1 /*
2
3 packet_send.c
4
5 Author: Pekka Riikonen <priikone@silcnet.org>
6
7 Copyright (C) 1997 - 2005 Pekka Riikonen
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 */
19 /*
20 * Server packet routines to send packets.
21 */
22 /* $Id: packet_send.c,v 1.128 2005/04/23 13:32:24 priikone Exp $ */
23
24 #include "serverincludes.h"
25 #include "server_internal.h"
26
27 /* Routine that sends packet or marks packet to be sent. This is used
28 directly only in special cases. Normal cases should use
29 silc_server_packet_send. Returns < 0 error. */
30
31 int silc_server_packet_send_real(SilcServer server,
32 SilcSocketConnection sock,
33 bool force_send)
34 {
35 int ret;
36
37 /* If disconnecting, ignore the data */
38 if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock))
39 return -1;
40
41 /* Send the packet */
42 ret = silc_packet_send(sock, FALSE);
43 if (ret != -2) {
44 if (ret == -1) {
45 SILC_SET_CONNECTION_FOR_INPUT(server->schedule, sock->sock);
46 SILC_UNSET_OUTBUF_PENDING(sock);
47 silc_buffer_clear(sock->outbuf);
48
49 SILC_LOG_ERROR(("Error sending packet to connection "
50 "%s:%d [%s]", sock->hostname, sock->port,
51 (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" :
52 sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" :
53 sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" :
54 "Router")));
55
56 if (sock->user_data) {
57 /* If backup then mark that resuming will not be allowed */
58 if (server->server_type == SILC_ROUTER && !server->backup_router &&
59 sock->type == SILC_SOCKET_TYPE_SERVER) {
60 SilcServerEntry server_entry = sock->user_data;
61 if (server_entry->server_type == SILC_BACKUP_ROUTER)
62 server->backup_closed = TRUE;
63 }
64
65 silc_server_free_sock_user_data(server, sock, NULL);
66 }
67 SILC_SET_DISCONNECTING(sock);
68 silc_server_close_connection(server, sock);
69 return ret;
70 }
71
72 server->stat.packets_sent++;
73 return ret;
74 }
75
76 /* Mark that there is some outgoing data available for this connection.
77 This call sets the connection both for input and output (the input
78 is set always and this call keeps the input setting, actually).
79 Actual data sending is performed by silc_server_packet_process. */
80 SILC_SET_CONNECTION_FOR_OUTPUT(server->schedule, sock->sock);
81
82 /* Mark to socket that data is pending in outgoing buffer. This flag
83 is needed if new data is added to the buffer before the earlier
84 put data is sent to the network. */
85 SILC_SET_OUTBUF_PENDING(sock);
86
87 return 0;
88 }
89
90 /* Assembles a new packet to be sent out to network. This doesn't actually
91 send the packet but creates the packet and fills the outgoing data
92 buffer and marks the packet ready to be sent to network. However, If
93 argument force_send is TRUE the packet is sent immediately and not put
94 to queue. Normal case is that the packet is not sent immediately. */
95
96 void silc_server_packet_send(SilcServer server,
97 SilcSocketConnection sock,
98 SilcPacketType type,
99 SilcPacketFlags flags,
100 unsigned char *data,
101 SilcUInt32 data_len,
102 bool force_send)
103 {
104 void *dst_id = NULL;
105 SilcIdType dst_id_type = SILC_ID_NONE;
106 SilcIDListData idata;
107
108 if (!sock)
109 return;
110
111 idata = (SilcIDListData)sock->user_data;
112
113 /* If disconnecting, ignore the data */
114 if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock))
115 return;
116
117 /* If entry is disabled do not sent anything. Allow hearbeat and
118 rekeys, though */
119 if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED &&
120 type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY &&
121 type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1
122 && type != SILC_PACKET_KEY_EXCHANGE_2) ||
123 (sock->user_data == server->id_entry)) {
124 SILC_LOG_DEBUG(("Connection is disabled"));
125 return;
126 }
127
128 /* Get data used in the packet sending, keys and stuff */
129 switch(sock->type) {
130 case SILC_SOCKET_TYPE_CLIENT:
131 if (sock->user_data) {
132 dst_id = ((SilcClientEntry)sock->user_data)->id;
133 dst_id_type = SILC_ID_CLIENT;
134 }
135 break;
136 case SILC_SOCKET_TYPE_SERVER:
137 case SILC_SOCKET_TYPE_ROUTER:
138 if (sock->user_data) {
139 dst_id = ((SilcServerEntry)sock->user_data)->id;
140 dst_id_type = SILC_ID_SERVER;
141 }
142 break;
143 default:
144 break;
145 }
146
147 silc_server_packet_send_dest(server, sock, type, flags, dst_id,
148 dst_id_type, data, data_len, force_send);
149 }
150
151 /* Assembles a new packet to be sent out to network. This doesn't actually
152 send the packet but creates the packet and fills the outgoing data
153 buffer and marks the packet ready to be sent to network. However, If
154 argument force_send is TRUE the packet is sent immediately and not put
155 to queue. Normal case is that the packet is not sent immediately.
156 Destination information is sent as argument for this function. */
157
158 void silc_server_packet_send_dest(SilcServer server,
159 SilcSocketConnection sock,
160 SilcPacketType type,
161 SilcPacketFlags flags,
162 void *dst_id,
163 SilcIdType dst_id_type,
164 unsigned char *data,
165 SilcUInt32 data_len,
166 bool force_send)
167 {
168 SilcPacketContext packetdata;
169 const SilcBufferStruct packet;
170 SilcIDListData idata;
171 SilcCipher cipher = NULL;
172 SilcHmac hmac = NULL;
173 SilcUInt32 sequence = 0;
174 unsigned char *dst_id_data = NULL;
175 SilcUInt32 dst_id_len = 0;
176 int block_len = 0;
177
178 /* If disconnecting, ignore the data */
179 if (!sock || SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock))
180 return;
181
182 idata = (SilcIDListData)sock->user_data;
183
184 /* If entry is disabled do not sent anything. Allow hearbeat and
185 rekeys, though */
186 if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED &&
187 type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY &&
188 type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1
189 && type != SILC_PACKET_KEY_EXCHANGE_2) ||
190 (sock->user_data == server->id_entry)) {
191 SILC_LOG_DEBUG(("Connection is disabled"));
192 return;
193 }
194
195 SILC_LOG_DEBUG(("Sending %s packet (forced=%s)",
196 silc_get_packet_name(type), force_send ? "yes" : "no"));
197
198 if (dst_id) {
199 dst_id_data = silc_id_id2str(dst_id, dst_id_type);
200 dst_id_len = silc_id_get_len(dst_id, dst_id_type);
201 }
202
203 if (idata) {
204 cipher = idata->send_key;
205 hmac = idata->hmac_send;
206 sequence = idata->psn_send++;
207 if (cipher)
208 block_len = silc_cipher_get_block_len(cipher);
209
210 /* Check for mandatory rekey */
211 if (sequence == SILC_SERVER_REKEY_THRESHOLD)
212 silc_schedule_task_add(server->schedule, sock->sock,
213 silc_server_rekey_callback, sock, 0, 1,
214 SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
215 }
216
217 /* Set the packet context pointers */
218 packetdata.type = type;
219 packetdata.flags = flags;
220 packetdata.src_id = silc_id_id2str(server->id, SILC_ID_SERVER);
221 packetdata.src_id_len = silc_id_get_len(server->id, SILC_ID_SERVER);
222 packetdata.src_id_type = SILC_ID_SERVER;
223 packetdata.dst_id = dst_id_data;
224 packetdata.dst_id_len = dst_id_len;
225 packetdata.dst_id_type = dst_id_type;
226 data_len = SILC_PACKET_DATALEN(data_len, (SILC_PACKET_HEADER_LEN +
227 packetdata.src_id_len +
228 packetdata.dst_id_len));
229 packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
230 packetdata.src_id_len + dst_id_len;
231 if (type == SILC_PACKET_CONNECTION_AUTH)
232 SILC_PACKET_PADLEN_MAX(packetdata.truelen, block_len, packetdata.padlen);
233 else
234 SILC_PACKET_PADLEN(packetdata.truelen, block_len, packetdata.padlen);
235
236 /* Create the outgoing packet */
237 if (!silc_packet_assemble(&packetdata, NULL, cipher, hmac, sock,
238 data, data_len, (const SilcBuffer)&packet)) {
239 SILC_LOG_ERROR(("Cannot assemble packet"));
240 goto out;
241 }
242
243 /* Encrypt the packet */
244 silc_packet_encrypt(cipher, hmac, sequence, (SilcBuffer)&packet, packet.len);
245
246 SILC_LOG_HEXDUMP(("Outgoing packet (%d), len %d", sequence, packet.len),
247 packet.data, packet.len);
248
249 /* Now actually send the packet */
250 silc_server_packet_send_real(server, sock, force_send);
251
252 out:
253 silc_free(packetdata.src_id);
254 silc_free(packetdata.dst_id);
255 }
256
257 /* Assembles a new packet to be sent out to network. This doesn't actually
258 send the packet but creates the packet and fills the outgoing data
259 buffer and marks the packet ready to be sent to network. However, If
260 argument force_send is TRUE the packet is sent immediately and not put
261 to queue. Normal case is that the packet is not sent immediately.
262 The source and destination information is sent as argument for this
263 function. */
264
265 void silc_server_packet_send_srcdest(SilcServer server,
266 SilcSocketConnection sock,
267 SilcPacketType type,
268 SilcPacketFlags flags,
269 void *src_id,
270 SilcIdType src_id_type,
271 void *dst_id,
272 SilcIdType dst_id_type,
273 unsigned char *data,
274 SilcUInt32 data_len,
275 bool force_send)
276 {
277 SilcPacketContext packetdata;
278 const SilcBufferStruct packet;
279 SilcIDListData idata;
280 SilcCipher cipher = NULL;
281 SilcHmac hmac = NULL;
282 SilcUInt32 sequence = 0;
283 unsigned char *dst_id_data = NULL;
284 SilcUInt32 dst_id_len = 0;
285 unsigned char *src_id_data = NULL;
286 SilcUInt32 src_id_len = 0;
287 int block_len = 0;
288
289 SILC_LOG_DEBUG(("Sending %s packet", silc_get_packet_name(type)));
290
291 if (!sock)
292 return;
293
294 /* Get data used in the packet sending, keys and stuff */
295 idata = (SilcIDListData)sock->user_data;
296
297 /* If entry is disabled do not sent anything. Allow hearbeat and
298 rekeys, though */
299 if ((idata && idata->status & SILC_IDLIST_STATUS_DISABLED &&
300 type != SILC_PACKET_HEARTBEAT && type != SILC_PACKET_REKEY &&
301 type != SILC_PACKET_REKEY_DONE && type != SILC_PACKET_KEY_EXCHANGE_1
302 && type != SILC_PACKET_KEY_EXCHANGE_2) ||
303 (sock->user_data == server->id_entry)) {
304 SILC_LOG_DEBUG(("Connection is disabled"));
305 return;
306 }
307
308 if (idata) {
309 cipher = idata->send_key;
310 hmac = idata->hmac_send;
311 sequence = idata->psn_send++;
312 block_len = silc_cipher_get_block_len(cipher);
313
314 /* Check for mandatory rekey */
315 if (sequence == SILC_SERVER_REKEY_THRESHOLD)
316 silc_schedule_task_add(server->schedule, sock->sock,
317 silc_server_rekey_callback, sock, 0, 1,
318 SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
319 }
320
321 if (dst_id) {
322 dst_id_data = silc_id_id2str(dst_id, dst_id_type);
323 dst_id_len = silc_id_get_len(dst_id, dst_id_type);
324 }
325
326 if (src_id) {
327 src_id_data = silc_id_id2str(src_id, src_id_type);
328 src_id_len = silc_id_get_len(src_id, src_id_type);
329 }
330
331 /* Set the packet context pointers */
332 packetdata.type = type;
333 packetdata.flags = flags;
334 packetdata.src_id = src_id_data;
335 packetdata.src_id_len = src_id_len;
336 packetdata.src_id_type = src_id_type;
337 packetdata.dst_id = dst_id_data;
338 packetdata.dst_id_len = dst_id_len;
339 packetdata.dst_id_type = dst_id_type;
340 data_len = SILC_PACKET_DATALEN(data_len, (SILC_PACKET_HEADER_LEN +
341 packetdata.src_id_len +
342 dst_id_len));
343 packetdata.truelen = data_len + SILC_PACKET_HEADER_LEN +
344 packetdata.src_id_len + dst_id_len;
345 SILC_PACKET_PADLEN(packetdata.truelen, block_len, packetdata.padlen);
346
347 /* Create the outgoing packet */
348 if (!silc_packet_assemble(&packetdata, NULL, cipher, hmac, sock, data,
349 data_len, (const SilcBuffer)&packet)) {
350 SILC_LOG_ERROR(("Cannot assemble packe"));
351 goto out;
352 }
353
354 /* Encrypt the packet */
355 silc_packet_encrypt(cipher, hmac, sequence, (SilcBuffer)&packet, packet.len);
356
357 SILC_LOG_HEXDUMP(("Outgoing packet (%d), len %d", sequence, packet.len),
358 packet.data, packet.len);
359
360 /* Now actually send the packet */
361 silc_server_packet_send_real(server, sock, force_send);
362
363 out:
364 silc_free(packetdata.src_id);
365 silc_free(packetdata.dst_id);
366 }
367
368 /* Broadcast received packet to our primary route. This function is used
369 by router to further route received broadcast packet. It is expected
370 that the broadcast flag from the packet is checked before calling this
371 function. This does not test or set the broadcast flag. */
372
373 void silc_server_packet_broadcast(SilcServer server,
374 SilcSocketConnection sock,
375 SilcPacketContext *packet)
376 {
377 SilcBuffer buffer = packet->buffer;
378 SilcIDListData idata;
379 void *id;
380
381 if (!sock)
382 return;
383
384 SILC_LOG_DEBUG(("Broadcasting received broadcast packet"));
385
386 /* If the packet is originated from our primary route we are
387 not allowed to send the packet. */
388 id = silc_id_str2id(packet->src_id, packet->src_id_len, packet->src_id_type);
389 if (id && !SILC_ID_SERVER_COMPARE(id, server->router->id)) {
390 const SilcBufferStruct p;
391
392 idata = (SilcIDListData)sock->user_data;
393
394 silc_buffer_push(buffer, buffer->data - buffer->head);
395 if (!silc_packet_send_prepare(sock, 0, 0, buffer->len, idata->hmac_send,
396 (const SilcBuffer)&p)) {
397 SILC_LOG_ERROR(("Cannot send packet"));
398 silc_free(id);
399 return;
400 }
401 silc_buffer_put((SilcBuffer)&p, buffer->data, buffer->len);
402 silc_packet_encrypt(idata->send_key, idata->hmac_send, idata->psn_send++,
403 (SilcBuffer)&p, p.len);
404
405 SILC_LOG_HEXDUMP(("Broadcasted packet (%d), len %d", idata->psn_send - 1,
406 p.len), p.data, p.len);
407
408 /* Now actually send the packet */
409 silc_server_packet_send_real(server, sock, TRUE);
410 silc_free(id);
411
412 /* Check for mandatory rekey */
413 if (idata->psn_send == SILC_SERVER_REKEY_THRESHOLD)
414 silc_schedule_task_add(server->schedule, sock->sock,
415 silc_server_rekey_callback, sock, 0, 1,
416 SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
417 return;
418 }
419
420 SILC_LOG_DEBUG(("Will not broadcast to primary route since it is the "
421 "original sender of this packet"));
422 silc_free(id);
423 }
424
425 /* Routes received packet to `sock'. This is used to route the packets that
426 router receives but are not destined to it. */
427
428 void silc_server_packet_route(SilcServer server,
429 SilcSocketConnection sock,
430 SilcPacketContext *packet)
431 {
432 SilcBuffer buffer = packet->buffer;
433 const SilcBufferStruct p;
434 SilcIDListData idata;
435
436 SILC_LOG_DEBUG(("Routing received packet"));
437
438 idata = (SilcIDListData)sock->user_data;
439
440 silc_buffer_push(buffer, buffer->data - buffer->head);
441 if (!silc_packet_send_prepare(sock, 0, 0, buffer->len, idata->hmac_send,
442 (const SilcBuffer)&p)) {
443 SILC_LOG_ERROR(("Cannot send packet"));
444 return;
445 }
446 silc_buffer_put((SilcBuffer)&p, buffer->data, buffer->len);
447 silc_packet_encrypt(idata->send_key, idata->hmac_send, idata->psn_send++,
448 (SilcBuffer)&p, p.len);
449
450 SILC_LOG_HEXDUMP(("Routed packet (%d), len %d", idata->psn_send - 1,
451 p.len), p.data, p.len);
452
453 /* Now actually send the packet */
454 silc_server_packet_send_real(server, sock, TRUE);
455
456 /* Check for mandatory rekey */
457 if (idata->psn_send == SILC_SERVER_REKEY_THRESHOLD)
458 silc_schedule_task_add(server->schedule, sock->sock,
459 silc_server_rekey_callback, sock, 0, 1,
460 SILC_TASK_TIMEOUT, SILC_TASK_PRI_NORMAL);
461 }
462
463 /* This routine can be used to send a packet to table of clients provided
464 in `clients'. If `route' is FALSE the packet is routed only to local
465 clients (for server locally connected, and for router local cell). */
466
467 void silc_server_packet_send_clients(SilcServer server,
468 SilcHashTable clients,
469 SilcPacketType type,
470 SilcPacketFlags flags,
471 bool route,
472 unsigned char *data,
473 SilcUInt32 data_len,
474 bool force_send)
475 {
476 SilcSocketConnection sock = NULL;
477 SilcHashTableList htl;
478 SilcClientEntry client = NULL;
479 SilcServerEntry *routed = NULL;
480 SilcUInt32 routed_count = 0;
481 bool gone = FALSE;
482 int k;
483
484 if (!silc_hash_table_count(clients))
485 return;
486
487 SILC_LOG_DEBUG(("Sending packet to %d clients",
488 silc_hash_table_count(clients)));
489
490 /* Send to all clients in table */
491 silc_hash_table_list(clients, &htl);
492 while (silc_hash_table_get(&htl, NULL, (void *)&client)) {
493 /* If client has router set it is not locally connected client and
494 we will route the message to the router set in the client. Though,
495 send locally connected server in all cases. */
496 if (server->server_type == SILC_ROUTER && client->router &&
497 ((!route && client->router->router == server->id_entry) || route)) {
498
499 /* Check if we have sent the packet to this route already */
500 for (k = 0; k < routed_count; k++)
501 if (routed[k] == client->router)
502 break;
503 if (k < routed_count)
504 continue;
505
506 /* Route only once to router */
507 sock = (SilcSocketConnection)client->router->connection;
508 if (sock->type == SILC_SOCKET_TYPE_ROUTER) {
509 if (gone)
510 continue;
511 gone = TRUE;
512 }
513
514 /* Send the packet */
515 silc_server_packet_send_dest(server, sock, type, flags,
516 client->router->id, SILC_ID_SERVER,
517 data, data_len, force_send);
518
519 /* Mark this route routed already */
520 routed = silc_realloc(routed, sizeof(*routed) * (routed_count + 1));
521 routed[routed_count++] = client->router;
522 continue;
523 }
524
525 if (client->router)
526 continue;
527
528 /* Send to locally connected client */
529 sock = (SilcSocketConnection)client->connection;
530 if (!sock)
531 continue;
532
533 silc_server_packet_send_dest(server, sock, type, flags,
534 client->id, SILC_ID_CLIENT,
535 data, data_len, force_send);
536 }
537 silc_hash_table_list_reset(&htl);
538 silc_free(routed);
539 }
540
541 /* Internal routine to actually create the channel packet and send it
542 to network. This is common function in channel message sending. If
543 `channel_message' is TRUE this encrypts the message as it is strictly
544 a channel message. If FALSE normal encryption process is used. */
545
546 static void
547 silc_server_packet_send_to_channel_real(SilcServer server,
548 SilcSocketConnection sock,
549 SilcPacketContext *packet,
550 SilcCipher cipher,
551 SilcHmac hmac,
552 SilcUInt32 sequence,
553 unsigned char *data,
554 SilcUInt32 data_len,
555 bool channel_message,
556 bool force_send)
557 {
558 int block_len;
559 const SilcBufferStruct p;
560
561 if (!sock)
562 return;
563
564 data_len = SILC_PACKET_DATALEN(data_len, (SILC_PACKET_HEADER_LEN +
565 packet->src_id_len +
566 packet->dst_id_len));
567 packet->truelen = data_len + SILC_PACKET_HEADER_LEN +
568 packet->src_id_len + packet->dst_id_len;
569
570 block_len = cipher ? silc_cipher_get_block_len(cipher) : 0;
571 if (channel_message)
572 SILC_PACKET_PADLEN((SILC_PACKET_HEADER_LEN +
573 packet->src_id_len +
574 packet->dst_id_len), block_len, packet->padlen);
575 else
576 SILC_PACKET_PADLEN(packet->truelen, block_len, packet->padlen);
577
578 /* Put the data to buffer, assemble and encrypt the packet. The packet
579 is encrypted with normal session key shared with the client, unless
580 the `channel_message' is TRUE. */
581 if (!silc_packet_assemble(packet, NULL, cipher, hmac, sock, data,
582 data_len, (const SilcBuffer)&p)) {
583 SILC_LOG_ERROR(("Cannot assemble packet"));
584 return;
585 }
586
587 if (channel_message)
588 silc_packet_encrypt(cipher, hmac, sequence, (SilcBuffer)&p,
589 SILC_PACKET_HEADER_LEN + packet->src_id_len +
590 packet->dst_id_len + packet->padlen);
591 else
592 silc_packet_encrypt(cipher, hmac, sequence, (SilcBuffer)&p, p.len);
593
594 SILC_LOG_HEXDUMP(("Channel packet (%d), len %d", sequence, p.len),
595 p.data, p.len);
596
597 /* Now actually send the packet */
598 silc_server_packet_send_real(server, sock, force_send);
599 }
600
601 /* This routine is used by the server to send packets to channel. The
602 packet sent with this function is distributed to all clients on
603 the channel. Usually this is used to send notify messages to the
604 channel, things like notify about new user joining to the channel.
605 If `route' is FALSE then the packet is sent only locally and will not
606 be routed anywhere (for router locally means cell wide). If `sender'
607 is provided then the packet is not sent to that connection since it
608 originally came from it. If `send_to_clients' is FALSE then the
609 packet is not sent clients, only servers. */
610
611 void silc_server_packet_send_to_channel(SilcServer server,
612 SilcSocketConnection sender,
613 SilcChannelEntry channel,
614 SilcPacketType type,
615 bool route,
616 bool send_to_clients,
617 unsigned char *data,
618 SilcUInt32 data_len,
619 bool force_send)
620 {
621 SilcSocketConnection sock = NULL;
622 SilcPacketContext packetdata;
623 SilcClientEntry client = NULL;
624 SilcServerEntry *routed = NULL;
625 SilcChannelClientEntry chl;
626 SilcHashTableList htl;
627 SilcIDListData idata;
628 SilcUInt32 routed_count = 0;
629 bool gone = FALSE;
630 int k;
631
632 /* This doesn't send channel message packets */
633 assert(type != SILC_PACKET_CHANNEL_MESSAGE);
634
635 /* Set the packet context pointers. */
636 packetdata.flags = 0;
637 packetdata.type = type;
638 packetdata.src_id = silc_id_id2str(server->id, SILC_ID_SERVER);
639 packetdata.src_id_len = silc_id_get_len(server->id, SILC_ID_SERVER);
640 packetdata.src_id_type = SILC_ID_SERVER;
641 packetdata.dst_id = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
642 packetdata.dst_id_len = silc_id_get_len(channel->id, SILC_ID_CHANNEL);
643 packetdata.dst_id_type = SILC_ID_CHANNEL;
644
645 /* If there are global users in the channel we will send the message
646 first to our router for further routing. */
647 if (route && server->server_type != SILC_ROUTER && !server->standalone &&
648 channel->global_users) {
649 SilcServerEntry router;
650
651 /* Get data used in packet header encryption, keys and stuff. */
652 router = server->router;
653 sock = (SilcSocketConnection)router->connection;
654 idata = (SilcIDListData)router;
655
656 if (sock != sender) {
657 SILC_LOG_DEBUG(("Sending packet to router for routing"));
658 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
659 idata->send_key,
660 idata->hmac_send,
661 idata->psn_send++,
662 data, data_len, FALSE,
663 force_send);
664 }
665 }
666
667 if (!silc_hash_table_count(channel->user_list)) {
668 SILC_LOG_DEBUG(("Channel %s is empty", channel->channel_name));
669 goto out;
670 }
671
672 SILC_LOG_DEBUG(("Sending %s to channel %s",
673 silc_get_packet_name(type), channel->channel_name));
674
675 routed = silc_calloc(silc_hash_table_count(channel->user_list),
676 sizeof(*routed));
677
678 /* Send the message to clients on the channel's client list. */
679 silc_hash_table_list(channel->user_list, &htl);
680 while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
681 client = chl->client;
682 if (!client)
683 continue;
684
685 /* If client has router set it is not locally connected client and
686 we will route the message to the router set in the client. Though,
687 send locally connected server in all cases. */
688 if (server->server_type == SILC_ROUTER && client->router &&
689 ((!route && client->router->router == server->id_entry) || route)) {
690
691 /* Check if we have sent the packet to this route already */
692 for (k = 0; k < routed_count; k++)
693 if (routed[k] == client->router)
694 break;
695 if (k < routed_count)
696 continue;
697
698 /* Get data used in packet header encryption, keys and stuff. */
699 sock = (SilcSocketConnection)client->router->connection;
700 idata = (SilcIDListData)client->router;
701
702 if (sender && sock == sender)
703 continue;
704
705 /* Route only once to router. Protocol prohibits sending channel
706 messages to more than one router. */
707 if (sock->type == SILC_SOCKET_TYPE_ROUTER) {
708 if (gone)
709 continue;
710 gone = TRUE;
711 }
712
713 SILC_LOG_DEBUG(("Sending packet to client %s",
714 client->nickname ? client->nickname :
715 (unsigned char *)""));
716
717 /* Send the packet */
718 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
719 idata->send_key,
720 idata->hmac_send,
721 idata->psn_send++,
722 data, data_len, FALSE,
723 force_send);
724
725 /* Mark this route routed already */
726 routed[routed_count++] = client->router;
727 continue;
728 }
729
730 if (client->router || !send_to_clients)
731 continue;
732
733 /* Send to locally connected client */
734
735 /* Get data used in packet header encryption, keys and stuff. */
736 sock = (SilcSocketConnection)client->connection;
737 idata = (SilcIDListData)client;
738
739 if (!sock || (sender && sock == sender))
740 continue;
741
742 SILC_LOG_DEBUG(("Sending packet to client %s",
743 client->nickname ? client->nickname :
744 (unsigned char *)""));
745
746 /* Send the packet */
747 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
748 idata->send_key,
749 idata->hmac_send,
750 idata->psn_send++,
751 data, data_len, FALSE,
752 force_send);
753 }
754 silc_hash_table_list_reset(&htl);
755
756 out:
757 silc_free(routed);
758 silc_free(packetdata.src_id);
759 silc_free(packetdata.dst_id);
760 }
761
762 /* This checks whether the relayed packet came from router. If it did
763 then we'll need to encrypt it with the channel key. This is called
764 from the silc_server_packet_relay_to_channel. */
765
766 static bool
767 silc_server_packet_relay_to_channel_encrypt(SilcServer server,
768 SilcSocketConnection sock,
769 SilcChannelEntry channel,
770 unsigned char *data,
771 unsigned int data_len)
772 {
773 SilcUInt32 mac_len, iv_len;
774 unsigned char iv[SILC_CIPHER_MAX_IV_SIZE];
775 SilcUInt16 totlen, len;
776
777 /* If we are router and the packet came from router and private key
778 has not been set for the channel then we must encrypt the packet
779 as it was decrypted with the session key shared between us and the
780 router which sent it. This is so, because cells does not share the
781 same channel key. */
782 if (server->server_type == SILC_ROUTER &&
783 sock->type == SILC_SOCKET_TYPE_ROUTER &&
784 !(channel->mode & SILC_CHANNEL_MODE_PRIVKEY) && channel->key) {
785
786 /* If we are backup router and remote is our primary router and
787 we are currently doing backup resuming protocol we must not
788 re-encrypt message with session key. */
789 if (server->backup_router && SILC_SERVER_IS_BACKUP(sock) &&
790 SILC_PRIMARY_ROUTE(server) == sock)
791 return TRUE;
792
793 mac_len = silc_hmac_len(channel->hmac);
794 iv_len = silc_cipher_get_block_len(channel->channel_key);
795
796 if (data_len <= mac_len + iv_len) {
797 SILC_LOG_WARNING(("Corrupted channel message, cannot relay it"));
798 return FALSE;
799 }
800
801 totlen = 2;
802 SILC_GET16_MSB(len, data + totlen);
803 totlen += 2 + len;
804 if (totlen + iv_len + mac_len + 2 > data_len) {
805 SILC_LOG_WARNING(("Corrupted channel message, cannot relay it"));
806 return FALSE;
807 }
808 SILC_GET16_MSB(len, data + totlen);
809 totlen += 2 + len;
810 if (totlen + iv_len + mac_len > data_len) {
811 SILC_LOG_WARNING(("Corrupted channel message, cannot relay it"));
812 return FALSE;
813 }
814
815 memcpy(iv, data + (data_len - iv_len - mac_len), iv_len);
816 silc_message_payload_encrypt(data, totlen, data_len - mac_len,
817 iv, iv_len, channel->channel_key,
818 channel->hmac);
819 }
820
821 return TRUE;
822 }
823
824 /* This routine is explicitly used to relay messages to some channel.
825 Packets sent with this function we have received earlier and are
826 totally encrypted. This just sends the packet to all clients on
827 the channel. If the sender of the packet is someone on the channel
828 the message will not be sent to that client. The SILC Packet header
829 is encrypted with the session key shared between us and the client.
830 MAC is also computed before encrypting the header. Rest of the
831 packet will be untouched. */
832
833 void silc_server_packet_relay_to_channel(SilcServer server,
834 SilcSocketConnection sender_sock,
835 SilcChannelEntry channel,
836 void *sender_id,
837 SilcIdType sender_type,
838 SilcClientEntry sender_entry,
839 unsigned char *data,
840 SilcUInt32 data_len,
841 bool force_send)
842 {
843 SilcSocketConnection sock = NULL;
844 SilcPacketContext packetdata;
845 SilcClientEntry client = NULL;
846 SilcServerEntry *routed = NULL;
847 SilcChannelClientEntry chl, chl_sender;
848 SilcUInt32 routed_count = 0;
849 SilcIDListData idata;
850 SilcHashTableList htl;
851 bool gone = FALSE;
852 int k;
853
854 if (!silc_server_client_on_channel(sender_entry, channel, &chl_sender))
855 return;
856
857 SILC_LOG_DEBUG(("Relaying packet to channel %s", channel->channel_name));
858
859 /* This encrypts the packet, if needed. It will be encrypted if
860 it came from the router thus it needs to be encrypted with the
861 channel key. If the channel key does not exist, then we know we
862 don't have a single local user on the channel. */
863 if (!silc_server_packet_relay_to_channel_encrypt(server, sender_sock,
864 channel, data,
865 data_len))
866 return;
867
868 /* Set the packet context pointers. */
869 packetdata.flags = 0;
870 packetdata.type = SILC_PACKET_CHANNEL_MESSAGE;
871 packetdata.src_id = silc_id_id2str(sender_id, sender_type);
872 packetdata.src_id_len = silc_id_get_len(sender_id, sender_type);
873 packetdata.src_id_type = sender_type;
874 packetdata.dst_id = silc_id_id2str(channel->id, SILC_ID_CHANNEL);
875 packetdata.dst_id_len = silc_id_get_len(channel->id, SILC_ID_CHANNEL);
876 packetdata.dst_id_type = SILC_ID_CHANNEL;
877
878 /* If there are global users in the channel we will send the message
879 first to our router for further routing. */
880 if (server->server_type != SILC_ROUTER && !server->standalone &&
881 channel->global_users) {
882 SilcServerEntry router = server->router;
883
884 /* Check that the sender is not our router. */
885 if (sender_sock != (SilcSocketConnection)router->connection) {
886
887 /* Get data used in packet header encryption, keys and stuff. */
888 sock = (SilcSocketConnection)router->connection;
889 idata = (SilcIDListData)router;
890
891 SILC_LOG_DEBUG(("Sending message to router for routing"));
892
893 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
894 idata->send_key,
895 idata->hmac_send,
896 idata->psn_send++,
897 data, data_len, TRUE,
898 force_send);
899 }
900 }
901
902 routed = silc_calloc(silc_hash_table_count(channel->user_list),
903 sizeof(*routed));
904
905 /* Assure we won't route the message back to the sender's way. */
906 if (sender_entry->router)
907 routed[routed_count++] = sender_entry->router;
908
909 /* Send the message to clients on the channel's client list. */
910 silc_hash_table_list(channel->user_list, &htl);
911 while (silc_hash_table_get(&htl, NULL, (void *)&chl)) {
912 client = chl->client;
913 if (!client || client == sender_entry)
914 continue;
915
916 /* Check whether message sending is blocked */
917 if (chl->mode & SILC_CHANNEL_UMODE_BLOCK_MESSAGES)
918 continue;
919 if (chl->mode & SILC_CHANNEL_UMODE_BLOCK_MESSAGES_USERS &&
920 !(chl_sender->mode & SILC_CHANNEL_UMODE_CHANOP) &&
921 !(chl_sender->mode & SILC_CHANNEL_UMODE_CHANFO))
922 continue;
923 if (chl->mode & SILC_CHANNEL_UMODE_BLOCK_MESSAGES_ROBOTS &&
924 sender_entry->mode & SILC_UMODE_ROBOT)
925 continue;
926
927 /* If the client has set router it means that it is not locally
928 connected client and we will route the packet further. */
929 if (server->server_type == SILC_ROUTER && client->router) {
930
931 /* Check if we have sent the packet to this route already */
932 for (k = 0; k < routed_count; k++)
933 if (routed[k] == client->router)
934 break;
935 if (k < routed_count)
936 continue;
937
938 /* Get data used in packet header encryption, keys and stuff. */
939 sock = (SilcSocketConnection)client->router->connection;
940 idata = (SilcIDListData)client->router;
941
942 /* Check if the sender socket is the same as this client's router
943 socket. */
944 if (sender_sock && sock == sender_sock)
945 continue;
946
947 SILC_LOG_DEBUG(("Relaying packet to client ID(%s) %s (%s)",
948 silc_id_render(client->id, SILC_ID_CLIENT),
949 sock->hostname, sock->ip));
950
951 /* Mark this route routed already. */
952 routed[routed_count++] = client->router;
953
954 if (sock->type == SILC_SOCKET_TYPE_ROUTER) {
955 /* The remote connection is router then we'll decrypt the
956 channel message and re-encrypt it with the session key shared
957 between us and the remote router. This is done because the
958 channel keys are cell specific and we have different channel
959 key than the remote router has. */
960
961 /* Route only once to router. Protocol prohibits sending channel
962 messages to more than one router. */
963 if (gone)
964 continue;
965 gone = TRUE;
966
967 /* If we are backup router and remote is our primary router and
968 we are currently doing backup resuming protocol we must not
969 re-encrypt message with session key. */
970 if (server->backup_router && SILC_SERVER_IS_BACKUP(sock) &&
971 SILC_PRIMARY_ROUTE(server) == sock) {
972 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
973 idata->send_key,
974 idata->hmac_send,
975 idata->psn_send++,
976 data, data_len, TRUE,
977 force_send);
978 continue;
979 }
980
981 SILC_LOG_DEBUG(("Remote is router, encrypt with session key"));
982
983 /* If private key mode is not set then decrypt the packet
984 and re-encrypt it */
985 if (!(channel->mode & SILC_CHANNEL_MODE_PRIVKEY) &&
986 channel->channel_key) {
987 unsigned char tmp[SILC_PACKET_MAX_LEN];
988
989 if (data_len > SILC_PACKET_MAX_LEN)
990 data_len = SILC_PACKET_MAX_LEN;
991 memcpy(tmp, data, data_len);
992
993 /* Decrypt the channel message (we don't check the MAC) */
994 silc_message_payload_decrypt(tmp, data_len, FALSE, FALSE,
995 channel->channel_key,
996 channel->hmac, FALSE);
997
998 /* Now re-encrypt and send it to the router */
999 silc_server_packet_send_srcdest(server, sock,
1000 SILC_PACKET_CHANNEL_MESSAGE, 0,
1001 sender_id, sender_type,
1002 channel->id, SILC_ID_CHANNEL,
1003 tmp, data_len, force_send);
1004 } else {
1005 /* Private key mode is set, we don't have the channel key, so
1006 just re-encrypt the entire packet and send it to the router. */
1007 silc_server_packet_send_srcdest(server, sock,
1008 SILC_PACKET_CHANNEL_MESSAGE, 0,
1009 sender_id, sender_type,
1010 channel->id, SILC_ID_CHANNEL,
1011 data, data_len, force_send);
1012 }
1013 } else {
1014 /* Send the packet to normal server */
1015 silc_server_packet_send_to_channel_real(server, sock, &packetdata,
1016 idata->send_key,
1017 idata->hmac_send,
1018 idata->psn_send++,
1019 data, data_len, TRUE,
1020 force_send);
1021 }
1022
1023 continue;
1024 }
1025
1026 if (client->router)
1027 continue;
1028
1029 /* Get data used in packet header encryption, keys and stuff. */
1030 sock = (SilcSocketConnection)client->connection;
1031 idata = (SilcIDListData)client;
1032
1033 if (!sock || (sender_sock && sock == sender_sock))
1034 continue;
1035
1036 SILC_LOG_DEBUG(("Sending packet to client ID(%s) %s (%s)",
1037 silc_id_render(client->