mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Split the client-only parts of init_keys() into a separate function
This should simplify the callgraph a little more.
This commit is contained in:
parent
da04fed865
commit
835e09e54b
3
changes/decouple_init_keys
Normal file
3
changes/decouple_init_keys
Normal file
@ -0,0 +1,3 @@
|
||||
o Code simplification and refactoring:
|
||||
- Move the client-only parts of init_keys() into a separate function.
|
||||
Closes ticket 16763.
|
@ -1888,7 +1888,7 @@ ip_address_changed(int at_interface)
|
||||
if (at_interface) {
|
||||
if (! server) {
|
||||
/* Okay, change our keys. */
|
||||
if (init_keys()<0)
|
||||
if (init_keys_client() < 0)
|
||||
log_warn(LD_GENERAL, "Unable to rotate keys after IP change!");
|
||||
}
|
||||
} else {
|
||||
|
@ -767,6 +767,46 @@ router_write_fingerprint(int hashed)
|
||||
return result;
|
||||
}
|
||||
|
||||
static int
|
||||
init_keys_common(void)
|
||||
{
|
||||
if (!key_lock)
|
||||
key_lock = tor_mutex_new();
|
||||
|
||||
/* There are a couple of paths that put us here before we've asked
|
||||
* openssl to initialize itself. */
|
||||
if (crypto_global_init(get_options()->HardwareAccel,
|
||||
get_options()->AccelName,
|
||||
get_options()->AccelDir)) {
|
||||
log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
init_keys_client(void)
|
||||
{
|
||||
crypto_pk_t *prkey;
|
||||
if (init_keys_common() < 0)
|
||||
return -1;
|
||||
|
||||
if (!(prkey = crypto_pk_new()))
|
||||
return -1;
|
||||
if (crypto_pk_generate_key(prkey)) {
|
||||
crypto_pk_free(prkey);
|
||||
return -1;
|
||||
}
|
||||
set_client_identity_key(prkey);
|
||||
/* Create a TLS context. */
|
||||
if (router_initialize_tls_context() < 0) {
|
||||
log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Initialize all OR private keys, and the TLS context, as necessary.
|
||||
* On OPs, this only initializes the tls context. Return 0 on success,
|
||||
* or -1 if Tor should die.
|
||||
@ -786,35 +826,13 @@ init_keys(void)
|
||||
int v3_digest_set = 0;
|
||||
authority_cert_t *cert = NULL;
|
||||
|
||||
if (!key_lock)
|
||||
key_lock = tor_mutex_new();
|
||||
|
||||
/* There are a couple of paths that put us here before we've asked
|
||||
* openssl to initialize itself. */
|
||||
if (crypto_global_init(get_options()->HardwareAccel,
|
||||
get_options()->AccelName,
|
||||
get_options()->AccelDir)) {
|
||||
log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* OP's don't need persistent keys; just make up an identity and
|
||||
* initialize the TLS context. */
|
||||
if (!server_mode(options)) {
|
||||
if (!(prkey = crypto_pk_new()))
|
||||
return -1;
|
||||
if (crypto_pk_generate_key(prkey)) {
|
||||
crypto_pk_free(prkey);
|
||||
return -1;
|
||||
}
|
||||
set_client_identity_key(prkey);
|
||||
/* Create a TLS context. */
|
||||
if (router_initialize_tls_context() < 0) {
|
||||
log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
return init_keys_client();
|
||||
}
|
||||
if (init_keys_common() < 0)
|
||||
return -1;
|
||||
/* Make sure DataDirectory exists, and is private. */
|
||||
if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
|
||||
return -1;
|
||||
|
@ -37,6 +37,7 @@ void ntor_key_map_free(di_digest256_map_t *map);
|
||||
|
||||
int router_initialize_tls_context(void);
|
||||
int init_keys(void);
|
||||
int init_keys_client(void);
|
||||
|
||||
int check_whether_orport_reachable(void);
|
||||
int check_whether_dirport_reachable(void);
|
||||
|
Loading…
Reference in New Issue
Block a user