diff options
author | Nick Mathewson <nickm@torproject.org> | 2019-11-05 10:04:39 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2019-11-07 07:28:43 -0500 |
commit | 0d8504e70b0c6ff92f38fc7f4b4c38037d121e69 (patch) | |
tree | 527352f2026097898bc4717dee7572d693ac71bb /src/lib/crypt_ops | |
parent | 8cd3e66d93a7b3f61afc3bc0c8868fb50c85af22 (diff) | |
download | tor-0d8504e70b0c6ff92f38fc7f4b4c38037d121e69.tar.gz tor-0d8504e70b0c6ff92f38fc7f4b4c38037d121e69.zip |
crypto config: do not change the user's value of HardwareAccel.
We still interpret "AccelName" as turning on the "HardwareAccel"
feature, but we no longer modify the user's options here.
Fixes bug 32382; bugfix on 0.2.2.1-alpha when we added openssl
engine support.
Diffstat (limited to 'src/lib/crypt_ops')
-rw-r--r-- | src/lib/crypt_ops/crypto_init.c | 23 |
1 files changed, 3 insertions, 20 deletions
diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c index 999eac75f5..4b08456197 100644 --- a/src/lib/crypt_ops/crypto_init.c +++ b/src/lib/crypt_ops/crypto_init.c @@ -258,24 +258,6 @@ subsys_crypto_thread_cleanup(void) /** Magic number for crypto_options_t. */ #define CRYPTO_OPTIONS_MAGIC 0x68757368 -/** Invoked before validating crypto options: makes sure that if - * AccelName is set, HardwareAccel is turned on. - **/ -static int -crypto_options_prenormalize(void *arg, char **msg_out) -{ - crypto_options_t *opt = arg; - tor_assert(opt->magic == CRYPTO_OPTIONS_MAGIC); - (void)msg_out; - - // TODO: It would be cleaner to remove this code, but right now the - // tests depend on it. - if (opt->AccelName && !opt->HardwareAccel) - opt->HardwareAccel = 1; - - return 0; -} - /** * Return 0 if <b>arg</b> is a valid crypto_options_t. Otherwise return -1 * and set *<b>msg_out</b> to a freshly allocated error string. @@ -310,7 +292,6 @@ static const config_format_t crypto_options_fmt = { CRYPTO_OPTIONS_MAGIC, offsetof(crypto_options_t, magic) }, .vars = crypto_options_t_vars, - .pre_normalize_fn = crypto_options_prenormalize, .validate_fn = crypto_options_validate, .config_suite_offset = -1, }; @@ -322,9 +303,11 @@ static int crypto_set_options(void *arg) { const crypto_options_t *options = arg; + const bool hardware_accel = options->HardwareAccel || options->AccelName; + // This call already checks for crypto_global_initialized_, so it // will only initialize the subsystem the first time it's called. - if (crypto_global_init(options->HardwareAccel, + if (crypto_global_init(hardware_accel, options->AccelName, options->AccelDir)) { log_err(LD_BUG, "Unable to initialize the crypto subsystem. Exiting."); |