diff options
| author | Alexander Færøy <ahf@torproject.org> | 2017-03-10 12:18:52 +0100 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-03-17 11:15:43 -0400 |
| commit | 23ae5b655b9d94d62c6c9296cb8cc2b33ae345d7 (patch) | |
| tree | bcd27dc338a8c1473b0f5be5d8436ff863bfead8 /src/or/or.h | |
| parent | 85dccce35db907221df38da7bd789f28f7d1e2f9 (diff) | |
| download | tor-23ae5b655b9d94d62c6c9296cb8cc2b33ae345d7.tar.gz tor-23ae5b655b9d94d62c6c9296cb8cc2b33ae345d7.zip | |
Make MIN_ONION_KEY_LIFETIME a consensus parameter defined value.
This patch turns `MIN_ONION_KEY_LIFETIME` into a new function
`get_onion_key_lifetime()` which gets its value from a network consensus
parameter named "onion-key-rotation-days". This allows us to tune the
value at a later point in time with no code modifications.
We also bump the default onion key lifetime from 7 to 28 days as per
proposal #274.
See: https://bugs.torproject.org/21641
Diffstat (limited to 'src/or/or.h')
| -rw-r--r-- | src/or/or.h | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/or/or.h b/src/or/or.h index 0e2dc2401b..2903f5e283 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -147,8 +147,15 @@ /** Maximum size of a single extrainfo document, as above. */ #define MAX_EXTRAINFO_UPLOAD_SIZE 50000 -/** How often do we rotate onion keys? */ -#define MIN_ONION_KEY_LIFETIME (7*24*60*60) +/** Minimum lifetime for an onion key in days. */ +#define MIN_ONION_KEY_LIFETIME_DAYS (1) + +/** Maximum lifetime for an onion key in days. */ +#define MAX_ONION_KEY_LIFETIME_DAYS (90) + +/** Default lifetime for an onion key in days. */ +#define DEFAULT_ONION_KEY_LIFETIME_DAYS (28) + /** How often do we rotate TLS contexts? */ #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60) |