X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=apps%2Fsilcd%2Fserverconfig.c;h=30d76af3516cae4c81cbb60a718e938cc66fadf3;hp=7d00e4de4667a8f195d498715e83d8d650752586;hb=9b290d7cd0ad262dfc23ef2e5673a2e088d1619e;hpb=1d2558fef038d7c846c477ab7f63985eab4790b7 diff --git a/apps/silcd/serverconfig.c b/apps/silcd/serverconfig.c index 7d00e4de..30d76af3 100644 --- a/apps/silcd/serverconfig.c +++ b/apps/silcd/serverconfig.c @@ -150,7 +150,7 @@ static SilcBool my_parse_authdata(SilcAuthMethod auth_meth, const char *p, SilcPublicKey public_key; SilcSKR skr = *auth_data; SilcSKRFind find; - SilcSKRStatus status; + SilcSKRStatus status = SILC_SKR_NOT_FOUND; if (!silc_pkcs_load_public_key(p, &public_key)) { SILC_SERVER_LOG_ERROR(("Error while parsing config file: " @@ -161,19 +161,20 @@ static SilcBool my_parse_authdata(SilcAuthMethod auth_meth, const char *p, find = silc_skr_find_alloc(); silc_skr_find_set_public_key(find, public_key); silc_skr_find_set_usage(find, usage); - silc_skr_find_set_context(find, key_context ? key_context : (void *)usage); + if (!key_context) + silc_skr_find_set_context(find, SILC_32_TO_PTR(usage)); silc_skr_find(skr, NULL, find, my_find_callback, &status); - if (status == SILC_SKR_ALREADY_EXIST) { + if (status == SILC_SKR_OK) { + /* Already added, ignore error */ silc_pkcs_public_key_free(public_key); - SILC_SERVER_LOG_WARNING(("Warning: public key file \"%s\" already " - "configured, ignoring this key", p)); - return TRUE; /* non fatal error */ + return TRUE; } /* Add the public key to repository */ - if (silc_skr_add_public_key(skr, public_key, usage, - key_context ? key_context : (void *)usage, - NULL) != SILC_SKR_OK) { + status = silc_skr_add_public_key(skr, public_key, usage, + key_context ? key_context : + (void *)usage, NULL); + if (status != SILC_SKR_OK) { SILC_SERVER_LOG_ERROR(("Error while adding public key \"%s\"", p)); return FALSE; } @@ -182,8 +183,8 @@ static SilcBool my_parse_authdata(SilcAuthMethod auth_meth, const char *p, return TRUE; } -static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, - SilcSKRKeyUsage usage) +static int my_parse_publickeydir(const char *dirname, void **auth_data, + SilcSKRKeyUsage usage) { int total = 0; struct dirent *get_file; @@ -192,7 +193,7 @@ static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, if (!(dp = opendir(dirname))) { SILC_SERVER_LOG_ERROR(("Error while parsing config file: " "Could not open directory \"%s\"", dirname)); - return FALSE; + return -1; } /* errors are not considered fatal */ @@ -215,14 +216,14 @@ static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, SILC_SERVER_LOG_ERROR(("Error stating file %s: %s", buf, strerror(errno))); } else if (S_ISREG(check_file.st_mode)) { - my_parse_authdata(SILC_AUTH_PUBLIC_KEY, buf, auth_data, NULL, - usage, NULL); - total++; + if (my_parse_authdata(SILC_AUTH_PUBLIC_KEY, buf, auth_data, NULL, + usage, NULL)) + total++; } } SILC_LOG_DEBUG(("Tried to load %d public keys in \"%s\"", total, dirname)); - return TRUE; + return total; } /* Callbacks */ @@ -232,11 +233,7 @@ SILC_CONFIG_CALLBACK(fetch_generic) SilcServerConfig config = (SilcServerConfig) context; int got_errno = 0; - if (!strcmp(name, "module_path")) { - CONFIG_IS_DOUBLE(config->module_path); - config->module_path = (*(char *)val ? strdup((char *) val) : NULL); - } - else if (!strcmp(name, "prefer_passphrase_auth")) { + if (!strcmp(name, "prefer_passphrase_auth")) { config->prefer_passphrase_auth = *(SilcBool *)val; } else if (!strcmp(name, "require_reverse_lookup")) { @@ -338,6 +335,12 @@ SILC_CONFIG_CALLBACK(fetch_generic) } config->httpd_port = (SilcUInt16)port; } + else if (!strcmp(name, "dynamic_server")) { + config->dynamic_server = *(SilcBool *)val; + } + else if (!strcmp(name, "local_channels")) { + config->local_channels = *(SilcBool *)val; + } else return SILC_CONFIG_EINTERNAL; @@ -373,10 +376,6 @@ SILC_CONFIG_CALLBACK(fetch_cipher) CONFIG_IS_DOUBLE(tmp->name); tmp->name = strdup((char *) val); } - else if (!strcmp(name, "module")) { - CONFIG_IS_DOUBLE(tmp->module); - tmp->module = (*(char *)val ? strdup((char *) val) : NULL); - } else if (!strcmp(name, "keylength")) { tmp->key_length = *(SilcUInt32 *)val; } @@ -389,7 +388,6 @@ SILC_CONFIG_CALLBACK(fetch_cipher) got_err: silc_free(tmp->name); - silc_free(tmp->module); silc_free(tmp); config->tmp = NULL; return got_errno; @@ -421,10 +419,6 @@ SILC_CONFIG_CALLBACK(fetch_hash) CONFIG_IS_DOUBLE(tmp->name); tmp->name = strdup((char *) val); } - else if (!strcmp(name, "module")) { - CONFIG_IS_DOUBLE(tmp->module); - tmp->module = (*(char *)val ? strdup((char *) val) : NULL); - } else if (!strcmp(name, "blocklength")) { tmp->block_length = *(int *)val; } @@ -437,7 +431,6 @@ SILC_CONFIG_CALLBACK(fetch_hash) got_err: silc_free(tmp->name); - silc_free(tmp->module); silc_free(tmp); config->tmp = NULL; return got_errno; @@ -582,6 +575,11 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo) CONFIG_IS_DOUBLE(tmp->server_ip); tmp->server_ip = strdup((char *) val); } + else if (!strcmp(name, "public_ip")) { + SILC_SERVER_CONFIG_ALLOCTMP(SilcServerConfigServerInfoInterface); + CONFIG_IS_DOUBLE(tmp->public_ip); + tmp->public_ip = strdup((char *) val); + } else if (!strcmp(name, "port")) { int port = *(int *)val; SILC_SERVER_CONFIG_ALLOCTMP(SilcServerConfigServerInfoInterface); @@ -642,10 +640,11 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo) /* Check the private key file permissions. */ if ((stat(file_tmp, &st)) != -1) { - if ((st.st_mode & 0777) != 0600) { + if (((st.st_mode & 0777) != 0600) && + ((st.st_mode & 0777) != 0640)) { SILC_SERVER_LOG_ERROR(("Wrong permissions in private key " "file \"%s\". The permissions must be " - "0600.", file_tmp)); + "0600 or 0640.", file_tmp)); return SILC_CONFIG_ESILENT; } } @@ -869,18 +868,22 @@ SILC_CONFIG_CALLBACK(fetch_client) else if (!strcmp(name, "publickey")) { if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "publickeydir")) { - if (!my_parse_publickeydir((char *) val, - (void *)&config->server->repository, - SILC_SKR_USAGE_KEY_AGREEMENT)) { + if (my_parse_publickeydir((char *) val, + (void *)&config->server->repository, + SILC_SKR_USAGE_AUTH | + SILC_SKR_USAGE_KEY_AGREEMENT) < 0) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param); @@ -948,6 +951,7 @@ SILC_CONFIG_CALLBACK(fetch_admin) got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else return SILC_CONFIG_EINTERNAL; @@ -1045,10 +1049,12 @@ SILC_CONFIG_CALLBACK(fetch_server) CONFIG_IS_DOUBLE(tmp->publickeys); if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param); @@ -1122,10 +1128,12 @@ SILC_CONFIG_CALLBACK(fetch_router) CONFIG_IS_DOUBLE(tmp->publickeys); if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param); @@ -1157,6 +1165,9 @@ SILC_CONFIG_CALLBACK(fetch_router) else if (!strcmp(name, "backuplocal")) { tmp->backup_local = *(SilcBool *)val; } + else if (!strcmp(name, "dynamic_connection")) { + tmp->dynamic_connection = *(SilcBool *)val; + } else return SILC_CONFIG_EINTERNAL; @@ -1173,7 +1184,6 @@ SILC_CONFIG_CALLBACK(fetch_router) /* known config options tables */ static const SilcConfigTable table_general[] = { - { "module_path", SILC_CONFIG_ARG_STRE, fetch_generic, NULL }, { "prefer_passphrase_auth", SILC_CONFIG_ARG_TOGGLE, fetch_generic, NULL }, { "require_reverse_lookup", SILC_CONFIG_ARG_TOGGLE, fetch_generic, NULL }, { "connections_max", SILC_CONFIG_ARG_INT, fetch_generic, NULL }, @@ -1203,12 +1213,13 @@ static const SilcConfigTable table_general[] = { { "http_server", SILC_CONFIG_ARG_TOGGLE, fetch_generic, NULL }, { "http_server_ip", SILC_CONFIG_ARG_STRE, fetch_generic, NULL }, { "http_server_port", SILC_CONFIG_ARG_INT, fetch_generic, NULL }, + { "dynamic_server", SILC_CONFIG_ARG_TOGGLE, fetch_generic, NULL }, + { "local_channels", SILC_CONFIG_ARG_TOGGLE, fetch_generic, NULL }, { 0, 0, 0, 0 } }; static const SilcConfigTable table_cipher[] = { { "name", SILC_CONFIG_ARG_STR, fetch_cipher, NULL }, - { "module", SILC_CONFIG_ARG_STRE, fetch_cipher, NULL }, { "keylength", SILC_CONFIG_ARG_INT, fetch_cipher, NULL }, { "blocklength", SILC_CONFIG_ARG_INT, fetch_cipher, NULL }, { 0, 0, 0, 0 } @@ -1216,7 +1227,6 @@ static const SilcConfigTable table_cipher[] = { static const SilcConfigTable table_hash[] = { { "name", SILC_CONFIG_ARG_STR, fetch_hash, NULL }, - { "module", SILC_CONFIG_ARG_STRE, fetch_hash, NULL }, { "blocklength", SILC_CONFIG_ARG_INT, fetch_hash, NULL }, { "digestlength", SILC_CONFIG_ARG_INT, fetch_hash, NULL }, { 0, 0, 0, 0 } @@ -1236,6 +1246,7 @@ static const SilcConfigTable table_pkcs[] = { static const SilcConfigTable table_serverinfo_c[] = { { "ip", SILC_CONFIG_ARG_STR, fetch_serverinfo, NULL}, + { "public_ip", SILC_CONFIG_ARG_STR, fetch_serverinfo, NULL}, { "port", SILC_CONFIG_ARG_INT, fetch_serverinfo, NULL}, { 0, 0, 0, 0 } }; @@ -1344,6 +1355,7 @@ static const SilcConfigTable table_routerconn[] = { { "backuphost", SILC_CONFIG_ARG_STRE, fetch_router, NULL }, { "backupport", SILC_CONFIG_ARG_INT, fetch_router, NULL }, { "backuplocal", SILC_CONFIG_ARG_TOGGLE, fetch_router, NULL }, + { "dynamic_connection", SILC_CONFIG_ARG_TOGGLE, fetch_router, NULL }, { 0, 0, 0, 0 } }; @@ -1396,6 +1408,24 @@ static SilcBool silc_server_config_check(SilcServerConfig config) ret = FALSE; } + if (!config->server_info->public_key || + !config->server_info->private_key) { + SILC_SERVER_LOG_ERROR(("\nError: Server keypair is missing")); + ret = FALSE; + } + + if (!config->server_info->primary) { + SILC_SERVER_LOG_ERROR(("\nError: Missing mandatory block `Primary' " + "in `ServerInfo'")); + ret = FALSE; + } + + if (!config->server_info->primary->server_ip) { + SILC_SERVER_LOG_ERROR(("\nError: Missing mandatory field `Ip' " + "in `Primary' in `ServerInfo'")); + ret = FALSE; + } + /* RouterConnection sanity checks */ if (config->routers && config->routers->backup_router == TRUE && @@ -1405,15 +1435,6 @@ static SilcBool silc_server_config_check(SilcServerConfig config) "connection. You have marked it incorrectly as backup router.")); ret = FALSE; } -#if 0 - if (config->routers && config->routers->initiator == FALSE && - config->routers->backup_router == FALSE) { - SILC_SERVER_LOG_ERROR(( - "\nError: First RouterConnection block must be primary router " - "connection and it must be marked as Initiator.")); - ret = FALSE; - } -#endif if (config->routers && config->routers->backup_router == TRUE && !config->servers && !config->routers->next) { SILC_SERVER_LOG_ERROR(( @@ -1584,7 +1605,6 @@ void silc_server_config_destroy(SilcServerConfig config) SILC_LOG_DEBUG(("Freeing config context")); /* Destroy general config stuff */ - silc_free(config->module_path); silc_free(config->debug_string); silc_free(config->param.version_protocol); silc_free(config->param.version_software); @@ -1638,12 +1658,10 @@ void silc_server_config_destroy(SilcServerConfig config) SILC_SERVER_CONFIG_LIST_DESTROY(SilcServerConfigCipher, config->cipher) silc_free(di->name); - silc_free(di->module); silc_free(di); } SILC_SERVER_CONFIG_LIST_DESTROY(SilcServerConfigHash, config->hash) silc_free(di->name); - silc_free(di->module); silc_free(di); } SILC_SERVER_CONFIG_LIST_DESTROY(SilcServerConfigHmac, config->hmac)