along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.82 2000/11/25 13:33:30 guus Exp $
+ $Id: net.c,v 1.35.4.88 2000/12/22 21:34:20 guus Exp $
*/
#include "config.h"
# include <err.h>
#endif
+#ifdef HAVE_OPENSSL_PEM_H
+# include <openssl/pem.h>
+#else
+# include <pem.h>
+#endif
+
#ifdef HAVE_TUNTAP
#include LINUX_IF_TUN_H
#endif
const char *tapfname;
config_t const *cfg;
#ifdef HAVE_LINUX
- #ifdef HAVE_TUNTAP
+# ifdef HAVE_TUNTAP
struct ifreq ifr;
- #endif
+# endif
#endif
cp
else
{
#ifdef HAVE_LINUX
- #ifdef HAVE_TUNTAP
+# ifdef HAVE_TUNTAP
tapfname = "/dev/misc/net/tun";
- #else
+# else
tapfname = "/dev/tap0";
- #endif
+# endif
#endif
#ifdef HAVE_FREEBSD
tapfname = "/dev/tap0";
return 0;
}
+int read_rsa_public_key(connection_t *cl)
+{
+ config_t const *cfg;
+ FILE *fp;
+ void *result;
+cp
+ if(!cl->rsa_key)
+ cl->rsa_key = RSA_new();
+
+ if((cfg = get_config_val(cl->config, config_publickey)))
+ {
+ BN_hex2bn(&cl->rsa_key->n, cfg->data.ptr);
+ BN_hex2bn(&cl->rsa_key->e, "FFFF");
+ }
+ else if((cfg = get_config_val(cl->config, config_publickeyfile)))
+ {
+ if(is_safe_path(cfg->data.ptr))
+ {
+ if((fp = fopen(cfg->data.ptr, "r")) == NULL)
+ {
+ syslog(LOG_ERR, _("Error reading RSA public key file `%s': %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ result = PEM_read_RSAPublicKey(fp, &cl->rsa_key, NULL, NULL);
+ fclose(fp);
+ if(!result)
+ {
+ syslog(LOG_ERR, _("Reading RSA public key file `%s' failed: %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ }
+ else
+ return -1;
+ }
+ else
+ {
+ syslog(LOG_ERR, _("No public key for %s specified!"), cl->name);
+ return -1;
+ }
+cp
+ return 0;
+}
+
+int read_rsa_private_key(void)
+{
+ config_t const *cfg;
+ FILE *fp;
+ void *result;
+cp
+ if(!myself->rsa_key)
+ myself->rsa_key = RSA_new();
+
+ if((cfg = get_config_val(config, config_privatekey)))
+ {
+ BN_hex2bn(&myself->rsa_key->d, cfg->data.ptr);
+ BN_hex2bn(&myself->rsa_key->e, "FFFF");
+ }
+ else if((cfg = get_config_val(config, config_privatekeyfile)))
+ {
+ if((fp = fopen(cfg->data.ptr, "r")) == NULL)
+ {
+ syslog(LOG_ERR, _("Error reading RSA private key file `%s': %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ result = PEM_read_RSAPrivateKey(fp, &myself->rsa_key, NULL, NULL);
+ fclose(fp);
+ if(!result)
+ {
+ syslog(LOG_ERR, _("Reading RSA private key file `%s' failed: %m"),
+ cfg->data.ptr);
+ return -1;
+ }
+ }
+ else
+ {
+ syslog(LOG_ERR, _("No private key for tinc daemon specified!"));
+ return -1;
+ }
+cp
+ return 0;
+}
+
/*
Configure connection_t myself and set up the local sockets (listen only)
*/
return -1;
}
cp
- if(!(cfg = get_config_val(config, config_privatekey)))
- {
- syslog(LOG_ERR, _("Private key for tinc daemon required!"));
- return -1;
- }
- else
- {
- myself->rsa_key = RSA_new();
- BN_hex2bn(&myself->rsa_key->d, cfg->data.ptr);
- BN_hex2bn(&myself->rsa_key->e, "FFFF");
- }
+ if(read_rsa_private_key())
+ return -1;
if(read_host_config(myself))
{
syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
return -1;
}
+
+ if(read_rsa_public_key(myself))
+ return -1;
cp
- if(!(cfg = get_config_val(myself->config, config_publickey)))
- {
- syslog(LOG_ERR, _("Public key for tinc daemon required!"));
- return -1;
- }
- else
- {
- BN_hex2bn(&myself->rsa_key->n, cfg->data.ptr);
- }
+
/*
if(RSA_check_key(myself->rsa_key) != 1)
{
if(!cl)
{
- syslog(LOG_WARNING, _("Received UDP packets on port %d from unknown source %lx:%d"), ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
+ syslog(LOG_WARNING, _("Received UDP packets on port %d from unknown source %lx:%d"), myself->port, ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
return 0;
}