X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilcclient%2Fprotocol.c;h=4bf277c8a2e5759eb330a1b1e343fc487a097cf9;hb=a818c5b5411bbc4436d1c5f011236985c96bb787;hp=9721497fad89187c917f8f5ac6a73c19a972b03f;hpb=83c73dffa89141bc59e62436abb63b3d3efca6bb;p=silc.git

diff --git a/lib/silcclient/protocol.c b/lib/silcclient/protocol.c
index 9721497f..4bf277c8 100644
--- a/lib/silcclient/protocol.c
+++ b/lib/silcclient/protocol.c
@@ -22,7 +22,8 @@
  */
 /* $Id$ */
 
-#include "clientlibincludes.h"
+#include "silcincludes.h"
+#include "silcclient.h"
 #include "client_internal.h"
 
 SILC_TASK_CALLBACK(silc_client_protocol_connection_auth);
@@ -77,7 +78,7 @@ static void silc_client_verify_key_cb(bool success, void *context)
 
 void silc_client_protocol_ke_verify_key(SilcSKE ske,
 					unsigned char *pk_data,
-					uint32 pk_len,
+					SilcUInt32 pk_len,
 					SilcSKEPKType pk_type,
 					void *context,
 					SilcSKEVerifyCbCompletion completion,
@@ -97,10 +98,10 @@ void silc_client_protocol_ke_verify_key(SilcSKE ske,
   verify->completion_context = completion_context;
 
   /* Verify public key from user. */
-  client->ops->verify_public_key(client, ctx->sock->user_data, 
-				 ctx->sock->type,
-				 pk_data, pk_len, pk_type,
-				 silc_client_verify_key_cb, verify);
+  client->internal->ops->verify_public_key(client, ctx->sock->user_data, 
+					   ctx->sock->type,
+					   pk_data, pk_len, pk_type,
+					   silc_client_verify_key_cb, verify);
 }
 
 /* Sets the negotiated key material into use for particular connection. */
@@ -151,11 +152,8 @@ void silc_client_protocol_ke_set_keys(SilcSKE ske,
 
   /* Rekey stuff */
   conn->rekey = silc_calloc(1, sizeof(*conn->rekey));
-  conn->rekey->send_enc_key = 
-    silc_calloc(keymat->enc_key_len / 8,
-		sizeof(*conn->rekey->send_enc_key));
-  memcpy(conn->rekey->send_enc_key, 
-	 keymat->send_enc_key, keymat->enc_key_len / 8);
+  conn->rekey->send_enc_key = silc_memdup(keymat->send_enc_key, 
+					  keymat->enc_key_len / 8);
   conn->rekey->enc_key_len = keymat->enc_key_len / 8;
 
   if (ske->start_payload->flags & SILC_SKE_SP_FLAG_PFS)
@@ -169,7 +167,7 @@ void silc_client_protocol_ke_set_keys(SilcSKE ske,
 /* Checks the version string of the server. */
 
 SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version,
-				     uint32 len, void *context)
+				     SilcUInt32 len, void *context)
 {
   SilcClientConnection conn = (SilcClientConnection)ske->sock->user_data;
   SilcClient client = (SilcClient)ske->user_data;
@@ -197,7 +195,7 @@ SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version,
   if (cp)
     build = atoi(cp + 1);
 
-  cp = client->silc_client_version + 9;
+  cp = client->internal->silc_client_version + 9;
   if (!cp)
     status = SILC_SKE_STATUS_BAD_VERSION;
 
@@ -213,12 +211,15 @@ SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version,
 
   if (maj != maj2)
     status = SILC_SKE_STATUS_BAD_VERSION;
-  if (min < min2)
-    status = SILC_SKE_STATUS_BAD_VERSION;
+
+  /* XXX backward support for 0.6.1 */
+  if (maj == 0 && min == 6 && build < 2)
+    ske->backward_version = 1;
 
   if (status != SILC_SKE_STATUS_OK)
-    client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT,
-		     "We don't support server version `%s'", version);
+    client->internal->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT,
+			       "We don't support server version `%s'", 
+			       version);
 
   return status;
 }
@@ -242,20 +243,9 @@ static void silc_client_protocol_ke_continue(SilcSKE ske,
   SILC_LOG_DEBUG(("Start"));
 
   if (ske->status != SILC_SKE_STATUS_OK) {
-    if (ske->status == SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY) {
-      client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT, 
-		       "Received unsupported server %s public key",
-		       ctx->sock->hostname);
-    } else if (ske->status == SILC_SKE_STATUS_PUBLIC_KEY_NOT_PROVIDED) {
-      client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT,
-		       "Remote host did not send its public key, even though "
-		       "it must send it");
-    } else {
-      client->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR,
-		       "Error during key exchange protocol with server %s",
-		       ctx->sock->hostname);
-    }
-    
+    /* Call failure client operation */
+    client->internal->ops->failure(client, conn, protocol, 
+				   (void *)ske->status);
     protocol->state = SILC_PROTOCOL_STATE_ERROR;
     silc_protocol_execute(protocol, client->schedule, 0, 0);
     return;
@@ -307,10 +297,7 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange)
       SilcSKE ske;
 
       /* Allocate Key Exchange object */
-      ske = silc_ske_alloc();
-      ctx->ske = ske;
-      ske->rng = client->rng;
-      ske->user_data = (void *)client;
+      ctx->ske = ske = silc_ske_alloc(client->rng, client);
 
       silc_ske_set_callbacks(ske, ctx->send_packet, NULL,
 			     ctx->verify,
@@ -321,16 +308,18 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange)
       if (ctx->responder == TRUE) {
 	/* Start the key exchange by processing the received security
 	   properties packet from initiator. */
-	status = silc_ske_responder_start(ske, ctx->rng, ctx->sock,
-					  client->silc_client_version,
-					  ctx->packet->buffer, TRUE);
+	status = 
+	  silc_ske_responder_start(ske, ctx->rng, ctx->sock,
+				   client->internal->silc_client_version,
+				   ctx->packet->buffer, TRUE);
       } else {
 	SilcSKEStartPayload *start_payload;
 
 	/* Assemble security properties. */
-	silc_ske_assemble_security_properties(ske, SILC_SKE_SP_FLAG_NONE, 
-					      client->silc_client_version,
-					      &start_payload);
+	silc_ske_assemble_security_properties(
+				  ske, SILC_SKE_SP_FLAG_MUTUAL, 
+				  client->internal->silc_client_version,
+				  &start_payload);
 
 	/* Start the key exchange by sending our security properties
 	   to the remote end. */
@@ -366,9 +355,7 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange)
        */
       if (ctx->responder == TRUE) {
 	/* Sends the selected security properties to the initiator. */
-	status = 
-	  silc_ske_responder_phase_1(ctx->ske, 
-				     ctx->ske->start_payload);
+	status = silc_ske_responder_phase_1(ctx->ske);
       } else {
 	/* Call Phase-1 function. This processes the Key Exchange Start
 	   paylaod reply we just got from the responder. The callback
@@ -411,7 +398,8 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange)
 	   Key Exhange 1 Payload to the responder. */
 	status = silc_ske_initiator_phase_2(ctx->ske,
 					    client->public_key,
-					    client->private_key);
+					    client->private_key,
+					    SILC_SKE_PK_TYPE_SILC);
 	protocol->state++;
       }
 
@@ -459,11 +447,13 @@ SILC_TASK_CALLBACK(silc_client_protocol_key_exchange)
 
       if (status != SILC_SKE_STATUS_OK) {
         if (status == SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY) {
-          client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT, 
-			   "Received unsupported server %s public key",
-			   ctx->sock->hostname);
+          client->internal->ops->say(
+			     client, conn, SILC_CLIENT_MESSAGE_AUDIT, 
+			     "Received unsupported server %s public key",
+			     ctx->sock->hostname);
         } else {
-          client->ops->say(client, conn, SILC_CLIENT_MESSAGE_AUDIT,
+          client->internal->ops->say(
+			   client, conn, SILC_CLIENT_MESSAGE_AUDIT,
 			   "Error during key exchange protocol with server %s",
 			   ctx->sock->hostname);
         }
@@ -559,7 +549,7 @@ static int
 silc_client_get_public_key_auth(SilcClient client,
 				SilcClientConnection conn,
 				unsigned char *auth_data,
-				uint32 *auth_data_len,
+				SilcUInt32 *auth_data_len,
 				SilcSKE ske)
 {
   int len;
@@ -595,7 +585,7 @@ silc_client_get_public_key_auth(SilcClient client,
 
 static void 
 silc_client_conn_auth_continue(unsigned char *auth_data,
-			       uint32 auth_data_len, void *context)
+			       SilcUInt32 auth_data_len, void *context)
 {
   SilcProtocol protocol = (SilcProtocol)context;
   SilcClientConnAuthInternalContext *ctx = 
@@ -647,7 +637,7 @@ SILC_TASK_CALLBACK(silc_client_protocol_connection_auth)
        * to be authenticated.
        */
       unsigned char *auth_data = NULL;
-      uint32 auth_data_len = 0;
+      SilcUInt32 auth_data_len = 0;
       unsigned char sign[1024];
 
       switch(ctx->auth_meth) {
@@ -663,12 +653,13 @@ SILC_TASK_CALLBACK(silc_client_protocol_connection_auth)
 	  break;
 	}
 
-	client->ops->say(client, conn, SILC_CLIENT_MESSAGE_INFO,
-			 "Password authentication required by server %s",
-			 ctx->sock->hostname);
-	client->ops->ask_passphrase(client, conn,
-				    silc_client_conn_auth_continue,
-				    protocol);
+	client->internal->ops->say(
+			client, conn, SILC_CLIENT_MESSAGE_INFO,
+			"Password authentication required by server %s",
+			ctx->sock->hostname);
+	client->internal->ops->ask_passphrase(client, conn,
+					      silc_client_conn_auth_continue,
+					      protocol);
 	return;
 	break;
 
@@ -792,11 +783,8 @@ silc_client_protocol_rekey_validate(SilcClient client,
   if (!send) {
     memset(conn->rekey->send_enc_key, 0, conn->rekey->enc_key_len);
     silc_free(conn->rekey->send_enc_key);
-    conn->rekey->send_enc_key = 
-      silc_calloc(keymat->enc_key_len / 8,
-		  sizeof(*conn->rekey->send_enc_key));
-    memcpy(conn->rekey->send_enc_key, keymat->send_enc_key, 
-	   keymat->enc_key_len / 8);
+    conn->rekey->send_enc_key = silc_memdup(keymat->send_enc_key,
+					    keymat->enc_key_len / 8);
     conn->rekey->enc_key_len = keymat->enc_key_len / 8;
   }
 }
@@ -811,8 +799,8 @@ silc_client_protocol_rekey_generate(SilcClient client,
 {
   SilcClientConnection conn = (SilcClientConnection)ctx->sock->user_data;
   SilcSKEKeyMaterial *keymat;
-  uint32 key_len = silc_cipher_get_key_len(conn->send_key);
-  uint32 hash_len = conn->hash->hash->hash_len;
+  SilcUInt32 key_len = silc_cipher_get_key_len(conn->send_key);
+  SilcUInt32 hash_len = conn->hash->hash->hash_len;
 
   SILC_LOG_DEBUG(("Generating new %s session keys (no PFS)",
 		  send ? "sending" : "receiving"));
@@ -840,10 +828,10 @@ silc_client_protocol_rekey_generate_pfs(SilcClient client,
 {
   SilcClientConnection conn = (SilcClientConnection)ctx->sock->user_data;
   SilcSKEKeyMaterial *keymat;
-  uint32 key_len = silc_cipher_get_key_len(conn->send_key);
-  uint32 hash_len = conn->hash->hash->hash_len;
+  SilcUInt32 key_len = silc_cipher_get_key_len(conn->send_key);
+  SilcUInt32 hash_len = conn->hash->hash->hash_len;
   unsigned char *tmpbuf;
-  uint32 klen;
+  SilcUInt32 klen;
 
   SILC_LOG_DEBUG(("Generating new %s session keys (with PFS)",
 		  send ? "sending" : "receiving"));
@@ -925,10 +913,9 @@ SILC_TASK_CALLBACK(silc_client_protocol_rekey)
 	    silc_protocol_execute(protocol, client->schedule, 0, 300000);
 	  }
 
-	  ctx->ske = silc_ske_alloc();
-	  ctx->ske->rng = client->rng;
+	  ctx->ske = silc_ske_alloc(client->rng, client);
 	  ctx->ske->prop = silc_calloc(1, sizeof(*ctx->ske->prop));
-	  silc_ske_get_group_by_number(conn->rekey->ske_group,
+	  silc_ske_group_get_by_number(conn->rekey->ske_group,
 				       &ctx->ske->prop->group);
 
 	  silc_ske_set_callbacks(ctx->ske, 
@@ -982,10 +969,9 @@ SILC_TASK_CALLBACK(silc_client_protocol_rekey)
 	   * Use Perfect Forward Secrecy, ie. negotiate the key material
 	   * using the SKE protocol.
 	   */
-	  ctx->ske = silc_ske_alloc();
-	  ctx->ske->rng = client->rng;
+	  ctx->ske = silc_ske_alloc(client->rng, client);
 	  ctx->ske->prop = silc_calloc(1, sizeof(*ctx->ske->prop));
-	  silc_ske_get_group_by_number(conn->rekey->ske_group,
+	  silc_ske_group_get_by_number(conn->rekey->ske_group,
 				       &ctx->ske->prop->group);
 
 	  silc_ske_set_callbacks(ctx->ske, 
@@ -993,7 +979,7 @@ SILC_TASK_CALLBACK(silc_client_protocol_rekey)
 				 NULL,  NULL, NULL, silc_ske_check_version,
 				 context);
       
-	  status =  silc_ske_initiator_phase_2(ctx->ske, NULL, NULL);
+	  status =  silc_ske_initiator_phase_2(ctx->ske, NULL, NULL, 0);
 	  if (status != SILC_SKE_STATUS_OK) {
 	    SILC_LOG_WARNING(("Error (type %d) during Re-key (PFS)",
 			      status));