X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Ftincd.c;h=c2660fa3140e367967b5e650783496ea61c6a065;hp=c4e8fad3746cd5d11a430a245b41e2a72563a788;hb=23730375f27c32e0fe1a59c7a761dd85296a7a4a;hpb=a39a9506cd041a7092a98498b362eaacfd2f33c3 diff --git a/src/tincd.c b/src/tincd.c index c4e8fad3..c2660fa3 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -292,6 +292,13 @@ static bool keygen(int bits) char *name = NULL; char *filename; + get_config_string(lookup_config(config_tree, "Name"), &name); + + if(name && !check_id(name)) { + fprintf(stderr, _("Invalid name for myself!\n")); + return false; + } + fprintf(stderr, _("Generating %d bits keys:\n"), bits); rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL); @@ -302,41 +309,41 @@ static bool keygen(int bits) fprintf(stderr, _("Done.\n")); asprintf(&filename, "%s/rsa_key.priv", confbase); - f = ask_and_open(filename, _("private RSA key"), "a"); + f = ask_and_open(filename, _("private RSA key")); if(!f) return false; + + if(disable_old_keys(f)) + fprintf(stderr, _("Warning: old key(s) found and disabled.\n")); #ifdef HAVE_FCHMOD /* Make it unreadable for others. */ fchmod(fileno(f), 0600); #endif - if(ftell(f)) - fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); - PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL); fclose(f); free(filename); - get_config_string(lookup_config(config_tree, "Name"), &name); - if(name) asprintf(&filename, "%s/hosts/%s", confbase, name); else asprintf(&filename, "%s/rsa_key.pub", confbase); - f = ask_and_open(filename, _("public RSA key"), "a"); + f = ask_and_open(filename, _("public RSA key")); if(!f) return false; - if(ftell(f)) - fprintf(stderr, _("Appending key to existing contents.\nMake sure only one key is stored in the file.\n")); + if(disable_old_keys(f)) + fprintf(stderr, _("Warning: old key(s) found and disabled.\n")); PEM_write_RSAPublicKey(f, rsa_key); fclose(f); free(filename); + if(name) + free(name); return true; }