- if (silc_pkcs_load_public_key(filename, &client->public_key) == FALSE)
- return FALSE;
-
- return TRUE;
-}
-
-/* Verifies received public key. If user decides to trust the key it is
- saved as trusted server key for later use. If user does not trust the
- key this returns FALSE. */
-
-int silc_client_verify_server_key(SilcClient client,
- SilcSocketConnection sock,
- unsigned char *pk, unsigned int pk_len,
- SilcSKEPKType pk_type)
-{
- char filename[256];
- char file[256];
- char *hostname;
- struct passwd *pw;
- struct stat st;
-
- hostname = sock->hostname ? sock->hostname : sock->ip;
-
- if (pk_type != SILC_SKE_PK_TYPE_SILC) {
- silc_say(client, "We don't support server %s key type", hostname);
- return FALSE;
- }
-
- pw = getpwuid(getuid());
- if (!pw)
- return FALSE;
-
- memset(filename, 0, sizeof(filename));
- memset(file, 0, sizeof(file));
- snprintf(file, sizeof(file) - 1, "serverkey_%s_%d.pub", hostname,
- sock->port);
- snprintf(filename, sizeof(filename) - 1, "%s/.silc/serverkeys/%s",
- pw->pw_dir, file);
-
- /* Check wheter this key already exists */
- if (stat(filename, &st) < 0) {
-
- silc_say(client, "Received server %s public key", hostname);
- /* XXX print fingerprint of the key */
-
- /* Ask user to verify the key and save it */
- if (silc_client_ask_yes_no(client,
- "Would you like to accept the server key (y/n)? "))
- {
- /* Save the key for future checking */
- silc_pkcs_save_public_key_data(filename, pk, pk_len);
- return TRUE;
- }
- } else {
- /* The key already exists, verify it. */
- SilcPublicKey public_key;
- unsigned char *encpk;
- unsigned int encpk_len;
-
- /* Load the key file */
- if (!silc_pkcs_load_public_key(filename, &public_key)) {
- silc_say(client, "Received server %s public key", hostname);
- silc_say(client, "Could not load your local copy of the server %s key",
- hostname);
- if (silc_client_ask_yes_no(client,
- "Would you like to accept the server key anyway (y/n)? "))
- {
- /* Save the key for future checking */
- unlink(filename);
- silc_pkcs_save_public_key_data(filename, pk, pk_len);
- return TRUE;
- }
-
- return FALSE;
- }
-
- /* Encode the key data */
- encpk = silc_pkcs_public_key_encode(public_key, &encpk_len);
- if (!encpk) {
- silc_say(client, "Received server %s public key", hostname);
- silc_say(client, "Your local copy of the server %s key is malformed",
- hostname);
- if (silc_client_ask_yes_no(client,
- "Would you like to accept the server key anyway (y/n)? "))
- {
- /* Save the key for future checking */
- unlink(filename);
- silc_pkcs_save_public_key_data(filename, pk, pk_len);
- return TRUE;
- }
-