bugzilla-daemon at mindrot.org
2005-Oct-29 23:59 UTC
[Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
http://bugzilla.mindrot.org/show_bug.cgi?id=1056 ------- Comment #2 from djm at mindrot.org 2005-10-30 10:59 ------- hm, I haven't been able to reproduce the hang you have experienced when setting rekeylimit low. Even setting RekeyLimit=16 produces a working session for me. This isn't to say that we shouldn't set a minimum. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Oct-30 00:33 UTC
[Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
http://bugzilla.mindrot.org/show_bug.cgi?id=1056 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #929 is|0 |1 obsolete| | AssignedTo|bitbucket at mindrot.org |djm at mindrot.org Status|NEW |ASSIGNED Attachment #1015| |ok? Flag| | ------- Comment #3 from djm at mindrot.org 2005-10-30 11:33 ------- Created an attachment (id=1015) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1015&action=view) Minimum 1k rekeylimit, check for integer wrap This checks that the RekeyLimit is >= 1024 and raises a fatal() error if it isn't. It also checks for integer wraparound (because rekey_limit is only a signed int) and fatal()s if it wraps. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
- [Bug 1390] New: RekeyLimit max value is too restrictive
- [Bug 2264] New: RekeyLimit option does not allow '4G' value when UINT_MAX is 0xffffffff
- VisualHostKey vs. RekeyLimit vs. VerifyHostKeyDNS
- [Bug 2252] New: RekeyLimit breaks ClientAlive