diff options
| author |   kn <kn@openbsd.org> | 2019-06-22 20:15:09 +0000 |
|---|---|---|
| committer | kn <kn@openbsd.org> | 2019-06-22 20:15:09 +0000 |
| commit | 50b584e51139d72fef53ce11c0da9990dcd89799 (patch) | |
| tree | ffbd71d29763c016e17fbd5e5fa32caf11a59cf2 | |
| parent | Swap (opcount >= opleft || opcount == -1) to (opcount == -1 || opcount >= opleft) like (diff) | |
| download | wireguard-openbsd-50b584e51139d72fef53ce11c0da9990dcd89799.tar.xz wireguard-openbsd-50b584e51139d72fef53ce11c0da9990dcd89799.zip | |
Make computation of re-challenge timeout more obvious
Instead of masking the difference between lower and upper bound to yield
a random summand that fits, instruct the API to limit their result
accordingly. 0x01fe = 510 = 810 - 300.
arc4random_uniform(upper_bound) returns `upper_bound - 1' as maximum, so
add one to make 810 a possible value for `i'.
OK deraadt
| -rw-r--r-- | sys/net/if_spppsubr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c index 82e555aaad0..2a63c88ccf7 100644 --- a/sys/net/if_spppsubr.c +++ b/sys/net/if_spppsubr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_spppsubr.c,v 1.177 2019/06/22 10:16:14 kn Exp $ */ +/* $OpenBSD: if_spppsubr.c,v 1.178 2019/06/22 20:15:09 kn Exp $ */ /* * Synchronous PPP link level subroutines. * @@ -3579,7 +3579,7 @@ sppp_chap_tlu(struct sppp *sp) * Compute the re-challenge timeout. This will yield * a number between 300 and 810 seconds. */ - i = 300 + (arc4random() & 0x01fe); + i = 300 + arc4random_uniform(1 + 810 - 300); timeout_add_sec(&sp->ch[IDX_CHAP], i); } |