Split the client-only parts of init_keys() into a separate function

This should simplify the callgraph a little more.
This commit is contained in:
Nick Mathewson 2015-08-11 10:35:10 -04:00
parent da04fed865
commit 835e09e54b
4 changed files with 48 additions and 26 deletions

View File

@ -0,0 +1,3 @@
o Code simplification and refactoring:
- Move the client-only parts of init_keys() into a separate function.
Closes ticket 16763.

View File

@ -1888,7 +1888,7 @@ ip_address_changed(int at_interface)
if (at_interface) { if (at_interface) {
if (! server) { if (! server) {
/* Okay, change our keys. */ /* Okay, change our keys. */
if (init_keys()<0) if (init_keys_client() < 0)
log_warn(LD_GENERAL, "Unable to rotate keys after IP change!"); log_warn(LD_GENERAL, "Unable to rotate keys after IP change!");
} }
} else { } else {

View File

@ -767,6 +767,46 @@ router_write_fingerprint(int hashed)
return result; return result;
} }
static int
init_keys_common(void)
{
if (!key_lock)
key_lock = tor_mutex_new();
/* There are a couple of paths that put us here before we've asked
* openssl to initialize itself. */
if (crypto_global_init(get_options()->HardwareAccel,
get_options()->AccelName,
get_options()->AccelDir)) {
log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
return -1;
}
return 0;
}
int
init_keys_client(void)
{
crypto_pk_t *prkey;
if (init_keys_common() < 0)
return -1;
if (!(prkey = crypto_pk_new()))
return -1;
if (crypto_pk_generate_key(prkey)) {
crypto_pk_free(prkey);
return -1;
}
set_client_identity_key(prkey);
/* Create a TLS context. */
if (router_initialize_tls_context() < 0) {
log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
return -1;
}
return 0;
}
/** Initialize all OR private keys, and the TLS context, as necessary. /** Initialize all OR private keys, and the TLS context, as necessary.
* On OPs, this only initializes the tls context. Return 0 on success, * On OPs, this only initializes the tls context. Return 0 on success,
* or -1 if Tor should die. * or -1 if Tor should die.
@ -786,35 +826,13 @@ init_keys(void)
int v3_digest_set = 0; int v3_digest_set = 0;
authority_cert_t *cert = NULL; authority_cert_t *cert = NULL;
if (!key_lock)
key_lock = tor_mutex_new();
/* There are a couple of paths that put us here before we've asked
* openssl to initialize itself. */
if (crypto_global_init(get_options()->HardwareAccel,
get_options()->AccelName,
get_options()->AccelDir)) {
log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
return -1;
}
/* OP's don't need persistent keys; just make up an identity and /* OP's don't need persistent keys; just make up an identity and
* initialize the TLS context. */ * initialize the TLS context. */
if (!server_mode(options)) { if (!server_mode(options)) {
if (!(prkey = crypto_pk_new())) return init_keys_client();
return -1;
if (crypto_pk_generate_key(prkey)) {
crypto_pk_free(prkey);
return -1;
}
set_client_identity_key(prkey);
/* Create a TLS context. */
if (router_initialize_tls_context() < 0) {
log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
return -1;
}
return 0;
} }
if (init_keys_common() < 0)
return -1;
/* Make sure DataDirectory exists, and is private. */ /* Make sure DataDirectory exists, and is private. */
if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) { if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
return -1; return -1;

View File

@ -37,6 +37,7 @@ void ntor_key_map_free(di_digest256_map_t *map);
int router_initialize_tls_context(void); int router_initialize_tls_context(void);
int init_keys(void); int init_keys(void);
int init_keys_client(void);
int check_whether_orport_reachable(void); int check_whether_orport_reachable(void);
int check_whether_dirport_reachable(void); int check_whether_dirport_reachable(void);