briar-android-tests/src/test/java/org/briarproject/IntroductionIntegrationTestComponent.java · 7a87d417155fce2ca5d42ff7f473f3185860a386 · Julian Dehm / briar

Forked from briar / briar

5372 commits behind the upstream repository.

8 years ago

Do not allow session ID reuse and clean up sessions for introducee · 685e1422

Torsten Grote authored 8 years ago

It was possible that a malicious introducer sends new request with the
same session ID that was used previously and thus causing introducees to
have multiple states for the same session ID.
This commits prevents that from happening and adds an integration test
for that scenario.

Also if an introducee removes an introducer, all past session states
will be deleted from the database. For this, a test was added as well.

Closes #371
Closes #372

Verified

685e1422

History

Do not allow session ID reuse and clean up sessions for introducee

Torsten Grote authored 8 years ago

It was possible that a malicious introducer sends new request with the
same session ID that was used previously and thus causing introducees to
have multiple states for the same session ID.
This commits prevents that from happening and adds an integration test
for that scenario.

Also if an introducee removes an introducer, all past session states
will be deleted from the database. For this, a test was added as well.

Closes #371
Closes #372

IntroductionIntegrationTestComponent.java 2.53 KiB