Generate our ssl session certs with a plausible lifetime

Nobody but Tor uses certs on the wire with 2 hour lifetimes, and it makes us stand out. Resolves ticket 4014.
author: Roger Dingledine <arma@torproject.org> 2011-09-13 18:24:45 -0400
committer: Roger Dingledine <arma@torproject.org> 2011-09-13 18:24:45 -0400
commit: 62ec584a3014b9b9333dcc6feb4989d1592d6d26 (patch)
tree: abba517b55ab5990fc0b05ff2fb76d5e9bc85f87 /src/or/or.h
parent: c75ee94ab41e3a76e8159366defe3159614b497c (diff)
download: tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.tar.gz
tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/or/or.h b/src/or/or.h
index 976ba9f8e5..0f5b2bb17b 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -166,7 +166,9 @@
 /** How often do we rotate onion keys? */
 #define MIN_ONION_KEY_LIFETIME (7*24*60*60)
 /** How often do we rotate TLS contexts? */
-#define MAX_SSL_KEY_LIFETIME (2*60*60)
+#define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
+/** What expiry time shall we place on our SSL certs? */
+#define MAX_SSL_KEY_LIFETIME_ADVERTISED (365*24*60*60)
 
 /** How old do we allow a router to get before removing it
  * from the router list? In seconds. */
author	Roger Dingledine <arma@torproject.org>	2011-09-13 18:24:45 -0400
committer	Roger Dingledine <arma@torproject.org>	2011-09-13 18:24:45 -0400
commit	62ec584a3014b9b9333dcc6feb4989d1592d6d26 (patch)
tree	abba517b55ab5990fc0b05ff2fb76d5e9bc85f87 /src/or/or.h
parent	c75ee94ab41e3a76e8159366defe3159614b497c (diff)
download	tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.tar.gz tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.zip