5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 2006 - 2007 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
21 #include "silcclient.h"
22 #include "client_internal.h"
24 /************************ Static utility functions **************************/
26 /* Callback called after connected to remote host */
28 static void silc_client_connect_callback(SilcNetStatus status,
29 SilcStream stream, void *context)
31 SilcFSMThread fsm = context;
32 SilcClientConnection conn = silc_fsm_get_context(fsm);
33 SilcClient client = conn->client;
35 conn->internal->op = NULL;
36 if (conn->internal->verbose) {
40 case SILC_NET_UNKNOWN_IP:
41 client->internal->ops->say(
42 client, conn, SILC_CLIENT_MESSAGE_ERROR,
43 "Could not connect to host %s: unknown IP address",
46 case SILC_NET_UNKNOWN_HOST:
47 client->internal->ops->say(
48 client, conn, SILC_CLIENT_MESSAGE_ERROR,
49 "Could not connect to host %s: unknown host name",
52 case SILC_NET_HOST_UNREACHABLE:
53 client->internal->ops->say(
54 client, conn, SILC_CLIENT_MESSAGE_ERROR,
55 "Could not connect to host %s: network unreachable",
58 case SILC_NET_CONNECTION_REFUSED:
59 client->internal->ops->say(
60 client, conn, SILC_CLIENT_MESSAGE_ERROR,
61 "Could not connect to host %s: connection refused",
64 case SILC_NET_CONNECTION_TIMEOUT:
65 client->internal->ops->say(
66 client, conn, SILC_CLIENT_MESSAGE_ERROR,
67 "Could not connect to host %s: connection timeout",
71 client->internal->ops->say(
72 client, conn, SILC_CLIENT_MESSAGE_ERROR,
73 "Could not connect to host %s",
79 if (status != SILC_NET_OK) {
80 /* Notify application of failure */
81 SILC_LOG_DEBUG(("Connecting failed"));
82 conn->internal->status = SILC_CLIENT_CONN_ERROR;
83 silc_fsm_next(fsm, silc_client_st_connect_error);
84 SILC_FSM_CALL_CONTINUE(fsm);
88 /* Connection created successfully */
89 SILC_LOG_DEBUG(("Connected"));
90 conn->stream = (void *)stream;
91 SILC_FSM_CALL_CONTINUE(fsm);
94 /* Called after application has verified remote host's public key */
96 static void silc_client_ke_verify_key_cb(SilcBool success, void *context)
98 SilcVerifyKeyContext verify = context;
100 SILC_LOG_DEBUG(("Start"));
102 /* Call the completion callback back to the SKE */
103 verify->completion(verify->ske, success ? SILC_SKE_STATUS_OK :
104 SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
105 verify->completion_context);
110 /* Verify remote host's public key */
112 static void silc_client_ke_verify_key(SilcSKE ske,
113 SilcPublicKey public_key,
115 SilcSKEVerifyCbCompletion completion,
116 void *completion_context)
118 SilcFSMThread fsm = context;
119 SilcClientConnection conn = silc_fsm_get_context(fsm);
120 SilcClient client = conn->client;
121 SilcVerifyKeyContext verify;
123 /* If we provided repository for SKE and we got here the key was not
124 found from the repository. */
125 if (conn->internal->params.repository &&
126 !conn->internal->params.verify_notfound) {
127 completion(ske, SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
132 SILC_LOG_DEBUG(("Verify remote public key"));
134 verify = silc_calloc(1, sizeof(*verify));
136 completion(ske, SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
141 verify->completion = completion;
142 verify->completion_context = completion_context;
144 /* Verify public key in application */
145 client->internal->ops->verify_public_key(client, conn,
146 conn->type, public_key,
147 silc_client_ke_verify_key_cb,
151 /* Key exchange protocol completion callback */
153 static void silc_client_ke_completion(SilcSKE ske,
154 SilcSKEStatus status,
155 SilcSKESecurityProperties prop,
156 SilcSKEKeyMaterial keymat,
157 SilcSKERekeyMaterial rekey,
160 SilcFSMThread fsm = context;
161 SilcClientConnection conn = silc_fsm_get_context(fsm);
162 SilcClient client = conn->client;
163 SilcCipher send_key, receive_key;
164 SilcHmac hmac_send, hmac_receive;
166 conn->internal->op = NULL;
167 if (status != SILC_SKE_STATUS_OK) {
168 /* Key exchange failed */
169 SILC_LOG_DEBUG(("Error during key exchange with %s: %s (%d)",
170 conn->remote_host, silc_ske_map_status(status), status));
172 if (conn->internal->verbose)
173 client->internal->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR,
174 "Error during key exchange with %s: %s",
176 silc_ske_map_status(status));
178 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
179 conn->internal->error = status;
180 silc_ske_free_rekey_material(rekey);
182 silc_fsm_next(fsm, silc_client_st_connect_error);
183 SILC_FSM_CALL_CONTINUE(fsm);
187 SILC_LOG_DEBUG(("Setting keys into use"));
189 /* Allocate the cipher and HMAC contexts */
190 if (!silc_ske_set_keys(ske, keymat, prop, &send_key, &receive_key,
191 &hmac_send, &hmac_receive, &conn->internal->hash)) {
192 /* Error setting keys */
193 SILC_LOG_DEBUG(("Could not set keys into use"));
195 if (conn->internal->verbose)
196 client->internal->ops->say(
197 client, conn, SILC_CLIENT_MESSAGE_ERROR,
198 "Error during key exchange with %s: cannot use keys",
201 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
202 silc_ske_free_rekey_material(rekey);
204 silc_fsm_next(fsm, silc_client_st_connect_error);
205 SILC_FSM_CALL_CONTINUE(fsm);
209 /* Set the keys into the packet stream. After this call packets will be
210 encrypted with these keys. */
211 if (!silc_packet_set_keys(conn->stream, send_key, receive_key, hmac_send,
212 hmac_receive, FALSE)) {
213 /* Error setting keys */
214 SILC_LOG_DEBUG(("Could not set keys into use"));
216 if (conn->internal->verbose)
217 client->internal->ops->say(
218 client, conn, SILC_CLIENT_MESSAGE_ERROR,
219 "Error during key exchange with %s: cannot use keys",
222 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
223 silc_ske_free_rekey_material(rekey);
225 silc_fsm_next(fsm, silc_client_st_connect_error);
226 SILC_FSM_CALL_CONTINUE(fsm);
230 conn->internal->rekey = rekey;
232 SILC_LOG_DEBUG(("Key Exchange completed"));
234 /* Key exchange done */
235 SILC_FSM_CALL_CONTINUE(fsm);
238 /* Rekey protocol completion callback */
240 static void silc_client_rekey_completion(SilcSKE ske,
241 SilcSKEStatus status,
242 SilcSKESecurityProperties prop,
243 SilcSKEKeyMaterial keymat,
244 SilcSKERekeyMaterial rekey,
247 SilcFSMThread fsm = context;
248 SilcClientConnection conn = silc_fsm_get_context(fsm);
249 SilcClient client = conn->client;
251 conn->internal->op = NULL;
252 if (status != SILC_SKE_STATUS_OK) {
254 SILC_LOG_DEBUG(("Error during rekey with %s: %s (%d)",
255 conn->remote_host, silc_ske_map_status(status), status));
257 if (conn->internal->verbose)
258 client->internal->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR,
259 "Error during rekey with %s: %s",
261 silc_ske_map_status(status));
263 silc_fsm_finish(fsm);
267 silc_ske_free_rekey_material(conn->internal->rekey);
268 conn->internal->rekey = rekey;
270 SILC_LOG_DEBUG(("Rekey completed"));
273 silc_fsm_finish(fsm);
276 /* Callback called by application to return authentication data */
278 static void silc_client_connect_auth_method(SilcAuthMethod auth_meth,
279 void *auth, SilcUInt32 auth_len,
282 SilcFSMThread fsm = context;
283 SilcClientConnection conn = silc_fsm_get_context(fsm);
285 conn->internal->params.auth_method = auth_meth;
286 conn->internal->params.auth = auth;
287 conn->internal->params.auth_len = auth_len;
289 SILC_FSM_CALL_CONTINUE(fsm);
292 /* Connection authentication completion callback */
294 static void silc_client_connect_auth_completion(SilcConnAuth connauth,
298 SilcFSMThread fsm = context;
299 SilcClientConnection conn = silc_fsm_get_context(fsm);
300 SilcClient client = conn->client;
302 conn->internal->op = NULL;
303 silc_connauth_free(connauth);
306 if (conn->internal->verbose)
307 client->internal->ops->say(
308 client, conn, SILC_CLIENT_MESSAGE_ERROR,
309 "Authentication failed");
311 conn->internal->status = SILC_CLIENT_CONN_ERROR_AUTH;
312 conn->internal->error = SILC_STATUS_ERR_AUTH_FAILED;
313 silc_fsm_next(fsm, silc_client_st_connect_error);
316 SILC_FSM_CALL_CONTINUE(fsm);
319 /********************** CONNECTION_AUTH_REQUEST packet **********************/
321 /* Received connection authentication request packet. We get the
322 required authentication method here. */
324 SILC_FSM_STATE(silc_client_connect_auth_request)
326 SilcClientConnection conn = fsm_context;
327 SilcPacket packet = state_context;
328 SilcUInt16 conn_type, auth_meth;
330 if (!conn->internal->auth_request) {
331 silc_packet_free(packet);
332 return SILC_FSM_FINISH;
335 /* Parse the payload */
336 if (silc_buffer_unformat(&packet->buffer,
337 SILC_STR_UI_SHORT(&conn_type),
338 SILC_STR_UI_SHORT(&auth_meth),
340 auth_meth = SILC_AUTH_NONE;
342 silc_packet_free(packet);
344 SILC_LOG_DEBUG(("Resolved authentication method: %s",
345 (auth_meth == SILC_AUTH_NONE ? "none" :
346 auth_meth == SILC_AUTH_PASSWORD ? "passphrase" :
348 conn->internal->params.auth_method = auth_meth;
350 /* Continue authentication */
351 silc_fsm_continue_sync(&conn->internal->event_thread);
352 return SILC_FSM_FINISH;
355 /*************************** Connect remote host ****************************/
357 /* Connection timeout callback */
359 SILC_TASK_CALLBACK(silc_client_connect_timeout)
361 SilcClientConnection conn = context;
363 SILC_LOG_DEBUG(("Connection timeout"));
365 conn->internal->status = SILC_CLIENT_CONN_ERROR_TIMEOUT;
366 conn->internal->error = SILC_STATUS_ERR_TIMEDOUT;
368 silc_fsm_next(&conn->internal->event_thread, silc_client_st_connect_error);
369 silc_fsm_continue_sync(&conn->internal->event_thread);
372 /* Creates a connection to remote host */
374 SILC_FSM_STATE(silc_client_st_connect)
376 SilcClientConnection conn = fsm_context;
378 SILC_LOG_DEBUG(("Connecting to %s:%d", conn->remote_host,
382 silc_fsm_next(fsm, silc_client_st_connect_set_stream);
384 /* Add connection timeout */
385 if (conn->internal->params.timeout_secs)
386 silc_schedule_task_add_timeout(conn->internal->schedule,
387 silc_client_connect_timeout, conn,
388 conn->internal->params.timeout_secs, 0);
390 if (conn->internal->params.udp) {
393 if (!conn->internal->params.local_ip) {
394 /** IP address not given */
395 SILC_LOG_ERROR(("Local UDP IP address not specified"));
396 conn->internal->status = SILC_CLIENT_CONN_ERROR;
397 silc_fsm_next(fsm, silc_client_st_connect_error);
398 return SILC_FSM_CONTINUE;
402 stream = silc_net_udp_connect(conn->internal->params.bind_ip ?
403 conn->internal->params.bind_ip :
404 conn->internal->params.local_ip,
405 conn->internal->params.local_port,
406 conn->remote_host, conn->remote_port,
407 conn->internal->schedule);
409 SILC_FSM_CALL(silc_client_connect_callback(stream ? SILC_NET_OK :
410 SILC_NET_HOST_UNREACHABLE,
414 SILC_FSM_CALL(conn->internal->op = silc_net_tcp_connect(
415 NULL, conn->remote_host,
417 conn->internal->schedule,
418 silc_client_connect_callback, fsm));
422 /* Sets the new connection stream into use and creates packet stream */
424 SILC_FSM_STATE(silc_client_st_connect_set_stream)
426 SilcClientConnection conn = fsm_context;
427 SilcClient client = conn->client;
429 if (conn->internal->disconnected) {
431 silc_fsm_next(fsm, silc_client_st_connect_error);
432 return SILC_FSM_CONTINUE;
435 /* Create packet stream */
436 conn->stream = silc_packet_stream_create(client->internal->packet_engine,
437 conn->internal->schedule,
438 (SilcStream)conn->stream);
440 /** Cannot create packet stream */
441 SILC_LOG_DEBUG(("Could not create packet stream"));
442 conn->internal->status = SILC_CLIENT_CONN_ERROR;
443 silc_fsm_next(fsm, silc_client_st_connect_error);
444 return SILC_FSM_CONTINUE;
447 silc_packet_set_context(conn->stream, conn);
449 /** Start key exchange */
450 silc_fsm_next(fsm, silc_client_st_connect_key_exchange);
451 return SILC_FSM_CONTINUE;
454 /* Starts key exchange protocol with remote host */
456 SILC_FSM_STATE(silc_client_st_connect_key_exchange)
458 SilcClientConnection conn = fsm_context;
459 SilcClient client = conn->client;
460 SilcSKEParamsStruct params;
462 SILC_LOG_DEBUG(("Starting key exchange protocol"));
465 conn->internal->ske =
466 silc_ske_alloc(client->rng, conn->internal->schedule,
467 conn->internal->params.repository,
468 conn->public_key, conn->private_key, fsm);
469 if (!conn->internal->ske) {
471 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
472 silc_fsm_next(fsm, silc_client_st_connect_error);
473 return SILC_FSM_CONTINUE;
476 /* Set SKE callbacks */
477 silc_ske_set_callbacks(conn->internal->ske, silc_client_ke_verify_key,
478 silc_client_ke_completion, fsm);
480 /* Set up key exchange parameters */
481 params.version = client->internal->silc_client_version;
482 params.timeout_secs = conn->internal->params.timeout_secs;
483 params.flags = SILC_SKE_SP_FLAG_MUTUAL;
484 if (conn->internal->params.pfs)
485 params.flags |= SILC_SKE_SP_FLAG_PFS;
486 if (conn->internal->params.udp) {
487 params.flags |= SILC_SKE_SP_FLAG_IV_INCLUDED;
488 params.session_port = conn->internal->params.local_port;
491 if (conn->internal->params.no_authentication)
492 /** Run key exchange (no auth) */
493 silc_fsm_next(fsm, silc_client_st_connected);
494 else if (conn->internal->params.udp)
495 /** Run key exchange (UDP)*/
496 silc_fsm_next(fsm, silc_client_st_connect_setup_udp);
498 /** Run key exchange (TCP) */
499 silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
501 SILC_FSM_CALL(conn->internal->op = silc_ske_initiator(conn->internal->ske,
506 /* For UDP/IP connections, set up the UDP session after successful key
509 SILC_FSM_STATE(silc_client_st_connect_setup_udp)
511 SilcClientConnection conn = fsm_context;
512 SilcStream stream, old;
513 SilcSKESecurityProperties prop;
515 SILC_LOG_DEBUG(("Setup UDP SILC session"));
517 if (conn->internal->disconnected) {
519 silc_fsm_next(fsm, silc_client_st_connect_error);
520 return SILC_FSM_CONTINUE;
523 /* Create new UDP stream */
524 prop = silc_ske_get_security_properties(conn->internal->ske);
525 stream = silc_net_udp_connect(conn->internal->params.local_ip,
526 conn->internal->params.local_port,
527 conn->remote_host, prop->remote_port,
528 conn->internal->schedule);
530 /** Cannot create UDP stream */
531 conn->internal->status = SILC_CLIENT_CONN_ERROR;
532 silc_fsm_next(fsm, silc_client_st_connect_error);
533 return SILC_FSM_CONTINUE;
536 /* Set the new stream to packet stream */
537 old = silc_packet_stream_get_stream(conn->stream);
538 silc_packet_stream_set_stream(conn->stream, stream);
539 silc_packet_stream_set_iv_included(conn->stream);
540 silc_packet_set_sid(conn->stream, 0);
542 /* Delete the old stream */
543 silc_stream_destroy(old);
545 /** Start authentication */
546 silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
547 return SILC_FSM_CONTINUE;
550 /* Resolved authentication method to be used in authentication protocol */
552 SILC_FSM_STATE(silc_client_st_connect_auth_resolve)
554 SilcClientConnection conn = fsm_context;
556 SILC_LOG_DEBUG(("Resolve authentication method"));
558 if (conn->internal->disconnected) {
560 silc_fsm_next(fsm, silc_client_st_connect_error);
561 return SILC_FSM_CONTINUE;
564 /* If authentication method and data is set, use them */
565 if (conn->internal->params.auth_set) {
566 /** Got authentication data */
567 silc_fsm_next(fsm, silc_client_st_connect_auth_start);
568 return SILC_FSM_CONTINUE;
571 /* Send connection authentication request packet */
572 silc_packet_send_va(conn->stream,
573 SILC_PACKET_CONNECTION_AUTH_REQUEST, 0,
574 SILC_STR_UI_SHORT(SILC_CONN_CLIENT),
575 SILC_STR_UI_SHORT(SILC_AUTH_NONE),
578 /** Wait for authentication method */
579 conn->internal->auth_request = TRUE;
580 conn->internal->params.auth_method = SILC_AUTH_NONE;
581 silc_fsm_next_later(fsm, silc_client_st_connect_auth_data, 2, 0);
582 return SILC_FSM_WAIT;
585 /* Get authentication data to be used in authentication protocol */
587 SILC_FSM_STATE(silc_client_st_connect_auth_data)
589 SilcClientConnection conn = fsm_context;
590 SilcClient client = conn->client;
592 SILC_LOG_DEBUG(("Get authentication data"));
594 if (conn->internal->disconnected) {
596 silc_fsm_next(fsm, silc_client_st_connect_error);
597 return SILC_FSM_CONTINUE;
600 conn->internal->auth_request = FALSE;
602 /** Get authentication data */
603 silc_fsm_next(fsm, silc_client_st_connect_auth_start);
604 SILC_FSM_CALL(client->internal->ops->get_auth_method(
608 conn->internal->params.auth_method,
609 silc_client_connect_auth_method, fsm));
612 /* Start connection authentication with remote host */
614 SILC_FSM_STATE(silc_client_st_connect_auth_start)
616 SilcClientConnection conn = fsm_context;
617 SilcConnAuth connauth;
619 SILC_LOG_DEBUG(("Starting connection authentication protocol"));
621 if (conn->internal->disconnected) {
623 silc_fsm_next(fsm, silc_client_st_connect_error);
624 return SILC_FSM_CONTINUE;
627 /* We always use the same key for connection authentication and SKE */
628 if (conn->internal->params.auth_method == SILC_AUTH_PUBLIC_KEY)
629 conn->internal->params.auth = conn->private_key;
631 /* Allocate connection authentication protocol */
632 connauth = silc_connauth_alloc(conn->internal->schedule,
634 conn->internal->params.rekey_secs);
637 conn->internal->status = SILC_CLIENT_CONN_ERROR_AUTH;
638 conn->internal->error = SILC_STATUS_ERR_AUTH_FAILED;
639 silc_fsm_next(fsm, silc_client_st_connect_error);
640 return SILC_FSM_CONTINUE;
643 /** Start connection authentication */
644 silc_fsm_next(fsm, silc_client_st_connected);
645 SILC_FSM_CALL(conn->internal->op = silc_connauth_initiator(
646 connauth, SILC_CONN_CLIENT,
647 conn->internal->params.auth_method,
648 conn->internal->params.auth,
649 conn->internal->params.auth_len,
650 silc_client_connect_auth_completion,
654 /* Connection fully established */
656 SILC_FSM_STATE(silc_client_st_connected)
658 SilcClientConnection conn = fsm_context;
659 SilcClient client = conn->client;
661 /* Get SILC protocol version remote supports */
662 silc_ske_parse_version(conn->internal->ske, &conn->internal->remote_version,
663 NULL, NULL, NULL, NULL);
665 silc_ske_free(conn->internal->ske);
666 conn->internal->ske = NULL;
668 if (conn->internal->disconnected) {
670 silc_fsm_next(fsm, silc_client_st_connect_error);
671 return SILC_FSM_CONTINUE;
674 SILC_LOG_DEBUG(("Connection established"));
676 /* Install rekey timer */
677 silc_schedule_task_add_timeout(conn->internal->schedule,
678 silc_client_rekey_timer, conn,
679 conn->internal->params.rekey_secs, 0);
681 /* If we connected to server, now register to network. */
682 if (conn->type == SILC_CONN_SERVER &&
683 !conn->internal->params.no_authentication) {
685 /* If detach data is provided, resume the session. */
686 if (conn->internal->params.detach_data &&
687 conn->internal->params.detach_data_len) {
688 /** Resume detached session */
689 silc_fsm_next(fsm, silc_client_st_resume);
691 /** Register to network */
692 silc_fsm_next(fsm, silc_client_st_register);
695 return SILC_FSM_CONTINUE;
698 silc_schedule_task_del_by_all(conn->internal->schedule, 0,
699 silc_client_connect_timeout, conn);
701 /* Call connection callback */
702 conn->callback(client, conn, SILC_CLIENT_CONN_SUCCESS, 0, NULL,
703 conn->callback_context);
705 return SILC_FSM_FINISH;
708 /* Error during connecting */
710 SILC_FSM_STATE(silc_client_st_connect_error)
712 SilcClientConnection conn = fsm_context;
714 if (conn->internal->ske) {
715 silc_ske_free(conn->internal->ske);
716 conn->internal->ske = NULL;
719 /* Signal to close connection */
720 if (!conn->internal->disconnected) {
721 conn->internal->disconnected = TRUE;
722 SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
725 silc_schedule_task_del_by_all(conn->internal->schedule, 0,
726 silc_client_connect_timeout, conn);
728 return SILC_FSM_FINISH;
731 /****************************** Connect rekey *******************************/
733 /* Connection rekey timer callback */
735 SILC_TASK_CALLBACK(silc_client_rekey_timer)
737 SilcClientConnection conn = context;
739 /* Signal to start rekey */
740 if (!silc_fsm_is_started(&conn->internal->event_thread)) {
741 conn->internal->rekey_responder = FALSE;
742 conn->internal->rekeying = TRUE;
743 SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
746 /* Reinstall rekey timer */
747 silc_schedule_task_add_timeout(conn->internal->schedule,
748 silc_client_rekey_timer, conn,
749 conn->internal->params.rekey_secs, 0);
754 SILC_FSM_STATE(silc_client_st_rekey)
756 SilcClientConnection conn = fsm_context;
757 SilcClient client = conn->client;
759 SILC_LOG_DEBUG(("Rekey"));
761 if (conn->internal->disconnected)
762 return SILC_FSM_FINISH;
765 conn->internal->ske =
766 silc_ske_alloc(client->rng, conn->internal->schedule,
767 conn->internal->params.repository,
768 conn->public_key, conn->private_key, fsm);
769 if (!conn->internal->ske)
770 return SILC_FSM_FINISH;
772 /* Set SKE callbacks */
773 silc_ske_set_callbacks(conn->internal->ske, NULL,
774 silc_client_rekey_completion, fsm);
777 if (!conn->internal->rekey_responder)
778 SILC_FSM_CALL(conn->internal->op = silc_ske_rekey_initiator(
781 conn->internal->rekey));
783 SILC_FSM_CALL(conn->internal->op = silc_ske_rekey_responder(
786 conn->internal->rekey));