Dropping old responder doesn't work if we have a trusted receiver public permanent key.

[rustonaut]

The protocol says:

drop the oldest responder that did not send a message to it

The code do decide if "that did not send a message to it" applies is:

saltyrtc-client-java/src/main/java/org/saltyrtc/client/signaling/InitiatorSignaling.java

Line 430 in d01e553

if (r.handshakeState == ResponderHandshakeState.NEW) {

Pub if we have a known trusted receivers public key then here:

saltyrtc-client-java/src/main/java/org/saltyrtc/client/signaling/InitiatorSignaling.java

Line 403 in d01e553

responder.handshakeState = ResponderHandshakeState.TOKEN_RECEIVED;

We set the state to TOKEN_RECEIVED for every new responder before they send us any message.

Hence as long as I didn't overlook anything we won't ever drop any old responders as we assume we got
valid token message from all of them.

[lgrahl]

Agree that there is an issue introduced by the state skipping even though the responder is still inactive.

Security impact: Minor, DoS with prior knowledge required.