Add option to disable DH init check for faster init

The check is not necessary and on Android it takes around 1 minute to
  complete.
This commit is contained in:
Gioacchino Mazzurco 2020-03-01 01:38:26 +01:00
parent 6bb0950dd6
commit 15c3e87bc5
No known key found for this signature in database
GPG Key ID: A1FBCA3872E87051
2 changed files with 19 additions and 2 deletions

View File

@ -404,10 +404,16 @@ int AuthSSLimpl::InitAuth(
std::cout.flush() ; std::cout.flush() ;
#ifndef RS_DISABLE_DIFFIE_HELLMAN_INIT_CHECK
if(DH_check(dh, &codes) && codes == 0) if(DH_check(dh, &codes) && codes == 0)
SSL_CTX_set_tmp_dh(sslctx, dh); SSL_CTX_set_tmp_dh(sslctx, dh);
else else
pfs_enabled = false; pfs_enabled = false;
#else // ndef RS_DISABLE_DIFFIE_HELLMAN_INIT_CHECK
/* DH_check(...) is not strictly necessary and on Android devices it
* takes at least one minute which is untolerable there */
SSL_CTX_set_tmp_dh(sslctx, dh);
#endif // ndef RS_DISABLE_DIFFIE_HELLMAN_INIT_CHECK
} }
else else
pfs_enabled = false ; pfs_enabled = false ;

View File

@ -191,6 +191,15 @@ no_rs_service_webui_terminal_password:CONFIG -= rs_service_webui_terminal_passwo
CONFIG *= rs_service_terminal_login CONFIG *= rs_service_terminal_login
no_rs_service_terminal_login:CONFIG -= rs_service_terminal_login no_rs_service_terminal_login:CONFIG -= rs_service_terminal_login
# To disable Diffie Hellman group check at init append the following assignation
# to qmake command line "CONFIG+=no_rs_dh_init_check"
# this check is not strictly needed and on some platform is very slow.
# On Android it takes at least one minute at startup which is untolerable for
# most phone users
CONFIG+=rs_dh_init_check
no_rs_dh_init_check:CONFIG -= rs_dh_init_check
# Specify host precompiled jsonapi-generator path, appending the following # Specify host precompiled jsonapi-generator path, appending the following
# assignation to qmake command line # assignation to qmake command line
# 'JSONAPI_GENERATOR_EXE=/myBuildDir/jsonapi-generator'. Required for JSON API # 'JSONAPI_GENERATOR_EXE=/myBuildDir/jsonapi-generator'. Required for JSON API
@ -552,6 +561,8 @@ rs_use_native_dialogs:DEFINES *= RS_NATIVEDIALOGS
rs_broadcast_discovery:DEFINES *= RS_BROADCAST_DISCOVERY rs_broadcast_discovery:DEFINES *= RS_BROADCAST_DISCOVERY
no_rs_dh_init_check:DEFINES *= RS_DISABLE_DIFFIE_HELLMAN_INIT_CHECK
debug { debug {
QMAKE_CXXFLAGS -= -O2 -fomit-frame-pointer QMAKE_CXXFLAGS -= -O2 -fomit-frame-pointer
QMAKE_CFLAGS -= -O2 -fomit-frame-pointer QMAKE_CFLAGS -= -O2 -fomit-frame-pointer