From dba817c84f3dab4f7cd4a449ab16fed4d3cc1fa8 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sun, 1 Apr 2012 04:31:32 +0200 Subject: Don't refresh a session before old handshakes are cleaned up --- src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c index 886a372..0376239 100644 --- a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c +++ b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c @@ -674,8 +674,6 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf goto end; } - check_session_refresh(ctx, peer); - uint8_t nonce[crypto_secretbox_xsalsa20poly1305_NONCEBYTES]; memcpy(nonce, buffer.data, NONCEBYTES); memset(nonce+NONCEBYTES, 0, crypto_secretbox_xsalsa20poly1305_NONCEBYTES-NONCEBYTES); @@ -716,6 +714,8 @@ static void protocol_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buf pr_debug(ctx, "invalidating old session with %P", peer); memset(&peer->protocol_state->old_session, 0, sizeof(protocol_session)); } + + check_session_refresh(ctx, peer); } else { pr_debug(ctx, "verification failed for packet received from %P", peer); -- cgit v1.2.3