bugzilla-daemon at mindrot.org
2005-Oct-29 23:59 UTC
[Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
http://bugzilla.mindrot.org/show_bug.cgi?id=1056 ------- Comment #2 from djm at mindrot.org 2005-10-30 10:59 ------- hm, I haven't been able to reproduce the hang you have experienced when setting rekeylimit low. Even setting RekeyLimit=16 produces a working session for me. This isn't to say that we shouldn't set a minimum. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Oct-30 00:33 UTC
[Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
http://bugzilla.mindrot.org/show_bug.cgi?id=1056
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #929 is|0 |1
obsolete| |
AssignedTo|bitbucket at mindrot.org |djm at mindrot.org
Status|NEW |ASSIGNED
Attachment #1015| |ok?
Flag| |
------- Comment #3 from djm at mindrot.org 2005-10-30 11:33 -------
Created an attachment (id=1015)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1015&action=view)
Minimum 1k rekeylimit, check for integer wrap
This checks that the RekeyLimit is >= 1024 and raises a fatal() error if it
isn't.
It also checks for integer wraparound (because rekey_limit is only a signed
int) and fatal()s if it wraps.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the assignee for the bug, or are watching the assignee.
Reasonably Related Threads
- [Bug 1056] RekeyLimit can be ridiculously low and is undocumented.
- [Bug 1390] New: RekeyLimit max value is too restrictive
- [Bug 2264] New: RekeyLimit option does not allow '4G' value when UINT_MAX is 0xffffffff
- VisualHostKey vs. RekeyLimit vs. VerifyHostKeyDNS
- [Bug 2252] New: RekeyLimit breaks ClientAlive