diff options
author | Nick Mathewson <nickm@torproject.org> | 2009-01-21 15:38:39 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2009-01-21 15:38:39 +0000 |
commit | 8ebceeb352113839467b7bf26e4d910c1f31308e (patch) | |
tree | d4f652ce727802d1b63b54b3fdcc8bed3bcff64b | |
parent | bf2b71beb86804acc16f98b8a10ffbb9544ff758 (diff) | |
download | tor-8ebceeb352113839467b7bf26e4d910c1f31308e.tar.gz tor-8ebceeb352113839467b7bf26e4d910c1f31308e.zip |
Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called. Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.
Should fix bug 907. Bugfix on 0.0.9pre6. Backport candidate.
svn:r18210
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | src/common/crypto.c | 1 | ||||
-rw-r--r-- | src/or/main.c | 5 | ||||
-rw-r--r-- | src/or/router.c | 6 |
4 files changed, 12 insertions, 3 deletions
@@ -6,6 +6,9 @@ Changes in version 0.2.1.12-alpha - 2009-01-?? 0.2.1.11-alpha. - Fix a bug in address parsing that was preventing bridges or hidden service targets from being at IPv6 addresses. + - Solve a bug that kept hardware crypto acceleration from getting + enabled when accounting was turned on. Fixes bug 907. Bugfix on + 0.0.9pre6. Changes in version 0.2.1.11-alpha - 2009-01-20 diff --git a/src/common/crypto.c b/src/common/crypto.c index ab6670039d..0abd30be1a 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -197,6 +197,7 @@ crypto_global_init(int useAccel) log_engine("3DES", ENGINE_get_cipher_engine(NID_des_ede3_ecb)); log_engine("AES", ENGINE_get_cipher_engine(NID_aes_128_ecb)); } + return crypto_seed_rng(1); } return 0; } diff --git a/src/or/main.c b/src/or/main.c index d1c2b516ff..353082749c 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1817,9 +1817,8 @@ tor_init(int argc, char *argv[]) "and you probably shouldn't."); #endif - crypto_global_init(get_options()->HardwareAccel); - if (crypto_seed_rng(1)) { - log_err(LD_BUG, "Unable to seed random number generator. Exiting."); + if (crypto_global_init(get_options()->HardwareAccel)) { + log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting."); return -1; } diff --git a/src/or/router.c b/src/or/router.c index 1cdcd20652..3d6cae367e 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -444,6 +444,12 @@ init_keys(void) if (!key_lock) key_lock = tor_mutex_new(); + /* There are a couple of paths that put us here before */ + if (crypto_global_init(get_options()->HardwareAccel)) { + log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting."); + return -1; + } + /* OP's don't need persistent keys; just make up an identity and * initialize the TLS context. */ if (!server_mode(options)) { |