)
+		n->status.validkey_in = false;
 }
 
 /*
@@ -504,6 +513,14 @@ bool setup_myself_reloadable(void) {
 	if(myself->options & OPTION_TCPONLY)
 		myself->options |= OPTION_INDIRECT;
 
+	get_config_bool(lookup_config(config_tree, "UDPDiscovery"), &udp_discovery);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryKeepaliveInterval"), &udp_discovery_keepalive_interval);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryInterval"), &udp_discovery_interval);
+	get_config_int(lookup_config(config_tree, "UDPDiscoveryTimeout"), &udp_discovery_timeout);
+
+	get_config_int(lookup_config(config_tree, "MTUInfoInterval"), &mtu_info_interval);
+	get_config_int(lookup_config(config_tree, "UDPInfoInterval"), &udp_info_interval);
+
 	get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
 	get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
 
@@ -650,6 +667,9 @@ static bool add_listen_address(char *address, bool bindto) {
 	hint.ai_protocol = IPPROTO_TCP;
 	hint.ai_flags = AI_PASSIVE;
 
+#ifdef HAVE_DECL_RES_INIT
+	res_init();
+#endif
 	int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
 	free(address);
 
@@ -771,6 +791,13 @@ static bool setup_myself(void) {
 
 	myself->options |= PROT_MINOR << 24;
 
+#ifdef DISABLE_LEGACY
+	experimental = read_ecdsa_private_key();
+	if(!experimental) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "No private key available, cannot start tinc!");
+		return false;
+	}
+#else
 	if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) {
 		experimental = read_ecdsa_private_key();
 		if(!experimental)
@@ -780,8 +807,15 @@ static bool setup_myself(void) {
 			return false;
 	}
 
-	if(!read_rsa_private_key())
-		return false;
+	if(!read_rsa_private_key()) {
+		if(experimental) {
+			logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled.");
+		} else {
+			logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!");
+			return false;
+		}
+	}
+#endif
 
 	/* Ensure myport is numeric */
 
@@ -846,6 +880,7 @@ static bool setup_myself(void) {
 		sptps_replaywin = replaywin;
 	}
 
+#ifndef DISABLE_LEGACY
 	/* Generate packet encryption key */
 
 	if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
@@ -883,6 +918,7 @@ static bool setup_myself(void) {
 	}
 
 	free(digest);
+#endif
 
 	/* Compression */
 
@@ -1114,7 +1150,7 @@ void close_network_connections(void) {
 	if (!device_standby)
 		device_disable();
 
-	if(myport) free(myport);
+	free(myport);
 
 	if (device_fd >= 0)
 		io_del(&device_io);
@@ -1124,7 +1160,8 @@ void close_network_connections(void) {
 	exit_control();
 
 	free(myname);
-	myname = NULL;
+	free(scriptextension);
+	free(scriptinterpreter);
 
 	return;
 }