WIP: Speedup #1734
WIP: Speedup #1734
Conversation
|
Can one of the admins verify this patch? |
|
@whirm Can you run jenkins on this stuff to ensure I do not break stuff? |
|
ok to test |
|
Refer to this link for build results (access rights to CI server needed): |
| @@ -43,13 +43,17 @@ def verify_and_generate_shared_secret(self, dh_secret, dh_received, auth, B): | |||
| return shared_secret | |||
|
|
|||
| def generate_session_keys(self, shared_secret): | |||
| # TODO hkdf??? | |||
There was a problem hiding this comment.
Not the author, but Key Derivation Function - Wiki
There was a problem hiding this comment.
@Pathemeous I read the wiki yesterday but didn't comment yet, thanks for the link!
There was a problem hiding this comment.
Btw, this was all implemented after this issue
#1066
|
@lfdversluis Don't make too big PR's, better to get incremental improvements than a huge patchset with many different things piled together. |
|
@whirm I am fixing typos and stuff when I encounter them. The big changes in spaces are because I reformatted the code with pycharm. Are that the additional improvements you are referring to? |
| hkdf = HKDFExpand(algorithm=hashes.SHA256(), backend=default_backend(), length=40, info="key_generation") | ||
| key = hkdf.derive(shared_secret) | ||
|
|
||
| # TODO what is this |
There was a problem hiding this comment.
We've asked the HKDF for a string of length 40. This gives us:
- two 128 bit keys
- two 32 bit salts
|
Refer to this link for build results (access rights to CI server needed): |
|
Refer to this link for build results (access rights to CI server needed): |
|
@lfdversluis I guess you don't know about git revlog? :) I'll give you guys a quick git intro next week if you want. |
|
Well since I made changes to the submodule I got a detached head, which you normally can abandon by resetting. But somehow that didn't work out and git decided that a merge was needed (?) and sort of undid my last few commits... But I have not heard about revlog, so that might be nice to know if it solves issues such as these 👍 |
|
Refer to this link for build results (access rights to CI server needed): |
|
Refer to this link for build results (access rights to CI server needed): |
|
@whirm The tests that fail, are those "discover" tests that might fail occasionally or did I break something? |
|
That's why I said it would be better to first fix the community and its tests before starting optimizing it. It's buggy and some tests are broken and not always pass. I would go for fixes until it passes 100% of the time. Then optimizations. |
|
@whirm I don't recall you said that, but that may be a good idea. Maybe that will also help me understanding the inner workings and structure of the tunnels. Concerning GDB, I have no experience at all with GDB nor C/CPP so at most I can look in which lib it goes wrong, get a stacktrace and report it upstream to that library. |
|
It's probably our code doing the wrong thing. I wouldn't report anything until we are sure it's not a bug on our side. gdb has python compatibility so you can inspect both the python and the native side. I don't know if you should be doing that or not (@synctext ?) but it's something worth learning :) |
|
Closing this one because it contains old fixes which are already merged and items which are already applied. Will open a new one later. |
DO NOT MERGE, WIP!
Just making sure I do not break stuff while speeding up things.
I added tons of TODO's of items that are unclear to me, if you know their meaning, please leave a comment!