Merged silc_1_1_branch to trunk.

[silc.git] / lib / silcske / silcconnauth.c

diff --git a/lib/silcske/silcconnauth.c b/lib/silcske/silcconnauth.c
index dba6ace132ac46de1b641f105a3335f9345b4d18..c3799a8187ead72e327813bf6c7e6b76fb8bf84b 100644 (file)
--- a/lib/silcske/silcconnauth.c
+++ b/lib/silcske/silcconnauth.c
@@ -357,7 +357,8 @@ SILC_FSM_STATE(silc_connauth_st_initiator_result)
     SILC_LOG_DEBUG(("Authentication successful"));
     connauth->success = TRUE;
   } else {
-    SILC_LOG_DEBUG(("Authentication failed"));
+    SILC_LOG_DEBUG(("Authentication failed, packet %s received",
+                   silc_get_packet_name(connauth->packet->type)));
     connauth->success = FALSE;
   }
   silc_packet_free(connauth->packet);
@@ -486,7 +487,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
 
   if (connauth->aborted) {
     /** Aborted */
-    silc_packet_free(connauth->packet);
+    if (connauth->packet)
+      silc_packet_free(connauth->packet);
     silc_fsm_next(fsm, silc_connauth_st_responder_failure);
     return SILC_FSM_CONTINUE;
   }
@@ -565,7 +567,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
   /* Passphrase authentication */
   if (passphrase && passphrase_len) {
     SILC_LOG_DEBUG(("Passphrase authentication"));
-    if (!memcmp(auth_data, passphrase, passphrase_len)) {
+    if (!auth_data || payload_len != passphrase_len ||
+       memcmp(auth_data, passphrase, passphrase_len)) {
       /** Authentication failed */
       silc_fsm_next(fsm, silc_connauth_st_responder_failure);
       return SILC_FSM_CONTINUE;
@@ -576,6 +579,12 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
 
     SILC_LOG_DEBUG(("Digital signature authentication"));
 
+    if (!auth_data) {
+      /** Authentication failed */
+      silc_fsm_next(fsm, silc_connauth_st_responder_failure);
+      return SILC_FSM_CONTINUE;
+    }
+
     connauth->auth_data = silc_memdup(auth_data, payload_len);
     connauth->auth_data_len = payload_len;