diff options
| author | Nick Mathewson <nickm@torproject.org> | 2006-01-17 23:08:38 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2006-01-17 23:08:38 +0000 |
| commit | 241310bbac2225eb7307a50f153cc55d23ea7fa7 (patch) | |
| tree | ad9dd853e8ae911252b9b94b57b551aeedb73873 | |
| parent | 2be4f537f7f5d521ce7bcbb71e0a68efd7cfbcb4 (diff) | |
| download | tor-241310bbac2225eb7307a50f153cc55d23ea7fa7.tar.gz tor-241310bbac2225eb7307a50f153cc55d23ea7fa7.zip | |
Split 0119_PARANOIA into 0119_PARANOIA_[ABC]. A is "this is suspicious, and we have not tried running without this yet". B is "this is suspicious, but the last time we tested, it was okay." C is "How could this possibly be the cause?"
svn:r5840
| -rw-r--r-- | src/common/crypto.c | 10 | ||||
| -rw-r--r-- | src/common/crypto.h | 4 | ||||
| -rw-r--r-- | src/common/tortls.c | 2 |
3 files changed, 9 insertions, 7 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index a486b23513..59e19c4b4e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -228,7 +228,7 @@ crypto_global_init(int useAccel) void crypto_thread_cleanup(void) { -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_B ERR_remove_state(0); #endif } @@ -239,13 +239,13 @@ int crypto_global_cleanup(void) { EVP_cleanup(); -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_C ERR_remove_state(0); #endif ERR_free_strings(); #ifndef NO_ENGINES ENGINE_cleanup(); -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_C CONF_modules_unload(1); CRYPTO_cleanup_all_ex_data(); #endif @@ -1381,7 +1381,7 @@ crypto_dh_new(void) if (!(res->dh->g = BN_dup(dh_param_g))) goto err; -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_A res->dh->length = DH_PRIVATE_KEY_BITS; #endif @@ -1610,7 +1610,7 @@ crypto_dh_free(crypto_dh_env_t *dh) /* Use RAND_poll if openssl is 0.9.6 release or later. (The "f" means "release".) */ -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_B #define USE_RAND_POLL (OPENSSL_VERSION_NUMBER >= 0x0090600fl) #else #define USE_RAND_POLL 0 diff --git a/src/common/crypto.h b/src/common/crypto.h index 28571d16a8..1953bcda2f 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -15,7 +15,9 @@ #include <stdio.h> -#undef ENABLE_0119_PARANOIA +#undef ENABLE_0119_PARANOIA_A +#undef ENABLE_0119_PARANOIA_B +#undef ENABLE_0119_PARANOIA_C /** Length of the output of our message digest. */ #define DIGEST_LEN 20 diff --git a/src/common/tortls.c b/src/common/tortls.c index 7a41a931f7..fa5d878415 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -363,7 +363,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, goto error; SSL_CTX_set_options(*ctx, SSL_OP_NO_SSLv2); #endif -#ifndef ENABLE_0119_PARANOIA +#ifndef ENABLE_0119_PARANOIA_A SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_DH_USE); #endif if (!SSL_CTX_set_cipher_list(*ctx, CIPHER_LIST)) |