Attention is currently required from: MaxF, flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/843?usp=email )
Change subject: Do not attempt to decrypt packets anymore after 2**36 failed decryptions ...................................................................... Patch Set 3: (4 comments) File src/openvpn/crypto.h: http://gerrit.openvpn.net/c/openvpn/+/843/comment/6408b1af_041def26 : PS2, Line 667: We > Incomplete Acknowledged http://gerrit.openvpn.net/c/openvpn/+/843/comment/21fe7587_f0d0de4b : PS2, Line 672: TLS 1.3 > Should be DTLS Acknowledged http://gerrit.openvpn.net/c/openvpn/+/843/comment/a39b0e44_3b6d137a : PS2, Line 672: 2**36 > I don't know. I thought you did consider larger packets in the OpenVPN RFC. I commented that we accept this since chacha with > 16k is probably super rare. File src/openvpn/crypto.c: http://gerrit.openvpn.net/c/openvpn/+/843/comment/33de160f_e3170849 : PS2, Line 426: > Extra whitespace Acknowledged -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/843?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I81440ac28a1ad553652e201234e5ddfe03a8c190 Gerrit-Change-Number: 843 Gerrit-PatchSet: 3 Gerrit-Owner: plaisthos <arne-open...@rfc2549.org> Gerrit-Reviewer: MaxF <m...@max-fillinger.net> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-Attention: MaxF <m...@max-fillinger.net> Gerrit-Comment-Date: Sat, 04 Jan 2025 22:44:21 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: plaisthos <arne-open...@rfc2549.org> Comment-In-Reply-To: MaxF <m...@max-fillinger.net> Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
