diff options
| author | Roger Dingledine <arma@torproject.org> | 2003-09-08 06:26:38 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2003-09-08 06:26:38 +0000 |
| commit | a6a5784bcaae042ba931a98a64b227e9a5a38157 (patch) | |
| tree | ecdc6fc17ced544a04d7437732761a08df1e5cbb | |
| parent | ace475f01cf8fd6f2cd95e61c08b43d8296e2c88 (diff) | |
| download | tor-a6a5784bcaae042ba931a98a64b227e9a5a38157.tar.gz tor-a6a5784bcaae042ba931a98a64b227e9a5a38157.zip | |
add CertFile, Nickname
write new certfile if you don't have one already
set up a tls context on startup
svn:r432
| -rw-r--r-- | src/or/config.c | 8 | ||||
| -rw-r--r-- | src/or/main.c | 23 | ||||
| -rw-r--r-- | src/or/or.h | 2 |
3 files changed, 32 insertions, 1 deletions
diff --git a/src/or/config.c b/src/or/config.c index 694488fa1d..3ac16d9930 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -192,6 +192,8 @@ static void config_assign(or_options_t *options, struct config_line *list) { config_compare(list, "PrivateKeyFile", CONFIG_TYPE_STRING, &options->PrivateKeyFile) || config_compare(list, "SigningPrivateKeyFile", CONFIG_TYPE_STRING, &options->SigningPrivateKeyFile) || config_compare(list, "RouterFile", CONFIG_TYPE_STRING, &options->RouterFile) || + config_compare(list, "CertFile", CONFIG_TYPE_STRING, &options->CertFile) || + config_compare(list, "Nickname", CONFIG_TYPE_STRING, &options->Nickname) || /* int options */ config_compare(list, "MaxConn", CONFIG_TYPE_INT, &options->MaxConn) || @@ -244,6 +246,7 @@ int getconfig(int argc, char **argv, or_options_t *options) { options->NewCircuitPeriod = 60; /* once a minute */ options->TotalBandwidth = 800000; /* at most 800kB/s total sustained incoming */ options->NumCpus = 1; + options->CertFile = "default.cert"; // options->ReconnectPeriod = 6001; /* get config lines from /etc/torrc and assign them */ @@ -352,6 +355,11 @@ int getconfig(int argc, char **argv, or_options_t *options) { result = -1; } + if(options->OnionRouter && options->Nickname == NULL) { + log_fn(LOG_ERR,"Nickname required for OnionRouter, but not found."); + return -1; + } + if(options->DirPort > 0 && options->SigningPrivateKeyFile == NULL) { log(LOG_ERR,"SigningPrivateKeyFile option required for DirServer, but not found."); result = -1; diff --git a/src/or/main.c b/src/or/main.c index 2f8250a674..0f6fa9a26a 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -450,7 +450,28 @@ static int do_main_loop(void) { } #ifdef USE_TLS - make the tls context here + if(options.OnionRouter) { + struct stat statbuf; + if(stat(options.CertFile, &statbuf) < 0) { + log_fn(LOG_INFO,"CertFile %s is missing. Generating.", options.CertFile); + if(tor_tls_write_certificate(options.CertFile, + get_privatekey(), + options.Nickname) < 0) { + log_fn(LOG_ERR,"Couldn't write CertFile %s. Dying.", options.CertFile); + return -1; + } + } + + if(tor_tls_context_new(certfile, get_privatekey(), 1) < 0) { + log_fn(LOG_ERR,"Error creating tls context."); + return -1; + } + } else { /* just a proxy, the context is easy */ + if(tor_tls_context_new(NULL, NULL, 0) < 0) { + log_fn(LOG_ERR,"Error creating tls context."); + return -1; + } + } #endif /* start up the necessary connections based on which ports are diff --git a/src/or/or.h b/src/or/or.h index 1eac472425..5eb2bc16e8 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -439,6 +439,8 @@ typedef struct { char *RouterFile; char *SigningPrivateKeyFile; char *PrivateKeyFile; + char *CertFile; + char *Nickname; double CoinWeight; int Daemon; int ORPort; |