!(idata->status & SILC_IDLIST_STATUS_REGISTERED)) &&
packet->type != SILC_PACKET_NEW_CLIENT &&
packet->type != SILC_PACKET_NEW_SERVER &&
+ packet->type != SILC_PACKET_RESUME_CLIENT &&
packet->type != SILC_PACKET_CONNECTION_AUTH_REQUEST &&
packet->type != SILC_PACKET_DISCONNECT)
return FALSE;
- /* NEW_CLIENT and NEW_SERVER are accepted only without source ID
- and for unregistered connection. */
+ /* NEW_CLIENT and NEW_SERVER are accepted only without source ID and
+ for unregistered connection. */
if (packet->src_id && (packet->type == SILC_PACKET_NEW_CLIENT ||
packet->type == SILC_PACKET_NEW_SERVER) &&
(idata->status & SILC_IDLIST_STATUS_REGISTERED))
if (server->router_conn && server->router_conn->sock == stream &&
!server->router && server->standalone) {
silc_server_create_connections(server);
+ silc_server_free_sock_user_data(server, stream, NULL);
} else {
/* If backup disconnected then mark that resuming will not be allowed */
if (server->server_type == SILC_ROUTER && !server->backup_router &&
SILC_CONNTYPE_STRING(idata->conn_type),
silc_packet_error_string(error)));
+ if (!silc_packet_stream_is_valid(stream))
+ return;
+
silc_schedule_task_add_timeout(server->schedule,
silc_server_packet_error_timeout,
stream, 0, 0);
SilcID remote_id;
const char *ip;
- SILC_LOG_DEBUG(("Connection authentication completed"));
+ SILC_LOG_DEBUG(("Connection %p authentication completed", sconn));
- sconn->op = NULL;
+ entry->op = NULL;
if (success == FALSE) {
/* Authentication failed */
SilcHmac hmac_send, hmac_receive;
SilcHash hash;
- sconn->op = NULL;
+ SILC_LOG_DEBUG(("Connection %p, SKE completed", sconn));
+
+ entry->op = NULL;
if (status != SILC_SKE_STATUS_OK) {
/* SKE failed */
entry->data.rekey = rekey;
/* Start connection authentication */
- sconn->op =
+ entry->op =
silc_connauth_initiator(connauth, server->server_type == SILC_SERVER ?
SILC_CONN_SERVER : SILC_CONN_ROUTER, auth_meth,
auth_data, auth_data_len,
params.flags |= SILC_SKE_SP_FLAG_PFS;
/* Start SILC Key Exchange protocol */
- SILC_LOG_DEBUG(("Starting key exchange protocol"));
+ SILC_LOG_DEBUG(("Starting key exchange protocol, connection %p", sconn));
ske = silc_ske_alloc(server->rng, server->schedule, server->repository,
server->public_key, server->private_key, sconn);
if (!ske) {
/* Start key exchange protocol */
params.version = silc_version_string;
params.timeout_secs = server->config->key_exchange_timeout;
- sconn->op = silc_ske_initiator(ske, sconn->sock, ¶ms, NULL);
+ entry->op = silc_ske_initiator(ske, sconn->sock, ¶ms, NULL);
}
/* Timeout callback that will be called to retry connecting to remote
switch (status) {
case SILC_NET_OK:
- SILC_LOG_DEBUG(("Connection to %s:%d established",
+ SILC_LOG_DEBUG(("Connection %p to %s:%d established", sconn,
sconn->remote_host, sconn->remote_port));
/* Continue with key exchange protocol */
if (cconfig->publickeys)
*repository = server->repository;
- entry->data.conn_type = conn_type;
+ if (cconfig->publickeys) {
+ if (server->config->prefer_passphrase_auth) {
+ *repository = NULL;
+ } else {
+ *passphrase = NULL;
+ *passphrase_len = 0;
+ }
+ }
+
+ entry->conn_type = conn_type;
return TRUE;
}
if (sconfig->publickeys)
*repository = server->repository;
- entry->data.conn_type = conn_type;
+ if (sconfig->publickeys) {
+ if (server->config->prefer_passphrase_auth) {
+ *repository = NULL;
+ } else {
+ *passphrase = NULL;
+ *passphrase_len = 0;
+ }
+ }
+
+ entry->conn_type = conn_type;
return TRUE;
}
if (rconfig->publickeys)
*repository = server->repository;
- entry->data.conn_type = conn_type;
+ if (rconfig->publickeys) {
+ if (server->config->prefer_passphrase_auth) {
+ *repository = NULL;
+ } else {
+ *passphrase = NULL;
+ *passphrase_len = 0;
+ }
+ }
+
+ entry->conn_type = conn_type;
return TRUE;
}
SILC_LOG_DEBUG(("Checking whether connection is allowed"));
- switch (entry->data.conn_type) {
+ switch (entry->conn_type) {
case SILC_CONN_CLIENT:
{
SilcClientEntry client;
SilcServerConfigClient *conn = entry->cconfig.ref_ptr;
/* Verify whether this connection is after all allowed to connect */
- if (!silc_server_connection_allowed(server, sock, entry->data.conn_type,
+ if (!silc_server_connection_allowed(server, sock, entry->conn_type,
&server->config->param,
conn->param,
silc_connauth_get_ske(connauth))) {
goto out;
}
entry->data.status |= SILC_IDLIST_STATUS_LOCAL;
+ entry->data.conn_type = SILC_CONN_CLIENT;
/* Statistics */
server->stat.my_clients++;
}
/* Add public key to repository */
+ SILC_LOG_DEBUG(("Add client public key to repository"));
if (!silc_server_get_public_key_by_client(server, client, NULL))
silc_skr_add_public_key_simple(server->repository,
entry->data.public_key,
and we do not have connection to primary router, do not allow
the connection. */
if (server->server_type == SILC_BACKUP_ROUTER &&
- entry->data.conn_type == SILC_CONN_SERVER &&
+ entry->conn_type == SILC_CONN_SERVER &&
!SILC_PRIMARY_ROUTE(server)) {
SILC_LOG_INFO(("Will not accept server connection because we do "
"not have primary router connection established"));
goto out;
}
- if (entry->data.conn_type == SILC_CONN_ROUTER) {
+ if (entry->conn_type == SILC_CONN_ROUTER) {
/* Verify whether this connection is after all allowed to connect */
if (!silc_server_connection_allowed(server, sock,
- entry->data.conn_type,
+ entry->conn_type,
&server->config->param,
rconn ? rconn->param : NULL,
silc_connauth_get_ske(connauth))) {
}
}
- if (entry->data.conn_type == SILC_CONN_SERVER) {
+ if (entry->conn_type == SILC_CONN_SERVER) {
/* Verify whether this connection is after all allowed to connect */
if (!silc_server_connection_allowed(server, sock,
- entry->data.conn_type,
+ entry->conn_type,
&server->config->param,
srvconn ? srvconn->param : NULL,
silc_connauth_get_ske(connauth))) {
}
SILC_LOG_DEBUG(("Remote host is %s",
- entry->data.conn_type == SILC_CONN_SERVER ?
+ entry->conn_type == SILC_CONN_SERVER ?
"server" : (backup_router ?
"backup router" : "router")));
SILC_LOG_INFO(("Connection %s (%s) is %s", entry->hostname,
- entry->ip, entry->data.conn_type == SILC_CONN_SERVER ?
+ entry->ip, entry->conn_type == SILC_CONN_SERVER ?
"server" : (backup_router ?
"backup router" : "router")));
server. We mark ourselves as router for this server if we really
are router. */
new_server =
- silc_idlist_add_server((entry->data.conn_type == SILC_CONN_SERVER ?
+ silc_idlist_add_server((entry->conn_type == SILC_CONN_SERVER ?
server->local_list : (backup_router ?
server->local_list :
server->global_list)),
NULL,
- (entry->data.conn_type == SILC_CONN_SERVER ?
+ (entry->conn_type == SILC_CONN_SERVER ?
SILC_SERVER : SILC_ROUTER),
NULL,
- (entry->data.conn_type == SILC_CONN_SERVER ?
+ (entry->conn_type == SILC_CONN_SERVER ?
server->id_entry : (backup_router ?
server->id_entry : NULL)),
sock);
goto out;
}
entry->data.status |= SILC_IDLIST_STATUS_LOCAL;
+ entry->data.conn_type = entry->conn_type;
id_entry = (void *)new_server;
pk = silc_pkcs_public_key_encode(idata->public_key, &pk_len);
silc_hash_make(server->sha1hash, pk, pk_len, idata->fingerprint);
+ silc_hash_alloc(silc_hash_get_name(prop->hash), &idata->hash);
+
SILC_LOG_DEBUG(("Starting connection authentication"));
server->stat.auth_attempts++;
SILC_TASK_CALLBACK(silc_server_close_connection_final)
{
- silc_packet_stream_destroy(context);
+ silc_packet_stream_unref(context);
}
/* Closes connection to socket connection */
const char *hostname;
SilcUInt16 port;
+ if (!silc_packet_stream_is_valid(sock))
+ return;
+
memset(tmp, 0, sizeof(tmp));
// silc_socket_get_error(sock, tmp, sizeof(tmp));
silc_socket_stream_get_info(silc_packet_stream_get_stream(sock),
idata->sconn = NULL;
}
+ /* Take a reference and then destroy the stream. The last reference
+ is released later in a timeout callback. */
+ silc_packet_stream_ref(sock);
+ silc_packet_stream_destroy(sock);
+
/* Close connection with timeout */
server->stat.conn_num--;
silc_schedule_task_del_by_all(server->schedule, 0,
projects / runtime.git / blobdiff