opendev/gerrit
Code Issues Proposed changes

Merge "Allow configuration of SSH rekey values"

Browse Source
This commit is contained in:
David Pursehouse 2014-10-14 00:49:30 +00:00 committed by Gerrit Code Review
commit 2debfe9313
2 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Documentation/config-gerrit.txt
View File

@ -3113,6 +3113,24 @@ programmatic configuration.
+ +
By default, true. By default, true.
[[sshd.rekeyBytesLimit]]sshd.rekeyBytesLimit::
+
Sshd Mina will issue a rekeying after a certain amount of data.
This configuration option allows you to tweak that setting.
+
By default, 1073741824 (bytes, 1GB).
+
The rekeyBytesLimit cannot be set to lower than 32.
[[sshd.rekeyTimeLimit]]sshd.rekeyTimeLimit::
+
Sshd Mina will issue a rekeying after a certain amount of time.
This configuration option allows you to tweak that setting.
+
By default, 1h.
+
Set to 0 to disable this check.
[[suggest]] [[suggest]]
=== Section suggest === Section suggest

9
gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
View File

@ -189,6 +189,15 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
IDLE_TIMEOUT, IDLE_TIMEOUT,
String.valueOf(SECONDS.toMillis(idleTimeoutSeconds))); String.valueOf(SECONDS.toMillis(idleTimeoutSeconds)));
long rekeyTimeLimit = ConfigUtil.getTimeUnit(cfg, "sshd", null,
"rekeyTimeLimit", 3600, SECONDS);
getProperties().put(
REKEY_TIME_LIMIT,
String.valueOf(SECONDS.toMillis(rekeyTimeLimit)));
getProperties().put(REKEY_BYTES_LIMIT,
String.valueOf(cfg.getLong("sshd", "rekeyBytesLimit", 1024 * 1024 * 1024 /* 1GB */)));
final int maxConnectionsPerUser = final int maxConnectionsPerUser =
cfg.getInt("sshd", "maxConnectionsPerUser", 64); cfg.getInt("sshd", "maxConnectionsPerUser", 64);
if (0 < maxConnectionsPerUser) { if (0 < maxConnectionsPerUser) {