+ if(read_rsa_public_key(myself))
+ return -1;
+cp
+
+/*
+ if(RSA_check_key(myself->rsa_key) != 1)
+ {
+ syslog(LOG_ERR, _("Invalid public/private keypair!"));
+ return -1;
+ }
+*/
+ if(!(cfg = get_config_val(myself->config, config_port)))
+ myself->port = 655;
+ else
+ myself->port = cfg->data.val;
+
+/* Read in all the subnets specified in the host configuration file */
+
+ for(next = myself->config; (cfg = get_config_val(next, config_subnet)); next = cfg->next)
+ {
+ net = new_subnet();
+ net->type = SUBNET_IPV4;
+ net->net.ipv4.address = cfg->data.ip->address;
+ net->net.ipv4.mask = cfg->data.ip->mask;
+
+ /* Teach newbies what subnets are... */
+
+ if((net->net.ipv4.address & net->net.ipv4.mask) != net->net.ipv4.address)
+ {
+ syslog(LOG_ERR, _("Network address and subnet mask do not match!"));
+ return -1;
+ }
+
+ subnet_add(myself, net);
+ }
+
+cp
+ /* Check some options */
+
+ if((cfg = get_config_val(config, config_indirectdata)))
+ if(cfg->data.val == stupid_true)
+ myself->options |= OPTION_INDIRECT;
+
+ if((cfg = get_config_val(config, config_tcponly)))
+ if(cfg->data.val == stupid_true)
+ myself->options |= OPTION_TCPONLY;
+
+ if((cfg = get_config_val(myself->config, config_indirectdata)))
+ if(cfg->data.val == stupid_true)
+ myself->options |= OPTION_INDIRECT;
+
+ if((cfg = get_config_val(myself->config, config_tcponly)))
+ if(cfg->data.val == stupid_true)
+ myself->options |= OPTION_TCPONLY;
+
+ if(myself->options & OPTION_TCPONLY)
+ myself->options |= OPTION_INDIRECT;
+
+ if((cfg = get_config_val(config, config_mode)))
+ {
+ if(!strcasecmp(cfg->data.ptr, "router"))
+ routing_mode = RMODE_ROUTER;
+ else if (!strcasecmp(cfg->data.ptr, "switch"))
+ routing_mode = RMODE_SWITCH;
+ else if (!strcasecmp(cfg->data.ptr, "hub"))
+ routing_mode = RMODE_HUB;
+ else
+ {
+ syslog(LOG_ERR, _("Invalid routing mode!"));
+ return -1;
+ }
+ }
+ else
+ routing_mode = RMODE_ROUTER;
+
+cp
+ /* Open sockets */
+
+ if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
+ {
+ syslog(LOG_ERR, _("Unable to set up a listening TCP socket!"));
+ return -1;
+ }
+
+ if((myself->socket = setup_vpn_in_socket(myself->port)) < 0)
+ {
+ syslog(LOG_ERR, _("Unable to set up a listening UDP socket!"));
+ return -1;
+ }
+cp
+ /* Generate packet encryption key */
+
+ myself->cipher_pkttype = EVP_bf_cbc();
+
+ myself->cipher_pktkeylength = myself->cipher_pkttype->key_len + myself->cipher_pkttype->iv_len;
+
+ myself->cipher_pktkey = (char *)xmalloc(myself->cipher_pktkeylength);
+ RAND_pseudo_bytes(myself->cipher_pktkey, myself->cipher_pktkeylength);
+
+ if(!(cfg = get_config_val(config, config_keyexpire)))
+ keylifetime = 3600;
+ else
+ keylifetime = cfg->data.val;
+
+ keyexpires = time(NULL) + keylifetime;
+cp
+
+ /* Activate ourselves */
+
+ myself->status.active = 1;
+
+ syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port);