[freenet-cvs] r16189 - trunk/freenet/src/freenet/node
nextgens at freenetproject.org
nextgens at freenetproject.org
Sat Dec 1 17:00:49 UTC 2007
Author: nextgens
Date: 2007-12-01 17:00:49 +0000 (Sat, 01 Dec 2007)
New Revision: 16189
Modified:
trunk/freenet/src/freenet/node/FNPPacketMangler.java
Log:
JFK: block message3 processing if we are already connected with a fresh handshake
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01 17:00:15 UTC (rev 16188)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01 17:00:49 UTC (rev 16189)
@@ -733,7 +733,9 @@
if(!mac.verify(getTransientKey(), assembleJFKAuthenticator(responderExponential, initiatorExponential, nonceResponder, nonceInitiator, replyTo.getAddress().getAddress()) , authenticator)) {
Logger.error(this, "The HMAC doesn't match; let's discard the packet (either we rekeyed or we are victim of forgery)");
return;
- }
+ } else if(pn.isConnected() && !pn.firstHandshake)
+ return;
+
// Check try to find the authenticator in the cache.
// If authenticator is already present, indicates duplicate/replayed message3
// Now simply transmit the corresponding message4
More information about the cvs
mailing list