From dd8b8542b6f61e1187295ef639f2d74c0c77651b Mon Sep 17 00:00:00 2001
From: Pekka Riikonen <priikone@silcnet.org>
Date: Tue, 8 Oct 2002 17:20:30 +0000
Subject: [PATCH] 	Send also SERVICE and SERVER_DIGITAL_SIGNATURE in
 server 	constructed Requested Attributes.

---
 CHANGES                   |  7 +++++
 apps/silcd/server.h       |  2 +-
 apps/silcd/server_query.c | 63 ++++++++++++++++++++++++++++++---------
 lib/silccore/silcattrs.h  |  2 +-
 lib/silcske/silcske.c     |  4 +--
 5 files changed, 60 insertions(+), 18 deletions(-)

diff --git a/CHANGES b/CHANGES
index c0604310..81f21158 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+Tue Oct  8 17:58:28 EEST 2002  Pekka Riikonen <priikone@silcnet.org>
+
+	* Add also SERVICE attribute for server-constructed attribute
+	  data.  Also digitally sign the attributes and add
+	  SERVER_DIGITAL_SIGNATURE attribute.  Affected file is
+	  silcd/server_query.c.
+
 Mon Oct  7 18:25:35 EEST 2002  Pekka Riikonen <priikone@silcnet.org>
 
 	* Changed the silc_attribute_payload_encode to support list
diff --git a/apps/silcd/server.h b/apps/silcd/server.h
index 7694b528..945b8dd0 100644
--- a/apps/silcd/server.h
+++ b/apps/silcd/server.h
@@ -57,7 +57,7 @@ typedef struct {
 /* General definitions */
 
 /* SILC port */
-#define SILC_PORT 706;
+#define SILC_PORT 706
 
 /* Server and router. Used internally by the code. */
 #define SILC_SERVER 0
diff --git a/apps/silcd/server_query.c b/apps/silcd/server_query.c
index cad646be..6f816488 100644
--- a/apps/silcd/server_query.c
+++ b/apps/silcd/server_query.c
@@ -1239,12 +1239,12 @@ void silc_server_query_send_reply(SilcServer server,
 	  if (query->attrs) {
 	    if (!entry->attrs) {
 	      tmpattrs = silc_server_query_reply_attrs(server, query, entry);
-	      attrs = tmpattrs->data;
-	      len = tmpattrs->len;
-	    } else {
-	      attrs = entry->attrs;
-	      len = entry->attrs_len;
+	      entry->attrs = silc_memdup(tmpattrs->data, tmpattrs->len);
+	      entry->attrs_len = tmpattrs->len;
+	      silc_buffer_free(tmpattrs);
 	    }
+	    attrs = entry->attrs;
+	    len = entry->attrs_len;
 	  }
 
 	  /* Send command reply */
@@ -1267,14 +1267,17 @@ void silc_server_query_send_reply(SilcServer server,
 
 	  sent_reply = TRUE;
 
-	  /* For now we will delete Requested Attributes */
-	  silc_free(entry->attrs);
-	  entry->attrs = NULL;
+	  /* For now we always delete Requested Attributes, unless the client
+	     is detached, in which case we don't want to reconstruct the
+	     same data everytime */
+	  if (!(entry->mode & SILC_UMODE_DETACHED) &&
+	      !(entry->data.status & SILC_IDLIST_STATUS_NOATTR)) {
+	    silc_free(entry->attrs);
+	    entry->attrs = NULL;
+	  }
 
 	  if (channels)
 	    silc_buffer_free(channels);
-	  if (tmpattrs)
-	    silc_buffer_free(tmpattrs);
 	  if (umode_list) {
 	    silc_buffer_free(umode_list);
 	    umode_list = NULL;
@@ -1515,10 +1518,13 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server,
 					 SilcClientEntry client_entry)
 {
   SilcBuffer buffer = NULL;
-  SilcAttributePayload attr;
   SilcAttribute attribute;
-  unsigned char *tmp;
+  SilcAttributePayload attr;
   SilcAttributeObjPk pk;
+  SilcAttributeObjService service;
+  unsigned char *tmp;
+  unsigned char sign[2048];
+  SilcUInt32 sign_len;
 
   SILC_LOG_DEBUG(("Constructing Requested Attributes"));
 
@@ -1533,6 +1539,19 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server,
       SILC_NOT_IMPLEMENTED("SILC_ATTRIBUTE_USER_INFO");
       break;
 
+    case SILC_ATTRIBUTE_SERVICE:
+      /* Put SERVICE.  Put only SILC service. */
+      memset(&service, 0, sizeof(service));
+      service.port = (server->config->server_info->primary ?
+		      server->config->server_info->primary->port : SILC_PORT);
+      silc_strncat(service.address, sizeof(service.address),
+		   server->server_name, strlen(server->server_name));
+      service.status = !(client_entry->mode & SILC_UMODE_DETACHED);
+      buffer = silc_attribute_payload_encode(buffer, attribute,
+					     SILC_ATTRIBUTE_FLAG_VALID,
+					     &service, sizeof(service));
+      break;
+
     case SILC_ATTRIBUTE_STATUS_MOOD:
       /* Put STATUS_MOOD */
       buffer = silc_attribute_payload_encode(buffer, attribute,
@@ -1583,7 +1602,8 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server,
 
     default:
       /* Ignore SERVER_PUBLIC_KEY since we are going to put it anyway later */
-      if (attribute == SILC_ATTRIBUTE_SERVER_PUBLIC_KEY)
+      if (attribute == SILC_ATTRIBUTE_SERVER_PUBLIC_KEY ||
+	  attribute == SILC_ATTRIBUTE_SERVER_DIGITAL_SIGNATURE)
 	break;
       
       /* For other attributes we cannot reply so mark it invalid */
@@ -1596,7 +1616,6 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server,
 
   /* Always put our public key.  This assures that we send at least
      something valid back always. */
-  /* XXX We should also compute digital signature */
   pk.type = "silc-rsa";
   pk.data = silc_pkcs_public_key_encode(server->public_key, &pk.data_len);
   buffer = silc_attribute_payload_encode(buffer,
@@ -1606,6 +1625,22 @@ SilcBuffer silc_server_query_reply_attrs(SilcServer server,
 					 &pk, sizeof(pk));
   silc_free(pk.data);
 
+  /* Finally compute the digital signature of all the data we provided
+     as an indication that we provided rightfull information, and this
+     also authenticates our public key. */
+  if (silc_pkcs_sign_with_hash(server->pkcs, server->sha1hash,
+			       buffer->data, buffer->len,
+			       sign, &sign_len)) {
+    pk.type = NULL;
+    pk.data = sign;
+    pk.data_len = sign_len;
+    buffer =
+      silc_attribute_payload_encode(buffer,
+				    SILC_ATTRIBUTE_SERVER_DIGITAL_SIGNATURE,
+				    SILC_ATTRIBUTE_FLAG_VALID,
+				    &pk, sizeof(pk));
+  }
+
   return buffer;
 }
 
diff --git a/lib/silccore/silcattrs.h b/lib/silccore/silcattrs.h
index 4df88b58..dd924708 100644
--- a/lib/silccore/silcattrs.h
+++ b/lib/silccore/silcattrs.h
@@ -74,7 +74,7 @@ typedef SilcUInt8 SilcAttribute;
 #define SILC_ATTRIBUTE_STATUS_MESSAGE           5 /* SilcAttributeObjMime */
 #define SILC_ATTRIBUTE_PREFERRED_LANGUAGE       6 /* char * (UTF-8 string) */
 #define SILC_ATTRIBUTE_PREFERRED_CONTACT        7 /* SilcAttributeContact */
-#define SILC_ATTRIBUTE_TIMEZONE                 8 /* char * (UTF-8 string */
+#define SILC_ATTRIBUTE_TIMEZONE                 8 /* char * (UTF-8 string) */
 #define SILC_ATTRIBUTE_GEOLOCATION              9 /* SilcAttributeObjGeo */
 #define SILC_ATTRIBUTE_DEVICE_INFO              10 /* SilcAttributeObjDevice */
 #define SILC_ATTRIBUTE_EXTENSION                11 /* SilcAttributeObjMime */
diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c
index c423b27c..794306d9 100644
--- a/lib/silcske/silcske.c
+++ b/lib/silcske/silcske.c
@@ -382,7 +382,7 @@ SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
 
   /* Compute signature data if we are doing mutual authentication */
   if (private_key && ske->start_payload->flags & SILC_SKE_SP_FLAG_MUTUAL) {
-    unsigned char hash[32], sign[1024];
+    unsigned char hash[32], sign[2048];
     SilcUInt32 hash_len, sign_len;
 
     SILC_LOG_DEBUG(("We are doing mutual authentication"));
@@ -986,7 +986,7 @@ SilcSKEStatus silc_ske_responder_finish(SilcSKE ske,
   SilcSKEStatus status = SILC_SKE_STATUS_OK;
   SilcBuffer payload_buf;
   SilcMPInt *KEY;
-  unsigned char hash[32], sign[1024], *pk;
+  unsigned char hash[32], sign[2048], *pk;
   SilcUInt32 hash_len, sign_len, pk_len;
 
   SILC_LOG_DEBUG(("Start"));
-- 
2.24.0