diff options
| author | George Kadianakis <desnacked@gmail.com> | 2011-11-24 06:40:02 +0100 |
|---|---|---|
| committer | George Kadianakis <desnacked@gmail.com> | 2011-11-25 18:15:26 +0100 |
| commit | e3cee8bc2e8df6b39a4122829649e3f9ab920aa6 (patch) | |
| tree | 3c0614eaebce2f2f9f5a63939f1b1b5afac9d45e /src/or/config.c | |
| parent | e2a189053dd93ba94d13035fff5008fcdefa8eca (diff) | |
| download | tor-e3cee8bc2e8df6b39a4122829649e3f9ab920aa6.tar.gz tor-e3cee8bc2e8df6b39a4122829649e3f9ab920aa6.zip | |
Simply initialize TLS context if DynamicDHGroups change.
We used to do init_keys() if DynamicDHGroups changed after a HUP, so
that the dynamic DH modulus was stored on the disk. Since we are now
doing dynamic DH modulus storing in crypto.c, we can simply initialize
the TLS context and be good with it.
Introduce a new function router_initialize_tls_context() which
initializes the TLS context and use it appropriately.
Diffstat (limited to 'src/or/config.c')
| -rw-r--r-- | src/or/config.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/src/or/config.c b/src/or/config.c index a846ca9079..f8c4ab314d 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1267,6 +1267,24 @@ get_effective_bwburst(const or_options_t *options) return (uint32_t)bw; } +/** Return True if any changes from <b>old_options</b> to + * <b>new_options</b> needs us to refresh our TLS context. */ +static int +options_transition_requires_fresh_tls_context(const or_options_t *old_options, + const or_options_t *new_options) +{ + tor_assert(new_options); + + if (!old_options) + return 0; + + if ((old_options->DynamicDHGroups != new_options->DynamicDHGroups)) { + return 1; + } + + return 0; +} + /** Fetch the active option list, and take actions based on it. All of the * things we do should survive being done repeatedly. If present, * <b>old_options</b> contains the previous value of the options. @@ -1394,6 +1412,13 @@ options_act(const or_options_t *old_options) log_warn(LD_BUG,"Error initializing keys; exiting"); return -1; } + } else if (old_options && + options_transition_requires_fresh_tls_context(old_options, + options)) { + if (router_initialize_tls_context() < 0) { + log_warn(LD_BUG,"Error initializing TLS context."); + return -1; + } } /* Write our PID to the PID file. If we do not have write permissions we @@ -4075,7 +4100,6 @@ options_transition_affects_workers(const or_options_t *old_options, { if (!opt_streq(old_options->DataDirectory, new_options->DataDirectory) || old_options->NumCPUs != new_options->NumCPUs || - old_options->DynamicDHGroups != new_options->DynamicDHGroups || old_options->ORPort != new_options->ORPort || old_options->ServerDNSSearchDomains != new_options->ServerDNSSearchDomains || |