Make the DH parameter we use for TLS match the one from Apache's mod_ssl

Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance.
author: Nick Mathewson <nickm@torproject.org> 2011-01-24 16:03:14 -0500
committer: Nick Mathewson <nickm@torproject.org> 2011-01-24 16:50:11 -0500
commit: 5ed73e3807d90dd0a3a2e5542f98a0a58374a066 (patch)
tree: 7cd2519566d26786ae866f3c516e2b9a40643a6b /src/common/crypto.h
parent: 13e9a2b19d4a65d9761256ac72f754c35c371b0b (diff)
download: tor-5ed73e3807d90dd0a3a2e5542f98a0a58374a066.tar.gz
tor-5ed73e3807d90dd0a3a2e5542f98a0a58374a066.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/common/crypto.h b/src/common/crypto.h
index c306bec276..7134956731 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -195,7 +195,10 @@ void crypto_hmac_sha1(char *hmac_out,
                       const char *msg, size_t msg_len);
 
 /* Key negotiation */
-crypto_dh_env_t *crypto_dh_new(void);
+#define DH_TYPE_CIRCUIT 1
+#define DH_TYPE_REND 2
+#define DH_TYPE_TLS 3
+crypto_dh_env_t *crypto_dh_new(int dh_type);
 int crypto_dh_get_bytes(crypto_dh_env_t *dh);
 int crypto_dh_generate_public(crypto_dh_env_t *dh);
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
author	Nick Mathewson <nickm@torproject.org>	2011-01-24 16:03:14 -0500
committer	Nick Mathewson <nickm@torproject.org>	2011-01-24 16:50:11 -0500
commit	5ed73e3807d90dd0a3a2e5542f98a0a58374a066 (patch)
tree	7cd2519566d26786ae866f3c516e2b9a40643a6b /src/common/crypto.h
parent	13e9a2b19d4a65d9761256ac72f754c35c371b0b (diff)
download	tor-5ed73e3807d90dd0a3a2e5542f98a0a58374a066.tar.gz tor-5ed73e3807d90dd0a3a2e5542f98a0a58374a066.zip