idata->receive_key->set_iv(idata->receive_key, keymat->receive_iv);
}
+ /* Save the remote host's public key */
+ silc_pkcs_public_key_decode(ske->ke1_payload->pk_data,
+ ske->ke1_payload->pk_len, &idata->public_key);
+
/* Save the hash */
if (!silc_hash_alloc(hash->hash->name, &idata->hash)) {
silc_cipher_free(idata->send_key);
/* Check remote host version string */
SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version,
- unsigned int len)
+ uint32 len)
{
SilcSKEStatus status = SILC_SKE_STATUS_OK;
properties packet from initiator. */
status = silc_ske_responder_start(ske, ctx->rng, ctx->sock,
silc_version_string,
- ctx->packet->buffer, NULL, NULL);
+ ctx->packet->buffer, FALSE,
+ NULL, NULL);
} else {
SilcSKEStartPayload *start_payload;
the initiator. This also creates our parts of the Diffie
Hellman algorithm. */
status = silc_ske_responder_phase_2(ctx->ske, ctx->packet->buffer,
- NULL, NULL);
+ NULL, NULL, NULL, NULL);
} else {
/* Call the Phase-2 function. This creates Diffie Hellman
key exchange parameters and sends our public part inside
status =
silc_ske_initiator_phase_2(ctx->ske,
server->public_key,
+ server->private_key,
silc_server_protocol_ke_send_packet,
context);
}
silc_server_public_key_authentication(SilcServer server,
SilcPublicKey pub_key,
unsigned char *sign,
- unsigned int sign_len,
+ uint32 sign_len,
SilcSKE ske)
{
SilcPKCS pkcs;
silc_server_get_public_key_auth(SilcServer server,
SilcPublicKey pub_key,
unsigned char *auth_data,
- unsigned int *auth_data_len,
+ uint32 *auth_data_len,
SilcSKE ske)
{
int len;
* We are receiving party
*/
int ret;
- unsigned short payload_len;
- unsigned short conn_type;
+ uint16 payload_len;
+ uint16 conn_type;
unsigned char *auth_data = NULL;
SILC_LOG_INFO(("Performing authentication protocol for %s (%s)",
/* Get authentication data */
silc_buffer_pull(ctx->packet->buffer, 4);
ret = silc_buffer_unformat(ctx->packet->buffer,
- SILC_STR_UI_XNSTRING(&auth_data,
- payload_len),
+ SILC_STR_UI_XNSTRING_ALLOC(&auth_data,
+ payload_len),
SILC_STR_END);
if (ret == -1) {
SILC_LOG_DEBUG(("Bad payload in authentication packet"));
/* Authentication failed */
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
SILC_LOG_DEBUG(("No configuration for remote connection"));
SILC_LOG_ERROR(("Remote connection not configured"));
SILC_LOG_ERROR(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
/* Authentication failed */
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
return;
break;
-
+
case SILC_AUTH_PUBLIC_KEY:
/* Public key authentication */
SILC_LOG_DEBUG(("Public key authentication"));
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
+ silc_free(auth_data);
return;
}
}
/* Authentication failed */
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
if (ret)
break;
-
+
SILC_LOG_ERROR(("Authentication failed"));
SILC_LOG_DEBUG(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
SILC_LOG_DEBUG(("No configuration for remote connection"));
SILC_LOG_ERROR(("Remote connection not configured"));
SILC_LOG_ERROR(("Authentication failed"));
+ silc_free(auth_data);
protocol->state = SILC_PROTOCOL_STATE_ERROR;
protocol->execute(server->timeout_queue, 0,
protocol, fd, 0, 300000);
}
}
+ silc_free(auth_data);
+
/* Save connection type. This is later used to create the
ID for the connection. */
ctx->conn_type = conn_type;
SilcBuffer packet;
int payload_len = 0;
unsigned char *auth_data = NULL;
- unsigned int auth_data_len = 0;
+ uint32 auth_data_len = 0;
switch(ctx->auth_meth) {
case SILC_AUTH_NONE:
silc_server_get_public_key_auth(server, ctx->auth_data,
sign, &auth_data_len,
ctx->ske);
+ auth_data = silc_calloc(auth_data_len, sizeof(*auth_data));
+ memcpy(auth_data, sign, auth_data_len);
break;
}
}