if (server->router_conn && server->router_conn->sock == stream &&
!server->router && server->standalone) {
- if (idata->sconn->callback)
+ if (idata->sconn && idata->sconn->callback)
(*idata->sconn->callback)(server, NULL, idata->sconn->callback_context);
silc_server_create_connections(server);
silc_server_free_sock_user_data(server, stream, NULL);
server->backup_closed = TRUE;
}
- if (idata->sconn->callback)
+ if (idata->sconn && idata->sconn->callback)
(*idata->sconn->callback)(server, NULL, idata->sconn->callback_context);
silc_server_free_sock_user_data(server, stream, NULL);
}
SilcPacketStream stream = context;
SilcIDListData idata = silc_packet_get_context(stream);
- if (!idata)
+ if (!idata || !silc_packet_stream_is_valid(stream)) {
+ silc_packet_stream_unref(stream);
return;
+ }
if (server->router_conn && server->router_conn->sock == stream &&
!server->router && server->standalone) {
+ if (idata->sconn && idata->sconn->callback)
+ (*idata->sconn->callback)(server, NULL, idata->sconn->callback_context);
silc_server_create_connections(server);
+ silc_server_free_sock_user_data(server, stream, NULL);
} else {
/* If backup disconnected then mark that resuming will not be allowed */
if (server->server_type == SILC_ROUTER && !server->backup_router &&
server->backup_closed = TRUE;
}
- if (idata->sconn->callback)
+ if (idata->sconn && idata->sconn->callback)
(*idata->sconn->callback)(server, NULL, idata->sconn->callback_context);
silc_server_free_sock_user_data(server, stream, NULL);
}
silc_server_close_connection(server, stream);
+
+ /* Release our stream reference */
+ silc_packet_stream_unref(stream);
}
/* Packet engine callback to indicate error */
const char *ip;
SilcUInt16 port;
- SILC_LOG_DEBUG(("Packet error, sock %p", stream));
+ SILC_LOG_DEBUG(("Packet error %d, sock %p", error, stream));
if (!idata || !sock)
return;
if (!silc_packet_stream_is_valid(stream))
return;
+ /* We must take reference of the stream */
+ silc_packet_stream_ref(stream);
+
+ /* In case we get here many times, register only one timeout */
+ silc_schedule_task_del_by_all(server->schedule, 0,
+ silc_server_packet_error_timeout, stream);
+
+ /* Close connection with random timeout */
silc_schedule_task_add_timeout(server->schedule,
- silc_server_packet_error_timeout,
- stream, 0, 0);
+ silc_server_packet_error_timeout, stream,
+ silc_rng_get_byte(server->rng) % 10, 0);
}
/* Packet stream callbacks */
silc_free(server->local_list);
silc_free(server->global_list);
silc_free(server->server_name);
+ silc_free(server->id);
silc_free(server);
silc_hmac_unregister_all();
{
SilcPacketStream sock = context;
SilcUnknownEntry entry = silc_packet_get_context(sock);
- SilcServerConnection sconn = entry->data.sconn;
- SilcServer server = entry->server;
- SilcServerConfigRouter *conn = sconn->conn.ref_ptr;
+ SilcServerConnection sconn;
+ SilcServer server;
+ SilcServerConfigRouter *conn;
SilcAuthMethod auth_meth = SILC_AUTH_NONE;
void *auth_data = NULL;
SilcUInt32 auth_data_len = 0;
SilcConnAuth connauth;
SilcCipher send_key, receive_key;
SilcHmac hmac_send, hmac_receive;
- SilcHash hash;
-
- SILC_LOG_DEBUG(("Connection %p, SKE completed, entry %p", sconn, entry));
+ server = entry->server;
+ sconn = entry->data.sconn;
+ conn = sconn->conn.ref_ptr;
entry->op = NULL;
+ SILC_LOG_DEBUG(("Connection %p, SKE completed, entry %p", sconn, entry));
+
if (status != SILC_SKE_STATUS_OK) {
/* SKE failed */
SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol with %s (%s)",
/* Set the keys into use. The data will be encrypted after this. */
if (!silc_ske_set_keys(ske, keymat, prop, &send_key, &receive_key,
- &hmac_send, &hmac_receive, &hash)) {
+ &hmac_send, &hmac_receive, NULL)) {
silc_ske_free(ske);
/* Try reconnecting if configuration wants it */
}
entry->server = server;
entry->data.sconn = sconn;
+ entry->data.conn_type = SILC_CONN_UNKNOWN;
+ entry->data.status |= SILC_IDLIST_STATUS_LOCAL;
silc_packet_set_context(sconn->sock, entry);
SILC_LOG_DEBUG(("Created unknown connection %p", entry));
entry->data.conn_type = SILC_CONN_CLIENT;
/* Statistics */
+ SILC_LOG_DEBUG(("stat.clients %d->%d", server->stat.clients,
+ server->stat.clients + 1));
server->stat.my_clients++;
server->stat.clients++;
server->stat.cell_clients++;
idata->rekey = rekey;
idata->public_key = silc_pkcs_public_key_copy(prop->public_key);
pk = silc_pkcs_public_key_encode(idata->public_key, &pk_len);
- silc_hash_make(server->sha1hash, pk, pk_len, idata->fingerprint);
-
- silc_hash_alloc(silc_hash_get_name(prop->hash), &idata->hash);
+ if (pk) {
+ silc_hash_make(server->sha1hash, pk, pk_len, idata->fingerprint);
+ silc_free(pk);
+ }
+ idata->hash = hash;
SILC_LOG_DEBUG(("Starting connection authentication"));
server->stat.auth_attempts++;
entry->port = port;
entry->server = server;
entry->data.conn_type = SILC_CONN_UNKNOWN;
+ entry->data.status |= SILC_IDLIST_STATUS_LOCAL;
silc_packet_set_context(packet_stream, entry);
SILC_LOG_DEBUG(("Created unknown connection %p", entry));
sock, idata->sconn->rekey_timeout, 0);
}
+/* Helper to stop future rekeys on a link. */
+void silc_server_stop_rekey(SilcServer server, SilcClientEntry client)
+{
+ if (!client->connection)
+ return;
+
+ SILC_LOG_DEBUG(("Stopping rekey for client %p", client));
+
+ silc_schedule_task_del_by_all(server->schedule, 0, silc_server_do_rekey,
+ client->connection);
+}
+
/* Rekey callback. Start rekey as initiator */
SILC_TASK_CALLBACK(silc_server_do_rekey)
SILC_LOG_DEBUG(("Perform rekey, sock %p", sock));
/* Do not execute rekey with disabled connections */
- if (idata->status & SILC_IDLIST_STATUS_DISABLED)
+ if (idata->status & SILC_IDLIST_STATUS_DISABLED || !idata->rekey)
return;
/* If another protocol is active do not start rekey */
SilcIDListData idata = silc_packet_get_context(sock);
SilcSKE ske;
+ if (!idata->rekey) {
+ silc_packet_free(packet);
+ return;
+ }
+
SILC_LOG_DEBUG(("Executing rekey protocol with %s:%d [%s], sock %p",
idata->sconn->remote_host, idata->sconn->remote_port,
SILC_CONNTYPE_STRING(idata->conn_type), sock));
if (!sock)
return;
- SILC_LOG_DEBUG(("Disconnecting remote host, sock %p", sock));
+ SILC_LOG_DEBUG(("Disconnecting remote host, sock %p, status %d", sock,
+ status));
va_start(ap, status);
cp = va_arg(ap, char *);
}
/* Update statistics */
- server->stat.my_clients--;
+
+ /* Local detached clients aren't counted. */
+ if (!client->local_detached)
+ server->stat.my_clients--;
+ SILC_LOG_DEBUG(("stat.clients %d->%d", server->stat.clients,
+ server->stat.clients - 1));
+ SILC_VERIFY(server->stat.clients > 0);
server->stat.clients--;
if (server->stat.cell_clients)
server->stat.cell_clients--;
if (idata->sconn && idata->sconn->op) {
SILC_LOG_DEBUG(("Abort active protocol"));
silc_async_abort(idata->sconn->op, NULL, NULL);
+ idata->sconn->op = NULL;
}
if (idata->conn_type == SILC_CONN_UNKNOWN &&
((SilcUnknownEntry)idata)->op) {
SILC_LOG_DEBUG(("Abort active protocol"));
silc_async_abort(((SilcUnknownEntry)idata)->op, NULL, NULL);
+ ((SilcUnknownEntry)idata)->op = NULL;
}
}
}
if (!(client->data.status & SILC_IDLIST_STATUS_REGISTERED)) {
- SILC_LOG_ERROR(("Attempting to add unregistered client to channel ",
+ SILC_LOG_ERROR(("Attempting to add unregistered client to channel "
"%s", channel->channel_name));
continue;
}
projects / silc.git / blobdiff