From: Ian Jackson Date: Sat, 18 May 2019 00:49:14 +0000 (+0100) Subject: site: Randomise key setup retry time X-Git-Tag: v0.4.4~4 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=secnet.git;a=commitdiff_plain;h=19074a85692b26aac9ae7e2f2a607e26741cbf94 site: Randomise key setup retry time This reduces the chance that retries (at both ends of a link, or within a single secnet) end up synchronised. Such synchronisation is not supposed to matter but in practice there have been some bugs where it does, and it is undesirable anyway. Signed-off-by: Ian Jackson --- v2: New patch --- diff --git a/README b/README index da1ea0b..5a4db52 100644 --- a/README +++ b/README @@ -395,8 +395,9 @@ site: dict argument packet [5; mobile: 30] setup-timeout (integer): time between retransmissions of key negotiation packets, in ms [2000; mobile: 1000] - wait-time (integer): after failed key setup, wait this long (in ms) before - allowing another attempt [20000; mobile: 10000] + wait-time (integer): after failed key setup, wait roughly this long + (in ms) before allowing another attempt [20000; mobile: 10000] + Actual wait time is randomly chosen between ~0.5x and ~1.5x this. renegotiate-time (integer): if we see traffic on the link after this time then renegotiate another session key immediately (in ms) [half key-lifetime, or key-lifetime minus 5 mins (mobile: 12 hours), diff --git a/site.c b/site.c index 6b09588..3f5e66c 100644 --- a/site.c +++ b/site.c @@ -536,7 +536,13 @@ struct msg { }; static int32_t wait_timeout(struct site *st) { - return st->wait_timeout_mean; + int32_t t = st->wait_timeout_mean; + int8_t factor; + if (t < INT_MAX/2) { + st->random->generate(st->random->st,sizeof(factor),&factor); + t += (t / 256) * factor; + } + return t; } static _Bool set_new_transform(struct site *st, char *pk)