From 19074a85692b26aac9ae7e2f2a607e26741cbf94 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Sat, 18 May 2019 01:49:14 +0100 Subject: [PATCH] site: Randomise key setup retry time This reduces the chance that retries (at both ends of a link, or within a single secnet) end up synchronised. Such synchronisation is not supposed to matter but in practice there have been some bugs where it does, and it is undesirable anyway. Signed-off-by: Ian Jackson --- v2: New patch --- README | 5 +++-- site.c | 8 +++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/README b/README index da1ea0b..5a4db52 100644 --- a/README +++ b/README @@ -395,8 +395,9 @@ site: dict argument packet [5; mobile: 30] setup-timeout (integer): time between retransmissions of key negotiation packets, in ms [2000; mobile: 1000] - wait-time (integer): after failed key setup, wait this long (in ms) before - allowing another attempt [20000; mobile: 10000] + wait-time (integer): after failed key setup, wait roughly this long + (in ms) before allowing another attempt [20000; mobile: 10000] + Actual wait time is randomly chosen between ~0.5x and ~1.5x this. renegotiate-time (integer): if we see traffic on the link after this time then renegotiate another session key immediately (in ms) [half key-lifetime, or key-lifetime minus 5 mins (mobile: 12 hours), diff --git a/site.c b/site.c index 6b09588..3f5e66c 100644 --- a/site.c +++ b/site.c @@ -536,7 +536,13 @@ struct msg { }; static int32_t wait_timeout(struct site *st) { - return st->wait_timeout_mean; + int32_t t = st->wait_timeout_mean; + int8_t factor; + if (t < INT_MAX/2) { + st->random->generate(st->random->st,sizeof(factor),&factor); + t += (t / 256) * factor; + } + return t; } static _Bool set_new_transform(struct site *st, char *pk) -- 2.30.2