Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 2006 Pekka Riikonen
+ Copyright (C) 2006 - 2007 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
/* Callback called by application to return authentication data */
-static void silc_client_connect_auth_method(SilcBool success,
- SilcAuthMethod auth_meth,
+static void silc_client_connect_auth_method(SilcAuthMethod auth_meth,
void *auth, SilcUInt32 auth_len,
void *context)
{
SilcFSMThread fsm = context;
SilcClientConnection conn = silc_fsm_get_context(fsm);
- conn->internal->params.auth_method = SILC_AUTH_NONE;
-
- if (success) {
- conn->internal->params.auth_method = auth_meth;
- conn->internal->params.auth = auth;
- conn->internal->params.auth_len = auth_len;
- }
+ conn->internal->params.auth_method = auth_meth;
+ conn->internal->params.auth = auth;
+ conn->internal->params.auth_len = auth_len;
SILC_FSM_CALL_CONTINUE(fsm);
}
SilcClientConnection conn = silc_fsm_get_context(fsm);
SilcClient client = conn->client;
+ conn->internal->op = NULL;
silc_connauth_free(connauth);
if (!success) {
SILC_FSM_CALL_CONTINUE(fsm);
}
+/********************** CONNECTION_AUTH_REQUEST packet **********************/
+
+/* Received connection authentication request packet. We get the
+ required authentication method here. */
+
+SILC_FSM_STATE(silc_client_connect_auth_request)
+{
+ SilcClientConnection conn = fsm_context;
+ SilcPacket packet = state_context;
+ SilcUInt16 conn_type, auth_meth;
+
+ if (!conn->internal->auth_request) {
+ silc_packet_free(packet);
+ SILC_FSM_FINISH;
+ }
+
+ /* Parse the payload */
+ if (silc_buffer_unformat(&packet->buffer,
+ SILC_STR_UI_SHORT(&conn_type),
+ SILC_STR_UI_SHORT(&auth_meth),
+ SILC_STR_END) < 0)
+ auth_meth = SILC_AUTH_NONE;
+
+ silc_packet_free(packet);
+
+ SILC_LOG_DEBUG(("Resolved authentication method: %s",
+ (auth_meth == SILC_AUTH_NONE ? "none" :
+ auth_meth == SILC_AUTH_PASSWORD ? "passphrase" :
+ "public key")));
+ conn->internal->params.auth_method = auth_meth;
+
+ /* Continue authentication */
+ silc_fsm_continue_sync(&conn->internal->event_thread);
+ SILC_FSM_FINISH;
+}
+
/*************************** Connect remote host ****************************/
/* Connection timeout callback */
conn->callback(client, conn, SILC_CLIENT_CONN_ERROR, 0, NULL,
conn->callback_context);
silc_fsm_next(fsm, silc_client_st_connect_error);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
/* Connect (UDP) */
SilcClientConnection conn = fsm_context;
SilcClient client = conn->client;
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
+
/* Create packet stream */
conn->stream = silc_packet_stream_create(client->internal->packet_engine,
conn->internal->schedule,
conn->callback(client, conn, SILC_CLIENT_CONN_ERROR, 0, NULL,
conn->callback_context);
silc_fsm_next(fsm, silc_client_st_connect_error);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
silc_packet_set_context(conn->stream, conn);
/** Start key exchange */
silc_fsm_next(fsm, silc_client_st_connect_key_exchange);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
/* Starts key exchange protocol with remote host */
conn->callback(client, conn, SILC_CLIENT_CONN_ERROR_KE, 0, NULL,
conn->callback_context);
silc_fsm_next(fsm, silc_client_st_connect_error);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
/* Set SKE callbacks */
silc_fsm_next(fsm, silc_client_st_connect_setup_udp);
else
/** Run key exchange (TCP) */
- silc_fsm_next(fsm, silc_client_st_connect_auth);
+ silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
SILC_FSM_CALL(conn->internal->op = silc_ske_initiator(conn->internal->ske,
conn->stream,
SILC_LOG_DEBUG(("Setup UDP SILC session"));
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
+
/* Create new UDP stream */
prop = silc_ske_get_security_properties(conn->internal->ske);
stream = silc_net_udp_connect(conn->internal->params.local_ip,
conn->callback(client, conn, SILC_CLIENT_CONN_ERROR, 0, NULL,
conn->callback_context);
silc_fsm_next(fsm, silc_client_st_connect_error);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
/* Set the new stream to packet stream */
old = silc_packet_stream_get_stream(conn->stream);
- silc_packet_stream_set_stream(conn->stream, stream,
- conn->internal->schedule);
+ silc_packet_stream_set_stream(conn->stream, stream);
silc_packet_stream_set_iv_included(conn->stream);
silc_packet_set_sid(conn->stream, 0);
silc_stream_destroy(old);
/** Start authentication */
- silc_fsm_next(fsm, silc_client_st_connect_auth);
- return SILC_FSM_CONTINUE;
+ silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
+ SILC_FSM_CONTINUE;
}
-/* Get authentication method to be used in authentication protocol */
+/* Resolved authentication method to be used in authentication protocol */
-SILC_FSM_STATE(silc_client_st_connect_auth)
+SILC_FSM_STATE(silc_client_st_connect_auth_resolve)
+{
+ SilcClientConnection conn = fsm_context;
+
+ SILC_LOG_DEBUG(("Resolve authentication method"));
+
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
+
+ /* If authentication method and data is set, use them */
+ if (conn->internal->params.auth_set) {
+ /** Got authentication data */
+ silc_fsm_next(fsm, silc_client_st_connect_auth_start);
+ SILC_FSM_CONTINUE;
+ }
+
+ /* Send connection authentication request packet */
+ silc_packet_send_va(conn->stream,
+ SILC_PACKET_CONNECTION_AUTH_REQUEST, 0,
+ SILC_STR_UI_SHORT(SILC_CONN_CLIENT),
+ SILC_STR_UI_SHORT(SILC_AUTH_NONE),
+ SILC_STR_END);
+
+ /** Wait for authentication method */
+ conn->internal->auth_request = TRUE;
+ conn->internal->params.auth_method = SILC_AUTH_NONE;
+ silc_fsm_next_later(fsm, silc_client_st_connect_auth_data, 2, 0);
+ SILC_FSM_WAIT;
+}
+
+/* Get authentication data to be used in authentication protocol */
+
+SILC_FSM_STATE(silc_client_st_connect_auth_data)
{
SilcClientConnection conn = fsm_context;
SilcClient client = conn->client;
SILC_LOG_DEBUG(("Get authentication data"));
- silc_fsm_next(fsm, silc_client_st_connect_auth_start);
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
- /* If authentication data not provided, ask from application */
- if (!conn->internal->params.auth_set)
- SILC_FSM_CALL(client->internal->ops->get_auth_method(
+ conn->internal->auth_request = FALSE;
+
+ /** Get authentication data */
+ silc_fsm_next(fsm, silc_client_st_connect_auth_start);
+ SILC_FSM_CALL(client->internal->ops->get_auth_method(
client, conn,
conn->remote_host,
conn->remote_port,
+ conn->internal->params.auth_method,
silc_client_connect_auth_method, fsm));
-
- if (conn->internal->params.auth_method == SILC_AUTH_PUBLIC_KEY)
- conn->internal->params.auth = conn->private_key;
-
- /* We have authentication data */
- return SILC_FSM_CONTINUE;
}
/* Start connection authentication with remote host */
SILC_LOG_DEBUG(("Starting connection authentication protocol"));
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
+
+ /* We always use the same key for connection authentication and SKE */
+ if (conn->internal->params.auth_method == SILC_AUTH_PUBLIC_KEY)
+ conn->internal->params.auth = conn->private_key;
+
/* Allocate connection authentication protocol */
connauth = silc_connauth_alloc(conn->internal->schedule,
conn->internal->ske,
conn->callback(client, conn, SILC_CLIENT_CONN_ERROR_AUTH, 0, NULL,
conn->callback_context);
silc_fsm_next(fsm, silc_client_st_connect_error);
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
/** Start connection authentication */
SilcClientConnection conn = fsm_context;
SilcClient client = conn->client;
- SILC_LOG_DEBUG(("Connection established"));
-
silc_ske_free(conn->internal->ske);
conn->internal->ske = NULL;
+ if (conn->internal->disconnected) {
+ /** Disconnected */
+ silc_fsm_next(fsm, silc_client_st_connect_error);
+ SILC_FSM_CONTINUE;
+ }
+
+ SILC_LOG_DEBUG(("Connection established"));
+
/* Install rekey timer */
silc_schedule_task_add_timeout(conn->internal->schedule,
silc_client_rekey_timer, conn,
silc_fsm_next(fsm, silc_client_st_register);
}
- return SILC_FSM_CONTINUE;
+ SILC_FSM_CONTINUE;
}
silc_schedule_task_del_by_all(conn->internal->schedule, 0,
conn->callback(client, conn, SILC_CLIENT_CONN_SUCCESS, 0, NULL,
conn->callback_context);
- return SILC_FSM_FINISH;
+ SILC_FSM_FINISH;
}
/* Error during connecting */
/* Signal to close connection */
if (!conn->internal->disconnected) {
conn->internal->disconnected = TRUE;
- SILC_FSM_SEMA_POST(&conn->internal->wait_event);
+ SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
}
silc_schedule_task_del_by_all(conn->internal->schedule, 0,
silc_client_connect_timeout, conn);
- return SILC_FSM_FINISH;
+ SILC_FSM_FINISH;
}
/****************************** Connect rekey *******************************/
SilcClientConnection conn = context;
/* Signal to start rekey */
+ conn->internal->rekey_responder = FALSE;
conn->internal->rekeying = TRUE;
- SILC_FSM_SEMA_POST(&conn->internal->wait_event);
+ SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
/* Reinstall rekey timer */
silc_schedule_task_add_timeout(conn->internal->schedule,
SILC_LOG_DEBUG(("Rekey"));
+ if (conn->internal->disconnected)
+ SILC_FSM_FINISH;
+
/* Allocate SKE */
conn->internal->ske =
silc_ske_alloc(client->rng, conn->internal->schedule,
conn->internal->params.repository,
conn->public_key, conn->private_key, fsm);
if (!conn->internal->ske)
- return SILC_FSM_FINISH;
+ SILC_FSM_FINISH;
/* Set SKE callbacks */
silc_ske_set_callbacks(conn->internal->ske, NULL,
projects / silc.git / blobdiff