Invalidate old session on method changes

1 files changed, 7 insertions, 1 deletions

diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c
index b963185..78f5ebf 100644
--- a/src/protocol_ec25519_fhmqvc.c
+++ b/src/protocol_ec25519_fhmqvc.c
@@ -368,6 +368,12 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_meth
 			peer->protocol_state->session.method->session_free(ctx, peer->protocol_state->session.method_state);
 	}
 
+	if (peer->protocol_state->old_session.method && peer->protocol_state->old_session.method != method) {
+		pr_debug(ctx, "method of %P[%I] has changed, terminating old session", peer, remote_addr);
+		peer->protocol_state->old_session.method->session_free(ctx, peer->protocol_state->old_session.method_state);
+		peer->protocol_state->old_session = (protocol_session_t){};
+	}
+
 	memcpy(hashinput, X->p, PUBLICKEYBYTES);
 	memcpy(hashinput+PUBLICKEYBYTES, Y->p, PUBLICKEYBYTES);
 	memcpy(hashinput+2*PUBLICKEYBYTES, A->p, PUBLICKEYBYTES);
@@ -799,7 +805,7 @@ static void protocol_handle_recv(fastd_context_t *ctx, fastd_peer_t *peer, fastd
 			if (peer->protocol_state->old_session.method_state) {
 				pr_debug(ctx, "invalidating old session with %P", peer);
 				peer->protocol_state->old_session.method->session_free(ctx, peer->protocol_state->old_session.method_state);
-				peer->protocol_state->old_session.method_state = NULL;
+				peer->protocol_state->old_session = (protocol_session_t){};
 			}
 
 			if (!peer->protocol_state->session.handshakes_cleaned) {