aboutsummaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2019-11-05 10:04:39 -0500
committerNick Mathewson <nickm@torproject.org>2019-11-07 07:28:43 -0500
commit0d8504e70b0c6ff92f38fc7f4b4c38037d121e69 (patch)
tree527352f2026097898bc4717dee7572d693ac71bb /src/lib
parent8cd3e66d93a7b3f61afc3bc0c8868fb50c85af22 (diff)
downloadtor-0d8504e70b0c6ff92f38fc7f4b4c38037d121e69.tar.gz
tor-0d8504e70b0c6ff92f38fc7f4b4c38037d121e69.zip
crypto config: do not change the user's value of HardwareAccel.
We still interpret "AccelName" as turning on the "HardwareAccel" feature, but we no longer modify the user's options here. Fixes bug 32382; bugfix on 0.2.2.1-alpha when we added openssl engine support.
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/crypt_ops/crypto_init.c23
1 files changed, 3 insertions, 20 deletions
diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c
index 999eac75f5..4b08456197 100644
--- a/src/lib/crypt_ops/crypto_init.c
+++ b/src/lib/crypt_ops/crypto_init.c
@@ -258,24 +258,6 @@ subsys_crypto_thread_cleanup(void)
/** Magic number for crypto_options_t. */
#define CRYPTO_OPTIONS_MAGIC 0x68757368
-/** Invoked before validating crypto options: makes sure that if
- * AccelName is set, HardwareAccel is turned on.
- **/
-static int
-crypto_options_prenormalize(void *arg, char **msg_out)
-{
- crypto_options_t *opt = arg;
- tor_assert(opt->magic == CRYPTO_OPTIONS_MAGIC);
- (void)msg_out;
-
- // TODO: It would be cleaner to remove this code, but right now the
- // tests depend on it.
- if (opt->AccelName && !opt->HardwareAccel)
- opt->HardwareAccel = 1;
-
- return 0;
-}
-
/**
* Return 0 if <b>arg</b> is a valid crypto_options_t. Otherwise return -1
* and set *<b>msg_out</b> to a freshly allocated error string.
@@ -310,7 +292,6 @@ static const config_format_t crypto_options_fmt = {
CRYPTO_OPTIONS_MAGIC,
offsetof(crypto_options_t, magic) },
.vars = crypto_options_t_vars,
- .pre_normalize_fn = crypto_options_prenormalize,
.validate_fn = crypto_options_validate,
.config_suite_offset = -1,
};
@@ -322,9 +303,11 @@ static int
crypto_set_options(void *arg)
{
const crypto_options_t *options = arg;
+ const bool hardware_accel = options->HardwareAccel || options->AccelName;
+
// This call already checks for crypto_global_initialized_, so it
// will only initialize the subsystem the first time it's called.
- if (crypto_global_init(options->HardwareAccel,
+ if (crypto_global_init(hardware_accel,
options->AccelName,
options->AccelDir)) {
log_err(LD_BUG, "Unable to initialize the crypto subsystem. Exiting.");