From 9f3bc7342dbe922dc9e387d7f421eb7f046ec50c Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Fri, 24 May 2019 13:45:55 +0200
Subject: timers: add jitter on ack failure reinitiation

---
 src/timers.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/timers.c b/src/timers.c
index 7614c85..d54d32a 100644
--- a/src/timers.c
+++ b/src/timers.c
@@ -17,7 +17,8 @@
  * not sent one for `KEEPALIVE_TIMEOUT` ms.
  *
  * - Timer for initiating new handshake if we have sent a packet but after have
- * not received one (even empty) for `(KEEPALIVE_TIMEOUT + REKEY_TIMEOUT)` ms.
+ * not received one (even empty) for `(KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) +
+ * jitter` ms.
  *
  * - Timer for zeroing out all ephemeral keys after `(REJECT_AFTER_TIME * 3)` ms
  * if no new keys have been received.
@@ -145,7 +146,8 @@ void wg_timers_data_sent(struct wg_peer *peer)
 {
 	if (!timer_pending(&peer->timer_new_handshake))
 		mod_peer_timer(peer, &peer->timer_new_handshake,
-			jiffies + (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) * HZ);
+			jiffies + (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) * HZ +
+			prandom_u32_max(REKEY_TIMEOUT_JITTER_MAX_JIFFIES));
 }
 
 /* Should be called after an authenticated data packet is received. */
-- 
cgit v1.2.3-59-g8ed1b