On 2019-09-11 17:16, Conrad Meyer wrote:
Small nitpick:
On Wed, Sep 11, 2019 at 11:48 AM Andrew Gallatin wrote:
Note that on a system under a syn flood attack, arc4random()
becomes quite expensive, and the chacha_poly crypto that it calls
arc4random uses chacha20 — there is no "poly" i
Small nitpick:
On Wed, Sep 11, 2019 at 11:48 AM Andrew Gallatin wrote:
> Note that on a system under a syn flood attack, arc4random()
> becomes quite expensive, and the chacha_poly crypto that it calls
arc4random uses chacha20 — there is no "poly" involved.
Best,
Conrad
Author: gallatin
Date: Wed Sep 11 18:48:26 2019
New Revision: 352228
URL: https://svnweb.freebsd.org/changeset/base/352228
Log:
Avoid unneeded call to arc4random() in syncache_add()
Don't call arc4random() unconditionally to initialize sc_iss, and
then when syncookies are enabled, just ov
