Re: [Openvpn-devel] [PATCH v3] Add per session pseudo-random jitter to --reneg-sec intervals

Hi, On 15 November 2017 at 07:50, Simon Matter wrote: > Hi Steffan, > > While running your v3 version of the patch I found an issue with the > modified logging. It gives the following error while building > > gcc -DHAVE_CONFIG_H -I. -I../.. -I../../include

Re: [Openvpn-devel] [PATCH v3] Add per session pseudo-random jitter to --reneg-sec intervals

Hi Steffan, While running your v3 version of the patch I found an issue with the modified logging. It gives the following error while building gcc -DHAVE_CONFIG_H -I. -I../.. -I../../include -I../../include -I../../src/compat -DPLUGIN_LIBDIR=\"/usr/lib64/openvpn/plugins\" -O2 -g -pipe

Re: [Openvpn-devel] [PATCH v3] Add per session pseudo-random jitter to --reneg-sec intervals

Hi Steffan, Thanks for taking the time to improve this! Regards, Simon > From: Simon Matter > > While we were suffering from the "TLS Renegotiation Slowdown" bug here > https://community.openvpn.net/openvpn/ticket/854 we realized that there is > still room for

Re: [Openvpn-devel] [PATCH v3] Add per session pseudo-random jitter to --reneg-sec intervals

On Sat, Nov 11, 2017 at 02:47:58PM +0100, Steffan Karger wrote: > --- a/src/openvpn/init.c > +++ b/src/openvpn/init.c > @@ -2693,7 +2693,20 @@ do_init_crypto_tls(struct context *c, const unsigned > int flags) > to.packet_timeout = options->tls_timeout; > to.renegotiate_bytes =

[Openvpn-devel] [PATCH v3] Add per session pseudo-random jitter to --reneg-sec intervals

From: Simon Matter While we were suffering from the "TLS Renegotiation Slowdown" bug here https://community.openvpn.net/openvpn/ticket/854 we realized that there is still room for improvement in our use case. It appears that TLS renegotiation is getting more and more