mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 14:23:30 +01:00
add CertFile, Nickname
write new certfile if you don't have one already set up a tls context on startup svn:r432
This commit is contained in:
parent
ace475f01c
commit
a6a5784bca
@ -192,6 +192,8 @@ static void config_assign(or_options_t *options, struct config_line *list) {
|
|||||||
config_compare(list, "PrivateKeyFile", CONFIG_TYPE_STRING, &options->PrivateKeyFile) ||
|
config_compare(list, "PrivateKeyFile", CONFIG_TYPE_STRING, &options->PrivateKeyFile) ||
|
||||||
config_compare(list, "SigningPrivateKeyFile", CONFIG_TYPE_STRING, &options->SigningPrivateKeyFile) ||
|
config_compare(list, "SigningPrivateKeyFile", CONFIG_TYPE_STRING, &options->SigningPrivateKeyFile) ||
|
||||||
config_compare(list, "RouterFile", CONFIG_TYPE_STRING, &options->RouterFile) ||
|
config_compare(list, "RouterFile", CONFIG_TYPE_STRING, &options->RouterFile) ||
|
||||||
|
config_compare(list, "CertFile", CONFIG_TYPE_STRING, &options->CertFile) ||
|
||||||
|
config_compare(list, "Nickname", CONFIG_TYPE_STRING, &options->Nickname) ||
|
||||||
|
|
||||||
/* int options */
|
/* int options */
|
||||||
config_compare(list, "MaxConn", CONFIG_TYPE_INT, &options->MaxConn) ||
|
config_compare(list, "MaxConn", CONFIG_TYPE_INT, &options->MaxConn) ||
|
||||||
@ -244,6 +246,7 @@ int getconfig(int argc, char **argv, or_options_t *options) {
|
|||||||
options->NewCircuitPeriod = 60; /* once a minute */
|
options->NewCircuitPeriod = 60; /* once a minute */
|
||||||
options->TotalBandwidth = 800000; /* at most 800kB/s total sustained incoming */
|
options->TotalBandwidth = 800000; /* at most 800kB/s total sustained incoming */
|
||||||
options->NumCpus = 1;
|
options->NumCpus = 1;
|
||||||
|
options->CertFile = "default.cert";
|
||||||
// options->ReconnectPeriod = 6001;
|
// options->ReconnectPeriod = 6001;
|
||||||
|
|
||||||
/* get config lines from /etc/torrc and assign them */
|
/* get config lines from /etc/torrc and assign them */
|
||||||
@ -352,6 +355,11 @@ int getconfig(int argc, char **argv, or_options_t *options) {
|
|||||||
result = -1;
|
result = -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(options->OnionRouter && options->Nickname == NULL) {
|
||||||
|
log_fn(LOG_ERR,"Nickname required for OnionRouter, but not found.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
if(options->DirPort > 0 && options->SigningPrivateKeyFile == NULL) {
|
if(options->DirPort > 0 && options->SigningPrivateKeyFile == NULL) {
|
||||||
log(LOG_ERR,"SigningPrivateKeyFile option required for DirServer, but not found.");
|
log(LOG_ERR,"SigningPrivateKeyFile option required for DirServer, but not found.");
|
||||||
result = -1;
|
result = -1;
|
||||||
|
@ -450,7 +450,28 @@ static int do_main_loop(void) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef USE_TLS
|
#ifdef USE_TLS
|
||||||
make the tls context here
|
if(options.OnionRouter) {
|
||||||
|
struct stat statbuf;
|
||||||
|
if(stat(options.CertFile, &statbuf) < 0) {
|
||||||
|
log_fn(LOG_INFO,"CertFile %s is missing. Generating.", options.CertFile);
|
||||||
|
if(tor_tls_write_certificate(options.CertFile,
|
||||||
|
get_privatekey(),
|
||||||
|
options.Nickname) < 0) {
|
||||||
|
log_fn(LOG_ERR,"Couldn't write CertFile %s. Dying.", options.CertFile);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(tor_tls_context_new(certfile, get_privatekey(), 1) < 0) {
|
||||||
|
log_fn(LOG_ERR,"Error creating tls context.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
} else { /* just a proxy, the context is easy */
|
||||||
|
if(tor_tls_context_new(NULL, NULL, 0) < 0) {
|
||||||
|
log_fn(LOG_ERR,"Error creating tls context.");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* start up the necessary connections based on which ports are
|
/* start up the necessary connections based on which ports are
|
||||||
|
@ -439,6 +439,8 @@ typedef struct {
|
|||||||
char *RouterFile;
|
char *RouterFile;
|
||||||
char *SigningPrivateKeyFile;
|
char *SigningPrivateKeyFile;
|
||||||
char *PrivateKeyFile;
|
char *PrivateKeyFile;
|
||||||
|
char *CertFile;
|
||||||
|
char *Nickname;
|
||||||
double CoinWeight;
|
double CoinWeight;
|
||||||
int Daemon;
|
int Daemon;
|
||||||
int ORPort;
|
int ORPort;
|
||||||
|
Loading…
Reference in New Issue
Block a user