changed https cipher from aes256 to rc4-128 SHA1

-> 3x faster
crypto_init string can be configured in the config file for testing
purposes

diff --git a/src/transport/plugin_transport_https.c b/src/transport/plugin_transport_https.c
index 6cc9f9c7eadec955d239ffa7f9802466c09aeafe..ea97712b5375c796738cbe94ea453f176effd0d7 100644 (file)
--- a/src/transport/plugin_transport_https.c
+++ b/src/transport/plugin_transport_https.c
@@ -370,6 +370,8 @@ struct Plugin
 
   /* The private key MHD uses as an \0 terminated string */
   char * key;
+  
+  char * crypto_init;
 };
 
 
@@ -2347,7 +2349,8 @@ libgnunet_plugin_transport_https_done (void *cls)
 
   GNUNET_free_non_null (plugin->bind4_address);
   GNUNET_free_non_null (plugin->bind6_address);
-  GNUNET_free_non_null(plugin->bind_hostname);
+  GNUNET_free_non_null (plugin->bind_hostname);
+  GNUNET_free_non_null (plugin->crypto_init);
   GNUNET_free (plugin);
   GNUNET_free (api);
 #if DEBUG_HTTPS
@@ -2453,6 +2456,34 @@ libgnunet_plugin_transport_https_init (void *cls)
                  plugin->bind4_address = NULL;
          }
   }
+  
+    /* Get crypto init string from config */
+  if (GNUNET_CONFIGURATION_have_value (env->cfg,
+                                                                          "transport-https", "CRYPTO_INIT"))
+  {
+               GNUNET_CONFIGURATION_get_value_string (env->cfg,
+                                                                                          "transport-https",
+                                                                                          "CRYPTO_INIT",
+                                                                                          &plugin->crypto_init);
+  }
+  else
+  {
+         GNUNET_asprintf(&plugin->crypto_init,"NORMAL");
+  }
+
+  /* Get private key file from config */
+  if (GNUNET_CONFIGURATION_have_value (env->cfg,
+                                                                          "transport-https", "CERT_FILE"))
+  {
+         GNUNET_CONFIGURATION_get_value_string (env->cfg,
+                                                                                        "transport-https",
+                                                                                    "CERT_FILE",
+                                                                                    &cert_file);
+  }
+  else
+  {
+         GNUNET_asprintf(&cert_file,"https.cert");
+  }
 
   /* Get private key file from config */
   if (GNUNET_CONFIGURATION_have_value (env->cfg,
@@ -2576,6 +2607,11 @@ libgnunet_plugin_transport_https_init (void *cls)
                                        port,
                                        &mhd_accept_cb,
                                        plugin , &mdh_access_cb, plugin,
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "NORMAL:",*/
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "PERFORMANCE:",*/
+                                       /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/
+                                      MHD_OPTION_HTTPS_PRIORITIES,  plugin->crypto_init,
                                        MHD_OPTION_HTTPS_MEM_KEY, plugin->key,
                                        MHD_OPTION_HTTPS_MEM_CERT, plugin->cert,
                                        MHD_OPTION_SOCK_ADDR, tmp,
@@ -2596,6 +2632,11 @@ libgnunet_plugin_transport_https_init (void *cls)
                                        port,
                                        &mhd_accept_cb,
                                        plugin , &mdh_access_cb, plugin,
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "NORMAL:",*/
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "PERFORMANCE:",*/
+                                       /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */
+                                       /*MHD_OPTION_HTTPS_PRIORITIES,  "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/
+                                      MHD_OPTION_HTTPS_PRIORITIES,  plugin->crypto_init,
                                        MHD_OPTION_HTTPS_MEM_KEY, plugin->key,
                                        MHD_OPTION_HTTPS_MEM_CERT, plugin->cert,
                                        MHD_OPTION_SOCK_ADDR, (struct sockaddr_in *)plugin->bind4_address,

diff --git a/src/transport/test_plugin_transport_data_http.conf b/src/transport/test_plugin_transport_data_http.conf
index d4709aa7cf67ac9d8e269fb7cbced999c2175b7e..6e5e2d44cb6d6b15a4fbf82cba9600880c9b69bd 100644 (file)
--- a/src/transport/test_plugin_transport_data_http.conf
+++ b/src/transport/test_plugin_transport_data_http.conf
@@ -24,7 +24,9 @@ USE_IPv6 = YES
 #BINDTO6 = ::1
 KEY_FILE = https_key.key
 CERT_FILE = https_cert.crt
-
+CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL
+#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL
+#CRYPTO_INIT = PERFORMANCE
 
 [transport]
 PREFIX = valgrind --leak-check=full

diff --git a/src/transport/test_transport_api_https_peer1.conf b/src/transport/test_transport_api_https_peer1.conf
index f67ada8cc8cf9c3864944e15a30449abf345d158..712cd970a4f3d5ab1046b003071e00f6ea228366 100644 (file)
--- a/src/transport/test_transport_api_https_peer1.conf
+++ b/src/transport/test_transport_api_https_peer1.conf
@@ -15,6 +15,9 @@ USE_IPv4 = YES
 #BINDTO6 = ::1
 KEY_FILE = https_key_p1.key
 CERT_FILE = https_cert_p1.crt
+CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL
+#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL
+#CRYPTO_INIT = PERFORMANCE
 
 [fs]
 AUTOSTART = NO

diff --git a/src/transport/test_transport_api_https_peer2.conf b/src/transport/test_transport_api_https_peer2.conf
index 308a06e18e9b02f8d978730786f0e8838e15c1f1..f3703de922b073b81e08a8db9a36481a3ac4e03e 100644 (file)
--- a/src/transport/test_transport_api_https_peer2.conf
+++ b/src/transport/test_transport_api_https_peer2.conf
@@ -15,6 +15,9 @@ USE_IPv4 = YES
 #BINDTO6 = ::1
 KEY_FILE = https_key_p2.key
 CERT_FILE = https_cert_p2.crt
+CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL
+#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL
+#CRYPTO_INIT = PERFORMANCE
 
 [fs]
 AUTOSTART = NO

diff --git a/src/transport/test_transport_api_rel_https_peer1.conf b/src/transport/test_transport_api_rel_https_peer1.conf
index 0ee8fe99d84f90c9328154f68e96f7147218df82..9098a67df7f4f4b93b0fe000d18d90d8abcb9ed0 100644 (file)
--- a/src/transport/test_transport_api_rel_https_peer1.conf
+++ b/src/transport/test_transport_api_rel_https_peer1.conf
@@ -15,7 +15,9 @@ BINDTO4 = 127.0.0.1
 #BINDTO6 = ::1
 KEY_FILE = https_key_p1.key
 CERT_FILE = https_cert_p1.crt
-
+CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL
+#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL
+#CRYPTO_INIT = PERFORMANCE
 
 [fs]
 AUTOSTART = NO

diff --git a/src/transport/test_transport_api_rel_https_peer2.conf b/src/transport/test_transport_api_rel_https_peer2.conf
index f2036626274256d566a7587ae3f59a1640f472ea..892694a4c306741af23f1d7e8c421e8b6a16a58b 100644 (file)
--- a/src/transport/test_transport_api_rel_https_peer2.conf
+++ b/src/transport/test_transport_api_rel_https_peer2.conf
@@ -15,7 +15,9 @@ BINDTO4 = 127.0.0.1
 #BINDTO6 = ::1
 KEY_FILE = https_key_p2.key
 CERT_FILE = https_cert_p2.crt
-
+CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL
+#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL
+#CRYPTO_INIT = PERFORMANCE
 
 [fs]
 AUTOSTART = NO