Merged silc_1_1_branch to trunk.

[silc.git] / lib / silcske / silcconnauth.c

diff --git a/lib/silcske/silcconnauth.c b/lib/silcske/silcconnauth.c
index e7b41c55e6b6b36f042db9d3b221b44ba45b8b0e..c3799a8187ead72e327813bf6c7e6b76fb8bf84b 100644 (file)
--- a/lib/silcske/silcconnauth.c
+++ b/lib/silcske/silcconnauth.c
@@ -357,7 +357,8 @@ SILC_FSM_STATE(silc_connauth_st_initiator_result)
     SILC_LOG_DEBUG(("Authentication successful"));
     connauth->success = TRUE;
   } else {
-    SILC_LOG_DEBUG(("Authentication failed"));
+    SILC_LOG_DEBUG(("Authentication failed, packet %s received",
+                   silc_get_packet_name(connauth->packet->type)));
     connauth->success = FALSE;
   }
   silc_packet_free(connauth->packet);
@@ -384,8 +385,13 @@ SILC_FSM_STATE(silc_connauth_st_initiator_failure)
     SILC_PUT32_MSB(SILC_AUTH_FAILED, error);
     silc_packet_send(connauth->ske->stream, SILC_PACKET_FAILURE, 0, error, 4);
 
+    silc_packet_stream_unlink(connauth->ske->stream,
+                             &silc_connauth_stream_cbs, connauth);
+    silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth);
+
     /* Call completion callback */
     connauth->completion(connauth, FALSE, connauth->context);
+    return SILC_FSM_FINISH;
   }
 
   silc_packet_stream_unlink(connauth->ske->stream,
@@ -481,7 +487,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
 
   if (connauth->aborted) {
     /** Aborted */
-    silc_packet_free(connauth->packet);
+    if (connauth->packet)
+      silc_packet_free(connauth->packet);
     silc_fsm_next(fsm, silc_connauth_st_responder_failure);
     return SILC_FSM_CONTINUE;
   }
@@ -560,7 +567,8 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
   /* Passphrase authentication */
   if (passphrase && passphrase_len) {
     SILC_LOG_DEBUG(("Passphrase authentication"));
-    if (!memcmp(auth_data, passphrase, passphrase_len)) {
+    if (!auth_data || payload_len != passphrase_len ||
+       memcmp(auth_data, passphrase, passphrase_len)) {
       /** Authentication failed */
       silc_fsm_next(fsm, silc_connauth_st_responder_failure);
       return SILC_FSM_CONTINUE;
@@ -571,6 +579,12 @@ SILC_FSM_STATE(silc_connauth_st_responder_authenticate)
 
     SILC_LOG_DEBUG(("Digital signature authentication"));
 
+    if (!auth_data) {
+      /** Authentication failed */
+      silc_fsm_next(fsm, silc_connauth_st_responder_failure);
+      return SILC_FSM_CONTINUE;
+    }
+
     connauth->auth_data = silc_memdup(auth_data, payload_len);
     connauth->auth_data_len = payload_len;
 
@@ -654,13 +668,13 @@ SILC_FSM_STATE(silc_connauth_st_responder_success)
   SILC_PUT32_MSB(SILC_AUTH_OK, tmp);
   silc_packet_send(connauth->ske->stream, SILC_PACKET_SUCCESS, 0, tmp, 4);
 
-  /* Call completion callback */
-  connauth->completion(connauth, TRUE, connauth->context);
-
   silc_packet_stream_unlink(connauth->ske->stream,
                            &silc_connauth_stream_cbs, connauth);
   silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth);
 
+  /* Call completion callback */
+  connauth->completion(connauth, TRUE, connauth->context);
+
   return SILC_FSM_FINISH;
 }
 
@@ -676,8 +690,14 @@ SILC_FSM_STATE(silc_connauth_st_responder_failure)
     SILC_PUT32_MSB(SILC_AUTH_FAILED, error);
     silc_packet_send(connauth->ske->stream, SILC_PACKET_FAILURE, 0, error, 4);
 
+    silc_packet_stream_unlink(connauth->ske->stream,
+                             &silc_connauth_stream_cbs, connauth);
+    silc_schedule_task_del_by_context(silc_fsm_get_schedule(fsm), connauth);
+
     /* Call completion callback */
     connauth->completion(connauth, FALSE, connauth->context);
+
+    return SILC_FSM_FINISH;
   }
 
   silc_packet_stream_unlink(connauth->ske->stream,