projects
/
silc.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
39c815a
)
updates.
author
Pekka Riikonen
<priikone@silcnet.org>
Tue, 10 Apr 2001 09:42:02 +0000
(09:42 +0000)
committer
Pekka Riikonen
<priikone@silcnet.org>
Tue, 10 Apr 2001 09:42:02 +0000
(09:42 +0000)
CHANGES
patch
|
blob
|
history
Makefile.am
patch
|
blob
|
history
apps/silcd/packet_receive.c
patch
|
blob
|
history
apps/silcd/packet_send.c
patch
|
blob
|
history
apps/silcd/protocol.c
patch
|
blob
|
history
apps/silcd/server.c
patch
|
blob
|
history
lib/silcclient/protocol.c
patch
|
blob
|
history
lib/silccore/silcpacket.c
patch
|
blob
|
history
lib/silcutil/silcnet.c
patch
|
blob
|
history
diff --git
a/CHANGES
b/CHANGES
index e666e254ef8a7b121ed8958064396bf433e6a0df..3932d767506c5c4e4a1df597c682a3535ceb0225 100644
(file)
--- a/
CHANGES
+++ b/
CHANGES
@@
-1,3
+1,15
@@
+Tue Apr 10 16:20:34 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * When MAC computation fails the silc_packet_decrypt returned 0
+ even though it was supposed to return -1. Fixed this. The
+ affected file is lib/silccore/silcpacket.c.
+
+ * Do not replace the config files in /etc/silc (in make install)
+ if they already exist. Affected file ./Makefile.am.
+
+ * Do not send re-key packets immediately but through packet queue.
+ Affected file silcd/protocol.c and lib/silcclient/protocol.c.
+
Mon Apr 9 21:54:44 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Added silc_pkcs_decode_identifier to decode the public key's
Mon Apr 9 21:54:44 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Added silc_pkcs_decode_identifier to decode the public key's
diff --git
a/Makefile.am
b/Makefile.am
index da17d191f77cfcd61c53536580e4f7a53e3ee43b..642860045968c3c7c65cd20db8857984a81dd471 100644
(file)
--- a/
Makefile.am
+++ b/
Makefile.am
@@
-50,14
+50,20
@@
sim-install:
-cp -fR $(srcdir)/lib/silcsim/modules/*.so $(modulesdir)/
doc-install:
-cp -fR $(srcdir)/lib/silcsim/modules/*.so $(modulesdir)/
doc-install:
-
-cp -fR
$(srcdir)/doc/* $(docdir)/
-
-cp -fR
$(srcdir)/COPYING $(docdir)/
-
-cp -fR
$(srcdir)/README $(docdir)/
-
-cp -fR
$(srcdir)/INSTALL $(docdir)/
-
-cp -fR
$(srcdir)/TODO $(docdir)/
+
$(INSTALL_DATA)
$(srcdir)/doc/* $(docdir)/
+
$(INSTALL_DATA)
$(srcdir)/COPYING $(docdir)/
+
$(INSTALL_DATA)
$(srcdir)/README $(docdir)/
+
$(INSTALL_DATA)
$(srcdir)/INSTALL $(docdir)/
+
$(INSTALL_DATA)
$(srcdir)/TODO $(docdir)/
etc-install:
etc-install:
- -cp -fR $(srcdir)/doc/example_silcd.conf $(etcdir)/silcd.conf
- -cp -fR $(srcdir)/doc/example_silc.conf $(etcdir)/silc.conf
+ -@if test '!' -f $(etcdir)/silcd.conf ; then \
+ $(INSTALL_DATA) $(srcdir)/doc/example_silcd.conf \
+ $(etcdir)/silcd.conf; \
+ fi
+ -@if test '!' -f $(etcdir)silc.conf ; then \
+ $(INSTALL_DATA) $(srcdir)/doc/example_silc.conf \
+ $(etcdir)/silc.conf; \
+ fi
install-data-hook: install-dirs generate-server-key sim-install doc-install etc-install
install-data-hook: install-dirs generate-server-key sim-install doc-install etc-install
diff --git
a/apps/silcd/packet_receive.c
b/apps/silcd/packet_receive.c
index 46b0aac16c8e3da3184c30bb2a3ec7e12f157f74..1855c27c9b3cf2181bbfafa789d01a82703f9db6 100644
(file)
--- a/
apps/silcd/packet_receive.c
+++ b/
apps/silcd/packet_receive.c
@@
-1296,6
+1296,8
@@
SilcClientEntry silc_server_new_client(SilcServer server,
if (!silc_idcache_find_by_context(server->local_list->clients,
sock->user_data, &cache)) {
SILC_LOG_ERROR(("Lost client's cache entry - bad thing"));
if (!silc_idcache_find_by_context(server->local_list->clients,
sock->user_data, &cache)) {
SILC_LOG_ERROR(("Lost client's cache entry - bad thing"));
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Unknown client");
return NULL;
}
return NULL;
}
@@
-1309,6
+1311,8
@@
SilcClientEntry silc_server_new_client(SilcServer server,
silc_free(username);
if (realname)
silc_free(realname);
silc_free(username);
if (realname)
silc_free(realname);
+ silc_server_disconnect_remote(server, sock, "Server closed connection: "
+ "Incomplete client information");
return NULL;
}
return NULL;
}
diff --git
a/apps/silcd/packet_send.c
b/apps/silcd/packet_send.c
index 8a9511ddce1f3071a762c0032f04f4652057085e..a88eedbeac363bf0ce46ab0694529d98d77cb539 100644
(file)
--- a/
apps/silcd/packet_send.c
+++ b/
apps/silcd/packet_send.c
@@
-25,15
+25,6
@@
#include "serverincludes.h"
#include "server_internal.h"
#include "serverincludes.h"
#include "server_internal.h"
-/* Internal context that holds the packet data and packet sending function
- callbacks when the packet is sent with timeout. This is used when
- the server is performing re-key protocol. During re-key we will prevent
- sending of any other than re-key packets so that the packets would not
- be encrypted with wrong keys. Other than that, this is not used at all. */
-typedef struct {
-
-} *SilcServerSendPacket;
-
/* Routine that sends packet or marks packet to be sent. This is used
directly only in special cases. Normal cases should use
silc_server_packet_send. Returns < 0 error. */
/* Routine that sends packet or marks packet to be sent. This is used
directly only in special cases. Normal cases should use
silc_server_packet_send. Returns < 0 error. */
diff --git
a/apps/silcd/protocol.c
b/apps/silcd/protocol.c
index abb40e715f55cb9b80213a772a2e0e457faf90fc..aef7267c13ba45be4f11d6c045138c3676dc0880 100644
(file)
--- a/
apps/silcd/protocol.c
+++ b/
apps/silcd/protocol.c
@@
-1110,7
+1110,7
@@
silc_server_protocol_rekey_send_packet(SilcSKE ske,
/* Send the packet immediately */
silc_server_packet_send(server, ctx->sock,
/* Send the packet immediately */
silc_server_packet_send(server, ctx->sock,
- type, 0, packet->data, packet->len,
TRU
E);
+ type, 0, packet->data, packet->len,
FALS
E);
}
/* Performs re-key as defined in the SILC protocol specification. */
}
/* Performs re-key as defined in the SILC protocol specification. */
@@
-1197,7
+1197,7
@@
SILC_TASK_CALLBACK(silc_server_protocol_rekey)
/* Start the re-key by sending the REKEY packet */
silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY,
/* Start the re-key by sending the REKEY packet */
silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY,
- 0, NULL, 0,
TRU
E);
+ 0, NULL, 0,
FALS
E);
if (ctx->pfs == TRUE) {
/*
if (ctx->pfs == TRUE) {
/*
@@
-1232,9
+1232,12
@@
SILC_TASK_CALLBACK(silc_server_protocol_rekey)
* Do normal and simple re-key.
*/
* Do normal and simple re-key.
*/
- /* The protocol ends in next stage. We have sent the REKEY packet
- and now we just wait that the responder send REKEY_DONE and
- the we'll generate the new key, simple. */
+ /* Send the REKEY_DONE to indicate we will take new keys into use
+ now. */
+ silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
+ 0, NULL, 0, FALSE);
+
+ /* The protocol ends in next stage. */
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
@@
-1313,15
+1316,6
@@
SILC_TASK_CALLBACK(silc_server_protocol_rekey)
protocol->execute(server->timeout_queue, 0, protocol, fd, 0, 0);
}
protocol->execute(server->timeout_queue, 0, protocol, fd, 0, 0);
}
- if (ctx->responder == FALSE) {
- if (ctx->pfs == FALSE) {
- /* Send the REKEY_DONE to indicate we will take new keys into use
- now. */
- silc_server_packet_send(server, ctx->sock, SILC_PACKET_REKEY_DONE,
- 0, NULL, 0, FALSE);
- }
- }
-
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(server->timeout_queue, 0, protocol, fd);
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(server->timeout_queue, 0, protocol, fd);
diff --git
a/apps/silcd/server.c
b/apps/silcd/server.c
index 7fd9b86c132636732bcb8650cef84a5b3bc54309..533d46ae615186481bf0d7b0db5ce4e06da60c3d 100644
(file)
--- a/
apps/silcd/server.c
+++ b/
apps/silcd/server.c
@@
-514,6
+514,9
@@
SILC_TASK_CALLBACK(silc_server_connect_router)
SilcServerKEInternalContext *proto_ctx;
int sock;
SilcServerKEInternalContext *proto_ctx;
int sock;
+ SILC_LOG_INFO(("Connecting to the router %s on port %d",
+ sconn->remote_host, sconn->remote_port));
+
/* Connect to remote host */
sock = silc_net_create_connection(sconn->remote_port,
sconn->remote_host);
/* Connect to remote host */
sock = silc_net_create_connection(sconn->remote_port,
sconn->remote_host);
@@
-855,7
+858,7
@@
SILC_TASK_CALLBACK(silc_server_connect_to_router_final)
/* Add the connected router to local server list */
server->standalone = FALSE;
/* Add the connected router to local server list */
server->standalone = FALSE;
- id_entry = silc_idlist_add_server(server->local_list, s
ock->hostname
,
+ id_entry = silc_idlist_add_server(server->local_list, s
trdup(sock->hostname)
,
SILC_ROUTER, ctx->dest_id, NULL, sock);
if (!id_entry) {
if (ctx->dest_id)
SILC_ROUTER, ctx->dest_id, NULL, sock);
if (!id_entry) {
if (ctx->dest_id)
@@
-1991,7
+1994,12
@@
SILC_TASK_CALLBACK(silc_server_close_connection_final)
void silc_server_close_connection(SilcServer server,
SilcSocketConnection sock)
{
void silc_server_close_connection(SilcServer server,
SilcSocketConnection sock)
{
- SILC_LOG_DEBUG(("Closing connection %d", sock->sock));
+ SILC_LOG_INFO(("Closing connection %s:%d [%s] (%d)", sock->hostname,
+ sock->port,
+ (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
+ sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
+ sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
+ "Router"), sock->sock));
/* We won't listen for this connection anymore */
silc_schedule_unset_listen_fd(sock->sock);
/* We won't listen for this connection anymore */
silc_schedule_unset_listen_fd(sock->sock);
@@
-2796,7
+2804,7
@@
SILC_TASK_CALLBACK(silc_server_channel_key_rekey)
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)rekey, 3600
+ 5
, 0,
+ (void *)rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
@@
-2867,7
+2875,7
@@
void silc_server_create_channel_key(SilcServer server,
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)channel->rekey, 3600
+ 5
, 0,
+ (void *)channel->rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
@@
-2972,7
+2980,7
@@
SilcChannelEntry silc_server_save_channel_key(SilcServer server,
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
silc_server_channel_key_rekey);
silc_task_register(server->timeout_queue, 0,
silc_server_channel_key_rekey,
- (void *)channel->rekey, 3600
+ 5
, 0,
+ (void *)channel->rekey, 3600, 0,
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
SILC_TASK_TIMEOUT,
SILC_TASK_PRI_NORMAL);
}
diff --git
a/lib/silcclient/protocol.c
b/lib/silcclient/protocol.c
index 02939acba4c5c5dcef823c23a40ae6b2b8f1b395..801a5b95ac4f78dd25013b56b7b4617663673757 100644
(file)
--- a/
lib/silcclient/protocol.c
+++ b/
lib/silcclient/protocol.c
@@
-742,7
+742,7
@@
silc_client_protocol_rekey_send_packet(SilcSKE ske,
/* Send the packet immediately */
silc_client_packet_send(client, ctx->sock, type, NULL, 0, NULL, NULL,
/* Send the packet immediately */
silc_client_packet_send(client, ctx->sock, type, NULL, 0, NULL, NULL,
- packet->data, packet->len,
TRU
E);
+ packet->data, packet->len,
FALS
E);
}
/* Performs re-key as defined in the SILC protocol specification. */
}
/* Performs re-key as defined in the SILC protocol specification. */
@@
-830,7
+830,7
@@
SILC_TASK_CALLBACK(silc_client_protocol_rekey)
/* Start the re-key by sending the REKEY packet */
silc_client_packet_send(client, ctx->sock, SILC_PACKET_REKEY,
/* Start the re-key by sending the REKEY packet */
silc_client_packet_send(client, ctx->sock, SILC_PACKET_REKEY,
- NULL, 0, NULL, NULL, NULL, 0,
TRU
E);
+ NULL, 0, NULL, NULL, NULL, 0,
FALS
E);
if (ctx->pfs == TRUE) {
/*
if (ctx->pfs == TRUE) {
/*
@@
-865,9
+865,13
@@
SILC_TASK_CALLBACK(silc_client_protocol_rekey)
* Do normal and simple re-key.
*/
* Do normal and simple re-key.
*/
- /* The protocol ends in next stage. We have sent the REKEY packet
- and now we just wait that the responder send REKEY_DONE and
- the we'll generate the new key, simple. */
+ /* Send the REKEY_DONE to indicate we will take new keys into use
+ now. */
+ silc_client_packet_send(client, ctx->sock,
+ SILC_PACKET_REKEY_DONE,
+ NULL, 0, NULL, NULL, NULL, 0, FALSE);
+
+ /* The protocol ends in next stage. */
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
protocol->state = SILC_PROTOCOL_STATE_END;
}
}
@@
-946,16
+950,6
@@
SILC_TASK_CALLBACK(silc_client_protocol_rekey)
protocol->execute(client->timeout_queue, 0, protocol, fd, 0, 0);
}
protocol->execute(client->timeout_queue, 0, protocol, fd, 0, 0);
}
- if (ctx->responder == FALSE) {
- if (ctx->pfs == FALSE) {
- /* Send the REKEY_DONE to indicate we will take new keys into use
- now. */
- silc_client_packet_send(client, ctx->sock,
- SILC_PACKET_REKEY_DONE,
- NULL, 0, NULL, NULL, NULL, 0, FALSE);
- }
- }
-
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(client->timeout_queue, 0, protocol, fd);
/* Protocol has ended, call the final callback */
if (protocol->final_callback)
protocol->execute_final(client->timeout_queue, 0, protocol, fd);
diff --git
a/lib/silccore/silcpacket.c
b/lib/silccore/silcpacket.c
index 9895fa25915b47b38ae7624109eb7eded3097284..80be09c46b9b704e1d9c4ff2f48cc41bc0aba1fd 100644
(file)
--- a/
lib/silccore/silcpacket.c
+++ b/
lib/silccore/silcpacket.c
@@
-478,7
+478,7
@@
static int silc_packet_check_mac(SilcHmac hmac, SilcBuffer buffer)
/* Compare the HMAC's (buffer->tail has the packet's HMAC) */
if (memcmp(mac, buffer->tail, mac_len)) {
/* Compare the HMAC's (buffer->tail has the packet's HMAC) */
if (memcmp(mac, buffer->tail, mac_len)) {
- SILC_LOG_
DEBUG
(("MAC failed"));
+ SILC_LOG_
ERROR
(("MAC failed"));
return FALSE;
}
return FALSE;
}
@@
-607,7
+607,7
@@
int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac,
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
- return
FALSE
;
+ return
-1
;
return 0;
} else {
return 0;
} else {
@@
-618,7
+618,7
@@
int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac,
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
/* Check MAC */
if (!silc_packet_check_mac(hmac, buffer))
- return
FALSE
;
+ return
-1
;
return 1;
}
return 1;
}
diff --git
a/lib/silcutil/silcnet.c
b/lib/silcutil/silcnet.c
index bb55b3a2709ef7f867decb04834a711eb5e62b2b..cc09a130ed00f19a1e7c14b715a5bcbcc35dcd22 100644
(file)
--- a/
lib/silcutil/silcnet.c
+++ b/
lib/silcutil/silcnet.c
@@
-267,6
+267,11
@@
void silc_net_check_host_by_sock(int sock, char **hostname, char **ip)
the who it says it is */
memset(host_name, 0, sizeof(host_name));
memcpy(host_name, dest->h_name, strlen(dest->h_name));
the who it says it is */
memset(host_name, 0, sizeof(host_name));
memcpy(host_name, dest->h_name, strlen(dest->h_name));
+
+ *hostname = silc_calloc(strlen(host_name) + 1, sizeof(char));
+ memcpy(*hostname, host_name, strlen(host_name));
+ SILC_LOG_DEBUG(("Resolved hostname `%s'", *hostname));
+
dest = gethostbyname(host_name);
if (!dest)
return;
dest = gethostbyname(host_name);
if (!dest)
return;
@@
-283,9
+288,6
@@
void silc_net_check_host_by_sock(int sock, char **hostname, char **ip)
if (!host_ip)
return;
if (!host_ip)
return;
- *hostname = silc_calloc(strlen(host_name) + 1, sizeof(char));
- memcpy(*hostname, host_name, strlen(host_name));
- SILC_LOG_DEBUG(("Resolved hostname `%s'", *hostname));
*ip = silc_calloc(strlen(host_ip) + 1, sizeof(char));
memcpy(*ip, host_ip, strlen(host_ip));
SILC_LOG_DEBUG(("Resolved IP address `%s'", *ip));
*ip = silc_calloc(strlen(host_ip) + 1, sizeof(char));
memcpy(*ip, host_ip, strlen(host_ip));
SILC_LOG_DEBUG(("Resolved IP address `%s'", *ip));