…he key is not lower
…nding data then the other end resets the session and receives our hello, sends a key which is delayed or lost, then sends a repeat key packet which has a different temp key.
…ending repeat hello packets at eachother forever
…nding a CryptoAuth session to an IPv6 address even if you don't know the other party's key
…use it is insecure and it adds code to CryptoAuth which is not used
…security feature from CryptoAuth which is redundant and ineffective
…rified as invalid Lowest permanent public key wins as opposed to highest temp key since packets might cross on the wire from different sessions Fixed bugs in logic for determining whether to accept state change from incoming packet If there is an error, the content of the CryptoAuth message is zeroed as an extra precaution.
Now the only place where the nonce counter in CryptoAuth can be de-incremented is in CryptoAuth_reset() which gets rid of session state.
…d don't return an AUTHENTICATION error if a handshake packet comes during an established session.
…they croos on the wire, they will each receive the hello packet and change their CryptoAuth session to use it's temp key. Instead they should flip a coin to decide who will be the session initiator. In this case, they will compare temp keys with memcmp()
…one or more "established session" packets which do not reach Bob. Consider this: Alice sends a hello Bob sends a key Alice sends a run packet which is lost in the network then doesn't feel the need to send any more packets. Bob keeps sending key packets because he didn't get the run packet from Alice The key packets were (before this patch) dropped by Alice. Now the key packets are accepted unless Alice has already received a run packet from Bob. If Alice has received a run packet, *no* initialization packets are accepted, hello or key. This will prevent some kinds of DoS with intentionally tearing down someone else's connection using a carefully chosen replay attack.
… also randomized initial handle for SessionManager to prevent CryptoAuth sessions from being mixed up in the SessionManager
…ion handler to throw in case of buffer overflow.
…s 0, fixed this and added redundant checks in a few other places
SmartOS compile fix