~mdw / secnet / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 16f73fa) | patch
site setup: Correct logic for DEFAULT_KEY_RENEGOTIATE_GAP
authorIan Jackson <ijackson@chiark.greenend.org.uk>
Sat, 11 Jun 2011 14:10:08 +0000 (15:10 +0100)
committerIan Jackson <ijackson@chiark.greenend.org.uk>
Sun, 26 Jun 2011 11:07:27 +0000 (12:07 +0100)
commit95021ddf9183b75739cfbf04c19b5ff3f3e23fb3
tree2d920754c23999a391749e37c1314b17e765a1fatree | snapshot (tar.gz zip)
parent16f73fa6cc7426276bc4bd0cc8537d08c64cbc83commit | diff
site setup: Correct logic for DEFAULT_KEY_RENEGOTIATE_GAP

Previously, key_renegotiate_time would be set to
   key_lifetime - DEFAULT_KEY_RENEGOTIATE_GAP
unless that was negative, in which case it would be set to
   key_lifetime / 2
This is illogical as it is not monotonic in key_lifetime.
Instead we now set it to the larger of those two values.

(This bug has had no effect as the buggy calculation was ignored due
to another bug, which will be fixed in a later patch.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
site.c diff | blob | blame | history
Secnet virtual private network: clone of http://www.chiark.greenend.org.uk/ucgi/~ian/git/secnet.git/