diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-03-17 11:16:24 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-03-17 11:16:24 -0400 |
| commit | 58680d04299ab69ea99ee86c5f1a194f44fc1d12 (patch) | |
| tree | 814c4ebcbd458585695ec1d3e66c7c78a93e77ff /src/or/main.c | |
| parent | 6657fe1e54743e90e33c453de154343fbf94bad4 (diff) | |
| parent | 946ccf3e4de883b98aa62666b8a5bdc3eb535447 (diff) | |
| download | tor-58680d04299ab69ea99ee86c5f1a194f44fc1d12.tar.gz tor-58680d04299ab69ea99ee86c5f1a194f44fc1d12.zip | |
Merge branch 'ahf_bugs_21641_squashed'
Diffstat (limited to 'src/or/main.c')
| -rw-r--r-- | src/or/main.c | 39 |
1 files changed, 33 insertions, 6 deletions
diff --git a/src/or/main.c b/src/or/main.c index b9b6bca0e4..894fd054b9 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1161,6 +1161,7 @@ static int periodic_events_initialized = 0; #define CALLBACK(name) \ static int name ## _callback(time_t, const or_options_t *) CALLBACK(rotate_onion_key); +CALLBACK(check_onion_keys_expiry_time); CALLBACK(check_ed_keys); CALLBACK(launch_descriptor_fetches); CALLBACK(rotate_x509_certificate); @@ -1192,6 +1193,7 @@ CALLBACK(heartbeat); static periodic_event_item_t periodic_events[] = { CALLBACK(rotate_onion_key), + CALLBACK(check_onion_keys_expiry_time), CALLBACK(check_ed_keys), CALLBACK(launch_descriptor_fetches), CALLBACK(rotate_x509_certificate), @@ -1472,17 +1474,18 @@ run_scheduled_events(time_t now) pt_configure_remaining_proxies(); } -/* Periodic callback: Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion - * keys, shut down and restart all cpuworkers, and update our descriptor if - * necessary. +/* Periodic callback: rotate the onion keys after the period defined by the + * "onion-key-rotation-days" consensus parameter, shut down and restart all + * cpuworkers, and update our descriptor if necessary. */ static int rotate_onion_key_callback(time_t now, const or_options_t *options) { if (server_mode(options)) { - time_t rotation_time = get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME; + int onion_key_lifetime = get_onion_key_lifetime(); + time_t rotation_time = get_onion_key_set_at()+onion_key_lifetime; if (rotation_time > now) { - return safe_timer_diff(now, rotation_time); + return ONION_KEY_CONSENSUS_CHECK_INTERVAL; } log_info(LD_GENERAL,"Rotating onion key."); @@ -1493,11 +1496,35 @@ rotate_onion_key_callback(time_t now, const or_options_t *options) } if (advertised_server_mode() && !options->DisableNetwork) router_upload_dir_desc_to_dirservers(0); - return MIN_ONION_KEY_LIFETIME; + return ONION_KEY_CONSENSUS_CHECK_INTERVAL; } return PERIODIC_EVENT_NO_UPDATE; } +/* Period callback: Check if our old onion keys are still valid after the + * period of time defined by the consensus parameter + * "onion-key-grace-period-days", otherwise expire them by setting them to + * NULL. + */ +static int +check_onion_keys_expiry_time_callback(time_t now, const or_options_t *options) +{ + if (server_mode(options)) { + int onion_key_grace_period = get_onion_key_grace_period(); + time_t expiry_time = get_onion_key_set_at()+onion_key_grace_period; + if (expiry_time > now) { + return ONION_KEY_CONSENSUS_CHECK_INTERVAL; + } + + log_info(LD_GENERAL, "Expiring old onion keys."); + expire_old_onion_keys(); + cpuworkers_rotate_keyinfo(); + return ONION_KEY_CONSENSUS_CHECK_INTERVAL; + } + + return PERIODIC_EVENT_NO_UPDATE; +} + /* Periodic callback: Every 30 seconds, check whether it's time to make new * Ed25519 subkeys. */ |