On Tue, Aug 03, 2021 at 01:12:54AM +0300, Vitaliy Makkoveev wrote:
> Index: sbin/iked/types.h
> ===================================================================
> RCS file: /cvs/src/sbin/iked/types.h,v
> retrieving revision 1.43
> diff -u -p -r1.43 types.h
> --- sbin/iked/types.h 13 May 2021 15:20:48 -0000      1.43
> +++ sbin/iked/types.h 2 Aug 2021 21:41:55 -0000
> @@ -67,7 +67,7 @@
>  #define IKED_CYCLE_BUFFERS   8       /* # of static buffers for mapping */
>  #define IKED_PASSWORD_SIZE   256     /* limited by most EAP types */
>  
> -#define IKED_LIFETIME_BYTES  536870912 /* 512 Mb */
> +#define IKED_LIFETIME_BYTES  1073741824 /* 512 Mb */
>  #define IKED_LIFETIME_SECONDS        10800     /* 3 hours */
>  
>  #define IKED_E                       0x1000  /* Decrypted flag */
> 

Comment and value don't match? Also, isn't 512MB quite low with modern
crypto algorithms?

Joerg

Reply via email to