- markus@cvs.openbsd.org 2003/04/01 10:10:23

[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] rekeying bugfixes and automatic rekeying: * both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying - markus@cvs.openbsd.org 2003/04/01 10:22:21 [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] [readconf.h serverloop.c sshconnect2.c] backout rekeying changes (for 3.6.1)
author: Damien Miller <djm@mindrot.org> 2003-04-01 21:43:39 +1000
committer: Damien Miller <djm@mindrot.org> 2003-04-01 21:43:39 +1000
commit: 2dc074ef4bd925a7c95b9741ab20ab07c79dc2ff (patch)
tree: e91aa5d14b0c35f37671b283ba91e92ee9b3df21 /ChangeLog
parent: 495dca35186a9a33c85a6fa2bcc1b127512bb688 (diff)
1 files changed, 18 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 82053128b..cf216edcf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,7 +7,23 @@
     - new sentence new line
     - .Bk for arguments
     ok markus@
+   - markus@cvs.openbsd.org 2003/04/01 10:10:23
+     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
+     [readconf.h serverloop.c sshconnect2.c]
+     rekeying bugfixes and automatic rekeying:
+     * both client and server rekey _automatically_
+           (a) after 2^31 packets, because after 2^32 packets
+               the sequence number for packets wraps
+           (b) after 2^(blocksize_in_bits/4) blocks
+       (see: draft-ietf-secsh-newmodes-00.txt)
+       (a) and (b) are _enabled_ by default, and only disabled for known
+       openssh versions, that don't support rekeying properly.
+     * client option 'RekeyLimit'
+     * do not reply to requests during rekeying
+   - markus@cvs.openbsd.org 2003/04/01 10:22:21
+     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
+     [readconf.h serverloop.c sshconnect2.c]
+     backout rekeying changes (for 3.6.1)
 20030326
 - (djm) OpenBSD CVS Sync
@@ -1270,4 +1286,4 @@
     save auth method before monitor_reset_key_state(); bugzilla bug #284;
     ok provos@
-$Id: ChangeLog,v 1.2643 2003/04/01 11:42:14 djm Exp $
+$Id: ChangeLog,v 1.2644 2003/04/01 11:43:39 djm Exp $
author	Damien Miller <djm@mindrot.org>	2003-04-01 21:43:39 +1000
committer	Damien Miller <djm@mindrot.org>	2003-04-01 21:43:39 +1000
commit	2dc074ef4bd925a7c95b9741ab20ab07c79dc2ff (patch)
tree	e91aa5d14b0c35f37671b283ba91e92ee9b3df21 /ChangeLog
parent	495dca35186a9a33c85a6fa2bcc1b127512bb688 (diff)

diff --git a/ChangeLog b/ChangeLog index 82053128b..cf216edcf 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -7,7 +7,23 @@
7	- new sentence new line	7	- new sentence new line
8	- .Bk for arguments	8	- .Bk for arguments
9	ok markus@	9	ok markus@
10		10	- markus@cvs.openbsd.org 2003/04/01 10:10:23
		11	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
		12	[readconf.h serverloop.c sshconnect2.c]
		13	rekeying bugfixes and automatic rekeying:
		14	* both client and server rekey _automatically_
		15	(a) after 2^31 packets, because after 2^32 packets
		16	the sequence number for packets wraps
		17	(b) after 2^(blocksize_in_bits/4) blocks
		18	(see: draft-ietf-secsh-newmodes-00.txt)
		19	(a) and (b) are _enabled_ by default, and only disabled for known
		20	openssh versions, that don't support rekeying properly.
		21	* client option 'RekeyLimit'
		22	* do not reply to requests during rekeying
		23	- markus@cvs.openbsd.org 2003/04/01 10:22:21
		24	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
		25	[readconf.h serverloop.c sshconnect2.c]
		26	backout rekeying changes (for 3.6.1)
11		27
12	20030326	28	20030326
13	- (djm) OpenBSD CVS Sync	29	- (djm) OpenBSD CVS Sync
@@ -1270,4 +1286,4 @@
1270	save auth method before monitor_reset_key_state(); bugzilla bug #284;	1286	save auth method before monitor_reset_key_state(); bugzilla bug #284;
1271	ok provos@	1287	ok provos@
1272		1288
1273	$Id: ChangeLog,v 1.2643 2003/04/01 11:42:14 djm Exp $	1289	$Id: ChangeLog,v 1.2644 2003/04/01 11:43:39 djm Exp $