diff options
| author | Nick Mathewson <nickm@torproject.org> | 2004-04-24 22:17:50 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2004-04-24 22:17:50 +0000 |
| commit | c44016e86ec8dfd9147b2ca58e5277cb03a92561 (patch) | |
| tree | 98002278cf00e6c9373e96deb245e6661f890b8d /src/or/main.c | |
| parent | 83081f5ad6fd3fd4450ce4f5a84c2873f5c4123b (diff) | |
| download | tor-c44016e86ec8dfd9147b2ca58e5277cb03a92561.tar.gz tor-c44016e86ec8dfd9147b2ca58e5277cb03a92561.zip | |
Merge flagday into main branch.
svn:r1683
Diffstat (limited to 'src/or/main.c')
| -rw-r--r-- | src/or/main.c | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/src/or/main.c b/src/or/main.c index ee3d24cf5d..49a9554176 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -53,6 +53,7 @@ int has_completed_circuit=0; ****************************************************************************/ int connection_add(connection_t *conn) { + assert(conn); if(nfds >= options.MaxConn-1) { log_fn(LOG_WARN,"failing because nfds is too high."); @@ -345,9 +346,38 @@ static void run_connection_housekeeping(int i, time_t now) { static void run_scheduled_events(time_t now) { static long time_to_fetch_directory = 0; static time_t last_uploaded_services = 0; + static time_t last_rotated_certificate = 0; int i; - /* 1. Every DirFetchPostPeriod seconds, we get a new directory and upload + + /* 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys, + * shut down and restart all cpuworkers, and update the directory if + * necessary. + */ + if (options.ORPort && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) { + rotate_onion_key(); + cpuworkers_rotate(); + if (router_rebuild_descriptor()<0) { + log_fn(LOG_WARN, "Couldn't rebuild router descriptor"); + } + router_rebuild_descriptor(); + router_upload_dir_desc_to_dirservers(); + } + + /* 1b. Every MAX_LINK_KEY_LIFETIME seconds, we change our TLS context. */ + if (!last_rotated_certificate) + last_rotated_certificate = now; + if (options.ORPort && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) { + if (tor_tls_context_new(get_identity_key(), 1, options.Nickname, + MAX_SSL_KEY_LIFETIME) < 0) { + log_fn(LOG_WARN, "Error reinitializing TLS context"); + } + last_rotated_certificate = now; + /* XXXX We should rotate TLS connections as well; this code doesn't change + * XXXX them at all. */ + } + + /* 1c. Every DirFetchPostPeriod seconds, we get a new directory and upload * our descriptor (if any). */ if(time_to_fetch_directory < now) { /* it's time to fetch a new directory and/or post our descriptor */ @@ -371,6 +401,7 @@ static void run_scheduled_events(time_t now) { time_to_fetch_directory = now + options.DirFetchPostPeriod; } + /* 2. Every second, we examine pending circuits and prune the * ones which have been pending for more than a few seconds. * We do this before step 3, so it can try building more if |