Opened 10 months ago

Closed 9 months ago

Last modified 7 months ago

#28851 closed defect (fixed)

Do we really need to check our hardwired DH primes at startup?

Reported by: nickm Owned by: nickm
Priority: Medium Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor Version: Tor: 0.3.4.9
Severity: Normal Keywords: startup performance 035-backport
Cc: Actual Points: 0
Parent ID: #28481 Points:
Reviewer: asn Sponsor: Sponsor8-can

Description

After the #28837, #28838, and #28839, I note that we're now spending about 24% of our of our startup time in crypto_validate_dh_params().

Since our diffie hellman parameters are hardcoded, maybe we don't actually need to validate them on every startup, especially on clients?

Child Tickets

Change History (7)

comment:1 Changed 10 months ago by nickm

Owner: set to nickm
Status: newaccepted

comment:2 Changed 10 months ago by nickm

Actual Points: 0
Status: acceptedneeds_review

Branch is ticket28851_035; PR is https://github.com/torproject/tor/pull/590

comment:3 Changed 10 months ago by dgoulet

Reviewer: asn

comment:4 Changed 10 months ago by asn

Status: needs_reviewneeds_revision

Let's add a comment explaining why we have disabled this code? Or just delete it entirely?
I'm afraid that just doing #if 0 like that can be confusing and/or dirty.

comment:5 Changed 10 months ago by asn

Status: needs_revisionmerge_ready

Trivial comment fixup in my ticket28851_035

comment:6 Changed 9 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

thanks; squashed and merged!

comment:7 Changed 7 months ago by teor

Milestone: Tor: 0.4.0.x-finalTor: 0.3.5.x-final

Backported in merge abdc6aede2.

Note: See TracTickets for help on using tickets.