5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 2006 - 2008 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
21 #include "silcclient.h"
22 #include "client_internal.h"
24 /************************ Static utility functions **************************/
26 /* Callback called after connected to remote host */
28 static void silc_client_connect_callback(SilcResult status,
29 SilcStream stream, void *context)
31 SilcFSMThread fsm = context;
32 SilcClientConnection conn = silc_fsm_get_context(fsm);
33 SilcClient client = conn->client;
35 conn->internal->op = NULL;
36 if (conn->internal->verbose) {
40 case SILC_ERR_UNKNOWN_IP:
41 client->internal->ops->say(
42 client, conn, SILC_CLIENT_MESSAGE_ERROR,
43 "Could not connect to host %s: unknown IP address",
46 case SILC_ERR_UNKNOWN_HOST:
47 client->internal->ops->say(
48 client, conn, SILC_CLIENT_MESSAGE_ERROR,
49 "Could not connect to host %s: unknown host name",
52 case SILC_ERR_UNREACHABLE:
53 client->internal->ops->say(
54 client, conn, SILC_CLIENT_MESSAGE_ERROR,
55 "Could not connect to host %s: network unreachable",
58 case SILC_ERR_REFUSED:
59 client->internal->ops->say(
60 client, conn, SILC_CLIENT_MESSAGE_ERROR,
61 "Could not connect to host %s: connection refused",
64 case SILC_ERR_TIMEOUT:
65 client->internal->ops->say(
66 client, conn, SILC_CLIENT_MESSAGE_ERROR,
67 "Could not connect to host %s: connection timeout",
71 client->internal->ops->say(
72 client, conn, SILC_CLIENT_MESSAGE_ERROR,
73 "Could not connect to host %s",
79 if (status != SILC_OK) {
80 /* Notify application of failure */
81 SILC_LOG_DEBUG(("Connecting failed"));
82 conn->internal->status = SILC_CLIENT_CONN_ERROR;
83 silc_fsm_next(fsm, silc_client_st_connect_error);
84 SILC_FSM_CALL_CONTINUE(fsm);
88 /* Connection created successfully */
89 SILC_LOG_DEBUG(("Connected"));
90 conn->internal->user_stream = stream;
91 SILC_FSM_CALL_CONTINUE(fsm);
94 /* Called after application has verified remote host's public key */
96 static void silc_client_ke_verify_key_cb(SilcBool success, void *context)
98 SilcVerifyKeyContext verify = context;
100 SILC_LOG_DEBUG(("Start"));
102 /* Call the completion callback back to the SKE */
103 verify->completion(verify->ske, success ? SILC_SKE_STATUS_OK :
104 SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
105 verify->completion_context);
110 /* Verify remote host's public key */
112 static void silc_client_ke_verify_key(SilcSKE ske,
113 SilcPublicKey public_key,
115 SilcSKEVerifyCbCompletion completion,
116 void *completion_context)
118 SilcFSMThread fsm = context;
119 SilcClientConnection conn = silc_fsm_get_context(fsm);
120 SilcClient client = conn->client;
121 SilcVerifyKeyContext verify;
123 /* If we provided repository for SKE and we got here the key was not
124 found from the repository. */
125 if (conn->internal->params.repository &&
126 !conn->internal->params.verify_notfound) {
127 completion(ske, SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
132 SILC_LOG_DEBUG(("Verify remote public key"));
134 verify = silc_calloc(1, sizeof(*verify));
136 completion(ske, SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY,
141 verify->completion = completion;
142 verify->completion_context = completion_context;
144 /* Verify public key in application */
145 client->internal->ops->verify_public_key(client, conn,
146 conn->type, public_key,
147 silc_client_ke_verify_key_cb,
151 /* Key exchange protocol completion callback */
153 static void silc_client_ke_completion(SilcSKE ske,
154 SilcSKEStatus status,
155 SilcSKESecurityProperties prop,
156 SilcSKEKeyMaterial keymat,
157 SilcSKERekeyMaterial rekey,
160 SilcFSMThread fsm = context;
161 SilcClientConnection conn = silc_fsm_get_context(fsm);
162 SilcClient client = conn->client;
163 SilcCipher send_key, receive_key;
164 SilcHmac hmac_send, hmac_receive;
166 conn->internal->op = NULL;
167 if (status != SILC_SKE_STATUS_OK) {
168 /* Key exchange failed */
169 SILC_LOG_DEBUG(("Error during key exchange with %s: %s (%d)",
170 conn->remote_host, silc_ske_map_status(status), status));
172 if (conn->internal->verbose)
173 client->internal->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR,
174 "Error during key exchange with %s: %s",
176 silc_ske_map_status(status));
178 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
179 silc_ske_free_rekey_material(rekey);
181 silc_fsm_next(fsm, silc_client_st_connect_error);
182 SILC_FSM_CALL_CONTINUE_SYNC(fsm);
186 SILC_LOG_DEBUG(("Setting keys into use"));
188 /* Allocate the cipher and HMAC contexts */
189 if (!silc_ske_set_keys(ske, keymat, prop, &send_key, &receive_key,
190 &hmac_send, &hmac_receive, &conn->internal->hash)) {
191 /* Error setting keys */
192 SILC_LOG_DEBUG(("Could not set keys into use"));
194 if (conn->internal->verbose)
195 client->internal->ops->say(
196 client, conn, SILC_CLIENT_MESSAGE_ERROR,
197 "Error during key exchange with %s: cannot use keys",
200 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
201 silc_ske_free_rekey_material(rekey);
203 silc_fsm_next(fsm, silc_client_st_connect_error);
204 SILC_FSM_CALL_CONTINUE_SYNC(fsm);
208 /* Set the keys into the packet stream. After this call packets will be
209 encrypted with these keys. */
210 if (!silc_packet_set_keys(conn->stream, send_key, receive_key, hmac_send,
211 hmac_receive, FALSE)) {
212 /* Error setting keys */
213 SILC_LOG_DEBUG(("Could not set keys into use"));
215 if (conn->internal->verbose)
216 client->internal->ops->say(
217 client, conn, SILC_CLIENT_MESSAGE_ERROR,
218 "Error during key exchange with %s: cannot use keys",
221 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
222 silc_ske_free_rekey_material(rekey);
224 silc_fsm_next(fsm, silc_client_st_connect_error);
225 SILC_FSM_CALL_CONTINUE_SYNC(fsm);
229 conn->internal->rekey = rekey;
231 SILC_LOG_DEBUG(("Key Exchange completed"));
233 /* Key exchange done */
234 SILC_FSM_CALL_CONTINUE_SYNC(fsm);
237 /* Rekey protocol completion callback */
239 static void silc_client_rekey_completion(SilcSKE ske,
240 SilcSKEStatus status,
241 SilcSKESecurityProperties prop,
242 SilcSKEKeyMaterial keymat,
243 SilcSKERekeyMaterial rekey,
246 SilcFSMThread fsm = context;
247 SilcClientConnection conn = silc_fsm_get_context(fsm);
248 SilcClient client = conn->client;
250 conn->internal->op = NULL;
251 if (status != SILC_SKE_STATUS_OK) {
253 SILC_LOG_DEBUG(("Error during rekey with %s: %s (%d)",
254 conn->remote_host, silc_ske_map_status(status), status));
256 if (conn->internal->verbose)
257 client->internal->ops->say(client, conn, SILC_CLIENT_MESSAGE_ERROR,
258 "Error during rekey with %s: %s",
260 silc_ske_map_status(status));
262 silc_ske_free(conn->internal->ske);
263 conn->internal->ske = NULL;
264 silc_fsm_finish(fsm);
268 silc_ske_free_rekey_material(conn->internal->rekey);
269 conn->internal->rekey = rekey;
271 silc_ske_free(conn->internal->ske);
272 conn->internal->ske = NULL;
274 SILC_LOG_DEBUG(("Rekey completed conn %p", conn));
277 silc_fsm_finish(fsm);
280 /* Callback called by application to return authentication data */
282 static void silc_client_connect_auth_method(SilcAuthMethod auth_meth,
287 SilcFSMThread fsm = context;
288 SilcClientConnection conn = silc_fsm_get_context(fsm);
290 conn->internal->params.auth_method = auth_meth;
291 if (auth_meth == SILC_AUTH_PASSWORD)
292 conn->internal->params.auth = silc_memdup(auth, auth_len);
294 conn->internal->params.auth = (void *)auth;
295 conn->internal->params.auth_len = auth_len;
297 SILC_FSM_CALL_CONTINUE(fsm);
300 /* Connection authentication completion callback */
302 static void silc_client_connect_auth_completion(SilcConnAuth connauth,
306 SilcFSMThread fsm = context;
307 SilcClientConnection conn = silc_fsm_get_context(fsm);
308 SilcClient client = conn->client;
310 conn->internal->op = NULL;
311 silc_connauth_free(connauth);
314 if (conn->internal->verbose)
315 client->internal->ops->say(
316 client, conn, SILC_CLIENT_MESSAGE_ERROR,
317 "Authentication failed");
319 conn->internal->status = SILC_CLIENT_CONN_ERROR_AUTH;
320 conn->internal->error = SILC_STATUS_ERR_AUTH_FAILED;
321 silc_fsm_next(fsm, silc_client_st_connect_error);
324 SILC_FSM_CALL_CONTINUE_SYNC(fsm);
327 /********************** CONNECTION_AUTH_REQUEST packet **********************/
329 /* Received connection authentication request packet. We get the
330 required authentication method here. */
332 SILC_FSM_STATE(silc_client_connect_auth_request)
334 SilcClientConnection conn = fsm_context;
335 SilcPacket packet = state_context;
336 SilcUInt16 conn_type, auth_meth;
338 if (!conn->internal->auth_request) {
339 silc_packet_free(packet);
340 return SILC_FSM_FINISH;
343 /* Parse the payload */
344 if (silc_buffer_unformat(&packet->buffer,
345 SILC_STR_UI_SHORT(&conn_type),
346 SILC_STR_UI_SHORT(&auth_meth),
348 auth_meth = SILC_AUTH_NONE;
350 silc_packet_free(packet);
352 SILC_LOG_DEBUG(("Resolved authentication method: %s",
353 (auth_meth == SILC_AUTH_NONE ? "none" :
354 auth_meth == SILC_AUTH_PASSWORD ? "passphrase" :
356 conn->internal->params.auth_method = auth_meth;
358 /* Continue authentication */
359 silc_fsm_continue_sync(&conn->internal->event_thread);
360 return SILC_FSM_FINISH;
363 /*************************** Connect remote host ****************************/
365 /* Connection timeout callback */
367 SILC_TASK_CALLBACK(silc_client_connect_timeout)
369 SilcClientConnection conn = context;
371 SILC_LOG_DEBUG(("Connection timeout"));
373 conn->internal->status = SILC_CLIENT_CONN_ERROR_TIMEOUT;
374 conn->internal->error = SILC_STATUS_ERR_TIMEDOUT;
376 silc_fsm_next(&conn->internal->event_thread, silc_client_st_connect_error);
377 silc_fsm_continue_sync(&conn->internal->event_thread);
380 /* Creates a connection to remote host */
382 SILC_FSM_STATE(silc_client_st_connect)
384 SilcClientConnection conn = fsm_context;
386 SILC_LOG_DEBUG(("Connecting to %s:%d", conn->remote_host,
390 silc_fsm_next(fsm, silc_client_st_connect_set_stream);
392 /* Add connection timeout */
393 if (conn->internal->params.timeout_secs)
394 silc_schedule_task_add_timeout(conn->internal->schedule,
395 silc_client_connect_timeout, conn,
396 conn->internal->params.timeout_secs, 0);
398 if (conn->internal->params.udp) {
401 if (!conn->internal->params.local_ip) {
402 /** IP address not given */
403 SILC_LOG_ERROR(("Local UDP IP address not specified"));
404 conn->internal->status = SILC_CLIENT_CONN_ERROR;
405 silc_fsm_next(fsm, silc_client_st_connect_error);
406 return SILC_FSM_CONTINUE;
410 stream = silc_net_udp_connect(conn->internal->params.bind_ip ?
411 conn->internal->params.bind_ip :
412 conn->internal->params.local_ip,
413 conn->internal->params.local_port,
414 conn->remote_host, conn->remote_port,
415 conn->internal->schedule);
417 SILC_FSM_CALL(silc_client_connect_callback(stream ? SILC_OK :
418 SILC_ERR_UNREACHABLE,
422 SILC_FSM_CALL(conn->internal->op = silc_net_tcp_connect(
423 NULL, conn->remote_host,
425 conn->internal->schedule,
426 silc_client_connect_callback, fsm));
430 /* Sets the new connection stream into use and creates packet stream */
432 SILC_FSM_STATE(silc_client_st_connect_set_stream)
434 SilcClientConnection conn = fsm_context;
435 SilcClient client = conn->client;
437 if (conn->internal->disconnected) {
439 silc_fsm_next(fsm, silc_client_st_connect_error);
440 return SILC_FSM_CONTINUE;
443 /* Create packet stream */
444 conn->stream = silc_packet_stream_create(client->internal->packet_engine,
445 conn->internal->schedule,
446 conn->internal->user_stream);
448 /** Cannot create packet stream */
449 SILC_LOG_DEBUG(("Could not create packet stream"));
450 conn->internal->status = SILC_CLIENT_CONN_ERROR;
451 silc_fsm_next(fsm, silc_client_st_connect_error);
452 return SILC_FSM_CONTINUE;
455 silc_packet_set_context(conn->stream, conn);
457 /* Save socket stream and socket into connection context */
458 conn->socket_stream = silc_packet_stream_get_stream(conn->stream);
459 silc_socket_stream_get_info(conn->socket_stream, &conn->sock, NULL,
462 /** Start key exchange */
463 silc_fsm_next(fsm, silc_client_st_connect_key_exchange);
464 return SILC_FSM_CONTINUE;
467 /* Starts key exchange protocol with remote host */
469 SILC_FSM_STATE(silc_client_st_connect_key_exchange)
471 SilcClientConnection conn = fsm_context;
472 SilcClient client = conn->client;
473 SilcSKEParamsStruct params;
476 SILC_LOG_DEBUG(("Starting key exchange protocol"));
479 conn->internal->ske =
480 silc_ske_alloc(client->rng, conn->internal->schedule,
481 conn->internal->params.repository,
482 conn->public_key, conn->private_key, fsm);
483 if (!conn->internal->ske) {
485 conn->internal->status = SILC_CLIENT_CONN_ERROR_KE;
486 silc_fsm_next(fsm, silc_client_st_connect_error);
487 return SILC_FSM_CONTINUE;
490 /* Set SKE callbacks */
491 silc_ske_set_callbacks(conn->internal->ske, silc_client_ke_verify_key,
492 silc_client_ke_completion, fsm);
494 /* Set up key exchange parameters */
495 params.version = client->internal->silc_client_version;
496 params.timeout_secs = conn->internal->params.timeout_secs;
497 params.flags = SILC_SKE_SP_FLAG_MUTUAL;
498 if (conn->internal->params.pfs)
499 params.flags |= SILC_SKE_SP_FLAG_PFS;
500 if (conn->internal->params.udp) {
501 params.flags |= SILC_SKE_SP_FLAG_IV_INCLUDED;
502 params.session_port = conn->internal->params.local_port;
505 if (conn->internal->params.no_authentication)
506 /** Run key exchange (no auth) */
507 silc_fsm_next(fsm, silc_client_st_connected);
508 else if (conn->internal->params.udp)
509 /** Run key exchange (UDP)*/
510 silc_fsm_next(fsm, silc_client_st_connect_setup_udp);
512 /** Run key exchange (TCP) */
513 silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
515 /* Old server version requires empty Client ID in packets. Remove this
516 backwards support somepoint after 1.1 server is released. */
517 memset(&cid, 0, sizeof(cid));
519 silc_packet_set_ids(conn->stream, SILC_ID_CLIENT, &cid, 0, NULL);
521 SILC_FSM_CALL(conn->internal->op = silc_ske_initiator(conn->internal->ske,
526 /* For UDP/IP connections, set up the UDP session after successful key
529 SILC_FSM_STATE(silc_client_st_connect_setup_udp)
531 SilcClientConnection conn = fsm_context;
532 SilcStream stream, old;
533 SilcSKESecurityProperties prop;
535 SILC_LOG_DEBUG(("Setup UDP SILC session"));
537 if (conn->internal->disconnected) {
539 silc_fsm_next(fsm, silc_client_st_connect_error);
540 return SILC_FSM_CONTINUE;
543 /* Create new UDP stream */
544 prop = silc_ske_get_security_properties(conn->internal->ske);
545 stream = silc_net_udp_connect(conn->internal->params.local_ip,
546 conn->internal->params.local_port,
547 conn->remote_host, prop->remote_port,
548 conn->internal->schedule);
550 /** Cannot create UDP stream */
551 conn->internal->status = SILC_CLIENT_CONN_ERROR;
552 silc_fsm_next(fsm, silc_client_st_connect_error);
553 return SILC_FSM_CONTINUE;
556 /* Set the new stream to packet stream */
557 old = silc_packet_stream_get_stream(conn->stream);
558 silc_packet_stream_set_stream(conn->stream, stream);
559 conn->socket_stream = stream;
560 silc_socket_stream_get_info(conn->socket_stream, &conn->sock, NULL,
562 silc_packet_stream_set_iv_included(conn->stream);
563 silc_packet_set_sid(conn->stream, 0);
565 /* Delete the old stream */
566 silc_stream_destroy(old);
568 /** Start authentication */
569 silc_fsm_next(fsm, silc_client_st_connect_auth_resolve);
570 return SILC_FSM_CONTINUE;
573 /* Resolve authentication method to be used in authentication protocol */
575 SILC_FSM_STATE(silc_client_st_connect_auth_resolve)
577 SilcClientConnection conn = fsm_context;
579 SILC_LOG_DEBUG(("Resolve authentication method"));
581 if (conn->internal->disconnected) {
583 silc_fsm_next(fsm, silc_client_st_connect_error);
584 return SILC_FSM_CONTINUE;
587 /* If authentication method and data is set, use them */
588 if (conn->internal->params.auth_set) {
589 /** Got authentication data */
590 silc_fsm_next(fsm, silc_client_st_connect_auth_start);
591 return SILC_FSM_CONTINUE;
594 /* Send connection authentication request packet */
595 silc_packet_send_va(conn->stream,
596 SILC_PACKET_CONNECTION_AUTH_REQUEST, 0,
597 SILC_STR_UI_SHORT(SILC_CONN_CLIENT),
598 SILC_STR_UI_SHORT(SILC_AUTH_NONE),
601 /** Wait for authentication method */
602 conn->internal->auth_request = TRUE;
603 conn->internal->params.auth_method = SILC_AUTH_NONE;
604 silc_fsm_next_later(fsm, silc_client_st_connect_auth_data, 2, 0);
605 return SILC_FSM_WAIT;
608 /* Get authentication data to be used in authentication protocol */
610 SILC_FSM_STATE(silc_client_st_connect_auth_data)
612 SilcClientConnection conn = fsm_context;
613 SilcClient client = conn->client;
615 SILC_LOG_DEBUG(("Get authentication data"));
617 if (conn->internal->disconnected) {
619 silc_fsm_next(fsm, silc_client_st_connect_error);
620 return SILC_FSM_CONTINUE;
623 conn->internal->auth_request = FALSE;
625 /** Get authentication data */
626 silc_fsm_next(fsm, silc_client_st_connect_auth_start);
627 SILC_FSM_CALL(client->internal->ops->get_auth_method(
631 conn->internal->params.auth_method,
632 silc_client_connect_auth_method, fsm));
635 /* Start connection authentication with remote host */
637 SILC_FSM_STATE(silc_client_st_connect_auth_start)
639 SilcClientConnection conn = fsm_context;
640 SilcConnAuth connauth;
642 SILC_LOG_DEBUG(("Starting connection authentication protocol"));
644 if (conn->internal->disconnected) {
646 silc_fsm_next(fsm, silc_client_st_connect_error);
647 return SILC_FSM_CONTINUE;
650 /* We always use the same key for connection authentication and SKE */
651 if (conn->internal->params.auth_method == SILC_AUTH_PUBLIC_KEY)
652 conn->internal->params.auth = conn->private_key;
654 /* Allocate connection authentication protocol */
655 connauth = silc_connauth_alloc(conn->internal->schedule,
657 conn->internal->params.rekey_secs);
660 conn->internal->status = SILC_CLIENT_CONN_ERROR_AUTH;
661 conn->internal->error = SILC_STATUS_ERR_AUTH_FAILED;
662 silc_fsm_next(fsm, silc_client_st_connect_error);
663 return SILC_FSM_CONTINUE;
666 /** Start connection authentication */
667 silc_fsm_next(fsm, silc_client_st_connected);
668 SILC_FSM_CALL(conn->internal->op = silc_connauth_initiator(
669 connauth, SILC_CONN_CLIENT,
670 conn->internal->params.auth_method,
671 conn->internal->params.auth,
672 conn->internal->params.auth_len,
673 silc_client_connect_auth_completion,
677 /* Connection fully established */
679 SILC_FSM_STATE(silc_client_st_connected)
681 SilcClientConnection conn = fsm_context;
682 SilcClient client = conn->client;
684 /* Get SILC protocol version remote supports */
685 silc_ske_parse_version(conn->internal->ske, &conn->internal->remote_version,
686 NULL, NULL, NULL, NULL);
688 silc_ske_free(conn->internal->ske);
689 conn->internal->ske = NULL;
691 if (!conn->internal->params.auth_set &&
692 conn->internal->params.auth_method == SILC_AUTH_PASSWORD &&
693 conn->internal->params.auth) {
694 silc_free(conn->internal->params.auth);
695 conn->internal->params.auth = NULL;
698 if (conn->internal->disconnected) {
700 silc_fsm_next(fsm, silc_client_st_connect_error);
701 return SILC_FSM_CONTINUE;
704 SILC_LOG_DEBUG(("Connection established"));
706 /* Install rekey timer */
707 if (conn->type != SILC_CONN_CLIENT)
708 silc_schedule_task_add_timeout(conn->internal->schedule,
709 silc_client_rekey_timer, conn,
710 conn->internal->params.rekey_secs, 0);
712 /* If we connected to server, now register to network. */
713 if (conn->type == SILC_CONN_SERVER &&
714 !conn->internal->params.no_authentication) {
716 /* If detach data is provided, resume the session. */
717 if (conn->internal->params.detach_data &&
718 conn->internal->params.detach_data_len) {
719 /** Resume detached session */
720 silc_fsm_next(fsm, silc_client_st_resume);
722 /** Register to network */
723 silc_fsm_next(fsm, silc_client_st_register);
726 return SILC_FSM_CONTINUE;
729 silc_schedule_task_del_by_all(conn->internal->schedule, 0,
730 silc_client_connect_timeout, conn);
732 /* Call connection callback */
733 conn->callback(client, conn, SILC_CLIENT_CONN_SUCCESS, 0, NULL,
734 conn->callback_context);
736 silc_async_free(conn->internal->cop);
737 conn->internal->cop = NULL;
739 return SILC_FSM_FINISH;
742 /* Error during connecting */
744 SILC_FSM_STATE(silc_client_st_connect_error)
746 SilcClientConnection conn = fsm_context;
748 if (conn->internal->ske) {
749 silc_ske_free(conn->internal->ske);
750 conn->internal->ske = NULL;
753 /* Signal to close connection */
754 if (!conn->internal->disconnected) {
755 conn->internal->disconnected = TRUE;
756 SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
759 silc_schedule_task_del_by_all(conn->internal->schedule, 0,
760 silc_client_connect_timeout, conn);
762 return SILC_FSM_FINISH;
765 /****************************** Connect rekey *******************************/
767 /* Connection rekey timer callback */
769 SILC_TASK_CALLBACK(silc_client_rekey_timer)
771 SilcClientConnection conn = context;
773 /* Signal to start rekey */
774 if (!silc_fsm_is_started(&conn->internal->event_thread)) {
775 conn->internal->rekey_responder = FALSE;
776 conn->internal->rekeying = TRUE;
777 SILC_FSM_EVENT_SIGNAL(&conn->internal->wait_event);
780 /* Reinstall rekey timer */
781 silc_schedule_task_add_timeout(conn->internal->schedule,
782 silc_client_rekey_timer, conn,
783 conn->internal->params.rekey_secs, 0);
788 SILC_FSM_STATE(silc_client_st_rekey)
790 SilcClientConnection conn = fsm_context;
791 SilcClient client = conn->client;
793 SILC_LOG_DEBUG(("Rekey conn %p", conn));
795 if (conn->internal->disconnected)
796 return SILC_FSM_FINISH;
799 conn->internal->ske =
800 silc_ske_alloc(client->rng, conn->internal->schedule, NULL,
801 conn->public_key, NULL, fsm);
802 if (!conn->internal->ske)
803 return SILC_FSM_FINISH;
805 /* Set SKE callbacks */
806 silc_ske_set_callbacks(conn->internal->ske, NULL,
807 silc_client_rekey_completion, fsm);
810 if (!conn->internal->rekey_responder)
811 SILC_FSM_CALL(conn->internal->op = silc_ske_rekey_initiator(
814 conn->internal->rekey));
816 SILC_FSM_CALL(conn->internal->op = silc_ske_rekey_responder(
819 conn->internal->rekey,