On Wed, 27 Jul 2022, Theo de Raadt wrote: > I love it. > > > +#define REKEY_BASE (1<<20) /* NB. *must* be a power of 2 */ > > Why insist on that?
Because I need to do this later: + rs->rs_count += rekey_fuzz & (REKEY_BASE - 1); because we can't use arc4random_uniform() in this context. > Also, I would prefer (1024*1024), it is quicker to read. ack
