{ "[Cipher]",
SILC_CONFIG_SERVER_SECTION_TYPE_CIPHER, 4 },
{ "[PKCS]",
- SILC_CONFIG_SERVER_SECTION_TYPE_PKCS, 2 },
+ SILC_CONFIG_SERVER_SECTION_TYPE_PKCS, 1 },
{ "[Hash]",
SILC_CONFIG_SERVER_SECTION_TYPE_HASH_FUNCTION, 4 },
{ "[hmac]",
{ "[AdminConnection]",
SILC_CONFIG_SERVER_SECTION_TYPE_ADMIN_CONNECTION, 5 },
{ "[DenyConnection]",
- SILC_CONFIG_SERVER_SECTION_TYPE_DENY_CONNECTION, 4 },
+ SILC_CONFIG_SERVER_SECTION_TYPE_DENY_CONNECTION, 3 },
{ "[motd]",
SILC_CONFIG_SERVER_SECTION_TYPE_MOTD, 1 },
break;
}
- /* Get key length */
- ret = silc_config_get_token(line, &tmp);
- if (ret < 0)
- break;
- if (ret == 0) {
- fprintf(stderr, "%s:%d: PKCS key length not defined\n",
- config->filename, pc->linenum);
- break;
- }
- config->pkcs->key_len = atoi(tmp);
- silc_free(tmp);
-
check = TRUE;
checkmask |= (1L << pc->section->type);
break;
ret = silc_config_get_token(line, &tmp);
if (ret < 0)
break;
- if (ret == 0) {
+ if (ret) {
config->clients->port = atoi(tmp);
silc_free(tmp);
}
break;
case SILC_CONFIG_SERVER_SECTION_TYPE_DENY_CONNECTION:
- /* Not implemented yet */
+
+ SILC_SERVER_CONFIG_LIST_ALLOC(config->denied);
+
+ /* Get host */
+ ret = silc_config_get_token(line, &config->denied->host);
+ if (ret < 0)
+ break;
+ if (ret == 0) {
+ /* Any host */
+ config->denied->host = strdup("*");
+ fprintf(stderr, "warning: %s:%d: Denying all connections",
+ config->filename, pc->linenum);
+ }
+
+ /* Get port */
+ ret = silc_config_get_token(line, &tmp);
+ if (ret < 0)
+ break;
+ if (ret == 0) {
+ /* Any port */
+ config->denied->port = 0;
+ } else {
+ config->denied->port = atoi(tmp);
+ silc_free(tmp);
+ }
+
+ /* Get comment */
+ ret = silc_config_get_token(line, &config->denied->comment);
+ if (ret < 0)
+ break;
+
check = TRUE;
+ checkmask |= (1L << pc->section->type);
break;
case SILC_CONFIG_SERVER_SECTION_TYPE_MOTD:
config->clients = config->clients->prev;
while (config->servers && config->servers->prev)
config->servers = config->servers->prev;
+ while (config->admins && config->admins->prev)
+ config->admins = config->admins->prev;
while (config->routers && config->routers->prev)
config->routers = config->routers->prev;
while(alg) {
if (!alg->sim_name) {
- /* Crypto module is supposed to be built in. Nothing to be done
- here except to test that the cipher really is built in. */
- SilcCipher tmp = NULL;
-
- if (silc_cipher_alloc(alg->alg_name, &tmp) == FALSE) {
- SILC_LOG_ERROR(("Unsupported cipher `%s'", alg->alg_name));
+ int i;
+
+ for (i = 0; silc_default_ciphers[i].name; i++)
+ if (!strcmp(silc_default_ciphers[i].name, alg->alg_name)) {
+ silc_cipher_register(&silc_default_ciphers[i]);
+ break;
+ }
+
+ if (!silc_cipher_is_supported(alg->alg_name)) {
+ SILC_LOG_ERROR(("Unknown cipher `%s'", alg->alg_name));
silc_server_stop(server);
exit(1);
}
- silc_cipher_free(tmp);
-
#ifdef SILC_SIM
} else {
/* Load (try at least) the crypto SIM module */
}
/* Registers configured PKCS's. */
-/* XXX: This really doesn't do anything now since we have statically
- registered our PKCS's. This should be implemented when PKCS works
- as SIM's. This checks now only that the PKCS user requested is
- really out there. */
void silc_server_config_register_pkcs(SilcServerConfig config)
{
SilcServerConfigSectionAlg *alg = config->pkcs;
SilcServer server = (SilcServer)config->server;
- SilcPKCS tmp = NULL;
SILC_LOG_DEBUG(("Registering configured PKCS"));
while(alg) {
-
- if (silc_pkcs_alloc(alg->alg_name, &tmp) == FALSE) {
- SILC_LOG_ERROR(("Unsupported PKCS `%s'", alg->alg_name));
+ int i;
+
+ for (i = 0; silc_default_pkcs[i].name; i++)
+ if (!strcmp(silc_default_pkcs[i].name, alg->alg_name)) {
+ silc_pkcs_register(&silc_default_pkcs[i]);
+ break;
+ }
+
+ if (!silc_pkcs_is_supported(alg->alg_name)) {
+ SILC_LOG_ERROR(("Unknown PKCS `%s'", alg->alg_name));
silc_server_stop(server);
exit(1);
}
- silc_free(tmp);
alg = alg->next;
}
while(alg) {
if (!alg->sim_name) {
- /* Hash module is supposed to be built in. Nothing to be done
- here except to test that the hash function really is built in. */
- SilcHash tmp = NULL;
-
- if (silc_hash_alloc(alg->alg_name, &tmp) == FALSE) {
- SILC_LOG_ERROR(("Unsupported hash function `%s'", alg->alg_name));
+ int i;
+
+ for (i = 0; silc_default_hash[i].name; i++)
+ if (!strcmp(silc_default_hash[i].name, alg->alg_name)) {
+ silc_hash_register(&silc_default_hash[i]);
+ break;
+ }
+
+ if (!silc_hash_is_supported(alg->alg_name)) {
+ SILC_LOG_ERROR(("Unknown hash funtion `%s'", alg->alg_name));
silc_server_stop(server);
exit(1);
}
- silc_hash_free(tmp);
#ifdef SILC_SIM
} else {
SilcHmacObject hmac;
if (!silc_hash_is_supported(alg->sim_name)) {
- SILC_LOG_ERROR(("Unsupported hash function `%s'", alg->sim_name));
+ SILC_LOG_ERROR(("Unknown hash function `%s'", alg->sim_name));
silc_server_stop(server);
exit(1);
}
}
/* Returns client authentication information from server configuration
- by host (name or ip). */
+ by host (name or ip). If `port' is non-null then both name or IP and
+ the port must match. */
SilcServerConfigSectionClientConnection *
silc_server_config_find_client_conn(SilcServerConfig config,
{
int i;
SilcServerConfigSectionClientConnection *client = NULL;
+ bool match = FALSE;
if (!host)
return NULL;
for (i = 0; client; i++) {
if (silc_string_compare(client->host, host))
+ match = TRUE;
+
+ if (port && client->port && client->port != port)
+ match = FALSE;
+
+ if (match)
break;
+
client = client->next;
}
}
/* Returns server connection info from server configuartion by host
- (name or ip). */
+ (name or ip). If `port' is non-null then both name or IP and the port
+ must match. */
SilcServerConfigSectionServerConnection *
silc_server_config_find_server_conn(SilcServerConfig config,
{
int i;
SilcServerConfigSectionServerConnection *serv = NULL;
+ bool match = FALSE;
if (!host)
return NULL;
serv = config->servers;
for (i = 0; serv; i++) {
if (silc_string_compare(serv->host, host))
+ match = TRUE;
+
+ if (port && serv->port && serv->port != port)
+ match = FALSE;
+
+ if (match)
break;
+
serv = serv->next;
}
{
int i;
SilcServerConfigSectionServerConnection *serv = NULL;
+ bool match = FALSE;
if (!host)
return NULL;
serv = config->routers;
for (i = 0; serv; i++) {
if (silc_string_compare(serv->host, host))
+ match = TRUE;
+
+ if (port && serv->port && serv->port != port)
+ match = FALSE;
+
+ if (match)
break;
+
serv = serv->next;
}
return serv;
}
+/* Returns TRUE if configuartion for a router connection that we are
+ initiating exists. */
+
+bool silc_server_config_is_primary_route(SilcServerConfig config)
+{
+ int i;
+ SilcServerConfigSectionServerConnection *serv = NULL;
+ bool found = FALSE;
+
+ serv = config->routers;
+ for (i = 0; serv; i++) {
+ if (serv->initiator == TRUE) {
+ found = TRUE;
+ break;
+ }
+
+ serv = serv->next;
+ }
+
+ return found;
+}
+
/* Returns Admin connection configuration by host, username and/or
nickname. */
return admin;
}
+
+/* Returns the Denied connection configuration by host and port. */
+
+SilcServerConfigSectionDenyConnection *
+silc_server_config_denied_conn(SilcServerConfig config, char *host,
+ int port)
+{
+ int i;
+ SilcServerConfigSectionDenyConnection *deny = NULL;
+ bool match = FALSE;
+
+ if (!host)
+ return NULL;
+
+ if (!config->denied)
+ return NULL;
+
+ deny = config->denied;
+ for (i = 0; deny; i++) {
+ if (silc_string_compare(deny->host, host))
+ match = TRUE;
+
+ if (port && deny->port && deny->port != port)
+ match = FALSE;
+
+ if (match)
+ break;
+
+ deny = deny->next;
+ }
+
+ if (!deny)
+ return NULL;
+
+ return deny;
+}