send: ensure that rekey retries are staggered

Before: t+120: A sends rekey [packet dropped by network congestion] t+125: A sends rekey [packet dropped by network congestion] t+130: A sends rekey t+130: B sends rekey ! race ! After: t+120: A sends rekey [packet dropped by network congestion] t+125: A sends rekey [packet dropped by network congestion] t+130: A sends rekey [packet dropped by network congestion] T+132.5: B sends rekey [packet dropped by network congestion] T+135: A sends rekey [packet dropped by network congestion] T+137.5: B sends rekey ! success, eventually ! Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2016-10-14 17:44:49 +0200
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2016-10-14 17:44:49 +0200
commit: b4dbf30e504377905fac5a6f606761e4630537bf (patch)
tree: e6f6d66cc00f6a7d3930e5df392618d1be0601e9 /src
parent: 5a5a3c55d4291e2d2778cfafbb3f5c3ca003f38e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/send.c b/src/send.c
index c8df288..cbff73d 100644
--- a/src/send.c
+++ b/src/send.c
@@ -101,7 +101,7 @@ static inline void keep_key_fresh(struct wireguard_peer *peer)
 
 	/* We don't want both peers initiating a new handshake at the same time */
 	if (!keypair->i_am_the_initiator)
-		rekey_after_time += REKEY_TIMEOUT * 2;
+		rekey_after_time += REKEY_TIMEOUT / 2 + REKEY_TIMEOUT * 2;
 
 	if (atomic64_read(&keypair->sending.counter.counter) > REKEY_AFTER_MESSAGES ||
 	    time_is_before_eq_jiffies64(keypair->sending.birthdate + rekey_after_time)) {
author	Jason A. Donenfeld <Jason@zx2c4.com>	2016-10-14 17:44:49 +0200
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2016-10-14 17:44:49 +0200
commit	b4dbf30e504377905fac5a6f606761e4630537bf (patch)
tree	e6f6d66cc00f6a7d3930e5df392618d1be0601e9 /src
parent	5a5a3c55d4291e2d2778cfafbb3f5c3ca003f38e (diff)