commit 3907faf2fdc28a0c9f85279a58f2059c9a44f9b4
Author: Nick Mathewson <nickm(a)torproject.org>
Date: Tue Nov 14 16:49:41 2017 -0500
New accessors for keydir/cachedir access
This patch is a result of auditing all of our uses of
get_datadir_fname() and its kin, and dividing them into cache vs
keys vs other data.
The new get_keydir_fname() and get_cachedir_fname() functions don't
actually do anything new yet.
---
src/or/config.h | 21 +++++--
src/or/conscache.c | 2 +-
src/or/control.c | 2 +-
src/or/main.c | 155 ++++++++++++++++++++++++++++++-------------------
src/or/microdesc.c | 4 +-
src/or/networkstatus.c | 14 ++---
src/or/router.c | 26 ++++-----
src/or/routerkeys.c | 12 ++--
src/or/routerlist.c | 16 ++---
9 files changed, 149 insertions(+), 103 deletions(-)
diff --git a/src/or/config.h b/src/or/config.h
index de9858a25..4e9bb0f6f 100644
--- a/src/or/config.h
+++ b/src/or/config.h
@@ -72,6 +72,11 @@ MOCK_DECL(char *,
* get_datadir_fname2_suffix. */
#define get_datadir_fname2(sub1,sub2) \
get_datadir_fname2_suffix((sub1), (sub2), NULL)
+/** Return a newly allocated string containing datadir/sub1suffix. See
+ * get_datadir_fname2_suffix. */
+#define get_datadir_fname_suffix(sub1, suffix) \
+ get_datadir_fname2_suffix((sub1), NULL, (suffix))
+
/** Return a newly allocated string containing datadir/sub1 relative to
* opts. See get_datadir_fname2_suffix. */
#define options_get_datadir_fname(opts,sub1) \
@@ -80,10 +85,18 @@ MOCK_DECL(char *,
* opts. See get_datadir_fname2_suffix. */
#define options_get_datadir_fname2(opts,sub1,sub2) \
options_get_datadir_fname2_suffix((opts),(sub1), (sub2), NULL)
-/** Return a newly allocated string containing datadir/sub1suffix. See
- * get_datadir_fname2_suffix. */
-#define get_datadir_fname_suffix(sub1, suffix) \
- get_datadir_fname2_suffix((sub1), NULL, (suffix))
+
+/** DOCDOC */
+#define get_keydir_fname(sub1) \
+ get_datadir_fname2("keys", (sub1))
+#define options_get_keydir_fname(options, sub1) \
+ options_get_datadir_fname2((options), "keys", (sub1))
+#define get_keydir_fname_suffix(sub1, suffix) \
+ get_datadir_fname2_suffix("keys", (sub1), (suffix))
+
+#define get_cachedir_fname(sub1) get_datadir_fname((sub1))
+#define get_cachedir_fname_suffix(sub1, suffix) \
+ get_datadir_fname_suffix((sub1), (suffix))
int using_default_dir_authorities(const or_options_t *options);
diff --git a/src/or/conscache.c b/src/or/conscache.c
index 0f3e453ea..1407d0f0b 100644
--- a/src/or/conscache.c
+++ b/src/or/conscache.c
@@ -79,7 +79,7 @@ consensus_cache_open(const char *subdir, int max_entries)
{
int storagedir_max_entries;
consensus_cache_t *cache = tor_malloc_zero(sizeof(consensus_cache_t));
- char *directory = get_datadir_fname(subdir);
+ char *directory = get_cachedir_fname(subdir);
cache->max_entries = max_entries;
#ifdef MUST_UNMAP_TO_UNLINK
diff --git a/src/or/control.c b/src/or/control.c
index 0d462b2d7..e17e92365 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -2115,7 +2115,7 @@ getinfo_helper_dir(control_connection_t *control_conn,
*answer = tor_strdup(consensus->dir);
}
if (!*answer) { /* try loading it from disk */
- char *filename = get_datadir_fname("cached-consensus");
+ char *filename = get_cachedir_fname("cached-consensus");
*answer = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
tor_free(filename);
if (!*answer) { /* generate an error */
diff --git a/src/or/main.c b/src/or/main.c
index e34970391..c0bdbd760 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -3550,7 +3550,7 @@ sandbox_init_filter(void)
int i;
sandbox_cfg_allow_openat_filename(&cfg,
- get_datadir_fname("cached-status"));
+ get_cachedir_fname("cached-status"));
#define OPEN(name) \
sandbox_cfg_allow_open_filename(&cfg, tor_strdup(name))
@@ -3571,21 +3571,37 @@ sandbox_init_filter(void)
OPEN_DATADIR2(name, name2 suffix); \
} while (0)
+#define OPEN_KEY_DIRECTORY() OPEN_DATADIR("keys")
+#define OPEN_CACHEDIR(name) \
+ sandbox_cfg_allow_open_filename(&cfg, get_cachedir_fname(name))
+#define OPEN_CACHEDIR_SUFFIX(name, suffix) do { \
+ OPEN_CACHEDIR(name); \
+ OPEN_CACHEDIR(name suffix); \
+ } while (0)
+#define OPEN_KEYDIR(name) \
+ sandbox_cfg_allow_open_filename(&cfg, get_keydir_fname(name))
+#define OPEN_KEYDIR_SUFFIX(name, suffix) do { \
+ OPEN_KEYDIR(name); \
+ OPEN_KEYDIR(name suffix); \
+ } while (0)
+
OPEN(options->DataDirectory);
- OPEN_DATADIR("keys");
- OPEN_DATADIR_SUFFIX("cached-certs", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-consensus", ".tmp");
- OPEN_DATADIR_SUFFIX("unverified-consensus", ".tmp");
- OPEN_DATADIR_SUFFIX("unverified-microdesc-consensus", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-microdesc-consensus", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-microdescs", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-microdescs.new", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-descriptors", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-descriptors.new", ".tmp");
- OPEN_DATADIR("cached-descriptors.tmp.tmp");
- OPEN_DATADIR_SUFFIX("cached-extrainfo", ".tmp");
- OPEN_DATADIR_SUFFIX("cached-extrainfo.new", ".tmp");
- OPEN_DATADIR("cached-extrainfo.tmp.tmp");
+ OPEN_KEY_DIRECTORY();
+
+ OPEN_CACHEDIR_SUFFIX("cached-certs", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-consensus", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("unverified-consensus", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("unverified-microdesc-consensus", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-microdesc-consensus", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-microdescs", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-microdescs.new", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-descriptors", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-descriptors.new", ".tmp");
+ OPEN_CACHEDIR("cached-descriptors.tmp.tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-extrainfo", ".tmp");
+ OPEN_CACHEDIR_SUFFIX("cached-extrainfo.new", ".tmp");
+ OPEN_CACHEDIR("cached-extrainfo.tmp.tmp");
+
OPEN_DATADIR_SUFFIX("state", ".tmp");
OPEN_DATADIR_SUFFIX("sr-state", ".tmp");
OPEN_DATADIR_SUFFIX("unparseable-desc", ".tmp");
@@ -3629,20 +3645,31 @@ sandbox_init_filter(void)
get_datadir_fname2(prefix, name suffix), \
get_datadir_fname2(prefix, name))
- RENAME_SUFFIX("cached-certs", ".tmp");
- RENAME_SUFFIX("cached-consensus", ".tmp");
- RENAME_SUFFIX("unverified-consensus", ".tmp");
- RENAME_SUFFIX("unverified-microdesc-consensus", ".tmp");
- RENAME_SUFFIX("cached-microdesc-consensus", ".tmp");
- RENAME_SUFFIX("cached-microdescs", ".tmp");
- RENAME_SUFFIX("cached-microdescs", ".new");
- RENAME_SUFFIX("cached-microdescs.new", ".tmp");
- RENAME_SUFFIX("cached-descriptors", ".tmp");
- RENAME_SUFFIX("cached-descriptors", ".new");
- RENAME_SUFFIX("cached-descriptors.new", ".tmp");
- RENAME_SUFFIX("cached-extrainfo", ".tmp");
- RENAME_SUFFIX("cached-extrainfo", ".new");
- RENAME_SUFFIX("cached-extrainfo.new", ".tmp");
+#define RENAME_CACHEDIR_SUFFIX(name, suffix) \
+ sandbox_cfg_allow_rename(&cfg, \
+ get_cachedir_fname(name suffix), \
+ get_cachedir_fname(name))
+
+#define RENAME_KEYDIR_SUFFIX(name, suffix) \
+ sandbox_cfg_allow_rename(&cfg, \
+ get_keydir_fname(name suffix), \
+ get_keydir_fname(name))
+
+ RENAME_CACHEDIR_SUFFIX("cached-certs", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-consensus", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("unverified-consensus", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("unverified-microdesc-consensus", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-microdesc-consensus", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-microdescs", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-microdescs", ".new");
+ RENAME_CACHEDIR_SUFFIX("cached-microdescs.new", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-descriptors", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-descriptors", ".new");
+ RENAME_CACHEDIR_SUFFIX("cached-descriptors.new", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-extrainfo", ".tmp");
+ RENAME_CACHEDIR_SUFFIX("cached-extrainfo", ".new");
+ RENAME_CACHEDIR_SUFFIX("cached-extrainfo.new", ".tmp");
+
RENAME_SUFFIX("state", ".tmp");
RENAME_SUFFIX("sr-state", ".tmp");
RENAME_SUFFIX("unparseable-desc", ".tmp");
@@ -3654,14 +3681,20 @@ sandbox_init_filter(void)
#define STAT_DATADIR(name) \
sandbox_cfg_allow_stat_filename(&cfg, get_datadir_fname(name))
+#define STAT_CACHEDIR(name) \
+ sandbox_cfg_allow_stat_filename(&cfg, get_cachedir_fname(name))
+
#define STAT_DATADIR2(name, name2) \
sandbox_cfg_allow_stat_filename(&cfg, get_datadir_fname2((name), (name2)))
+#define STAT_KEY_DIRECTORY() STAT_DATADIR("keys")
+
STAT_DATADIR(NULL);
STAT_DATADIR("lock");
STAT_DATADIR("state");
STAT_DATADIR("router-stability");
- STAT_DATADIR("cached-extrainfo.new");
+
+ STAT_CACHEDIR("cached-extrainfo.new");
{
smartlist_t *files = smartlist_new();
@@ -3726,22 +3759,20 @@ sandbox_init_filter(void)
// orport
if (server_mode(get_options())) {
- OPEN_DATADIR2_SUFFIX("keys", "secret_id_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key_ntor", ".tmp");
- OPEN_DATADIR2("keys", "secret_id_key.old");
- OPEN_DATADIR2("keys", "secret_onion_key.old");
- OPEN_DATADIR2("keys", "secret_onion_key_ntor.old");
-
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_master_id_secret_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_master_id_secret_key_encrypted",
- ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_master_id_public_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_signing_secret_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_signing_secret_key_encrypted",
- ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_signing_public_key", ".tmp");
- OPEN_DATADIR2_SUFFIX("keys", "ed25519_signing_cert", ".tmp");
+ OPEN_KEYDIR_SUFFIX("secret_id_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("secret_onion_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("secret_onion_key_ntor", ".tmp");
+ OPEN_KEYDIR("secret_id_key.old");
+ OPEN_KEYDIR("secret_onion_key.old");
+ OPEN_KEYDIR("secret_onion_key_ntor.old");
+
+ OPEN_KEYDIR_SUFFIX("ed25519_master_id_secret_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_master_id_secret_key_encrypted", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_master_id_public_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_signing_secret_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_signing_secret_key_encrypted", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_signing_public_key", ".tmp");
+ OPEN_KEYDIR_SUFFIX("ed25519_signing_cert", ".tmp");
OPEN_DATADIR2_SUFFIX("stats", "bridge-stats", ".tmp");
OPEN_DATADIR2_SUFFIX("stats", "dirreq-stats", ".tmp");
@@ -3760,11 +3791,13 @@ sandbox_init_filter(void)
OPEN("/etc/resolv.conf");
RENAME_SUFFIX("fingerprint", ".tmp");
- RENAME_SUFFIX2("keys", "secret_onion_key_ntor", ".tmp");
- RENAME_SUFFIX2("keys", "secret_id_key", ".tmp");
- RENAME_SUFFIX2("keys", "secret_id_key.old", ".tmp");
- RENAME_SUFFIX2("keys", "secret_onion_key", ".tmp");
- RENAME_SUFFIX2("keys", "secret_onion_key.old", ".tmp");
+ RENAME_KEYDIR_SUFFIX("secret_onion_key_ntor", ".tmp");
+
+ RENAME_KEYDIR_SUFFIX("secret_id_key", ".tmp");
+ RENAME_KEYDIR_SUFFIX("secret_id_key.old", ".tmp");
+ RENAME_KEYDIR_SUFFIX("secret_onion_key", ".tmp");
+ RENAME_KEYDIR_SUFFIX("secret_onion_key.old", ".tmp");
+
RENAME_SUFFIX2("stats", "bridge-stats", ".tmp");
RENAME_SUFFIX2("stats", "dirreq-stats", ".tmp");
RENAME_SUFFIX2("stats", "entry-stats", ".tmp");
@@ -3775,20 +3808,20 @@ sandbox_init_filter(void)
RENAME_SUFFIX("hashed-fingerprint", ".tmp");
RENAME_SUFFIX("router-stability", ".tmp");
- RENAME_SUFFIX2("keys", "ed25519_master_id_secret_key", ".tmp");
- RENAME_SUFFIX2("keys", "ed25519_master_id_secret_key_encrypted", ".tmp");
- RENAME_SUFFIX2("keys", "ed25519_master_id_public_key", ".tmp");
- RENAME_SUFFIX2("keys", "ed25519_signing_secret_key", ".tmp");
- RENAME_SUFFIX2("keys", "ed25519_signing_cert", ".tmp");
+ RENAME_KEYDIR_SUFFIX("ed25519_master_id_secret_key", ".tmp");
+ RENAME_KEYDIR_SUFFIX("ed25519_master_id_secret_key_encrypted", ".tmp");
+ RENAME_KEYDIR_SUFFIX("ed25519_master_id_public_key", ".tmp");
+ RENAME_KEYDIR_SUFFIX("ed25519_signing_secret_key", ".tmp");
+ RENAME_KEYDIR_SUFFIX("ed25519_signing_cert", ".tmp");
sandbox_cfg_allow_rename(&cfg,
- get_datadir_fname2("keys", "secret_onion_key"),
- get_datadir_fname2("keys", "secret_onion_key.old"));
+ get_keydir_fname("secret_onion_key"),
+ get_keydir_fname("secret_onion_key.old"));
sandbox_cfg_allow_rename(&cfg,
- get_datadir_fname2("keys", "secret_onion_key_ntor"),
- get_datadir_fname2("keys", "secret_onion_key_ntor.old"));
+ get_keydir_fname("secret_onion_key_ntor"),
+ get_keydir_fname("secret_onion_key_ntor.old"));
- STAT_DATADIR("keys");
+ STAT_KEY_DIRECTORY();
OPEN_DATADIR("stats");
STAT_DATADIR("stats");
STAT_DATADIR2("stats", "dirreq-stats");
diff --git a/src/or/microdesc.c b/src/or/microdesc.c
index 18a6fbded..3fe5e933d 100644
--- a/src/or/microdesc.c
+++ b/src/or/microdesc.c
@@ -142,8 +142,8 @@ get_microdesc_cache_noload(void)
if (PREDICT_UNLIKELY(the_microdesc_cache==NULL)) {
microdesc_cache_t *cache = tor_malloc_zero(sizeof(*cache));
HT_INIT(microdesc_map, &cache->map);
- cache->cache_fname = get_datadir_fname("cached-microdescs");
- cache->journal_fname = get_datadir_fname("cached-microdescs.new");
+ cache->cache_fname = get_cachedir_fname("cached-microdescs");
+ cache->journal_fname = get_cachedir_fname("cached-microdescs.new");
the_microdesc_cache = cache;
}
return the_microdesc_cache;
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index ff3247668..d382cc803 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -197,7 +197,7 @@ networkstatus_read_cached_consensus_impl(int flav,
tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname);
}
- char *filename = get_datadir_fname(buf);
+ char *filename = get_cachedir_fname(buf);
char *result = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
tor_free(filename);
return result;
@@ -1794,15 +1794,15 @@ networkstatus_set_current_consensus(const char *consensus,
}
if (!strcmp(flavor, "ns")) {
- consensus_fname = get_datadir_fname("cached-consensus");
- unverified_fname = get_datadir_fname("unverified-consensus");
+ consensus_fname = get_cachedir_fname("cached-consensus");
+ unverified_fname = get_cachedir_fname("unverified-consensus");
if (current_ns_consensus) {
current_digests = ¤t_ns_consensus->digests;
current_valid_after = current_ns_consensus->valid_after;
}
} else if (!strcmp(flavor, "microdesc")) {
- consensus_fname = get_datadir_fname("cached-microdesc-consensus");
- unverified_fname = get_datadir_fname("unverified-microdesc-consensus");
+ consensus_fname = get_cachedir_fname("cached-microdesc-consensus");
+ unverified_fname = get_cachedir_fname("unverified-microdesc-consensus");
if (current_md_consensus) {
current_digests = ¤t_md_consensus->digests;
current_valid_after = current_md_consensus->valid_after;
@@ -1811,9 +1811,9 @@ networkstatus_set_current_consensus(const char *consensus,
cached_dir_t *cur;
char buf[128];
tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
- consensus_fname = get_datadir_fname(buf);
+ consensus_fname = get_cachedir_fname(buf);
tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
- unverified_fname = get_datadir_fname(buf);
+ unverified_fname = get_cachedir_fname(buf);
cur = dirserv_get_consensus(flavor);
if (cur) {
current_digests = &cur->digests;
diff --git a/src/or/router.c b/src/or/router.c
index fb8596a8d..64bd9fdfc 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -174,7 +174,7 @@ expire_old_onion_keys(void)
tor_mutex_release(key_lock);
- fname = get_datadir_fname2("keys", "secret_onion_key.old");
+ fname = get_keydir_fname("secret_onion_key.old");
if (file_status(fname) == FN_FILE) {
if (tor_unlink(fname) != 0) {
log_warn(LD_FS, "Couldn't unlink old onion key file %s: %s",
@@ -183,7 +183,7 @@ expire_old_onion_keys(void)
}
tor_free(fname);
- fname = get_datadir_fname2("keys", "secret_onion_key_ntor.old");
+ fname = get_keydir_fname("secret_onion_key_ntor.old");
if (file_status(fname) == FN_FILE) {
if (tor_unlink(fname) != 0) {
log_warn(LD_FS, "Couldn't unlink old ntor onion key file %s: %s",
@@ -378,8 +378,8 @@ rotate_onion_key(void)
or_state_t *state = get_or_state();
curve25519_keypair_t new_curve25519_keypair;
time_t now;
- fname = get_datadir_fname2("keys", "secret_onion_key");
- fname_prev = get_datadir_fname2("keys", "secret_onion_key.old");
+ fname = get_keydir_fname("secret_onion_key");
+ fname_prev = get_keydir_fname("secret_onion_key.old");
/* There isn't much point replacing an old key with an empty file */
if (file_status(fname) == FN_FILE) {
if (replace_file(fname, fname_prev))
@@ -399,8 +399,8 @@ rotate_onion_key(void)
}
tor_free(fname);
tor_free(fname_prev);
- fname = get_datadir_fname2("keys", "secret_onion_key_ntor");
- fname_prev = get_datadir_fname2("keys", "secret_onion_key_ntor.old");
+ fname = get_keydir_fname("secret_onion_key_ntor");
+ fname_prev = get_keydir_fname("secret_onion_key_ntor.old");
if (curve25519_keypair_generate(&new_curve25519_keypair, 1) < 0)
goto error;
/* There isn't much point replacing an old key with an empty file */
@@ -624,7 +624,7 @@ load_authority_keyset(int legacy, crypto_pk_t **key_out,
crypto_pk_t *signing_key = NULL;
authority_cert_t *parsed = NULL;
- fname = get_datadir_fname2("keys",
+ fname = get_keydir_fname(
legacy ? "legacy_signing_key" : "authority_signing_key");
signing_key = init_key_from_file(fname, 0, LOG_ERR, 0);
if (!signing_key) {
@@ -632,7 +632,7 @@ load_authority_keyset(int legacy, crypto_pk_t **key_out,
goto done;
}
tor_free(fname);
- fname = get_datadir_fname2("keys",
+ fname = get_keydir_fname(
legacy ? "legacy_certificate" : "authority_certificate");
cert = read_file_to_str(fname, 0, NULL);
if (!cert) {
@@ -958,7 +958,7 @@ init_keys(void)
}
/* 1b. Read identity key. Make it if none is found. */
- keydir = get_datadir_fname2("keys", "secret_id_key");
+ keydir = get_keydir_fname("secret_id_key");
log_info(LD_GENERAL,"Reading/making identity key \"%s\"...",keydir);
prkey = init_key_from_file(keydir, 1, LOG_ERR, 1);
tor_free(keydir);
@@ -986,7 +986,7 @@ init_keys(void)
return -1;
/* 2. Read onion key. Make it if none is found. */
- keydir = get_datadir_fname2("keys", "secret_onion_key");
+ keydir = get_keydir_fname("secret_onion_key");
log_info(LD_GENERAL,"Reading/making onion key \"%s\"...",keydir);
prkey = init_key_from_file(keydir, 1, LOG_ERR, 1);
tor_free(keydir);
@@ -1011,7 +1011,7 @@ init_keys(void)
}
}
- keydir = get_datadir_fname2("keys", "secret_onion_key.old");
+ keydir = get_keydir_fname("secret_onion_key.old");
if (!lastonionkey && file_status(keydir) == FN_FILE) {
/* Load keys from non-empty files only.
* Missing old keys won't be replaced with freshly generated keys. */
@@ -1024,14 +1024,14 @@ init_keys(void)
{
/* 2b. Load curve25519 onion keys. */
int r;
- keydir = get_datadir_fname2("keys", "secret_onion_key_ntor");
+ keydir = get_keydir_fname("secret_onion_key_ntor");
r = init_curve25519_keypair_from_file(&curve25519_onion_key,
keydir, 1, LOG_ERR, "onion");
tor_free(keydir);
if (r<0)
return -1;
- keydir = get_datadir_fname2("keys", "secret_onion_key_ntor.old");
+ keydir = get_keydir_fname("secret_onion_key_ntor.old");
if (tor_mem_is_zero((const char *)
last_curve25519_onion_key.pubkey.public_key,
CURVE25519_PUBKEY_LEN) &&
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index c6c689ecd..af230f07b 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -718,7 +718,7 @@ load_ed_keys(const or_options_t *options, time_t now)
/* First try to get the signing key to see how it is. */
{
char *fname =
- options_get_datadir_fname2(options, "keys", "ed25519_signing");
+ options_get_keydir_fname(options, "ed25519_signing");
sign = ed_key_init_from_file(
fname,
INIT_ED_KEY_NEEDCERT|
@@ -821,7 +821,7 @@ load_ed_keys(const or_options_t *options, time_t now)
fname = tor_strdup(options->master_key_fname);
flags |= INIT_ED_KEY_EXPLICIT_FNAME;
} else {
- fname = options_get_datadir_fname2(options, "keys", "ed25519_master_id");
+ fname = options_get_keydir_fname(options, "ed25519_master_id");
}
id = ed_key_init_from_file(
fname,
@@ -841,8 +841,8 @@ load_ed_keys(const or_options_t *options, time_t now)
id = tor_malloc_zero(sizeof(*id));
memcpy(&id->pubkey, &check_signing_cert->signing_key,
sizeof(ed25519_public_key_t));
- fname = options_get_datadir_fname2(options, "keys",
- "ed25519_master_id_public_key");
+ fname = options_get_keydir_fname(options,
+ "ed25519_master_id_public_key");
if (ed25519_pubkey_write_to_file(&id->pubkey, fname, "type0") < 0) {
log_warn(LD_OR, "Error while attempting to write master public key "
"to disk");
@@ -883,7 +883,7 @@ load_ed_keys(const or_options_t *options, time_t now)
INIT_ED_KEY_NEEDCERT|
INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT);
char *fname =
- options_get_datadir_fname2(options, "keys", "ed25519_signing");
+ options_get_keydir_fname(options, "ed25519_signing");
ed25519_keypair_free(sign);
tor_cert_free(sign_cert);
sign = ed_key_init_from_file(fname,
@@ -1174,7 +1174,7 @@ log_master_signing_key_cert_expiration(const or_options_t *options)
int failed = 0;
time_t now = approx_time();
- fn = options_get_datadir_fname2(options, "keys", "ed25519_signing_cert");
+ fn = options_get_keydir_fname(options, "ed25519_signing_cert");
/* Try to grab our cached copy of the key. */
signing_key = get_master_signing_key_cert();
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index fb8225e0d..bd200a783 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -473,7 +473,7 @@ trusted_dirs_reload_certs(void)
char *contents;
int r;
- filename = get_datadir_fname("cached-certs");
+ filename = get_cachedir_fname("cached-certs");
contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
tor_free(filename);
if (!contents)
@@ -662,7 +662,7 @@ trusted_dirs_flush_certs_to_disk(void)
});
} DIGESTMAP_FOREACH_END;
- filename = get_datadir_fname("cached-certs");
+ filename = get_cachedir_fname("cached-certs");
if (write_chunks_to_file(filename, chunks, 0, 0)) {
log_warn(LD_FS, "Error writing certificates to disk.");
}
@@ -1339,7 +1339,7 @@ static int
signed_desc_append_to_journal(signed_descriptor_t *desc,
desc_store_t *store)
{
- char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
+ char *fname = get_cachedir_fname_suffix(store->fname_base, ".new");
const char *body = signed_descriptor_get_body_impl(desc,1);
size_t len = desc->signed_descriptor_len + desc->annotations_len;
@@ -1410,8 +1410,8 @@ router_rebuild_store(int flags, desc_store_t *store)
log_info(LD_DIR, "Rebuilding %s cache", store->description);
- fname = get_datadir_fname(store->fname_base);
- fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
+ fname = get_cachedir_fname(store->fname_base);
+ fname_tmp = get_cachedir_fname_suffix(store->fname_base, ".tmp");
chunk_list = smartlist_new();
@@ -1508,7 +1508,7 @@ router_rebuild_store(int flags, desc_store_t *store)
} SMARTLIST_FOREACH_END(sd);
tor_free(fname);
- fname = get_datadir_fname_suffix(store->fname_base, ".new");
+ fname = get_cachedir_fname_suffix(store->fname_base, ".new");
write_str_to_file(fname, "", 1);
r = 0;
@@ -1538,7 +1538,7 @@ router_reload_router_list_impl(desc_store_t *store)
int extrainfo = (store->type == EXTRAINFO_STORE);
store->journal_len = store->store_len = 0;
- fname = get_datadir_fname(store->fname_base);
+ fname = get_cachedir_fname(store->fname_base);
if (store->mmap) {
/* get rid of it first */
@@ -1565,7 +1565,7 @@ router_reload_router_list_impl(desc_store_t *store)
}
tor_free(fname);
- fname = get_datadir_fname_suffix(store->fname_base, ".new");
+ fname = get_cachedir_fname_suffix(store->fname_base, ".new");
/* don't load empty files - we wouldn't get any data, even if we tried */
if (file_status(fname) == FN_FILE)
contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
