Merge branch 'ticket28851_035_squashed' into maint-0.3.5

2 files changed, 10 insertions, 0 deletions

diff --git a/changes/ticket28851 b/changes/ticket28851
new file mode 100644
index 0000000000..bab0318662
--- /dev/null
+++ b/changes/ticket28851
@@ -0,0 +1,4 @@
+  o Minor features (performance):
+    - Stop re-validating our hardcoded Diffie-Hellman parameters on every
+      startup. Doing this wasted time and cycles, especially on low-powered
+      devices. Closes ticket 28851.
diff --git a/src/lib/crypt_ops/crypto_dh_openssl.c b/src/lib/crypt_ops/crypto_dh_openssl.c
index 54946458d5..0d9bd513cf 100644
--- a/src/lib/crypt_ops/crypto_dh_openssl.c
+++ b/src/lib/crypt_ops/crypto_dh_openssl.c
@@ -45,6 +45,8 @@ static BIGNUM *dh_param_p_tls = NULL;
 /** Shared G parameter for our DH key exchanges. */
 static BIGNUM *dh_param_g = NULL;
 
+/* This function is disabled unless we change the DH parameters. */
+#if 0
 /** Validate a given set of Diffie-Hellman parameters.  This is moderately
  * computationally expensive (milliseconds), so should only be called when
  * the DH parameters change. Returns 0 on success, * -1 on failure.
@@ -98,6 +100,7 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g)
     DH_free(dh);
   return ret;
 }
+#endif
 
 /**
  * Helper: convert <b>hex<b> to a bignum, and return it.  Assert that the
@@ -151,8 +154,11 @@ crypto_dh_init_openssl(void)
   dh_param_p = bignum_from_hex(OAKLEY_PRIME_2);
   dh_param_p_tls = bignum_from_hex(TLS_DH_PRIME);
 
+  /* Checks below are disabled unless we change the hardcoded DH parameters. */
+#if 0
   tor_assert(0 == crypto_validate_dh_params(dh_param_p, dh_param_g));
   tor_assert(0 == crypto_validate_dh_params(dh_param_p_tls, dh_param_g));
+#endif
 }
 
 /** Number of bits to use when choosing the x or y value in a Diffie-Hellman