Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Simplify DH prime generation logic some.

This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.

Also add a changes file for bug 5572.
Sebastian Hahn 12 years ago
parent
ce5422ecd1
commit
ed8374eb5a
2 changed files with 17 additions and 30 deletions
Split View Show Diff Stats
  1. 5 0
      changes/bug5572
  2. 12 30
      src/or/config.c

+ 5 - 0
changes/bug5572
View File 

@@ -0,0 +1,5 @@
 
+  o Major bugfixes:
 
+    - Make sure we create the keys directory if it doesn't exist and we're
 
+      about to store the dynamic diffie hellman parameters. Fixes bug 5572;
 
+      bugfix on 0.2.3.13-alpha.
 
+

+ 12 - 30
src/or/config.c
View File 

@@ -1332,7 +1332,6 @@ options_act(const or_options_t *old_options)
 
   or_options_t *options = get_options_mutable();
 
   int running_tor = options->command == CMD_RUN_TOR;
 
   char *msg;
 
-  char *keydir;
 
   const int transition_affects_workers =
 
     old_options && options_transition_affects_workers(old_options, options);
 
 
@@ -1459,35 +1458,18 @@ options_act(const or_options_t *old_options)
 
   }
 
 
   /* If needed, generate a new TLS DH prime according to the current torrc. */
 
-  if (server_mode(options)) {
 
-    if (!old_options) {
 
-      if (options->DynamicDHGroups) {
 
-        char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
 
-        keydir = get_datadir_fname("keys");
 
-        if (check_private_dir(keydir, CPD_CREATE, options->User)) {
 
-          tor_free(keydir);
 
-          return -1;
 
-        }
 
-        tor_free(keydir);
 
-        crypto_set_tls_dh_prime(fname);
 
-        tor_free(fname);
 
-      } else {
 
-        crypto_set_tls_dh_prime(NULL);
 
-      }
 
-    } else {
 
-      if (options->DynamicDHGroups && !old_options->DynamicDHGroups) {
 
-        char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
 
-        keydir = get_datadir_fname("keys");
 
-        if (check_private_dir(keydir, CPD_CREATE, options->User)) {
 
-          tor_free(keydir);
 
-          return -1;
 
-        }
 
-        tor_free(keydir);
 
-        crypto_set_tls_dh_prime(fname);
 
-        tor_free(fname);
 
-      } else if (!options->DynamicDHGroups && old_options->DynamicDHGroups) {
 
-        crypto_set_tls_dh_prime(NULL);
 
-      }
 
+  if (server_mode(options) && options->DynamicDHGroups) {
 
+    char *keydir = get_datadir_fname("keys");
 
+    if (check_private_dir(keydir, CPD_CREATE, options->User)) {
 
+      tor_free(keydir);
 
+      return -1;
 
+    }
 
+    tor_free(keydir);
 
+
 
+    if (!old_options || !old_options->DynamicDHGroups) {
 
+      char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
 
+      crypto_set_tls_dh_prime(fname);
 
+      tor_free(fname);
 
     }
 
   } else { /* clients don't need a dynamic DH prime. */
 
     crypto_set_tls_dh_prime(NULL);