Make the DH parameter we use for TLS match the one from Apache's mod_ssl

Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. (Backport from 0.2.2's 5ed73e3807d90dd0a3)
author: Nick Mathewson <nickm@torproject.org> 2011-01-24 16:03:14 -0500
committer: Nick Mathewson <nickm@torproject.org> 2011-02-10 15:55:06 -0500
commit: 50c259d763c7471588b4e1f242695d2652e4284b (patch)
tree: 95018c9f25fde4fbf49338ecfb6af098b8558ecb /src/common/crypto.h
parent: 5fc6967956610111d8cf24792ddf000bd83b4b86 (diff)
download: tor-50c259d763c7471588b4e1f242695d2652e4284b.tar
tor-50c259d763c7471588b4e1f242695d2652e4284b.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/src/common/crypto.h b/src/common/crypto.h
index d6f555537..576c03dc3 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -159,7 +159,10 @@ void crypto_hmac_sha1(char *hmac_out,
                       const char *msg, size_t msg_len);
 
 /* Key negotiation */
-crypto_dh_env_t *crypto_dh_new(void);
+#define DH_TYPE_CIRCUIT 1
+#define DH_TYPE_REND 2
+#define DH_TYPE_TLS 3
+crypto_dh_env_t *crypto_dh_new(int dh_type);
 int crypto_dh_get_bytes(crypto_dh_env_t *dh);
 int crypto_dh_generate_public(crypto_dh_env_t *dh);
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
author	Nick Mathewson <nickm@torproject.org>	2011-01-24 16:03:14 -0500
committer	Nick Mathewson <nickm@torproject.org>	2011-02-10 15:55:06 -0500
commit	50c259d763c7471588b4e1f242695d2652e4284b (patch)
tree	95018c9f25fde4fbf49338ecfb6af098b8558ecb /src/common/crypto.h
parent	5fc6967956610111d8cf24792ddf000bd83b4b86 (diff)
download	tor-50c259d763c7471588b4e1f242695d2652e4284b.tar tor-50c259d763c7471588b4e1f242695d2652e4284b.tar.gz