+Tue Apr 10 16:20:34 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * When MAC computation fails the silc_packet_decrypt returned 0
+ even though it was supposed to return -1. Fixed this. The
+ affected file is lib/silccore/silcpacket.c.
+
+ * Do not replace the config files in /etc/silc (in make install)
+ if they already exist. Affected file ./Makefile.am.
+
+ * Do not send re-key packets immediately but through packet queue.
+ Affected file silcd/protocol.c and lib/silcclient/protocol.c.
+
Mon Apr 9 21:54:44 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Added silc_pkcs_decode_identifier to decode the public key's
-cp -fR $(srcdir)/lib/silcsim/modules/*.so $(modulesdir)/
doc-install:
- -cp -fR $(srcdir)/doc/* $(docdir)/
- -cp -fR $(srcdir)/COPYING $(docdir)/
- -cp -fR $(srcdir)/README $(docdir)/
- -cp -fR $(srcdir)/INSTALL $(docdir)/
- -cp -fR $(srcdir)/TODO $(docdir)/
+ $(INSTALL_DATA) $(srcdir)/doc/* $(docdir)/
+ $(INSTALL_DATA) $(srcdir)/COPYING $(docdir)/
+ $(INSTALL_DATA) $(srcdir)/README $(docdir)/
+ $(INSTALL_DATA) $(srcdir)/INSTALL $(docdir)/
+ $(INSTALL_DATA) $(srcdir)/TODO $(docdir)/
etc-install:
- -cp -fR $(srcdir)/doc/example_silcd.conf $(etcdir)/silcd.conf
- -cp -fR $(srcdir)/doc/example_silc.conf $(etcdir)/silc.conf
+ -@if test '!' -f $(etcdir)/silcd.conf ; then \
+ $(INSTALL_DATA) $(srcdir)/doc/example_silcd.conf \
+ $(etcdir)/silcd.conf; \
+ fi
+ -@if test '!' -f $(etcdir)silc.conf ; then \
+ $(INSTALL_DATA) $(srcdir)/doc/example_silc.conf \
+ $(etcdir)/silc.conf; \
+ fi
install-data-hook: install-dirs generate-server-key sim-install doc-install etc-install
if (!silc_idcache_find_by_context(server->local_list->clients,
sock->user_data, &cache)) {
SILC_LOG_ERROR(("Lost client's cache entry - bad thing"));
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Unknown client");
return NULL;
}
silc_free(username);
if (realname)
silc_free(realname);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Incomplete client information");
return NULL;
}
#include "serverincludes.h"
#include "server_internal.h"
-/* Internal context that holds the packet data and packet sending function
- callbacks when the packet is sent with timeout. This is used when
- the server is performing re-key protocol. During re-key we will prevent
- sending of any other than re-key packets so that the packets would not
- be encrypted with wrong keys. Other than that, this is not used at all. */
-typedef struct {
-
-} *SilcServerSendPacket;
-
/* Routine that sends packet or marks packet to be sent. This is used
directly only in special cases. Normal cases should use
silc_server_packet_send. Returns < 0 error. */
/* Send the packet immediately */
silc_server_packet_send(server, ctx->sock,
- type, 0, packet->data, packet->len, TRUE);
+ type, 0, packet->data, packet->len, FALSE);
}
/* Performs re-key as defined in the SILC protocol specification. */
/* Start the re-key by sending the REKEY packet */
silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY,
- 0, NULL, 0, TRUE);
+ 0, NULL, 0, FALSE);
if (ctx->pfs == TRUE) {
/*
* Do normal and simple re-key.
*/
- /* The protocol ends in next stage. We have sent the REKEY packet
- and now we just wait that the responder send REKEY_DONE and
- the we'll generate the new key, simple. */
+ /* Send the REKEY_DONE to indicate we will take new keys into use
+ now. */
+ silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
+ 0, NULL, 0, FALSE);
+
+ /* The protocol ends in next stage. */
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
protocol->execute(server->timeout_queue, 0, protocol, fd, 0, 0);
}
- if (ctx->responder == FALSE) {
- if (ctx->pfs == FALSE) {
- /* Send the REKEY_DONE to indicate we will take new keys into use
- now. */
- silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
- 0, NULL, 0, FALSE);
- }
- }
-
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(server->timeout_queue, 0, protocol, fd);
SilcServerKEInternalContext *proto_ctx;
int sock;
+ SILC_LOG_INFO(("Connecting to the router %s on port %d",
+ sconn->remote_host, sconn->remote_port));
+
/* Connect to remote host */
sock = silc_net_create_connection(sconn->remote_port,
sconn->remote_host);
/* Add the connected router to local server list */
server->standalone = FALSE;
- id_entry = silc_idlist_add_server(server->local_list, sock->hostname,
+ id_entry = silc_idlist_add_server(server->local_list, strdup(sock->hostname),
SILC_ROUTER, ctx->dest_id, NULL, sock);
if (!id_entry) {
if (ctx->dest_id)
void silc_server_close_connection(SilcServer server,
SilcSocketConnection sock)
{
- SILC_LOG_DEBUG(("Closing connection %d", sock->sock));
+ SILC_LOG_INFO(("Closing connection %s:%d [%s] (%d)", sock->hostname,
+ sock->port,
+ (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
+ sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
+ sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
+ "Router"), sock->sock));
/* We won't listen for this connection anymore */
silc_schedule_unset_listen_fd(sock->sock);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)rekey, 3600 + 5, 0,
+ (void *)rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)channel->rekey, 3600 + 5, 0,
+ (void *)channel->rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)channel->rekey, 3600 + 5, 0,
+ (void *)channel->rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
/* Send the packet immediately */
silc_client_packet_send(client, ctx->sock, type, NULL, 0, NULL, NULL,
- packet->data, packet->len, TRUE);
+ packet->data, packet->len, FALSE);
}
/* Performs re-key as defined in the SILC protocol specification. */
/* Start the re-key by sending the REKEY packet */
silc_client_packet_send(client, ctx->sock, SILC_PACKET_REKEY,
- NULL, 0, NULL, NULL, NULL, 0, TRUE);
+ NULL, 0, NULL, NULL, NULL, 0, FALSE);
if (ctx->pfs == TRUE) {
/*
* Do normal and simple re-key.
*/
- /* The protocol ends in next stage. We have sent the REKEY packet
- and now we just wait that the responder send REKEY_DONE and
- the we'll generate the new key, simple. */
+ /* Send the REKEY_DONE to indicate we will take new keys into use
+ now. */
+ silc_client_packet_send(client, ctx->sock,
+ SILC_PACKET_REKEY_DONE,
+ NULL, 0, NULL, NULL, NULL, 0, FALSE);
+
+ /* The protocol ends in next stage. */
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
protocol->execute(client->timeout_queue, 0, protocol, fd, 0, 0);
}
- if (ctx->responder == FALSE) {
- if (ctx->pfs == FALSE) {
- /* Send the REKEY_DONE to indicate we will take new keys into use
- now. */
- silc_client_packet_send(client, ctx->sock,
- SILC_PACKET_REKEY_DONE,
- NULL, 0, NULL, NULL, NULL, 0, FALSE);
- }
- }
-
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(client->timeout_queue, 0, protocol, fd);
/* Compare the HMAC's (buffer->tail has the packet's HMAC) */
if (memcmp(mac, buffer->tail, mac_len)) {
- SILC_LOG_DEBUG(("MAC failed"));
+ SILC_LOG_ERROR(("MAC failed"));
return FALSE;
}
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
- return FALSE;
+ return -1;
return 0;
} else {
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
- return FALSE;
+ return -1;
return 1;
}
the who it says it is */
memset(host_name, 0, sizeof(host_name));
memcpy(host_name, dest->h_name, strlen(dest->h_name));
+
+ *hostname = silc_calloc(strlen(host_name) + 1, sizeof(char));
+ memcpy(*hostname, host_name, strlen(host_name));
+ SILC_LOG_DEBUG(("Resolved hostname `%s'", *hostname));
+
dest = gethostbyname(host_name);
if (!dest)
return;
if (!host_ip)
return;
- *hostname = silc_calloc(strlen(host_name) + 1, sizeof(char));
- memcpy(*hostname, host_name, strlen(host_name));
- SILC_LOG_DEBUG(("Resolved hostname `%s'", *hostname));
*ip = silc_calloc(strlen(host_ip) + 1, sizeof(char));
memcpy(*ip, host_ip, strlen(host_ip));
SILC_LOG_DEBUG(("Resolved IP address `%s'", *ip));
projects / silc.git / commitdiff