5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 1997 - 2001 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
21 * Server side of the protocols.
25 #include "serverincludes.h"
26 #include "server_internal.h"
28 SILC_TASK_CALLBACK(silc_server_protocol_connection_auth);
29 SILC_TASK_CALLBACK(silc_server_protocol_key_exchange);
30 SILC_TASK_CALLBACK(silc_server_protocol_rekey);
32 extern char *silc_version_string;
35 * Key Exhange protocol functions
39 silc_verify_public_key_internal(SilcServer server, SilcSocketConnection sock,
40 SilcSocketType conn_type,
41 unsigned char *pk, SilcUInt32 pk_len,
42 SilcSKEPKType pk_type)
44 char file[256], filename[256], *fingerprint;
47 if (pk_type != SILC_SKE_PK_TYPE_SILC) {
48 SILC_LOG_WARNING(("We don't support %s (%s) port %d public key type %d",
49 sock->hostname, sock->ip, sock->port, pk_type));
53 /* Accept client keys without verification */
54 if (conn_type == SILC_SOCKET_TYPE_CLIENT) {
55 SILC_LOG_DEBUG(("Accepting client public key without verification"));
59 /* XXX For now, accept server keys without verification too. We are
60 currently always doing mutual authentication so the proof of posession
61 of the private key is verified, and if server is authenticated in
62 conn auth protocol with public key we MUST have the key already. */
64 /* Rest is unreachable code! */
66 memset(filename, 0, sizeof(filename));
67 memset(file, 0, sizeof(file));
68 snprintf(file, sizeof(file) - 1, "serverkey_%s_%d.pub", sock->hostname,
70 snprintf(filename, sizeof(filename) - 1, SILC_ETCDIR "/serverkeys/%s",
73 /* Create serverkeys directory if it doesn't exist. */
74 if (stat(SILC_ETCDIR "/serverkeys", &st) < 0) {
75 /* If dir doesn't exist */
76 if (errno == ENOENT) {
77 if (mkdir(SILC_ETCDIR "/serverkeys", 0755) < 0) {
78 SILC_LOG_ERROR(("Couldn't create `%s' directory\n",
79 SILC_ETCDIR "/serverkeys"));
83 SILC_LOG_ERROR(("%s\n", strerror(errno)));
88 /* Take fingerprint of the public key */
89 fingerprint = silc_hash_fingerprint(NULL, pk, pk_len);
90 SILC_LOG_DEBUG(("Received server %s (%s) port %d public key (%s)",
91 sock->hostname, sock->ip, sock->port, fingerprint));
92 silc_free(fingerprint);
94 /* Check whether this key already exists */
95 if (stat(filename, &st) < 0) {
96 /* We don't have it, then cache it. */
97 SILC_LOG_DEBUG(("New public key from server"));
99 silc_pkcs_save_public_key_data(filename, pk, pk_len,
103 /* The key already exists, verify it. */
104 SilcPublicKey public_key;
105 unsigned char *encpk;
106 SilcUInt32 encpk_len;
108 SILC_LOG_DEBUG(("We have the public key saved locally"));
110 /* Load the key file */
111 if (!silc_pkcs_load_public_key(filename, &public_key,
113 if (!silc_pkcs_load_public_key(filename, &public_key,
114 SILC_PKCS_FILE_BIN)) {
115 SILC_LOG_WARNING(("Could not load local copy of the %s (%s) port %d "
116 "server public key", sock->hostname, sock->ip,
119 /* Save the key for future checking */
121 silc_pkcs_save_public_key_data(filename, pk, pk_len,
126 /* Encode the key data */
127 encpk = silc_pkcs_public_key_encode(public_key, &encpk_len);
129 SILC_LOG_WARNING(("Local copy of the server %s (%s) port %d public key "
130 "is malformed", sock->hostname, sock->ip, sock->port));
132 /* Save the key for future checking */
134 silc_pkcs_save_public_key_data(filename, pk, pk_len, SILC_PKCS_FILE_PEM);
138 if (memcmp(pk, encpk, encpk_len)) {
139 SILC_LOG_WARNING(("%s (%s) port %d server public key does not match "
140 "with local copy", sock->hostname, sock->ip,
142 SILC_LOG_WARNING(("It is possible that the key has expired or changed"));
143 SILC_LOG_WARNING(("It is also possible that some one is performing "
144 "man-in-the-middle attack"));
145 SILC_LOG_WARNING(("Will not accept the server %s (%s) port %d public "
147 sock->hostname, sock->ip, sock->port));
151 /* Local copy matched */
156 /* Callback that is called when we have received KE2 payload from
157 responder. We try to verify the public key now. */
160 silc_server_protocol_ke_verify_key(SilcSKE ske,
161 unsigned char *pk_data,
163 SilcSKEPKType pk_type,
165 SilcSKEVerifyCbCompletion completion,
166 void *completion_context)
168 SilcProtocol protocol = (SilcProtocol)context;
169 SilcServerKEInternalContext *ctx =
170 (SilcServerKEInternalContext *)protocol->context;
171 SilcServer server = (SilcServer)ctx->server;
173 SILC_LOG_DEBUG(("Start"));
175 if (silc_verify_public_key_internal(server, ctx->sock,
176 (ctx->responder == FALSE ?
177 SILC_SOCKET_TYPE_ROUTER:
178 ctx->sconfig ? SILC_SOCKET_TYPE_SERVER :
179 ctx->rconfig ? SILC_SOCKET_TYPE_ROUTER :
180 SILC_SOCKET_TYPE_CLIENT),
181 pk_data, pk_len, pk_type))
182 completion(ske, SILC_SKE_STATUS_OK, completion_context);
184 completion(ske, SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
188 /* Packet sending callback. This function is provided as packet sending
189 routine to the Key Exchange functions. */
191 static void silc_server_protocol_ke_send_packet(SilcSKE ske,
196 SilcProtocol protocol = (SilcProtocol)context;
197 SilcServerKEInternalContext *ctx =
198 (SilcServerKEInternalContext *)protocol->context;
199 SilcServer server = (SilcServer)ctx->server;
201 /* Send the packet immediately */
202 silc_server_packet_send(server, ske->sock,
203 type, 0, packet->data, packet->len, TRUE);
206 /* Sets the negotiated key material into use for particular connection. */
208 int silc_server_protocol_ke_set_keys(SilcServer server,
210 SilcSocketConnection sock,
211 SilcSKEKeyMaterial *keymat,
216 SilcSKEDiffieHellmanGroup group,
219 SilcUnknownEntry conn_data;
220 SilcIDListData idata;
222 SILC_LOG_DEBUG(("Setting new key into use"));
224 conn_data = silc_calloc(1, sizeof(*conn_data));
225 idata = (SilcIDListData)conn_data;
227 /* Allocate cipher to be used in the communication */
228 if (!silc_cipher_alloc(cipher->cipher->name, &idata->send_key)) {
229 silc_free(conn_data);
230 SILC_LOG_ERROR(("Cannot allocate algorithm: %s", cipher->cipher->name));
233 if (!silc_cipher_alloc(cipher->cipher->name, &idata->receive_key)) {
234 silc_free(conn_data);
235 SILC_LOG_ERROR(("Cannot allocate algorithm: %s", cipher->cipher->name));
239 if (!silc_hmac_alloc((char *)silc_hmac_get_name(hmac), NULL,
240 &idata->hmac_send)) {
241 silc_cipher_free(idata->send_key);
242 silc_cipher_free(idata->receive_key);
243 silc_free(conn_data);
244 SILC_LOG_ERROR(("Cannot allocate algorithm: %s",
245 silc_hmac_get_name(hmac)));
249 if (!silc_hmac_alloc((char *)silc_hmac_get_name(hmac), NULL,
250 &idata->hmac_receive)) {
251 silc_cipher_free(idata->send_key);
252 silc_cipher_free(idata->receive_key);
253 silc_hmac_free(idata->hmac_send);
254 silc_free(conn_data);
255 SILC_LOG_ERROR(("Cannot allocate algorithm: %s",
256 silc_hmac_get_name(hmac)));
260 if (is_responder == TRUE) {
261 silc_cipher_set_key(idata->send_key, keymat->receive_enc_key,
262 keymat->enc_key_len);
263 silc_cipher_set_iv(idata->send_key, keymat->receive_iv);
264 silc_cipher_set_key(idata->receive_key, keymat->send_enc_key,
265 keymat->enc_key_len);
266 silc_cipher_set_iv(idata->receive_key, keymat->send_iv);
267 silc_hmac_set_key(idata->hmac_send, keymat->receive_hmac_key,
268 keymat->hmac_key_len);
269 silc_hmac_set_key(idata->hmac_receive, keymat->send_hmac_key,
270 keymat->hmac_key_len);
272 silc_cipher_set_key(idata->send_key, keymat->send_enc_key,
273 keymat->enc_key_len);
274 silc_cipher_set_iv(idata->send_key, keymat->send_iv);
275 silc_cipher_set_key(idata->receive_key, keymat->receive_enc_key,
276 keymat->enc_key_len);
277 silc_cipher_set_iv(idata->receive_key, keymat->receive_iv);
278 silc_hmac_set_key(idata->hmac_send, keymat->send_hmac_key,
279 keymat->hmac_key_len);
280 silc_hmac_set_key(idata->hmac_receive, keymat->receive_hmac_key,
281 keymat->hmac_key_len);
284 idata->rekey = silc_calloc(1, sizeof(*idata->rekey));
285 idata->rekey->send_enc_key = silc_memdup(keymat->send_enc_key,
286 keymat->enc_key_len / 8);
287 idata->rekey->enc_key_len = keymat->enc_key_len / 8;
289 if (ske->prop->flags & SILC_SKE_SP_FLAG_PFS)
290 idata->rekey->pfs = TRUE;
291 idata->rekey->ske_group = silc_ske_group_get_number(group);
294 if (!silc_hash_alloc(hash->hash->name, &idata->hash)) {
295 silc_cipher_free(idata->send_key);
296 silc_cipher_free(idata->receive_key);
297 silc_hmac_free(idata->hmac_send);
298 silc_hmac_free(idata->hmac_receive);
299 silc_free(conn_data);
300 SILC_LOG_ERROR(("Cannot allocate algorithm: %s", hash->hash->name));
304 /* Save the remote host's public key */
305 silc_pkcs_public_key_decode(ske->ke1_payload->pk_data,
306 ske->ke1_payload->pk_len, &idata->public_key);
307 if (ske->prop->flags & SILC_SKE_SP_FLAG_MUTUAL)
308 silc_hash_make(server->sha1hash, ske->ke1_payload->pk_data,
309 ske->ke1_payload->pk_len, idata->fingerprint);
311 sock->user_data = (void *)conn_data;
313 SILC_LOG_INFO(("%s (%s) security properties: %s %s %s",
314 sock->hostname, sock->ip,
315 idata->send_key->cipher->name,
316 (char *)silc_hmac_get_name(idata->hmac_send),
317 idata->hash->hash->name));
322 /* Check remote host version string */
324 SilcSKEStatus silc_ske_check_version(SilcSKE ske, unsigned char *version,
325 SilcUInt32 len, void *context)
327 SilcSKEStatus status = SILC_SKE_STATUS_OK;
329 int maj = 0, min = 0, build = 0, maj2 = 0, min2 = 0, build2 = 0;
331 SILC_LOG_INFO(("%s (%s) is version %s", ske->sock->hostname,
332 ske->sock->ip, version));
334 /* Check for initial version string */
335 if (!strstr(version, "SILC-1.0-"))
336 status = SILC_SKE_STATUS_BAD_VERSION;
338 /* Check software version */
342 status = SILC_SKE_STATUS_BAD_VERSION;
345 cp = strchr(cp, '.');
351 cp = strchr(cp, '.');
353 build = atoi(cp + 1);
356 cp = silc_version_string + 9;
358 status = SILC_SKE_STATUS_BAD_VERSION;
361 cp = strchr(cp, '.');
367 cp = strchr(cp, '.');
369 build2 = atoi(cp + 1);
373 status = SILC_SKE_STATUS_BAD_VERSION;
375 if (status == SILC_SKE_STATUS_BAD_VERSION)
376 SILC_LOG_ERROR(("%s (%s) %s is not allowed/supported version",
377 ske->sock->hostname, ske->sock->ip, version));
382 /* Callback that is called by the SKE to indicate that it is safe to
383 continue the execution of the protocol. This is used only if we are
384 initiator. Is given as argument to the silc_ske_initiator_finish or
385 silc_ske_responder_phase_2 functions. This is called due to the fact
386 that the public key verification process is asynchronous and we must
387 not continue the protocl until the public key has been verified and
388 this callback is called. */
390 static void silc_server_protocol_ke_continue(SilcSKE ske, void *context)
392 SilcProtocol protocol = (SilcProtocol)context;
393 SilcServerKEInternalContext *ctx =
394 (SilcServerKEInternalContext *)protocol->context;
395 SilcServer server = (SilcServer)ctx->server;
397 SILC_LOG_DEBUG(("Start"));
399 if (ske->status != SILC_SKE_STATUS_OK) {
400 SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol",
401 silc_ske_map_status(ske->status)));
403 protocol->state = SILC_PROTOCOL_STATE_ERROR;
404 silc_protocol_execute(protocol, server->schedule, 0, 300000);
408 /* Send Ok to the other end. We will end the protocol as responder
409 sends Ok to us when we will take the new keys into use. */
410 if (ctx->responder == FALSE) {
411 silc_ske_end(ctx->ske);
413 /* End the protocol on the next round */
414 protocol->state = SILC_PROTOCOL_STATE_END;
417 /* Advance protocol state and call the next state if we are responder.
418 This happens when this callback was sent to silc_ske_responder_phase_2
420 if (ctx->responder == TRUE) {
422 silc_protocol_execute(protocol, server->schedule, 0, 100000);
426 /* Performs key exchange protocol. This is used for both initiator
427 and responder key exchange. This is performed always when accepting
428 new connection to the server. This may be called recursively. */
430 SILC_TASK_CALLBACK(silc_server_protocol_key_exchange)
432 SilcProtocol protocol = (SilcProtocol)context;
433 SilcServerKEInternalContext *ctx =
434 (SilcServerKEInternalContext *)protocol->context;
435 SilcServer server = (SilcServer)ctx->server;
436 SilcSKEStatus status = SILC_SKE_STATUS_OK;
438 SILC_LOG_DEBUG(("Start"));
440 if (protocol->state == SILC_PROTOCOL_STATE_UNKNOWN)
441 protocol->state = SILC_PROTOCOL_STATE_START;
443 SILC_LOG_DEBUG(("State=%d", protocol->state));
445 switch(protocol->state) {
446 case SILC_PROTOCOL_STATE_START:
453 /* Allocate Key Exchange object */
454 ctx->ske = ske = silc_ske_alloc(server->rng, server);
456 silc_ske_set_callbacks(ske, silc_server_protocol_ke_send_packet, NULL,
457 silc_server_protocol_ke_verify_key,
458 silc_server_protocol_ke_continue,
459 silc_ske_check_version, context);
461 if (ctx->responder == TRUE) {
462 /* Start the key exchange by processing the received security
463 properties packet from initiator. */
464 status = silc_ske_responder_start(ske, ctx->rng, ctx->sock,
466 ctx->packet->buffer, ctx->flags);
468 SilcSKEStartPayload *start_payload;
470 /* Assemble security properties. */
471 silc_ske_assemble_security_properties(ske, ctx->flags,
475 /* Start the key exchange by sending our security properties
476 to the remote end. */
477 status = silc_ske_initiator_start(ske, ctx->rng, ctx->sock,
481 /* Return now if the procedure is pending. */
482 if (status == SILC_SKE_STATUS_PENDING)
485 if (status != SILC_SKE_STATUS_OK) {
486 SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol",
487 silc_ske_map_status(status)));
489 protocol->state = SILC_PROTOCOL_STATE_ERROR;
490 silc_protocol_execute(protocol, server->schedule, 0, 300000);
494 /* Advance protocol state and call the next state if we are responder */
496 if (ctx->responder == TRUE)
497 silc_protocol_execute(protocol, server->schedule, 0, 100000);
505 if (ctx->responder == TRUE) {
506 /* Sends the selected security properties to the initiator. */
507 status = silc_ske_responder_phase_1(ctx->ske);
509 /* Call Phase-1 function. This processes the Key Exchange Start
510 paylaod reply we just got from the responder. The callback
511 function will receive the processed payload where we will
513 status = silc_ske_initiator_phase_1(ctx->ske, ctx->packet->buffer);
516 /* Return now if the procedure is pending. */
517 if (status == SILC_SKE_STATUS_PENDING)
520 if (status != SILC_SKE_STATUS_OK) {
521 SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol",
522 silc_ske_map_status(status)));
524 protocol->state = SILC_PROTOCOL_STATE_ERROR;
525 silc_protocol_execute(protocol, server->schedule, 0, 300000);
529 /* Advance protocol state and call next state if we are initiator */
531 if (ctx->responder == FALSE)
532 silc_protocol_execute(protocol, server->schedule, 0, 100000);
540 if (ctx->responder == TRUE) {
541 /* Process the received Key Exchange 1 Payload packet from
542 the initiator. This also creates our parts of the Diffie
543 Hellman algorithm. The silc_server_protocol_ke_continue
544 will be called after the public key has been verified. */
545 status = silc_ske_responder_phase_2(ctx->ske, ctx->packet->buffer);
547 /* Call the Phase-2 function. This creates Diffie Hellman
548 key exchange parameters and sends our public part inside
549 Key Exhange 1 Payload to the responder. */
550 status = silc_ske_initiator_phase_2(ctx->ske,
553 SILC_SKE_PK_TYPE_SILC);
557 /* Return now if the procedure is pending. */
558 if (status == SILC_SKE_STATUS_PENDING)
561 if (status != SILC_SKE_STATUS_OK) {
562 SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol",
563 silc_ske_map_status(status)));
565 protocol->state = SILC_PROTOCOL_STATE_ERROR;
566 silc_protocol_execute(protocol, server->schedule, 0, 300000);
576 if (ctx->responder == TRUE) {
577 /* This creates the key exchange material and sends our
578 public parts to the initiator inside Key Exchange 2 Payload. */
579 status = silc_ske_responder_finish(ctx->ske,
582 SILC_SKE_PK_TYPE_SILC);
584 /* End the protocol on the next round */
585 protocol->state = SILC_PROTOCOL_STATE_END;
587 /* Finish the protocol. This verifies the Key Exchange 2 payload
588 sent by responder. The silc_server_protocol_ke_continue will
589 be called after the public key has been verified. */
590 status = silc_ske_initiator_finish(ctx->ske, ctx->packet->buffer);
593 /* Return now if the procedure is pending. */
594 if (status == SILC_SKE_STATUS_PENDING)
597 if (status != SILC_SKE_STATUS_OK) {
598 SILC_LOG_ERROR(("Error (%s) during Key Exchange protocol",
599 silc_ske_map_status(status)));
601 protocol->state = SILC_PROTOCOL_STATE_ERROR;
602 silc_protocol_execute(protocol, server->schedule, 0, 300000);
608 case SILC_PROTOCOL_STATE_END:
613 SilcSKEKeyMaterial *keymat;
614 int key_len = silc_cipher_get_key_len(ctx->ske->prop->cipher);
615 int hash_len = ctx->ske->prop->hash->hash->hash_len;
617 /* Process the key material */
618 keymat = silc_calloc(1, sizeof(*keymat));
619 status = silc_ske_process_key_material(ctx->ske, 16, key_len, hash_len,
621 if (status != SILC_SKE_STATUS_OK) {
622 SILC_LOG_ERROR(("Error during Key Exchange protocol: "
623 "could not process key material"));
625 protocol->state = SILC_PROTOCOL_STATE_ERROR;
626 silc_protocol_execute(protocol, server->schedule, 0, 300000);
627 silc_ske_free_key_material(keymat);
630 ctx->keymat = keymat;
632 /* Send Ok to the other end if we are responder. If we are initiator
633 we have sent this already. */
634 if (ctx->responder == TRUE)
635 silc_ske_end(ctx->ske);
637 /* Unregister the timeout task since the protocol has ended.
638 This was the timeout task to be executed if the protocol is
639 not completed fast enough. */
640 if (ctx->timeout_task)
641 silc_schedule_task_del(server->schedule, ctx->timeout_task);
643 /* Assure that after calling final callback there cannot be pending
644 executions for this protocol anymore. This just unregisters any
645 timeout callbacks for this protocol. */
646 silc_protocol_cancel(protocol, server->schedule);
648 /* Call the final callback */
649 if (protocol->final_callback)
650 silc_protocol_execute_final(protocol, server->schedule);
652 silc_protocol_free(protocol);
656 case SILC_PROTOCOL_STATE_ERROR:
661 /* Send abort notification */
662 silc_ske_abort(ctx->ske, ctx->ske->status);
664 /* Unregister the timeout task since the protocol has ended.
665 This was the timeout task to be executed if the protocol is
666 not completed fast enough. */
667 if (ctx->timeout_task)
668 silc_schedule_task_del(server->schedule, ctx->timeout_task);
670 /* Assure that after calling final callback there cannot be pending
671 executions for this protocol anymore. This just unregisters any
672 timeout callbacks for this protocol. */
673 silc_protocol_cancel(protocol, server->schedule);
675 /* On error the final callback is always called. */
676 if (protocol->final_callback)
677 silc_protocol_execute_final(protocol, server->schedule);
679 silc_protocol_free(protocol);
682 case SILC_PROTOCOL_STATE_FAILURE:
684 * We have received failure from remote
687 /* Unregister the timeout task since the protocol has ended.
688 This was the timeout task to be executed if the protocol is
689 not completed fast enough. */
690 if (ctx->timeout_task)
691 silc_schedule_task_del(server->schedule, ctx->timeout_task);
693 /* Assure that after calling final callback there cannot be pending
694 executions for this protocol anymore. This just unregisters any
695 timeout callbacks for this protocol. */
696 silc_protocol_cancel(protocol, server->schedule);
698 /* On error the final callback is always called. */
699 if (protocol->final_callback)
700 silc_protocol_execute_final(protocol, server->schedule);
702 silc_protocol_free(protocol);
705 case SILC_PROTOCOL_STATE_UNKNOWN:
711 * Connection Authentication protocol functions
715 silc_server_password_authentication(SilcServer server, char *remote_auth,
718 if (!remote_auth || !local_auth)
721 if (!memcmp(remote_auth, local_auth, strlen(local_auth)))
728 silc_server_public_key_authentication(SilcServer server,
729 SilcPublicKey pub_key,
738 if (!pub_key || !sign)
741 silc_pkcs_alloc(pub_key->name, &pkcs);
742 if (!silc_pkcs_public_key_set(pkcs, pub_key)) {
743 silc_pkcs_free(pkcs);
747 /* Make the authentication data. Protocol says it is HASH plus
749 len = ske->hash_len + ske->start_payload_copy->len;
750 auth = silc_buffer_alloc(len);
751 silc_buffer_pull_tail(auth, len);
752 silc_buffer_format(auth,
753 SILC_STR_UI_XNSTRING(ske->hash, ske->hash_len),
754 SILC_STR_UI_XNSTRING(ske->start_payload_copy->data,
755 ske->start_payload_copy->len),
758 /* Verify signature */
759 if (silc_pkcs_verify_with_hash(pkcs, ske->prop->hash, sign, sign_len,
760 auth->data, auth->len)) {
761 silc_pkcs_free(pkcs);
762 silc_buffer_free(auth);
766 silc_pkcs_free(pkcs);
767 silc_buffer_free(auth);
772 silc_server_get_public_key_auth(SilcServer server,
773 unsigned char **auth_data,
774 SilcUInt32 *auth_data_len,
783 /* Make the authentication data. Protocol says it is HASH plus
785 len = ske->hash_len + ske->start_payload_copy->len;
786 auth = silc_buffer_alloc(len);
787 silc_buffer_pull_tail(auth, len);
788 silc_buffer_format(auth,
789 SILC_STR_UI_XNSTRING(ske->hash, ske->hash_len),
790 SILC_STR_UI_XNSTRING(ske->start_payload_copy->data,
791 ske->start_payload_copy->len),
794 *auth_data = silc_calloc(silc_pkcs_get_key_len(pkcs), sizeof(**auth_data));
795 if (silc_pkcs_sign_with_hash(pkcs, ske->prop->hash, auth->data,
796 auth->len, *auth_data, auth_data_len)) {
797 silc_buffer_free(auth);
801 silc_free(*auth_data);
802 silc_buffer_free(auth);
806 /* Function that actually performs the authentication to the remote. This
807 supports both passphrase and public key authentication. */
810 silc_server_get_authentication(SilcServerConnAuthInternalContext *ctx,
811 char *local_passphrase,
812 SilcHashTable local_publickeys,
813 unsigned char *remote_auth,
814 SilcUInt32 remote_auth_len)
816 SilcServer server = (SilcServer)ctx->server;
817 SilcSKE ske = ctx->ske;
820 /* If we don't have authentication data set at all we do not require
821 authentication at all */
822 if (!local_passphrase && (!local_publickeys ||
823 !silc_hash_table_count(local_publickeys))) {
824 SILC_LOG_DEBUG(("No authentication required"));
828 /* If both passphrase and public key is provided then we'll try both of
829 them and see which one of them authenticates. If only one of them is
830 set, then try only that. */
832 /* Try first passphrase (as it is faster to check) */
833 if (local_passphrase) {
834 SILC_LOG_DEBUG(("Password authentication"));
835 result = silc_server_password_authentication(server, local_passphrase,
839 /* Try public key authenetication */
840 if (!result && local_publickeys) {
841 SilcPublicKey cached_key;
842 SilcPublicKey remote_key =
843 ((SilcIDListData)ctx->sock->user_data)->public_key;
845 SILC_LOG_DEBUG(("Public key authentication"));
847 /* Find the public key to be used in authentication */
848 cached_key = silc_server_find_public_key(server, local_publickeys,
853 result = silc_server_public_key_authentication(server, cached_key,
855 remote_auth_len, ske);
861 /* Performs connection authentication protocol. If responder, we
862 authenticate the remote data received. If initiator, we will send
863 authentication data to the remote end. */
865 SILC_TASK_CALLBACK(silc_server_protocol_connection_auth)
867 SilcProtocol protocol = (SilcProtocol)context;
868 SilcServerConnAuthInternalContext *ctx =
869 (SilcServerConnAuthInternalContext *)protocol->context;
870 SilcServer server = (SilcServer)ctx->server;
872 SILC_LOG_DEBUG(("Start"));
874 if (protocol->state == SILC_PROTOCOL_STATE_UNKNOWN)
875 protocol->state = SILC_PROTOCOL_STATE_START;
877 SILC_LOG_DEBUG(("State=%d", protocol->state));
879 switch(protocol->state) {
880 case SILC_PROTOCOL_STATE_START:
886 if (ctx->responder == TRUE) {
888 * We are receiving party
891 SilcUInt16 payload_len;
892 SilcUInt16 conn_type;
893 unsigned char *auth_data = NULL;
895 SILC_LOG_INFO(("Performing authentication protocol for %s (%s)",
896 ctx->sock->hostname, ctx->sock->ip));
898 /* Parse the received authentication data packet. The received
899 payload is Connection Auth Payload. */
900 ret = silc_buffer_unformat(ctx->packet->buffer,
901 SILC_STR_UI_SHORT(&payload_len),
902 SILC_STR_UI_SHORT(&conn_type),
905 SILC_LOG_ERROR(("Bad payload in authentication packet"));
906 protocol->state = SILC_PROTOCOL_STATE_ERROR;
907 silc_protocol_execute(protocol, server->schedule, 0, 300000);
911 if (payload_len != ctx->packet->buffer->len) {
912 SILC_LOG_ERROR(("Bad payload length in authentication packet"));
913 protocol->state = SILC_PROTOCOL_STATE_ERROR;
914 silc_protocol_execute(protocol, server->schedule, 0, 300000);
920 if (conn_type < SILC_SOCKET_TYPE_CLIENT ||
921 conn_type > SILC_SOCKET_TYPE_ROUTER) {
922 SILC_LOG_ERROR(("Bad connection type (%d) in authentication packet",
924 protocol->state = SILC_PROTOCOL_STATE_ERROR;
925 silc_protocol_execute(protocol, server->schedule, 0, 300000);
929 if (payload_len > 0) {
930 /* Get authentication data */
931 silc_buffer_pull(ctx->packet->buffer, 4);
932 ret = silc_buffer_unformat(ctx->packet->buffer,
933 SILC_STR_UI_XNSTRING_ALLOC(&auth_data,
937 SILC_LOG_DEBUG(("Bad payload in authentication payload"));
938 protocol->state = SILC_PROTOCOL_STATE_ERROR;
939 silc_protocol_execute(protocol, server->schedule, 0, 300000);
945 * Check the remote connection type and make sure that we have
946 * configured this connection. If we haven't allowed this connection
947 * the authentication must be failed.
950 SILC_LOG_DEBUG(("Remote connection type %d", conn_type));
952 /* Remote end is client */
953 if (conn_type == SILC_SOCKET_TYPE_CLIENT) {
954 SilcServerConfigClient *client = ctx->cconfig;
957 ret = silc_server_get_authentication(ctx, client->passphrase,
959 auth_data, payload_len);
961 /* Authentication failed */
962 SILC_LOG_ERROR(("Authentication failed"));
963 silc_free(auth_data);
964 protocol->state = SILC_PROTOCOL_STATE_ERROR;
965 silc_protocol_execute(protocol, server->schedule, 0, 300000);
969 SILC_LOG_ERROR(("Remote client connection not configured"));
970 SILC_LOG_ERROR(("Authentication failed"));
971 silc_free(auth_data);
972 protocol->state = SILC_PROTOCOL_STATE_ERROR;
973 silc_protocol_execute(protocol, server->schedule,
979 /* Remote end is server */
980 if (conn_type == SILC_SOCKET_TYPE_SERVER) {
981 SilcServerConfigServer *serv = ctx->sconfig;
984 ret = silc_server_get_authentication(ctx, serv->passphrase,
986 auth_data, payload_len);
988 /* Authentication failed */
989 SILC_LOG_ERROR(("Authentication failed"));
990 silc_free(auth_data);
991 protocol->state = SILC_PROTOCOL_STATE_ERROR;
992 silc_protocol_execute(protocol, server->schedule, 0, 300000);
996 SILC_LOG_ERROR(("Remote server connection not configured"));
997 SILC_LOG_ERROR(("Authentication failed"));
998 protocol->state = SILC_PROTOCOL_STATE_ERROR;
999 silc_protocol_execute(protocol, server->schedule,
1001 silc_free(auth_data);
1006 /* Remote end is router */
1007 if (conn_type == SILC_SOCKET_TYPE_ROUTER) {
1008 SilcServerConfigRouter *serv = ctx->rconfig;
1011 ret = silc_server_get_authentication(ctx, serv->passphrase,
1013 auth_data, payload_len);
1015 /* Authentication failed */
1016 SILC_LOG_ERROR(("Authentication failed"));
1017 silc_free(auth_data);
1018 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1019 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1023 SILC_LOG_ERROR(("Remote router connection not configured"));
1024 SILC_LOG_ERROR(("Authentication failed"));
1025 silc_free(auth_data);
1026 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1027 silc_protocol_execute(protocol, server->schedule,
1033 silc_free(auth_data);
1035 /* Save connection type. This is later used to create the
1036 ID for the connection. */
1037 ctx->conn_type = conn_type;
1039 /* Advance protocol state. */
1040 protocol->state = SILC_PROTOCOL_STATE_END;
1041 silc_protocol_execute(protocol, server->schedule, 0, 0);
1045 * We are initiator. We are authenticating ourselves to a
1046 * remote server. We will send the authentication data to the
1047 * other end for verify.
1050 int payload_len = 0;
1051 unsigned char *auth_data = NULL;
1052 SilcUInt32 auth_data_len = 0;
1054 switch(ctx->auth_meth) {
1055 case SILC_AUTH_NONE:
1056 /* No authentication required */
1059 case SILC_AUTH_PASSWORD:
1060 /* Password authentication */
1061 if (ctx->auth_data && ctx->auth_data_len) {
1062 auth_data = strdup(ctx->auth_data);
1063 auth_data_len = ctx->auth_data_len;
1068 case SILC_AUTH_PUBLIC_KEY:
1070 /* Public key authentication */
1071 silc_server_get_public_key_auth(server, &auth_data, &auth_data_len,
1077 payload_len = 4 + auth_data_len;
1078 packet = silc_buffer_alloc(payload_len);
1079 silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
1080 silc_buffer_format(packet,
1081 SILC_STR_UI_SHORT(payload_len),
1082 SILC_STR_UI_SHORT(server->server_type
1084 SILC_SOCKET_TYPE_SERVER :
1085 SILC_SOCKET_TYPE_ROUTER),
1086 SILC_STR_UI_XNSTRING(auth_data, auth_data_len),
1089 /* Send the packet to server */
1090 silc_server_packet_send(server, ctx->sock,
1091 SILC_PACKET_CONNECTION_AUTH, 0,
1092 packet->data, packet->len, TRUE);
1095 memset(auth_data, 0, auth_data_len);
1096 silc_free(auth_data);
1098 silc_buffer_free(packet);
1100 /* Next state is end of protocol */
1101 protocol->state = SILC_PROTOCOL_STATE_END;
1106 case SILC_PROTOCOL_STATE_END:
1111 unsigned char ok[4];
1113 SILC_PUT32_MSB(SILC_AUTH_OK, ok);
1115 /* Authentication successful */
1116 silc_server_packet_send(server, ctx->sock, SILC_PACKET_SUCCESS,
1119 /* Unregister the timeout task since the protocol has ended.
1120 This was the timeout task to be executed if the protocol is
1121 not completed fast enough. */
1122 if (ctx->timeout_task)
1123 silc_schedule_task_del(server->schedule, ctx->timeout_task);
1125 /* Assure that after calling final callback there cannot be pending
1126 executions for this protocol anymore. This just unregisters any
1127 timeout callbacks for this protocol. */
1128 silc_protocol_cancel(protocol, server->schedule);
1130 /* Protocol has ended, call the final callback */
1131 if (protocol->final_callback)
1132 silc_protocol_execute_final(protocol, server->schedule);
1134 silc_protocol_free(protocol);
1137 case SILC_PROTOCOL_STATE_ERROR:
1140 * Error. Send notify to remote.
1142 unsigned char error[4];
1144 /* Authentication failed */
1145 SILC_PUT32_MSB(SILC_AUTH_FAILED, error);
1146 silc_server_packet_send(server, ctx->sock, SILC_PACKET_FAILURE,
1149 /* Unregister the timeout task since the protocol has ended.
1150 This was the timeout task to be executed if the protocol is
1151 not completed fast enough. */
1152 if (ctx->timeout_task)
1153 silc_schedule_task_del(server->schedule, ctx->timeout_task);
1155 /* Assure that after calling final callback there cannot be pending
1156 executions for this protocol anymore. This just unregisters any
1157 timeout callbacks for this protocol. */
1158 silc_protocol_cancel(protocol, server->schedule);
1160 /* On error the final callback is always called. */
1161 if (protocol->final_callback)
1162 silc_protocol_execute_final(protocol, server->schedule);
1164 silc_protocol_free(protocol);
1168 case SILC_PROTOCOL_STATE_FAILURE:
1170 * We have received failure from remote
1173 SILC_LOG_ERROR(("Received Authentication Failure"));
1175 /* Unregister the timeout task since the protocol has ended.
1176 This was the timeout task to be executed if the protocol is
1177 not completed fast enough. */
1178 if (ctx->timeout_task)
1179 silc_schedule_task_del(server->schedule, ctx->timeout_task);
1181 /* Assure that after calling final callback there cannot be pending
1182 executions for this protocol anymore. This just unregisters any
1183 timeout callbacks for this protocol. */
1184 silc_protocol_cancel(protocol, server->schedule);
1186 /* On error the final callback is always called. */
1187 if (protocol->final_callback)
1188 silc_protocol_execute_final(protocol, server->schedule);
1190 silc_protocol_free(protocol);
1193 case SILC_PROTOCOL_STATE_UNKNOWN:
1199 * Re-key protocol routines
1202 /* Actually takes the new keys into use. */
1205 silc_server_protocol_rekey_validate(SilcServer server,
1206 SilcServerRekeyInternalContext *ctx,
1207 SilcIDListData idata,
1208 SilcSKEKeyMaterial *keymat,
1211 if (ctx->responder == TRUE) {
1213 silc_cipher_set_key(idata->send_key, keymat->receive_enc_key,
1214 keymat->enc_key_len);
1215 silc_cipher_set_iv(idata->send_key, keymat->receive_iv);
1216 silc_hmac_set_key(idata->hmac_send, keymat->receive_hmac_key,
1217 keymat->hmac_key_len);
1219 silc_cipher_set_key(idata->receive_key, keymat->send_enc_key,
1220 keymat->enc_key_len);
1221 silc_cipher_set_iv(idata->receive_key, keymat->send_iv);
1222 silc_hmac_set_key(idata->hmac_receive, keymat->send_hmac_key,
1223 keymat->hmac_key_len);
1227 silc_cipher_set_key(idata->send_key, keymat->send_enc_key,
1228 keymat->enc_key_len);
1229 silc_cipher_set_iv(idata->send_key, keymat->send_iv);
1230 silc_hmac_set_key(idata->hmac_send, keymat->send_hmac_key,
1231 keymat->hmac_key_len);
1233 silc_cipher_set_key(idata->receive_key, keymat->receive_enc_key,
1234 keymat->enc_key_len);
1235 silc_cipher_set_iv(idata->receive_key, keymat->receive_iv);
1236 silc_hmac_set_key(idata->hmac_receive, keymat->receive_hmac_key,
1237 keymat->hmac_key_len);
1241 /* Save the current sending encryption key */
1243 memset(idata->rekey->send_enc_key, 0, idata->rekey->enc_key_len);
1244 silc_free(idata->rekey->send_enc_key);
1245 idata->rekey->send_enc_key = silc_memdup(keymat->send_enc_key,
1246 keymat->enc_key_len / 8);
1247 idata->rekey->enc_key_len = keymat->enc_key_len / 8;
1251 /* This function actually re-generates (when not using PFS) the keys and
1252 takes them into use. */
1254 void silc_server_protocol_rekey_generate(SilcServer server,
1255 SilcServerRekeyInternalContext *ctx,
1258 SilcIDListData idata = (SilcIDListData)ctx->sock->user_data;
1259 SilcSKEKeyMaterial *keymat;
1260 SilcUInt32 key_len = silc_cipher_get_key_len(idata->send_key);
1261 SilcUInt32 hash_len = idata->hash->hash->hash_len;
1263 SILC_LOG_DEBUG(("Generating new %s session keys (no PFS)",
1264 send ? "sending" : "receiving"));
1266 /* Generate the new key */
1267 keymat = silc_calloc(1, sizeof(*keymat));
1268 silc_ske_process_key_material_data(idata->rekey->send_enc_key,
1269 idata->rekey->enc_key_len,
1270 16, key_len, hash_len,
1271 idata->hash, keymat);
1273 /* Set the keys into use */
1274 silc_server_protocol_rekey_validate(server, ctx, idata, keymat, send);
1276 silc_ske_free_key_material(keymat);
1279 /* This function actually re-generates (with PFS) the keys and
1280 takes them into use. */
1283 silc_server_protocol_rekey_generate_pfs(SilcServer server,
1284 SilcServerRekeyInternalContext *ctx,
1287 SilcIDListData idata = (SilcIDListData)ctx->sock->user_data;
1288 SilcSKEKeyMaterial *keymat;
1289 SilcUInt32 key_len = silc_cipher_get_key_len(idata->send_key);
1290 SilcUInt32 hash_len = idata->hash->hash->hash_len;
1291 unsigned char *tmpbuf;
1294 SILC_LOG_DEBUG(("Generating new %s session keys (with PFS)",
1295 send ? "sending" : "receiving"));
1297 /* Encode KEY to binary data */
1298 tmpbuf = silc_mp_mp2bin(ctx->ske->KEY, 0, &klen);
1300 /* Generate the new key */
1301 keymat = silc_calloc(1, sizeof(*keymat));
1302 silc_ske_process_key_material_data(tmpbuf, klen, 16, key_len, hash_len,
1303 idata->hash, keymat);
1305 /* Set the keys into use */
1306 silc_server_protocol_rekey_validate(server, ctx, idata, keymat, send);
1308 memset(tmpbuf, 0, klen);
1310 silc_ske_free_key_material(keymat);
1313 /* Packet sending callback. This function is provided as packet sending
1314 routine to the Key Exchange functions. */
1317 silc_server_protocol_rekey_send_packet(SilcSKE ske,
1319 SilcPacketType type,
1322 SilcProtocol protocol = (SilcProtocol)context;
1323 SilcServerRekeyInternalContext *ctx =
1324 (SilcServerRekeyInternalContext *)protocol->context;
1325 SilcServer server = (SilcServer)ctx->server;
1327 /* Send the packet immediately */
1328 silc_server_packet_send(server, ctx->sock,
1329 type, 0, packet->data, packet->len, FALSE);
1332 /* Performs re-key as defined in the SILC protocol specification. */
1334 SILC_TASK_CALLBACK(silc_server_protocol_rekey)
1336 SilcProtocol protocol = (SilcProtocol)context;
1337 SilcServerRekeyInternalContext *ctx =
1338 (SilcServerRekeyInternalContext *)protocol->context;
1339 SilcServer server = (SilcServer)ctx->server;
1340 SilcIDListData idata = (SilcIDListData)ctx->sock->user_data;
1341 SilcSKEStatus status;
1343 SILC_LOG_DEBUG(("Start"));
1345 if (protocol->state == SILC_PROTOCOL_STATE_UNKNOWN)
1346 protocol->state = SILC_PROTOCOL_STATE_START;
1348 SILC_LOG_DEBUG(("State=%d", protocol->state));
1350 switch(protocol->state) {
1351 case SILC_PROTOCOL_STATE_START:
1357 if (ctx->responder == TRUE) {
1359 * We are receiving party
1362 if (ctx->pfs == TRUE) {
1364 * Use Perfect Forward Secrecy, ie. negotiate the key material
1365 * using the SKE protocol.
1368 if (ctx->packet->type != SILC_PACKET_KEY_EXCHANGE_1) {
1369 SILC_LOG_ERROR(("Error during Re-key (PFS): re-key state is "
1370 "incorrect (received %d, expected %d packet)",
1371 ctx->packet->type, SILC_PACKET_KEY_EXCHANGE_1));
1372 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1373 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1377 ctx->ske = silc_ske_alloc(server->rng, server);
1378 ctx->ske->prop = silc_calloc(1, sizeof(*ctx->ske->prop));
1379 silc_ske_group_get_by_number(idata->rekey->ske_group,
1380 &ctx->ske->prop->group);
1382 silc_ske_set_callbacks(ctx->ske,
1383 silc_server_protocol_rekey_send_packet,
1384 NULL, NULL, NULL, silc_ske_check_version,
1387 status = silc_ske_responder_phase_2(ctx->ske, ctx->packet->buffer);
1388 if (status != SILC_SKE_STATUS_OK) {
1389 SILC_LOG_ERROR(("Error (%s) during Re-key (PFS)",
1390 silc_ske_map_status(status)));
1391 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1392 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1396 /* Advance the protocol state */
1398 silc_protocol_execute(protocol, server->schedule, 0, 0);
1401 * Do normal and simple re-key.
1404 /* Send the REKEY_DONE to indicate we will take new keys into use */
1405 silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
1408 /* After we send REKEY_DONE we must set the sending encryption
1409 key to the new key since all packets after this packet must
1410 encrypted with the new key. */
1411 silc_server_protocol_rekey_generate(server, ctx, TRUE);
1413 /* The protocol ends in next stage. */
1414 protocol->state = SILC_PROTOCOL_STATE_END;
1419 * We are the initiator of this protocol
1422 /* Start the re-key by sending the REKEY packet */
1423 silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY,
1426 if (ctx->pfs == TRUE) {
1428 * Use Perfect Forward Secrecy, ie. negotiate the key material
1429 * using the SKE protocol.
1431 ctx->ske = silc_ske_alloc(server->rng, server);
1432 ctx->ske->prop = silc_calloc(1, sizeof(*ctx->ske->prop));
1433 silc_ske_group_get_by_number(idata->rekey->ske_group,
1434 &ctx->ske->prop->group);
1436 silc_ske_set_callbacks(ctx->ske,
1437 silc_server_protocol_rekey_send_packet,
1438 NULL, NULL, NULL, silc_ske_check_version,
1441 status = silc_ske_initiator_phase_2(ctx->ske, NULL, NULL, 0);
1442 if (status != SILC_SKE_STATUS_OK) {
1443 SILC_LOG_ERROR(("Error (%s) during Re-key (PFS)",
1444 silc_ske_map_status(status)));
1445 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1446 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1450 /* Advance the protocol state */
1454 * Do normal and simple re-key.
1457 /* Send the REKEY_DONE to indicate we will take new keys into use
1459 silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
1462 /* After we send REKEY_DONE we must set the sending encryption
1463 key to the new key since all packets after this packet must
1464 encrypted with the new key. */
1465 silc_server_protocol_rekey_generate(server, ctx, TRUE);
1467 /* The protocol ends in next stage. */
1468 protocol->state = SILC_PROTOCOL_STATE_END;
1476 * Second state, used only when oding re-key with PFS.
1478 if (ctx->responder == TRUE) {
1479 if (ctx->pfs == TRUE) {
1481 * Send our KE packe to the initiator now that we've processed
1482 * the initiator's KE packet.
1484 status = silc_ske_responder_finish(ctx->ske, NULL, NULL,
1485 SILC_SKE_PK_TYPE_SILC);
1486 if (status != SILC_SKE_STATUS_OK) {
1487 SILC_LOG_ERROR(("Error (%s) during Re-key (PFS)",
1488 silc_ske_map_status(status)));
1489 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1490 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1496 if (ctx->pfs == TRUE) {
1498 * The packet type must be KE packet
1500 if (ctx->packet->type != SILC_PACKET_KEY_EXCHANGE_2) {
1501 SILC_LOG_ERROR(("Error during Re-key (PFS): re-key state is "
1502 "incorrect (received %d, expected %d packet)",
1503 ctx->packet->type, SILC_PACKET_KEY_EXCHANGE_2));
1504 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1505 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1509 status = silc_ske_initiator_finish(ctx->ske, ctx->packet->buffer);
1510 if (status != SILC_SKE_STATUS_OK) {
1511 SILC_LOG_ERROR(("Error (%s) during Re-key (PFS)",
1512 silc_ske_map_status(status)));
1513 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1514 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1520 /* Send the REKEY_DONE to indicate we will take new keys into use
1522 silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
1525 /* After we send REKEY_DONE we must set the sending encryption
1526 key to the new key since all packets after this packet must
1527 encrypted with the new key. */
1528 silc_server_protocol_rekey_generate_pfs(server, ctx, TRUE);
1530 /* The protocol ends in next stage. */
1531 protocol->state = SILC_PROTOCOL_STATE_END;
1534 case SILC_PROTOCOL_STATE_END:
1539 if (ctx->packet->type != SILC_PACKET_REKEY_DONE) {
1540 SILC_LOG_ERROR(("Error during Re-key (PFS): re-key state is "
1541 "incorrect (received %d, expected %d packet)",
1542 ctx->packet->type, SILC_PACKET_REKEY_DONE));
1543 protocol->state = SILC_PROTOCOL_STATE_ERROR;
1544 silc_protocol_execute(protocol, server->schedule, 0, 300000);
1548 /* We received the REKEY_DONE packet and all packets after this is
1549 encrypted with the new key so set the decryption key to the new key */
1550 silc_server_protocol_rekey_generate(server, ctx, FALSE);
1552 /* Assure that after calling final callback there cannot be pending
1553 executions for this protocol anymore. This just unregisters any
1554 timeout callbacks for this protocol. */
1555 silc_protocol_cancel(protocol, server->schedule);
1557 /* Protocol has ended, call the final callback */
1558 if (protocol->final_callback)
1559 silc_protocol_execute_final(protocol, server->schedule);
1561 silc_protocol_free(protocol);
1564 case SILC_PROTOCOL_STATE_ERROR:
1569 if (ctx->pfs == TRUE)
1570 /* Send abort notification */
1571 silc_ske_abort(ctx->ske, ctx->ske->status);
1573 /* Assure that after calling final callback there cannot be pending
1574 executions for this protocol anymore. This just unregisters any
1575 timeout callbacks for this protocol. */
1576 silc_protocol_cancel(protocol, server->schedule);
1578 /* On error the final callback is always called. */
1579 if (protocol->final_callback)
1580 silc_protocol_execute_final(protocol, server->schedule);
1582 silc_protocol_free(protocol);
1585 case SILC_PROTOCOL_STATE_FAILURE:
1587 * We have received failure from remote
1590 SILC_LOG_ERROR(("Error during Re-Key: received Failure"));
1592 /* Assure that after calling final callback there cannot be pending
1593 executions for this protocol anymore. This just unregisters any
1594 timeout callbacks for this protocol. */
1595 silc_protocol_cancel(protocol, server->schedule);
1597 /* On error the final callback is always called. */
1598 if (protocol->final_callback)
1599 silc_protocol_execute_final(protocol, server->schedule);
1601 silc_protocol_free(protocol);
1604 case SILC_PROTOCOL_STATE_UNKNOWN:
1610 /* Registers protocols used in server. */
1612 void silc_server_protocols_register(void)
1614 silc_protocol_register(SILC_PROTOCOL_SERVER_CONNECTION_AUTH,
1615 silc_server_protocol_connection_auth);
1616 silc_protocol_register(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
1617 silc_server_protocol_key_exchange);
1618 silc_protocol_register(SILC_PROTOCOL_SERVER_REKEY,
1619 silc_server_protocol_rekey);
1620 silc_protocol_register(SILC_PROTOCOL_SERVER_BACKUP,
1621 silc_server_protocol_backup);
1624 /* Unregisters protocols */
1626 void silc_server_protocols_unregister(void)
1628 silc_protocol_unregister(SILC_PROTOCOL_SERVER_CONNECTION_AUTH,
1629 silc_server_protocol_connection_auth);
1630 silc_protocol_unregister(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
1631 silc_server_protocol_key_exchange);
1632 silc_protocol_unregister(SILC_PROTOCOL_SERVER_REKEY,
1633 silc_server_protocol_rekey);
1634 silc_protocol_unregister(SILC_PROTOCOL_SERVER_BACKUP,
1635 silc_server_protocol_backup);