[openssh-commits] [openssh] 04/05: upstream: Set a default RekeyLimit of 256k.

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 829976a63fd1efae3a4c3e7c16fded59d92edb67
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Tue Aug 20 09:02:45 2024 +0000

    upstream: Set a default RekeyLimit of 256k.
    
    Used unless overridden by a command-line flag, which simplifies some of
    the ssh command lines.
    
    OpenBSD-Regress-ID: e7cffa57027088e10336e412b34113969f88cb87
---
 regress/rekey.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/regress/rekey.sh b/regress/rekey.sh
index f1ed4c56..24c5a380 100644
--- a/regress/rekey.sh
+++ b/regress/rekey.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: rekey.sh,v 1.23 2024/08/20 07:52:43 dtucker Exp $
+#	$OpenBSD: rekey.sh,v 1.24 2024/08/20 09:02:45 dtucker Exp $
 #	Placed in the Public Domain.
 
 tid="rekey"
@@ -9,6 +9,7 @@ rm -f ${LOG}
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 
 echo "Compression no" >> $OBJ/ssh_proxy
+echo "RekeyLimit 256k" >> $OBJ/ssh_proxy
 
 # Test rekeying based on data volume only.
 # Arguments will be passed to ssh.
@@ -57,7 +58,7 @@ done
 
 for opt in $opts; do
 	verbose "client rekey $opt"
-	ssh_data_rekeying "$opt" -oRekeyLimit=256k
+	ssh_data_rekeying "$opt"
 done
 
 # AEAD ciphers are magical so test with all KexAlgorithms
@@ -65,7 +66,7 @@ if ${SSH} -Q cipher-auth | grep '^.*$' >/dev/null 2>&1 ; then
   for c in `${SSH} -Q cipher-auth`; do
     for kex in `${SSH} -Q kex`; do
 	verbose "client rekey $c $kex"
-	ssh_data_rekeying "KexAlgorithms=$kex" -oRekeyLimit=256k -oCiphers=$c
+	ssh_data_rekeying "KexAlgorithms=$kex" -oCiphers=$c
     done
   done
 fi

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.