diff --git a/router/java/src/net/i2p/router/transport/crypto/DHSessionKeyBuilder.java b/router/java/src/net/i2p/router/transport/crypto/DHSessionKeyBuilder.java
index 061bbc09e878270a5b16b0fc0ede5424c6d46c10..3f554097870ad5d754e5ebcee0d94b2ac6df37d5 100644
--- a/router/java/src/net/i2p/router/transport/crypto/DHSessionKeyBuilder.java
+++ b/router/java/src/net/i2p/router/transport/crypto/DHSessionKeyBuilder.java
@@ -62,9 +62,9 @@ public class DHSessionKeyBuilder {
private final static String PROP_DH_PRECALC_MIN = "crypto.dh.precalc.min";
private final static String PROP_DH_PRECALC_MAX = "crypto.dh.precalc.max";
private final static String PROP_DH_PRECALC_DELAY = "crypto.dh.precalc.delay";
- private final static int DEFAULT_DH_PRECALC_MIN = 15;
- private final static int DEFAULT_DH_PRECALC_MAX = 40;
- private final static int DEFAULT_DH_PRECALC_DELAY = 200;
+ private final static int DEFAULT_DH_PRECALC_MIN = 20;
+ private final static int DEFAULT_DH_PRECALC_MAX = 60;
+ private final static int DEFAULT_DH_PRECALC_DELAY = 50;
/**
* Create a new public/private value pair for the DH exchange.
@@ -429,6 +429,12 @@ public class DHSessionKeyBuilder {
public void returnUnused(DHSessionKeyBuilder builder);
}
+ /**
+ * Try to keep DH pairs at the ready.
+ * It's important to do this in a separate thread, because if we run out,
+ * the pairs are generated in the NTCP Pumper thread,
+ * and it can fall behind.
+ */
public static class PrecalcRunner extends I2PThread implements Factory {
private final I2PAppContext _context;
private final Log _log;
@@ -438,8 +444,8 @@ public class DHSessionKeyBuilder {
private final LinkedBlockingQueue<DHSessionKeyBuilder> _builders;
private volatile boolean _isRunning;
- /** check every 30 seconds whether we have less than the minimum */
- private long _checkDelay = 30 * 1000;
+ /** check periodically whether we have less than the minimum */
+ private long _checkDelay = 10 * 1000;
public PrecalcRunner(I2PAppContext ctx) {
super("DH Precalc");