+
+ return TRUE;
+}
+
+/* This checks stats for various SILC files and directories. First it
+ checks if ~/.silc directory exist and is owned by the correct user. If
+ it doesn't exist, it will create the directory. After that it checks if
+ user's Public and Private key files exists and that they aren't expired.
+ If they doesn't exist or they are expired, they will be (re)created
+ after return. */
+
+int silc_client_check_silc_dir()
+{
+ char filename[256], file_public_key[256], file_private_key[256];
+ char servfilename[256];
+ char *identifier;
+ struct stat st;
+ struct passwd *pw;
+ int firstime = FALSE;
+ time_t curtime, modtime;
+
+ SILC_LOG_DEBUG(("Checking ~./silc directory"));
+
+ memset(filename, 0, sizeof(filename));
+ memset(file_public_key, 0, sizeof(file_public_key));
+ memset(file_private_key, 0, sizeof(file_private_key));
+
+ pw = getpwuid(getuid());
+ if (!pw) {
+ fprintf(stderr, "silc: %s\n", strerror(errno));
+ return FALSE;
+ }
+
+ identifier = silc_client_create_identifier();
+
+ /* We'll take home path from /etc/passwd file to be sure. */
+ snprintf(filename, sizeof(filename) - 1, "%s/.silc/", pw->pw_dir);
+ snprintf(servfilename, sizeof(servfilename) - 1, "%s/.silc/serverkeys",
+ pw->pw_dir);
+
+ /*
+ * Check ~/.silc directory
+ */
+ if ((stat(filename, &st)) == -1) {
+ /* If dir doesn't exist */
+ if (errno == ENOENT) {
+ if (pw->pw_uid == geteuid()) {
+ if ((mkdir(filename, 0755)) == -1) {
+ fprintf(stderr, "Couldn't create `%s' directory\n", filename);
+ return FALSE;
+ }
+
+ /* Directory was created. First time running SILC */
+ firstime = TRUE;
+ } else {
+ fprintf(stderr, "Couldn't create `%s' directory due to a wrong uid!\n",
+ filename);
+ return FALSE;
+ }
+ } else {
+ fprintf(stderr, "%s\n", strerror(errno));
+ return FALSE;
+ }
+ } else {
+
+ /* Check the owner of the dir */
+ if (st.st_uid != 0 && st.st_uid != pw->pw_uid) {
+ fprintf(stderr, "You don't seem to own `%s' directory\n",
+ filename);
+ return FALSE;
+ }
+
+ /* Check the permissions of the dir */
+ if ((st.st_mode & 0777) != 0755) {
+ if ((chmod(filename, 0755)) == -1) {
+ fprintf(stderr, "Permissions for `%s' directory must be 0755\n",
+ filename);
+ return FALSE;
+ }
+ }
+ }
+
+ /*
+ * Check ~./silc/serverkeys directory
+ */
+ if ((stat(servfilename, &st)) == -1) {
+ /* If dir doesn't exist */
+ if (errno == ENOENT) {
+ if (pw->pw_uid == geteuid()) {
+ if ((mkdir(servfilename, 0755)) == -1) {
+ fprintf(stderr, "Couldn't create `%s' directory\n", servfilename);
+ return FALSE;
+ }
+ } else {
+ fprintf(stderr, "Couldn't create `%s' directory due to a wrong uid!\n",
+ servfilename);
+ return FALSE;
+ }
+ } else {
+ fprintf(stderr, "%s\n", strerror(errno));
+ return FALSE;
+ }
+ }
+
+ /*
+ * Check Public and Private keys
+ */
+ snprintf(file_public_key, sizeof(file_public_key) - 1, "%s%s",
+ filename, SILC_CLIENT_PUBLIC_KEY_NAME);
+ snprintf(file_private_key, sizeof(file_private_key) - 1, "%s%s",
+ filename, SILC_CLIENT_PRIVATE_KEY_NAME);
+
+ /* If running SILC first time */
+ if (firstime) {
+ fprintf(stdout, "Running SILC for the first time\n");
+ silc_client_create_key_pair(SILC_CLIENT_DEF_PKCS,
+ SILC_CLIENT_DEF_PKCS_LEN,
+ file_public_key, file_private_key,
+ identifier, NULL, NULL);
+ return TRUE;
+ }
+
+ if ((stat(file_public_key, &st)) == -1) {
+ /* If file doesn't exist */
+ if (errno == ENOENT) {
+ fprintf(stdout, "Your public key doesn't exist\n");
+ silc_client_create_key_pair(SILC_CLIENT_DEF_PKCS,
+ SILC_CLIENT_DEF_PKCS_LEN,
+ file_public_key,
+ file_private_key, identifier, NULL, NULL);
+ } else {
+ fprintf(stderr, "%s\n", strerror(errno));
+ return FALSE;
+ }
+ }
+
+ if ((stat(file_private_key, &st)) == -1) {
+ /* If file doesn't exist */
+ if (errno == ENOENT) {
+ fprintf(stdout, "Your private key doesn't exist\n");
+ silc_client_create_key_pair(SILC_CLIENT_DEF_PKCS,
+ SILC_CLIENT_DEF_PKCS_LEN,
+ file_public_key,
+ file_private_key, identifier, NULL, NULL);
+ } else {
+ fprintf(stderr, "%s\n", strerror(errno));
+ return FALSE;
+ }
+ }
+
+ /* Check the owner of the public key */
+ if (st.st_uid != 0 && st.st_uid != pw->pw_uid) {
+ fprintf(stderr, "You don't seem to own your public key!?\n");
+ return FALSE;
+ }
+
+ /* Check the owner of the private key */
+ if (st.st_uid != 0 && st.st_uid != pw->pw_uid) {
+ fprintf(stderr, "You don't seem to own your private key!?\n");
+ return FALSE;
+ }
+
+ /* Check the permissions for the private key */
+ if ((st.st_mode & 0777) != 0600) {
+ fprintf(stderr, "Wrong permissions in your private key file `%s'!\n"
+ "Trying to change them ... ", file_private_key);
+ if ((chmod(file_private_key, 0600)) == -1) {
+ fprintf(stderr,
+ "Failed to change permissions for private key file!\n"
+ "Permissions for your private key file must be 0600.\n");
+ return FALSE;
+ }
+ fprintf(stderr, "Done.\n\n");
+ }
+
+ /* See if the key has expired. */
+ modtime = st.st_mtime; /* last modified */
+ curtime = time(0) - modtime;
+
+ /* 86400 is seconds in a day. */
+ if (curtime >= (86400 * SILC_CLIENT_KEY_EXPIRES)) {
+ fprintf(stdout,
+ "--------------------------------------------------\n"
+ "Your private key has expired and needs to be\n"
+ "recreated. This will be done automatically now.\n"
+ "Your new key will expire in %d days from today.\n"
+ "--------------------------------------------------\n",
+ SILC_CLIENT_KEY_EXPIRES);
+
+ silc_client_create_key_pair(SILC_CLIENT_DEF_PKCS,
+ SILC_CLIENT_DEF_PKCS_LEN,
+ file_public_key,
+ file_private_key, identifier, NULL, NULL);
+ }
+
+ if (identifier)
+ silc_free(identifier);
+
+ return TRUE;
+}
+
+/* Loads public and private key from files. */
+
+int silc_client_load_keys(SilcClient client)
+{
+ char filename[256];
+ struct passwd *pw;
+
+ SILC_LOG_DEBUG(("Loading public and private keys"));
+
+ pw = getpwuid(getuid());
+ if (!pw)
+ return FALSE;
+
+ memset(filename, 0, sizeof(filename));
+ snprintf(filename, sizeof(filename) - 1, "%s/.silc/%s",
+ pw->pw_dir, SILC_CLIENT_PRIVATE_KEY_NAME);
+
+ if (silc_pkcs_load_private_key(filename, &client->private_key,
+ SILC_PKCS_FILE_BIN) == FALSE)
+ if (silc_pkcs_load_private_key(filename, &client->private_key,
+ SILC_PKCS_FILE_PEM) == FALSE)
+ return FALSE;
+
+ memset(filename, 0, sizeof(filename));
+ snprintf(filename, sizeof(filename) - 1, "%s/.silc/%s",
+ pw->pw_dir, SILC_CLIENT_PUBLIC_KEY_NAME);
+
+ if (silc_pkcs_load_public_key(filename, &client->public_key,
+ SILC_PKCS_FILE_PEM) == FALSE)
+ if (silc_pkcs_load_public_key(filename, &client->public_key,
+ SILC_PKCS_FILE_BIN) == FALSE)
+ return FALSE;
+
+ return TRUE;