#include "serverincludes.h"
#include "server_internal.h"
+#include <assert.h>
/************************* Types and definitions ****************************/
silc_free(server->local_list);
silc_free(server->global_list);
silc_free(server->server_name);
+ silc_free(server->id);
silc_free(server);
silc_hmac_unregister_all();
SilcNetListener listener;
SilcUInt16 *port;
char **ip;
+ char *external_ip;
SILC_LOG_DEBUG(("Initializing server"));
/* Create a Server ID for the server. */
port = silc_net_listener_get_port(listener, NULL);
ip = silc_net_listener_get_ip(listener, NULL);
- silc_id_create_server_id(server->config->server_info->primary->public_ip ?
- server->config->server_info->primary->public_ip :
+ external_ip = server->config->server_info->external_ip ?
+ server->config->server_info->external_ip :
+ server->config->server_info->primary->public_ip;
+ silc_id_create_server_id(external_ip ?
+ external_ip :
ip[0], port[0], server->rng, &id);
if (!id)
goto err;
SilcConnAuth connauth;
SilcCipher send_key, receive_key;
SilcHmac hmac_send, hmac_receive;
- SilcHash hash;
server = entry->server;
sconn = entry->data.sconn;
/* Set the keys into use. The data will be encrypted after this. */
if (!silc_ske_set_keys(ske, keymat, prop, &send_key, &receive_key,
- &hmac_send, &hmac_receive, &hash)) {
+ &hmac_send, &hmac_receive, NULL)) {
silc_ske_free(ske);
/* Try reconnecting if configuration wants it */
idata->rekey = rekey;
idata->public_key = silc_pkcs_public_key_copy(prop->public_key);
pk = silc_pkcs_public_key_encode(idata->public_key, &pk_len);
- silc_hash_make(server->sha1hash, pk, pk_len, idata->fingerprint);
-
- silc_hash_alloc(silc_hash_get_name(prop->hash), &idata->hash);
+ if (pk) {
+ silc_hash_make(server->sha1hash, pk, pk_len, idata->fingerprint);
+ silc_free(pk);
+ }
+ idata->hash = hash;
SILC_LOG_DEBUG(("Starting connection authentication"));
server->stat.auth_attempts++;
SILC_LOG_DEBUG(("Perform rekey, sock %p", sock));
/* Do not execute rekey with disabled connections */
- if (idata->status & SILC_IDLIST_STATUS_DISABLED)
+ if (idata->status & SILC_IDLIST_STATUS_DISABLED || !idata->rekey)
return;
/* If another protocol is active do not start rekey */
SilcIDListData idata = silc_packet_get_context(sock);
SilcSKE ske;
+ if (!idata->rekey) {
+ silc_packet_free(packet);
+ return;
+ }
+
SILC_LOG_DEBUG(("Executing rekey protocol with %s:%d [%s], sock %p",
idata->sconn->remote_host, idata->sconn->remote_port,
SILC_CONNTYPE_STRING(idata->conn_type), sock));
/* Update statistics */
server->stat.my_clients--;
+ assert(server->stat.clients > 0);
server->stat.clients--;
if (server->stat.cell_clients)
server->stat.cell_clients--;