"Both the privacy and the authenticity properties of OCB degrade as
per s^2 / 2^128, where s is the total number of blocks that the
adversary acquires.... In order to ensure that s^2 / 2^128 remains
small, a given key should be used to encrypt at most 2^48 blocks (2^55
bits or 4 petabytes)"
-- http://tools.ietf.org/html/draft-krovetz-ocb-03
We deem it unlikely that a legitimate user will send 4 PB through a Mosh
session. If it happens, we simply kill the session. The server and
client use the same key, so we actually need to die after 2^47 blocks.
Closes#77.
This is a precaution to avoid saving sensitive data to disk, e.g. session keys.
We expect that corefiles are not world readable, but they're still sitting on
the physical disk and it's safer just to disable creating them.
GitHub issue #71 deals with a similar concern.
This turns off -Werror by default except in the Debian package.
-Werror is inherently unportable and breaks things on OS X. While it
can cause problems in Debian too, this is at least a little better.
It also turns off -pedantic in src/protobufs, because apparently
protoc output doesn’t compile with -pedantic on all platforms.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Benjamin Kaduk