diff options
author | Bart Polot <bart@net.in.tum.de> | 2014-12-15 07:17:36 +0000 |
---|---|---|
committer | Bart Polot <bart@net.in.tum.de> | 2014-12-15 07:17:36 +0000 |
commit | aa5162c3ecb84acd1e8544cac884cc57be0f5d62 (patch) | |
tree | b7a21a7b5ad8f32da46c7ed9ae331c14b6312507 /src/cadet/gnunet-service-cadet_tunnel.c | |
parent | 2e567d1289cff312f3f42b57086a4a0ca5e80ba2 (diff) | |
download | gnunet-aa5162c3ecb84acd1e8544cac884cc57be0f5d62.tar.gz gnunet-aa5162c3ecb84acd1e8544cac884cc57be0f5d62.zip |
Fix conservation of old keys in case of simultaneous KX:
when creating a new kx_ctx, copy old keys based on tunnel estate, not finish_task
Diffstat (limited to 'src/cadet/gnunet-service-cadet_tunnel.c')
-rw-r--r-- | src/cadet/gnunet-service-cadet_tunnel.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/cadet/gnunet-service-cadet_tunnel.c b/src/cadet/gnunet-service-cadet_tunnel.c index 1be70594e..ebd019a32 100644 --- a/src/cadet/gnunet-service-cadet_tunnel.c +++ b/src/cadet/gnunet-service-cadet_tunnel.c | |||
@@ -865,8 +865,8 @@ derive_symmertic (struct GNUNET_CRYPTO_SymmetricSessionKey *key, | |||
865 | /** | 865 | /** |
866 | * Create a new Key eXchange context for the tunnel. | 866 | * Create a new Key eXchange context for the tunnel. |
867 | * | 867 | * |
868 | * If context exists, just cancels the finish_task, does not create new nonce. | 868 | * If the old keys were verified, keep them for old traffic. Create a new KX |
869 | * Otherwise copies the keys, timestamps the KX and creates a new nonce. | 869 | * timestamp and a new nonce. |
870 | * | 870 | * |
871 | * @param t Tunnel for which to create the KX ctx. | 871 | * @param t Tunnel for which to create the KX ctx. |
872 | */ | 872 | */ |
@@ -883,14 +883,19 @@ create_kx_ctx (struct CadetTunnel *t) | |||
883 | GNUNET_SCHEDULER_cancel (t->kx_ctx->finish_task); | 883 | GNUNET_SCHEDULER_cancel (t->kx_ctx->finish_task); |
884 | t->kx_ctx->finish_task = GNUNET_SCHEDULER_NO_TASK; | 884 | t->kx_ctx->finish_task = GNUNET_SCHEDULER_NO_TASK; |
885 | } | 885 | } |
886 | return; | 886 | } |
887 | else | ||
888 | { | ||
889 | t->kx_ctx = GNUNET_new (struct CadetTunnelKXCtx); | ||
887 | } | 890 | } |
888 | 891 | ||
889 | t->kx_ctx = GNUNET_new (struct CadetTunnelKXCtx); | ||
890 | t->kx_ctx->challenge = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, | 892 | t->kx_ctx->challenge = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, |
891 | UINT32_MAX); | 893 | UINT32_MAX); |
892 | t->kx_ctx->d_key_old = t->d_key; | 894 | if (CADET_TUNNEL_KEY_OK == t->estate) |
893 | t->kx_ctx->e_key_old = t->e_key; | 895 | { |
896 | t->kx_ctx->d_key_old = t->d_key; | ||
897 | t->kx_ctx->e_key_old = t->e_key; | ||
898 | } | ||
894 | t->kx_ctx->rekey_start_time = GNUNET_TIME_absolute_get (); | 899 | t->kx_ctx->rekey_start_time = GNUNET_TIME_absolute_get (); |
895 | } | 900 | } |
896 | 901 | ||