From 87be243fa61c8f92dfb48e69ccb8e0ff79ab22cc Mon Sep 17 00:00:00 2001 From: jlemon Date: Fri, 21 Dec 2001 04:41:08 +0000 Subject: If syncookies are disabled (net.inet.tcp.syncookies) then use the faster arc4random() routine to generate ISNs instead of creating them with MD5(). Suggested by: silby --- sys/netinet/tcp_syncache.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sys/netinet/tcp_syncache.c') diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index d6ce983..bf6432b 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -900,7 +900,10 @@ syncache_add(inc, to, th, sop, m) sc->sc_route.ro_rt = NULL; } sc->sc_irs = th->th_seq; - sc->sc_iss = syncookie_generate(sc); + if (tcp_syncookies) + sc->sc_iss = syncookie_generate(sc); + else + sc->sc_iss = arc4random(); /* Initial receive window: clip sbspace to [0 .. TCP_MAXWIN] */ win = sbspace(&so->so_rcv); -- cgit v1.1