From: Pekka Riikonen <priikone@silcnet.org>
Date: Wed, 3 Apr 2002 10:32:51 +0000 (+0000)
Subject: 	Fixed rekey protocol with PFS, which was broken.
X-Git-Tag: silc.client.0.8.6~4^2~31
X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff_plain;h=675173711f3f4e451b6ee3e65502a5b56813c10a

	Fixed rekey protocol with PFS, which was broken.
---

diff --git a/CHANGES b/CHANGES
index 7611885c..a372c867 100644
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,9 @@ Wed Apr  3 09:57:47 CEST 2002  Pekka Riikonen <priikone@silcnet.org>
 	* Do not check public key types in SKE during rekey.  Affected
 	  file lib/silcske/payload.c.
 
+	* Fixed the rekey protocol with PFS, which was totally broken.
+	  Affected file silcd/protocol.c.
+
 Tue Apr  2 14:55:06 CEST 2002  Pekka Riikonen <priikone@silcnet.org>
 
 	* Some client implementations quit network by doing first LEAVE
diff --git a/apps/silcd/protocol.c b/apps/silcd/protocol.c
index ed22ce15..65fafeea 100644
--- a/apps/silcd/protocol.c
+++ b/apps/silcd/protocol.c
@@ -1559,7 +1559,10 @@ SILC_TASK_CALLBACK(silc_server_protocol_rekey)
 
     /* We received the REKEY_DONE packet and all packets after this is
        encrypted with the new key so set the decryption key to the new key */
-    silc_server_protocol_rekey_generate(server, ctx, FALSE);
+    if (ctx->pfs == TRUE)
+      silc_server_protocol_rekey_generate_pfs(server, ctx, FALSE);
+    else
+      silc_server_protocol_rekey_generate(server, ctx, FALSE);
 
     /* Assure that after calling final callback there cannot be pending
        executions for this protocol anymore. This just unregisters any