summaryrefslogtreecommitdiffstats
path: root/src/methods
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-11-14 23:16:43 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-11-14 23:16:43 +0100
commitbef39b72834173e969efc6cee10145300a3af94c (patch)
treedb967f3089ce21322d8a7beb1ae2badf67c82176 /src/methods
parentb05b3f32354f7fe9cefee74ea18020fd8069bc10 (diff)
downloadfastd-bef39b72834173e969efc6cee10145300a3af94c.tar
fastd-bef39b72834173e969efc6cee10145300a3af94c.zip
Ensure sessions are invalidated before the nonce wraps
While it isn't realistic for the nonce to wrap in less than one hour, it's better to check for this.
Diffstat (limited to 'src/methods')
-rw-r--r--src/methods/common.h11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/methods/common.h b/src/methods/common.h
index 0769a6c..6be32e9 100644
--- a/src/methods/common.h
+++ b/src/methods/common.h
@@ -51,6 +51,9 @@ bool fastd_method_reorder_check(fastd_context_t *ctx, fastd_peer_t *peer, fastd_
static inline bool fastd_method_session_common_is_valid(fastd_context_t *ctx, const fastd_method_common_t *session) {
+ if (session->send_nonce[COMMON_NONCEBYTES-1] == 0xff && session->send_nonce[COMMON_NONCEBYTES-2] == 0xff)
+ return false;
+
return (timespec_after(&session->valid_till, &ctx->now));
}
@@ -59,7 +62,13 @@ static inline bool fastd_method_session_common_is_initiator(const fastd_method_c
}
static inline bool fastd_method_session_common_want_refresh(fastd_context_t *ctx, const fastd_method_common_t *session) {
- return fastd_method_session_common_is_initiator(session) && timespec_after(&ctx->now, &session->refresh_after);
+ if (session->send_nonce[COMMON_NONCEBYTES-1] == 0xff)
+ return true;
+
+ if (fastd_method_session_common_is_initiator(session) && timespec_after(&ctx->now, &session->refresh_after))
+ return true;
+
+ return false;
}
static inline void fastd_method_session_common_superseded(fastd_context_t *ctx, fastd_method_common_t *session) {