Merge "Allow configuration of SSH rekey values"

2014-10-14 00:49:30 +00:00 · 2014-10-14 00:49:30 +00:00 · 2debfe9313
commit 2debfe9313
parent ad060ec871 6f721702f0
2 changed files with 27 additions and 0 deletions
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@ -3113,6 +3113,24 @@ programmatic configuration.
 +
 By default, true.

+[[sshd.rekeyBytesLimit]]sshd.rekeyBytesLimit::
+
+Sshd Mina will issue a rekeying after a certain amount of data.
+This configuration option allows you to tweak that setting.
+
+By default, 1073741824 (bytes, 1GB).
+
+The rekeyBytesLimit cannot be set to lower than 32.
+
+[[sshd.rekeyTimeLimit]]sshd.rekeyTimeLimit::
+
+Sshd Mina will issue a rekeying after a certain amount of time.
+This configuration option allows you to tweak that setting.
+
+By default, 1h.
+
+Set to 0 to disable this check.
+
 [[suggest]]
 === Section suggest

--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
@ -189,6 +189,15 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
        IDLE_TIMEOUT,
        String.valueOf(SECONDS.toMillis(idleTimeoutSeconds)));

+    long rekeyTimeLimit = ConfigUtil.getTimeUnit(cfg, "sshd", null,
+        "rekeyTimeLimit", 3600, SECONDS);
+    getProperties().put(
+        REKEY_TIME_LIMIT,
+        String.valueOf(SECONDS.toMillis(rekeyTimeLimit)));
+
+    getProperties().put(REKEY_BYTES_LIMIT,
+        String.valueOf(cfg.getLong("sshd", "rekeyBytesLimit", 1024 * 1024 * 1024 /* 1GB */)));
+
    final int maxConnectionsPerUser =
        cfg.getInt("sshd", "maxConnectionsPerUser", 64);
    if (0 < maxConnectionsPerUser) {