diff options
| author | mojganii <mojgan.jelodar@codic.se> | 2024-07-25 16:35:41 +0200 |
|---|---|---|
| committer | Bug Magnet <marco.nikic@mullvad.net> | 2024-07-26 14:31:35 +0200 |
| commit | 0c728b71d1fac88ae725689b15e65d7df47db323 (patch) | |
| tree | 3cfb3aceac90e555740ea29b83c9d80b0f1b1543 | |
| parent | f02965c4903f70f2e1e9d0dfc56203ee7b0accc2 (diff) | |
| download | mullvadvpn-0c728b71d1fac88ae725689b15e65d7df47db323.tar.xz mullvadvpn-0c728b71d1fac88ae725689b15e65d7df47db323.zip | |
Close TCP connection once PQ key is negotiated
| -rw-r--r-- | mullvad-ios/src/post_quantum_proxy/ios_runtime.rs | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/mullvad-ios/src/post_quantum_proxy/ios_runtime.rs b/mullvad-ios/src/post_quantum_proxy/ios_runtime.rs index e302c0be8d..7da53a95cd 100644 --- a/mullvad-ios/src/post_quantum_proxy/ios_runtime.rs +++ b/mullvad-ios/src/post_quantum_proxy/ios_runtime.rs @@ -148,11 +148,18 @@ impl IOSRuntime { Ok(peer) => { match peer.psk { Some(preshared_key) => unsafe { + if let Ok(mut connection) = self.packet_tunnel.tcp_connection.lock() { + connection.shutdown(); + }; let preshared_key_bytes = preshared_key.as_bytes(); swift_post_quantum_key_ready(self.packet_tunnel.packet_tunnel, preshared_key_bytes.as_ptr(), self.ephemeral_key.as_ptr()); }, None => { log::error!("No suitable peer was found"); + + if let Ok(mut connection) = self.packet_tunnel.tcp_connection.lock() { + connection.shutdown(); + }; unsafe { swift_post_quantum_key_ready(self.packet_tunnel.packet_tunnel, ptr::null(), ptr::null()); } @@ -162,6 +169,9 @@ impl IOSRuntime { }, Err(error) => { log::error!("Key exchange failed {}", error); + if let Ok(mut connection) = self.packet_tunnel.tcp_connection.lock() { + connection.shutdown(); + }; unsafe { swift_post_quantum_key_ready(self.packet_tunnel.packet_tunnel, ptr::null(), ptr::null()); } @@ -170,6 +180,9 @@ impl IOSRuntime { } _ = tokio::time::sleep(std::time::Duration::from_secs(self.post_quantum_key_exchange_timeout)) => { + if let Ok(mut connection) = self.packet_tunnel.tcp_connection.lock() { + connection.shutdown(); + }; shutdown_handle.shutdown(); unsafe { swift_post_quantum_key_ready(self.packet_tunnel.packet_tunnel, ptr::null(), ptr::null()); } } |