xnu-7195.101.1.tar.gz

[apple/xnu.git] / bsd / netinet / tcp_subr.c

diff --git a/bsd/netinet/tcp_subr.c b/bsd/netinet/tcp_subr.c
index fe3a0192ad282fe007097ecb7eb7fbe9e34f062d..0b2a5513833ed0c4d762441c0b09c047b6c122ee 100644 (file)
--- a/bsd/netinet/tcp_subr.c
+++ b/bsd/netinet/tcp_subr.c
@@ -1032,6 +1032,7 @@ tcp_newtcpcb(struct inpcb *inp)
        struct tcpcb *tp;
        struct socket *so = inp->inp_socket;
        int isipv6 = (inp->inp_vflag & INP_IPV6) != 0;
+       uint32_t random_32;
 
        calculate_tcp_clock();
 
@@ -1104,14 +1105,19 @@ tcp_newtcpcb(struct inpcb *inp)
        tp->t_twentry.tqe_next = NULL;
        tp->t_twentry.tqe_prev = NULL;
 
+       read_frandom(&random_32, sizeof(random_32));
        if (__probable(tcp_do_ack_compression)) {
-               read_frandom(&tp->t_comp_gencnt, sizeof(tp->t_comp_gencnt));
+               tp->t_comp_gencnt = random_32;
                if (tp->t_comp_gencnt <= TCP_ACK_COMPRESSION_DUMMY) {
                        tp->t_comp_gencnt = TCP_ACK_COMPRESSION_DUMMY + 1;
                }
                tp->t_comp_lastinc = tcp_now;
        }
 
+       if (__probable(tcp_randomize_timestamps)) {
+               tp->t_ts_offset = random_32;
+       }
+
        /*
         * IPv4 TTL initialization is necessary for an IPv6 socket as well,
         * because the socket may be bound to an IPv6 wildcard address,