rekeying bugfixes and automatic rekeying: - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	markus <markus@openbsd.org>	2003-04-01 10:10:23 +0000
committer	markus <markus@openbsd.org>	2003-04-01 10:10:23 +0000
commit	3eb3a5f4b849019ad30937c9c9b70faa44509fa2 (patch)
tree	ebb67d6eb138eef1ec9562e5aeda74cec215ee8a /lib
parent	tidy up of EXAMPLES section; (diff)
download	wireguard-openbsd-3eb3a5f4b849019ad30937c9c9b70faa44509fa2.tar.xz wireguard-openbsd-3eb3a5f4b849019ad30937c9c9b70faa44509fa2.zip

rekeying bugfixes and automatic rekeying:

* both client and server rekey _automatically_ (a) after 2^31 packets, because after 2^32 packets the sequence number for packets wraps (b) after 2^(blocksize_in_bits/4) blocks (see: http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt) (a) and (b) are _enabled_ by default, and only disabled for known openssh versions, that don't support rekeying properly. * client option 'RekeyLimit' * do not reply to requests during rekeying

Diffstat (limited to 'lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: