+ SILC_LOG_DEBUG(("Remote is router, encrypt with session key"));
+
+ /* If private key mode is not set then decrypt the packet
+ and re-encrypt it */
+ if (!(channel->mode & SILC_CHANNEL_MODE_PRIVKEY) &&
+ channel->receive_key) {
+ unsigned char tmp[SILC_PACKET_MAX_LEN], sid[32], rid[32];
+ SilcUInt32 sid_len, rid_len;
+
+ if (data_len > SILC_PACKET_MAX_LEN)
+ data_len = SILC_PACKET_MAX_LEN;
+ memcpy(tmp, data, data_len);
+
+ /* Decrypt the channel message (we don't check the MAC) */
+ silc_id_id2str(sender_id, sender_type, sid, sizeof(sid), &sid_len);
+ silc_id_id2str(channel->id, SILC_ID_CHANNEL, rid, sizeof(rid),
+ &rid_len);
+ silc_message_payload_decrypt(tmp, data_len, FALSE, FALSE,
+ channel->receive_key,
+ channel->hmac, sid, sid_len,
+ rid, rid_len, FALSE);
+
+ /* Now re-encrypt and send it to the router */
+ silc_server_packet_send_srcdest(server, sock,
+ SILC_PACKET_CHANNEL_MESSAGE, 0,
+ sender_id, sender_type,
+ channel->id, SILC_ID_CHANNEL,
+ tmp, data_len);
+ } else {
+ /* Private key mode is set, we don't have the channel key, so
+ just re-encrypt the entire packet and send it to the router. */
+ silc_server_packet_send_srcdest(server, sock,
+ SILC_PACKET_CHANNEL_MESSAGE, 0,
+ sender_id, sender_type,
+ channel->id, SILC_ID_CHANNEL,
+ data, data_len);
+ }
+ } else {
+ /* Send the packet to normal server */
+ silc_server_packet_send_srcdest(server, sock,
+ SILC_PACKET_CHANNEL_MESSAGE, 0,
+ sender_id, sender_type,
+ channel->id, SILC_ID_CHANNEL,
+ data, data_len);