Don't regenerate session handshake keypair for every handshake so a global state can be used; remove the concept of temporary peers

These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely.
author: Matthias Schiffer <mschiffer@universe-factory.net> 2012-04-19 17:42:56 +0200
committer: Matthias Schiffer <mschiffer@universe-factory.net> 2012-04-19 17:42:56 +0200
commit: 8c91443808ce376947ff387eaffca6e8cfbe9251 (patch)
tree: 227a4367a2c013bbee40dc99c8abafc52da5ee2e /src/method_xsalsa20_poly1305.c
parent: c5b12202c834fe484634131ee9a91465b9e6e7bc (diff)
download: fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.tar
fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/method_xsalsa20_poly1305.c b/src/method_xsalsa20_poly1305.c
index 5194a4d..9331265 100644
--- a/src/method_xsalsa20_poly1305.c
+++ b/src/method_xsalsa20_poly1305.c
@@ -118,7 +118,7 @@ static bool method_session_is_initiator(fastd_context *ctx, fastd_method_session
 }
 
 static bool method_session_want_refresh(fastd_context *ctx, fastd_method_session_state *session) {
-	return (method_session_is_initiator(ctx, session) && timespec_after(&ctx->now, &session->refresh_after));
+	return timespec_after(&ctx->now, &session->refresh_after);
 }
 
 static void method_session_free(fastd_context *ctx, fastd_method_session_state *session) {
author	Matthias Schiffer <mschiffer@universe-factory.net>	2012-04-19 17:42:56 +0200
committer	Matthias Schiffer <mschiffer@universe-factory.net>	2012-04-19 17:42:56 +0200
commit	8c91443808ce376947ff387eaffca6e8cfbe9251 (patch)
tree	227a4367a2c013bbee40dc99c8abafc52da5ee2e /src/method_xsalsa20_poly1305.c
parent	c5b12202c834fe484634131ee9a91465b9e6e7bc (diff)
download	fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.tar fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.zip