From e479967b69a294a2028beb2412815657fb6dd16c Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Wed, 3 Mar 2004 17:15:07 +0000 Subject: [PATCH] Allow rekey with PFS in backup router (for disabled connections). --- CHANGES | 5 +++++ apps/silcd/packet_send.c | 23 ++++++++++++++++------- apps/silcd/server.c | 6 ++++-- 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 06a7b927..a1a520bd 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Wed Mar 3 15:13:49 CET 2004 Pekka Riikonen completion callback, which might have closed it already. Affected file silcd/server.c. + * Fixed rekey with PFS in backup router. It did not allow + rekeys with PFS, and when the rekey protocol timedout + it crashed the backup router without the above fix. Affected + file silcd/packet_send.c and server.c. + Sat Feb 28 16:25:09 EET 2004 Pekka Riikonen * The silc_client_add_channel_private_key now returns the diff --git a/apps/silcd/packet_send.c b/apps/silcd/packet_send.c index 68cff9de..0a7e5233 100644 --- a/apps/silcd/packet_send.c +++ b/apps/silcd/packet_send.c @@ -114,7 +114,8 @@ void silc_server_packet_send(SilcServer server, rekeys, though */ if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED && type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY && - type != SILC_PACKET_REKEY_DONE) || + type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1 + && type != SILC_PACKET_KEY_EXCHANGE_2) || (sock->user_data == server->id_entry)) { SILC_LOG_DEBUG(("Connection is disabled")); return; @@ -176,9 +177,13 @@ void silc_server_packet_send_dest(SilcServer server, idata = (SilcIDListData)sock->user_data; - /* If entry is disabled do not sent anything. */ - if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED) || - sock->user_data == server->id_entry) { + /* If entry is disabled do not sent anything. Allow hearbeat and + rekeys, though */ + if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED && + type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY && + type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1 + && type != SILC_PACKET_KEY_EXCHANGE_2) || + (sock->user_data == server->id_entry)) { SILC_LOG_DEBUG(("Connection is disabled")); return; } @@ -285,9 +290,13 @@ void silc_server_packet_send_srcdest(SilcServer server, /* Get data used in the packet sending, keys and stuff */ idata = (SilcIDListData)sock->user_data; - /* If entry is disabled do not sent anything. */ - if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED) || - sock->user_data == server->id_entry) { + /* If entry is disabled do not sent anything. Allow hearbeat and + rekeys, though */ + if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED && + type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY && + type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1 + && type != SILC_PACKET_KEY_EXCHANGE_2) || + (sock->user_data == server->id_entry)) { SILC_LOG_DEBUG(("Connection is disabled")); return; } diff --git a/apps/silcd/server.c b/apps/silcd/server.c index fb4a68dc..20188476 100644 --- a/apps/silcd/server.c +++ b/apps/silcd/server.c @@ -2509,8 +2509,10 @@ SILC_TASK_CALLBACK(silc_server_packet_parse_real) /* If entry is disabled ignore what we got. */ if (idata && idata->status & SILC_IDLIST_STATUS_DISABLED && ret != SILC_PACKET_HEARTBEAT && ret != SILC_PACKET_RESUME_ROUTER && - ret != SILC_PACKET_REKEY && ret != SILC_PACKET_REKEY_DONE) { - SILC_LOG_DEBUG(("Connection is disabled")); + ret != SILC_PACKET_REKEY && ret != SILC_PACKET_REKEY_DONE && + ret != SILC_PACKET_KEY_EXCHANGE_1 && ret != SILC_PACKET_KEY_EXCHANGE_2) { + SILC_LOG_DEBUG(("Connection is disabled (packet %s dropped)", + silc_get_packet_name(ret))); goto out; } -- 2.24.0