+Fri Apr 13 17:12:46 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added printing of error messages during SKE protocol from the
+ failure packet sent by server during SKE. Affected file
+ silc/client_ops.c.
+
+ * Removed the client's failure_callback handling with timeout
+ and handle it immediately when received.
+
+ * The SKE library returned wrong type in SUCCESS and FAILURE
+ packets. They must be 32 bit MSB not 16 bit MSB.
+
Fri Apr 13 00:09:08 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Ok, rewrote the logic of the re-key and now it seems to work.
void silc_failure(SilcClient client, SilcClientConnection conn,
SilcProtocol protocol, void *failure)
{
+ if (protocol->protocol->type == SILC_PROTOCOL_CLIENT_KEY_EXCHANGE) {
+ SilcSKEStatus status = (SilcSKEStatus)failure;
+
+ if (status == SILC_SKE_STATUS_BAD_VERSION)
+ silc_say(client, conn,
+ "You are running incompatible client version (it may be "
+ "too old or too new)");
+ if (status == SILC_SKE_STATUS_UNSUPPORTED_PUBLIC_KEY)
+ silc_say(client, conn, "Server does not support your public key type");
+ if (status == SILC_SKE_STATUS_UNKNOWN_GROUP)
+ silc_say(client, conn,
+ "Server does not support one of your proposed KE group");
+ if (status == SILC_SKE_STATUS_UNKNOWN_CIPHER)
+ silc_say(client, conn,
+ "Server does not support one of your proposed cipher");
+ if (status == SILC_SKE_STATUS_UNKNOWN_PKCS)
+ silc_say(client, conn,
+ "Server does not support one of your proposed PKCS");
+ if (status == SILC_SKE_STATUS_UNKNOWN_HASH_FUNCTION)
+ silc_say(client, conn,
+ "Server does not support one of your proposed hash function");
+ if (status == SILC_SKE_STATUS_UNKNOWN_HMAC)
+ silc_say(client, conn,
+ "Server does not support one of your proposed HMAC");
+ if (status == SILC_SKE_STATUS_INCORRECT_SIGNATURE)
+ silc_say(client, conn, "Incorrect signature");
+ }
+ if (protocol->protocol->type == SILC_PROTOCOL_CLIENT_CONNECTION_AUTH) {
+ uint32 err = (uint32)failure;
+
+ if (err == SILC_AUTH_FAILED)
+ silc_say(client, conn, "Authentication failed");
+ }
}
/* Asks whether the user would like to perform the key agreement protocol.
if (ctx->dest_id)
silc_free(ctx->dest_id);
ctx->sock->protocol = NULL;
- silc_task_unregister_by_callback(client->timeout_queue,
- silc_client_failure_callback);
/* Notify application of failure */
client->ops->connect(client, ctx->sock->user_data, FALSE);
if (ctx->dest_id)
silc_free(ctx->dest_id);
conn->sock->protocol = NULL;
- silc_task_unregister_by_callback(client->timeout_queue,
- silc_client_failure_callback);
/* Notify application of failure */
client->ops->connect(client, ctx->sock->user_data, FALSE);
(void *)conn->sock, conn->rekey->timeout, 0,
SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
- silc_task_unregister_by_callback(client->timeout_queue,
- silc_client_failure_callback);
silc_protocol_free(protocol);
if (ctx->auth_data)
silc_free(ctx->auth_data);
return strdup(string);
}
-/* Failure timeout callback. If this is called then we will immediately
- process the received failure. We always process the failure with timeout
- since we do not want to blindly trust to received failure packets.
- This won't be called (the timeout is cancelled) if the failure was
- bogus (it is bogus if remote does not close the connection after sending
- the failure). */
-
-SILC_TASK_CALLBACK_GLOBAL(silc_client_failure_callback)
-{
- SilcClientFailureContext *f = (SilcClientFailureContext *)context;
-
- if (f->sock->protocol) {
- f->sock->protocol->state = SILC_PROTOCOL_STATE_FAILURE;
- f->sock->protocol->execute(f->client->timeout_queue, 0,
- f->sock->protocol, f->sock->sock, 0, 0);
-
- /* Notify application */
- f->client->ops->failure(f->client, f->sock->user_data, f->sock->protocol,
- (void *)f->failure);
- }
-
- silc_free(f);
-}
-
/* Registers failure timeout to process the received failure packet
with timeout. */
SilcSocketConnection sock,
SilcPacketContext *packet)
{
- SilcClientFailureContext *f;
uint32 failure = 0;
if (sock->protocol) {
if (packet->buffer->len >= 4)
SILC_GET32_MSB(failure, packet->buffer->data);
- f = silc_calloc(1, sizeof(*f));
- f->client = client;
- f->sock = sock;
- f->failure = failure;
-
- /* We will wait 5 seconds to process this failure packet */
- silc_task_register(client->timeout_queue, sock->sock,
- silc_client_failure_callback, (void *)f, 5, 0,
- SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
+ /* Notify application */
+ client->ops->failure(client, sock->user_data, sock->protocol,
+ (void *)failure);
}
}
struct SilcClientAwayStruct *next;
};
-/* Failure context. This is allocated when failure packet is received.
- Failure packets are processed with timeout and data is saved in this
- structure. */
-typedef struct {
- SilcClient client;
- SilcSocketConnection sock;
- uint32 failure;
-} SilcClientFailureContext;
-
/* Protypes */
SILC_TASK_CALLBACK_GLOBAL(silc_client_packet_process);
-SILC_TASK_CALLBACK_GLOBAL(silc_client_failure_callback);
int silc_client_packet_send_real(SilcClient client,
SilcSocketConnection sock,
bool force_send,
silc_ske_free(ctx->ske);
if (ctx->dest_id)
silc_free(ctx->dest_id);
- silc_task_unregister_by_callback(client->timeout_queue,
- silc_client_failure_callback);
silc_task_unregister_by_fd(client->io_queue, ke->fd);
silc_schedule_unset_listen_fd(ke->fd);
silc_net_close_connection(ke->fd);
silc_socket_free(ke->sock);
}
ke->client_entry->ke = NULL;
- silc_task_unregister_by_callback(ke->client->timeout_queue,
- silc_client_failure_callback);
if (ke->fd)
silc_task_unregister_by_fd(ke->client->io_queue, ke->fd);
silc_schedule_unset_listen_fd(ke->fd);
packet = silc_buffer_alloc(4);
silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
silc_buffer_format(packet,
- SILC_STR_UI_SHORT(SILC_SKE_STATUS_OK),
+ SILC_STR_UI_INT((uint32)SILC_SKE_STATUS_OK),
SILC_STR_END);
if (send_packet)
packet = silc_buffer_alloc(4);
silc_buffer_pull_tail(packet, SILC_BUFFER_END(packet));
silc_buffer_format(packet,
- SILC_STR_UI_SHORT(status),
+ SILC_STR_UI_INT((uint32)status),
SILC_STR_END);
if (send_packet)
projects / silc.git / commitdiff