aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/messages.h1
-rw-r--r--src/timers.c2
2 files changed, 2 insertions, 1 deletions
diff --git a/src/messages.h b/src/messages.h
index 9b884b0..2a0c736 100644
--- a/src/messages.h
+++ b/src/messages.h
@@ -41,6 +41,7 @@ enum limits {
REKEY_AFTER_MESSAGES = U64_MAX - 0xffff,
REJECT_AFTER_MESSAGES = U64_MAX - COUNTER_WINDOW_SIZE - 1,
REKEY_TIMEOUT = 5 * HZ,
+ REKEY_TIMEOUT_JITTER_MAX = HZ / 3,
REKEY_AFTER_TIME = 120 * HZ,
REJECT_AFTER_TIME = 180 * HZ,
INITIATIONS_PER_SECOND = HZ / 50,
diff --git a/src/timers.c b/src/timers.c
index 9daee0d..0b536d3 100644
--- a/src/timers.c
+++ b/src/timers.c
@@ -119,7 +119,7 @@ void timers_handshake_initiated(struct wireguard_peer *peer)
if (likely(peer->timer_send_keepalive.data))
del_timer(&peer->timer_send_keepalive);
if (likely(peer->timer_retransmit_handshake.data))
- mod_timer(&peer->timer_retransmit_handshake, slack_time(jiffies + REKEY_TIMEOUT + HZ / 4));
+ mod_timer(&peer->timer_retransmit_handshake, slack_time(jiffies + REKEY_TIMEOUT + prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX)));
}
/* Should be called after a handshake response message is received and processed. */
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.