Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.
This commit is contained in:
Nick Mathewson 2015-05-28 10:44:09 -04:00
parent 57189acd6f
commit 32f59d7337

View File

@ -3643,9 +3643,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2) if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
REJECT("SigningKeyLifetime is too short."); REJECT("SigningKeyLifetime is too short.");
if (options->TestingLinkKeyLifetime < options->TestingAuthKeySlop*2) if (options->TestingLinkKeyLifetime < options->TestingAuthKeySlop*2)
REJECT("LinkKeyLifetime is too short."); REJECT("TestingLinkKeyLifetime is too short.");
if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2) if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
REJECT("AuthKeyLifetime is too short."); REJECT("TestingAuthKeyLifetime is too short.");
if (options->TestingV3AuthInitialVotingInterval if (options->TestingV3AuthInitialVotingInterval
< MIN_VOTE_INTERVAL_TESTING_INITIAL) { < MIN_VOTE_INTERVAL_TESTING_INITIAL) {