randomize the ID array.

There's no reason to let observers know how many packets we've sent.

diff --git a/src/protocols/radius/id.c b/src/protocols/radius/id.c
index ed62088bee5f19164370fbc980442db0c2fa7891..170d9d103bbae2f33781296e65eac7197f07f076 100644 (file)
--- a/src/protocols/radius/id.c
+++ b/src/protocols/radius/id.c
@@ -44,7 +44,7 @@ struct fr_radius_id_s {
  */
 fr_radius_id_t *fr_radius_id_alloc(TALLOC_CTX *ctx)
 {
-       int i;
+       uint32_t i;
        fr_radius_id_t *track;
 
        track = talloc_zero(ctx, fr_radius_id_t);
@@ -58,6 +58,28 @@ fr_radius_id_t *fr_radius_id_alloc(TALLOC_CTX *ctx)
                track->free_ids[i] = i;
        }
 
+       /*
+        *      Shuffle the entirs using a Fisher-Yates shuffle.
+        *
+        *      We loop from i=255..1, choosing random numbers j, such that 0 <= j <= i
+        *      And then swap a[j],a[i]
+        *
+        *      We choose a 32-bit random number, and then take the modulo of that and i+1.  Which means that
+        *      the resulting random number j is [0..i], whereas taking the modulo with i, then the random
+        *      number j will instead be chosen to be [0..i)
+        */
+       for (i = 255; i >= 1; i--) {
+               uint32_t j = fr_rand() % (i + 1); /* small bias, but we don't care much */
+               int tmp;
+
+               if (j == i) continue;
+
+               tmp = track->free_ids[j];
+               track->free_ids[j] = track->free_ids[i];
+               track->free_ids[i] = tmp;
+       }
+
+
        return track;
 }