Commit ead5d259 authored by stettberger's avatar stettberger

* Public key authentification on startup ( server )

* Updated multitailrc
parent 8dab9c84
......@@ -3,7 +3,7 @@ allow_8bit:yes
colorscheme:irc
# messages
cs_re_s:magenta,,bold:^..:.. [<].*(stettberger)[>].*$
cs_re_s:magenta:^..:.. <(.+?)>.+$
cs_re_s:magenta:^..:.. <([^<>]+)>.+$
cs_re_s:green:^..:.. [<].*stettberger[>](.*)$
cs_re_s:yellow:^..:.. .*(stettberger):.*$
cs_re_s:cyan:^(..:..).*$
......
......@@ -1455,7 +1455,74 @@ void silc_detach(SilcClient client, SilcClientConnection conn,
DEBUG("Detach: Success");
}
/* }}} */
/* {{{ silc_verify_public_key */
static void
silc_verify_public_key(SilcClient client, SilcClientConnection conn,
SilcSocketType conn_type, unsigned char *pk,
SilcUInt32 pk_len, SilcSKEPKType pk_type,
SilcVerifyPublicKey completion, void *context)
{
char *fingerprint, *path, *pos;
int tmp;
struct dirent *entry;
DIR *dir;
SilcPublicKey pk_tmp;
if(!silc_pkcs_public_key_decode(pk, pk_len, &pk_tmp)){
fprintf(stderr, "Error: Invalid Public Key Data\n");
exit(1);
}
fingerprint = silc_hash_fingerprint(NULL, pk, pk_len);
for (tmp=0; tmp < strlen(fingerprint); tmp++)
if(fingerprint[tmp]==' ')
fingerprint[tmp]='_';
path=malloc(strlen((char *)getenv("HOME"))+40);
NULL_TEST(path);
sprintf(path, "%s/.silc/serverkeys", (char *)getenv("HOME"));
create_dirtree(path);
dir=opendir(path);
while((entry=readdir(dir))) {
if(!strncmp(entry->d_name, fingerprint, strlen(fingerprint))){
path=realloc(path, strlen((char *)getenv("HOME"))+50+strlen(entry->d_name));
NULL_TEST(path);
sprintf(path, "%s/.silc/serverkeys/%s", (char *)getenv("HOME"), entry->d_name);
/* Load key */
SilcPublicKey cached_pk=NULL;
if (!silc_pkcs_load_public_key(path, &cached_pk, SILC_PKCS_FILE_PEM) &&
!silc_pkcs_load_public_key(path, &cached_pk, SILC_PKCS_FILE_BIN)){
fprintf(stderr, "Couldn't load file: %s\n", path);
break;
}
if(!strncmp((char *)pk, (char *)cached_pk->pk, pk_len)){
DEBUG("Verify: CORRECT KEY");
completion(TRUE, context);
free(fingerprint);
return;
}
}
}
closedir(dir);
completion(FALSE, context);
/* Save the Public Key */
path=malloc(strlen(getenv("HOME"))+strlen(conn->remote_host)+30+strlen(fingerprint));
NULL_TEST(path);
sprintf(path, "%s/.silc/incoming_keys/%s(%s):server", getenv("HOME"), fingerprint, conn->remote_host);
pos=strrchr(path, '/');
pos[0]=0;
create_dirtree(path);
pos[0]='/';
if(!silc_pkcs_save_public_key(path, pk_tmp, SILC_PKCS_FILE_PEM)){
fprintf(stderr, "Couldn't save Public Key\n");
exit(1);
}
printf("The server's public key you wanted to connect is unkown!\n");
printf("Name: %s; Identifier: %s\n", pk_tmp->name, pk_tmp->identifier);
printf("Host: %s; Port: %d\n", conn->remote_host, conn->remote_port);
printf("si has saved his public key to:\n");
printf("%s\n", path);
printf("\nIf you trust this key move it to ~/.silc/serverkeys, but don't rename it\n");
exit(1);
}
/* }}} */
/* {{{ Empty and unused, but required Functions */
static void
......@@ -1470,17 +1537,6 @@ silc_get_auth_method(SilcClient client, SilcClientConnection conn,
completion(TRUE, SILC_AUTH_NONE, NULL, 0, context);
}
static void
silc_verify_public_key(SilcClient client, SilcClientConnection conn,
SilcSocketType conn_type, unsigned char *pk,
SilcUInt32 pk_len, SilcSKEPKType pk_type,
SilcVerifyPublicKey completion, void *context)
{
completion(TRUE, context);
}
static void
silc_say(SilcClient client, SilcClientConnection conn,
SilcClientMessageType type, char *msg, ...)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment