[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r36427 - gnunet/src/cadet
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r36427 - gnunet/src/cadet |
|
Date: |
Fri, 2 Oct 2015 05:37:53 +0200 |
Author: bartpolot
Date: 2015-10-02 05:37:53 +0200 (Fri, 02 Oct 2015)
New Revision: 36427
Modified:
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
Log:
Don't reset axolotl state on receipt of a pseudo-duplicate AX key exchange.
Pseudo duplicate means same handshake key but different ratchet key. This
can happen if Alice's first KX message is lost, she receives Bob's KX and
send a payload message herself, advancing her ratchet. If Bob doesn't send
a payload message fast enough, or it gets lost, Alice will retransmit her
KX message, this time with a different ratchet key. If Bob only checks the
ratchet key (the handshake keys are discarded) it could reset the Axolotl
status and re-use keys for messages that got lost/delayed.
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-10-02 03:37:52 UTC
(rev 36426)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-10-02 03:37:53 UTC
(rev 36427)
@@ -3019,6 +3019,11 @@
salt, sizeof (salt),
&key_material, sizeof (key_material), NULL);
+ if (0 == memcmp (&ax->RK, &keys[0], sizeof(ax->RK)))
+ {
+ LOG (GNUNET_ERROR_TYPE_INFO, " known handshake key, exit\n");
+ return;
+ }
ax->RK = keys[0];
if (GNUNET_YES == am_I_alice)
{
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r36427 - gnunet/src/cadet,
gnunet <=