Maintain separate server and client TLS contexts.

Fixes bug #988.

1 files changed, 7 insertions, 3 deletions

diff --git a/src/or/main.c b/src/or/main.c
index 5091e2072a..01c27f0efd 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -875,6 +875,7 @@ run_scheduled_events(time_t now)
   static int should_init_bridge_stats = 1;
   static time_t time_to_retry_dns_init = 0;
   or_options_t *options = get_options();
+  int is_server = server_mode(options);
   int i;
   int have_dir_info;
 
@@ -896,7 +897,7 @@ run_scheduled_events(time_t now)
    *  shut down and restart all cpuworkers, and update the directory if
    *  necessary.
    */
-  if (server_mode(options) &&
+  if (is_server &&
       get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
     log_info(LD_GENERAL,"Rotating onion key.");
     rotate_onion_key();
@@ -930,7 +931,10 @@ run_scheduled_events(time_t now)
     last_rotated_x509_certificate = now;
   if (last_rotated_x509_certificate+MAX_SSL_KEY_LIFETIME < now) {
     log_info(LD_GENERAL,"Rotating tls context.");
-    if (tor_tls_context_init(get_identity_key(), MAX_SSL_KEY_LIFETIME) < 0) {
+    if (tor_tls_context_init(public_server_mode(options),
+                             get_identity_key(),
+                             is_server ? get_identity_key() : NULL,
+                             MAX_SSL_KEY_LIFETIME) < 0) {
       log_warn(LD_BUG, "Error reinitializing TLS context");
       /* XXX is it a bug here, that we just keep going? -RD */
     }
@@ -1213,7 +1217,7 @@ run_scheduled_events(time_t now)
 
   /** 9. and if we're a server, check whether our DNS is telling stories to
    * us. */
-  if (server_mode(options) && time_to_check_for_correct_dns < now) {
+  if (is_server && time_to_check_for_correct_dns < now) {
     if (!time_to_check_for_correct_dns) {
       time_to_check_for_correct_dns = now + 60 + crypto_rand_int(120);
     } else {