author: Mike Silbersack <silby@FreeBSD.org> 2001-07-08 02:20:47 +0000
committer: Mike Silbersack <silby@FreeBSD.org> 2001-07-08 02:20:47 +0000
commit: 2d610a5028cb9e22cf4bfb4a007e0da67fcde284 (patch)
tree: fef63dda5be2e0301de334e984f17a9b61cf3d84 /sys/netinet/tcp_subr.c
parent: 4718c85a24311fc5bc8252d62bdbba9daf3ef0f5 (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index 221e54120a2d..b126cbd323b4 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -139,6 +139,10 @@ static int	icmp_may_rst = 1;
 SYSCTL_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, &icmp_may_rst, 0, 
     "Certain ICMP unreachable messages may abort connections in SYN_SENT");
 
+static int	tcp_seq_genscheme = 1;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, tcp_seq_genscheme, CTLFLAG_RW,
+    &tcp_seq_genscheme, 0, "TCP ISN generation scheme");
+
 static void	tcp_cleartaocache __P((void));
 static void	tcp_notify __P((struct inpcb *, int));
 
@@ -182,6 +186,7 @@ tcp_init()
 {
 	int hashsize = TCBHASHSIZE;
 	
+	tcp_iss = arc4random();	/* wrong, but better than a constant */
 	tcp_ccgen = 1;
 	tcp_cleartaocache();
 
@@ -1107,6 +1112,26 @@ tcp6_ctlinput(cmd, sa, d)
 }
 #endif /* INET6 */
 
+tcp_seq
+tcp_new_isn()
+{
+	if ((tcp_seq_genscheme > 1) || (tcp_seq_genscheme < 0))
+		tcp_seq_genscheme = 1;
+
+	switch (tcp_seq_genscheme) {
+		case 0:	/*
+			 * Random positive increments
+			 */
+			tcp_iss += TCP_ISSINCR/2;
+			return tcp_iss;
+		case 1:	/*
+			 * OpemBSD randomized scheme
+			 */
+			return tcp_rndiss_next();
+	}
+
+}
+
 #define TCP_RNDISS_ROUNDS	16
 #define TCP_RNDISS_OUT	7200
 #define TCP_RNDISS_MAX	30000
author	Mike Silbersack <silby@FreeBSD.org>	2001-07-08 02:20:47 +0000
committer	Mike Silbersack <silby@FreeBSD.org>	2001-07-08 02:20:47 +0000
commit	2d610a5028cb9e22cf4bfb4a007e0da67fcde284 (patch)
tree	fef63dda5be2e0301de334e984f17a9b61cf3d84 /sys/netinet/tcp_subr.c
parent	4718c85a24311fc5bc8252d62bdbba9daf3ef0f5 (diff)