device: timers: seed unsafe rng before use for jitter

Forgetting to seed the unsafe rng, the jitter before followed a fixed pattern, which didn't help when a fleet of computers all boot at once. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-10-28 13:34:21 +02:00 · 2021-10-28 13:34:21 +02:00 · 60683d7361
commit 60683d7361
parent e42c6c4bc2
1 changed files with 11 additions and 3 deletions
--- a/device/timers.go
+++ b/device/timers.go
@ -8,12 +8,20 @@
 package device

 import (
-	"math/rand"
+	"crypto/rand"
+	unsafeRand "math/rand"
 	"sync"
 	"sync/atomic"
 	"time"
+	"unsafe"
 )

+func init() {
+	var seed int64
+	rand.Read(unsafe.Slice((*byte)(unsafe.Pointer(&seed)), unsafe.Sizeof(seed)))
+	unsafeRand.Seed(seed)
+}
+
 // A Timer manages time-based aspects of the WireGuard protocol.
 // Timer roughly copies the interface of the Linux kernel's struct timer_list.
 type Timer struct {
@ -144,7 +152,7 @@ func expiredPersistentKeepalive(peer *Peer) {
 /* Should be called after an authenticated data packet is sent. */
 func (peer *Peer) timersDataSent() {
 	if peer.timersActive() && !peer.timers.newHandshake.IsPending() {
-		peer.timers.newHandshake.Mod(KeepaliveTimeout + RekeyTimeout + time.Millisecond*time.Duration(rand.Int31n(RekeyTimeoutJitterMaxMs)))
+		peer.timers.newHandshake.Mod(KeepaliveTimeout + RekeyTimeout + time.Millisecond*time.Duration(unsafeRand.Int63n(RekeyTimeoutJitterMaxMs)))
 	}
 }

@ -176,7 +184,7 @@ func (peer *Peer) timersAnyAuthenticatedPacketReceived() {
 /* Should be called after a handshake initiation message is sent. */
 func (peer *Peer) timersHandshakeInitiated() {
 	if peer.timersActive() {
-		peer.timers.retransmitHandshake.Mod(RekeyTimeout + time.Millisecond*time.Duration(rand.Int31n(RekeyTimeoutJitterMaxMs)))
+		peer.timers.retransmitHandshake.Mod(RekeyTimeout + time.Millisecond*time.Duration(unsafeRand.Int63n(RekeyTimeoutJitterMaxMs)))
 	}
 }