[freenet-dev] [freenet-cvs] r15390 - branches/freenet-jfk/src/freenet/node

Sat, 29 Sep 2007 21:26:53 +0100 

Arguably this should occur on a separate thread.

On Saturday 29 September 2007 19:13, you wrote:
> Author: nextgens
> Date: 2007-09-29 18:13:44 +0000 (Sat, 29 Sep 2007)
> New Revision: 15390
> 
> Modified:
>    branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
> Log:
> Renew DH parameters every 30mins
> 
> Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
> ===================================================================
> --- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java       
> 2007-09-29 
17:49:29 UTC (rev 15389)
> +++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java       
> 2007-09-29 
18:13:44 UTC (rev 15390)
> @@ -75,8 +75,10 @@
>  
>       private final HashMap authenticatorCache;
>       
> -     /** We renew it on each *successful* run of the protocol (the spec. 
says "once a while") - access is synchronized! */
> +     /** We renew it every 30mins (the spec. says "once a while") - access 
> is 
synchronized! */
>       private DiffieHellmanLightContext currentDHContext = null;
> +     private long currentDHContextLifetime = 0;
> +     
>       protected static final int NONCE_SIZE = 8;
>       /**
>        * How big can the authenticator get before we flush it ?
> @@ -815,7 +817,6 @@
>               // Send reply
>               sendMessage4Packet(1, 2, 3, nonceInitiator, 
nonceResponder,initiatorExponential, responderExponential, c, Ke, Ka, 
authenticator, pn, replyTo);
>               
> -             //FIXME: rekey .... ?
>               c.initialize(Ks);
>               if(!pn.completedHandshake(bootID, data, 8, data.length-8, c, 
> Ks, replyTo, 
true)) {
>                       Logger.error(this, "Handshake failure! with "+pn);
> @@ -2381,10 +2382,15 @@
>               return crypto.config.alwaysAllowLocalAddresses();
>       }
>  
> -     private synchronized DiffieHellmanLightContext 
getLightDiffieHellmanContext(PeerNode pn) {
> -             if(currentDHContext == null) {
> -                     currentDHContext = DiffieHellman.generateLightContext();
> -                     
currentDHContext.setSignature(signDHParams(currentDHContext.myExponential, 
pn.peerCryptoGroup));
> +     private DiffieHellmanLightContext getLightDiffieHellmanContext(PeerNode 
pn) {
> +             final long now = System.currentTimeMillis();
> +             
> +             synchronized (this) {
> +                     if((currentDHContext == null) || 
> (currentDHContextLifetime + 
1800000 /*30mins*/) < now) {
> +                             currentDHContextLifetime = now;
> +                             currentDHContext = 
> DiffieHellman.generateLightContext();
> +                             
currentDHContext.setSignature(signDHParams(currentDHContext.myExponential, 
pn.peerCryptoGroup));
> +                     }
>               }
>               return currentDHContext;
>       }
> 
> _______________________________________________
> cvs mailing list
> cvs at freenetproject.org
> http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: 
<https://emu.freenetproject.org/pipermail/devl/attachments/20070929/8ee502a8/attachment.pgp>

Reply via email to