commit c8f2dd1e6717b7fd4f3b96874a68dde9151411b3
Author: David Fifield <da...@bamsoftware.com>
Date: Thu Dec 25 21:27:51 2014 -0800
Reduce meek-server minSessionIdLength from 32 to 8.
Relevant to #12778, we can reduce the size of requests by reducing the
length of the Session-Id. Note that minSessionIdLength in meek-server is
the encoded length. In base64, 8 characters represents 6 bytes or 48
bits. There would have to be about 2^24 simultaneous sessions to have a
probability of collision more than half, so it still seems safe.
---
meek-server/meek-server.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meek-server/meek-server.go b/meek-server/meek-server.go
index 669f329..2f67ae4 100644
--- a/meek-server/meek-server.go
+++ b/meek-server/meek-server.go
@@ -34,7 +34,7 @@ const (
// Reject session ids shorter than this, as a weak defense against
// client bugs that send an empty session id or something similarly
// likely to collide.
- minSessionIdLength = 32
+ minSessionIdLength = 8
// The largest request body we are willing to process, and the largest
// chunk of data we'll send back in a response.
maxPayloadLength = 0x10000
_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
