diff options
author | Damien Miller <djm@mindrot.org> | 2003-04-01 21:43:39 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-04-01 21:43:39 +1000 |
commit | 2dc074ef4bd925a7c95b9741ab20ab07c79dc2ff (patch) | |
tree | e91aa5d14b0c35f37671b283ba91e92ee9b3df21 /auth-options.c | |
parent | 495dca35186a9a33c85a6fa2bcc1b127512bb688 (diff) |
- markus@cvs.openbsd.org 2003/04/01 10:10:23
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
Diffstat (limited to 'auth-options.c')
0 files changed, 0 insertions, 0 deletions