sock->user_data = (void *)conn_data;
- SILC_LOG_INFO(("%s (%s) security properties: %s %s %s",
+ SILC_LOG_INFO(("%s (%s) security properties: %s %s %s %s",
sock->hostname, sock->ip,
idata->send_key->cipher->name,
(char *)silc_hmac_get_name(idata->hmac_send),
- idata->hash->hash->name));
+ idata->hash->hash->name,
+ ske->prop->flags & SILC_SKE_SP_FLAG_PFS ? "PFS" : ""));
return TRUE;
}
/* We received the REKEY_DONE packet and all packets after this is
encrypted with the new key so set the decryption key to the new key */
- silc_server_protocol_rekey_generate(server, ctx, FALSE);
+ if (ctx->pfs == TRUE)
+ silc_server_protocol_rekey_generate_pfs(server, ctx, FALSE);
+ else
+ silc_server_protocol_rekey_generate(server, ctx, FALSE);
/* Assure that after calling final callback there cannot be pending
executions for this protocol anymore. This just unregisters any