Avoid returning COOKIEs right after system boot
When the monotonic timer is initialized to 0 right after the system is booted the daemon responded with COOKIES for COOKIE_CALMDOWN_DELAY (10s). Since the COOKIE verification code actually produces an overflow for COOKIE_LIFETIME (10s) it wouldn't even accept properly returned COOKIEs. Checking for last_cookie makes sense anyway as that condition must only apply if we actually sent a COOKIE before.
This commit is contained in:
parent
2071dd63d6
commit
68bfee4bc4
|
@ -296,7 +296,7 @@ static bool cookie_required(private_receiver_t *this,
|
|||
this->last_cookie = now;
|
||||
return TRUE;
|
||||
}
|
||||
if (now < this->last_cookie + COOKIE_CALMDOWN_DELAY)
|
||||
if (this->last_cookie && now < this->last_cookie + COOKIE_CALMDOWN_DELAY)
|
||||
{
|
||||
/* We don't disable cookies unless we haven't seen IKE_SA_INITs
|
||||
* for COOKIE_CALMDOWN_DELAY seconds. This avoids jittering between
|
||||
|
|
Loading…
Reference in New Issue