mischief/openbsd-src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2025-01-10 06:47:55 -08:00
Code

more random tcp sequence numbers. okay deraadt@, angelos@

Browse Source
This commit is contained in:
provos 2000-12-13 09:47:08 +00:00
parent fe30647ef1
commit be03ea1b21
5 changed files with 73 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
sys/netinet/tcp_input.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tcp_input.c,v 1.80 2000/12/11 08:04:55 itojun Exp $ */ /* $OpenBSD: tcp_input.c,v 1.81 2000/12/13 09:47:08 provos Exp $ */
/* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */
/* /*
@ -1140,13 +1140,14 @@ findpcb:
if (iss) if (iss)
tp->iss = iss; tp->iss = iss;
else else {
tp->iss = tcp_iss;
#ifdef TCP_COMPAT_42 #ifdef TCP_COMPAT_42
tcp_iss += TCP_ISSINCR/2; tcp_iss += TCP_ISSINCR/2;
tp->iss = tcp_iss;
#else /* TCP_COMPAT_42 */ #else /* TCP_COMPAT_42 */
tcp_iss += arc4random() % TCP_ISSINCR + 1; tp->iss = tcp_rndiss_next();
#endif /* !TCP_COMPAT_42 */ #endif /* !TCP_COMPAT_42 */
}
tp->irs = th->th_seq; tp->irs = th->th_seq;
tcp_sendseqinit(tp); tcp_sendseqinit(tp);
#if defined (TCP_SACK) #if defined (TCP_SACK)

59
sys/netinet/tcp_subr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tcp_subr.c,v 1.36 2000/12/11 08:04:55 itojun Exp $ */ /* $OpenBSD: tcp_subr.c,v 1.37 2000/12/13 09:47:08 provos Exp $ */
/* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */ /* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */
/* /*
@ -57,6 +57,8 @@ didn't get a copy, you may request one from <license@ipv6.nrl.navy.mil>.
#include <sys/socketvar.h> #include <sys/socketvar.h>
#include <sys/protosw.h> #include <sys/protosw.h>
#include <sys/errno.h> #include <sys/errno.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <net/route.h> #include <net/route.h>
#include <net/if.h> #include <net/if.h>
@ -137,9 +139,7 @@ tcp_init()
{ {
#ifdef TCP_COMPAT_42 #ifdef TCP_COMPAT_42
tcp_iss = 1; /* wrong */ tcp_iss = 1; /* wrong */
#else /* TCP_COMPAT_42 */ #endif /* TCP_COMPAT_42 */
tcp_iss = arc4random() + 1;
#endif /* !TCP_COMPAT_42 */
in_pcbinit(&tcbtable, tcbhashsize); in_pcbinit(&tcbtable, tcbhashsize);
#ifdef INET6 #ifdef INET6
@ -1069,3 +1069,54 @@ tcp_signature_apply(fstate, data, len)
return 0; return 0;
} }
#endif /* TCP_SIGNATURE */ #endif /* TCP_SIGNATURE */
#define TCP_RNDISS_ROUNDS 16
#define TCP_RNDISS_OUT 7200
#define TCP_RNDISS_MAX 30000
u_int8_t tcp_rndiss_sbox[128];
u_int16_t tcp_rndiss_msb;
u_int16_t tcp_rndiss_cnt;
long tcp_rndiss_reseed;
u_int16_t
tcp_rndiss_encrypt(val)
u_int16_t val;
{
u_int16_t sum = 0, i;
for (i = 0; i < TCP_RNDISS_ROUNDS; i++) {
sum += 0x79b9;
val ^= ((u_int16_t)tcp_rndiss_sbox[(val^sum) & 0x7f]) << 7;
val = ((val & 0xff) << 7) | (val >> 8);
}
return val;
}
void
tcp_rndiss_init()
{
get_random_bytes(tcp_rndiss_sbox, sizeof(tcp_rndiss_sbox));
tcp_rndiss_reseed = time.tv_sec + TCP_RNDISS_OUT;
tcp_rndiss_msb = tcp_rndiss_msb == 0x8000 ? 0 : 0x8000;
tcp_rndiss_cnt = 0;
}
tcp_seq
tcp_rndiss_next()
{
u_int16_t tmp;
if (tcp_rndiss_cnt >= TCP_RNDISS_MAX ||
time.tv_sec > tcp_rndiss_reseed)
tcp_rndiss_init();
get_random_bytes(&tmp, sizeof(tmp));
/* (tmp & 0x7fff) ensures a 32768 byte gap between ISS */
return ((tcp_rndiss_encrypt(tcp_rndiss_cnt++) | tcp_rndiss_msb) <<16) |
(tmp & 0x7fff);
}

6
sys/netinet/tcp_timer.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tcp_timer.c,v 1.19 2000/12/12 08:12:04 provos Exp $ */ /* $OpenBSD: tcp_timer.c,v 1.20 2000/12/13 09:47:08 provos Exp $ */
/* $NetBSD: tcp_timer.c,v 1.14 1996/02/13 23:44:09 christos Exp $ */ /* $NetBSD: tcp_timer.c,v 1.14 1996/02/13 23:44:09 christos Exp $ */
/* /*
@ -144,9 +144,7 @@ tpgone:
tcp_iss += TCP_ISSINCR/PR_SLOWHZ; /* increment iss */ tcp_iss += TCP_ISSINCR/PR_SLOWHZ; /* increment iss */
if ((int)tcp_iss < 0) if ((int)tcp_iss < 0)
tcp_iss = 0; /* XXX */ tcp_iss = 0; /* XXX */
#else /* TCP_COMPAT_42 */ #endif /* TCP_COMPAT_42 */
tcp_iss += arc4random() % (2 * TCP_ISSINCR / PR_SLOWHZ) + 1; /* increment iss */
#endif /* !TCP_COMPAT_42 */
tcp_now++; /* for timestamps */ tcp_now++; /* for timestamps */
splx(s); splx(s);
} }

10
sys/netinet/tcp_usrreq.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tcp_usrreq.c,v 1.49 2000/12/11 08:04:56 itojun Exp $ */ /* $OpenBSD: tcp_usrreq.c,v 1.50 2000/12/13 09:47:08 provos Exp $ */
/* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */ /* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */
/* /*
@ -304,12 +304,12 @@ tcp_usrreq(so, req, m, nam, control)
soisconnecting(so); soisconnecting(so);
tcpstat.tcps_connattempt++; tcpstat.tcps_connattempt++;
tp->t_state = TCPS_SYN_SENT; tp->t_state = TCPS_SYN_SENT;
tp->t_timer[TCPT_KEEP] = tcptv_keep_init; tp->t_timer[TCPT_KEEP] = tcptv_keep_init;
tp->iss = tcp_iss;
#ifdef TCP_COMPAT_42 #ifdef TCP_COMPAT_42
tp->iss = tcp_iss;
tcp_iss += TCP_ISSINCR/2; tcp_iss += TCP_ISSINCR/2;
#else /* TCP_COMPAT_42 */ #else /* TCP_COMPAT_42 */
tcp_iss += arc4random() % TCP_ISSINCR + 1; tp->iss = tcp_rndiss_next();
#endif /* !TCP_COMPAT_42 */ #endif /* !TCP_COMPAT_42 */
tcp_sendseqinit(tp); tcp_sendseqinit(tp);
#if defined(TCP_SACK) #if defined(TCP_SACK)

6
sys/netinet/tcp_var.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tcp_var.h,v 1.34 2000/12/11 08:04:56 itojun Exp $ */ /* $OpenBSD: tcp_var.h,v 1.35 2000/12/13 09:47:08 provos Exp $ */
/* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */ /* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */
/* /*
@ -401,5 +401,9 @@ u_long tcp_seq_subtract __P((u_long, u_long ));
#ifdef TCP_SIGNATURE #ifdef TCP_SIGNATURE
int tcp_signature_apply __P((caddr_t, caddr_t, unsigned int)); int tcp_signature_apply __P((caddr_t, caddr_t, unsigned int));
#endif /* TCP_SIGNATURE */ #endif /* TCP_SIGNATURE */
void tcp_rndiss_init __P((void));
tcp_seq tcp_rndiss_next __P((void));
u_int16_t
tcp_rndiss_encrypt __P((u_int16_t));
#endif /* _KERNEL */ #endif /* _KERNEL */