if(!fp) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s",
fname, strerror(errno));
+ if(errno == ENOENT)
+ logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: ".");
free(fname);
return false;
}
return false;
}
- if(!read_rsa_private_key())
- return false;
+ if(!read_rsa_private_key()) {
+ if(experimental) {
+ logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled.");
+ } else {
+ logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!");
+ return false;
+ }
+ }
/* Ensure myport is numeric */
}
bool send_metakey(connection_t *c) {
+ if(!myself->connection->rsa) {
+ logger(DEBUG_CONNECTIONS, LOG_ERR, "Peer %s (%s) uses legacy protocol which we don't support", c->name, c->hostname);
+ return false;
+ }
+
if(!read_rsa_public_key(c))
return false;
}
bool metakey_h(connection_t *c, const char *request) {
+ if(!myself->connection->rsa)
+ return false;
+
char hexkey[MAX_STRING_SIZE];
int cipher, digest, maclength, compression;
const size_t len = rsa_size(myself->connection->rsa);
}
bool challenge_h(connection_t *c, const char *request) {
+ if(!myself->connection->rsa)
+ return false;
+
char buffer[MAX_STRING_SIZE];
const size_t len = rsa_size(myself->connection->rsa);
size_t digestlen = digest_length(c->indigest);
projects / tinc / commitdiff