snow/wireguard-go
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

device: fix private key removal logic

Browse source
This commit is contained in:
Jason A. Donenfeld 2020-02-04 18:08:51 +01:00
parent cb4bb63030
commit 6ed56ff2df
1 changed files with 4 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
device/device.go
View file

@ -236,23 +236,14 @@ func (device *Device) SetPrivateKey(sk NoisePrivateKey) error {
// do static-static DH pre-computations // do static-static DH pre-computations
rmKey := device.staticIdentity.privateKey.IsZero()
expiredPeers := make([]*Peer, 0, len(device.peers.keyMap)) expiredPeers := make([]*Peer, 0, len(device.peers.keyMap))
for key, peer := range device.peers.keyMap { for _, peer := range device.peers.keyMap {
handshake := &peer.handshake handshake := &peer.handshake
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(handshake.remoteStatic)
if rmKey {
handshake.precomputedStaticStatic = [NoisePublicKeySize]byte{}
} else {
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(handshake.remoteStatic)
}
if isZero(handshake.precomputedStaticStatic[:]) { if isZero(handshake.precomputedStaticStatic[:]) {
unsafeRemovePeer(device, peer, key) panic("an invalid peer public key made it into the configuration")
} else {
expiredPeers = append(expiredPeers, peer)
} }
expiredPeers = append(expiredPeers, peer)
} }
for _, peer := range lockedPeers { for _, peer := range lockedPeers {