tupdates

[silc.git] / apps / silcd / protocol.c

diff --git a/apps/silcd/protocol.c b/apps/silcd/protocol.c
index 449a6886daaa3b9190982cc6d85c1ff2f5f49632..7e6b1631e3f96593e726a8b9e33c6bdb216013e7 100644 (file)
--- a/apps/silcd/protocol.c
+++ b/apps/silcd/protocol.c
@@ -283,7 +283,7 @@ int silc_server_protocol_ke_set_keys(SilcServer server,
         keymat->send_enc_key, keymat->enc_key_len / 8);
   idata->rekey->enc_key_len = keymat->enc_key_len / 8;
 
-  if (ske->start_payload->flags & SILC_SKE_SP_FLAG_PFS)
+  if (ske->prop->flags & SILC_SKE_SP_FLAG_PFS)
     idata->rekey->pfs = TRUE;
   idata->rekey->ske_group = silc_ske_group_get_number(group);
 
@@ -471,12 +471,12 @@ SILC_TASK_CALLBACK(silc_server_protocol_key_exchange)
           properties packet from initiator. */
        status = silc_ske_responder_start(ske, ctx->rng, ctx->sock,
                                          silc_version_string,
-                                         ctx->packet->buffer, TRUE);
+                                         ctx->packet->buffer, ctx->flags);
       } else {
        SilcSKEStartPayload *start_payload;
 
        /* Assemble security properties. */
-       silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_MUTUAL, 
+       silc_ske_assemble_security_properties(ske, ctx->flags, 
                                              silc_version_string,
                                              &start_payload);
 
@@ -783,7 +783,7 @@ silc_server_public_key_authentication(SilcServer server,
 
 static int
 silc_server_get_public_key_auth(SilcServer server,
-                               unsigned char *auth_data,
+                               unsigned char **auth_data,
                                uint32 *auth_data_len,
                                SilcSKE ske)
 {
@@ -804,12 +804,14 @@ silc_server_get_public_key_auth(SilcServer server,
                                          ske->start_payload_copy->len),
                     SILC_STR_END);
 
+  *auth_data = silc_calloc(silc_pkcs_get_key_len(pkcs), sizeof(**auth_data));
   if (silc_pkcs_sign_with_hash(pkcs, ske->prop->hash, auth->data, 
-                              auth->len, auth_data, auth_data_len)) {
+                              auth->len, *auth_data, auth_data_len)) {
     silc_buffer_free(auth);
     return TRUE;
   }
 
+  silc_free(*auth_data);
   silc_buffer_free(auth);
   return FALSE;
 }
@@ -951,7 +953,7 @@ SILC_TASK_CALLBACK(silc_server_protocol_connection_auth)
 
        /* Remote end is client */
        if (conn_type == SILC_SOCKET_TYPE_CLIENT) {
-         SilcServerConfigSectionClient *client = ctx->cconfig;
+         SilcServerConfigClient *client = ctx->cconfig;
          
          if (client) {
            ret = silc_server_get_authentication(ctx, client->passphrase,
@@ -980,7 +982,7 @@ SILC_TASK_CALLBACK(silc_server_protocol_connection_auth)
        
        /* Remote end is server */
        if (conn_type == SILC_SOCKET_TYPE_SERVER) {
-         SilcServerConfigSectionServer *serv = ctx->sconfig;
+         SilcServerConfigServer *serv = ctx->sconfig;
          
          if (serv) {
            ret = silc_server_get_authentication(ctx, serv->passphrase,
@@ -1009,7 +1011,7 @@ SILC_TASK_CALLBACK(silc_server_protocol_connection_auth)
        
        /* Remote end is router */
        if (conn_type == SILC_SOCKET_TYPE_ROUTER) {
-         SilcServerConfigSectionRouter *serv = ctx->rconfig;
+         SilcServerConfigRouter *serv = ctx->rconfig;
 
          if (serv) {
            ret = silc_server_get_authentication(ctx, serv->passphrase,
@@ -1073,13 +1075,9 @@ SILC_TASK_CALLBACK(silc_server_protocol_connection_auth)
          
        case SILC_AUTH_PUBLIC_KEY:
          {
-           unsigned char sign[1024];
-
            /* Public key authentication */
-           silc_server_get_public_key_auth(server, sign, &auth_data_len,
+           silc_server_get_public_key_auth(server, &auth_data, &auth_data_len,
                                            ctx->ske);
-           auth_data = silc_calloc(auth_data_len, sizeof(*auth_data));
-           memcpy(auth_data, sign, auth_data_len);
            break;
          }
        }