From 0c55f2e6dacc3fca03b8d4e465a97fd20e434ca9 Mon Sep 17 00:00:00 2001
From: kris <kris@FreeBSD.org>
Date: Tue, 17 Apr 2001 18:08:01 +0000
Subject: Randomize the TCP initial sequence numbers more thoroughly.

Obtained from:	OpenBSD
Reviewed by:	jesper, peter, -developers
---
 sys/netinet/tcp_reass.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'sys/netinet/tcp_reass.c')

diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c
index 6c7ae76..036f675 100644
--- a/sys/netinet/tcp_reass.c
+++ b/sys/netinet/tcp_reass.c
@@ -1110,9 +1110,14 @@ findpcb:
 		tcp_dooptions(tp, optp, optlen, th, &to);
 		if (iss)
 			tp->iss = iss;
-		else
+		else {
+#ifdef TCP_COMPAT_42
+			tcp_iss += TCP_ISSINCR/2;
 			tp->iss = tcp_iss;
-		tcp_iss += TCP_ISSINCR/4;
+#else
+			tp->iss = tcp_rndiss_next();
+#endif /* TCP_COMPAT_42 */
+ 		}
 		tp->irs = th->th_seq;
 		tcp_sendseqinit(tp);
 		tcp_rcvseqinit(tp);
@@ -1643,7 +1648,11 @@ trimthenstep6:
 			if (thflags & TH_SYN &&
 			    tp->t_state == TCPS_TIME_WAIT &&
 			    SEQ_GT(th->th_seq, tp->rcv_nxt)) {
+#ifdef TCP_COMPAT_42
 				iss = tp->snd_nxt + TCP_ISSINCR;
+#else
+				iss = tcp_rndiss_next();
+#endif /* TCP_COMPAT_42 */
 				tp = tcp_close(tp);
 				goto findpcb;
 			}
-- 
cgit v1.1