X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilcske%2Fsilcconnauth.c;h=c3799a8187ead72e327813bf6c7e6b76fb8bf84b;hb=52e57c880aba9c5e89f59d962eb9af75670b76e0;hp=e7b41c55e6b6b36f042db9d3b221b44ba45b8b0e;hpb=22f8d37a64e22f8fbeb58d4f5a61321ef067d7a4;p=silc.git diff --git a/lib/silcske/silcconnauth.c b/lib/silcske/silcconnauth.c index e7b41c55..c3799a81 100644 --- a/lib/silcske/silcconnauth.c +++ b/lib/silcske/silcconnauth.c @@ -357,7 +357,8 @@ SILC_FSM_STATE(silc_connauth_st_initiator_result) SILC_LOG_DEBUG(("Authentication successful")); connauth->success = TRUE; } else { - SILC_LOG_DEBUG(("Authentication failed")); + SILC_LOG_DEBUG(("Authentication failed, packet %s received", + silc_get_packet_name(connauth->packet->type))); connauth->success = FALSE; } silc_packet_free(connauth->packet); @@ -384,8 +385,13 @@ SILC_FSM_STATE(silc_connauth_st_initiator_failure) SILC_PUT32_MSB(SILC_AUTH_FAILED, error); silc_packet_send(connauth->ske->stream, SILC_PACKET_FAILURE, 0, error, 4); + silc_packet_stream_unlink(connauth->ske->stream, + &silc_connauth_stream_cbs, connauth); + silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth); + /* Call completion callback */ connauth->completion(connauth, FALSE, connauth->context); + return SILC_FSM_FINISH; } silc_packet_stream_unlink(connauth->ske->stream, @@ -481,7 +487,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate) if (connauth->aborted) { /** Aborted */ - silc_packet_free(connauth->packet); + if (connauth->packet) + silc_packet_free(connauth->packet); silc_fsm_next(fsm, silc_connauth_st_responder_failure); return SILC_FSM_CONTINUE; } @@ -560,7 +567,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate) /* Passphrase authentication */ if (passphrase && passphrase_len) { SILC_LOG_DEBUG(("Passphrase authentication")); - if (!memcmp(auth_data, passphrase, passphrase_len)) { + if (!auth_data || payload_len != passphrase_len || + memcmp(auth_data, passphrase, passphrase_len)) { /** Authentication failed */ silc_fsm_next(fsm, silc_connauth_st_responder_failure); return SILC_FSM_CONTINUE; @@ -571,6 +579,12 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate) SILC_LOG_DEBUG(("Digital signature authentication")); + if (!auth_data) { + /** Authentication failed */ + silc_fsm_next(fsm, silc_connauth_st_responder_failure); + return SILC_FSM_CONTINUE; + } + connauth->auth_data = silc_memdup(auth_data, payload_len); connauth->auth_data_len = payload_len; @@ -654,13 +668,13 @@ SILC_FSM_STATE(silc_connauth_st_responder_success) SILC_PUT32_MSB(SILC_AUTH_OK, tmp); silc_packet_send(connauth->ske->stream, SILC_PACKET_SUCCESS, 0, tmp, 4); - /* Call completion callback */ - connauth->completion(connauth, TRUE, connauth->context); - silc_packet_stream_unlink(connauth->ske->stream, &silc_connauth_stream_cbs, connauth); silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth); + /* Call completion callback */ + connauth->completion(connauth, TRUE, connauth->context); + return SILC_FSM_FINISH; } @@ -676,8 +690,14 @@ SILC_FSM_STATE(silc_connauth_st_responder_failure) SILC_PUT32_MSB(SILC_AUTH_FAILED, error); silc_packet_send(connauth->ske->stream, SILC_PACKET_FAILURE, 0, error, 4); + silc_packet_stream_unlink(connauth->ske->stream, + &silc_connauth_stream_cbs, connauth); + silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth); + /* Call completion callback */ connauth->completion(connauth, FALSE, connauth->context); + + return SILC_FSM_FINISH; } silc_packet_stream_unlink(connauth->ske->stream,