diff options
| author | George Kadianakis <desnacked@gmail.com> | 2011-11-24 06:40:02 +0100 |
|---|---|---|
| committer | George Kadianakis <desnacked@gmail.com> | 2011-11-25 18:15:26 +0100 |
| commit | e3cee8bc2e8df6b39a4122829649e3f9ab920aa6 (patch) | |
| tree | 3c0614eaebce2f2f9f5a63939f1b1b5afac9d45e /src/or/router.c | |
| parent | e2a189053dd93ba94d13035fff5008fcdefa8eca (diff) | |
| download | tor-e3cee8bc2e8df6b39a4122829649e3f9ab920aa6.tar.gz tor-e3cee8bc2e8df6b39a4122829649e3f9ab920aa6.zip | |
Simply initialize TLS context if DynamicDHGroups change.
We used to do init_keys() if DynamicDHGroups changed after a HUP, so
that the dynamic DH modulus was stored on the disk. Since we are now
doing dynamic DH modulus storing in crypto.c, we can simply initialize
the TLS context and be good with it.
Introduce a new function router_initialize_tls_context() which
initializes the TLS context and use it appropriately.
Diffstat (limited to 'src/or/router.c')
| -rw-r--r-- | src/or/router.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/src/or/router.c b/src/or/router.c index fdc83f5087..67e98da239 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -484,6 +484,17 @@ v3_authority_check_key_expiry(void) last_warned = now; } + +int +router_initialize_tls_context(void) +{ + return tor_tls_context_init(public_server_mode(get_options()), + get_tlsclient_identity_key(), + server_mode(get_options()) ? + get_server_identity_key() : NULL, + MAX_SSL_KEY_LIFETIME_ADVERTISED); +} + /** Initialize all OR private keys, and the TLS context, as necessary. * On OPs, this only initializes the tls context. Return 0 on success, * or -1 if Tor should die. @@ -530,10 +541,7 @@ init_keys(void) } set_client_identity_key(prkey); /* Create a TLS context. */ - if (tor_tls_context_init(0, - get_tlsclient_identity_key(), - NULL, - MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { + if (router_initialize_tls_context() < 0) { log_err(LD_GENERAL,"Error creating TLS context for Tor client."); return -1; } @@ -626,10 +634,7 @@ init_keys(void) tor_free(keydir); /* 3. Initialize link key and TLS context. */ - if (tor_tls_context_init(public_server_mode(options), - get_tlsclient_identity_key(), - get_server_identity_key(), - MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { + if (router_initialize_tls_context() < 0) { log_err(LD_GENERAL,"Error initializing TLS context"); return -1; } |