X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=91f7609bfa8d64a7015ae79a725ce6b3ca290473;hb=cff27a258f3b3a97b5d2e309c264eceea41dff3a;hp=1796c4bbcc7a83a304d794d3426466c19e2ef0ee;hpb=210b5ceeeebdf742a74dcf95a0a13d69623ee001;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index 1796c4bb..91f7609b 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -45,6 +45,53 @@
 char *myport;
 static struct event device_ev;
 
+bool node_read_ecdsa_public_key(node_t *n) {
+	if(ecdsa_active(&n->ecdsa))
+		return true;
+
+	splay_tree_t *config_tree;
+	FILE *fp;
+	char *fname;
+	char *p;
+	bool result = false;
+
+	xasprintf(&fname, "%s/hosts/%s", confbase, n->name);
+
+	init_configuration(&config_tree);
+	if(!read_config_file(config_tree, fname))
+		goto exit;
+
+	/* First, check for simple ECDSAPublicKey statement */
+
+	if(get_config_string(lookup_config(config_tree, "ECDSAPublicKey"), &p)) {
+		result = ecdsa_set_base64_public_key(&n->ecdsa, p);
+		free(p);
+		goto exit;
+	}
+
+	/* Else, check for ECDSAPublicKeyFile statement and read it */
+
+	free(fname);
+
+	if(!get_config_string(lookup_config(config_tree, "ECDSAPublicKeyFile"), &fname))
+		xasprintf(&fname, "%s/hosts/%s", confbase, n->name);
+
+	fp = fopen(fname, "r");
+
+	if(!fp) {
+		logger(LOG_ERR, "Error reading ECDSA public key file `%s': %s", fname, strerror(errno));
+		goto exit;
+	}
+
+	result = ecdsa_read_pem_public_key(&n->ecdsa, fp);
+	fclose(fp);
+
+exit:
+	exit_configuration(&config_tree);
+	free(fname);
+	return result;
+}
+
 bool read_ecdsa_public_key(connection_t *c) {
 	FILE *fp;
 	char *fname;
@@ -339,7 +386,9 @@ static bool setup_myself(void) {
 	read_config_file(config_tree, fname);
 	free(fname);
 
-	if(!read_ecdsa_private_key())
+	get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental);
+
+	if(experimental && !read_ecdsa_private_key())
 		return false;
 
 	if(!read_rsa_private_key())