From 28e98b867ba7eae2da1f61d0518a11cc7242faf9 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Fri, 14 Oct 2016 17:44:49 +0200
Subject: send: ensure that rekey retries are staggered

Before:
	t+120: A sends rekey
	[packet dropped by network congestion]
	t+125: A sends rekey
	[packet dropped by network congestion]
	t+130: A sends rekey
	t+130: B sends rekey
	! race !

After:
	t+120: A sends rekey
	[packet dropped by network congestion]
	t+125: A sends rekey
	[packet dropped by network congestion]
	t+130: A sends rekey
	[packet dropped by network congestion]
	T+132.5: B sends rekey
	[packet dropped by network congestion]
	T+135: A sends rekey
	[packet dropped by network congestion]
	T+137.5: B sends rekey
	! success, eventually !
---
 src/send.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/send.c b/src/send.c
index c8df288..cbff73d 100644
--- a/src/send.c
+++ b/src/send.c
@@ -101,7 +101,7 @@ static inline void keep_key_fresh(struct wireguard_peer *peer)
 
 	/* We don't want both peers initiating a new handshake at the same time */
 	if (!keypair->i_am_the_initiator)
-		rekey_after_time += REKEY_TIMEOUT * 2;
+		rekey_after_time += REKEY_TIMEOUT / 2 + REKEY_TIMEOUT * 2;
 
 	if (atomic64_read(&keypair->sending.counter.counter) > REKEY_AFTER_MESSAGES ||
 	    time_is_before_eq_jiffies64(keypair->sending.birthdate + rekey_after_time)) {
-- 
cgit v1.2.3-59-g8ed1b