diff options
author | kn <kn@cvs.openbsd.org> | 2019-06-22 20:15:10 +0000 |
---|---|---|
committer | kn <kn@cvs.openbsd.org> | 2019-06-22 20:15:10 +0000 |
commit | 4d364869ea6aa2735471499aa9edf7676fa5b3ac (patch) | |
tree | cb34ef291f40c55fc8e201e6193bb4ad531a3199 | |
parent | 87c96548cc3064ea4354df0cdda9af0c5b7cf255 (diff) |
Make computation of re-challenge timeout more obvious
Instead of masking the difference between lower and upper bound to yield
a random summand that fits, instruct the API to limit their result
accordingly. 0x01fe = 510 = 810 - 300.
arc4random_uniform(upper_bound) returns `upper_bound - 1' as maximum, so
add one to make 810 a possible value for `i'.
OK deraadt
-rw-r--r-- | sys/net/if_spppsubr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c index 82e555aaad0..2a63c88ccf7 100644 --- a/sys/net/if_spppsubr.c +++ b/sys/net/if_spppsubr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_spppsubr.c,v 1.177 2019/06/22 10:16:14 kn Exp $ */ +/* $OpenBSD: if_spppsubr.c,v 1.178 2019/06/22 20:15:09 kn Exp $ */ /* * Synchronous PPP link level subroutines. * @@ -3579,7 +3579,7 @@ sppp_chap_tlu(struct sppp *sp) * Compute the re-challenge timeout. This will yield * a number between 300 and 810 seconds. */ - i = 300 + (arc4random() & 0x01fe); + i = 300 + arc4random_uniform(1 + 810 - 300); timeout_add_sec(&sp->ch[IDX_CHAP], i); } |