diff options
| author |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2017-09-20 09:26:08 +0200 |
|---|---|---|
| committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2017-09-20 09:26:08 +0200 |
| commit | 47a21c8bb08c84d5f84e66ffd3b81ded957dda6d (patch) | |
| tree | 99006a48c9aff4ba4c8bef0ae771715a20f1e2e2 /src/timers.go | |
| parent | Improved readability of send/receive code (diff) | |
| download | wireguard-go-47a21c8bb08c84d5f84e66ffd3b81ded957dda6d.tar.xz wireguard-go-47a21c8bb08c84d5f84e66ffd3b81ded957dda6d.zip | |
Added last_minute_handshake_guard
- Added last_minute_handshake_guard and reverted keypair changes.
- Added comment explaining the state of Go in releation to handling
cryptographic state in memory.
- Decreased logging level of netsh test
Diffstat (limited to '')
| -rw-r--r-- | src/timers.go | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/timers.go b/src/timers.go index ad8866f..99695ba 100644 --- a/src/timers.go +++ b/src/timers.go @@ -27,9 +27,12 @@ func (peer *Peer) KeepKeyFreshSending() { /* Called when a new authenticated message has been recevied
*
+ * NOTE: Not thread safe (called by sequential receiver)
*/
func (peer *Peer) KeepKeyFreshReceiving() {
- // TODO: Add a guard, clear on handshake complete (clear in TimerHandshakeComplete)
+ if peer.timer.sendLastMinuteHandshake {
+ return
+ }
kp := peer.keyPairs.Current()
if kp == nil {
return
@@ -40,7 +43,9 @@ func (peer *Peer) KeepKeyFreshReceiving() { nonce := atomic.LoadUint64(&kp.sendNonce)
send := nonce > RekeyAfterMessages || time.Now().Sub(kp.created) > RekeyAfterTimeReceiving
if send {
+ // do a last minute attempt at initiating a new handshake
signalSend(peer.signal.handshakeBegin)
+ peer.timer.sendLastMinuteHandshake = true
}
}
@@ -311,6 +316,7 @@ func (peer *Peer) RoutineHandshakeInitiator() { case <-peer.signal.handshakeCompleted:
<-timeout.C
+ peer.timer.sendLastMinuteHandshake = false
break AttemptHandshakes
case <-peer.signal.handshakeReset:
|