TRUE : FALSE, cipher, hmac, sequence,
silc_server_packet_parse, server);
- /* If this socket connection is not authenticated yet and the packet
- processing failed we will drop the connection since it can be
- a malicious flooder. */
- if (sock->type == SILC_SOCKET_TYPE_UNKNOWN && ret == FALSE &&
- (!sock->protocol || sock->protocol->protocol->type ==
- SILC_PROTOCOL_SERVER_KEY_EXCHANGE)) {
- SILC_LOG_DEBUG(("Bad data sent from unknown connection %d", sock->sock));
- SILC_SET_DISCONNECTING(sock);
-
+ /* If processing failed the connection is closed. */
+ if (!ret) {
if (sock->user_data)
silc_server_free_sock_user_data(server, sock, NULL);
silc_server_close_connection(server, sock);
/* Sanity checks */
if (packetlen < SILC_PACKET_MIN_LEN) {
- SILC_LOG_DEBUG(("Received invalid packet, dropped"));
+ SILC_LOG_ERROR(("Received invalid packet, dropped"));
silc_buffer_clear(sock->inbuf);
return FALSE;
}
sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
"Router")));
+ return FALSE;
}
/* Pull the packet from inbuf thus we'll get the next one
if ((buffer->len - silc_hmac_len(hmac)) > SILC_PACKET_MIN_LEN) {
silc_buffer_push_tail(buffer, silc_hmac_len(hmac));
} else {
- SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
+ SILC_LOG_ERROR(("Bad MAC length in packet, packet dropped"));
return FALSE;
}
}
if ((buffer->len - silc_hmac_len(hmac)) > SILC_PACKET_MIN_LEN) {
silc_buffer_push_tail(buffer, silc_hmac_len(hmac));
} else {
- SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
+ SILC_LOG_ERROR(("Bad MAC length in packet, packet dropped"));
return FALSE;
}
}
silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN);
if (len > buffer->len) {
- SILC_LOG_DEBUG(("Garbage in header of packet, bad packet length, "
+ SILC_LOG_ERROR(("Garbage in header of packet, bad packet length, "
"packet dropped"));
return FALSE;
}
projects / silc.git / commitdiff