CVS commit: src/sys/netinet

Tue, 19 May 2015 10:34:13 -0700 

Module Name:    src
Committed By:   kefren
Date:           Tue May 19 17:33:44 UTC 2015

Modified Files:
        src/sys/netinet: tcp_subr.c

Log Message:
Use RUN_ONCE to initialize iss secret. Suggested by riastradh@


To generate a diff of this commit:
cvs rdiff -u -r1.261 -r1.262 src/sys/netinet/tcp_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netinet/tcp_subr.c
diff -u src/sys/netinet/tcp_subr.c:1.261 src/sys/netinet/tcp_subr.c:1.262
--- src/sys/netinet/tcp_subr.c:1.261	Sat May 16 10:09:20 2015
+++ src/sys/netinet/tcp_subr.c	Tue May 19 17:33:43 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_subr.c,v 1.261 2015/05/16 10:09:20 kefren Exp $	*/
+/*	$NetBSD: tcp_subr.c,v 1.262 2015/05/19 17:33:43 kefren Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.261 2015/05/16 10:09:20 kefren Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.262 2015/05/19 17:33:43 kefren Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -240,6 +240,7 @@ int	tcp_syn_bucket_limit = 3*TCP_SYN_BUC
 struct	syn_cache_head tcp_syn_cache[TCP_SYN_HASH_SIZE];
 
 int	tcp_freeq(struct tcpcb *);
+static int	tcp_iss_secret_init(void);
 
 #ifdef INET
 static void	tcp_mtudisc_callback(struct in_addr);
@@ -2217,6 +2218,20 @@ tcp_new_iss(struct tcpcb *tp, tcp_seq ad
 	panic("tcp_new_iss");
 }
 
+static u_int8_t tcp_iss_secret[16];	/* 128 bits; should be plenty */
+
+/*
+ * Initialize RFC 1948 ISS Secret
+ */
+static int
+tcp_iss_secret_init(void)
+{
+	cprng_strong(kern_cprng,
+	    tcp_iss_secret, sizeof(tcp_iss_secret), 0);
+
+	return 0;
+}
+
 /*
  * This routine actually generates a new TCP initial sequence number.
  */
@@ -2226,23 +2241,16 @@ tcp_new_iss1(void *laddr, void *faddr, u
 {
 	tcp_seq tcp_iss;
 
-	/* RFC1948 specifics */
-	static bool tcp_iss_gotten_secret;
-	static u_int8_t tcp_iss_secret[16];	/* 128 bits; should be plenty */
-
 	if (tcp_do_rfc1948) {
 		MD5_CTX ctx;
 		u_int8_t hash[16];	/* XXX MD5 knowledge */
+		static ONCE_DECL(tcp_iss_secret_control);
 
 		/*
 		 * If we haven't been here before, initialize our cryptographic
 		 * hash secret.
 		 */
-		if (tcp_iss_gotten_secret == false) {
-			cprng_strong(kern_cprng,
-			    tcp_iss_secret, sizeof(tcp_iss_secret), 0);
-			tcp_iss_gotten_secret = true;
-		}
+		RUN_ONCE(&tcp_iss_secret_control, tcp_iss_secret_init);
 
 		/*
 		 * Compute the base value of the ISS.  It is a hash

Reply via email to