Changes between Initial Version and Version 4 of Ticket #1310
- Timestamp:
- 08/17/20 13:57:59 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #1310
- Property Cc tct added
-
Property
Summary
changed from
--max-clients with --tls-crypt-v2-verify leads to potential DDOS
to--tls-crypt-v2-verify leads to potential DDOS
-
Property
Milestone
changed from
to
release 2.5
-
Ticket #1310 – Description
initial v4 1 **Notice**: `--max-clients n` is not required. `--tls-crypt-v2-verify` is the root cause. It was simply that I found it when testing with `--max-clients` 2 1 3 When using `--max-clients n` with `--tls-crypt-v2-verify`, openvpn treats a failed connection from a client as a connected client until `Inactivity timeout (--ping-restart)` of the failed connection. This can lead to a potential DDOS situation. 2 4