]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 26e033c) | patch
ha: Double receive buffer size for HA messages and make it configurable
authorTobias Brunner <tobias@strongswan.org>
Wed, 14 Feb 2018 13:51:24 +0000 (14:51 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 14 Feb 2018 13:52:18 +0000 (14:52 +0100)
commitce048c30ff87404de9fa21432fb493b868ec711c
treecb46f4ad53922162456ac37d3ac3d8cffa8689f4tree | snapshot
parent26e033cfe3f0664b47d814f827ae5834c9cd5adecommit | diff
ha: Double receive buffer size for HA messages and make it configurable

With IKEv1 we transmit both public DH factors (used to derive the initial
IV) besides the shared secret.  So these messages could get significantly
larger than 1024 bytes, depending on the DH group (modp2048 just about
fits into it).  The new default of 2048 bytes should be fine up to modp4096
and for larger groups the buffer size may be increased (an error is
logged should this happen).
conf/plugins/ha.opt diff | blob | blame | history
src/libcharon/plugins/ha/ha_socket.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.