mirror of https://gogs.blitter.com/RLabs/xs
Added max bounds for chaff, rekey intervals and random jitter for rekey interval
This commit is contained in:
Russ Magee
parent
faf8769ac4
commit
6212119621
2
Makefile
2
Makefile
|
|
@ -1,4 +1,4 @@
|
||||||
VERSION := 0.9.7
|
VERSION := 0.9.8
|
||||||
.PHONY: lint vis clean common client server passwd\
|
.PHONY: lint vis clean common client server passwd\
|
||||||
subpkgs install uninstall reinstall scc
|
subpkgs install uninstall reinstall scc
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -136,5 +136,7 @@ type CSHmacAlg uint32
|
||||||
// Some bounds-checking consts
|
// Some bounds-checking consts
|
||||||
const (
|
const (
|
||||||
REKEY_SECS_MIN = 1
|
REKEY_SECS_MIN = 1
|
||||||
|
REKEY_SECS_MAX = 28800 // 8 hours
|
||||||
CHAFF_FREQ_MSECS_MIN = 1
|
CHAFF_FREQ_MSECS_MIN = 1
|
||||||
|
CHAFF_FREQ_MSECS_MAX = 300000 // 5 minutes
|
||||||
)
|
)
|
||||||
|
|
|
||||||
27
xsnet/net.go
27
xsnet/net.go
|
|
@ -1600,6 +1600,16 @@ func (hc *Conn) ShutdownChaff() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hc *Conn) SetupChaff(msecsMin uint, msecsMax uint, szMax uint) {
|
func (hc *Conn) SetupChaff(msecsMin uint, msecsMax uint, szMax uint) {
|
||||||
|
// Enforce bounds on chaff frequency and pkt size
|
||||||
|
hc.Lock()
|
||||||
|
if hc.chaff.msecsMin < CHAFF_FREQ_MSECS_MIN {
|
||||||
|
hc.chaff.msecsMin = CHAFF_FREQ_MSECS_MIN
|
||||||
|
}
|
||||||
|
if hc.chaff.msecsMax > CHAFF_FREQ_MSECS_MAX {
|
||||||
|
hc.chaff.msecsMax = CHAFF_FREQ_MSECS_MAX
|
||||||
|
}
|
||||||
|
hc.Unlock()
|
||||||
|
|
||||||
hc.chaff.msecsMin = msecsMin //move these to params of chaffHelper() ?
|
hc.chaff.msecsMin = msecsMin //move these to params of chaffHelper() ?
|
||||||
hc.chaff.msecsMax = msecsMax
|
hc.chaff.msecsMax = msecsMax
|
||||||
hc.chaff.szMax = szMax
|
hc.chaff.szMax = szMax
|
||||||
|
|
@ -1615,6 +1625,9 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
|
||||||
if intervalSecs < REKEY_SECS_MIN {
|
if intervalSecs < REKEY_SECS_MIN {
|
||||||
intervalSecs = REKEY_SECS_MIN
|
intervalSecs = REKEY_SECS_MIN
|
||||||
}
|
}
|
||||||
|
if intervalSecs > REKEY_SECS_MAX {
|
||||||
|
intervalSecs = REKEY_SECS_MAX
|
||||||
|
}
|
||||||
|
|
||||||
go func() {
|
go func() {
|
||||||
hc.Lock()
|
hc.Lock()
|
||||||
|
|
@ -1625,7 +1638,14 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
|
||||||
hc.Lock()
|
hc.Lock()
|
||||||
rekey := hc.rekey
|
rekey := hc.rekey
|
||||||
hc.Unlock()
|
hc.Unlock()
|
||||||
|
|
||||||
if rekey != 0 {
|
if rekey != 0 {
|
||||||
|
jitter := rand.Intn(int(rekey)) / 4
|
||||||
|
rekey = rekey - uint(jitter)
|
||||||
|
if rekey < 1 {
|
||||||
|
rekey = 1
|
||||||
|
}
|
||||||
|
|
||||||
//logger.LogDebug(fmt.Sprintf("[rekeyHelper Loop]\n"))
|
//logger.LogDebug(fmt.Sprintf("[rekeyHelper Loop]\n"))
|
||||||
time.Sleep(time.Duration(rekey) * time.Second)
|
time.Sleep(time.Duration(rekey) * time.Second)
|
||||||
|
|
||||||
|
|
@ -1656,13 +1676,6 @@ func (hc *Conn) RekeyHelper(intervalSecs uint) {
|
||||||
|
|
||||||
// Helper routine to spawn a chaffing goroutine for each Conn
|
// Helper routine to spawn a chaffing goroutine for each Conn
|
||||||
func (hc *Conn) chaffHelper() {
|
func (hc *Conn) chaffHelper() {
|
||||||
// Enforce bounds on chaff frequency and pkt size
|
|
||||||
hc.Lock()
|
|
||||||
if hc.chaff.msecsMin < CHAFF_FREQ_MSECS_MIN {
|
|
||||||
hc.chaff.msecsMin = CHAFF_FREQ_MSECS_MIN
|
|
||||||
}
|
|
||||||
hc.Unlock()
|
|
||||||
|
|
||||||
go func() {
|
go func() {
|
||||||
var nextDuration int
|
var nextDuration int
|
||||||
for {
|
for {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue