From 222e5355ad10a18644bb4b4d5c67c111bc28ec19 Mon Sep 17 00:00:00 2001 From: Matthias Wachs Date: Wed, 4 Aug 2010 15:28:08 +0000 Subject: [PATCH] changed https cipher from aes256 to rc4-128 SHA1 -> 3x faster crypto_init string can be configured in the config file for testing purposes --- src/transport/plugin_transport_https.c | 43 ++++++++++++++++++- .../test_plugin_transport_data_http.conf | 4 +- .../test_transport_api_https_peer1.conf | 3 ++ .../test_transport_api_https_peer2.conf | 3 ++ .../test_transport_api_rel_https_peer1.conf | 4 +- .../test_transport_api_rel_https_peer2.conf | 4 +- 6 files changed, 57 insertions(+), 4 deletions(-) diff --git a/src/transport/plugin_transport_https.c b/src/transport/plugin_transport_https.c index 6cc9f9c7e..ea97712b5 100644 --- a/src/transport/plugin_transport_https.c +++ b/src/transport/plugin_transport_https.c @@ -370,6 +370,8 @@ struct Plugin /* The private key MHD uses as an \0 terminated string */ char * key; + + char * crypto_init; }; @@ -2347,7 +2349,8 @@ libgnunet_plugin_transport_https_done (void *cls) GNUNET_free_non_null (plugin->bind4_address); GNUNET_free_non_null (plugin->bind6_address); - GNUNET_free_non_null(plugin->bind_hostname); + GNUNET_free_non_null (plugin->bind_hostname); + GNUNET_free_non_null (plugin->crypto_init); GNUNET_free (plugin); GNUNET_free (api); #if DEBUG_HTTPS @@ -2453,6 +2456,34 @@ libgnunet_plugin_transport_https_init (void *cls) plugin->bind4_address = NULL; } } + + /* Get crypto init string from config */ + if (GNUNET_CONFIGURATION_have_value (env->cfg, + "transport-https", "CRYPTO_INIT")) + { + GNUNET_CONFIGURATION_get_value_string (env->cfg, + "transport-https", + "CRYPTO_INIT", + &plugin->crypto_init); + } + else + { + GNUNET_asprintf(&plugin->crypto_init,"NORMAL"); + } + + /* Get private key file from config */ + if (GNUNET_CONFIGURATION_have_value (env->cfg, + "transport-https", "CERT_FILE")) + { + GNUNET_CONFIGURATION_get_value_string (env->cfg, + "transport-https", + "CERT_FILE", + &cert_file); + } + else + { + GNUNET_asprintf(&cert_file,"https.cert"); + } /* Get private key file from config */ if (GNUNET_CONFIGURATION_have_value (env->cfg, @@ -2576,6 +2607,11 @@ libgnunet_plugin_transport_https_init (void *cls) port, &mhd_accept_cb, plugin , &mdh_access_cb, plugin, + /*MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:",*/ + /*MHD_OPTION_HTTPS_PRIORITIES, "PERFORMANCE:",*/ + /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */ + /*MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/ + MHD_OPTION_HTTPS_PRIORITIES, plugin->crypto_init, MHD_OPTION_HTTPS_MEM_KEY, plugin->key, MHD_OPTION_HTTPS_MEM_CERT, plugin->cert, MHD_OPTION_SOCK_ADDR, tmp, @@ -2596,6 +2632,11 @@ libgnunet_plugin_transport_https_init (void *cls) port, &mhd_accept_cb, plugin , &mdh_access_cb, plugin, + /*MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:",*/ + /*MHD_OPTION_HTTPS_PRIORITIES, "PERFORMANCE:",*/ + /* MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL", */ + /*MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL",*/ + MHD_OPTION_HTTPS_PRIORITIES, plugin->crypto_init, MHD_OPTION_HTTPS_MEM_KEY, plugin->key, MHD_OPTION_HTTPS_MEM_CERT, plugin->cert, MHD_OPTION_SOCK_ADDR, (struct sockaddr_in *)plugin->bind4_address, diff --git a/src/transport/test_plugin_transport_data_http.conf b/src/transport/test_plugin_transport_data_http.conf index d4709aa7c..6e5e2d44c 100644 --- a/src/transport/test_plugin_transport_data_http.conf +++ b/src/transport/test_plugin_transport_data_http.conf @@ -24,7 +24,9 @@ USE_IPv6 = YES #BINDTO6 = ::1 KEY_FILE = https_key.key CERT_FILE = https_cert.crt - +CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL +#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL +#CRYPTO_INIT = PERFORMANCE [transport] PREFIX = valgrind --leak-check=full diff --git a/src/transport/test_transport_api_https_peer1.conf b/src/transport/test_transport_api_https_peer1.conf index f67ada8cc..712cd970a 100644 --- a/src/transport/test_transport_api_https_peer1.conf +++ b/src/transport/test_transport_api_https_peer1.conf @@ -15,6 +15,9 @@ USE_IPv4 = YES #BINDTO6 = ::1 KEY_FILE = https_key_p1.key CERT_FILE = https_cert_p1.crt +CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL +#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL +#CRYPTO_INIT = PERFORMANCE [fs] AUTOSTART = NO diff --git a/src/transport/test_transport_api_https_peer2.conf b/src/transport/test_transport_api_https_peer2.conf index 308a06e18..f3703de92 100644 --- a/src/transport/test_transport_api_https_peer2.conf +++ b/src/transport/test_transport_api_https_peer2.conf @@ -15,6 +15,9 @@ USE_IPv4 = YES #BINDTO6 = ::1 KEY_FILE = https_key_p2.key CERT_FILE = https_cert_p2.crt +CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL +#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL +#CRYPTO_INIT = PERFORMANCE [fs] AUTOSTART = NO diff --git a/src/transport/test_transport_api_rel_https_peer1.conf b/src/transport/test_transport_api_rel_https_peer1.conf index 0ee8fe99d..9098a67df 100644 --- a/src/transport/test_transport_api_rel_https_peer1.conf +++ b/src/transport/test_transport_api_rel_https_peer1.conf @@ -15,7 +15,9 @@ BINDTO4 = 127.0.0.1 #BINDTO6 = ::1 KEY_FILE = https_key_p1.key CERT_FILE = https_cert_p1.crt - +CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL +#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL +#CRYPTO_INIT = PERFORMANCE [fs] AUTOSTART = NO diff --git a/src/transport/test_transport_api_rel_https_peer2.conf b/src/transport/test_transport_api_rel_https_peer2.conf index f20366262..892694a4c 100644 --- a/src/transport/test_transport_api_rel_https_peer2.conf +++ b/src/transport/test_transport_api_rel_https_peer2.conf @@ -15,7 +15,9 @@ BINDTO4 = 127.0.0.1 #BINDTO6 = ::1 KEY_FILE = https_key_p2.key CERT_FILE = https_cert_p2.crt - +CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+SHA1:+RSA:+COMP-NULL +#CRYPTO_INIT = NONE:+VERS-TLS1.0:+ARCFOUR-128:+MD5:+RSA:+COMP-NULL +#CRYPTO_INIT = PERFORMANCE [fs] AUTOSTART = NO -- 2.25.1