Generate our ssl session certs with a plausible lifetime

Nobody but Tor uses certs on the wire with 2 hour lifetimes, and it makes us stand out. Resolves ticket 4014.
author: Roger Dingledine <arma@torproject.org> 2011-09-13 18:24:45 -0400
committer: Roger Dingledine <arma@torproject.org> 2011-09-13 18:24:45 -0400
commit: 62ec584a3014b9b9333dcc6feb4989d1592d6d26 (patch)
tree: abba517b55ab5990fc0b05ff2fb76d5e9bc85f87 /src/or/router.c
parent: c75ee94ab41e3a76e8159366defe3159614b497c (diff)
download: tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.tar.gz
tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/src/or/router.c b/src/or/router.c
index cc600415f0..2afde746d4 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -458,7 +458,8 @@ init_keys(void)
     }
     set_identity_key(prkey);
     /* Create a TLS context; default the client nickname to "client". */
-    if (tor_tls_context_new(get_identity_key(), MAX_SSL_KEY_LIFETIME) < 0) {
+    if (tor_tls_context_new(get_identity_key(),
+                            MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) {
       log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
       return -1;
     }
@@ -536,7 +537,8 @@ init_keys(void)
   tor_free(keydir);
 
   /* 3. Initialize link key and TLS context. */
-  if (tor_tls_context_new(get_identity_key(), MAX_SSL_KEY_LIFETIME) < 0) {
+  if (tor_tls_context_new(get_identity_key(),
+                          MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) {
     log_err(LD_GENERAL,"Error initializing TLS context");
     return -1;
   }
author	Roger Dingledine <arma@torproject.org>	2011-09-13 18:24:45 -0400
committer	Roger Dingledine <arma@torproject.org>	2011-09-13 18:24:45 -0400
commit	62ec584a3014b9b9333dcc6feb4989d1592d6d26 (patch)
tree	abba517b55ab5990fc0b05ff2fb76d5e9bc85f87 /src/or/router.c
parent	c75ee94ab41e3a76e8159366defe3159614b497c (diff)
download	tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.tar.gz tor-62ec584a3014b9b9333dcc6feb4989d1592d6d26.zip