From 5ed73e3807d90dd0a3a2e5542f98a0a58374a066 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 24 Jan 2011 16:03:14 -0500 Subject: Make the DH parameter we use for TLS match the one from Apache's mod_ssl Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. --- src/or/rendclient.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/or/rendclient.c') diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 1306fe071..ba5987c69 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -121,7 +121,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, cpath = rendcirc->build_state->pending_final_cpath = tor_malloc_zero(sizeof(crypt_path_t)); cpath->magic = CRYPT_PATH_MAGIC; - if (!(cpath->dh_handshake_state = crypto_dh_new())) { + if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) { log_warn(LD_BUG, "Internal error: couldn't allocate DH."); goto err; } -- cgit v1.2.3