[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Call init_keys() where needed; fix hibernate bug.



Update of /home/or/cvsroot/tor/src/or
In directory moria.mit.edu:/tmp/cvs-serv1576/src/or

Modified Files:
	hibernate.c main.c or.h router.c 
Log Message:
Call init_keys() where needed; fix hibernate bug.

Index: hibernate.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/hibernate.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- hibernate.c	20 Nov 2004 07:33:55 -0000	1.24
+++ hibernate.c	21 Nov 2004 04:19:04 -0000	1.25
@@ -291,6 +291,13 @@
   int n_days_to_exhaust_bw;
   int n_days_to_consider;
 
+  if (! identity_key_is_set()) {
+    if (init_keys() < 0) {
+      log_fn(LOG_ERR, "Error initializing keys");
+      tor_assert(0);
+    }
+  }
+
   format_iso_time(buf, interval_start_time);
   crypto_pk_get_digest(get_identity_key(), digest);
 

Index: main.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/main.c,v
retrieving revision 1.382
retrieving revision 1.383
diff -u -d -r1.382 -r1.383
--- main.c	20 Nov 2004 23:16:03 -0000	1.382
+++ main.c	21 Nov 2004 04:19:04 -0000	1.383
@@ -784,9 +784,11 @@
 
   /* load the private keys, if we're supposed to have them, and set up the
    * TLS context. */
-  if (init_keys() < 0) {
-    log_fn(LOG_ERR,"Error initializing keys; exiting");
-    return -1;
+  if (! identity_key_is_set()) {
+    if (init_keys() < 0) {
+      log_fn(LOG_ERR,"Error initializing keys; exiting");
+      return -1;
+    }
   }
 
   /* Set up our buckets */

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.487
retrieving revision 1.488
diff -u -d -r1.487 -r1.488
--- or.h	20 Nov 2004 00:37:00 -0000	1.487
+++ or.h	21 Nov 2004 04:19:04 -0000	1.488
@@ -1511,6 +1511,7 @@
 time_t get_onion_key_set_at(void);
 void set_identity_key(crypto_pk_env_t *k);
 crypto_pk_env_t *get_identity_key(void);
+int identity_key_is_set(void);
 void dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last);
 int init_keys(void);
 crypto_pk_env_t *init_key_from_file(const char *fname);

Index: router.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/router.c,v
retrieving revision 1.121
retrieving revision 1.122
diff -u -d -r1.121 -r1.122
--- router.c	20 Nov 2004 00:37:00 -0000	1.121
+++ router.c	21 Nov 2004 04:19:04 -0000	1.122
@@ -91,6 +91,12 @@
   return identitykey;
 }
 
+/** Return truf iff the identity key has been set. */
+int identity_key_is_set(void) {
+  return identitykey != NULL;
+}
+
+
 /** Replace the previous onion key with the current onion key, and generate
  * a new previous onion key.  Immediately after calling this function,
  * the OR should:
@@ -228,6 +234,12 @@
  * On OPs, this only initializes the tls context.
  */
 int init_keys(void) {
+  /* XXX009 Two problems with how this is called:
+   * 1. It should be idempotent for servers, so we can call init_keys
+   *    as much as we need to.
+   * 2. Clients should rotate their identity keys at least whenever
+   *    their IPs change.
+   */
   char keydir[512];
   char keydir2[512];
   char fingerprint[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];