summaryrefslogtreecommitdiffstats
path: root/src/protocol_ec25519_fhmqvc.c
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2012-06-04 19:55:57 +0200
committerMatthias Schiffer <mschiffer@universe-factory.net>2012-06-04 19:55:57 +0200
commit210a447124c836c3200aa7c104c2c8576a119697 (patch)
tree060b4ffba690330c55e95cc86ccc748415a39f66 /src/protocol_ec25519_fhmqvc.c
parentf2bb9fd6d433440f49dcea9d47f519d23388847f (diff)
downloadfastd-210a447124c836c3200aa7c104c2c8576a119697.tar
fastd-210a447124c836c3200aa7c104c2c8576a119697.zip
Fix key invalidation order on key refresh
Diffstat (limited to 'src/protocol_ec25519_fhmqvc.c')
-rw-r--r--src/protocol_ec25519_fhmqvc.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c
index 29fe280..96ee428 100644
--- a/src/protocol_ec25519_fhmqvc.c
+++ b/src/protocol_ec25519_fhmqvc.c
@@ -644,6 +644,12 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf
if (ctx->conf->method->decrypt(ctx, peer->protocol_state->session.method_state, &recv_buffer, buffer)) {
ok = true;
+ if (peer->protocol_state->old_session.method_state) {
+ pr_debug(ctx, "invalidating old session with %P", peer);
+ ctx->conf->method->session_free(ctx, peer->protocol_state->old_session.method_state);
+ peer->protocol_state->old_session.method_state = NULL;
+ }
+
if (!peer->protocol_state->session.handshakes_cleaned) {
pr_debug(ctx, "cleaning left handshakes with %P", peer);
fastd_task_delete_peer_handshakes(ctx, peer);
@@ -653,12 +659,6 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf
protocol_send(ctx, peer, fastd_buffer_alloc(0, ctx->conf->method->min_encrypt_head_space(ctx), 0));
}
- if (peer->protocol_state->old_session.method_state) {
- pr_debug(ctx, "invalidating old session with %P", peer);
- ctx->conf->method->session_free(ctx, peer->protocol_state->old_session.method_state);
- peer->protocol_state->old_session.method_state = NULL;
- }
-
check_session_refresh(ctx, peer);
}
}