From 8c91443808ce376947ff387eaffca6e8cfbe9251 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Thu, 19 Apr 2012 17:42:56 +0200
Subject: Don't regenerate session handshake keypair for every handshake so a
 global state can be used; remove the concept of temporary peers

These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another
protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs
are removed completely.
---
 src/method_xsalsa20_poly1305.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/method_xsalsa20_poly1305.c')

diff --git a/src/method_xsalsa20_poly1305.c b/src/method_xsalsa20_poly1305.c
index 5194a4d..9331265 100644
--- a/src/method_xsalsa20_poly1305.c
+++ b/src/method_xsalsa20_poly1305.c
@@ -118,7 +118,7 @@ static bool method_session_is_initiator(fastd_context *ctx, fastd_method_session
 }
 
 static bool method_session_want_refresh(fastd_context *ctx, fastd_method_session_state *session) {
-	return (method_session_is_initiator(ctx, session) && timespec_after(&ctx->now, &session->refresh_after));
+	return timespec_after(&ctx->now, &session->refresh_after);
 }
 
 static void method_session_free(fastd_context *ctx, fastd_method_session_state *session) {
-- 
cgit v1.2.3