mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
crypto config: do not change the user's value of HardwareAccel.
We still interpret "AccelName" as turning on the "HardwareAccel" feature, but we no longer modify the user's options here. Fixes bug 32382; bugfix on 0.2.2.1-alpha when we added openssl engine support.
This commit is contained in:
parent
8cd3e66d93
commit
0d8504e70b
4
changes/ticket32382
Normal file
4
changes/ticket32382
Normal file
@ -0,0 +1,4 @@
|
||||
o Minor bugfixes (configuration):
|
||||
- Avoid changing the user's value of HardwareAccel as stored by SAVECONF,
|
||||
when AccelName is set but HardwareAccel is not.
|
||||
Fixes bug 32382; bugfix on 0.2.2.1-alpha.
|
@ -258,24 +258,6 @@ subsys_crypto_thread_cleanup(void)
|
||||
/** Magic number for crypto_options_t. */
|
||||
#define CRYPTO_OPTIONS_MAGIC 0x68757368
|
||||
|
||||
/** Invoked before validating crypto options: makes sure that if
|
||||
* AccelName is set, HardwareAccel is turned on.
|
||||
**/
|
||||
static int
|
||||
crypto_options_prenormalize(void *arg, char **msg_out)
|
||||
{
|
||||
crypto_options_t *opt = arg;
|
||||
tor_assert(opt->magic == CRYPTO_OPTIONS_MAGIC);
|
||||
(void)msg_out;
|
||||
|
||||
// TODO: It would be cleaner to remove this code, but right now the
|
||||
// tests depend on it.
|
||||
if (opt->AccelName && !opt->HardwareAccel)
|
||||
opt->HardwareAccel = 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return 0 if <b>arg</b> is a valid crypto_options_t. Otherwise return -1
|
||||
* and set *<b>msg_out</b> to a freshly allocated error string.
|
||||
@ -310,7 +292,6 @@ static const config_format_t crypto_options_fmt = {
|
||||
CRYPTO_OPTIONS_MAGIC,
|
||||
offsetof(crypto_options_t, magic) },
|
||||
.vars = crypto_options_t_vars,
|
||||
.pre_normalize_fn = crypto_options_prenormalize,
|
||||
.validate_fn = crypto_options_validate,
|
||||
.config_suite_offset = -1,
|
||||
};
|
||||
@ -322,9 +303,11 @@ static int
|
||||
crypto_set_options(void *arg)
|
||||
{
|
||||
const crypto_options_t *options = arg;
|
||||
const bool hardware_accel = options->HardwareAccel || options->AccelName;
|
||||
|
||||
// This call already checks for crypto_global_initialized_, so it
|
||||
// will only initialize the subsystem the first time it's called.
|
||||
if (crypto_global_init(options->HardwareAccel,
|
||||
if (crypto_global_init(hardware_accel,
|
||||
options->AccelName,
|
||||
options->AccelDir)) {
|
||||
log_err(LD_BUG, "Unable to initialize the crypto subsystem. Exiting.");
|
||||
|
@ -4008,7 +4008,7 @@ test_options_validate__accel(void *ignored)
|
||||
tdata = get_options_test_data("AccelName foo\n");
|
||||
ret = options_validate(NULL, tdata->opt, &msg);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(get_crypto_options(tdata->opt)->HardwareAccel, OP_EQ, 1);
|
||||
tt_int_op(get_crypto_options(tdata->opt)->HardwareAccel, OP_EQ, 0);
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
|
Loading…
Reference in New Issue
Block a user