From 54c6ff1c419fffcb12ae33e45208b6dbe8914c02 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 23 Feb 2013 20:16:13 +0100 Subject: Subtract splay time to key refresh interval A random splay time of up to 5 minutes will ensure that simultaneous handshakes with many peers are desynchronized as fast as possible. --- src/method_xsalsa20_poly1305.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/method_xsalsa20_poly1305.c') diff --git a/src/method_xsalsa20_poly1305.c b/src/method_xsalsa20_poly1305.c index 655f61b..4cadca9 100644 --- a/src/method_xsalsa20_poly1305.c +++ b/src/method_xsalsa20_poly1305.c @@ -102,7 +102,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, u session->valid_till.tv_sec += ctx->conf->key_valid; session->refresh_after = ctx->now; - session->refresh_after.tv_sec += ctx->conf->key_refresh; + session->refresh_after.tv_sec += ctx->conf->key_refresh - fastd_rand(ctx, 0, ctx->conf->key_refresh_splay); memcpy(session->key, secret, crypto_secretbox_xsalsa20poly1305_KEYBYTES); -- cgit v1.2.3