Changes between Version 35 and Version 36 of MunichHackathon2013

11/17/13 12:25:58 (5 years ago)
Gert Döring



  • MunichHackathon2013

    v35 v36  
    168168* window elevated privileges patch (manifest patch from pekster)
    169169   * d12fk is worried that people might upgrade to 2.4 and then have a gui running as "administrator" which would defeat the whole interactive service approach
     171* packet format and alignment (James/--tls-float patch)
     172   * HMAC and encrypted data is not 32bit aligned today due to the opcode
     173   * propose to byte-swap the opcode with the last byte in the packet, so after swapping back the HMAC is 32bit aligned
     174   * can be done by sending IV_PROTO=<supported max version> by the client (server can then immediately turn it on) and pushing "wire-proto <x>" from the server to the client (and then the client can immediately turn it on)
     175   * slightly related: include session ID in the data packet, "if you feel like it might be needed"?  (to handle --float in TLS-mode without opening ourselves to UDP->HMAC CPU DoS)
     176   * "don't send it more than 1/second, don't send it unless you have heard from the server for more than <n> seconds"...
     177   * watch out for MTU jumps -> "set aside that amount of space even if not used"
     178   * TODO:
     179       * define opcodes for "wire-protocol 2" for "short/swapped mode" and "swapped mode with session id"
     180       * add "wire-protocol 2" to option.c etc
     181       * add push-peer-info IV_PROTO=2
     182       * add logic to server to read IV_PROTO and push "wire-protocol <x>" to the maximum supported by client and server