[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] add CertFile, Nickname



Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or

Modified Files:
	config.c main.c or.h 
Log Message:
add CertFile, Nickname
write new certfile if you don't have one already
set up a tls context on startup


Index: config.c
===================================================================
RCS file: /home/or/cvsroot/src/or/config.c,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -d -r1.40 -r1.41
--- config.c	8 Sep 2003 05:16:18 -0000	1.40
+++ config.c	8 Sep 2003 06:26:37 -0000	1.41
@@ -192,6 +192,8 @@
     config_compare(list, "PrivateKeyFile", CONFIG_TYPE_STRING, &options->PrivateKeyFile) ||
     config_compare(list, "SigningPrivateKeyFile", CONFIG_TYPE_STRING, &options->SigningPrivateKeyFile) ||
     config_compare(list, "RouterFile",     CONFIG_TYPE_STRING, &options->RouterFile) ||
+    config_compare(list, "CertFile",       CONFIG_TYPE_STRING, &options->CertFile) ||
+    config_compare(list, "Nickname",       CONFIG_TYPE_STRING, &options->Nickname) ||
 
     /* int options */
     config_compare(list, "MaxConn",         CONFIG_TYPE_INT, &options->MaxConn) ||
@@ -244,6 +246,7 @@
   options->NewCircuitPeriod = 60; /* once a minute */
   options->TotalBandwidth = 800000; /* at most 800kB/s total sustained incoming */
   options->NumCpus = 1;
+  options->CertFile = "default.cert";
 //  options->ReconnectPeriod = 6001;
 
 /* get config lines from /etc/torrc and assign them */
@@ -350,6 +353,11 @@
   if(options->OnionRouter && options->PrivateKeyFile == NULL) {
     log(LOG_ERR,"PrivateKeyFile option required for OnionRouter, but not found.");
     result = -1;
+  }
+
+  if(options->OnionRouter && options->Nickname == NULL) {
+    log_fn(LOG_ERR,"Nickname required for OnionRouter, but not found.");
+    return -1;
   }
 
   if(options->DirPort > 0 && options->SigningPrivateKeyFile == NULL) {

Index: main.c
===================================================================
RCS file: /home/or/cvsroot/src/or/main.c,v
retrieving revision 1.88
retrieving revision 1.89
diff -u -d -r1.88 -r1.89
--- main.c	7 Sep 2003 10:24:40 -0000	1.88
+++ main.c	8 Sep 2003 06:26:37 -0000	1.89
@@ -450,7 +450,28 @@
   }
 
 #ifdef USE_TLS
-  make the tls context here 
+  if(options.OnionRouter) {
+    struct stat statbuf;
+    if(stat(options.CertFile, &statbuf) < 0) {
+      log_fn(LOG_INFO,"CertFile %s is missing. Generating.", options.CertFile);
+      if(tor_tls_write_certificate(options.CertFile,
+                                   get_privatekey(),
+                                   options.Nickname) < 0) {
+        log_fn(LOG_ERR,"Couldn't write CertFile %s. Dying.", options.CertFile);
+        return -1;
+      }
+    }
+
+    if(tor_tls_context_new(certfile, get_privatekey(), 1) < 0) {
+      log_fn(LOG_ERR,"Error creating tls context.");
+      return -1;
+    }
+  } else { /* just a proxy, the context is easy */
+    if(tor_tls_context_new(NULL, NULL, 0) < 0) {
+      log_fn(LOG_ERR,"Error creating tls context.");
+      return -1;
+    }
+  }
 #endif
 
   /* start up the necessary connections based on which ports are

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.115
retrieving revision 1.116
diff -u -d -r1.115 -r1.116
--- or.h	8 Sep 2003 05:16:18 -0000	1.115
+++ or.h	8 Sep 2003 06:26:38 -0000	1.116
@@ -439,6 +439,8 @@
    char *RouterFile;
    char *SigningPrivateKeyFile;
    char *PrivateKeyFile;
+   char *CertFile;
+   char *Nickname;
    double CoinWeight;
    int Daemon;
    int ORPort;