+ ncn->status.outgoing = 1;
+ ncn->buffer = xmalloc(MAXBUFSIZE);
+ ncn->buflen = 0;
+ ncn->last_ping_time = time(NULL);
+
+ connection_add(ncn);
+
+ send_id(ncn);
+cp
+ return 0;
+}
+
+int read_rsa_public_key(connection_t *cl)
+{
+ config_t const *cfg;
+ FILE *fp;
+ char *fname;
+ void *result;
+cp
+ if(!cl->rsa_key)
+ cl->rsa_key = RSA_new();
+
+ /* First, check for simple PublicKey statement */
+
+ if((cfg = get_config_val(cl->config, config_publickey)))
+ {
+ BN_hex2bn(&cl->rsa_key->n, cfg->data.ptr);
+ BN_hex2bn(&cl->rsa_key->e, "FFFF");
+ return 0;
+ }
+
+ /* Else, check for PublicKeyFile statement and read it */
+
+ if((cfg = get_config_val(cl->config, config_publickeyfile)))
+ {
+ if(is_safe_path(cfg->data.ptr))
+ {
+ if((fp = fopen(cfg->data.ptr, "r")) == NULL)
+ {
+ syslog(LOG_ERR, _("Error reading RSA public key file `%s': %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ result = PEM_read_RSAPublicKey(fp, &cl->rsa_key, NULL, NULL);
+ fclose(fp);
+ if(!result)
+ {
+ syslog(LOG_ERR, _("Reading RSA public key file `%s' failed: %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ return 0;
+ }
+ else
+ return -1;
+ }
+
+ /* Else, check if a harnessed public key is in the config file */
+
+ asprintf(&fname, "%s/hosts/%s", confbase, cl->name);
+ if((fp = fopen(fname, "r")))
+ {
+ result = PEM_read_RSAPublicKey(fp, &cl->rsa_key, NULL, NULL);
+ fclose(fp);
+ free(fname);
+ if(result)
+ return 0;
+ }
+
+ free(fname);
+
+ /* Nothing worked. */
+
+ syslog(LOG_ERR, _("No public key for %s specified!"), cl->name);
+cp
+ return -1;
+}
+
+int read_rsa_private_key(void)
+{
+ config_t const *cfg;
+ FILE *fp;
+ void *result;
+cp
+ if(!myself->rsa_key)
+ myself->rsa_key = RSA_new();
+
+ if((cfg = get_config_val(config, config_privatekey)))
+ {
+ BN_hex2bn(&myself->rsa_key->d, cfg->data.ptr);
+ BN_hex2bn(&myself->rsa_key->e, "FFFF");
+ }
+ else if((cfg = get_config_val(config, config_privatekeyfile)))
+ {
+ if((fp = fopen(cfg->data.ptr, "r")) == NULL)
+ {
+ syslog(LOG_ERR, _("Error reading RSA private key file `%s': %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ result = PEM_read_RSAPrivateKey(fp, &myself->rsa_key, NULL, NULL);
+ fclose(fp);
+ if(!result)
+ {
+ syslog(LOG_ERR, _("Reading RSA private key file `%s' failed: %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ }
+ else
+ {
+ syslog(LOG_ERR, _("No private key for tinc daemon specified!"));
+ return -1;
+ }
+cp
+ return 0;
+}
+
+/*
+ Configure connection_t myself and set up the local sockets (listen only)
+*/
+int setup_myself(void)
+{
+ config_t const *cfg;
+ config_t *next;
+ subnet_t *net;
+cp
+ myself = new_connection();
+
+ asprintf(&myself->hostname, _("MYSELF"));
+ myself->options = 0;
+ myself->protocol_version = PROT_CURRENT;
+
+ if(!(cfg = get_config_val(config, config_name))) /* Not acceptable */
+ {
+ syslog(LOG_ERR, _("Name for tinc daemon required!"));
+ return -1;
+ }
+ else
+ asprintf(&myself->name, "%s", (char*)cfg->data.val);
+
+ if(check_id(myself->name))
+ {
+ syslog(LOG_ERR, _("Invalid name for myself!"));
+ return -1;
+ }
+cp
+ if(read_rsa_private_key())
+ return -1;
+
+ if(read_host_config(myself))
+ {
+ syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
+ return -1;
+ }
+
+ if(read_rsa_public_key(myself))
+ return -1;
+cp
+
+/*
+ if(RSA_check_key(myself->rsa_key) != 1)
+ {
+ syslog(LOG_ERR, _("Invalid public/private keypair!"));
+ return -1;
+ }
+*/
+ if(!(cfg = get_config_val(myself->config, config_port)))
+ myself->port = 655;
+ else
+ myself->port = cfg->data.val;
+
+/* Read in all the subnets specified in the host configuration file */
+
+ for(next = myself->config; (cfg = get_config_val(next, config_subnet)); next = cfg->next)
+ {
+ net = new_subnet();
+ net->type = SUBNET_IPV4;
+ net->net.ipv4.address = cfg->data.ip->address;
+ net->net.ipv4.mask = cfg->data.ip->mask;
+
+ /* Teach newbies what subnets are... */
+
+ if((net->net.ipv4.address & net->net.ipv4.mask) != net->net.ipv4.address)
+ {
+ syslog(LOG_ERR, _("Network address and subnet mask do not match!"));
+ return -1;
+ }
+
+ subnet_add(myself, net);
+ }