server.c
- Author: Pekka Riikonen <priikone@poseidon.pspt.fi>
+ Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 1997 - 2000 Pekka Riikonen
+ Copyright (C) 1997 - 2001 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
* servicing the SILC connections. This is also a SILC router as a router
* is also normal server.
*/
-/*
- * $Id$
- * $Log$
- * Revision 1.1.1.1 2000/06/27 11:36:56 priikone
- * Importet from internal CVS/Added Log headers.
- *
- *
- */
+/* $Id$ */
#include "serverincludes.h"
#include "server_internal.h"
/* Static prototypes */
+SILC_TASK_CALLBACK(silc_server_connect_router);
SILC_TASK_CALLBACK(silc_server_connect_to_router);
SILC_TASK_CALLBACK(silc_server_connect_to_router_second);
SILC_TASK_CALLBACK(silc_server_connect_to_router_final);
SILC_TASK_CALLBACK(silc_server_accept_new_connection_second);
SILC_TASK_CALLBACK(silc_server_accept_new_connection_final);
SILC_TASK_CALLBACK(silc_server_packet_process);
-SILC_TASK_CALLBACK(silc_server_packet_parse);
+SILC_TASK_CALLBACK(silc_server_packet_parse_real);
SILC_TASK_CALLBACK(silc_server_timeout_remote);
-
-/* XXX */
-void silc_server_packet_parse_type(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet);
-
-static int silc_server_packet_check_mac(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer);
-static int silc_server_packet_decrypt_rest(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer);
-static int silc_server_packet_decrypt_rest_special(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer);
-
-extern char server_version[];
+SILC_TASK_CALLBACK(silc_server_failure_callback);
+SILC_TASK_CALLBACK(silc_server_rekey_callback);
/* Allocates a new SILC server object. This has to be done before the server
can be used. After allocation one must call silc_server_init to initialize
int silc_server_alloc(SilcServer *new_server)
{
+ SilcServer server;
+
SILC_LOG_DEBUG(("Allocating new server object"));
- *new_server = silc_calloc(1, sizeof(**new_server));
- if (*new_server == NULL) {
- SILC_LOG_ERROR(("Could not allocate new server object"));
- return FALSE;
- }
+ server = silc_calloc(1, sizeof(*server));
+ server->server_type = SILC_SERVER;
+ server->standalone = TRUE;
+ server->local_list = silc_calloc(1, sizeof(*server->local_list));
+ server->global_list = silc_calloc(1, sizeof(*server->global_list));
+ server->pending_commands = silc_dlist_init();
+#ifdef SILC_SIM
+ server->sim = silc_dlist_init();
+#endif
- /* Set default values */
- (*new_server)->server_name = NULL;
- (*new_server)->server_type = SILC_SERVER;
- (*new_server)->standalone = FALSE;
- (*new_server)->id = NULL;
- (*new_server)->io_queue = NULL;
- (*new_server)->timeout_queue = NULL;
- (*new_server)->local_list = silc_calloc(1, sizeof(SilcIDListObject));
- (*new_server)->global_list = silc_calloc(1, sizeof(SilcIDListObject));
- (*new_server)->rng = NULL;
- (*new_server)->md5hash = NULL;
- (*new_server)->sha1hash = NULL;
- /* (*new_server)->public_key = NULL;*/
+ *new_server = server;
return TRUE;
}
void silc_server_free(SilcServer server)
{
if (server) {
- if (server->local_list)
- silc_free(server->local_list);
- if (server->global_list)
- silc_free(server->global_list);
+#ifdef SILC_SIM
+ SilcSimContext *sim;
+#endif
+
+ silc_free(server->local_list);
+ silc_free(server->global_list);
if (server->rng)
silc_rng_free(server->rng);
- silc_math_primegen_uninit(); /* XXX */
+ if (server->pkcs)
+ silc_pkcs_free(server->pkcs);
+
+#ifdef SILC_SIM
+ while ((sim = silc_dlist_get(server->sim)) != SILC_LIST_END) {
+ silc_dlist_del(server->sim, sim);
+ silc_sim_free(sim);
+ }
+ silc_dlist_uninit(server->sim);
+#endif
+
+ silc_free(server->params);
+
+ if (server->pending_commands)
+ silc_dlist_uninit(server->pending_commands);
+
silc_free(server);
}
}
{
int *sock = NULL, sock_count, i;
SilcServerID *id;
- SilcServerList *id_entry;
- SilcHashObject hash;
+ SilcServerEntry id_entry;
+ SilcIDListPurge purge;
SILC_LOG_DEBUG(("Initializing server"));
assert(server);
assert(server->config);
- /* Set log files where log message should be saved. */
- server->config->server = server;
- silc_config_server_setlogfiles(server->config);
-
+ /* Set public and private keys */
+ if (!server->config->server_info ||
+ !server->config->server_info->public_key ||
+ !server->config->server_info->private_key) {
+ SILC_LOG_ERROR(("Server public key and/or private key does not exist"));
+ return FALSE;
+ }
+ server->public_key = server->config->server_info->public_key;
+ server->private_key = server->config->server_info->private_key;
+
+ /* XXX After server is made as Silc Server Library this can be given
+ as argument, for now this is hard coded */
+ server->params = silc_calloc(1, sizeof(*server->params));
+ server->params->retry_count = SILC_SERVER_RETRY_COUNT;
+ server->params->retry_interval_min = SILC_SERVER_RETRY_INTERVAL_MIN;
+ server->params->retry_interval_max = SILC_SERVER_RETRY_INTERVAL_MAX;
+ server->params->retry_keep_trying = FALSE;
+ server->params->protocol_timeout = 60;
+ server->params->require_reverse_mapping = FALSE;
+
/* Register all configured ciphers, PKCS and hash functions. */
- silc_config_server_register_ciphers(server->config);
- silc_config_server_register_pkcs(server->config);
- silc_config_server_register_hashfuncs(server->config);
+ if (!silc_server_config_register_ciphers(server))
+ silc_cipher_register_default();
+ if (!silc_server_config_register_pkcs(server))
+ silc_pkcs_register_default();
+ if (!silc_server_config_register_hashfuncs(server))
+ silc_hash_register_default();
+ if (!silc_server_config_register_hmacs(server))
+ silc_hmac_register_default();
/* Initialize random number generator for the server. */
server->rng = silc_rng_alloc();
silc_rng_init(server->rng);
- silc_math_primegen_init(); /* XXX */
+ silc_rng_global_init(server->rng);
/* Initialize hash functions for server to use */
silc_hash_alloc("md5", &server->md5hash);
silc_hash_alloc("sha1", &server->sha1hash);
- /* Initialize none cipher */
- silc_cipher_alloc("none", &server->none_cipher);
-
- /* XXXXX Generate RSA key pair */
- {
- unsigned char *public_key;
- unsigned char *private_key;
- unsigned int pk_len, prv_len;
-
- if (silc_pkcs_alloc("rsa", &server->public_key) == FALSE) {
- SILC_LOG_ERROR(("Could not create RSA key pair"));
- goto err0;
- }
-
- if (server->public_key->pkcs->init(server->public_key->context,
- 1024, server->rng) == FALSE) {
- SILC_LOG_ERROR(("Could not generate RSA key pair"));
- goto err0;
- }
-
- public_key =
- server->public_key->pkcs->get_public_key(server->public_key->context,
- &pk_len);
- private_key =
- server->public_key->pkcs->get_private_key(server->public_key->context,
- &prv_len);
-
- SILC_LOG_HEXDUMP(("public key"), public_key, pk_len);
- SILC_LOG_HEXDUMP(("private key"), private_key, prv_len);
-
- /* XXX Save keys */
- silc_pkcs_save_public_key(server->public_key, "pubkey.pub",
- public_key, pk_len);
+ /* Allocate PKCS context for local public and private keys */
+ silc_pkcs_alloc(server->public_key->name, &server->pkcs);
+ silc_pkcs_public_key_set(server->pkcs, server->public_key);
+ silc_pkcs_private_key_set(server->pkcs, server->private_key);
- memset(public_key, 0, pk_len);
- memset(private_key, 0, prv_len);
- silc_free(public_key);
- silc_free(private_key);
- }
-
- /* Create a listening server. Note that our server can listen on
- multiple ports. All listeners are created here and now. */
- /* XXX Still check this whether to use server_info or listen_port. */
+ /* Create a listening server. Note that our server can listen on multiple
+ ports. All listeners are created here and now. */
sock_count = 0;
- while(server->config->listen_port) {
+ while (1) {
int tmp;
- tmp = silc_net_create_server(server->config->listen_port->port,
- server->config->listen_port->host);
- if (tmp < 0)
+ tmp = silc_net_create_server(server->config->server_info->port,
+ server->config->server_info->server_ip);
+
+ if (tmp < 0) {
+ SILC_LOG_ERROR(("Could not create server listener: %s on %hd",
+ server->config->server_info->server_ip,
+ server->config->server_info->port));
goto err0;
+ }
- sock = silc_realloc(sock, (sizeof(int *) * (sock_count + 1)));
+ sock = silc_realloc(sock, sizeof(*sock) * (sock_count + 1));
sock[sock_count] = tmp;
- server->config->listen_port = server->config->listen_port->next;
sock_count++;
+ break;
}
+ /* Initialize ID caches */
+ server->local_list->clients =
+ silc_idcache_alloc(0, SILC_ID_CLIENT, silc_idlist_client_destructor);
+ server->local_list->servers = silc_idcache_alloc(0, SILC_ID_SERVER, NULL);
+ server->local_list->channels = silc_idcache_alloc(0, SILC_ID_CHANNEL, NULL);
+
+ /* These are allocated for normal server as well as these hold some
+ global information that the server has fetched from its router. For
+ router these are used as they are supposed to be used on router. */
+ server->global_list->clients =
+ silc_idcache_alloc(0, SILC_ID_CLIENT, silc_idlist_client_destructor);
+ server->global_list->servers = silc_idcache_alloc(0, SILC_ID_SERVER, NULL);
+ server->global_list->channels = silc_idcache_alloc(0, SILC_ID_CHANNEL, NULL);
+
/* Allocate the entire socket list that is used in server. Eventually
all connections will have entry in this table (it is a table of
pointers to the actual object that is allocated individually
silc_net_set_socket_nonblock(sock[i]);
server->sock = sock[i];
+ /* Add ourselves also to the socket table. The entry allocated above
+ is sent as argument for fast referencing in the future. */
+ silc_socket_alloc(sock[i], SILC_SOCKET_TYPE_SERVER, NULL, &newsocket);
+ server->sockets[sock[i]] = newsocket;
+
+ /* Perform name and address lookups to resolve the listenning address
+ and port. */
+ if (!silc_net_check_local_by_sock(sock[i], &newsocket->hostname,
+ &newsocket->ip)) {
+ if ((server->params->require_reverse_mapping && !newsocket->hostname) ||
+ !newsocket->ip) {
+ SILC_LOG_ERROR(("IP/DNS lookup failed for local host %s",
+ newsocket->hostname ? newsocket->hostname :
+ newsocket->ip ? newsocket->ip : ""));
+ server->stat.conn_failures++;
+ goto err0;
+ }
+ if (!newsocket->hostname)
+ newsocket->hostname = strdup(newsocket->ip);
+ }
+ newsocket->port = silc_net_get_local_port(sock[i]);
+
/* Create a Server ID for the server. */
- silc_id_create_server_id(sock[i], server->rng, &id);
- if (!id) {
+ silc_id_create_server_id(newsocket->ip, newsocket->port, server->rng, &id);
+ if (!id)
goto err0;
- }
server->id = id;
+ server->id_string = silc_id_id2str(id, SILC_ID_SERVER);
+ server->id_string_len = silc_id_get_len(id, SILC_ID_SERVER);
server->id_type = SILC_ID_SERVER;
server->server_name = server->config->server_info->server_name;
beacuse we haven't established a route yet. It will be done later.
For now, NULL is sent as router. This allocates new entry to
the ID list. */
- silc_idlist_add_server(&server->local_list->servers,
- server->config->server_info->server_name,
- server->server_type, server->id, NULL,
- server->send_key, server->receive_key,
- NULL, NULL, &id_entry);
- if (!id_entry)
+ id_entry =
+ silc_idlist_add_server(server->local_list,
+ server->config->server_info->server_name,
+ server->server_type, server->id, NULL, NULL);
+ if (!id_entry) {
+ SILC_LOG_ERROR(("Could not add ourselves to cache"));
goto err0;
+ }
+ id_entry->data.status |= SILC_IDLIST_STATUS_REGISTERED;
- /* Add ourselves also to the socket table. The entry allocated above
- is sent as argument for fast referencing in the future. */
- silc_socket_alloc(sock[i], SILC_SOCKET_TYPE_SERVER, id_entry,
- &newsocket);
- if (!newsocket)
- goto err0;
-
- server->sockets[sock[i]] = newsocket;
-
/* Put the allocated socket pointer also to the entry allocated above
for fast back-referencing to the socket list. */
- id_entry->connection = (void *)server->sockets[sock[i]];
+ newsocket->user_data = (void *)id_entry;
+ id_entry->connection = (void *)newsocket;
server->id_entry = id_entry;
}
- /* Register the task queues. In SILC we have by default three task queues.
- One task queue for non-timeout tasks which perform different kind of
- I/O on file descriptors, timeout task queue for timeout tasks, and,
- generic non-timeout task queue whose tasks apply to all connections. */
- silc_task_queue_alloc(&server->io_queue, TRUE);
- if (!server->io_queue) {
+ /* Register protocols */
+ silc_server_protocols_register();
+
+ /* Initialize the scheduler. */
+ server->schedule = silc_schedule_init(SILC_SERVER_MAX_CONNECTIONS);
+ if (!server->schedule)
goto err0;
- }
- silc_task_queue_alloc(&server->timeout_queue, TRUE);
- if (!server->timeout_queue) {
- goto err1;
- }
- silc_task_queue_alloc(&server->generic_queue, TRUE);
- if (!server->generic_queue) {
- goto err1;
- }
- /* Initialize the scheduler */
- silc_schedule_init(server->io_queue, server->timeout_queue,
- server->generic_queue,
- SILC_SERVER_MAX_CONNECTIONS);
-
- /* Add the first task to the queue. This is task that is executed by
+ /* Add the first task to the scheduler. This is task that is executed by
timeout. It expires as soon as the caller calls silc_server_run. This
task performs authentication protocol and key exchange with our
primary router. */
- if (silc_task_register(server->timeout_queue, sock[0],
+ silc_schedule_task_add(server->schedule, sock[0],
silc_server_connect_to_router,
(void *)server, 0, 1,
SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_NORMAL) == NULL) {
- goto err2;
- }
+ SILC_TASK_PRI_NORMAL);
+
+ /* Add listener task to the scheduler. This task receives new connections
+ to the server. This task remains on the queue until the end of the
+ program. */
+ silc_schedule_task_add(server->schedule, sock[0],
+ silc_server_accept_new_connection,
+ (void *)server, 0, 0,
+ SILC_TASK_FD,
+ SILC_TASK_PRI_NORMAL);
+ server->listenning = TRUE;
+
+ /* Send log file configuration */
+ silc_server_config_setlogfiles(server->config, server->schedule);
/* If server connections has been configured then we must be router as
normal server cannot have server connections, only router connections. */
- if (server->config->servers)
+ if (server->config->servers) {
+ SilcServerConfigSectionServer *ptr = server->config->servers;
+
server->server_type = SILC_ROUTER;
+ while (ptr) {
+ if (ptr->backup_router) {
+ server->server_type = SILC_BACKUP_ROUTER;
+ server->backup_router = TRUE;
+ server->id_entry->server_type = SILC_BACKUP_ROUTER;
+ break;
+ }
+ ptr = ptr->next;
+ }
+ }
+
+ /* Register the ID Cache purge task. This periodically purges the ID cache
+ and removes the expired cache entries. */
+
+ /* Clients local list */
+ purge = silc_calloc(1, sizeof(*purge));
+ purge->cache = server->local_list->clients;
+ purge->schedule = server->schedule;
+ purge->timeout = 600;
+ silc_schedule_task_add(purge->schedule, 0,
+ silc_idlist_purge,
+ (void *)purge, purge->timeout, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_LOW);
+
+ /* Clients global list */
+ purge = silc_calloc(1, sizeof(*purge));
+ purge->cache = server->global_list->clients;
+ purge->schedule = server->schedule;
+ purge->timeout = 300;
+ silc_schedule_task_add(purge->schedule, 0,
+ silc_idlist_purge,
+ (void *)purge, purge->timeout, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_LOW);
SILC_LOG_DEBUG(("Server initialized"));
/* We are done here, return succesfully */
return TRUE;
- err2:
- silc_task_queue_free(server->timeout_queue);
- err1:
- silc_task_queue_free(server->io_queue);
err0:
for (i = 0; i < sock_count; i++)
silc_net_close_server(sock[i]);
return FALSE;
}
+/* Fork server to background */
+
+void silc_server_daemonise(SilcServer server)
+{
+ int i;
+
+ SILC_LOG_DEBUG(("Forking SILC server to background"));
+
+ i = fork();
+
+ if (i < 0) {
+ SILC_LOG_DEBUG(("fork() failed, cannot proceed"));
+ exit(1);
+ }
+ else if (i) {
+ if (geteuid())
+ SILC_LOG_DEBUG(("Server started as user"));
+ else
+ SILC_LOG_DEBUG(("Server started as root. Dropping privileges."));
+ exit(0);
+ }
+ setsid();
+}
+
+/* Drop root privligies. If this cannot be done, die. */
+
+void silc_server_drop(SilcServer server)
+{
+ /* Are we executing silcd as root or a regular user? */
+ if (!geteuid()) {
+ struct passwd *pw;
+ struct group *gr;
+ char *user, *group;
+
+ if (!server->config->server_info->user || !server->config->server_info->group) {
+ fprintf(stderr, "Error:"
+ "\tSILC server must not be run as root. For the security of your\n"
+ "\tsystem it is strongly suggested that you run SILC under dedicated\n"
+ "\tuser account. Modify the [Identity] configuration section to run\n"
+ "\tthe server as non-root user.\n");
+ exit(1);
+ }
+
+ /* Get the values given for user and group in configuration file */
+ user=server->config->server_info->user;
+ group=server->config->server_info->group;
+
+ /* Check whether the user/group information is text */
+ if (atoi(user)!=0 || atoi(group)!=0) {
+ SILC_LOG_DEBUG(("Invalid user and/or group information"));
+ SILC_LOG_DEBUG(("User and/or group given as number"));
+ fprintf(stderr, "Invalid user and/or group information\n");
+ fprintf(stderr, "Please assign them as names, not numbers\n");
+ exit(1);
+ }
+
+ /* Catch the nasty incident of string "0" returning 0 from atoi */
+ if (strcmp("0", user)==0 || strcmp("0", group)==0) {
+ SILC_LOG_DEBUG(("User and/or group configured to 0. Unacceptable"));
+ fprintf(stderr, "User and/or group configured to 0. Exiting\n");
+ exit(1);
+ }
+
+ if (!(pw=getpwnam(user))) {
+ fprintf(stderr, "No such user %s found\n", user);
+ exit(1);
+ }
+
+ if (!(gr=getgrnam(group))) {
+ fprintf(stderr, "No such group %s found\n", group);
+ exit(1);
+ }
+
+ /* Check whether user and/or group is set to root. If yes, exit
+ immediately. Otherwise, setgid and setuid server to user.group */
+ if (gr->gr_gid==0 || pw->pw_uid==0) {
+ fprintf(stderr, "Error:"
+ "\tSILC server must not be run as root. For the security of your\n"
+ "\tsystem it is strongly suggested that you run SILC under dedicated\n"
+ "\tuser account. Modify the [Identity] configuration section to run\n"
+ "\tthe server as non-root user.\n");
+ exit(1);
+ } else {
+ SILC_LOG_DEBUG(("Changing to group %s", group));
+ if (setgid(gr->gr_gid)==0) {
+ SILC_LOG_DEBUG(("Setgid to %s", group));
+ } else {
+ SILC_LOG_DEBUG(("Setgid to %s failed", group));
+ fprintf(stderr, "Tried to setgid %s but no such group. Exiting\n",
+ group);
+ exit(1);
+ }
+#if defined HAVE_SETGROUPS && defined HAVE_INITGROUPS
+ if (setgroups(0, NULL)!=0) {
+ SILC_LOG_DEBUG(("Setgroups to NULL failed"));
+ fprintf(stderr, "Tried to setgroups NULL but failed. Exiting\n");
+ exit(1);
+ }
+ if (initgroups(user, gr->gr_gid)!=0) {
+ SILC_LOG_DEBUG(("Initgroups to user %s (gid=%d) failed", user, gr->gr_gid));
+ fprintf(stderr, "Tried to initgroups %s (gid=%d) but no such user. Exiting\n",
+ user, gr->gr_gid);
+ exit(1);
+ }
+#endif
+ SILC_LOG_DEBUG(("Changing to user %s", user));
+ if (setuid(pw->pw_uid)==0) {
+ SILC_LOG_DEBUG(("Setuid to %s", user));
+ } else {
+ SILC_LOG_DEBUG(("Setuid to %s failed", user));
+ fprintf(stderr, "Tried to setuid %s but no such user. Exiting\n",
+ user);
+ exit(1);
+ }
+ }
+ }
+}
+
+/* The heart of the server. This runs the scheduler thus runs the server.
+ When this returns the server has been stopped and the program will
+ be terminated. */
+
+void silc_server_run(SilcServer server)
+{
+ SILC_LOG_DEBUG(("Running server"));
+
+ SILC_LOG_INFO(("SILC Server started"));
+
+ /* Start the scheduler, the heart of the SILC server. When this returns
+ the program will be terminated. */
+ silc_schedule(server->schedule);
+}
+
/* Stops the SILC server. This function is used to shutdown the server.
This is usually called after the scheduler has returned. After stopping
the server one should call silc_server_free. */
{
SILC_LOG_DEBUG(("Stopping server"));
- /* Stop the scheduler, although it might be already stopped. This
- doesn't hurt anyone. This removes all the tasks and task queues,
- as well. */
- silc_schedule_stop();
- silc_schedule_uninit();
+ if (server->schedule) {
+ silc_schedule_stop(server->schedule);
+ silc_schedule_uninit(server->schedule);
+ server->schedule = NULL;
+ }
+
+ silc_server_protocols_unregister();
SILC_LOG_DEBUG(("Server stopped"));
}
-/* The heart of the server. This runs the scheduler thus runs the server. */
+/* Function that is called when the network connection to a router has
+ been established. This will continue with the key exchange protocol
+ with the remote router. */
-void silc_server_run(SilcServer server)
+void silc_server_start_key_exchange(SilcServer server,
+ SilcServerConnection sconn,
+ int sock)
{
- SILC_LOG_DEBUG(("Running server"));
+ SilcSocketConnection newsocket;
+ SilcProtocol protocol;
+ SilcServerKEInternalContext *proto_ctx;
+ void *context;
- /* Start the scheduler, the heart of the SILC server. When this returns
- the program will be terminated. */
- silc_schedule();
+ /* Cancel any possible retry timeouts */
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_connect_router);
+
+ /* Set socket options */
+ silc_net_set_socket_nonblock(sock);
+ silc_net_set_socket_opt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
+
+ /* Create socket connection for the connection. Even though we
+ know that we are connecting to a router we will mark the socket
+ to be unknown connection until we have executed authentication
+ protocol. */
+ silc_socket_alloc(sock, SILC_SOCKET_TYPE_UNKNOWN, NULL, &newsocket);
+ server->sockets[sock] = newsocket;
+ newsocket->hostname = strdup(sconn->remote_host);
+ newsocket->ip = strdup(sconn->remote_host);
+ newsocket->port = sconn->remote_port;
+ sconn->sock = newsocket;
+
+ /* Allocate internal protocol context. This is sent as context
+ to the protocol. */
+ proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
+ proto_ctx->server = (void *)server;
+ proto_ctx->context = (void *)sconn;
+ proto_ctx->sock = newsocket;
+ proto_ctx->rng = server->rng;
+ proto_ctx->responder = FALSE;
+
+ /* Perform key exchange protocol. silc_server_connect_to_router_second
+ will be called after the protocol is finished. */
+ silc_protocol_alloc(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
+ &protocol, proto_ctx,
+ silc_server_connect_to_router_second);
+ newsocket->protocol = protocol;
+
+ /* Register a timeout task that will be executed if the protocol
+ is not executed within set limit. */
+ proto_ctx->timeout_task =
+ silc_schedule_task_add(server->schedule, sock,
+ silc_server_timeout_remote,
+ server, server->params->protocol_timeout,
+ server->params->protocol_timeout_usec,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_LOW);
+
+ /* Register the connection for network input and output. This sets
+ that scheduler will listen for incoming packets for this connection
+ and sets that outgoing packets may be sent to this connection as
+ well. However, this doesn't set the scheduler for outgoing traffic,
+ it will be set separately by calling SILC_SET_CONNECTION_FOR_OUTPUT,
+ later when outgoing data is available. */
+ context = (void *)server;
+ SILC_REGISTER_CONNECTION_FOR_IO(sock);
+
+ /* Run the protocol */
+ silc_protocol_execute(protocol, server->schedule, 0, 0);
+}
+
+/* Timeout callback that will be called to retry connecting to remote
+ router. This is used by both normal and router server. This will wait
+ before retrying the connecting. The timeout is generated by exponential
+ backoff algorithm. */
+
+SILC_TASK_CALLBACK(silc_server_connect_to_router_retry)
+{
+ SilcServerConnection sconn = (SilcServerConnection)context;
+ SilcServer server = sconn->server;
+
+ SILC_LOG_INFO(("Retrying connecting to a router"));
+
+ /* Calculate next timeout */
+ if (sconn->retry_count >= 1) {
+ sconn->retry_timeout = sconn->retry_timeout * SILC_SERVER_RETRY_MULTIPLIER;
+ if (sconn->retry_timeout > SILC_SERVER_RETRY_INTERVAL_MAX)
+ sconn->retry_timeout = SILC_SERVER_RETRY_INTERVAL_MAX;
+ } else {
+ sconn->retry_timeout = server->params->retry_interval_min;
+ }
+ sconn->retry_count++;
+ sconn->retry_timeout = sconn->retry_timeout +
+ silc_rng_get_rn32(server->rng) % SILC_SERVER_RETRY_RANDOMIZER;
+
+ /* If we've reached max retry count, give up. */
+ if (sconn->retry_count > server->params->retry_count &&
+ server->params->retry_keep_trying == FALSE) {
+ SILC_LOG_ERROR(("Could not connect to router, giving up"));
+ silc_free(sconn->remote_host);
+ silc_free(sconn);
+ return;
+ }
+
+ /* Wait one before retrying */
+ silc_schedule_task_add(server->schedule, fd, silc_server_connect_router,
+ context, sconn->retry_timeout,
+ server->params->retry_interval_min_usec,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
}
+/* Generic routine to use connect to a router. */
+
+SILC_TASK_CALLBACK(silc_server_connect_router)
+{
+ SilcServerConnection sconn = (SilcServerConnection)context;
+ SilcServer server = sconn->server;
+ int sock;
+
+ SILC_LOG_INFO(("Connecting to the %s %s on port %d",
+ (sconn->backup ? "backup router" : "router"),
+ sconn->remote_host, sconn->remote_port));
+
+ server->router_connect = time(0);
+
+ /* Connect to remote host */
+ sock = silc_net_create_connection(server->config->server_info->server_ip,
+ sconn->remote_port,
+ sconn->remote_host);
+ if (sock < 0) {
+ SILC_LOG_ERROR(("Could not connect to router %s:%d",
+ sconn->remote_host, sconn->remote_port));
+ if (!sconn->no_reconnect)
+ silc_schedule_task_add(server->schedule, fd,
+ silc_server_connect_to_router_retry,
+ context, 0, 1, SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+ return;
+ }
+
+ /* Continue with key exchange protocol */
+ silc_server_start_key_exchange(server, sconn, sock);
+}
+
/* This function connects to our primary router or if we are a router this
establishes all our primary routes. This is called at the start of the
server to do authentication and key exchange with our router - called
SILC_TASK_CALLBACK(silc_server_connect_to_router)
{
SilcServer server = (SilcServer)context;
- SilcSocketConnection newsocket;
- int sock;
+ SilcServerConnection sconn;
+ SilcServerConfigSectionRouter *ptr;
SILC_LOG_DEBUG(("Connecting to router(s)"));
- /* if we are normal SILC server we need to connect to our cell's
- router. */
if (server->server_type == SILC_SERVER) {
- SilcProtocol protocol;
- SilcServerKEInternalContext *proto_ctx;
-
- /* Create connection to the router, if configured. */
- if (server->config->routers) {
- sock = silc_net_create_connection(server->config->routers->port,
- server->config->routers->host);
- if (sock < 0) {
- SILC_LOG_ERROR(("Could not connect to router"));
- silc_schedule_stop();
- return;
- }
-
- /* Set socket options */
- silc_net_set_socket_nonblock(sock);
- silc_net_set_socket_opt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
-
- /* Create socket connection for the connection. Even though we
- know that we are connecting to a router we will mark the socket
- to be unknown connection until we have executed authentication
- protocol. */
- silc_socket_alloc(sock, SILC_SOCKET_TYPE_UNKNOWN, NULL, &newsocket);
- server->sockets[sock] = newsocket;
- newsocket->hostname = server->config->routers->host;
- newsocket->port = server->config->routers->port;
-
- /* Allocate internal protocol context. This is sent as context
- to the protocol. */
- proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
- proto_ctx->server = context;
- proto_ctx->sock = newsocket;
- proto_ctx->rng = server->rng;
- proto_ctx->responder = FALSE;
-
- /* Perform key exchange protocol. silc_server_connect_to_router_second
- will be called after the protocol is finished. */
- silc_protocol_alloc(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
- &protocol, proto_ctx,
- silc_server_connect_to_router_second);
- newsocket->protocol = protocol;
-
- /* Register a timeout task that will be executed if the protocol
- is not executed within 15 seconds. For now, this is a hard coded
- limit. After 15 secs the connection will be closed if the key
- exchange protocol has not been executed. */
- proto_ctx->timeout_task =
- silc_task_register(server->timeout_queue, sock,
- silc_server_timeout_remote,
- context, 15, 0,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_LOW);
-
- /* Register the connection for network input and output. This sets
- that scheduler will listen for incoming packets for this connection
- and sets that outgoing packets may be sent to this connection as
- well. However, this doesn't set the scheduler for outgoing traffic,
- it will be set separately by calling SILC_SET_CONNECTION_FOR_OUTPUT,
- later when outgoing data is available. */
- SILC_REGISTER_CONNECTION_FOR_IO(sock);
-
- /* Run the protocol */
- protocol->execute(server->timeout_queue, 0, protocol, sock, 0, 0);
- return;
- }
+ SILC_LOG_DEBUG(("We are normal server"));
+ } else if (server->server_type == SILC_ROUTER) {
+ SILC_LOG_DEBUG(("We are router"));
+ } else {
+ SILC_LOG_DEBUG(("We are backup router/normal server"));
}
-
- /* if we are a SILC router we need to establish all of our primary
- routes. */
- if (server->server_type == SILC_ROUTER) {
- SilcConfigServerSectionServerConnection *ptr;
- /* Create the connections to all our routes */
- ptr = server->config->routers;
- while (ptr) {
- SilcProtocol protocol;
- SilcServerKEInternalContext *proto_ctx;
-
- /* Create the connection to the remote end */
- sock = silc_net_create_connection(ptr->port, ptr->host);
- if (sock < 0) {
- SILC_LOG_ERROR(("Could not connect to router"));
- silc_schedule_stop();
- return;
+ /* Create the connections to all our routes */
+ ptr = server->config->routers;
+ while (ptr) {
+
+ SILC_LOG_DEBUG(("%s connection [%s] %s:%d",
+ ptr->backup_router ? "Backup router" : "Router",
+ ptr->initiator ? "Initiator" : "Responder",
+ ptr->host, ptr->port));
+
+ if (ptr->initiator) {
+ /* Allocate connection object for hold connection specific stuff. */
+ sconn = silc_calloc(1, sizeof(*sconn));
+ sconn->server = server;
+ sconn->remote_host = strdup(ptr->host);
+ sconn->remote_port = ptr->port;
+ sconn->backup = ptr->backup_router;
+ if (sconn->backup) {
+ sconn->backup_replace_ip = strdup(ptr->backup_replace_ip);
+ sconn->backup_replace_port = ptr->backup_replace_port;
}
- /* Set socket options */
- silc_net_set_socket_nonblock(sock);
- silc_net_set_socket_opt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
-
- /* Create socket connection for the connection. Even though we
- know that we are connecting to a router we will mark the socket
- to be unknown connection until we have executed authentication
- protocol. */
- silc_socket_alloc(sock, SILC_SOCKET_TYPE_UNKNOWN, NULL, &newsocket);
- server->sockets[sock] = newsocket;
- newsocket->hostname = ptr->host;
- newsocket->port = ptr->port;
-
- /* Allocate internal protocol context. This is sent as context
- to the protocol. */
- proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
- proto_ctx->server = context;
- proto_ctx->sock = newsocket;
- proto_ctx->rng = server->rng;
- proto_ctx->responder = FALSE;
-
- /* Perform key exchange protocol. silc_server_connect_to_router_final
- will be called after the protocol is finished. */
- silc_protocol_alloc(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
- &protocol, proto_ctx,
- silc_server_connect_to_router_second);
- newsocket->protocol = protocol;
-
- /* Register a timeout task that will be executed if the protocol
- is not executed within 15 seconds. For now, this is a hard coded
- limit. After 15 secs the connection will be closed if the key
- exchange protocol has not been executed. */
- proto_ctx->timeout_task =
- silc_task_register(server->timeout_queue, sock,
- silc_server_timeout_remote,
- context, 15, 0,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_LOW);
-
- /* Register the connection for network input and output. This sets
- that scheduler will listen for incoming packets for this connection
- and sets that outgoing packets may be sent to this connection as
- well. However, this doesn't set the scheduler for outgoing traffic,
- it will be set separately by calling SILC_SET_CONNECTION_FOR_OUTPUT,
- later when outgoing data is available. */
- SILC_REGISTER_CONNECTION_FOR_IO(sock);
-
- /* Run the protocol */
- protocol->execute(server->timeout_queue, 0, protocol, sock, 0, 0);
-
- if (!ptr->next)
- return;
+ if (!server->router_conn && !sconn->backup)
+ server->router_conn = sconn;
- ptr = ptr->next;
+ silc_schedule_task_add(server->schedule, fd,
+ silc_server_connect_router,
+ (void *)sconn, 0, 1, SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
}
+
+ if (!ptr->next)
+ return;
+
+ ptr = ptr->next;
}
SILC_LOG_DEBUG(("No router(s), server will be standalone"));
/* There wasn't a configured router, we will continue but we don't
have a connection to outside world. We will be standalone server. */
server->standalone = TRUE;
-
- /* Add a task to the queue. This task receives new connections to the
- server. This task remains on the queue until the end of the program. */
- if (silc_task_register(server->io_queue, fd,
- silc_server_accept_new_connection,
- (void *)server, 0, 0,
- SILC_TASK_FD,
- SILC_TASK_PRI_NORMAL) == NULL) {
- silc_schedule_stop();
- return;
- }
}
/* Second part of connecting to router(s). Key exchange protocol has been
SilcServerKEInternalContext *ctx =
(SilcServerKEInternalContext *)protocol->context;
SilcServer server = (SilcServer)ctx->server;
- SilcSocketConnection sock = NULL;
+ SilcServerConnection sconn = (SilcServerConnection)ctx->context;
+ SilcSocketConnection sock = ctx->sock;
SilcServerConnAuthInternalContext *proto_ctx;
+ SilcServerConfigSectionRouter *conn = NULL;
SILC_LOG_DEBUG(("Start"));
- if (protocol->state == SILC_PROTOCOL_STATE_ERROR) {
+ if (protocol->state == SILC_PROTOCOL_STATE_ERROR ||
+ protocol->state == SILC_PROTOCOL_STATE_FAILURE) {
/* Error occured during protocol */
silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ silc_ske_free_key_material(ctx->keymat);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
if (ctx->ske)
silc_ske_free(ctx->ske);
- if (ctx->dest_id)
- silc_free(ctx->dest_id);
+ silc_free(ctx->dest_id);
silc_free(ctx);
- sock->protocol = NULL;
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
silc_server_disconnect_remote(server, sock, "Server closed connection: "
"Key exchange failed");
return;
}
+ /* We now have the key material as the result of the key exchange
+ protocol. Take the key material into use. Free the raw key material
+ as soon as we've set them into use. */
+ if (!silc_server_protocol_ke_set_keys(server, ctx->ske,
+ ctx->sock, ctx->keymat,
+ ctx->ske->prop->cipher,
+ ctx->ske->prop->pkcs,
+ ctx->ske->prop->hash,
+ ctx->ske->prop->hmac,
+ ctx->ske->prop->group,
+ ctx->responder)) {
+ silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ silc_ske_free_key_material(ctx->keymat);
+ if (ctx->packet)
+ silc_packet_context_free(ctx->packet);
+ if (ctx->ske)
+ silc_ske_free(ctx->ske);
+ silc_free(ctx->dest_id);
+ silc_free(ctx);
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Key exchange failed");
+ return;
+ }
+ silc_ske_free_key_material(ctx->keymat);
+
/* Allocate internal context for the authentication protocol. This
is sent as context for the protocol. */
proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
proto_ctx->server = (void *)server;
- proto_ctx->sock = sock = server->sockets[fd];
+ proto_ctx->context = (void *)sconn;
+ proto_ctx->sock = sock;
proto_ctx->ske = ctx->ske; /* Save SKE object from previous protocol */
proto_ctx->dest_id_type = ctx->dest_id_type;
proto_ctx->dest_id = ctx->dest_id;
- /* Resolve the authentication method used in this connection */
- proto_ctx->auth_meth = SILC_PROTOCOL_CONN_AUTH_PASSWORD;
- if (server->config->routers) {
- SilcConfigServerSectionServerConnection *conn = NULL;
-
- /* Check if we find a match from user configured connections */
- conn = silc_config_server_find_router_conn(server->config,
- sock->hostname,
- sock->port);
- if (conn) {
- /* Match found. Use the configured authentication method */
- proto_ctx->auth_meth = conn->auth_meth;
- if (conn->auth_data) {
- proto_ctx->auth_data = strdup(conn->auth_data);
- proto_ctx->auth_data_len = strlen(conn->auth_data);
- }
- } else {
- /* No match found. */
- /* XXX */
+ /* Resolve the authentication method used in this connection. Check if
+ we find a match from user configured connections */
+ conn = silc_server_config_find_router_conn(server->config,
+ sock->hostname,
+ sock->port);
+ if (conn) {
+ /* Match found. Use the configured authentication method */
+ proto_ctx->auth_meth = conn->auth_meth;
+ if (conn->auth_data) {
+ proto_ctx->auth_data = strdup(conn->auth_data);
+ proto_ctx->auth_data_len = strlen(conn->auth_data);
}
} else {
- /* XXX */
+ SILC_LOG_ERROR(("Could not find connection data for %s (%s) on port",
+ sock->hostname, sock->ip, sock->port));
+ silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ if (ctx->packet)
+ silc_packet_context_free(ctx->packet);
+ if (ctx->ske)
+ silc_ske_free(ctx->ske);
+ silc_free(ctx->dest_id);
+ silc_free(ctx);
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Key exchange failed");
+ return;
}
/* Free old protocol as it is finished now */
silc_protocol_free(protocol);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
silc_free(ctx);
sock->protocol = NULL;
this timelimit the connection will be terminated. Currently
this is 15 seconds and is hard coded limit (XXX). */
proto_ctx->timeout_task =
- silc_task_register(server->timeout_queue, sock->sock,
+ silc_schedule_task_add(server->schedule, sock->sock,
silc_server_timeout_remote,
(void *)server, 15, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_LOW);
/* Run the protocol */
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock, 0, 0);
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
}
/* Finalizes the connection to router. Registers a server task to the
SilcServerConnAuthInternalContext *ctx =
(SilcServerConnAuthInternalContext *)protocol->context;
SilcServer server = (SilcServer)ctx->server;
+ SilcServerConnection sconn = (SilcServerConnection)ctx->context;
SilcSocketConnection sock = ctx->sock;
- SilcServerList *id_entry;
- SilcIDListUnknown *conn_data;
+ SilcServerEntry id_entry;
SilcBuffer packet;
+ SilcServerHBContext hb_context;
unsigned char *id_string;
+ uint32 id_len;
+ SilcIDListData idata;
SILC_LOG_DEBUG(("Start"));
- if (protocol->state == SILC_PROTOCOL_STATE_ERROR) {
+ if (protocol->state == SILC_PROTOCOL_STATE_ERROR ||
+ protocol->state == SILC_PROTOCOL_STATE_FAILURE) {
/* Error occured during protocol */
- silc_protocol_free(protocol);
- if (ctx->packet)
- silc_buffer_free(ctx->packet);
- if (ctx->ske)
- silc_ske_free(ctx->ske);
- if (ctx->dest_id)
- silc_free(ctx->dest_id);
- silc_free(ctx);
- sock->protocol = NULL;
+ silc_free(ctx->dest_id);
silc_server_disconnect_remote(server, sock, "Server closed connection: "
"Authentication failed");
- return;
+ goto out;
}
/* Add a task to the queue. This task receives new connections to the
server. This task remains on the queue until the end of the program. */
- if (!server->listenning) {
- if (silc_task_register(server->io_queue, server->sock,
+ if (!server->listenning && !sconn->backup) {
+ silc_schedule_task_add(server->schedule, server->sock,
silc_server_accept_new_connection,
(void *)server, 0, 0,
SILC_TASK_FD,
- SILC_TASK_PRI_NORMAL) == NULL) {
- silc_schedule_stop();
- return;
- } else {
- server->listenning = TRUE;
- }
+ SILC_TASK_PRI_NORMAL);
+ server->listenning = TRUE;
}
/* Send NEW_SERVER packet to the router. We will become registered
to the SILC network after sending this packet. */
id_string = silc_id_id2str(server->id, SILC_ID_SERVER);
- packet = silc_buffer_alloc(2 + 2 + SILC_ID_SERVER_LEN +
- strlen(server->server_name));
+ id_len = silc_id_get_len(server->id, SILC_ID_SERVER);
+ packet = silc_buffer_alloc(2 + 2 + id_len + strlen(server->server_name));
silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
silc_buffer_format(packet,
- SILC_STR_UI_SHORT(SILC_ID_SERVER_LEN),
- SILC_STR_UI_XNSTRING(id_string, SILC_ID_SERVER_LEN),
+ SILC_STR_UI_SHORT(id_len),
+ SILC_STR_UI_XNSTRING(id_string, id_len),
SILC_STR_UI_SHORT(strlen(server->server_name)),
SILC_STR_UI_XNSTRING(server->server_name,
strlen(server->server_name)),
silc_buffer_free(packet);
silc_free(id_string);
- SILC_LOG_DEBUG(("Connected to router %s", sock->hostname));
+ SILC_LOG_INFO(("Connected to router %s", sock->hostname));
+
+ /* Check that we do not have this ID already */
+ id_entry = silc_idlist_find_server_by_id(server->local_list,
+ ctx->dest_id, TRUE, NULL);
+ if (id_entry) {
+ silc_idcache_del_by_context(server->local_list->servers, id_entry);
+ } else {
+ id_entry = silc_idlist_find_server_by_id(server->global_list,
+ ctx->dest_id, TRUE, NULL);
+ if (id_entry)
+ silc_idcache_del_by_context(server->global_list->servers, id_entry);
+ }
+
+ SILC_LOG_DEBUG(("New server id(%s)",
+ silc_id_render(ctx->dest_id, SILC_ID_SERVER)));
- /* Add the connected router to local server list */
- server->standalone = FALSE;
- conn_data = (SilcIDListUnknown *)sock->user_data;
- silc_idlist_add_server(&server->local_list->servers,
- sock->hostname ? sock->hostname : sock->ip,
- SILC_ROUTER, ctx->dest_id, NULL,
- conn_data->send_key, conn_data->receive_key,
- conn_data->pkcs, conn_data->hmac, &id_entry);
+ /* Add the connected router to global server list */
+ id_entry = silc_idlist_add_server(server->global_list,
+ strdup(sock->hostname),
+ SILC_ROUTER, ctx->dest_id, NULL, sock);
+ if (!id_entry) {
+ silc_free(ctx->dest_id);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Authentication failed");
+ goto out;
+ }
- id_entry->hmac_key = conn_data->hmac_key;
- id_entry->hmac_key_len = conn_data->hmac_key_len;
- id_entry->connection = sock;
+ silc_idlist_add_data(id_entry, (SilcIDListData)sock->user_data);
+ silc_free(sock->user_data);
sock->user_data = (void *)id_entry;
sock->type = SILC_SOCKET_TYPE_ROUTER;
- server->id_entry->router = id_entry;
+ idata = (SilcIDListData)sock->user_data;
+ idata->status |= SILC_IDLIST_STATUS_REGISTERED;
+
+ /* Perform keepalive. The `hb_context' will be freed automatically
+ when finally calling the silc_socket_free function. XXX hardcoded
+ timeout!! */
+ hb_context = silc_calloc(1, sizeof(*hb_context));
+ hb_context->server = server;
+ silc_socket_set_heartbeat(sock, 300, hb_context,
+ silc_server_perform_heartbeat,
+ server->schedule);
+
+ /* Register re-key timeout */
+ idata->rekey->timeout = 3600; /* XXX hardcoded */
+ idata->rekey->context = (void *)server;
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_rekey_callback,
+ (void *)sock, idata->rekey->timeout, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
+
+ if (!sconn->backup) {
+ /* Mark this router our primary router if we're still standalone */
+ if (server->standalone) {
+ server->id_entry->router = id_entry;
+ server->router = id_entry;
+ server->standalone = FALSE;
+
+ /* If we are router then announce our possible servers. */
+ if (server->server_type == SILC_ROUTER)
+ silc_server_announce_servers(server, FALSE, 0,
+ server->router->connection);
+
+ /* Announce our clients and channels to the router */
+ silc_server_announce_clients(server, 0, server->router->connection);
+ silc_server_announce_channels(server, 0, server->router->connection);
+ }
+ } else {
+ /* Add this server to be our backup router */
+ silc_server_backup_add(server, id_entry, sconn->backup_replace_ip,
+ sconn->backup_replace_port, FALSE);
+ }
+
+ sock->protocol = NULL;
- /* Free the temporary connection data context from key exchange */
- silc_free(conn_data);
+ /* Call the completion callback to indicate that we've connected to
+ the router */
+ if (sconn->callback)
+ (*sconn->callback)(server, id_entry, sconn->callback_context);
+
+ out:
+ /* Free the temporary connection data context */
+ if (sconn) {
+ silc_free(sconn->remote_host);
+ silc_free(sconn->backup_replace_ip);
+ silc_free(sconn);
+ }
+ if (sconn == server->router_conn)
+ server->router_conn = NULL;
/* Free the protocol object */
+ if (sock->protocol == protocol)
+ sock->protocol = NULL;
silc_protocol_free(protocol);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
if (ctx->ske)
silc_ske_free(ctx->ske);
+ silc_free(ctx->auth_data);
silc_free(ctx);
- sock->protocol = NULL;
}
-/* Accepts new connections to the server. Accepting new connections are
- done in three parts to make it async. */
+/* Host lookup callbcak that is called after the incoming connection's
+ IP and FQDN lookup is performed. This will actually check the acceptance
+ of the incoming connection and will register the key exchange protocol
+ for this connection. */
-SILC_TASK_CALLBACK(silc_server_accept_new_connection)
+static void
+silc_server_accept_new_connection_lookup(SilcSocketConnection sock,
+ void *context)
{
SilcServer server = (SilcServer)context;
- SilcSocketConnection newsocket;
SilcServerKEInternalContext *proto_ctx;
- int sock;
+ void *cconfig, *sconfig, *rconfig;
+ SilcServerConfigSectionDeny *deny;
+ int port;
- SILC_LOG_DEBUG(("Accepting new connection"));
+ SILC_LOG_DEBUG(("Start"));
- sock = silc_net_accept_connection(server->sock);
- if (sock < 0) {
- SILC_LOG_ERROR(("Could not accept new connection: %s", strerror(errno)));
+ /* Check whether we could resolve both IP and FQDN. */
+ if (!sock->ip || (!strcmp(sock->ip, sock->hostname) &&
+ server->params->require_reverse_mapping)) {
+ SILC_LOG_ERROR(("IP/DNS lookup failed %s",
+ sock->hostname ? sock->hostname :
+ sock->ip ? sock->ip : ""));
+ server->stat.conn_failures++;
+ silc_server_disconnect_remote(server, sock,
+ "Server closed connection: Unknown host");
return;
}
- /* Check max connections */
- if (sock > SILC_SERVER_MAX_CONNECTIONS) {
- if (server->config->redirect) {
- /* XXX Redirecting connection to somewhere else now?? */
- /*silc_server_send_notify("Server is full, trying to redirect..."); */
- } else {
- SILC_LOG_ERROR(("Refusing connection, server is full"));
- }
+ /* Register the connection for network input and output. This sets
+ that scheduler will listen for incoming packets for this connection
+ and sets that outgoing packets may be sent to this connection as well.
+ However, this doesn't set the scheduler for outgoing traffic, it
+ will be set separately by calling SILC_SET_CONNECTION_FOR_OUTPUT,
+ later when outgoing data is available. */
+ SILC_REGISTER_CONNECTION_FOR_IO(sock->sock);
+
+ SILC_LOG_INFO(("Incoming connection from %s (%s)", sock->hostname,
+ sock->ip));
+
+ port = server->sockets[server->sock]->port; /* Listenning port */
+
+ /* Check whether this connection is denied to connect to us. */
+ deny = silc_server_config_find_denied(server->config, sock->ip, port);
+ if (!deny)
+ deny = silc_server_config_find_denied(server->config, sock->hostname,
+ port);
+ if (deny) {
+ /* The connection is denied */
+ SILC_LOG_INFO(("Connection %s (%s) is denied",
+ sock->hostname, sock->ip));
+ silc_server_disconnect_remote(server, sock, deny->reason ?
+ deny->reason :
+ "Server closed connection: "
+ "Connection refused");
+ server->stat.conn_failures++;
return;
}
- /* Set socket options */
- silc_net_set_socket_nonblock(sock);
- silc_net_set_socket_opt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
-
- /* We don't create a ID yet, since we don't know what type of connection
- this is yet. But, we do add the connection to the socket table. */
- silc_socket_alloc(sock, SILC_SOCKET_TYPE_UNKNOWN, NULL, &newsocket);
- server->sockets[sock] = newsocket;
-
- /* XXX This MUST be done async as this will block the entire server
- process. Either we have to do our own resolver stuff or in the future
- we can use threads. */
- /* Perform mandatory name and address lookups for the remote host. */
- silc_net_check_host_by_sock(sock, &newsocket->hostname, &newsocket->ip);
- if (!newsocket->ip || !newsocket->hostname) {
- SILC_LOG_DEBUG(("IP lookup/DNS lookup failed"));
- SILC_LOG_ERROR(("IP lookup/DNS lookup failed"));
+ /* Check whether we have configred this sort of connection at all. We
+ have to check all configurations since we don't know what type of
+ connection this is. */
+ if (!(cconfig = silc_server_config_find_client(server->config,
+ sock->ip, port)))
+ cconfig = silc_server_config_find_client(server->config,
+ sock->hostname,
+ port);
+ if (!(sconfig = silc_server_config_find_server_conn(server->config,
+ sock->ip,
+ port)))
+ sconfig = silc_server_config_find_server_conn(server->config,
+ sock->hostname,
+ port);
+ if (!(rconfig = silc_server_config_find_router_conn(server->config,
+ sock->ip, port)))
+ rconfig = silc_server_config_find_router_conn(server->config,
+ sock->hostname,
+ port);
+ if (!cconfig && !sconfig && !rconfig) {
+ SILC_LOG_INFO(("Connection %s (%s) is not allowed",
+ sock->hostname, sock->ip));
+ silc_server_disconnect_remote(server, sock,
+ "Server closed connection: "
+ "Connection refused");
+ server->stat.conn_failures++;
return;
}
+ /* The connection is allowed */
+
/* Allocate internal context for key exchange protocol. This is
sent as context for the protocol. */
proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
proto_ctx->server = context;
- proto_ctx->sock = newsocket;
+ proto_ctx->sock = sock;
proto_ctx->rng = server->rng;
proto_ctx->responder = TRUE;
+ proto_ctx->cconfig = cconfig;
+ proto_ctx->sconfig = sconfig;
+ proto_ctx->rconfig = rconfig;
/* Prepare the connection for key exchange protocol. We allocate the
protocol but will not start it yet. The connector will be the
initiator of the protocol thus we will wait for initiation from
there before we start the protocol. */
+ server->stat.auth_attempts++;
silc_protocol_alloc(SILC_PROTOCOL_SERVER_KEY_EXCHANGE,
- &newsocket->protocol, proto_ctx,
+ &sock->protocol, proto_ctx,
silc_server_accept_new_connection_second);
/* Register a timeout task that will be executed if the connector
- will not start the key exchange protocol within 15 seconds. For
- now, this is a hard coded limit. After 15 secs the connection will
+ will not start the key exchange protocol within 60 seconds. For
+ now, this is a hard coded limit. After 60 secs the connection will
be closed if the key exchange protocol has not been started. */
proto_ctx->timeout_task =
- silc_task_register(server->timeout_queue, newsocket->sock,
- silc_server_timeout_remote,
- context, 15, 0,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_LOW);
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_timeout_remote,
+ context, 60, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_LOW);
+}
- /* Register the connection for network input and output. This sets
- that scheduler will listen for incoming packets for this connection
- and sets that outgoing packets may be sent to this connection as well.
- However, this doesn't set the scheduler for outgoing traffic, it
- will be set separately by calling SILC_SET_CONNECTION_FOR_OUTPUT,
- later when outgoing data is available. */
- SILC_REGISTER_CONNECTION_FOR_IO(sock);
+/* Accepts new connections to the server. Accepting new connections are
+ done in three parts to make it async. */
+
+SILC_TASK_CALLBACK(silc_server_accept_new_connection)
+{
+ SilcServer server = (SilcServer)context;
+ SilcSocketConnection newsocket;
+ int sock;
+
+ SILC_LOG_DEBUG(("Accepting new connection"));
+
+ server->stat.conn_attempts++;
+
+ sock = silc_net_accept_connection(server->sock);
+ if (sock < 0) {
+ SILC_LOG_ERROR(("Could not accept new connection: %s", strerror(errno)));
+ server->stat.conn_failures++;
+ return;
+ }
+
+ /* Check max connections */
+ if (sock > SILC_SERVER_MAX_CONNECTIONS) {
+ SILC_LOG_ERROR(("Refusing connection, server is full"));
+ server->stat.conn_failures++;
+ return;
+ }
+
+ /* Set socket options */
+ silc_net_set_socket_nonblock(sock);
+ silc_net_set_socket_opt(sock, SOL_SOCKET, SO_REUSEADDR, 1);
+
+ /* We don't create a ID yet, since we don't know what type of connection
+ this is yet. But, we do add the connection to the socket table. */
+ silc_socket_alloc(sock, SILC_SOCKET_TYPE_UNKNOWN, NULL, &newsocket);
+ server->sockets[sock] = newsocket;
+
+ /* Perform asynchronous host lookup. This will lookup the IP and the
+ FQDN of the remote connection. After the lookup is done the connection
+ is accepted further. */
+ silc_socket_host_lookup(newsocket, TRUE,
+ silc_server_accept_new_connection_lookup, context,
+ server->schedule);
}
/* Second part of accepting new connection. Key exchange protocol has been
SilcServerKEInternalContext *ctx =
(SilcServerKEInternalContext *)protocol->context;
SilcServer server = (SilcServer)ctx->server;
- SilcSocketConnection sock = NULL;
+ SilcSocketConnection sock = ctx->sock;
SilcServerConnAuthInternalContext *proto_ctx;
SILC_LOG_DEBUG(("Start"));
- if (protocol->state == SILC_PROTOCOL_STATE_ERROR) {
+ if (protocol->state == SILC_PROTOCOL_STATE_ERROR ||
+ protocol->state == SILC_PROTOCOL_STATE_FAILURE) {
/* Error occured during protocol */
silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ silc_ske_free_key_material(ctx->keymat);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
if (ctx->ske)
silc_ske_free(ctx->ske);
- if (ctx->dest_id)
- silc_free(ctx->dest_id);
+ silc_free(ctx->dest_id);
silc_free(ctx);
- sock->protocol = NULL;
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
silc_server_disconnect_remote(server, sock, "Server closed connection: "
"Key exchange failed");
+ server->stat.auth_failures++;
return;
}
+ /* We now have the key material as the result of the key exchange
+ protocol. Take the key material into use. Free the raw key material
+ as soon as we've set them into use. */
+ if (!silc_server_protocol_ke_set_keys(server, ctx->ske,
+ ctx->sock, ctx->keymat,
+ ctx->ske->prop->cipher,
+ ctx->ske->prop->pkcs,
+ ctx->ske->prop->hash,
+ ctx->ske->prop->hmac,
+ ctx->ske->prop->group,
+ ctx->responder)) {
+ silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ silc_ske_free_key_material(ctx->keymat);
+ if (ctx->packet)
+ silc_packet_context_free(ctx->packet);
+ if (ctx->ske)
+ silc_ske_free(ctx->ske);
+ silc_free(ctx->dest_id);
+ silc_free(ctx);
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Key exchange failed");
+ server->stat.auth_failures++;
+ return;
+ }
+ silc_ske_free_key_material(ctx->keymat);
+
/* Allocate internal context for the authentication protocol. This
is sent as context for the protocol. */
proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
proto_ctx->server = (void *)server;
- proto_ctx->sock = sock = server->sockets[fd];
+ proto_ctx->sock = sock;
proto_ctx->ske = ctx->ske; /* Save SKE object from previous protocol */
proto_ctx->responder = TRUE;
proto_ctx->dest_id_type = ctx->dest_id_type;
proto_ctx->dest_id = ctx->dest_id;
+ proto_ctx->cconfig = ctx->cconfig;
+ proto_ctx->sconfig = ctx->sconfig;
+ proto_ctx->rconfig = ctx->rconfig;
/* Free old protocol as it is finished now */
silc_protocol_free(protocol);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
silc_free(ctx);
sock->protocol = NULL;
this timelimit the connection will be terminated. Currently
this is 60 seconds and is hard coded limit (XXX). */
proto_ctx->timeout_task =
- silc_task_register(server->timeout_queue, sock->sock,
- silc_server_timeout_remote,
- (void *)server, 60, 0,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_LOW);
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_timeout_remote,
+ (void *)server, 60, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_LOW);
}
/* Final part of accepting new connection. The connection has now
(SilcServerConnAuthInternalContext *)protocol->context;
SilcServer server = (SilcServer)ctx->server;
SilcSocketConnection sock = ctx->sock;
+ SilcServerHBContext hb_context;
+ SilcUnknownEntry entry = (SilcUnknownEntry)sock->user_data;
+ void *id_entry;
SILC_LOG_DEBUG(("Start"));
- if (protocol->state == SILC_PROTOCOL_STATE_ERROR) {
+ if (protocol->state == SILC_PROTOCOL_STATE_ERROR ||
+ protocol->state == SILC_PROTOCOL_STATE_FAILURE) {
/* Error occured during protocol */
silc_protocol_free(protocol);
+ sock->protocol = NULL;
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
if (ctx->ske)
silc_ske_free(ctx->ske);
- if (ctx->dest_id)
- silc_free(ctx->dest_id);
+ silc_free(ctx->dest_id);
silc_free(ctx);
- sock->protocol = NULL;
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
silc_server_disconnect_remote(server, sock, "Server closed connection: "
"Authentication failed");
+ server->stat.auth_failures++;
return;
}
- sock->type = ctx->conn_type;
- switch(sock->type) {
+ entry->data.last_receive = time(NULL);
+
+ switch (ctx->conn_type) {
case SILC_SOCKET_TYPE_CLIENT:
{
- SilcClientList *id_entry = NULL;
- SilcIDListUnknown *conn_data = sock->user_data;
+ SilcClientEntry client;
SILC_LOG_DEBUG(("Remote host is client"));
+ SILC_LOG_INFO(("Connection from %s (%s) is client", sock->hostname,
+ sock->ip));
+
+ /* Add the client to the client ID cache. The nickname and Client ID
+ and other information is created after we have received NEW_CLIENT
+ packet from client. */
+ client = silc_idlist_add_client(server->local_list,
+ NULL, NULL, NULL, NULL, NULL, sock, 0);
+ if (!client) {
+ SILC_LOG_ERROR(("Could not add new client to cache"));
+ silc_free(sock->user_data);
+ silc_server_disconnect_remote(server, sock,
+ "Server closed connection: "
+ "Authentication failed");
+ server->stat.auth_failures++;
+ goto out;
+ }
- /* Add the client to the client ID list. We have not created the
- client ID for the client yet. This is done when client registers
- itself by sending NEW_CLIENT packet. */
- silc_idlist_add_client(&server->local_list->clients,
- NULL, NULL, NULL, NULL, NULL,
- conn_data->send_key, conn_data->receive_key,
- conn_data->pkcs, conn_data->hmac, &id_entry);
-
- id_entry->hmac_key = conn_data->hmac_key;
- id_entry->hmac_key_len = conn_data->hmac_key_len;
- id_entry->connection = sock;
-
- /* Free the temporary connection data context from key exchange */
- silc_free(conn_data);
+ /* Statistics */
+ server->stat.my_clients++;
+ server->stat.clients++;
+ if (server->server_type == SILC_ROUTER)
+ server->stat.cell_clients++;
- /* Mark the entry to the ID list to the socket connection for
- fast referencing in the future. */
- sock->user_data = (void *)id_entry;
+ id_entry = (void *)client;
break;
}
case SILC_SOCKET_TYPE_SERVER:
case SILC_SOCKET_TYPE_ROUTER:
{
- SilcServerList *id_entry;
- SilcIDListUnknown *conn_data = sock->user_data;
-
+ SilcServerEntry new_server;
+ /* XXX FIXME: Now server and router has different table, so this is probably broken. */
+ SilcServerConfigSectionRouter *conn =
+ ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ ctx->sconfig : ctx->rconfig;
+
SILC_LOG_DEBUG(("Remote host is %s",
- sock->type == SILC_SOCKET_TYPE_SERVER ?
- "server" : "router"));
-
- /* Add the server to the ID list. We don't have the server's ID
- yet but we will receive it after the server sends NEW_SERVER
- packet to us. */
- silc_idlist_add_server(&server->local_list->servers, NULL,
- sock->type == SILC_SOCKET_TYPE_SERVER ?
- SILC_SERVER : SILC_ROUTER, NULL, NULL,
- conn_data->send_key, conn_data->receive_key,
- conn_data->pkcs, conn_data->hmac, &id_entry);
-
- id_entry->hmac_key = conn_data->hmac_key;
- id_entry->hmac_key_len = conn_data->hmac_key_len;
- id_entry->connection = sock;
-
- /* Free the temporary connection data context from key exchange */
- silc_free(conn_data);
-
- /* Mark the entry to the ID list to the socket connection for
- fast referencing in the future. */
- sock->user_data = (void *)id_entry;
-
- /* There is connection to other server now, if it is router then
- we will have connection to outside world. If we are router but
- normal server connected to us then we will remain standalone,
- if we are standlone. */
- if (server->standalone && sock->type == SILC_SOCKET_TYPE_ROUTER) {
+ ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ "server" : (conn->backup_router ?
+ "backup router" : "router")));
+ SILC_LOG_INFO(("Connection from %s (%s) is %s", sock->hostname,
+ sock->ip, ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ "server" : (conn->backup_router ?
+ "backup router" : "router")));
+
+ /* Add the server into server cache. The server name and Server ID
+ is updated after we have received NEW_SERVER packet from the
+ server. We mark ourselves as router for this server if we really
+ are router. */
+ new_server =
+ silc_idlist_add_server((ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ server->local_list : (conn->backup_router ?
+ server->local_list :
+ server->global_list)),
+ NULL,
+ (ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ SILC_SERVER : SILC_ROUTER),
+ NULL,
+ (ctx->conn_type == SILC_SOCKET_TYPE_SERVER ?
+ server->id_entry : (conn->backup_router ?
+ server->id_entry : NULL)),
+ sock);
+ if (!new_server) {
+ SILC_LOG_ERROR(("Could not add new server to cache"));
+ silc_free(sock->user_data);
+ silc_server_disconnect_remote(server, sock,
+ "Server closed connection: "
+ "Authentication failed");
+ server->stat.auth_failures++;
+ goto out;
+ }
+
+ /* Statistics */
+ if (ctx->conn_type == SILC_SOCKET_TYPE_SERVER)
+ server->stat.my_servers++;
+ else
+ server->stat.my_routers++;
+ server->stat.servers++;
+
+ id_entry = (void *)new_server;
+
+ /* If the incoming connection is router and marked as backup router
+ then add it to be one of our backups */
+ if (ctx->conn_type == SILC_SOCKET_TYPE_ROUTER && conn->backup_router) {
+ silc_server_backup_add(server, new_server, conn->backup_replace_ip,
+ conn->backup_replace_port, conn->backup_local);
+
+ /* Change it back to SERVER type since that's what it really is. */
+ if (conn->backup_local)
+ ctx->conn_type = SILC_SOCKET_TYPE_SERVER;
+
+ new_server->server_type = SILC_BACKUP_ROUTER;
+ }
+
+ /* Check whether this connection is to be our primary router connection
+ if we do not already have the primary route. */
+ if (server->standalone && ctx->conn_type == SILC_SOCKET_TYPE_ROUTER) {
+ if (silc_server_config_is_primary_route(server->config) &&
+ !conn->initiator)
+ break;
+
SILC_LOG_DEBUG(("We are not standalone server anymore"));
server->standalone = FALSE;
+ if (!server->id_entry->router) {
+ server->id_entry->router = id_entry;
+ server->router = id_entry;
+ }
}
+
break;
}
default:
+ goto out;
break;
}
+ sock->type = ctx->conn_type;
+
+ /* Add the common data structure to the ID entry. */
+ silc_idlist_add_data(id_entry, (SilcIDListData)sock->user_data);
+
+ /* Add to sockets internal pointer for fast referencing */
+ silc_free(sock->user_data);
+ sock->user_data = id_entry;
+
/* Connection has been fully established now. Everything is ok. */
SILC_LOG_DEBUG(("New connection authenticated"));
+ /* Perform keepalive. The `hb_context' will be freed automatically
+ when finally calling the silc_socket_free function. XXX hardcoded
+ timeout!! */
+ hb_context = silc_calloc(1, sizeof(*hb_context));
+ hb_context->server = server;
+ silc_socket_set_heartbeat(sock, 400, hb_context,
+ silc_server_perform_heartbeat,
+ server->schedule);
+
+ out:
+ silc_schedule_task_del_by_callback(server->schedule,
+ silc_server_failure_callback);
silc_protocol_free(protocol);
if (ctx->packet)
- silc_buffer_free(ctx->packet);
+ silc_packet_context_free(ctx->packet);
if (ctx->ske)
silc_ske_free(ctx->ske);
- if (ctx->dest_id)
- silc_free(ctx->dest_id);
+ silc_free(ctx->dest_id);
silc_free(ctx);
sock->protocol = NULL;
}
-typedef struct {
- SilcPacketContext *packetdata;
- SilcServer server;
- SilcSocketConnection sock;
- SilcCipher cipher;
- SilcHmac hmac;
-} SilcServerInternalPacket;
-
/* This function is used to read packets from network and send packets to
network. This is usually a generic task. */
{
SilcServer server = (SilcServer)context;
SilcSocketConnection sock = server->sockets[fd];
- int ret, packetlen, paddedlen;
+ SilcIDListData idata;
+ SilcCipher cipher = NULL;
+ SilcHmac hmac = NULL;
+ uint32 sequence = 0;
+ int ret;
+
+ if (!sock)
+ return;
SILC_LOG_DEBUG(("Processing packet"));
/* Packet sending */
+
if (type == SILC_TASK_WRITE) {
- SILC_LOG_DEBUG(("Writing data to connection"));
+ /* Do not send data to disconnected connection */
+ if (SILC_IS_DISCONNECTED(sock))
+ return;
+
+ server->stat.packets_sent++;
if (sock->outbuf->data - sock->outbuf->head)
- silc_buffer_push(sock->outbuf,
- sock->outbuf->data - sock->outbuf->head);
+ silc_buffer_push(sock->outbuf, sock->outbuf->data - sock->outbuf->head);
- /* Write the packet out to the connection */
- ret = silc_packet_write(fd, sock->outbuf);
+ /* Send the packet */
+ ret = silc_packet_send(sock, TRUE);
/* If returned -2 could not write to connection now, will do
it later. */
if (ret == -2)
return;
-
- /* Error */
- if (ret == -1)
- SILC_LOG_ERROR(("Could not write, packet dropped"));
+ if (ret == -1) {
+ SILC_LOG_ERROR(("Error sending packet to connection "
+ "%s:%d [%s]", sock->hostname, sock->port,
+ (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
+ sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
+ sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
+ "Router")));
+ return;
+ }
+
/* The packet has been sent and now it is time to set the connection
back to only for input. When there is again some outgoing data
available for this connection it will be set for output as well.
This call clears the output setting and sets it only for input. */
- SILC_SET_CONNECTION_FOR_INPUT(fd);
+ SILC_SET_CONNECTION_FOR_INPUT(server->schedule, fd);
SILC_UNSET_OUTBUF_PENDING(sock);
silc_buffer_clear(sock->outbuf);
}
/* Packet receiving */
- if (type == SILC_TASK_READ) {
- SILC_LOG_DEBUG(("Reading data from connection"));
- /* Allocate the incoming data buffer if not done already. */
- if (!sock->inbuf)
- sock->inbuf = silc_buffer_alloc(SILC_PACKET_DEFAULT_SIZE);
+ /* Read some data from connection */
+ ret = silc_packet_receive(sock);
+ if (ret < 0) {
- /* Read some data from connection */
- ret = silc_packet_read(fd, sock->inbuf);
-
- /* If returned -2 data was not available now, will read it later. */
- if (ret == -2)
- return;
-
- /* Error */
- if (ret == -1) {
- SILC_LOG_ERROR(("Could not read, packet dropped"));
- return;
- }
-
- /* EOF */
- if (ret == 0) {
- SILC_LOG_DEBUG(("Read EOF"));
-
- /* If connection is disconnecting already we will finally
- close the connection */
- if (SILC_IS_DISCONNECTING(sock)) {
- if (sock->user_data)
- silc_server_free_sock_user_data(server, sock);
- silc_server_close_connection(server, sock);
- return;
- }
-
- SILC_LOG_DEBUG(("Premature EOF from connection %d", sock->sock));
+ if (ret == -1)
+ SILC_LOG_ERROR(("Error receiving packet from connection "
+ "%s:%d [%s] %s", sock->hostname, sock->port,
+ (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
+ sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
+ sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
+ "Router"), strerror(errno)));
+ return;
+ }
+ /* EOF */
+ if (ret == 0) {
+ SILC_LOG_DEBUG(("Read EOF"));
+
+ /* If connection is disconnecting already we will finally
+ close the connection */
+ if (SILC_IS_DISCONNECTING(sock)) {
if (sock->user_data)
- silc_server_free_sock_user_data(server, sock);
+ silc_server_free_sock_user_data(server, sock, NULL);
silc_server_close_connection(server, sock);
return;
}
-
- /* If connection is disconnecting or disconnected we will ignore
- what we read. */
- if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock)) {
- SILC_LOG_DEBUG(("Ignoring read data from invalid connection"));
- return;
- }
-
- /* Check whether we received a whole packet. If reading went without
- errors we either read a whole packet or the read packet is
- incorrect and will be dropped. */
- SILC_PACKET_LENGTH(sock->inbuf, packetlen, paddedlen);
- if (sock->inbuf->len < paddedlen || (packetlen < SILC_PACKET_MIN_LEN)) {
- SILC_LOG_DEBUG(("Received incorrect packet, dropped"));
- silc_buffer_clear(sock->inbuf);
- silc_server_disconnect_remote(server, sock, "Incorrect packet");
- return;
- }
-
- /* Decrypt a packet coming from client. */
- if (sock->type == SILC_SOCKET_TYPE_CLIENT) {
- SilcClientList *clnt = (SilcClientList *)sock->user_data;
- SilcServerInternalPacket *packet;
- int mac_len = 0;
- if (clnt->hmac)
- mac_len = clnt->hmac->hash->hash->hash_len;
-
- if (sock->inbuf->len - 2 > (paddedlen + mac_len)) {
- /* Received possibly many packets at once */
-
- while(sock->inbuf->len > 0) {
- SILC_PACKET_LENGTH(sock->inbuf, packetlen, paddedlen);
- if (sock->inbuf->len < paddedlen) {
- SILC_LOG_DEBUG(("Receive incorrect packet, dropped"));
- return;
- }
-
- paddedlen += 2;
- packet = silc_calloc(1, sizeof(*packet));
- packet->server = server;
- packet->sock = sock;
- packet->packetdata = silc_calloc(1, sizeof(*packet->packetdata));
- packet->packetdata->buffer = silc_buffer_alloc(paddedlen + mac_len);
- silc_buffer_pull_tail(packet->packetdata->buffer,
- SILC_BUFFER_END(packet->packetdata->buffer));
- silc_buffer_put(packet->packetdata->buffer, sock->inbuf->data,
- paddedlen + mac_len);
- if (clnt) {
- packet->cipher = clnt->receive_key;
- packet->hmac = clnt->hmac;
- }
+ SILC_LOG_DEBUG(("Premature EOF from connection %d", sock->sock));
+ SILC_SET_DISCONNECTING(sock);
- SILC_LOG_HEXDUMP(("Incoming packet, len %d",
- packet->packetdata->buffer->len),
- packet->packetdata->buffer->data,
- packet->packetdata->buffer->len);
-
- /* Parse the packet with timeout */
- silc_task_register(server->timeout_queue, fd,
- silc_server_packet_parse,
- (void *)packet, 0, 100000,
+ if (sock->user_data) {
+ char tmp[128];
+ if (silc_socket_get_error(sock, tmp, sizeof(tmp) - 1))
+ silc_server_free_sock_user_data(server, sock, tmp);
+ else
+ silc_server_free_sock_user_data(server, sock, NULL);
+ } else if (server->router_conn && server->router_conn->sock == sock &&
+ !server->router && server->standalone)
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_connect_to_router,
+ server, 1, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
- /* Pull the packet from inbuf thus we'll get the next one
- in the inbuf. */
- silc_buffer_pull(sock->inbuf, paddedlen);
- if (clnt->hmac)
- silc_buffer_pull(sock->inbuf, mac_len);
- }
- silc_buffer_clear(sock->inbuf);
- return;
- } else {
- SILC_LOG_HEXDUMP(("An incoming packet, len %d", sock->inbuf->len),
- sock->inbuf->data, sock->inbuf->len);
-
- SILC_LOG_DEBUG(("Packet from client, length %d", paddedlen));
-
- packet = silc_calloc(1, sizeof(*packet));
- packet->packetdata = silc_calloc(1, sizeof(*packet->packetdata));
- packet->packetdata->buffer = silc_buffer_copy(sock->inbuf);
- packet->server = server;
- packet->sock = sock;
- if (clnt) {
- packet->cipher = clnt->receive_key;
- packet->hmac = clnt->hmac;
- }
- silc_buffer_clear(sock->inbuf);
-
- /* The packet is ready to be parsed now. However, this is a client
- connection so we will parse the packet with timeout. */
- silc_task_register(server->timeout_queue, fd,
- silc_server_packet_parse,
- (void *)packet, 0, 100000,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_NORMAL);
- return;
- }
- }
-
- /* Decrypt a packet coming from server connection */
- if (sock->type == SILC_SOCKET_TYPE_SERVER ||
- sock->type == SILC_SOCKET_TYPE_ROUTER) {
- SilcServerList *srvr = (SilcServerList *)sock->user_data;
- SilcServerInternalPacket *packet;
- int mac_len = 0;
-
- if (srvr->hmac)
- mac_len = srvr->hmac->hash->hash->hash_len;
+ silc_server_close_connection(server, sock);
+ return;
+ }
- if (sock->inbuf->len - 2 > (paddedlen + mac_len)) {
- /* Received possibly many packets at once */
+ /* If connection is disconnecting or disconnected we will ignore
+ what we read. */
+ if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock)) {
+ SILC_LOG_DEBUG(("Ignoring read data from disonnected connection"));
+ return;
+ }
- while(sock->inbuf->len > 0) {
- SILC_PACKET_LENGTH(sock->inbuf, packetlen, paddedlen);
- if (sock->inbuf->len < paddedlen) {
- SILC_LOG_DEBUG(("Received incorrect packet, dropped"));
- return;
- }
+ server->stat.packets_received++;
- paddedlen += 2;
- packet = silc_calloc(1, sizeof(*packet));
- packet->server = server;
- packet->sock = sock;
- packet->packetdata = silc_calloc(1, sizeof(*packet->packetdata));
- packet->packetdata->buffer = silc_buffer_alloc(paddedlen + mac_len);
- silc_buffer_pull_tail(packet->packetdata->buffer,
- SILC_BUFFER_END(packet->packetdata->buffer));
- silc_buffer_put(packet->packetdata->buffer, sock->inbuf->data,
- paddedlen + mac_len);
- if (srvr) {
- packet->cipher = srvr->receive_key;
- packet->hmac = srvr->hmac;
- }
+ /* Get keys and stuff from ID entry */
+ idata = (SilcIDListData)sock->user_data;
+ if (idata) {
+ cipher = idata->receive_key;
+ hmac = idata->hmac_receive;
+ sequence = idata->psn_receive;
+ }
+
+ /* Process the packet. This will call the parser that will then
+ decrypt and parse the packet. */
+ ret = silc_packet_receive_process(sock, server->server_type == SILC_ROUTER ?
+ TRUE : FALSE, cipher, hmac, sequence,
+ silc_server_packet_parse, server);
+
+ /* If this socket connection is not authenticated yet and the packet
+ processing failed we will drop the connection since it can be
+ a malicious flooder. */
+ if (sock->type == SILC_SOCKET_TYPE_UNKNOWN && ret == FALSE &&
+ (!sock->protocol || sock->protocol->protocol->type ==
+ SILC_PROTOCOL_SERVER_KEY_EXCHANGE)) {
+ SILC_LOG_DEBUG(("Bad data sent from unknown connection %d", sock->sock));
+ SILC_SET_DISCONNECTING(sock);
+
+ if (sock->user_data)
+ silc_server_free_sock_user_data(server, sock, NULL);
+ silc_server_close_connection(server, sock);
+ }
+}
+
+/* Parses whole packet, received earlier. */
- SILC_LOG_HEXDUMP(("Incoming packet, len %d",
- packet->packetdata->buffer->len),
- packet->packetdata->buffer->data,
- packet->packetdata->buffer->len);
+SILC_TASK_CALLBACK(silc_server_packet_parse_real)
+{
+ SilcPacketParserContext *parse_ctx = (SilcPacketParserContext *)context;
+ SilcServer server = (SilcServer)parse_ctx->context;
+ SilcSocketConnection sock = parse_ctx->sock;
+ SilcPacketContext *packet = parse_ctx->packet;
+ SilcIDListData idata = (SilcIDListData)sock->user_data;
+ int ret;
- SILC_LOG_DEBUG(("Packet from %s %s, packet length %d",
- srvr->server_type == SILC_SERVER ?
- "server" : "router",
- srvr->server_name, paddedlen));
-
- /* Parse it real soon as the packet is from server. */
- silc_task_register(server->timeout_queue, fd,
- silc_server_packet_parse,
- (void *)packet, 0, 1,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_NORMAL);
+ SILC_LOG_DEBUG(("Start"));
- /* Pull the packet from inbuf thus we'll get the next one
- in the inbuf. */
- silc_buffer_pull(sock->inbuf, paddedlen);
- if (srvr->hmac)
- silc_buffer_pull(sock->inbuf, mac_len);
- }
- silc_buffer_clear(sock->inbuf);
- return;
- } else {
+ /* Parse the packet */
+ if (parse_ctx->normal)
+ ret = silc_packet_parse(packet, idata ? idata->receive_key : NULL);
+ else
+ ret = silc_packet_parse_special(packet, idata ? idata->receive_key : NULL);
- SILC_LOG_HEXDUMP(("An incoming packet, len %d", sock->inbuf->len),
- sock->inbuf->data, sock->inbuf->len);
-
- SILC_LOG_DEBUG(("Packet from %s %s, packet length %d",
- srvr->server_type == SILC_SERVER ?
- "server" : "router",
- srvr->server_name, paddedlen));
-
- packet = silc_calloc(1, sizeof(*packet));
- packet->packetdata = silc_calloc(1, sizeof(*packet->packetdata));
- packet->packetdata->buffer = silc_buffer_copy(sock->inbuf);
- packet->server = server;
- packet->sock = sock;
- if (srvr) {
- packet->cipher = srvr->receive_key;
- packet->hmac = srvr->hmac;
- }
- silc_buffer_clear(sock->inbuf);
-
- /* The packet is ready to be parsed now. However, this is a client
- connection so we will parse the packet with timeout. */
- silc_task_register(server->timeout_queue, fd,
- silc_server_packet_parse,
- (void *)packet, 0, 1,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_NORMAL);
- return;
+ /* If entry is disabled ignore what we got. */
+ if (ret != SILC_PACKET_RESUME_ROUTER &&
+ idata && idata->status & SILC_IDLIST_STATUS_DISABLED) {
+ SILC_LOG_DEBUG(("Connection is disabled"));
+ goto out;
+ }
+
+ if (ret == SILC_PACKET_NONE)
+ goto out;
+
+ /* Check that the the current client ID is same as in the client's packet. */
+ if (sock->type == SILC_SOCKET_TYPE_CLIENT) {
+ SilcClientEntry client = (SilcClientEntry)sock->user_data;
+ if (client && client->id) {
+ void *id = silc_id_str2id(packet->src_id, packet->src_id_len,
+ packet->src_id_type);
+ if (!id || !SILC_ID_CLIENT_COMPARE(client->id, id)) {
+ silc_free(id);
+ goto out;
}
+ silc_free(id);
}
+ }
- /* Decrypt a packet coming from client. */
- if (sock->type == SILC_SOCKET_TYPE_UNKNOWN) {
- SilcIDListUnknown *conn_data = (SilcIDListUnknown *)sock->user_data;
- SilcServerInternalPacket *packet;
+ if (server->server_type == SILC_ROUTER) {
+ /* Route the packet if it is not destined to us. Other ID types but
+ server are handled separately after processing them. */
+ if (!(packet->flags & SILC_PACKET_FLAG_BROADCAST) &&
+ packet->dst_id_type == SILC_ID_SERVER &&
+ sock->type != SILC_SOCKET_TYPE_CLIENT &&
+ memcmp(packet->dst_id, server->id_string, server->id_string_len)) {
- SILC_LOG_HEXDUMP(("Incoming packet, len %d", sock->inbuf->len),
- sock->inbuf->data, sock->inbuf->len);
-
- SILC_LOG_DEBUG(("Packet from unknown connection, length %d",
- paddedlen));
-
- packet = silc_calloc(1, sizeof(*packet));
- packet->packetdata = silc_calloc(1, sizeof(*packet->packetdata));
- packet->packetdata->buffer = silc_buffer_copy(sock->inbuf);
- packet->server = server;
- packet->sock = sock;
- if (conn_data) {
- packet->cipher = conn_data->receive_key;
- packet->hmac = conn_data->hmac;
- }
+ /* Route the packet to fastest route for the destination ID */
+ void *id = silc_id_str2id(packet->dst_id, packet->dst_id_len,
+ packet->dst_id_type);
+ if (!id)
+ goto out;
+ silc_server_packet_route(server,
+ silc_server_route_get(server, id,
+ packet->dst_id_type),
+ packet);
+ silc_free(id);
+ goto out;
+ }
+ }
- silc_buffer_clear(sock->inbuf);
+ /* Parse the incoming packet type */
+ silc_server_packet_parse_type(server, sock, packet);
- /* The packet is ready to be parsed now. However, this is unknown
- connection so we will parse the packet with timeout. */
- silc_task_register(server->timeout_queue, fd,
- silc_server_packet_parse,
- (void *)packet, 0, 100000,
- SILC_TASK_TIMEOUT,
- SILC_TASK_PRI_NORMAL);
- return;
+ if (server->server_type == SILC_ROUTER) {
+ /* Broadcast packet if it is marked as broadcast packet and it is
+ originated from router and we are router. */
+ if (sock->type == SILC_SOCKET_TYPE_ROUTER &&
+ packet->flags & SILC_PACKET_FLAG_BROADCAST &&
+ !server->standalone) {
+ /* Broadcast to our primary route */
+ silc_server_packet_broadcast(server, server->router->connection, packet);
+
+ /* If we have backup routers then we need to feed all broadcast
+ data to those servers. */
+ silc_server_backup_broadcast(server, sock, packet);
}
}
- SILC_LOG_ERROR(("Weird, nothing happened - ignoring"));
+ out:
+ silc_packet_context_free(packet);
+ silc_free(parse_ctx);
}
-/* Checks MAC in the packet. Returns TRUE if MAC is Ok. This is called
- after packet has been totally decrypted and parsed. */
+/* Parser callback called by silc_packet_receive_process. This merely
+ registers timeout that will handle the actual parsing when appropriate. */
-static int silc_server_packet_check_mac(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer)
-{
- SilcHmac hmac = NULL;
- unsigned char *hmac_key = NULL;
- unsigned int hmac_key_len = 0;
- unsigned int mac_len = 0;
-
- switch(sock->type) {
- case SILC_SOCKET_TYPE_CLIENT:
- if (sock->user_data) {
- hmac = ((SilcClientList *)sock->user_data)->hmac;
- hmac_key = ((SilcClientList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcClientList *)sock->user_data)->hmac_key_len;
- }
- break;
- case SILC_SOCKET_TYPE_SERVER:
- case SILC_SOCKET_TYPE_ROUTER:
- if (sock->user_data) {
- hmac = ((SilcServerList *)sock->user_data)->hmac;
- hmac_key = ((SilcServerList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcServerList *)sock->user_data)->hmac_key_len;
- }
- break;
- default:
- if (sock->user_data) {
- hmac = ((SilcIDListUnknown *)sock->user_data)->hmac;
- hmac_key = ((SilcIDListUnknown *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcIDListUnknown *)sock->user_data)->hmac_key_len;
- }
- }
-
- /* Check MAC */
- if (hmac) {
- int headlen = buffer->data - buffer->head;
- unsigned char *packet_mac, mac[32];
-
- SILC_LOG_DEBUG(("Verifying MAC"));
-
- mac_len = hmac->hash->hash->hash_len;
-
- silc_buffer_push(buffer, headlen);
-
- /* Take mac from packet */
- packet_mac = buffer->tail;
-
- /* Make MAC and compare */
- memset(mac, 0, sizeof(mac));
- silc_hmac_make_with_key(hmac,
- buffer->data, buffer->len,
- hmac_key, hmac_key_len, mac);
-#if 0
- SILC_LOG_HEXDUMP(("PMAC"), packet_mac, mac_len);
- SILC_LOG_HEXDUMP(("CMAC"), mac, mac_len);
-#endif
- if (memcmp(mac, packet_mac, mac_len)) {
- SILC_LOG_DEBUG(("MAC failed"));
- return FALSE;
- }
-
- SILC_LOG_DEBUG(("MAC is Ok"));
- memset(mac, 0, sizeof(mac));
-
- silc_buffer_pull(buffer, headlen);
- }
-
- return TRUE;
-}
-
-/* Decrypts rest of the packet (after decrypting just the SILC header).
- After calling this function the packet is ready to be parsed by calling
- silc_packet_parse. */
-
-static int silc_server_packet_decrypt_rest(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer)
+bool silc_server_packet_parse(SilcPacketParserContext *parser_context,
+ void *context)
{
- SilcCipher session_key = NULL;
- SilcHmac hmac = NULL;
- unsigned int mac_len = 0;
-
- switch(sock->type) {
- case SILC_SOCKET_TYPE_CLIENT:
- if (sock->user_data) {
- session_key = ((SilcClientList *)sock->user_data)->receive_key;
- hmac = ((SilcClientList *)sock->user_data)->hmac;
- }
- break;
- case SILC_SOCKET_TYPE_SERVER:
- case SILC_SOCKET_TYPE_ROUTER:
- if (sock->user_data) {
- session_key = ((SilcServerList *)sock->user_data)->receive_key;
- hmac = ((SilcServerList *)sock->user_data)->hmac;
- }
- break;
- default:
- if (sock->user_data) {
- session_key = ((SilcIDListUnknown *)sock->user_data)->receive_key;
- hmac = ((SilcIDListUnknown *)sock->user_data)->hmac;
- }
- }
-
- /* Decrypt */
- if (session_key) {
-
- /* Pull MAC from packet before decryption */
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- if ((buffer->len - mac_len) > SILC_PACKET_MIN_LEN) {
- silc_buffer_push_tail(buffer, mac_len);
- } else {
- SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
- return FALSE;
- }
- }
-
- SILC_LOG_DEBUG(("Decrypting rest of the packet"));
-
- /* Decrypt rest of the packet */
- silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
- silc_packet_decrypt(session_key, buffer, buffer->len);
- silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
-
- SILC_LOG_HEXDUMP(("Fully decrypted packet, len %d", buffer->len),
- buffer->data, buffer->len);
+ SilcServer server = (SilcServer)context;
+ SilcSocketConnection sock = parser_context->sock;
+ SilcIDListData idata = (SilcIDListData)sock->user_data;
+
+ if (idata)
+ idata->psn_receive = parser_context->packet->sequence + 1;
+
+ /* If protocol for this connection is key exchange or rekey then we'll
+ process all packets synchronously, since there might be packets in
+ queue that we are not able to decrypt without first processing the
+ packets before them. */
+ if ((parser_context->packet->type == SILC_PACKET_REKEY ||
+ parser_context->packet->type == SILC_PACKET_REKEY_DONE) ||
+ (sock->protocol && sock->protocol->protocol &&
+ (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE ||
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY))) {
+ silc_server_packet_parse_real(server->schedule, 0, sock->sock,
+ parser_context);
+
+ /* Reprocess data since we'll return FALSE here. This is because
+ the idata->receive_key might have become valid in the last packet
+ and we want to call this processor with valid cipher. */
+ if (idata)
+ silc_packet_receive_process(sock, server->server_type == SILC_ROUTER ?
+ TRUE : FALSE, idata->receive_key,
+ idata->hmac_receive, idata->psn_receive,
+ silc_server_packet_parse, server);
+ else
+ silc_packet_receive_process(sock, server->server_type == SILC_ROUTER ?
+ TRUE : FALSE, NULL, NULL, 0,
+ silc_server_packet_parse, server);
+ return FALSE;
}
- return TRUE;
-}
-
-/* Decrypts rest of the SILC Packet header that has been decrypted partly
- already. This decrypts the padding of the packet also. After calling
- this function the packet is ready to be parsed by calling function
- silc_packet_parse. */
-
-static int silc_server_packet_decrypt_rest_special(SilcServer server,
- SilcSocketConnection sock,
- SilcBuffer buffer)
-{
- SilcCipher session_key = NULL;
- SilcHmac hmac = NULL;
- unsigned int mac_len = 0;
-
- switch(sock->type) {
+ switch (sock->type) {
+ case SILC_SOCKET_TYPE_UNKNOWN:
case SILC_SOCKET_TYPE_CLIENT:
- if (sock->user_data) {
- session_key = ((SilcClientList *)sock->user_data)->receive_key;
- hmac = ((SilcClientList *)sock->user_data)->hmac;
- }
+ /* Parse the packet with timeout */
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_packet_parse_real,
+ (void *)parser_context, 0, 100000,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
break;
case SILC_SOCKET_TYPE_SERVER:
case SILC_SOCKET_TYPE_ROUTER:
- if (sock->user_data) {
- session_key = ((SilcServerList *)sock->user_data)->receive_key;
- hmac = ((SilcServerList *)sock->user_data)->hmac;
- }
+ /* Packets from servers are parsed immediately */
+ silc_server_packet_parse_real(server->schedule, 0, sock->sock,
+ parser_context);
break;
default:
- if (sock->user_data) {
- session_key = ((SilcIDListUnknown *)sock->user_data)->receive_key;
- hmac = ((SilcIDListUnknown *)sock->user_data)->hmac;
- }
- }
-
- /* Decrypt rest of the header plus padding */
- if (session_key) {
- unsigned short truelen, len1, len2, padlen;
-
- /* Pull MAC from packet before decryption */
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- if ((buffer->len - mac_len) > SILC_PACKET_MIN_LEN) {
- silc_buffer_push_tail(buffer, mac_len);
- } else {
- SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
- return FALSE;
- }
- }
-
- SILC_LOG_DEBUG(("Decrypting rest of the header"));
-
- SILC_GET16_MSB(len1, &buffer->data[4]);
- SILC_GET16_MSB(len2, &buffer->data[6]);
-
- truelen = SILC_PACKET_HEADER_LEN + len1 + len2;
- padlen = SILC_PACKET_PADLEN(truelen);
- len1 = (truelen + padlen) - (SILC_PACKET_MIN_HEADER_LEN - 2);
-
- silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
- silc_packet_decrypt(session_key, buffer, len1);
- silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
+ return TRUE;
}
return TRUE;
}
-/* Parses whole packet, received earlier. This packet is usually received
- from client. */
-
-SILC_TASK_CALLBACK(silc_server_packet_parse)
-{
- SilcServerInternalPacket *packet = (SilcServerInternalPacket *)context;
- SilcServer server = packet->server;
- SilcSocketConnection sock = packet->sock;
- SilcBuffer buffer = packet->packetdata->buffer;
- int ret;
-
- SILC_LOG_DEBUG(("Start"));
-
- /* Decrypt start of the packet header */
- if (packet->cipher)
- silc_packet_decrypt(packet->cipher, buffer, SILC_PACKET_MIN_HEADER_LEN);
-
- /* If the packet type is not any special type lets decrypt rest
- of the packet here. */
- if (buffer->data[3] != SILC_PACKET_CHANNEL_MESSAGE &&
- buffer->data[3] != SILC_PACKET_PRIVATE_MESSAGE) {
- normal:
- /* Normal packet, decrypt rest of the packet */
- if (!silc_server_packet_decrypt_rest(server, sock, buffer))
- goto out;
-
- /* Parse the packet. Packet type is returned. */
- ret = silc_packet_parse(packet->packetdata);
- if (ret == SILC_PACKET_NONE)
- goto out;
-
- /* Check MAC */
- if (!silc_server_packet_check_mac(server, sock, buffer))
- goto out;
- } else {
- /* If private message key is not set for private message it is
- handled as normal packet. Go back up. */
- if (buffer->data[3] == SILC_PACKET_PRIVATE_MESSAGE &&
- !(buffer->data[2] & SILC_PACKET_FLAG_PRIVMSG_KEY))
- goto normal;
-
- /* Packet requires special handling, decrypt rest of the header.
- This only decrypts. This does not do any MAC checking, it must
- be done individually later when doing the special processing. */
- silc_server_packet_decrypt_rest_special(server, sock, buffer);
-
- /* Parse the packet header in special way as this is "special"
- packet type. */
- ret = silc_packet_parse_special(packet->packetdata);
- if (ret == SILC_PACKET_NONE)
- goto out;
- }
-
- /* Parse the incoming packet type */
- silc_server_packet_parse_type(server, sock, packet->packetdata);
-
- out:
- silc_buffer_clear(sock->inbuf);
- // silc_buffer_free(packetdata->packetdata->buffer);
- silc_free(packet->packetdata);
- silc_free(packet);
-}
-
/* Parses the packet type and calls what ever routines the packet type
requires. This is done for all incoming packets. */
SilcSocketConnection sock,
SilcPacketContext *packet)
{
- SilcBuffer buffer = packet->buffer;
SilcPacketType type = packet->type;
+ SilcIDListData idata = (SilcIDListData)sock->user_data;
SILC_LOG_DEBUG(("Parsing packet type %d", type));
/* Parse the packet type */
- switch(type) {
+ switch (type) {
case SILC_PACKET_DISCONNECT:
SILC_LOG_DEBUG(("Disconnect packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
break;
+
case SILC_PACKET_SUCCESS:
/*
* Success received for something. For now we can have only
* success message is for whatever protocol is executing currently.
*/
SILC_LOG_DEBUG(("Success packet"));
- if (sock->protocol) {
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock, 0, 0);
- }
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ if (sock->protocol)
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
break;
+
case SILC_PACKET_FAILURE:
+ /*
+ * Failure received for something. For now we can have only
+ * one protocol for connection executing at once hence this
+ * failure message is for whatever protocol is executing currently.
+ */
SILC_LOG_DEBUG(("Failure packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ if (sock->protocol) {
+ SilcServerFailureContext f;
+ f = silc_calloc(1, sizeof(*f));
+ f->server = server;
+ f->sock = sock;
+
+ /* We will wait 5 seconds to process this failure packet */
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_failure_callback, (void *)f, 5, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
+ }
break;
+
case SILC_PACKET_REJECT:
SILC_LOG_DEBUG(("Reject packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
return;
break;
+ case SILC_PACKET_NOTIFY:
+ /*
+ * Received notify packet. Server can receive notify packets from
+ * router. Server then relays the notify messages to clients if needed.
+ */
+ SILC_LOG_DEBUG(("Notify packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ silc_server_notify_list(server, sock, packet);
+ else
+ silc_server_notify(server, sock, packet);
+ break;
+
/*
* Channel packets
*/
case SILC_PACKET_CHANNEL_MESSAGE:
/*
* Received channel message. Channel messages are special packets
- * (although probably most common ones) hence they are handled
+ * (although probably most common ones) thus they are handled
* specially.
*/
SILC_LOG_DEBUG(("Channel Message packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ idata->last_receive = time(NULL);
silc_server_channel_message(server, sock, packet);
break;
* never receives this channel and thus is ignored.
*/
SILC_LOG_DEBUG(("Channel Key packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
silc_server_channel_key(server, sock, packet);
break;
* Command packets
*/
case SILC_PACKET_COMMAND:
- {
- /*
- * Recived command. Allocate command context and execute the command.
- */
- SilcServerCommandContext ctx;
-
- SILC_LOG_DEBUG(("Command packet"));
-
- /* Router cannot send command packet */
- if (sock->type == SILC_SOCKET_TYPE_ROUTER)
- break;
-
- /* Allocate command context. This must be free'd by the
- command routine receiving it. */
- ctx = silc_calloc(1, sizeof(*ctx));
- ctx->server = server;
- ctx->sock = sock;
- ctx->packet = packet; /* Save original packet */
-
- /* Parse the command payload in the packet */
- ctx->payload = silc_command_parse_payload(buffer);
- if (!ctx->payload) {
- SILC_LOG_ERROR(("Bad command payload, packet dropped"));
- silc_free(ctx);
- return;
- }
-
- /* Execute command. If this fails the packet is dropped. */
- SILC_SERVER_COMMAND_EXEC(ctx);
- silc_buffer_free(buffer);
- }
+ /*
+ * Recived command. Processes the command request and allocates the
+ * command context and calls the command.
+ */
+ SILC_LOG_DEBUG(("Command packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_command_process(server, sock, packet);
break;
case SILC_PACKET_COMMAND_REPLY:
/*
- * Received command reply packet. Servers never send commands thus
- * they don't receive command reply packets either, except in cases
- * where server has forwarded command packet coming from client.
- * This must be the case here or we will ignore the packet.
+ * Received command reply packet. Received command reply to command. It
+ * may be reply to command sent by us or reply to command sent by client
+ * that we've routed further.
*/
SILC_LOG_DEBUG(("Command Reply packet"));
- silc_server_packet_relay_command_reply(server, sock, packet);
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_command_reply(server, sock, packet);
break;
/*
* client or server.
*/
SILC_LOG_DEBUG(("Private Message packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ idata->last_receive = time(NULL);
silc_server_private_message(server, sock, packet);
break;
case SILC_PACKET_PRIVATE_MESSAGE_KEY:
+ /*
+ * Private message key packet.
+ */
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_private_message_key(server, sock, packet);
break;
/*
*/
case SILC_PACKET_KEY_EXCHANGE:
SILC_LOG_DEBUG(("KE packet"));
- if (sock->protocol && sock->protocol->protocol->type
- == SILC_PROTOCOL_SERVER_KEY_EXCHANGE) {
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+
+ if (sock->protocol && sock->protocol->protocol &&
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE) {
SilcServerKEInternalContext *proto_ctx =
(SilcServerKEInternalContext *)sock->protocol->context;
- proto_ctx->packet = buffer;
+ proto_ctx->packet = silc_packet_context_dup(packet);
/* Let the protocol handle the packet */
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock, 0, 100000);
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 100000);
} else {
SILC_LOG_ERROR(("Received Key Exchange packet but no key exchange "
"protocol active, packet dropped."));
-
- /* XXX Trigger KE protocol?? Rekey actually, maybe. */
}
break;
case SILC_PACKET_KEY_EXCHANGE_1:
SILC_LOG_DEBUG(("KE 1 packet"));
- if (sock->protocol && sock->protocol->protocol->type
- == SILC_PROTOCOL_SERVER_KEY_EXCHANGE) {
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
- SilcServerKEInternalContext *proto_ctx =
- (SilcServerKEInternalContext *)sock->protocol->context;
+ if (sock->protocol && sock->protocol->protocol &&
+ (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE ||
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY)) {
- if (proto_ctx->packet)
- silc_buffer_free(proto_ctx->packet);
+ if (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY) {
+ SilcServerRekeyInternalContext *proto_ctx =
+ (SilcServerRekeyInternalContext *)sock->protocol->context;
+
+ if (proto_ctx->packet)
+ silc_packet_context_free(proto_ctx->packet);
+
+ proto_ctx->packet = silc_packet_context_dup(packet);
- proto_ctx->packet = buffer;
- proto_ctx->dest_id_type = packet->src_id_type;
- proto_ctx->dest_id = silc_id_str2id(packet->src_id, packet->src_id_type);
+ /* Let the protocol handle the packet */
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
+ } else {
+ SilcServerKEInternalContext *proto_ctx =
+ (SilcServerKEInternalContext *)sock->protocol->context;
+
+ if (proto_ctx->packet)
+ silc_packet_context_free(proto_ctx->packet);
+
+ proto_ctx->packet = silc_packet_context_dup(packet);
+ proto_ctx->dest_id_type = packet->src_id_type;
+ proto_ctx->dest_id = silc_id_str2id(packet->src_id, packet->src_id_len,
+ packet->src_id_type);
+ if (!proto_ctx->dest_id)
+ break;
- /* Let the protocol handle the packet */
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock,
+ /* Let the protocol handle the packet */
+ silc_protocol_execute(sock->protocol, server->schedule,
0, 100000);
+ }
} else {
SILC_LOG_ERROR(("Received Key Exchange 1 packet but no key exchange "
"protocol active, packet dropped."));
case SILC_PACKET_KEY_EXCHANGE_2:
SILC_LOG_DEBUG(("KE 2 packet"));
- if (sock->protocol && sock->protocol->protocol->type
- == SILC_PROTOCOL_SERVER_KEY_EXCHANGE) {
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
- SilcServerKEInternalContext *proto_ctx =
- (SilcServerKEInternalContext *)sock->protocol->context;
+ if (sock->protocol && sock->protocol->protocol &&
+ (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_KEY_EXCHANGE ||
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY)) {
- if (proto_ctx->packet)
- silc_buffer_free(proto_ctx->packet);
+ if (sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY) {
+ SilcServerRekeyInternalContext *proto_ctx =
+ (SilcServerRekeyInternalContext *)sock->protocol->context;
+
+ if (proto_ctx->packet)
+ silc_packet_context_free(proto_ctx->packet);
+
+ proto_ctx->packet = silc_packet_context_dup(packet);
- proto_ctx->packet = buffer;
- proto_ctx->dest_id_type = packet->src_id_type;
- proto_ctx->dest_id = silc_id_str2id(packet->src_id, packet->src_id_type);
+ /* Let the protocol handle the packet */
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
+ } else {
+ SilcServerKEInternalContext *proto_ctx =
+ (SilcServerKEInternalContext *)sock->protocol->context;
+
+ if (proto_ctx->packet)
+ silc_packet_context_free(proto_ctx->packet);
+
+ proto_ctx->packet = silc_packet_context_dup(packet);
+ proto_ctx->dest_id_type = packet->src_id_type;
+ proto_ctx->dest_id = silc_id_str2id(packet->src_id, packet->src_id_len,
+ packet->src_id_type);
+ if (!proto_ctx->dest_id)
+ break;
- /* Let the protocol handle the packet */
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock,
+ /* Let the protocol handle the packet */
+ silc_protocol_execute(sock->protocol, server->schedule,
0, 100000);
+ }
} else {
SILC_LOG_ERROR(("Received Key Exchange 2 packet but no key exchange "
"protocol active, packet dropped."));
break;
case SILC_PACKET_CONNECTION_AUTH_REQUEST:
- /* If we receive this packet we will send to the other end information
- about our mandatory authentication method for the connection.
- This packet maybe received at any time. */
+ /*
+ * Connection authentication request packet. When we receive this packet
+ * we will send to the other end information about our mandatory
+ * authentication method for the connection. This packet maybe received
+ * at any time.
+ */
+ SILC_LOG_DEBUG(("Connection authentication request packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_connection_auth_request(server, sock, packet);
+ break;
/*
* Connection Authentication protocol packets
/* Start of the authentication protocol. We receive here the
authentication data and will verify it. */
SILC_LOG_DEBUG(("Connection auth packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+
if (sock->protocol && sock->protocol->protocol->type
== SILC_PROTOCOL_SERVER_CONNECTION_AUTH) {
SilcServerConnAuthInternalContext *proto_ctx =
(SilcServerConnAuthInternalContext *)sock->protocol->context;
- proto_ctx->packet = buffer;
+ proto_ctx->packet = silc_packet_context_dup(packet);
/* Let the protocol handle the packet */
- sock->protocol->execute(server->timeout_queue, 0,
- sock->protocol, sock->sock, 0, 0);
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
} else {
SILC_LOG_ERROR(("Received Connection Auth packet but no authentication "
"protocol active, packet dropped."));
* SILC network.
*/
SILC_LOG_DEBUG(("New ID packet"));
- silc_server_new_id(server, sock, packet);
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ silc_server_new_id_list(server, sock, packet);
+ else
+ silc_server_new_id(server, sock, packet);
break;
case SILC_PACKET_NEW_CLIENT:
* ID we will send it to the client.
*/
SILC_LOG_DEBUG(("New Client packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
silc_server_new_client(server, sock, packet);
break;
case SILC_PACKET_NEW_SERVER:
/*
* Received new server packet. This includes Server ID and some other
- * information that we may save. This is after server as connected to us.
+ * information that we may save. This is received after server has
+ * connected to us.
*/
SILC_LOG_DEBUG(("New Server packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
silc_server_new_server(server, sock, packet);
break;
- default:
- SILC_LOG_ERROR(("Incorrect packet type %d, packet dropped", type));
+ case SILC_PACKET_NEW_CHANNEL:
+ /*
+ * Received new channel packet. Information about new channel in the
+ * network are distributed using this packet.
+ */
+ SILC_LOG_DEBUG(("New Channel packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ silc_server_new_channel_list(server, sock, packet);
+ else
+ silc_server_new_channel(server, sock, packet);
break;
- }
-
-}
-/* Internal routine that sends packet or marks packet to be sent. This
- is used directly only in special cases. Normal cases should use
- silc_server_packet_send. Returns < 0 error. */
+ case SILC_PACKET_HEARTBEAT:
+ /*
+ * Received heartbeat.
+ */
+ SILC_LOG_DEBUG(("Heartbeat packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ break;
-static int silc_server_packet_send_real(SilcServer server,
- SilcSocketConnection sock,
- int force_send)
-{
- /* Send now if forced to do so */
- if (force_send == TRUE) {
- int ret;
- SILC_LOG_DEBUG(("Forcing packet send, packet sent immediately"));
- ret = silc_packet_write(sock->sock, sock->outbuf);
+ case SILC_PACKET_KEY_AGREEMENT:
+ /*
+ * Received heartbeat.
+ */
+ SILC_LOG_DEBUG(("Key agreement packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_key_agreement(server, sock, packet);
+ break;
- silc_buffer_clear(sock->outbuf);
+ case SILC_PACKET_REKEY:
+ /*
+ * Received re-key packet. The sender wants to regenerate the session
+ * keys.
+ */
+ SILC_LOG_DEBUG(("Re-key packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_rekey(server, sock, packet);
+ break;
- if (ret == -1)
- SILC_LOG_ERROR(("Could not write, packet dropped"));
- if (ret != -2) {
- silc_buffer_clear(sock->outbuf);
- return ret;
+ case SILC_PACKET_REKEY_DONE:
+ /*
+ * The re-key is done.
+ */
+ SILC_LOG_DEBUG(("Re-key done packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+
+ if (sock->protocol && sock->protocol->protocol &&
+ sock->protocol->protocol->type == SILC_PROTOCOL_SERVER_REKEY) {
+
+ SilcServerRekeyInternalContext *proto_ctx =
+ (SilcServerRekeyInternalContext *)sock->protocol->context;
+
+ if (proto_ctx->packet)
+ silc_packet_context_free(proto_ctx->packet);
+
+ proto_ctx->packet = silc_packet_context_dup(packet);
+
+ /* Let the protocol handle the packet */
+ silc_protocol_execute(sock->protocol, server->schedule, 0, 0);
+ } else {
+ SILC_LOG_ERROR(("Received Re-key done packet but no re-key "
+ "protocol active, packet dropped."));
}
+ break;
+
+ case SILC_PACKET_FTP:
+ /* FTP packet */
+ SILC_LOG_DEBUG(("FTP packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_ftp(server, sock, packet);
+ break;
- SILC_LOG_DEBUG(("Could not force the send, packet put to queue"));
- }
+ case SILC_PACKET_RESUME_ROUTER:
+ /* Resume router packet received. This packet is received for backup
+ router resuming protocol. */
+ SILC_LOG_DEBUG(("Resume router packet"));
+ if (packet->flags & SILC_PACKET_FLAG_LIST)
+ break;
+ silc_server_backup_resume_router(server, sock, packet);
+ break;
- SILC_LOG_DEBUG(("Packet in queue"));
+ default:
+ SILC_LOG_ERROR(("Incorrect packet type %d, packet dropped", type));
+ break;
+ }
+
+}
- /* Mark that there is some outgoing data available for this connection.
- This call sets the connection both for input and output (the input
- is set always and this call keeps the input setting, actually).
- Actual data sending is performed by silc_server_packet_process. */
- SILC_SET_CONNECTION_FOR_OUTPUT(sock->sock);
+/* Creates connection to a remote router. */
- /* Mark to socket that data is pending in outgoing buffer. This flag
- is needed if new data is added to the buffer before the earlier
- put data is sent to the network. */
- SILC_SET_OUTBUF_PENDING(sock);
+void silc_server_create_connection(SilcServer server,
+ const char *remote_host, uint32 port)
+{
+ SilcServerConnection sconn;
+
+ /* Allocate connection object for hold connection specific stuff. */
+ sconn = silc_calloc(1, sizeof(*sconn));
+ sconn->server = server;
+ sconn->remote_host = strdup(remote_host);
+ sconn->remote_port = port;
+ sconn->no_reconnect = TRUE;
+
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_connect_router,
+ (void *)sconn, 0, 1, SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+}
- return 0;
+SILC_TASK_CALLBACK(silc_server_close_connection_final)
+{
+ silc_socket_free((SilcSocketConnection)context);
}
-/* Prepare outgoing data buffer for packet sending. This is internal
- routine and must always be called before sending any packets out. */
+/* Closes connection to socket connection */
-static void silc_server_packet_send_prepare(SilcServer server,
- SilcSocketConnection sock,
- unsigned int header_len,
- unsigned int padlen,
- unsigned int data_len)
+void silc_server_close_connection(SilcServer server,
+ SilcSocketConnection sock)
{
- int totlen, oldlen;
+ if (!server->sockets[sock->sock])
+ return;
- totlen = header_len + padlen + data_len;
+ SILC_LOG_INFO(("Closing connection %s:%d [%s]", sock->hostname,
+ sock->port,
+ (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
+ sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
+ sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
+ "Router")));
- /* Prepare the outgoing buffer for packet sending. */
- if (!sock->outbuf) {
- /* Allocate new buffer. This is done only once per connection. */
- SILC_LOG_DEBUG(("Allocating outgoing data buffer"));
-
- sock->outbuf = silc_buffer_alloc(SILC_PACKET_DEFAULT_SIZE);
- silc_buffer_pull_tail(sock->outbuf, totlen);
- silc_buffer_pull(sock->outbuf, header_len + padlen);
- } else {
- if (SILC_IS_OUTBUF_PENDING(sock)) {
- /* There is some pending data in the buffer. */
+ /* We won't listen for this connection anymore */
+ silc_schedule_unset_listen_fd(server->schedule, sock->sock);
- if ((sock->outbuf->end - sock->outbuf->tail) < data_len) {
- SILC_LOG_DEBUG(("Reallocating outgoing data buffer"));
- /* XXX: not done yet */
- }
- oldlen = sock->outbuf->len;
- silc_buffer_pull_tail(sock->outbuf, totlen);
- silc_buffer_pull(sock->outbuf, header_len + padlen + oldlen);
- } else {
- /* Buffer is free for use */
- silc_buffer_clear(sock->outbuf);
- silc_buffer_pull_tail(sock->outbuf, totlen);
- silc_buffer_pull(sock->outbuf, header_len + padlen);
- }
- }
-}
+ /* Unregister all tasks */
+ silc_schedule_task_del_by_fd(server->schedule, sock->sock);
-/* Assembles a new packet to be sent out to network. This doesn't actually
- send the packet but creates the packet and fills the outgoing data
- buffer and marks the packet ready to be sent to network. However, If
- argument force_send is TRUE the packet is sent immediately and not put
- to queue. Normal case is that the packet is not sent immediately. */
-
-void silc_server_packet_send(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketType type,
- SilcPacketFlags flags,
- unsigned char *data,
- unsigned int data_len,
- int force_send)
-{
- void *dst_id = NULL;
- SilcIdType dst_id_type = SILC_ID_NONE;
+ /* Close the actual connection */
+ silc_net_close_connection(sock->sock);
+ server->sockets[sock->sock] = NULL;
- /* Get data used in the packet sending, keys and stuff */
- switch(sock->type) {
- case SILC_SOCKET_TYPE_CLIENT:
- if (((SilcClientList *)sock->user_data)->id) {
- dst_id = ((SilcClientList *)sock->user_data)->id;
- dst_id_type = SILC_ID_CLIENT;
- }
- break;
- case SILC_SOCKET_TYPE_SERVER:
- case SILC_SOCKET_TYPE_ROUTER:
- if (((SilcServerList *)sock->user_data)->id) {
- dst_id = ((SilcServerList *)sock->user_data)->id;
- dst_id_type = SILC_ID_SERVER;
+ /* If sock->user_data is NULL then we'll check for active protocols
+ here since the silc_server_free_sock_user_data has not been called
+ for this connection. */
+ if (!sock->user_data) {
+ /* If any protocol is active cancel its execution. It will call
+ the final callback which will finalize the disconnection. */
+ if (sock->protocol) {
+ silc_protocol_cancel(sock->protocol, server->schedule);
+ sock->protocol->state = SILC_PROTOCOL_STATE_ERROR;
+ silc_protocol_execute_final(sock->protocol, server->schedule);
+ sock->protocol = NULL;
+ return;
}
- break;
- default:
- break;
}
- silc_server_packet_send_dest(server, sock, type, flags, dst_id,
- dst_id_type, data, data_len, force_send);
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_close_connection_final,
+ (void *)sock, 0, 1, SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
}
-/* Assembles a new packet to be sent out to network. This doesn't actually
- send the packet but creates the packet and fills the outgoing data
- buffer and marks the packet ready to be sent to network. However, If
- argument force_send is TRUE the packet is sent immediately and not put
- to queue. Normal case is that the packet is not sent immediately.
- Destination information is sent as argument for this function. */
-
-void silc_server_packet_send_dest(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketType type,
- SilcPacketFlags flags,
- void *dst_id,
- SilcIdType dst_id_type,
- unsigned char *data,
- unsigned int data_len,
- int force_send)
-{
- SilcPacketContext packetdata;
- SilcCipher cipher = NULL;
- SilcHmac hmac = NULL;
- unsigned char *hmac_key = NULL;
- unsigned int hmac_key_len = 0;
- unsigned char mac[32];
- unsigned int mac_len = 0;
- unsigned char *dst_id_data = NULL;
- unsigned int dst_id_len = 0;
-
- SILC_LOG_DEBUG(("Sending packet, type %d", type));
+/* Sends disconnect message to remote connection and disconnects the
+ connection. */
- /* Get data used in the packet sending, keys and stuff */
- switch(sock->type) {
- case SILC_SOCKET_TYPE_CLIENT:
- if (sock->user_data) {
- cipher = ((SilcClientList *)sock->user_data)->send_key;
- hmac = ((SilcClientList *)sock->user_data)->hmac;
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = ((SilcClientList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcClientList *)sock->user_data)->hmac_key_len;
- }
- }
- break;
- case SILC_SOCKET_TYPE_SERVER:
- case SILC_SOCKET_TYPE_ROUTER:
- if (sock->user_data) {
- cipher = ((SilcServerList *)sock->user_data)->send_key;
- hmac = ((SilcServerList *)sock->user_data)->hmac;
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = ((SilcServerList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcServerList *)sock->user_data)->hmac_key_len;
- }
- }
- break;
- default:
- if (sock->user_data) {
- /* We don't know what type of connection this is thus it must
- be in authentication phase. */
- cipher = ((SilcIDListUnknown *)sock->user_data)->send_key;
- hmac = ((SilcIDListUnknown *)sock->user_data)->hmac;
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = ((SilcIDListUnknown *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcIDListUnknown *)sock->user_data)->hmac_key_len;
- }
- }
- break;
- }
+void silc_server_disconnect_remote(SilcServer server,
+ SilcSocketConnection sock,
+ const char *fmt, ...)
+{
+ va_list ap;
+ unsigned char buf[4096];
- if (dst_id) {
- dst_id_data = silc_id_id2str(dst_id, dst_id_type);
- dst_id_len = silc_id_get_len(dst_id_type);
- }
+ if (!sock)
+ return;
- /* Set the packet context pointers */
- packetdata.type = type;
- packetdata.flags = flags;
- packetdata.src_id = silc_id_id2str(server->id, server->id_type);
- packetdata.src_id_len = SILC_ID_SERVER_LEN;
- packetdata.src_id_type = server->id_type;
- packetdata.dst_id = dst_id_data;
- packetdata.dst_id_len = dst_id_len;
- packetdata.dst_id_type = dst_id_type;
- packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + dst_id_len;
- packetdata.padlen = SILC_PACKET_PADLEN(packetdata.truelen);
- packetdata.rng = server->rng;
+ memset(buf, 0, sizeof(buf));
+ va_start(ap, fmt);
+ vsprintf(buf, fmt, ap);
+ va_end(ap);
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- data_len);
+ SILC_LOG_DEBUG(("Disconnecting remote host"));
- SILC_LOG_DEBUG(("Putting data to outgoing buffer, len %d", data_len));
+ /* Notify remote end that the conversation is over. The notify message
+ is tried to be sent immediately. */
+ silc_server_packet_send(server, sock, SILC_PACKET_DISCONNECT, 0,
+ buf, strlen(buf), TRUE);
- packetdata.buffer = sock->outbuf;
+ /* Mark the connection to be disconnected */
+ SILC_SET_DISCONNECTED(sock);
+ silc_server_close_connection(server, sock);
+}
- /* Put the data to the buffer */
- if (data && data_len)
- silc_buffer_put(sock->outbuf, data, data_len);
+typedef struct {
+ SilcServer server;
+ SilcClientEntry client;
+} *FreeClientInternal;
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
+SILC_TASK_CALLBACK(silc_server_free_client_data_timeout)
+{
+ FreeClientInternal i = (FreeClientInternal)context;
- /* Compute MAC of the packet */
- if (hmac) {
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
- }
+ silc_idlist_del_data(i->client);
+ silc_idcache_purge_by_context(i->server->local_list->clients, i->client);
+ silc_free(i);
+}
- /* Encrypt the packet */
- if (cipher)
- silc_packet_encrypt(cipher, sock->outbuf, sock->outbuf->len);
+/* Frees client data and notifies about client's signoff. */
- /* Pull MAC into the visible data area */
- if (hmac)
- silc_buffer_pull_tail(sock->outbuf, mac_len);
+void silc_server_free_client_data(SilcServer server,
+ SilcSocketConnection sock,
+ SilcClientEntry client,
+ int notify,
+ const char *signoff)
+{
+ FreeClientInternal i = silc_calloc(1, sizeof(*i));
- SILC_LOG_HEXDUMP(("Outgoing packet, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ /* If there is pending outgoing data for the client then purge it
+ to the network before removing the client entry. */
+ silc_server_packet_queue_purge(server, sock);
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
+ if (!client->id)
+ return;
- if (packetdata.src_id)
- silc_free(packetdata.src_id);
- if (packetdata.dst_id)
- silc_free(packetdata.dst_id);
+ /* Send SIGNOFF notify to routers. */
+ if (notify && !server->standalone && server->router)
+ silc_server_send_notify_signoff(server, server->router->connection,
+ server->server_type == SILC_SERVER ?
+ FALSE : TRUE, client->id, signoff);
+
+ /* Remove client from all channels */
+ if (notify)
+ silc_server_remove_from_channels(server, NULL, client,
+ TRUE, (char *)signoff, TRUE);
+ else
+ silc_server_remove_from_channels(server, NULL, client,
+ FALSE, NULL, FALSE);
+
+ /* Update statistics */
+ server->stat.my_clients--;
+ server->stat.clients--;
+ if (server->server_type == SILC_ROUTER)
+ server->stat.cell_clients--;
+ SILC_OPER_STATS_UPDATE(client, server, SILC_UMODE_SERVER_OPERATOR);
+ SILC_OPER_STATS_UPDATE(client, router, SILC_UMODE_ROUTER_OPERATOR);
+
+ /* We will not delete the client entry right away. We will take it
+ into history (for WHOWAS command) for 5 minutes */
+ i->server = server;
+ i->client = client;
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_free_client_data_timeout,
+ (void *)i, 300, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_LOW);
+ client->data.status &= ~SILC_IDLIST_STATUS_REGISTERED;
+ client->router = NULL;
+ client->connection = NULL;
+ client->mode = 0;
}
-/* Forwards packet. Packets sent with this function will be marked as
- forwarded (in the SILC header flags) so that the receiver knows that
- we have forwarded the packet to it. Forwarded packets are handled
- specially by the receiver as they are not destined to the receiver
- originally. However, the receiver knows this because the forwarded
- flag has been set (and the flag is authenticated). */
-
-void silc_server_packet_forward(SilcServer server,
- SilcSocketConnection sock,
- unsigned char *data, unsigned int data_len,
- int force_send)
-{
- SilcCipher cipher = NULL;
- SilcHmac hmac = NULL;
- unsigned char *hmac_key = NULL;
- unsigned int hmac_key_len = 0;
- unsigned char mac[32];
- unsigned int mac_len = 0;
+/* Frees user_data pointer from socket connection object. This also sends
+ appropriate notify packets to the network to inform about leaving
+ entities. */
- SILC_LOG_DEBUG(("Forwarding packet"));
+void silc_server_free_sock_user_data(SilcServer server,
+ SilcSocketConnection sock,
+ const char *signoff_message)
+{
+ SILC_LOG_DEBUG(("Start"));
- /* Get data used in the packet sending, keys and stuff */
- switch(sock->type) {
+ switch (sock->type) {
case SILC_SOCKET_TYPE_CLIENT:
- if (sock->user_data) {
- cipher = ((SilcClientList *)sock->user_data)->send_key;
- hmac = ((SilcClientList *)sock->user_data)->hmac;
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = ((SilcClientList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcClientList *)sock->user_data)->hmac_key_len;
- }
+ {
+ SilcClientEntry user_data = (SilcClientEntry)sock->user_data;
+ silc_server_free_client_data(server, sock, user_data, TRUE,
+ signoff_message);
+ break;
}
- break;
case SILC_SOCKET_TYPE_SERVER:
case SILC_SOCKET_TYPE_ROUTER:
- if (sock->user_data) {
- cipher = ((SilcServerList *)sock->user_data)->send_key;
- hmac = ((SilcServerList *)sock->user_data)->hmac;
- if (hmac) {
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = ((SilcServerList *)sock->user_data)->hmac_key;
- hmac_key_len = ((SilcServerList *)sock->user_data)->hmac_key_len;
+ {
+ SilcServerEntry user_data = (SilcServerEntry)sock->user_data;
+ SilcServerEntry backup_router = NULL;
+
+ if (user_data->id)
+ backup_router = silc_server_backup_get(server, user_data->id);
+
+ /* If this was our primary router connection then we're lost to
+ the outside world. */
+ if (server->router == user_data) {
+ /* Check whether we have a backup router connection */
+ if (!backup_router || backup_router == user_data) {
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_connect_to_router,
+ server, 1, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+
+ server->id_entry->router = NULL;
+ server->router = NULL;
+ server->standalone = TRUE;
+ backup_router = NULL;
+ } else {
+ SILC_LOG_INFO(("New primary router is backup router %s",
+ backup_router->server_name));
+ SILC_LOG_DEBUG(("New primary router is backup router %s",
+ backup_router->server_name));
+ server->id_entry->router = backup_router;
+ server->router = backup_router;
+ server->router_connect = time(0);
+ server->backup_primary = TRUE;
+ if (server->server_type == SILC_BACKUP_ROUTER) {
+ server->server_type = SILC_ROUTER;
+
+ /* We'll need to constantly try to reconnect to the primary
+ router so that we'll see when it comes back online. */
+ silc_server_backup_reconnect(server, sock->ip, sock->port,
+ silc_server_backup_connected,
+ NULL);
+ }
+
+ /* Mark this connection as replaced */
+ silc_server_backup_replaced_add(server, user_data->id,
+ backup_router);
+ }
+ } else if (backup_router) {
+ SILC_LOG_INFO(("Enabling the use of backup router %s",
+ backup_router->server_name));
+ SILC_LOG_DEBUG(("Enabling the use of backup router %s",
+ backup_router->server_name));
+
+ /* Mark this connection as replaced */
+ silc_server_backup_replaced_add(server, user_data->id,
+ backup_router);
+ }
+
+ if (!backup_router) {
+ /* Free all client entries that this server owns as they will
+ become invalid now as well. */
+ if (user_data->id)
+ silc_server_remove_clients_by_server(server, user_data, TRUE);
+ if (server->server_type == SILC_SERVER)
+ silc_server_remove_channels_by_server(server, user_data);
+ } else {
+ /* Update the client entries of this server to the new backup
+ router. This also removes the clients that *really* was owned
+ by the primary router and went down with the router. */
+ silc_server_update_clients_by_server(server, user_data, backup_router,
+ TRUE, TRUE);
+ silc_server_update_servers_by_server(server, user_data, backup_router);
+ if (server->server_type == SILC_SERVER)
+ silc_server_update_channels_by_server(server, user_data,
+ backup_router);
+ }
+
+ /* Free the server entry */
+ silc_server_backup_del(server, user_data);
+ silc_server_backup_replaced_del(server, user_data);
+ silc_idlist_del_data(user_data);
+ if (!silc_idlist_del_server(server->local_list, user_data))
+ silc_idlist_del_server(server->global_list, user_data);
+ server->stat.my_servers--;
+ server->stat.servers--;
+ if (server->server_type == SILC_ROUTER)
+ server->stat.cell_servers--;
+
+ if (backup_router) {
+ /* Announce all of our stuff that was created about 5 minutes ago.
+ The backup router knows all the other stuff already. */
+ if (server->server_type == SILC_ROUTER)
+ silc_server_announce_servers(server, FALSE, time(0) - 300,
+ backup_router->connection);
+
+ /* Announce our clients and channels to the router */
+ silc_server_announce_clients(server, time(0) - 300,
+ backup_router->connection);
+ silc_server_announce_channels(server, time(0) - 300,
+ backup_router->connection);
}
+ break;
}
- break;
default:
- /* We won't forward to unknown destination - keys must exist with
- the destination before forwarding. */
- return;
+ {
+ SilcUnknownEntry user_data = (SilcUnknownEntry)sock->user_data;
+
+ silc_idlist_del_data(user_data);
+ silc_free(user_data);
+ break;
+ }
}
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock, 0, 0, data_len);
+ /* If any protocol is active cancel its execution */
+ if (sock->protocol) {
+ silc_protocol_cancel(sock->protocol, server->schedule);
+ sock->protocol->state = SILC_PROTOCOL_STATE_ERROR;
+ silc_protocol_execute_final(sock->protocol, server->schedule);
+ sock->protocol = NULL;
+ }
- /* Mungle the packet flags and add the FORWARDED flag */
- if (data)
- data[2] |= (unsigned char)SILC_PACKET_FLAG_FORWARDED;
+ sock->user_data = NULL;
+}
- /* Put the data to the buffer */
- if (data && data_len)
- silc_buffer_put(sock->outbuf, data, data_len);
+/* Removes client from all channels it has joined. This is used when client
+ connection is disconnected. If the client on a channel is last, the
+ channel is removed as well. This sends the SIGNOFF notify types. */
- /* Compute MAC of the packet */
- if (hmac) {
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
- }
+void silc_server_remove_from_channels(SilcServer server,
+ SilcSocketConnection sock,
+ SilcClientEntry client,
+ int notify,
+ char *signoff_message,
+ int keygen)
+{
+ SilcChannelEntry channel;
+ SilcChannelClientEntry chl;
+ SilcHashTableList htl;
+ SilcBuffer clidp;
- /* Encrypt the packet */
- if (cipher)
- silc_packet_encrypt(cipher, sock->outbuf, sock->outbuf->len);
+ SILC_LOG_DEBUG(("Start"));
- /* Pull MAC into the visible data area */
- if (hmac)
- silc_buffer_pull_tail(sock->outbuf, mac_len);
+ if (!client || !client->id)
+ return;
- SILC_LOG_HEXDUMP(("Forwarded packet, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ clidp = silc_id_payload_encode(client->id, SILC_ID_CLIENT);
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
-}
+ /* Remove the client from all channels. The client is removed from
+ the channels' user list. */
+ silc_hash_table_list(client->channels, &htl);
+ while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
+ channel = chl->channel;
+
+ /* Remove channel from client's channel list */
+ silc_hash_table_del(client->channels, channel);
+
+ /* Remove channel if there is no users anymore */
+ if (server->server_type == SILC_ROUTER &&
+ silc_hash_table_count(channel->user_list) < 2) {
+ if (channel->rekey)
+ silc_schedule_task_del_by_context(server->schedule, channel->rekey);
+ if (silc_idlist_del_channel(server->local_list, channel))
+ server->stat.my_channels--;
+ else
+ silc_idlist_del_channel(server->global_list, channel);
+ continue;
+ }
-/* This routine is used by the server to send packets to channel. The
- packet sent with this function is distributed to all clients on
- the channel. Usually this is used to send notify messages to the
- channel, things like notify about new user joining to the channel. */
+ /* Remove client from channel's client list */
+ silc_hash_table_del(channel->user_list, chl->client);
+
+ /* If there is no global users on the channel anymore mark the channel
+ as local channel. Do not check if the removed client is local client. */
+ if (server->server_type != SILC_ROUTER && channel->global_users &&
+ chl->client->router && !silc_server_channel_has_global(channel))
+ channel->global_users = FALSE;
+
+ silc_free(chl);
+ server->stat.my_chanclients--;
+
+ /* If there is not at least one local user on the channel then we don't
+ need the channel entry anymore, we can remove it safely. */
+ if (server->server_type != SILC_ROUTER &&
+ !silc_server_channel_has_local(channel)) {
+ /* Notify about leaving client if this channel has global users. */
+ if (notify && channel->global_users)
+ silc_server_send_notify_to_channel(server, NULL, channel, FALSE,
+ SILC_NOTIFY_TYPE_SIGNOFF,
+ signoff_message ? 2 : 1,
+ clidp->data, clidp->len,
+ signoff_message, signoff_message ?
+ strlen(signoff_message) : 0);
+
+ if (channel->rekey)
+ silc_schedule_task_del_by_context(server->schedule, channel->rekey);
+
+ if (channel->founder_key) {
+ /* The founder auth data exists, do not remove the channel entry */
+ SilcChannelClientEntry chl2;
+ SilcHashTableList htl2;
+
+ channel->disabled = TRUE;
+
+ silc_hash_table_list(channel->user_list, &htl2);
+ while (silc_hash_table_get(&htl2, NULL, (void *)&chl2)) {
+ silc_hash_table_del(chl2->client->channels, channel);
+ silc_hash_table_del(channel->user_list, chl2->client);
+ silc_free(chl2);
+ }
+ silc_hash_table_list_reset(&htl2);
+ continue;
+ }
-void silc_server_packet_send_to_channel(SilcServer server,
- SilcChannelList *channel,
- unsigned char *data,
- unsigned int data_len,
- int force_send)
-{
- int i;
- SilcSocketConnection sock = NULL;
- SilcPacketContext packetdata;
- SilcClientList *client = NULL;
- SilcServerList **routed = NULL;
- unsigned int routed_count = 0;
- unsigned char *hmac_key = NULL;
- unsigned int hmac_key_len = 0;
- unsigned char mac[32];
- unsigned int mac_len = 0;
- SilcCipher cipher;
- SilcHmac hmac;
- SilcBuffer payload;
-
- SILC_LOG_DEBUG(("Sending packet to channel"));
-
- /* Generate IV */
- for (i = 0; i < 16; i++)
- channel->iv[i] = silc_rng_get_byte(server->rng);
-
- /* Encode the channel payload */
- payload = silc_channel_encode_payload(0, "", data_len, data,
- 16, channel->iv, server->rng);
- if (!payload)
- return;
-
- /* Encrypt payload of the packet. This is encrypted with the
- channel key. */
- channel->channel_key->cipher->encrypt(channel->channel_key->context,
- payload->data, payload->data,
- payload->len - 16, /* -IV_LEN */
- channel->iv);
-
- /* Set the packet context pointers. */
- packetdata.flags = 0;
- packetdata.type = SILC_PACKET_CHANNEL_MESSAGE;
- packetdata.src_id = silc_id_id2str(server->id, SILC_ID_SERVER);
- packetdata.src_id_len = SILC_ID_SERVER_LEN;
- packetdata.src_id_type = SILC_ID_SERVER;
- packetdata.dst_id = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
- packetdata.dst_id_len = SILC_ID_CHANNEL_LEN;
- packetdata.dst_id_type = SILC_ID_CHANNEL;
- packetdata.rng = server->rng;
- packetdata.padlen = SILC_PACKET_PADLEN((SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len));
-
- /* If there are global users in the channel we will send the message
- first to our router for further routing. */
- if (server->server_type == SILC_SERVER && !server->standalone &&
- channel->global_users) {
- SilcServerList *router;
-
- /* Get data used in packet header encryption, keys and stuff. */
- router = server->id_entry->router;
- sock = (SilcSocketConnection)router->connection;
- cipher = router->send_key;
- hmac = router->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = router->hmac_key;
- hmac_key_len = router->hmac_key_len;
-
- SILC_LOG_DEBUG(("Sending packet to router for routing"));
-
- packetdata.truelen = payload->len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- payload->len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the original packet into the buffer. */
- silc_buffer_put(sock->outbuf, payload->data, payload->len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
-
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
-
- SILC_LOG_HEXDUMP(("Channel packet, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ /* Remove the channel entry */
+ if (silc_idlist_del_channel(server->local_list, channel))
+ server->stat.my_channels--;
+ else
+ silc_idlist_del_channel(server->global_list, channel);
+ continue;
+ }
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
+ /* Send notify to channel about client leaving SILC and thus
+ the entire channel. */
+ if (notify)
+ silc_server_send_notify_to_channel(server, NULL, channel, FALSE,
+ SILC_NOTIFY_TYPE_SIGNOFF,
+ signoff_message ? 2 : 1,
+ clidp->data, clidp->len,
+ signoff_message, signoff_message ?
+ strlen(signoff_message) : 0);
+
+ if (keygen && !(channel->mode & SILC_CHANNEL_MODE_PRIVKEY)) {
+ /* Re-generate channel key */
+ if (!silc_server_create_channel_key(server, channel, 0))
+ goto out;
+
+ /* Send the channel key to the channel. The key of course is not sent
+ to the client who was removed from the channel. */
+ silc_server_send_channel_key(server, client->connection, channel,
+ server->server_type == SILC_ROUTER ?
+ FALSE : !server->standalone);
+ }
}
- /* Send the message to clients on the channel's client list. */
- for (i = 0; i < channel->user_list_count; i++) {
- client = channel->user_list[i].client;
+ out:
+ silc_hash_table_list_reset(&htl);
+ silc_buffer_free(clidp);
+}
- /* If client has router set it is not locally connected client and
- we will route the message to the router set in the client. */
- if (client && client->router && server->server_type == SILC_ROUTER) {
- int k;
+/* Removes client from one channel. This is used for example when client
+ calls LEAVE command to remove itself from the channel. Returns TRUE
+ if channel still exists and FALSE if the channel is removed when
+ last client leaves the channel. If `notify' is FALSE notify messages
+ are not sent. */
- /* Check if we have sent the packet to this route already */
- for (k = 0; k < routed_count; k++)
- if (routed[k] == client->router)
- continue;
+int silc_server_remove_from_one_channel(SilcServer server,
+ SilcSocketConnection sock,
+ SilcChannelEntry channel,
+ SilcClientEntry client,
+ int notify)
+{
+ SilcChannelClientEntry chl;
+ SilcBuffer clidp;
- /* Get data used in packet header encryption, keys and stuff. */
- sock = (SilcSocketConnection)client->router->connection;
- cipher = client->router->send_key;
- hmac = client->router->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = client->router->hmac_key;
- hmac_key_len = client->router->hmac_key_len;
-
- packetdata.truelen = payload->len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- payload->len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the encrypted payload data into the buffer. */
- silc_buffer_put(sock->outbuf, payload->data, payload->len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
+ SILC_LOG_DEBUG(("Start"));
+
+ /* Get the entry to the channel, if this client is not on the channel
+ then return Ok. */
+ if (!silc_hash_table_find(client->channels, channel, NULL, (void *)&chl))
+ return TRUE;
+
+ /* Remove the client from the channel. The client is removed from
+ the channel's user list. */
+
+ clidp = silc_id_payload_encode(client->id, SILC_ID_CLIENT);
+
+ /* Remove channel from client's channel list */
+ silc_hash_table_del(client->channels, chl->channel);
+
+ /* Remove channel if there is no users anymore */
+ if (server->server_type == SILC_ROUTER &&
+ silc_hash_table_count(channel->user_list) < 2) {
+ if (channel->rekey)
+ silc_schedule_task_del_by_context(server->schedule, channel->rekey);
+ if (silc_idlist_del_channel(server->local_list, channel))
+ server->stat.my_channels--;
+ else
+ silc_idlist_del_channel(server->global_list, channel);
+ silc_buffer_free(clidp);
+ return FALSE;
+ }
+
+ /* Remove client from channel's client list */
+ silc_hash_table_del(channel->user_list, chl->client);
+
+ /* If there is no global users on the channel anymore mark the channel
+ as local channel. Do not check if the client is local client. */
+ if (server->server_type != SILC_ROUTER && channel->global_users &&
+ chl->client->router && !silc_server_channel_has_global(channel))
+ channel->global_users = FALSE;
+
+ silc_free(chl);
+ server->stat.my_chanclients--;
+
+ /* If there is not at least one local user on the channel then we don't
+ need the channel entry anymore, we can remove it safely. */
+ if (server->server_type != SILC_ROUTER &&
+ !silc_server_channel_has_local(channel)) {
+ /* Notify about leaving client if this channel has global users. */
+ if (notify && channel->global_users)
+ silc_server_send_notify_to_channel(server, NULL, channel, FALSE,
+ SILC_NOTIFY_TYPE_LEAVE, 1,
+ clidp->data, clidp->len);
+
+ silc_buffer_free(clidp);
+
+ if (channel->rekey)
+ silc_schedule_task_del_by_context(server->schedule, channel->rekey);
+
+ if (channel->founder_key) {
+ /* The founder auth data exists, do not remove the channel entry */
+ SilcChannelClientEntry chl2;
+ SilcHashTableList htl2;
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
+ channel->disabled = TRUE;
- SILC_LOG_HEXDUMP(("Packet to channel, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ silc_hash_table_list(channel->user_list, &htl2);
+ while (silc_hash_table_get(&htl2, NULL, (void *)&chl2)) {
+ silc_hash_table_del(chl2->client->channels, channel);
+ silc_hash_table_del(channel->user_list, chl2->client);
+ silc_free(chl2);
+ }
+ silc_hash_table_list_reset(&htl2);
+ return FALSE;
+ }
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
+ /* Remove the channel entry */
+ if (silc_idlist_del_channel(server->local_list, channel))
+ server->stat.my_channels--;
+ else
+ silc_idlist_del_channel(server->global_list, channel);
+ return FALSE;
+ }
- /* We want to make sure that the packet is routed to same router
- only once. Mark this route as sent route. */
- k = routed_count;
- routed = silc_realloc(routed, sizeof(*routed) * (k + 1));
- routed[k] = client->router;
- routed_count++;
+ /* Send notify to channel about client leaving the channel */
+ if (notify)
+ silc_server_send_notify_to_channel(server, NULL, channel, FALSE,
+ SILC_NOTIFY_TYPE_LEAVE, 1,
+ clidp->data, clidp->len);
- continue;
- }
+ silc_buffer_free(clidp);
+ return TRUE;
+}
- /* Send to locally connected client */
- if (client) {
+/* Timeout callback. This is called if connection is idle or for some
+ other reason is not responding within some period of time. This
+ disconnects the remote end. */
- /* XXX Check client's mode on the channel. */
+SILC_TASK_CALLBACK(silc_server_timeout_remote)
+{
+ SilcServer server = (SilcServer)context;
+ SilcSocketConnection sock = server->sockets[fd];
- /* Get data used in packet header encryption, keys and stuff. */
- sock = (SilcSocketConnection)client->connection;
- cipher = client->send_key;
- hmac = client->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = client->hmac_key;
- hmac_key_len = client->hmac_key_len;
-
- packetdata.truelen = payload->len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- payload->len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the encrypted payload data into the buffer. */
- silc_buffer_put(sock->outbuf, payload->data, payload->len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
-
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
-
- SILC_LOG_HEXDUMP(("Packet to channel, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ SILC_LOG_DEBUG(("Start"));
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
- }
+ if (!sock)
+ return;
+
+ /* If we have protocol active we must assure that we call the protocol's
+ final callback so that all the memory is freed. */
+ if (sock->protocol) {
+ silc_protocol_cancel(sock->protocol, server->schedule);
+ sock->protocol->state = SILC_PROTOCOL_STATE_ERROR;
+ silc_protocol_execute_final(sock->protocol, server->schedule);
+ sock->protocol = NULL;
+ return;
}
- if (routed_count)
- silc_free(routed);
- silc_free(packetdata.src_id);
- silc_free(packetdata.dst_id);
- silc_buffer_free(payload);
+ if (sock->user_data)
+ silc_server_free_sock_user_data(server, sock, NULL);
+
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Connection timeout");
}
-/* This routine is explicitly used to relay messages to some channel.
- Packets sent with this function we have received earlier and are
- totally encrypted. This just sends the packet to all clients on
- the channel. If the sender of the packet is someone on the channel
- the message will not be sent to that client. The SILC Packet header
- is encrypted with the session key shared between us and the client.
- MAC is also computed before encrypting the header. Rest of the
- packet will be untouched. */
-
-void silc_server_packet_relay_to_channel(SilcServer server,
- SilcSocketConnection sender_sock,
- SilcChannelList *channel,
- void *sender,
- SilcIdType sender_type,
- unsigned char *data,
- unsigned int data_len,
- int force_send)
+/* Creates new channel. Sends NEW_CHANNEL packet to primary route. This
+ function may be used only by router. In real SILC network all channels
+ are created by routers thus this function is never used by normal
+ server. */
+
+SilcChannelEntry silc_server_create_new_channel(SilcServer server,
+ SilcServerID *router_id,
+ char *cipher,
+ char *hmac,
+ char *channel_name,
+ int broadcast)
{
- int i, found = FALSE;
- SilcSocketConnection sock = NULL;
- SilcPacketContext packetdata;
- SilcClientList *client = NULL;
- SilcServerList **routed = NULL;
- unsigned int routed_count = 0;
- unsigned char *hmac_key = NULL;
- unsigned int hmac_key_len = 0;
- unsigned char mac[32];
- unsigned int mac_len = 0;
- SilcCipher cipher;
- SilcHmac hmac;
-
- SILC_LOG_DEBUG(("Relaying packet to channel"));
-
- SILC_LOG_HEXDUMP(("XXX %d", data_len), data, data_len);
-
- /* Set the packet context pointers. */
- packetdata.flags = 0;
- packetdata.type = SILC_PACKET_CHANNEL_MESSAGE;
- packetdata.src_id = silc_id_id2str(sender, sender_type);
- packetdata.src_id_len = silc_id_get_len(sender_type);
- packetdata.src_id_type = sender_type;
- packetdata.dst_id = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
- packetdata.dst_id_len = SILC_ID_CHANNEL_LEN;
- packetdata.dst_id_type = SILC_ID_CHANNEL;
- packetdata.rng = server->rng;
- packetdata.padlen = SILC_PACKET_PADLEN((SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len));
-
- /* If there are global users in the channel we will send the message
- first to our router for further routing. */
- if (server->server_type == SILC_SERVER && !server->standalone &&
- channel->global_users) {
- SilcServerList *router;
-
- router = server->id_entry->router;
-
- /* Check that the sender is not our router. */
- if (sender_sock != (SilcSocketConnection)router->connection) {
-
- /* Get data used in packet header encryption, keys and stuff. */
- sock = (SilcSocketConnection)router->connection;
- cipher = router->send_key;
- hmac = router->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = router->hmac_key;
- hmac_key_len = router->hmac_key_len;
-
- SILC_LOG_DEBUG(("Sending packet to router for routing"));
-
- packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- data_len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the original packet into the buffer. */
- silc_buffer_put(sock->outbuf, data, data_len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
-
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
-
- SILC_LOG_HEXDUMP(("Channel packet, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
-
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
- }
- }
+ SilcChannelID *channel_id;
+ SilcChannelEntry entry;
+ SilcCipher key;
+ SilcHmac newhmac;
- /* Send the message to clients on the channel's client list. */
- for (i = 0; i < channel->user_list_count; i++) {
- client = channel->user_list[i].client;
+ SILC_LOG_DEBUG(("Creating new channel"));
- if (client) {
+ if (!cipher)
+ cipher = SILC_DEFAULT_CIPHER;
+ if (!hmac)
+ hmac = SILC_DEFAULT_HMAC;
- /* If sender is one on the channel do not send it the packet. */
- if (!found && !SILC_ID_CLIENT_COMPARE(client->id, sender)) {
- found = TRUE;
- continue;
- }
+ /* Allocate cipher */
+ if (!silc_cipher_alloc(cipher, &key))
+ return NULL;
- /* If the client has set router it means that it is not locally
- connected client and we won't send message to those in this
- function (they will be routed separately by the caller). */
- if (server->server_type == SILC_ROUTER && client->router) {
- int k;
+ /* Allocate hmac */
+ if (!silc_hmac_alloc(hmac, NULL, &newhmac)) {
+ silc_cipher_free(key);
+ return NULL;
+ }
- /* Sender maybe server as well so we want to make sure that
- we won't send the message to the server it came from. */
- if (!found && !SILC_ID_SERVER_COMPARE(client->router->id, sender)) {
- found = TRUE;
- continue;
- }
+ channel_name = strdup(channel_name);
- /* Check if we have sent the packet to this route already */
- for (k = 0; k < routed_count; k++)
- if (routed[k] == client->router)
- continue;
-
- /* Get data used in packet header encryption, keys and stuff. */
- sock = (SilcSocketConnection)client->router->connection;
- cipher = client->router->send_key;
- hmac = client->router->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = client->router->hmac_key;
- hmac_key_len = client->router->hmac_key_len;
-
- packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- data_len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the original packet into the buffer. */
- silc_buffer_put(sock->outbuf, data, data_len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
-
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
-
- SILC_LOG_HEXDUMP(("Packet to channel, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
-
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
-
- /* We want to make sure that the packet is routed to same router
- only once. Mark this route as sent route. */
- k = routed_count;
- routed = silc_realloc(routed, sizeof(*routed) * (k + 1));
- routed[k] = client->router;
- routed_count++;
-
- continue;
- }
-
- /* XXX Check client's mode on the channel. */
+ /* Create the channel ID */
+ if (!silc_id_create_channel_id(server, router_id, server->rng,
+ &channel_id)) {
+ silc_free(channel_name);
+ silc_cipher_free(key);
+ silc_hmac_free(newhmac);
+ return NULL;
+ }
+ /* Create the channel */
+ entry = silc_idlist_add_channel(server->local_list, channel_name,
+ SILC_CHANNEL_MODE_NONE, channel_id,
+ NULL, key, newhmac, 0);
+ if (!entry) {
+ silc_free(channel_name);
+ silc_cipher_free(key);
+ silc_hmac_free(newhmac);
+ silc_free(channel_id);
+ return NULL;
+ }
- /* Get data used in packet header encryption, keys and stuff. */
- sock = (SilcSocketConnection)client->connection;
- cipher = client->send_key;
- hmac = client->hmac;
- mac_len = hmac->hash->hash->hash_len;
- hmac_key = client->hmac_key;
- hmac_key_len = client->hmac_key_len;
-
- SILC_LOG_DEBUG(("Sending packet to client %s",
- sock->hostname ? sock->hostname : sock->ip));
-
- packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len;
-
- /* Prepare outgoing data buffer for packet sending */
- silc_server_packet_send_prepare(server, sock,
- SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len +
- packetdata.dst_id_len,
- packetdata.padlen,
- data_len);
- packetdata.buffer = sock->outbuf;
-
- /* Put the original packet into the buffer. */
- silc_buffer_put(sock->outbuf, data, data_len);
-
- /* Create the outgoing packet */
- silc_packet_assemble(&packetdata);
-
- /* Compute MAC of the packet. MAC is computed from the header,
- padding and the relayed packet. */
- silc_hmac_make_with_key(hmac, sock->outbuf->data, sock->outbuf->len,
- hmac_key, hmac_key_len, mac);
- silc_buffer_put_tail(sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
-
- /* Encrypt the header and padding of the packet. This is encrypted
- with normal session key shared with the client. */
- silc_packet_encrypt(cipher, sock->outbuf, SILC_PACKET_HEADER_LEN +
- packetdata.src_id_len + packetdata.dst_id_len +
- packetdata.padlen);
-
- /* Pull MAC into the visible data area */
- silc_buffer_pull_tail(sock->outbuf, mac_len);
-
- SILC_LOG_HEXDUMP(("Channel packet, len %d", sock->outbuf->len),
- sock->outbuf->data, sock->outbuf->len);
+ entry->cipher = strdup(cipher);
+ entry->hmac_name = strdup(hmac);
- /* Now actually send the packet */
- silc_server_packet_send_real(server, sock, force_send);
- }
+ /* Now create the actual key material */
+ if (!silc_server_create_channel_key(server, entry,
+ silc_cipher_get_key_len(key) / 8)) {
+ silc_idlist_del_channel(server->local_list, entry);
+ return NULL;
}
- silc_free(packetdata.src_id);
- silc_free(packetdata.dst_id);
-}
+ /* Notify other routers about the new channel. We send the packet
+ to our primary route. */
+ if (broadcast && server->standalone == FALSE)
+ silc_server_send_new_channel(server, server->router->connection, TRUE,
+ channel_name, entry->id,
+ silc_id_get_len(entry->id, SILC_ID_CHANNEL),
+ entry->mode);
-/* Relays received command reply packet to the correct destination. The
- destination must be one of our locally connected client or the packet
- will be ignored. This is called when server has forwarded one of
- client's command request to router and router has now replied to the
- command. */
+ server->stat.my_channels++;
-void silc_server_packet_relay_command_reply(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
-{
- SilcBuffer buffer = packet->buffer;
- SilcClientList *client;
- SilcClientID *id;
- SilcSocketConnection dst_sock;
- unsigned char mac[32];
- unsigned int mac_len = 0;
+ return entry;
+}
- SILC_LOG_DEBUG(("Start"));
+/* Same as above but creates the channel with Channel ID `channel_id. */
- /* Source must be server or router */
- /* XXX: actually it must be only router */
- if (packet->src_id_type != SILC_ID_SERVER &&
- (sock->type != SILC_SOCKET_TYPE_SERVER ||
- sock->type != SILC_SOCKET_TYPE_ROUTER))
- goto out;
+SilcChannelEntry
+silc_server_create_new_channel_with_id(SilcServer server,
+ char *cipher,
+ char *hmac,
+ char *channel_name,
+ SilcChannelID *channel_id,
+ int broadcast)
+{
+ SilcChannelEntry entry;
+ SilcCipher key;
+ SilcHmac newhmac;
- /* Destination must be client */
- if (packet->dst_id_type != SILC_ID_CLIENT)
- goto out;
+ SILC_LOG_DEBUG(("Creating new channel"));
- /* Execute command reply locally for the command */
- silc_server_command_reply_process(server, sock, buffer);
+ if (!cipher)
+ cipher = SILC_DEFAULT_CIPHER;
+ if (!hmac)
+ hmac = SILC_DEFAULT_HMAC;
- id = silc_id_str2id(packet->dst_id, SILC_ID_CLIENT);
+ /* Allocate cipher */
+ if (!silc_cipher_alloc(cipher, &key))
+ return NULL;
- /* Destination must be one of ours */
- client = silc_idlist_find_client_by_id(server->local_list->clients, id);
- if (!client) {
- silc_free(id);
- goto out;
+ /* Allocate hmac */
+ if (!silc_hmac_alloc(hmac, NULL, &newhmac)) {
+ silc_cipher_free(key);
+ return NULL;
}
- /* Relay the packet to the client */
- if (client->hmac)
- mac_len = client->hmac->hash->hash->hash_len;
+ channel_name = strdup(channel_name);
- dst_sock = (SilcSocketConnection)client->connection;
+ /* Create the channel */
+ entry = silc_idlist_add_channel(server->local_list, channel_name,
+ SILC_CHANNEL_MODE_NONE, channel_id,
+ NULL, key, newhmac, 0);
+ if (!entry) {
+ silc_cipher_free(key);
+ silc_hmac_free(newhmac);
+ silc_free(channel_name);
+ return NULL;
+ }
- silc_buffer_push(buffer, SILC_PACKET_HEADER_LEN + packet->src_id_len
- + packet->dst_id_len + packet->padlen);
- silc_server_packet_send_prepare(server, dst_sock, 0, 0, buffer->len);
- silc_buffer_put(dst_sock->outbuf, buffer->data, buffer->len);
-
- /* Compute new HMAC */
- if (client->hmac) {
- memset(mac, 0, sizeof(mac));
- silc_hmac_make_with_key(client->hmac,
- dst_sock->outbuf->data,
- dst_sock->outbuf->len,
- client->hmac_key,
- client->hmac_key_len,
- mac);
- silc_buffer_put_tail(dst_sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
+ /* Now create the actual key material */
+ if (!silc_server_create_channel_key(server, entry,
+ silc_cipher_get_key_len(key) / 8)) {
+ silc_idlist_del_channel(server->local_list, entry);
+ return NULL;
}
-
- /* Encrypt */
- if (client && client->send_key)
- silc_packet_encrypt(client->send_key, dst_sock->outbuf, buffer->len);
-
- if (client->hmac)
- silc_buffer_pull_tail(dst_sock->outbuf, mac_len);
-
- /* Send the packet */
- silc_server_packet_send_real(server, dst_sock, FALSE);
- silc_free(id);
+ /* Notify other routers about the new channel. We send the packet
+ to our primary route. */
+ if (broadcast && server->standalone == FALSE)
+ silc_server_send_new_channel(server, server->router->connection, TRUE,
+ channel_name, entry->id,
+ silc_id_get_len(entry->id, SILC_ID_CHANNEL),
+ entry->mode);
- out:
- silc_buffer_free(buffer);
+ server->stat.my_channels++;
+
+ return entry;
}
-/* Closes connection to socket connection */
+/* Channel's key re-key timeout callback. */
-void silc_server_close_connection(SilcServer server,
- SilcSocketConnection sock)
+SILC_TASK_CALLBACK(silc_server_channel_key_rekey)
{
+ SilcServerChannelRekey rekey = (SilcServerChannelRekey)context;
+ SilcServer server = (SilcServer)rekey->context;
- SILC_LOG_DEBUG(("Closing connection %d", sock->sock));
-
- /* We won't listen for this connection anymore */
- silc_schedule_unset_listen_fd(sock->sock);
+ rekey->task = NULL;
- /* Unregister all tasks */
- silc_task_unregister_by_fd(server->io_queue, sock->sock);
- silc_task_unregister_by_fd(server->timeout_queue, sock->sock);
+ if (!silc_server_create_channel_key(server, rekey->channel, rekey->key_len))
+ return;
- /* Close the actual connection */
- silc_net_close_connection(sock->sock);
- server->sockets[sock->sock] = NULL;
- silc_socket_free(sock);
+ silc_server_send_channel_key(server, NULL, rekey->channel, FALSE);
}
-/* Sends disconnect message to remote connection and disconnects the
- connection. */
+/* Generates new channel key. This is used to create the initial channel key
+ but also to re-generate new key for channel. If `key_len' is provided
+ it is the bytes of the key length. */
-void silc_server_disconnect_remote(SilcServer server,
- SilcSocketConnection sock,
- const char *fmt, ...)
+bool silc_server_create_channel_key(SilcServer server,
+ SilcChannelEntry channel,
+ uint32 key_len)
{
- va_list ap;
- unsigned char buf[4096];
+ int i;
+ unsigned char channel_key[32], hash[32];
+ uint32 len;
- memset(buf, 0, sizeof(buf));
- va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
- va_end(ap);
+ SILC_LOG_DEBUG(("Generating channel key"));
- SILC_LOG_DEBUG(("Disconnecting remote host"));
+ if (channel->mode & SILC_CHANNEL_MODE_PRIVKEY) {
+ SILC_LOG_DEBUG(("Channel has private keys, will not generate new key"));
+ return TRUE;
+ }
- /* Notify remote end that the conversation is over. The notify message
- is tried to be sent immediately. */
- silc_server_packet_send(server, sock, SILC_PACKET_DISCONNECT, 0,
- buf, strlen(buf), TRUE);
+ if (!channel->channel_key)
+ if (!silc_cipher_alloc(SILC_DEFAULT_CIPHER, &channel->channel_key)) {
+ channel->channel_key = NULL;
+ return FALSE;
+ }
- /* Mark the connection to be disconnected */
- SILC_SET_DISCONNECTED(sock);
- silc_server_close_connection(server, sock);
+ if (key_len)
+ len = key_len;
+ else if (channel->key_len)
+ len = channel->key_len / 8;
+ else
+ len = silc_cipher_get_key_len(channel->channel_key) / 8;
+
+ /* Create channel key */
+ for (i = 0; i < len; i++) channel_key[i] = silc_rng_get_byte(server->rng);
+
+ /* Set the key */
+ silc_cipher_set_key(channel->channel_key, channel_key, len * 8);
+
+ /* Remove old key if exists */
+ if (channel->key) {
+ memset(channel->key, 0, channel->key_len / 8);
+ silc_free(channel->key);
+ }
+
+ /* Save the key */
+ channel->key_len = len * 8;
+ channel->key = silc_calloc(len, sizeof(*channel->key));
+ memcpy(channel->key, channel_key, len);
+ memset(channel_key, 0, sizeof(channel_key));
+
+ /* Generate HMAC key from the channel key data and set it */
+ if (!channel->hmac)
+ silc_hmac_alloc(SILC_DEFAULT_HMAC, NULL, &channel->hmac);
+ silc_hash_make(silc_hmac_get_hash(channel->hmac), channel->key, len, hash);
+ silc_hmac_set_key(channel->hmac, hash,
+ silc_hash_len(silc_hmac_get_hash(channel->hmac)));
+ memset(hash, 0, sizeof(hash));
+
+ if (server->server_type == SILC_ROUTER) {
+ if (!channel->rekey)
+ channel->rekey = silc_calloc(1, sizeof(*channel->rekey));
+ channel->rekey->context = (void *)server;
+ channel->rekey->channel = channel;
+ channel->rekey->key_len = key_len;
+ if (channel->rekey->task)
+ silc_schedule_task_del(server->schedule, channel->rekey->task);
+
+ channel->rekey->task =
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_channel_key_rekey,
+ (void *)channel->rekey, 3600, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+ }
+
+ return TRUE;
}
-/* Free's user_data pointer from socket connection object. As this
- pointer maybe anything we wil switch here to find the corrent
- data type and free it the way it needs to be free'd. */
+/* Saves the channel key found in the encoded `key_payload' buffer. This
+ function is used when we receive Channel Key Payload and also when we're
+ processing JOIN command reply. Returns entry to the channel. */
-void silc_server_free_sock_user_data(SilcServer server,
- SilcSocketConnection sock)
+SilcChannelEntry silc_server_save_channel_key(SilcServer server,
+ SilcBuffer key_payload,
+ SilcChannelEntry channel)
{
- SILC_LOG_DEBUG(("Start"));
-
-#define LCC(x) server->local_list->client_cache[(x) - 32]
-#define LCCC(x) server->local_list->client_cache_count[(x) - 32]
+ SilcChannelKeyPayload payload = NULL;
+ SilcChannelID *id = NULL;
+ unsigned char *tmp, hash[32];
+ uint32 tmp_len;
+ char *cipher;
- switch(sock->type) {
- case SILC_SOCKET_TYPE_CLIENT:
- {
- SilcClientList *user_data = (SilcClientList *)sock->user_data;
+ SILC_LOG_DEBUG(("Start"));
- /* Remove client from all channels */
- silc_server_remove_from_channels(server, sock, user_data);
+ /* Decode channel key payload */
+ payload = silc_channel_key_payload_parse(key_payload->data,
+ key_payload->len);
+ if (!payload) {
+ SILC_LOG_ERROR(("Bad channel key payload received, dropped"));
+ channel = NULL;
+ goto out;
+ }
- /* Clear ID cache */
- if (user_data->nickname && user_data->id)
- silc_idcache_del_by_id(LCC(user_data->nickname[0]),
- LCCC(user_data->nickname[0]),
- SILC_ID_CLIENT, user_data->id);
+ /* Get the channel entry */
+ if (!channel) {
- /* Free the client entry and everything in it */
- /* XXX must take some info to history before freeing */
- silc_idlist_del_client(&server->local_list->clients, user_data);
- break;
+ /* Get channel ID */
+ tmp = silc_channel_key_get_id(payload, &tmp_len);
+ id = silc_id_str2id(tmp, tmp_len, SILC_ID_CHANNEL);
+ if (!id) {
+ channel = NULL;
+ goto out;
}
- case SILC_SOCKET_TYPE_SERVER:
- case SILC_SOCKET_TYPE_ROUTER:
- {
- break;
- }
- break;
- default:
- {
- SilcIDListUnknown *user_data = (SilcIDListUnknown *)sock->user_data;
-
- if (user_data->send_key)
- silc_cipher_free(user_data->send_key);
- if (user_data->receive_key)
- silc_cipher_free(user_data->receive_key);
- if (user_data->pkcs)
- silc_pkcs_free(user_data->pkcs);
- if (user_data->hmac) {
- silc_hmac_free(user_data->hmac);
- memset(user_data->hmac_key, 0, user_data->hmac_key_len);
- silc_free(user_data->hmac_key);
+ channel = silc_idlist_find_channel_by_id(server->local_list, id, NULL);
+ if (!channel) {
+ channel = silc_idlist_find_channel_by_id(server->global_list, id, NULL);
+ if (!channel) {
+ SILC_LOG_ERROR(("Received key for non-existent channel %s",
+ silc_id_render(id, SILC_ID_CHANNEL)));
+ goto out;
}
- silc_free(user_data);
- break;
}
}
- sock->user_data = NULL;
-#undef LCC
-#undef LCCC
+ tmp = silc_channel_key_get_key(payload, &tmp_len);
+ if (!tmp) {
+ channel = NULL;
+ goto out;
+ }
+
+ cipher = silc_channel_key_get_cipher(payload, NULL);
+ if (!cipher) {
+ channel = NULL;
+ goto out;
+ }
+
+ /* Remove old key if exists */
+ if (channel->key) {
+ memset(channel->key, 0, channel->key_len / 8);
+ silc_free(channel->key);
+ silc_cipher_free(channel->channel_key);
+ }
+
+ /* Create new cipher */
+ if (!silc_cipher_alloc(cipher, &channel->channel_key)) {
+ channel->channel_key = NULL;
+ channel = NULL;
+ goto out;
+ }
+
+ if (channel->cipher)
+ silc_free(channel->cipher);
+ channel->cipher = strdup(cipher);
+
+ /* Save the key */
+ channel->key_len = tmp_len * 8;
+ channel->key = silc_calloc(tmp_len, sizeof(unsigned char));
+ memcpy(channel->key, tmp, tmp_len);
+ silc_cipher_set_key(channel->channel_key, tmp, channel->key_len);
+
+ /* Generate HMAC key from the channel key data and set it */
+ if (!channel->hmac)
+ silc_hmac_alloc(SILC_DEFAULT_HMAC, NULL, &channel->hmac);
+ silc_hash_make(silc_hmac_get_hash(channel->hmac), tmp, tmp_len, hash);
+ silc_hmac_set_key(channel->hmac, hash,
+ silc_hash_len(silc_hmac_get_hash(channel->hmac)));
+
+ memset(hash, 0, sizeof(hash));
+ memset(tmp, 0, tmp_len);
+
+ if (server->server_type == SILC_ROUTER) {
+ if (!channel->rekey)
+ channel->rekey = silc_calloc(1, sizeof(*channel->rekey));
+ channel->rekey->context = (void *)server;
+ channel->rekey->channel = channel;
+ if (channel->rekey->task)
+ silc_schedule_task_del(server->schedule, channel->rekey->task);
+
+ channel->rekey->task =
+ silc_schedule_task_add(server->schedule, 0,
+ silc_server_channel_key_rekey,
+ (void *)channel->rekey, 3600, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+ }
+
+ out:
+ silc_free(id);
+ if (payload)
+ silc_channel_key_payload_free(payload);
+
+ return channel;
}
-/* Removes client from all channels it has joined. This is used when
- client connection is disconnected. If the client on a channel
- is last, the channel is removed as well. */
+/* Heartbeat callback. This function is set as argument for the
+ silc_socket_set_heartbeat function. The library will call this function
+ at the set time interval. */
-void silc_server_remove_from_channels(SilcServer server,
- SilcSocketConnection sock,
- SilcClientList *client)
+void silc_server_perform_heartbeat(SilcSocketConnection sock,
+ void *hb_context)
{
- int i, k;
- SilcChannelList *channel;
+ SilcServerHBContext hb = (SilcServerHBContext)hb_context;
-#define LCC(x) server->local_list->channel_cache[(x) - 32]
-#define LCCC(x) server->local_list->channel_cache_count[(x) - 32]
+ SILC_LOG_DEBUG(("Sending heartbeat to %s (%s)", sock->hostname, sock->ip));
- /* Remove the client from all channels. The client is removed from
- the channels' user list. */
- for (i = 0; i < client->channel_count; i++) {
- channel = client->channel[i];
- if (!channel)
- continue;
+ /* Send the heartbeat */
+ silc_server_send_heartbeat(hb->server, sock);
+}
- /* Remove from channel */
- for (k = 0; k < channel->user_list_count; k++) {
- if (channel->user_list[k].client == client) {
-
- /* If this client is last one on the channel the channel
- is removed all together. */
- if (channel->user_list_count == 1) {
- silc_idcache_del_by_id(LCC(channel->channel_name[0]),
- LCCC(channel->channel_name[0]),
- SILC_ID_CHANNEL, channel->id);
- silc_idlist_del_channel(&server->local_list->channels, channel);
- break;
+/* Returns assembled of all servers in the given ID list. The packet's
+ form is dictated by the New ID payload. */
+
+static void silc_server_announce_get_servers(SilcServer server,
+ SilcServerEntry remote,
+ SilcIDList id_list,
+ SilcBuffer *servers,
+ unsigned long creation_time)
+{
+ SilcIDCacheList list;
+ SilcIDCacheEntry id_cache;
+ SilcServerEntry entry;
+ SilcBuffer idp;
+
+ /* Go through all clients in the list */
+ if (silc_idcache_get_all(id_list->servers, &list)) {
+ if (silc_idcache_list_first(list, &id_cache)) {
+ while (id_cache) {
+ entry = (SilcServerEntry)id_cache->context;
+
+ /* Do not announce the one we've sending our announcements and
+ do not announce ourself. Also check the creation time if it's
+ provided. */
+ if ((entry == remote) || (entry == server->id_entry) ||
+ (creation_time && entry->data.created < creation_time)) {
+ if (!silc_idcache_list_next(list, &id_cache))
+ break;
+ continue;
}
- channel->user_list[k].client = NULL;
- channel->user_list[k].mode = SILC_CHANNEL_UMODE_NONE;
+ idp = silc_id_payload_encode(entry->id, SILC_ID_SERVER);
- /* XXX */
- /* Send notify to channel about client leaving SILC and thus
- the entire channel. */
- silc_server_send_notify_to_channel(server, channel,
- "%s has left channel %s",
- client->nickname,
- channel->channel_name);
+ *servers = silc_buffer_realloc(*servers,
+ (*servers ?
+ (*servers)->truelen + idp->len :
+ idp->len));
+ silc_buffer_pull_tail(*servers, ((*servers)->end - (*servers)->data));
+ silc_buffer_put(*servers, idp->data, idp->len);
+ silc_buffer_pull(*servers, idp->len);
+ silc_buffer_free(idp);
+
+ if (!silc_idcache_list_next(list, &id_cache))
+ break;
}
}
- }
- if (client->channel_count)
- silc_free(client->channel);
- client->channel = NULL;
-#undef LCC
-#undef LCCC
+ silc_idcache_list_free(list);
+ }
}
-/* Timeout callback. This is called if connection is idle or for some
- other reason is not responding within some period of time. This
- disconnects the remote end. */
-
-SILC_TASK_CALLBACK(silc_server_timeout_remote)
+static SilcBuffer
+silc_server_announce_encode_notify(SilcNotifyType notify, uint32 argc, ...)
{
- SilcServer server = (SilcServer)context;
- SilcSocketConnection sock = server->sockets[fd];
+ va_list ap;
+ SilcBuffer p;
- silc_server_disconnect_remote(server, sock,
- "Server closed connection: "
- "Connection timeout");
+ va_start(ap, argc);
+ p = silc_notify_payload_encode(notify, argc, ap);
+ va_end(ap);
+
+ return p;
}
-/* Internal routine used to send (relay, route) private messages to some
- destination. This is used to by normal server to send the message to
- its primary route and router uses this to send it to any route it
- wants. If the private message key does not exist then the message
- is re-encrypted, otherwise we just pass it along. */
-static void
-silc_server_private_message_send_internal(SilcServer server,
- SilcSocketConnection dst_sock,
- SilcServerList *router,
- SilcPacketContext *packet)
+/* This function is used by router to announce existing servers to our
+ primary router when we've connected to it. If `creation_time' is non-zero
+ then only the servers that has been created after the `creation_time'
+ will be announced. */
+
+void silc_server_announce_servers(SilcServer server, bool global,
+ unsigned long creation_time,
+ SilcSocketConnection remote)
{
- SilcBuffer buffer = packet->buffer;
+ SilcBuffer servers = NULL;
+
+ SILC_LOG_DEBUG(("Announcing servers"));
+
+ /* Get servers in local list */
+ silc_server_announce_get_servers(server, remote->user_data,
+ server->local_list, &servers,
+ creation_time);
+
+ if (global)
+ /* Get servers in global list */
+ silc_server_announce_get_servers(server, remote->user_data,
+ server->global_list, &servers,
+ creation_time);
+
+ if (servers) {
+ silc_buffer_push(servers, servers->data - servers->head);
+ SILC_LOG_HEXDUMP(("servers"), servers->data, servers->len);
- /* Send and re-encrypt if private messge key does not exist */
- if ((packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY) == FALSE) {
- unsigned char mac[32];
- unsigned int mac_len = 0;
-
- if (router->hmac)
- mac_len = router->hmac->hash->hash->hash_len;
-
- silc_buffer_push(buffer, SILC_PACKET_HEADER_LEN + packet->src_id_len
- + packet->dst_id_len + packet->padlen);
- silc_server_packet_send_prepare(server, dst_sock, 0, 0, buffer->len);
- silc_buffer_put(dst_sock->outbuf, buffer->data, buffer->len);
-
- /* Compute new HMAC */
- if (router->hmac) {
- mac_len = router->hmac->hash->hash->hash_len;
- memset(mac, 0, sizeof(mac));
- silc_hmac_make_with_key(router->hmac,
- dst_sock->outbuf->data,
- dst_sock->outbuf->len,
- router->hmac_key,
- router->hmac_key_len,
- mac);
- silc_buffer_put_tail(dst_sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
- }
-
- silc_packet_encrypt(router->send_key, dst_sock->outbuf, buffer->len);
-
- if (router->hmac)
- silc_buffer_pull_tail(dst_sock->outbuf, mac_len);
-
/* Send the packet */
- silc_server_packet_send_real(server, dst_sock, FALSE);
+ silc_server_packet_send(server, remote,
+ SILC_PACKET_NEW_ID, SILC_PACKET_FLAG_LIST,
+ servers->data, servers->len, TRUE);
- } else {
- /* Key exist so just send it */
- silc_buffer_push(buffer, SILC_PACKET_HEADER_LEN + packet->src_id_len
- + packet->dst_id_len + packet->padlen);
- silc_server_packet_send_prepare(server, dst_sock, 0, 0, buffer->len);
- silc_buffer_put(dst_sock->outbuf, buffer->data, buffer->len);
- silc_server_packet_send_real(server, dst_sock, FALSE);
+ silc_buffer_free(servers);
}
}
-/* Internal routine to send the received private message packet to
- our locally connected client. */
-static void
-silc_server_private_message_send_local(SilcServer server,
- SilcSocketConnection dst_sock,
- SilcClientList *client,
- SilcPacketContext *packet)
-{
- SilcBuffer buffer = packet->buffer;
+/* Returns assembled packet of all clients in the given ID list. The
+ packet's form is dictated by the New ID Payload. */
- /* Re-encrypt packet if needed */
- if ((packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY) == FALSE) {
- unsigned char mac[32];
- unsigned int mac_len = 0;
+static void silc_server_announce_get_clients(SilcServer server,
+ SilcIDList id_list,
+ SilcBuffer *clients,
+ SilcBuffer *umodes,
+ unsigned long creation_time)
+{
+ SilcIDCacheList list;
+ SilcIDCacheEntry id_cache;
+ SilcClientEntry client;
+ SilcBuffer idp;
+ SilcBuffer tmp;
+ unsigned char mode[4];
+
+ /* Go through all clients in the list */
+ if (silc_idcache_get_all(id_list->clients, &list)) {
+ if (silc_idcache_list_first(list, &id_cache)) {
+ while (id_cache) {
+ client = (SilcClientEntry)id_cache->context;
+
+ if (creation_time && client->data.created < creation_time) {
+ if (!silc_idcache_list_next(list, &id_cache))
+ break;
+ continue;
+ }
- if (client->hmac)
- mac_len = client->hmac->hash->hash->hash_len;
-
- silc_buffer_push(buffer, SILC_PACKET_HEADER_LEN + packet->src_id_len
- + packet->dst_id_len + packet->padlen);
- silc_server_packet_send_prepare(server, dst_sock, 0, 0, buffer->len);
- silc_buffer_put(dst_sock->outbuf, buffer->data, buffer->len);
-
- /* Compute new HMAC */
- if (client->hmac) {
- memset(mac, 0, sizeof(mac));
- silc_hmac_make_with_key(client->hmac,
- dst_sock->outbuf->data,
- dst_sock->outbuf->len,
- client->hmac_key,
- client->hmac_key_len,
- mac);
- silc_buffer_put_tail(dst_sock->outbuf, mac, mac_len);
- memset(mac, 0, sizeof(mac));
+ idp = silc_id_payload_encode(client->id, SILC_ID_CLIENT);
+
+ *clients = silc_buffer_realloc(*clients,
+ (*clients ?
+ (*clients)->truelen + idp->len :
+ idp->len));
+ silc_buffer_pull_tail(*clients, ((*clients)->end - (*clients)->data));
+ silc_buffer_put(*clients, idp->data, idp->len);
+ silc_buffer_pull(*clients, idp->len);
+
+ SILC_PUT32_MSB(client->mode, mode);
+ tmp = silc_server_announce_encode_notify(SILC_NOTIFY_TYPE_UMODE_CHANGE,
+ 2, idp->data, idp->len,
+ mode, 4);
+ *umodes = silc_buffer_realloc(*umodes,
+ (*umodes ?
+ (*umodes)->truelen + tmp->len :
+ tmp->len));
+ silc_buffer_pull_tail(*umodes, ((*umodes)->end - (*umodes)->data));
+ silc_buffer_put(*umodes, tmp->data, tmp->len);
+ silc_buffer_pull(*umodes, tmp->len);
+ silc_buffer_free(tmp);
+
+ silc_buffer_free(idp);
+
+ if (!silc_idcache_list_next(list, &id_cache))
+ break;
+ }
}
-
- /* Encrypt */
- if (client && client->send_key)
- silc_packet_encrypt(client->send_key, dst_sock->outbuf,
- buffer->len);
-
- if (client->hmac)
- silc_buffer_pull_tail(dst_sock->outbuf, mac_len);
-
- /* Send the packet */
- silc_server_packet_send_real(server, dst_sock, FALSE);
- } else {
- /* Key exist so just send it */
- silc_buffer_push(buffer, SILC_PACKET_HEADER_LEN + packet->src_id_len
- + packet->dst_id_len + packet->padlen);
- silc_server_packet_send_prepare(server, dst_sock, 0, 0, buffer->len);
- silc_buffer_put(dst_sock->outbuf, buffer->data, buffer->len);
- silc_server_packet_send_real(server, dst_sock, FALSE);
+
+ silc_idcache_list_free(list);
}
}
-/* Received private message. This resolves the destination of the message
- and sends the packet. This is used by both server and router. If the
- destination is our locally connected client this sends the packet to
- the client. This may also send the message for further routing if
- the destination is not in our server (or router). */
+/* This function is used to announce our existing clients to our router
+ when we've connected to it. If `creation_time' is non-zero then only
+ the clients that has been created after the `creation_time' will be
+ announced. */
-void silc_server_private_message(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
+void silc_server_announce_clients(SilcServer server,
+ unsigned long creation_time,
+ SilcSocketConnection remote)
{
- SilcBuffer buffer = packet->buffer;
- SilcClientID *id;
- SilcServerList *router;
- SilcSocketConnection dst_sock;
- SilcClientList *client;
+ SilcBuffer clients = NULL;
+ SilcBuffer umodes = NULL;
- SILC_LOG_DEBUG(("Start"));
+ SILC_LOG_DEBUG(("Announcing clients"));
- if (!packet->dst_id) {
- SILC_LOG_DEBUG(("Bad Client ID in private message packet"));
- goto err;
- }
+ /* Get clients in local list */
+ silc_server_announce_get_clients(server, server->local_list,
+ &clients, &umodes, creation_time);
- /* Decode destination Client ID */
- id = silc_id_str2id(packet->dst_id, SILC_ID_CLIENT);
- if (!id) {
- SILC_LOG_DEBUG(("Could not decode destination Client ID"));
- goto err;
- }
+ /* As router we announce our global list as well */
+ if (server->server_type == SILC_ROUTER)
+ silc_server_announce_get_clients(server, server->global_list,
+ &clients, &umodes, creation_time);
- /* If the destination belongs to our server we don't have to route
- the message anywhere but to send it to the local destination. */
- /* XXX: Should use local cache to search but the current idcache system
- is so sucky that it cannot be used... it MUST be rewritten! Using
- this search is probably faster than if we'd use here the current
- idcache system. */
- client = silc_idlist_find_client_by_id(server->local_list->clients, id);
- if (client) {
- /* It exists, now deliver the message to the destination */
- dst_sock = (SilcSocketConnection)client->connection;
+ if (clients) {
+ silc_buffer_push(clients, clients->data - clients->head);
+ SILC_LOG_HEXDUMP(("clients"), clients->data, clients->len);
- /* If we are router and the client has router then the client is in
- our cell but not directly connected to us. */
- if (server->server_type == SILC_ROUTER && client->router) {
- silc_server_private_message_send_internal(server, dst_sock,
- client->router, packet);
- goto out;
- }
+ /* Send the packet */
+ silc_server_packet_send(server, remote,
+ SILC_PACKET_NEW_ID, SILC_PACKET_FLAG_LIST,
+ clients->data, clients->len, TRUE);
- /* Seems that client really is directly connected to us */
- silc_server_private_message_send_local(server, dst_sock, client, packet);
- goto out;
+ silc_buffer_free(clients);
}
- /* Destination belongs to someone not in this server. If we are normal
- server our action is to send the packet to our router. */
- if (server->server_type == SILC_SERVER && !server->standalone) {
- router = server->id_entry->router;
- dst_sock = (SilcSocketConnection)router->connection;
+ if (umodes) {
+ silc_buffer_push(umodes, umodes->data - umodes->head);
+ SILC_LOG_HEXDUMP(("umodes"), umodes->data, umodes->len);
- /* Send to primary route */
- silc_server_private_message_send_internal(server, dst_sock, router,
- packet);
- goto out;
- }
+ /* Send the packet */
+ silc_server_packet_send(server, remote,
+ SILC_PACKET_NOTIFY, SILC_PACKET_FLAG_LIST,
+ umodes->data, umodes->len, TRUE);
- /* We are router and we will perform route lookup for the destination
- and send the message to the correct route. */
- if (server->server_type == SILC_ROUTER && !server->standalone) {
+ silc_buffer_free(umodes);
+ }
+}
- /* If we don't have specific route for the destination we will send
- it to our primary route (default route). */
- router = silc_server_route_check(id->ip.s_addr, server->id->port);
- if (router) {
- dst_sock = (SilcSocketConnection)router->connection;
- } else {
- router = server->id_entry->router;
- dst_sock = (SilcSocketConnection)router->connection;
- }
+/* Returns channel's topic for announcing it */
- /* Send packet */
- silc_server_private_message_send_internal(server, dst_sock,
- router, packet);
- goto out;
+void silc_server_announce_get_channel_topic(SilcServer server,
+ SilcChannelEntry channel,
+ SilcBuffer *topic)
+{
+ SilcBuffer chidp;
+
+ if (channel->topic) {
+ chidp = silc_id_payload_encode(channel->id, SILC_ID_CHANNEL);
+ *topic = silc_server_announce_encode_notify(SILC_NOTIFY_TYPE_TOPIC_SET, 2,
+ chidp->data, chidp->len,
+ channel->topic,
+ strlen(channel->topic));
+ silc_buffer_free(chidp);
}
-
- err:
- silc_server_send_error(server, sock,
- "No such nickname: Private message not sent");
- out:
- silc_buffer_free(buffer);
}
-SilcChannelList *silc_find_channel(SilcServer server, SilcChannelID *id)
+/* Returns assembled packets for channel users of the `channel'. */
+
+void silc_server_announce_get_channel_users(SilcServer server,
+ SilcChannelEntry channel,
+ SilcBuffer *channel_users,
+ SilcBuffer *channel_users_modes)
{
- int i;
- SilcIDCache *id_cache;
+ SilcChannelClientEntry chl;
+ SilcHashTableList htl;
+ SilcBuffer chidp, clidp;
+ SilcBuffer tmp;
+ int len;
+ unsigned char mode[4];
-#define LCC(x) server->local_list->channel_cache[(x)]
-#define LCCC(x) server->local_list->channel_cache_count[(x)]
+ SILC_LOG_DEBUG(("Start"));
- for (i = 0; i < 96; i++) {
- if (LCC(i) == NULL)
- continue;
- if (silc_idcache_find_by_id(LCC(i), LCCC(i), (void *)id,
- SILC_ID_CHANNEL, &id_cache))
- return (SilcChannelList *)id_cache->context;
+ /* Now find all users on the channel */
+ chidp = silc_id_payload_encode(channel->id, SILC_ID_CHANNEL);
+ silc_hash_table_list(channel->user_list, &htl);
+ while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
+ clidp = silc_id_payload_encode(chl->client->id, SILC_ID_CLIENT);
+
+ /* JOIN Notify */
+ tmp = silc_server_announce_encode_notify(SILC_NOTIFY_TYPE_JOIN, 2,
+ clidp->data, clidp->len,
+ chidp->data, chidp->len);
+ len = tmp->len;
+ *channel_users =
+ silc_buffer_realloc(*channel_users,
+ (*channel_users ?
+ (*channel_users)->truelen + len : len));
+ silc_buffer_pull_tail(*channel_users,
+ ((*channel_users)->end -
+ (*channel_users)->data));
+
+ silc_buffer_put(*channel_users, tmp->data, tmp->len);
+ silc_buffer_pull(*channel_users, len);
+ silc_buffer_free(tmp);
+
+ /* CUMODE notify for mode change on the channel */
+ SILC_PUT32_MSB(chl->mode, mode);
+ tmp = silc_server_announce_encode_notify(SILC_NOTIFY_TYPE_CUMODE_CHANGE,
+ 3, clidp->data, clidp->len,
+ mode, 4,
+ clidp->data, clidp->len);
+ len = tmp->len;
+ *channel_users_modes =
+ silc_buffer_realloc(*channel_users_modes,
+ (*channel_users_modes ?
+ (*channel_users_modes)->truelen + len : len));
+ silc_buffer_pull_tail(*channel_users_modes,
+ ((*channel_users_modes)->end -
+ (*channel_users_modes)->data));
+
+ silc_buffer_put(*channel_users_modes, tmp->data, tmp->len);
+ silc_buffer_pull(*channel_users_modes, len);
+ silc_buffer_free(tmp);
+
+ silc_buffer_free(clidp);
}
-
- return NULL;
-#undef LCC
-#undef LCCC
+ silc_hash_table_list_reset(&htl);
+ silc_buffer_free(chidp);
}
-/* Process received channel message. */
-
-void silc_server_channel_message(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
+/* Returns assembled packets for all channels and users on those channels
+ from the given ID List. The packets are in the form dictated by the
+ New Channel and New Channel User payloads. */
+
+void silc_server_announce_get_channels(SilcServer server,
+ SilcIDList id_list,
+ SilcBuffer *channels,
+ SilcBuffer *channel_users,
+ SilcBuffer **channel_users_modes,
+ uint32 *channel_users_modes_c,
+ SilcBuffer **channel_topics,
+ SilcChannelID ***channel_ids,
+ unsigned long creation_time)
{
- SilcChannelList *channel = NULL;
- SilcChannelID *id = NULL;
- SilcClientID *sender;
- SilcBuffer buffer = packet->buffer;
+ SilcIDCacheList list;
+ SilcIDCacheEntry id_cache;
+ SilcChannelEntry channel;
+ unsigned char *cid;
+ uint32 id_len;
+ uint16 name_len;
+ int len;
+ int i = *channel_users_modes_c;
+ bool announce;
- SILC_LOG_DEBUG(("Processing channel message"));
-
- /* Check MAC */
- if (!silc_server_packet_check_mac(server, sock, buffer))
- goto out;
+ SILC_LOG_DEBUG(("Start"));
- /* Sanity checks */
- if (packet->dst_id_type != SILC_ID_CHANNEL) {
- SILC_LOG_ERROR(("Received bad message for channel, dropped"));
- SILC_LOG_DEBUG(("Received bad message for channel, dropped"));
- goto out;
- }
+ /* Go through all channels in the list */
+ if (silc_idcache_get_all(id_list->channels, &list)) {
+ if (silc_idcache_list_first(list, &id_cache)) {
+ while (id_cache) {
+ channel = (SilcChannelEntry)id_cache->context;
+
+ if (creation_time && channel->created < creation_time)
+ announce = FALSE;
+ else
+ announce = TRUE;
+
+ cid = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
+ id_len = silc_id_get_len(channel->id, SILC_ID_CHANNEL);
+ name_len = strlen(channel->channel_name);
+
+ if (announce) {
+ len = 4 + name_len + id_len + 4;
+ *channels =
+ silc_buffer_realloc(*channels,
+ (*channels ? (*channels)->truelen +
+ len : len));
+ silc_buffer_pull_tail(*channels,
+ ((*channels)->end - (*channels)->data));
+ silc_buffer_format(*channels,
+ SILC_STR_UI_SHORT(name_len),
+ SILC_STR_UI_XNSTRING(channel->channel_name,
+ name_len),
+ SILC_STR_UI_SHORT(id_len),
+ SILC_STR_UI_XNSTRING(cid, id_len),
+ SILC_STR_UI_INT(channel->mode),
+ SILC_STR_END);
+ silc_buffer_pull(*channels, len);
+ }
- /* Send to local clients */
- id = silc_id_str2id(packet->dst_id, SILC_ID_CHANNEL);
- channel = silc_find_channel(server, id);
- if (!channel) {
- SILC_LOG_DEBUG(("Could not find channel"));
- goto out;
- }
+ /* Channel user modes */
+ *channel_users_modes = silc_realloc(*channel_users_modes,
+ sizeof(**channel_users_modes) *
+ (i + 1));
+ (*channel_users_modes)[i] = NULL;
+ *channel_ids = silc_realloc(*channel_ids,
+ sizeof(**channel_ids) * (i + 1));
+ (*channel_ids)[i] = NULL;
+ silc_server_announce_get_channel_users(server, channel,
+ channel_users,
+ &(*channel_users_modes)[i]);
+ (*channel_ids)[i] = channel->id;
+
+ /* Channel's topic */
+ *channel_topics = silc_realloc(*channel_topics,
+ sizeof(**channel_topics) * (i + 1));
+ (*channel_topics)[i] = NULL;
+ silc_server_announce_get_channel_topic(server, channel,
+ &(*channel_topics)[i]);
+ i++;
+
+ if (!silc_idcache_list_next(list, &id_cache))
+ break;
+ }
- /* Distribute the packet to our local clients. This will send the
- packet for further routing as well, if needed. */
- sender = silc_id_str2id(packet->src_id, packet->src_id_type);
- silc_server_packet_relay_to_channel(server, sock, channel, sender,
- packet->src_id_type,
- packet->buffer->data,
- packet->buffer->len, FALSE);
+ *channel_users_modes_c += i;
+ }
- out:
- silc_buffer_free(buffer);
+ silc_idcache_list_free(list);
+ }
}
-/* Received channel key packet. We distribute the key to all of our locally
- connected clients on the channel. Router ignores the packet. */
+/* This function is used to announce our existing channels to our router
+ when we've connected to it. This also announces the users on the
+ channels to the router. If the `creation_time' is non-zero only the
+ channels that was created after the `creation_time' are announced.
+ Note that the channel users are still announced even if the `creation_time'
+ was provided. */
-void silc_server_channel_key(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
+void silc_server_announce_channels(SilcServer server,
+ unsigned long creation_time,
+ SilcSocketConnection remote)
{
- SilcBuffer buffer = packet->buffer;
- SilcChannelKeyPayload payload = NULL;
- SilcChannelID *id = NULL;
- SilcChannelList *channel;
- SilcClientList *client;
- unsigned char *key;
- unsigned int key_len;
- char *cipher;
- int i;
-
- if (server->server_type == SILC_ROUTER)
- goto out;
+ SilcBuffer channels = NULL, channel_users = NULL;
+ SilcBuffer *channel_users_modes = NULL;
+ SilcBuffer *channel_topics = NULL;
+ uint32 channel_users_modes_c = 0;
+ SilcChannelID **channel_ids = NULL;
+
+ SILC_LOG_DEBUG(("Announcing channels and channel users"));
+
+ /* Get channels and channel users in local list */
+ silc_server_announce_get_channels(server, server->local_list,
+ &channels, &channel_users,
+ &channel_users_modes,
+ &channel_users_modes_c,
+ &channel_topics,
+ &channel_ids, creation_time);
+
+ /* Get channels and channel users in global list */
+ if (server->server_type != SILC_SERVER)
+ silc_server_announce_get_channels(server, server->global_list,
+ &channels, &channel_users,
+ &channel_users_modes,
+ &channel_users_modes_c,
+ &channel_topics,
+ &channel_ids, creation_time);
+
+ if (channels) {
+ silc_buffer_push(channels, channels->data - channels->head);
+ SILC_LOG_HEXDUMP(("channels"), channels->data, channels->len);
- if (packet->src_id_type != SILC_ID_SERVER &&
- sock->type != SILC_SOCKET_TYPE_ROUTER)
- goto out;
+ /* Send the packet */
+ silc_server_packet_send(server, remote,
+ SILC_PACKET_NEW_CHANNEL, SILC_PACKET_FLAG_LIST,
+ channels->data, channels->len,
+ FALSE);
- /* Decode channel key payload */
- payload = silc_channel_key_parse_payload(buffer);
- if (!payload) {
- SILC_LOG_ERROR(("Bad channel key payload, dropped"));
- SILC_LOG_DEBUG(("Bad channel key payload, dropped"));
+ silc_buffer_free(channels);
}
- /* Get channel ID */
- id = silc_id_str2id(silc_channel_key_get_id(payload, NULL), SILC_ID_CHANNEL);
- if (!id)
- goto out;
+ if (channel_users) {
+ silc_buffer_push(channel_users, channel_users->data - channel_users->head);
+ SILC_LOG_HEXDUMP(("channel users"), channel_users->data,
+ channel_users->len);
- /* Get the channel entry */
- channel = silc_idlist_find_channel_by_id(server->local_list->channels, id);
- if (!channel) {
- SILC_LOG_ERROR(("Received key for non-existent channel"));
- SILC_LOG_DEBUG(("Received key for non-existent channel"));
- goto out;
+ /* Send the packet */
+ silc_server_packet_send(server, remote,
+ SILC_PACKET_NOTIFY, SILC_PACKET_FLAG_LIST,
+ channel_users->data, channel_users->len,
+ FALSE);
+
+ silc_buffer_free(channel_users);
}
- /* Save the key for us as well */
- key = silc_channel_key_get_key(payload, &key_len);
- if (!key)
- goto out;
- cipher = silc_channel_key_get_cipher(payload, NULL);;
- if (!cipher)
- goto out;
- channel->key_len = key_len;
- channel->key = silc_calloc(key_len, sizeof(unsigned char));
- memcpy(channel->key, key, key_len);
- silc_cipher_alloc(cipher, &channel->channel_key);
- channel->channel_key->cipher->set_key(channel->channel_key->context,
- key, key_len);
+ if (channel_users_modes) {
+ int i;
+
+ for (i = 0; i < channel_users_modes_c; i++) {
+ if (!channel_users_modes[i])
+ continue;
+ silc_buffer_push(channel_users_modes[i],
+ channel_users_modes[i]->data -
+ channel_users_modes[i]->head);
+ SILC_LOG_HEXDUMP(("channel users modes"), channel_users_modes[i]->data,
+ channel_users_modes[i]->len);
+ silc_server_packet_send_dest(server, remote,
+ SILC_PACKET_NOTIFY, SILC_PACKET_FLAG_LIST,
+ channel_ids[i], SILC_ID_CHANNEL,
+ channel_users_modes[i]->data,
+ channel_users_modes[i]->len,
+ FALSE);
+ silc_buffer_free(channel_users_modes[i]);
+ }
+ silc_free(channel_users_modes);
+ }
+
+ if (channel_topics) {
+ int i;
- /* Distribute the key to all clients on the channel */
- for (i = 0; i < channel->user_list_count; i++) {
- client = channel->user_list[i].client;
+ for (i = 0; i < channel_users_modes_c; i++) {
+ if (!channel_topics[i])
+ continue;
- if (client)
- silc_server_packet_send_dest(server, client->connection,
- SILC_PACKET_CHANNEL_KEY, 0,
- client->id, SILC_ID_CLIENT,
- buffer->data, buffer->len, FALSE);
+ silc_buffer_push(channel_topics[i],
+ channel_topics[i]->data -
+ channel_topics[i]->head);
+ SILC_LOG_HEXDUMP(("channel topic"), channel_topics[i]->data,
+ channel_topics[i]->len);
+ silc_server_packet_send_dest(server, remote,
+ SILC_PACKET_NOTIFY, SILC_PACKET_FLAG_LIST,
+ channel_ids[i], SILC_ID_CHANNEL,
+ channel_topics[i]->data,
+ channel_topics[i]->len,
+ FALSE);
+ silc_buffer_free(channel_topics[i]);
+ }
+ silc_free(channel_topics);
}
- out:
- if (id)
- silc_free(id);
- if (payload)
- silc_channel_key_free_payload(payload);
- silc_buffer_free(buffer);
+ silc_free(channel_ids);
}
-/* Sends error message. Error messages may or may not have any
- implications. */
+/* Failure timeout callback. If this is called then we will immediately
+ process the received failure. We always process the failure with timeout
+ since we do not want to blindly trust to received failure packets.
+ This won't be called (the timeout is cancelled) if the failure was
+ bogus (it is bogus if remote does not close the connection after sending
+ the failure). */
-void silc_server_send_error(SilcServer server,
- SilcSocketConnection sock,
- const char *fmt, ...)
+SILC_TASK_CALLBACK(silc_server_failure_callback)
{
- va_list ap;
- unsigned char buf[4096];
+ SilcServerFailureContext f = (SilcServerFailureContext)context;
- memset(buf, 0, sizeof(buf));
- va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
- va_end(ap);
+ if (f->sock->protocol) {
+ f->sock->protocol->state = SILC_PROTOCOL_STATE_FAILURE;
+ silc_protocol_execute(f->sock->protocol, f->server->schedule, 0, 0);
+ }
- silc_server_packet_send(server, sock, SILC_PACKET_ERROR, 0,
- buf, strlen(buf), FALSE);
+ silc_free(f);
}
-/* Sends notify message */
+/* Assembles user list and users mode list from the `channel'. */
-void silc_server_send_notify(SilcServer server,
- SilcSocketConnection sock,
- const char *fmt, ...)
+void silc_server_get_users_on_channel(SilcServer server,
+ SilcChannelEntry channel,
+ SilcBuffer *user_list,
+ SilcBuffer *mode_list,
+ uint32 *user_count)
{
- va_list ap;
- unsigned char buf[4096];
-
- memset(buf, 0, sizeof(buf));
- va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
- va_end(ap);
-
- silc_server_packet_send(server, sock, SILC_PACKET_NOTIFY, 0,
- buf, strlen(buf), FALSE);
+ SilcChannelClientEntry chl;
+ SilcHashTableList htl;
+ SilcBuffer client_id_list;
+ SilcBuffer client_mode_list;
+ SilcBuffer idp;
+ uint32 list_count = 0, len = 0;
+
+ silc_hash_table_list(channel->user_list, &htl);
+ while (silc_hash_table_get(&htl, NULL, (void *)&chl))
+ len += (silc_id_get_len(chl->client->id, SILC_ID_CLIENT) + 4);
+ silc_hash_table_list_reset(&htl);
+
+ client_id_list = silc_buffer_alloc(len);
+ client_mode_list =
+ silc_buffer_alloc(4 * silc_hash_table_count(channel->user_list));
+ silc_buffer_pull_tail(client_id_list, SILC_BUFFER_END(client_id_list));
+ silc_buffer_pull_tail(client_mode_list, SILC_BUFFER_END(client_mode_list));
+
+ silc_hash_table_list(channel->user_list, &htl);
+ while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
+ /* Client ID */
+ idp = silc_id_payload_encode(chl->client->id, SILC_ID_CLIENT);
+ silc_buffer_put(client_id_list, idp->data, idp->len);
+ silc_buffer_pull(client_id_list, idp->len);
+ silc_buffer_free(idp);
+
+ /* Client's mode on channel */
+ SILC_PUT32_MSB(chl->mode, client_mode_list->data);
+ silc_buffer_pull(client_mode_list, 4);
+
+ list_count++;
+ }
+ silc_hash_table_list_reset(&htl);
+ silc_buffer_push(client_id_list,
+ client_id_list->data - client_id_list->head);
+ silc_buffer_push(client_mode_list,
+ client_mode_list->data - client_mode_list->head);
+
+ *user_list = client_id_list;
+ *mode_list = client_mode_list;
+ *user_count = list_count;
}
-/* Sends notify message to a channel. The notify message sent is
- distributed to all clients on the channel. */
+/* Saves users and their modes to the `channel'. */
-void silc_server_send_notify_to_channel(SilcServer server,
- SilcChannelList *channel,
- const char *fmt, ...)
+void silc_server_save_users_on_channel(SilcServer server,
+ SilcSocketConnection sock,
+ SilcChannelEntry channel,
+ SilcClientID *noadd,
+ SilcBuffer user_list,
+ SilcBuffer mode_list,
+ uint32 user_count)
{
- va_list ap;
- unsigned char buf[4096];
-
- memset(buf, 0, sizeof(buf));
- va_start(ap, fmt);
- vsprintf(buf, fmt, ap);
- va_end(ap);
-
- silc_server_packet_send_to_channel(server, channel, buf,
- strlen(buf), FALSE);
-}
+ int i;
+ uint16 idp_len;
+ uint32 mode;
+ SilcClientID *client_id;
+ SilcClientEntry client;
+ SilcIDCacheEntry cache;
+ bool global;
-/* Sends New ID Payload to remote end. The packet is used to distribute
- information about new registered clients, servers, channel etc. usually
- to routers so that they can keep these information up to date.
- If the argument `broadcast' is TRUE then the packet is sent as
- broadcast packet. */
-
-void silc_server_send_new_id(SilcServer server,
- SilcSocketConnection sock,
- int broadcast,
- void *id, SilcIdType id_type,
- unsigned int id_len)
-{
- SilcBuffer packet;
- unsigned char *id_string;
+ SILC_LOG_DEBUG(("Start"));
- id_string = silc_id_id2str(id, id_type);
- if (!id_string)
- return;
+ for (i = 0; i < user_count; i++) {
+ /* Client ID */
+ SILC_GET16_MSB(idp_len, user_list->data + 2);
+ idp_len += 4;
+ client_id = silc_id_payload_parse_id(user_list->data, idp_len);
+ silc_buffer_pull(user_list, idp_len);
+ if (!client_id)
+ continue;
- packet = silc_buffer_alloc(2 + 2 + id_len);
- silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
- silc_buffer_format(packet,
- SILC_STR_UI_SHORT(id_type),
- SILC_STR_UI_SHORT(id_len),
- SILC_STR_UI_XNSTRING(id_string, id_len),
- SILC_STR_END);
+ /* Mode */
+ SILC_GET32_MSB(mode, mode_list->data);
+ silc_buffer_pull(mode_list, 4);
- silc_server_packet_send(server, sock, SILC_PACKET_NEW_ID,
- broadcast ? SILC_PACKET_FLAG_BROADCAST : 0,
- packet->data, packet->len, FALSE);
- silc_free(id_string);
- silc_buffer_free(packet);
-}
+ if (noadd && SILC_ID_CLIENT_COMPARE(client_id, noadd)) {
+ silc_free(client_id);
+ continue;
+ }
-/* Sends Replace ID payload to remote end. This is used to replace old
- ID with new ID sent in the packet. This is called for example when
- user changes nickname and we create new ID for the user. If the
- argument `broadcast' is TRUE then the packet is sent as
- broadcast packet. */
-/* XXX It would be expected that the new id is same type as the old
- ID. :) */
-
-void silc_server_send_replace_id(SilcServer server,
- SilcSocketConnection sock,
- int broadcast,
- void *old_id, SilcIdType old_id_type,
- unsigned int old_id_len,
- void *new_id, SilcIdType new_id_type,
- unsigned int new_id_len)
-{
- SilcBuffer packet;
- unsigned char *oid;
- unsigned char *nid;
+ global = FALSE;
+
+ /* Check if we have this client cached already. */
+ client = silc_idlist_find_client_by_id(server->local_list, client_id,
+ server->server_type, &cache);
+ if (!client) {
+ client = silc_idlist_find_client_by_id(server->global_list,
+ client_id, server->server_type,
+ &cache);
+ global = TRUE;
+ }
+ if (!client) {
+ /* If router did not find such Client ID in its lists then this must
+ be bogus client or some router in the net is buggy. */
+ if (server->server_type == SILC_ROUTER) {
+ silc_free(client_id);
+ continue;
+ }
- oid = silc_id_id2str(old_id, old_id_type);
- if (!oid)
- return;
+ /* We don't have that client anywhere, add it. The client is added
+ to global list since server didn't have it in the lists so it must be
+ global. */
+ client = silc_idlist_add_client(server->global_list, NULL, NULL, NULL,
+ silc_id_dup(client_id, SILC_ID_CLIENT),
+ sock->user_data, NULL, 0);
+ if (!client) {
+ SILC_LOG_ERROR(("Could not add new client to the ID Cache"));
+ silc_free(client_id);
+ continue;
+ }
- nid = silc_id_id2str(new_id, new_id_type);
- if (!nid)
- return;
+ client->data.status |= SILC_IDLIST_STATUS_REGISTERED;
+ } else {
+ /* Found, if it is from global list we'll assure that we won't
+ expire it now that the entry is on channel. */
+ if (global)
+ cache->expire = 0;
+ }
- packet = silc_buffer_alloc(2 + 2 + 2 + 2 + old_id_len + new_id_len);
- silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
- silc_buffer_format(packet,
- SILC_STR_UI_SHORT(old_id_type),
- SILC_STR_UI_SHORT(old_id_len),
- SILC_STR_UI_XNSTRING(oid, old_id_len),
- SILC_STR_UI_SHORT(new_id_type),
- SILC_STR_UI_SHORT(new_id_len),
- SILC_STR_UI_XNSTRING(nid, new_id_len),
- SILC_STR_END);
+ silc_free(client_id);
- silc_server_packet_send(server, sock, SILC_PACKET_REPLACE_ID,
- broadcast ? SILC_PACKET_FLAG_BROADCAST : 0,
- packet->data, packet->len, FALSE);
- silc_free(oid);
- silc_free(nid);
- silc_buffer_free(packet);
+ if (!silc_server_client_on_channel(client, channel)) {
+ /* Client was not on the channel, add it. */
+ SilcChannelClientEntry chl = silc_calloc(1, sizeof(*chl));
+ chl->client = client;
+ chl->mode = mode;
+ chl->channel = channel;
+ silc_hash_table_add(channel->user_list, chl->client, chl);
+ silc_hash_table_add(client->channels, chl->channel, chl);
+ }
+ }
}
-/* Creates new channel. */
+/* Lookups route to the client indicated by the `id_data'. The connection
+ object and internal data object is returned. Returns NULL if route
+ could not be found to the client. If the `client_id' is specified then
+ it is used and the `id_data' is ignored. */
-SilcChannelList *silc_server_new_channel(SilcServer server,
- SilcServerID *router_id,
- char *cipher, char *channel_name)
+SilcSocketConnection silc_server_get_client_route(SilcServer server,
+ unsigned char *id_data,
+ uint32 id_len,
+ SilcClientID *client_id,
+ SilcIDListData *idata)
{
- int i, channel_len;
- SilcChannelID *channel_id;
- SilcChannelList *entry;
- SilcCipher key;
- unsigned char channel_key[32], *id_string;
- SilcBuffer packet;
+ SilcClientID *id;
+ SilcClientEntry client;
- SILC_LOG_DEBUG(("Creating new channel"));
+ SILC_LOG_DEBUG(("Start"));
-#define LCC(x) server->local_list->channel_cache[(x) - 32]
-#define LCCC(x) server->local_list->channel_cache_count[(x) - 32]
+ /* Decode destination Client ID */
+ if (!client_id) {
+ id = silc_id_str2id(id_data, id_len, SILC_ID_CLIENT);
+ if (!id) {
+ SILC_LOG_ERROR(("Could not decode destination Client ID, dropped"));
+ return NULL;
+ }
+ } else {
+ id = silc_id_dup(client_id, SILC_ID_CLIENT);
+ }
- /* Create channel key */
- for (i = 0; i < 32; i++)
- channel_key[i] = silc_rng_get_byte(server->rng);
+ /* If the destination belongs to our server we don't have to route
+ the packet anywhere but to send it to the local destination. */
+ client = silc_idlist_find_client_by_id(server->local_list, id, TRUE, NULL);
+ if (client) {
+ silc_free(id);
- if (!cipher)
- cipher = "twofish";
+ /* If we are router and the client has router then the client is in
+ our cell but not directly connected to us. */
+ if (server->server_type == SILC_ROUTER && client->router) {
+ /* We are of course in this case the client's router thus the route
+ to the client is the server who owns the client. So, we will send
+ the packet to that server. */
+ if (idata)
+ *idata = (SilcIDListData)client->router;
+ return client->router->connection;
+ }
- /* Allocate keys */
- silc_cipher_alloc(cipher, &key);
- key->cipher->set_key(key->context, channel_key, 16);
+ /* Seems that client really is directly connected to us */
+ if (idata)
+ *idata = (SilcIDListData)client;
+ return client->connection;
+ }
- /* Create the channel */
- silc_id_create_channel_id(router_id, server->rng, &channel_id);
- silc_idlist_add_channel(&server->local_list->channels, channel_name,
- SILC_CHANNEL_MODE_NONE, channel_id, NULL, /*XXX*/
- key, &entry);
- LCCC(channel_name[0]) = silc_idcache_add(&LCC(channel_name[0]),
- LCCC(channel_name[0]),
- channel_name, SILC_ID_CHANNEL,
- channel_id, (void *)entry);
- entry->key = silc_calloc(16, sizeof(*entry->key));
- entry->key_len = 16;
- memcpy(entry->key, channel_key, 16);
- memset(channel_key, 0, sizeof(channel_key));
+ /* Destination belongs to someone not in this server. If we are normal
+ server our action is to send the packet to our router. */
+ if (server->server_type != SILC_ROUTER && !server->standalone) {
+ silc_free(id);
+ if (idata)
+ *idata = (SilcIDListData)server->router;
+ return server->router->connection;
+ }
- /* Notify other routers about the new channel. We send the packet
- to our primary route. */
- if (server->standalone == FALSE) {
- channel_len = strlen(channel_name);
- id_string = silc_id_id2str(entry->id, SILC_ID_CHANNEL);
- packet = silc_buffer_alloc(2 + SILC_ID_CHANNEL_LEN);
-
- silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
- silc_buffer_format(packet,
- SILC_STR_UI_SHORT(channel_len),
- SILC_STR_UI_XNSTRING(channel_name, channel_len),
- SILC_STR_UI_SHORT(SILC_ID_CHANNEL_LEN),
- SILC_STR_UI_XNSTRING(id_string, SILC_ID_CHANNEL_LEN),
- SILC_STR_END);
+ /* We are router and we will perform route lookup for the destination
+ and send the packet to fastest route. */
+ if (server->server_type == SILC_ROUTER && !server->standalone) {
+ /* Check first that the ID is valid */
+ client = silc_idlist_find_client_by_id(server->global_list, id,
+ TRUE, NULL);
+ if (client) {
+ SilcSocketConnection dst_sock;
- /* Send the packet to our router. */
- silc_server_packet_send(server, (SilcSocketConnection)
- server->id_entry->router->connection,
- SILC_PACKET_NEW_CHANNEL_USER, 0,
- packet->data, packet->len, TRUE);
-
- silc_free(id_string);
- silc_buffer_free(packet);
+ dst_sock = silc_server_route_get(server, id, SILC_ID_CLIENT);
+
+ silc_free(id);
+ if (idata)
+ *idata = (SilcIDListData)dst_sock->user_data;
+ return dst_sock;
+ }
}
-#undef LCC
-#undef LCCC
- return entry;
+ silc_free(id);
+ return NULL;
}
-/* Create new client. This processes incoming NEW_CLIENT packet and creates
- Client ID for the client and adds it to lists and cache. */
+/* Encodes and returns channel list of channels the `client' has joined.
+ Secret channels are not put to the list. */
-SilcClientList *silc_server_new_client(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
+SilcBuffer silc_server_get_client_channel_list(SilcServer server,
+ SilcClientEntry client)
{
- SilcBuffer buffer = packet->buffer;
- SilcClientList *id_entry;
- char *username = NULL, *realname = NULL, *id_string;
- SilcBuffer reply;
-
- SILC_LOG_DEBUG(("Creating new client"));
-
- if (sock->type != SILC_SOCKET_TYPE_CLIENT)
- return NULL;
-
-#define LCC(x) server->local_list->client_cache[(x) - 32]
-#define LCCC(x) server->local_list->client_cache_count[(x) - 32]
+ SilcBuffer buffer = NULL;
+ SilcChannelEntry channel;
+ SilcChannelClientEntry chl;
+ SilcHashTableList htl;
+ unsigned char *cid;
+ uint32 id_len;
+ uint16 name_len;
+ int len;
+
+ silc_hash_table_list(client->channels, &htl);
+ while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
+ channel = chl->channel;
+
+ if (channel->mode & SILC_CHANNEL_MODE_SECRET ||
+ channel->mode & SILC_CHANNEL_MODE_PRIVATE)
+ continue;
- silc_buffer_unformat(buffer,
- SILC_STR_UI16_STRING_ALLOC(&username),
- SILC_STR_UI16_STRING_ALLOC(&realname),
+ cid = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
+ id_len = silc_id_get_len(channel->id, SILC_ID_CHANNEL);
+ name_len = strlen(channel->channel_name);
+
+ len = 4 + name_len + id_len + 4;
+ buffer = silc_buffer_realloc(buffer,
+ (buffer ? (buffer)->truelen + len : len));
+ silc_buffer_pull_tail(buffer, ((buffer)->end - (buffer)->data));
+ silc_buffer_format(buffer,
+ SILC_STR_UI_SHORT(name_len),
+ SILC_STR_UI_XNSTRING(channel->channel_name,
+ name_len),
+ SILC_STR_UI_SHORT(id_len),
+ SILC_STR_UI_XNSTRING(cid, id_len),
+ SILC_STR_UI_INT(chl->mode), /* Client's mode */
SILC_STR_END);
+ silc_buffer_pull(buffer, len);
+ silc_free(cid);
+ }
+ silc_hash_table_list_reset(&htl);
- /* Set the pointers to the client list and create new client ID */
- id_entry = (SilcClientList *)sock->user_data;
- id_entry->nickname = strdup(username);
- id_entry->username = username;
- id_entry->userinfo = realname;
- silc_id_create_client_id(server->id, server->rng, server->md5hash,
- username, &id_entry->id);
-
- /* Add to client cache */
- LCCC(username[0]) = silc_idcache_add(&LCC(username[0]),
- LCCC(username[0]),
- username, SILC_ID_CLIENT,
- id_entry->id, (void *)id_entry);
-
- /* Notify our router about new client on the SILC network */
- if (!server->standalone)
- silc_server_send_new_id(server, (SilcSocketConnection)
- server->id_entry->router->connection,
- server->server_type == SILC_SERVER ? TRUE : FALSE,
- id_entry->id, SILC_ID_CLIENT, SILC_ID_CLIENT_LEN);
-
- /* Send the new client ID to the client. */
- id_string = silc_id_id2str(id_entry->id, SILC_ID_CLIENT);
- reply = silc_buffer_alloc(2 + 2 + SILC_ID_CLIENT_LEN);
- silc_buffer_pull_tail(reply, SILC_BUFFER_END(reply));
- silc_buffer_format(reply,
- SILC_STR_UI_SHORT(SILC_ID_CLIENT),
- SILC_STR_UI_SHORT(SILC_ID_CLIENT_LEN),
- SILC_STR_UI_XNSTRING(id_string, SILC_ID_CLIENT_LEN),
- SILC_STR_END);
- silc_server_packet_send(server, sock, SILC_PACKET_NEW_ID, 0,
- reply->data, reply->len, FALSE);
- silc_free(id_string);
- silc_buffer_free(reply);
-
- /* Send some nice info to the client */
- silc_server_send_notify(server, sock,
- "Welcome to the SILC Network %s@%s",
- username,
- sock->hostname ? sock->hostname : sock->ip);
- silc_server_send_notify(server, sock,
- "Your host is %s, running version %s",
- server->config->server_info->server_name,
- server_version);
- silc_server_send_notify(server, sock,
- "Your connection is secured with %s cipher, "
- "key length %d bits",
- id_entry->send_key->cipher->name,
- id_entry->send_key->cipher->key_len);
- silc_server_send_notify(server, sock,
- "Your current nickname is %s",
- id_entry->nickname);
-
- /* XXX Send motd */
-
-#undef LCC
-#undef LCCC
- return id_entry;
+ if (buffer)
+ silc_buffer_push(buffer, buffer->data - buffer->head);
+
+ return buffer;
}
-/* Create new server. This processes incoming NEW_SERVER packet and
- saves the received Server ID. The server is our locally connected
- server thus we save all the information and save it to local list.
- This funtion can be used by both normal server and router server.
- If normal server uses this it means that its router has connected
- to the server. If router uses this it means that one of the cell's
- servers is connected to the router. */
+/* Finds client entry by Client ID and if it is not found then resolves
+ it using WHOIS command. */
-SilcServerList *silc_server_new_server(SilcServer server,
- SilcSocketConnection sock,
- SilcPacketContext *packet)
+SilcClientEntry silc_server_get_client_resolve(SilcServer server,
+ SilcClientID *client_id,
+ bool *resolved)
{
- SilcBuffer buffer = packet->buffer;
- SilcServerList *id_entry;
- unsigned char *server_name, *id_string;
+ SilcClientEntry client;
- SILC_LOG_DEBUG(("Creating new server"));
+ if (resolved)
+ *resolved = FALSE;
- if (sock->type != SILC_SOCKET_TYPE_SERVER &&
- sock->type != SILC_SOCKET_TYPE_ROUTER)
+ client = silc_idlist_find_client_by_id(server->local_list, client_id,
+ TRUE, NULL);
+ if (!client) {
+ client = silc_idlist_find_client_by_id(server->global_list,
+ client_id, TRUE, NULL);
+ if (!client && server->server_type == SILC_ROUTER)
+ return NULL;
+ }
+
+ if (!client && server->standalone)
return NULL;
-#define LSC(x) server->local_list->server_cache[(x) - 32]
-#define LSCC(x) server->local_list->server_cache_count[(x) - 32]
+ if (!client || !client->nickname || !client->username) {
+ SilcBuffer buffer, idp;
- silc_buffer_unformat(buffer,
- SILC_STR_UI16_STRING_ALLOC(&id_string),
- SILC_STR_UI16_STRING_ALLOC(&server_name),
- SILC_STR_END);
+ client->data.status |= SILC_IDLIST_STATUS_RESOLVING;
+ client->data.status &= ~SILC_IDLIST_STATUS_RESOLVED;
+ client->resolve_cmd_ident = ++server->cmd_ident;
- /* Save ID and name */
- id_entry = (SilcServerList *)sock->user_data;
- id_entry->id = silc_id_str2id(id_string, SILC_ID_SERVER);
- id_entry->server_name = server_name;
-
- /* Add to server cache */
- LSCC(server_name[0]) =
- silc_idcache_add(&LSC(server_name[0]),
- LSCC(server_name[0]),
- server_name, SILC_ID_SERVER,
- id_entry->id, (void *)id_entry);
-
- /* Distribute the information about new server in the SILC network
- to our router. If we are normal server we won't send anything
- since this connection must be our router connection. */
- if (server->server_type == SILC_ROUTER && !server->standalone)
- silc_server_send_new_id(server, server->id_entry->router->connection,
- TRUE, id_entry->id, SILC_ID_SERVER,
- SILC_ID_SERVER_LEN);
+ idp = silc_id_payload_encode(client_id, SILC_ID_CLIENT);
+ buffer = silc_command_payload_encode_va(SILC_COMMAND_WHOIS,
+ server->cmd_ident, 1,
+ 3, idp->data, idp->len);
+ silc_server_packet_send(server, client ? client->router->connection :
+ server->router->connection,
+ SILC_PACKET_COMMAND, 0,
+ buffer->data, buffer->len, FALSE);
+ silc_buffer_free(idp);
+ silc_buffer_free(buffer);
- silc_free(id_string);
+ if (resolved)
+ *resolved = TRUE;
+
+ return NULL;
+ }
-#undef LSC
-#undef LSCC
- return id_entry;
+ return client;
}
-/* Processes incoming New ID Payload. New ID Payload is used to distribute
- information about newly registered clients, servers and created
- channels. */
+/* A timeout callback for the re-key. We will be the initiator of the
+ re-key protocol. */
-void silc_server_new_id(SilcServer server, SilcSocketConnection sock,
- SilcPacketContext *packet)
+SILC_TASK_CALLBACK(silc_server_rekey_callback)
{
- SilcBuffer buffer = packet->buffer;
- SilcIdType id_type;
- unsigned char *id_string;
- void *id;
-
- SILC_LOG_DEBUG(("Processing new ID"));
-
- if (sock->type == SILC_SOCKET_TYPE_CLIENT ||
- server->server_type == SILC_SERVER)
- return;
-
- silc_buffer_unformat(buffer,
- SILC_STR_UI_SHORT(&id_type),
- SILC_STR_UI16_STRING_ALLOC(&id_string),
- SILC_STR_END);
+ SilcSocketConnection sock = (SilcSocketConnection)context;
+ SilcIDListData idata = (SilcIDListData)sock->user_data;
+ SilcServer server = (SilcServer)idata->rekey->context;
+ SilcProtocol protocol;
+ SilcServerRekeyInternalContext *proto_ctx;
- /* Normal server cannot have other normal server connections */
- if (id_type == SILC_ID_SERVER && sock->type == SILC_SOCKET_TYPE_SERVER)
- goto out;
+ SILC_LOG_DEBUG(("Start"));
- id = silc_id_str2id(id_string, id_type);
- if (!id)
- goto out;
+ /* Allocate internal protocol context. This is sent as context
+ to the protocol. */
+ proto_ctx = silc_calloc(1, sizeof(*proto_ctx));
+ proto_ctx->server = (void *)server;
+ proto_ctx->sock = sock;
+ proto_ctx->responder = FALSE;
+ proto_ctx->pfs = idata->rekey->pfs;
+
+ /* Perform rekey protocol. Will call the final callback after the
+ protocol is over. */
+ silc_protocol_alloc(SILC_PROTOCOL_SERVER_REKEY,
+ &protocol, proto_ctx, silc_server_rekey_final);
+ sock->protocol = protocol;
+
+ /* Run the protocol */
+ silc_protocol_execute(protocol, server->schedule, 0, 0);
- /* XXX Do check whether the packet is coming outside the cell or
- from someone inside the cell. If outside use global lists otherwise
- local lists. */
- /* XXX If using local list set the idlist->connection to the sender's
- socket connection as it is used in packet sending */
+ /* Re-register re-key timeout */
+ silc_schedule_task_add(server->schedule, sock->sock,
+ silc_server_rekey_callback,
+ context, idata->rekey->timeout, 0,
+ SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
+}
- switch(id_type) {
- case SILC_ID_CLIENT:
- {
- SilcClientList *idlist;
-
- /* Add the client to our local list. We are router and we keep
- cell specific local database of all clients in the cell. */
- silc_idlist_add_client(&server->local_list->clients, NULL, NULL, NULL,
- id, sock->user_data, NULL, NULL,
- NULL, NULL, &idlist);
- idlist->connection = sock;
- }
- break;
+/* The final callback for the REKEY protocol. This will actually take the
+ new key material into use. */
- case SILC_ID_SERVER:
- {
- SilcServerList *idlist;
-
- /* Add the server to our local list. We are router and we keep
- cell specific local database of all servers in the cell. */
- silc_idlist_add_server(&server->local_list->servers, NULL, 0,
- id, server->id_entry, NULL, NULL,
- NULL, NULL, &idlist);
- idlist->connection = sock;
- }
- break;
+SILC_TASK_CALLBACK_GLOBAL(silc_server_rekey_final)
+{
+ SilcProtocol protocol = (SilcProtocol)context;
+ SilcServerRekeyInternalContext *ctx =
+ (SilcServerRekeyInternalContext *)protocol->context;
+ SilcServer server = (SilcServer)ctx->server;
+ SilcSocketConnection sock = ctx->sock;
- case SILC_ID_CHANNEL:
- /* Add the channel to our local list. We are router and we keep
- cell specific local database of all channels in the cell. */
- silc_idlist_add_channel(&server->local_list->channels, NULL, 0,
- id, server->id_entry, NULL, NULL);
- break;
+ SILC_LOG_DEBUG(("Start"));
- default:
- goto out;
- break;
+ if (protocol->state == SILC_PROTOCOL_STATE_ERROR ||
+ protocol->state == SILC_PROTOCOL_STATE_FAILURE) {
+ /* Error occured during protocol */
+ SILC_LOG_ERROR(("Error occurred during rekey protocol"));
+ silc_protocol_cancel(protocol, server->schedule);
+ silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ if (ctx->packet)
+ silc_packet_context_free(ctx->packet);
+ if (ctx->ske)
+ silc_ske_free(ctx->ske);
+ silc_free(ctx);
+ return;
}
- out:
- silc_free(id_string);
+ /* Purge the outgoing data queue to assure that all rekey packets really
+ go to the network before we quit the protocol. */
+ silc_server_packet_queue_purge(server, sock);
+
+ /* Cleanup */
+ silc_protocol_free(protocol);
+ sock->protocol = NULL;
+ if (ctx->packet)
+ silc_packet_context_free(ctx->packet);
+ if (ctx->ske)
+ silc_ske_free(ctx->ske);
+ silc_free(ctx);
}
projects / silc.git / blobdiff