X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=c4337ccc35021a702bc58b0dfedbd1f702d78cb0;hp=f4e56378889c09c1d008cf51e05cb05fdb43b48c;hb=e838289683c0039fac0ae6172d40b4177c17911b;hpb=667b1bac77b134cf32c98d5dc25619e8c3303f52

diff --git a/src/net_setup.c b/src/net_setup.c
index f4e56378..c4337ccc 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -3,6 +3,7 @@
     Copyright (C) 1998-2005 Ivo Timmermans,
                   2000-2010 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
+                  2010      Brandon Black <blblack@gmail.com>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -112,11 +113,14 @@ bool read_rsa_public_key(connection_t *c) {
 	xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
 	fp = fopen(fname, "r");
 
-	if(fp) {
-		c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
-		fclose(fp);
+	if(!fp) {
+		logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
+		free(fname);
+		return;
 	}
 
+	c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
+	fclose(fp);
 	free(fname);
 
 	if(c->rsa_key)
@@ -127,12 +131,15 @@ bool read_rsa_public_key(connection_t *c) {
 	xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
 	fp = fopen(fname, "r");
 
-	if(fp) {
-		c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
-//		RSA_blinding_on(c->rsa_key, NULL);
-		fclose(fp);
+	if(!fp) {
+		logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
+		free(fname);
+		return;
 	}
 
+	c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
+//	RSA_blinding_on(c->rsa_key, NULL);
+	fclose(fp);
 	free(fname);
 
 	if(c->rsa_key)
@@ -143,7 +150,7 @@ bool read_rsa_public_key(connection_t *c) {
 	return false;
 }
 
-bool read_rsa_private_key(void) {
+static bool read_rsa_private_key(void) {
 	FILE *fp;
 	char *fname, *key, *pubkey;
 	struct stat s;
@@ -266,7 +273,7 @@ void load_all_subnets(void) {
 /*
   Configure node_t myself and set up the local sockets (listen only)
 */
-bool setup_myself(void) {
+static bool setup_myself(void) {
 	config_t *cfg;
 	subnet_t *subnet;
 	char *name, *hostname, *mode, *afname, *cipher, *digest;
@@ -276,6 +283,7 @@ bool setup_myself(void) {
 	struct addrinfo *ai, *aip, hint = {0};
 	bool choice;
 	int i, err;
+	int replaywin_int;
 
 	myself = new_node();
 	myself->connection = new_connection();
@@ -405,6 +413,28 @@ bool setup_myself(void) {
 	} else
 		maxtimeout = 900;
 
+	if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
+		if(udp_rcvbuf <= 0) {
+			logger(LOG_ERR, "UDPRcvBuf cannot be negative!");
+			return false;
+		}
+	}
+
+	if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) {
+		if(udp_sndbuf <= 0) {
+			logger(LOG_ERR, "UDPSndBuf cannot be negative!");
+			return false;
+		}
+	}
+
+	if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) {
+		if(replaywin_int < 0) {
+			logger(LOG_ERR, "ReplayWindow cannot be negative!");
+			return false;
+		}
+		replaywin = (unsigned)replaywin_int;
+	}
+
 	if(get_config_string(lookup_config(config_tree, "AddressFamily"), &afname)) {
 		if(!strcasecmp(afname, "IPv4"))
 			addressfamily = AF_INET;