From 210a447124c836c3200aa7c104c2c8576a119697 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Mon, 4 Jun 2012 19:55:57 +0200
Subject: Fix key invalidation order on key refresh

---
 src/protocol_ec25519_fhmqvc.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c
index 29fe280..96ee428 100644
--- a/src/protocol_ec25519_fhmqvc.c
+++ b/src/protocol_ec25519_fhmqvc.c
@@ -644,6 +644,12 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf
 		if (ctx->conf->method->decrypt(ctx, peer->protocol_state->session.method_state, &recv_buffer, buffer)) {
 			ok = true;
 
+			if (peer->protocol_state->old_session.method_state) {
+				pr_debug(ctx, "invalidating old session with %P", peer);
+				ctx->conf->method->session_free(ctx, peer->protocol_state->old_session.method_state);
+				peer->protocol_state->old_session.method_state = NULL;
+			}
+
 			if (!peer->protocol_state->session.handshakes_cleaned) {
 				pr_debug(ctx, "cleaning left handshakes with %P", peer);
 				fastd_task_delete_peer_handshakes(ctx, peer);
@@ -653,12 +659,6 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf
 					protocol_send(ctx, peer, fastd_buffer_alloc(0, ctx->conf->method->min_encrypt_head_space(ctx), 0));
 			}
 
-			if (peer->protocol_state->old_session.method_state) {
-				pr_debug(ctx, "invalidating old session with %P", peer);
-				ctx->conf->method->session_free(ctx, peer->protocol_state->old_session.method_state);
-				peer->protocol_state->old_session.method_state = NULL;
-			}
-
 			check_session_refresh(ctx, peer);
 		}
 	}
-- 
cgit v1.2.3