Longer default PKCS keys

[silc.git] / apps / silcd / serverconfig.c

diff --git a/apps/silcd/serverconfig.c b/apps/silcd/serverconfig.c
index 6e49475a682adbcc02942c8ff467e8710a0899dc..187f5e9855a538b4b5c188d3fa0a0541ecbfee68 100644 (file)
--- a/apps/silcd/serverconfig.c
+++ b/apps/silcd/serverconfig.c
@@ -2,9 +2,10 @@
 
   serverconfig.c
 
-  Author: Giovanni Giacobbi <giovanni@giacobbi.net>
+  Authors: Giovanni Giacobbi <giovanni@giacobbi.net>
+           Pekka Riikonen <priikone@silcnet.org>
 
-  Copyright (C) 1997 - 2007 Pekka Riikonen
+  Copyright (C) 1997 - 2014 Pekka Riikonen
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -595,10 +596,6 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo)
     CONFIG_IS_DOUBLE(server_info->server_type);
     server_info->server_type = strdup((char *) val);
   }
-  else if (!strcmp(name, "externalip")) {
-    CONFIG_IS_DOUBLE(server_info->external_ip);
-    server_info->external_ip = strdup((char *) val);
-  }
   else if (!strcmp(name, "admin")) {
     CONFIG_IS_DOUBLE(server_info->admin);
     server_info->admin = strdup((char *) val);
@@ -659,6 +656,14 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo)
       SILC_SERVER_LOG_ERROR(("Error: Could not load private key file."));
       return SILC_CONFIG_EPRINTLINE;
     }
+
+    /* Warn if key length is < 4096 (some versions created 4095 bit keys). */
+    if (silc_pkcs_private_key_get_len(server_info->private_key) < 4095) {
+      fprintf(stderr,
+              "warning: Your server private key %s length is under 4096 bits. "
+             "It is recommended to use at least 4096 bits. Consider "
+             "generating a new server key pair.\n", file_tmp);
+    }
   }
   else
     return SILC_CONFIG_EINTERNAL;
@@ -1260,7 +1265,6 @@ static const SilcConfigTable table_serverinfo[] = {
   { "primary",         SILC_CONFIG_ARG_BLOCK,  fetch_serverinfo, table_serverinfo_c},
   { "secondary",       SILC_CONFIG_ARG_BLOCK,  fetch_serverinfo, table_serverinfo_c},
   { "servertype",      SILC_CONFIG_ARG_STR,    fetch_serverinfo, NULL},
-  { "externalip",      SILC_CONFIG_ARG_STR,    fetch_serverinfo, NULL},
   { "location",                SILC_CONFIG_ARG_STR,    fetch_serverinfo, NULL},
   { "admin",           SILC_CONFIG_ARG_STR,    fetch_serverinfo, NULL},
   { "adminemail",      SILC_CONFIG_ARG_STR,    fetch_serverinfo, NULL},
@@ -1547,7 +1551,7 @@ SilcServerConfig silc_server_config_alloc(const char *filename,
                               silc_config_strerror(ret)));
       linebuf = silc_config_read_line(file, line);
       if (linebuf) {
-       SILC_SERVER_LOG_ERROR(("  file %s line %lu:  %s\n", filename,
+       SILC_SERVER_LOG_ERROR(("  file %s line %u:  %s\n", filename,
                               line, linebuf));
        silc_free(linebuf);
       }
@@ -1644,7 +1648,6 @@ void silc_server_config_destroy(SilcServerConfig config)
       silc_free(di);
     }
     silc_free(si->server_type);
-    silc_free(si->external_ip);
     silc_free(si->location);
     silc_free(si->admin);
     silc_free(si->email);
@@ -1876,7 +1879,7 @@ silc_server_config_find_client(SilcServer server, char *host)
     return NULL;
 
   for (client = config->clients; client; client = client->next) {
-    if (client->host && !silc_string_compare(client->host, host))
+    if (client->host && !silc_string_match(client->host, host))
       continue;
     break;
   }
@@ -1904,11 +1907,11 @@ silc_server_config_find_admin(SilcServer server, char *host, char *user,
     nick = "*";
 
   for (admin = config->admins; admin; admin = admin->next) {
-    if (admin->host && !silc_string_compare(admin->host, host))
+    if (admin->host && !silc_string_match(admin->host, host))
       continue;
-    if (admin->user && !silc_string_compare(admin->user, user))
+    if (admin->user && !silc_string_match(admin->user, user))
       continue;
-    if (admin->nick && !silc_string_compare(admin->nick, nick))
+    if (admin->nick && !silc_string_match(admin->nick, nick))
       continue;
     /* no checks failed -> this entry matches */
     break;
@@ -1931,7 +1934,7 @@ silc_server_config_find_denied(SilcServer server, char *host)
     return NULL;
 
   for (deny = config->denied; deny; deny = deny->next) {
-    if (deny->host && !silc_string_compare(deny->host, host))
+    if (deny->host && !silc_string_match(deny->host, host))
       continue;
     break;
   }
@@ -1956,7 +1959,7 @@ silc_server_config_find_server_conn(SilcServer server, char *host)
     return NULL;
 
   for (serv = config->servers; serv; serv = serv->next) {
-    if (!silc_string_compare(serv->host, host))
+    if (!silc_string_match(serv->host, host))
       continue;
     break;
   }
@@ -1980,7 +1983,7 @@ silc_server_config_find_router_conn(SilcServer server, char *host, int port)
     return NULL;
 
   for (serv = config->routers; serv; serv = serv->next) {
-    if (!silc_string_compare(serv->host, host))
+    if (!silc_string_match(serv->host, host))
       continue;
     if (port && serv->port && serv->port != port)
       continue;
@@ -2007,7 +2010,7 @@ silc_server_config_find_backup_conn(SilcServer server, char *host)
   for (serv = config->routers; serv; serv = serv->next) {
     if (!serv->backup_router)
       continue;
-    if (!silc_string_compare(serv->host, host))
+    if (!silc_string_match(serv->host, host))
       continue;
     break;
   }