diff options
author | Sebastian Hahn <sebastian@torproject.org> | 2012-04-08 01:07:53 +0200 |
---|---|---|
committer | Sebastian Hahn <sebastian@torproject.org> | 2012-04-08 01:11:02 +0200 |
commit | ed8374eb5ac12a58edd8ae3a29813ef1b1abd76e (patch) | |
tree | 21202948af291801a4ab14e8b5cee9a083a12def /src | |
parent | ce5422ecd14ed9911abfe9c44897d93afb2cf05a (diff) | |
download | tor-ed8374eb5ac12a58edd8ae3a29813ef1b1abd76e.tar tor-ed8374eb5ac12a58edd8ae3a29813ef1b1abd76e.tar.gz |
Simplify DH prime generation logic some.
This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.
Also add a changes file for bug 5572.
Diffstat (limited to 'src')
-rw-r--r-- | src/or/config.c | 42 |
1 files changed, 12 insertions, 30 deletions
diff --git a/src/or/config.c b/src/or/config.c index 75a1bd2df..696bbd044 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1332,7 +1332,6 @@ options_act(const or_options_t *old_options) or_options_t *options = get_options_mutable(); int running_tor = options->command == CMD_RUN_TOR; char *msg; - char *keydir; const int transition_affects_workers = old_options && options_transition_affects_workers(old_options, options); @@ -1459,35 +1458,18 @@ options_act(const or_options_t *old_options) } /* If needed, generate a new TLS DH prime according to the current torrc. */ - if (server_mode(options)) { - if (!old_options) { - if (options->DynamicDHGroups) { - char *fname = get_datadir_fname2("keys", "dynamic_dh_params"); - keydir = get_datadir_fname("keys"); - if (check_private_dir(keydir, CPD_CREATE, options->User)) { - tor_free(keydir); - return -1; - } - tor_free(keydir); - crypto_set_tls_dh_prime(fname); - tor_free(fname); - } else { - crypto_set_tls_dh_prime(NULL); - } - } else { - if (options->DynamicDHGroups && !old_options->DynamicDHGroups) { - char *fname = get_datadir_fname2("keys", "dynamic_dh_params"); - keydir = get_datadir_fname("keys"); - if (check_private_dir(keydir, CPD_CREATE, options->User)) { - tor_free(keydir); - return -1; - } - tor_free(keydir); - crypto_set_tls_dh_prime(fname); - tor_free(fname); - } else if (!options->DynamicDHGroups && old_options->DynamicDHGroups) { - crypto_set_tls_dh_prime(NULL); - } + if (server_mode(options) && options->DynamicDHGroups) { + char *keydir = get_datadir_fname("keys"); + if (check_private_dir(keydir, CPD_CREATE, options->User)) { + tor_free(keydir); + return -1; + } + tor_free(keydir); + + if (!old_options || !old_options->DynamicDHGroups) { + char *fname = get_datadir_fname2("keys", "dynamic_dh_params"); + crypto_set_tls_dh_prime(fname); + tor_free(fname); } } else { /* clients don't need a dynamic DH prime. */ crypto_set_tls_dh_prime(NULL); |