From bffe80f3d28356003c3ca24e3933910d5968697d Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Fri, 15 Jun 2012 03:28:42 +0200
Subject: Avoid using the same handshake key to establish more than one session

This fix prevents a potential attack using intentional packet reordering to
initialize more than one session with using the same handshake keys, leading
to more that one session to be initialized with the same key data altogether,
allowing to decrypt some packets in the worst case.
---
 src/method_null.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/method_null.c')

diff --git a/src/method_null.c b/src/method_null.c
index 848f62d..e8b3fca 100644
--- a/src/method_null.c
+++ b/src/method_null.c
@@ -35,7 +35,7 @@ static size_t method_min_head_space(fastd_context *ctx) {
 	return 0;
 }
 
-static fastd_method_session_state* method_session_init(fastd_context *ctx, uint8_t *secret, size_t length, bool initiator, fastd_method_session_state *old_session) {
+static fastd_method_session_state* method_session_init(fastd_context *ctx, uint8_t *secret, size_t length, bool initiator) {
 	if (initiator)
 		return (fastd_method_session_state*)1;
 	else
-- 
cgit v1.2.3