Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'public/decouple_init_keys'

Nick Mathewson 8 years ago
parent
810ef71fd5 835e09e54b
commit
34aefe6f38
4 changed files with 48 additions and 26 deletions
Split View Show Diff Stats
  1. 3 0
      changes/decouple_init_keys
  2. 1 1
      src/or/main.c
  3. 43 25
      src/or/router.c
  4. 1 0
      src/or/router.h

+ 3 - 0
changes/decouple_init_keys
View File 

@@ -0,0 +1,3 @@
 
+  o Code simplification and refactoring:
 
+    - Move the client-only parts of init_keys() into a separate function.
 
+      Closes ticket 16763.

+ 1 - 1
src/or/main.c
View File 

@@ -1912,7 +1912,7 @@ ip_address_changed(int at_interface)
 
   if (at_interface) {
 
     if (! server) {
 
       /* Okay, change our keys. */
 
-      if (init_keys()<0)
 
+      if (init_keys_client() < 0)
 
         log_warn(LD_GENERAL, "Unable to rotate keys after IP change!");
 
     }
 
   } else {

+ 43 - 25
src/or/router.c
View File 

@@ -767,6 +767,46 @@ router_write_fingerprint(int hashed)
 
   return result;
 
 }
 
 
+static int
 
+init_keys_common(void)
 
+{
 
+  if (!key_lock)
 
+    key_lock = tor_mutex_new();
 
+
 
+  /* There are a couple of paths that put us here before we've asked
 
+   * openssl to initialize itself. */
 
+  if (crypto_global_init(get_options()->HardwareAccel,
 
+                         get_options()->AccelName,
 
+                         get_options()->AccelDir)) {
 
+    log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
 
+    return -1;
 
+  }
 
+
 
+  return 0;
 
+}
 
+
 
+int
 
+init_keys_client(void)
 
+{
 
+  crypto_pk_t *prkey;
 
+  if (init_keys_common() < 0)
 
+    return -1;
 
+
 
+  if (!(prkey = crypto_pk_new()))
 
+    return -1;
 
+  if (crypto_pk_generate_key(prkey)) {
 
+    crypto_pk_free(prkey);
 
+    return -1;
 
+  }
 
+  set_client_identity_key(prkey);
 
+  /* Create a TLS context. */
 
+  if (router_initialize_tls_context() < 0) {
 
+    log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
 
+    return -1;
 
+  }
 
+  return 0;
 
+}
 
+
 
 /** Initialize all OR private keys, and the TLS context, as necessary.
 
  * On OPs, this only initializes the tls context. Return 0 on success,
 
  * or -1 if Tor should die.
 
@@ -786,35 +826,13 @@ init_keys(void)
 
   int v3_digest_set = 0;
 
   authority_cert_t *cert = NULL;
 
 
-  if (!key_lock)
 
-    key_lock = tor_mutex_new();
 
-
 
-  /* There are a couple of paths that put us here before we've asked
 
-   * openssl to initialize itself. */
 
-  if (crypto_global_init(get_options()->HardwareAccel,
 
-                         get_options()->AccelName,
 
-                         get_options()->AccelDir)) {
 
-    log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
 
-    return -1;
 
-  }
 
-
 
   /* OP's don't need persistent keys; just make up an identity and
 
    * initialize the TLS context. */
 
   if (!server_mode(options)) {
 
-    if (!(prkey = crypto_pk_new()))
 
-      return -1;
 
-    if (crypto_pk_generate_key(prkey)) {
 
-      crypto_pk_free(prkey);
 
-      return -1;
 
-    }
 
-    set_client_identity_key(prkey);
 
-    /* Create a TLS context. */
 
-    if (router_initialize_tls_context() < 0) {
 
-      log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
 
-      return -1;
 
-    }
 
-    return 0;
 
+    return init_keys_client();
 
   }
 
+  if (init_keys_common() < 0)
 
+    return -1;
 
   /* Make sure DataDirectory exists, and is private. */
 
   if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
 
     return -1;

+ 1 - 0
src/or/router.h
View File 

@@ -37,6 +37,7 @@ void ntor_key_map_free(di_digest256_map_t *map);
 
 
 int router_initialize_tls_context(void);
 
 int init_keys(void);
 
+int init_keys_client(void);
 
 
 int check_whether_orport_reachable(void);
 
 int check_whether_dirport_reachable(void);