[tor-bugs] #4548 [Tor Bridge]: Implement dynamic (rakshasa) primes (part of proposal 179)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Nov 25 02:53:59 UTC 2011
#4548: Implement dynamic (rakshasa) primes (part of proposal 179)
------------------------+---------------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Bridge | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by nickm):
Remaining issues, in addition to those above, after second review:
* If this new option is going to be on-by-default, then clients really
shouldn't pay attention to it, since they shouldn't actually need to have
a group at all.
* DH_GENERATOR should probably be internal to crypto.c; I don't see a
great reason to have it in crypto.
* spelling error in crypto_set_tls_dh_prime: "moduluss"
* Why not call crypto_store_dynamic_dh_modulus from
crypto_set_tls_dh_prime immediately after generating and checking the new
modulus?
* Checking a file status right before opening it is prone to race-
conditions; it's better just to open the file and see if you get an error.
There should be functions in util.c to do this. (This one could get
cleaned up later)
* The branch is super-long: the "git log -p" output is over 6x as long as
the actual diff with the changes in it. I think this implies I should do
some rebasing and squashing pre-merge; suggestions there would be welcome.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4548#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list