>> Hi, >> >> On Tue, Apr 04, 2017 at 08:29:49AM +0200, Simon Matter wrote: >>> Interesting to see that there is zero interest in this patch here. >> >> This is a misinterpretation. >> > > Hi Gert, > > Thanks for the explanation, I'll be patient then :) > > If it's preferred for the patch to keep it even simpler and compatible the > current configs, it could be broken down to something like this in init.c:
I've attached v2 now which works without any config change:
--reneg-sec n
Renegotiate data channel key after n seconds (default=3600).
Note that the effective value used here is a per session pseudo-
randomized 25% of n deducted from n. With the default value of
3600 this results in an effective per session value in the range
of 2701 ... 3600 seconds.
I prefer this version as it allows everybody to profit from it without
touching any config files.
Thanks,
Simon
openvpn-2.4.1-reneg-sec_randomize.patch
Description: Binary data
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
