aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSebastian Hahn <sebastian@torproject.org>2012-04-08 01:07:53 +0200
committerSebastian Hahn <sebastian@torproject.org>2012-04-08 01:11:02 +0200
commited8374eb5ac12a58edd8ae3a29813ef1b1abd76e (patch)
tree21202948af291801a4ab14e8b5cee9a083a12def /src
parentce5422ecd14ed9911abfe9c44897d93afb2cf05a (diff)
downloadtor-ed8374eb5ac12a58edd8ae3a29813ef1b1abd76e.tar
tor-ed8374eb5ac12a58edd8ae3a29813ef1b1abd76e.tar.gz
Simplify DH prime generation logic some.
This is just refactoring work here. The old logic was kind of convoluted, especially after the bug 5572 fix. We don't actually need to distinguish so many cases here. Dropping detection of the "!old_options || !old_options->DynamicDHGroups" case is fine because that's the same that we'd do for clients. Also add a changes file for bug 5572.
Diffstat (limited to 'src')
-rw-r--r--src/or/config.c42
1 files changed, 12 insertions, 30 deletions
diff --git a/src/or/config.c b/src/or/config.c
index 75a1bd2df..696bbd044 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1332,7 +1332,6 @@ options_act(const or_options_t *old_options)
or_options_t *options = get_options_mutable();
int running_tor = options->command == CMD_RUN_TOR;
char *msg;
- char *keydir;
const int transition_affects_workers =
old_options && options_transition_affects_workers(old_options, options);
@@ -1459,35 +1458,18 @@ options_act(const or_options_t *old_options)
}
/* If needed, generate a new TLS DH prime according to the current torrc. */
- if (server_mode(options)) {
- if (!old_options) {
- if (options->DynamicDHGroups) {
- char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
- keydir = get_datadir_fname("keys");
- if (check_private_dir(keydir, CPD_CREATE, options->User)) {
- tor_free(keydir);
- return -1;
- }
- tor_free(keydir);
- crypto_set_tls_dh_prime(fname);
- tor_free(fname);
- } else {
- crypto_set_tls_dh_prime(NULL);
- }
- } else {
- if (options->DynamicDHGroups && !old_options->DynamicDHGroups) {
- char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
- keydir = get_datadir_fname("keys");
- if (check_private_dir(keydir, CPD_CREATE, options->User)) {
- tor_free(keydir);
- return -1;
- }
- tor_free(keydir);
- crypto_set_tls_dh_prime(fname);
- tor_free(fname);
- } else if (!options->DynamicDHGroups && old_options->DynamicDHGroups) {
- crypto_set_tls_dh_prime(NULL);
- }
+ if (server_mode(options) && options->DynamicDHGroups) {
+ char *keydir = get_datadir_fname("keys");
+ if (check_private_dir(keydir, CPD_CREATE, options->User)) {
+ tor_free(keydir);
+ return -1;
+ }
+ tor_free(keydir);
+
+ if (!old_options || !old_options->DynamicDHGroups) {
+ char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
+ crypto_set_tls_dh_prime(fname);
+ tor_free(fname);
}
} else { /* clients don't need a dynamic DH prime. */
crypto_set_tls_dh_prime(NULL);