commit 4a351b4b9ebfadf27d68e6bb3e1470cdef83ef45 Merge: d679ef6 62ec584 Author: Roger Dingledine arma@torproject.org Date: Tue Sep 13 18:27:13 2011 -0400
Merge branch 'maint-0.2.1' into maint-0.2.2
Conflicts: src/or/main.c src/or/router.c
changes/bug4014 | 3 +++ src/or/main.c | 7 ++++--- src/or/or.h | 4 +++- src/or/router.c | 4 ++-- 4 files changed, 12 insertions(+), 6 deletions(-)
diff --cc src/or/main.c index bc639db,3c879dc..289d805 --- a/src/or/main.c +++ b/src/or/main.c @@@ -937,18 -866,14 +937,19 @@@ run_scheduled_events(time_t now now + DESCRIPTOR_FAILURE_RESET_INTERVAL; }
+ if (options->UseBridges) + fetch_bridge_descriptors(options, now); + - /** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */ + /** 1b. Every MAX_SSL_KEY_LIFETIME_INTERNAL seconds, we change our + * TLS context. */ if (!last_rotated_x509_certificate) last_rotated_x509_certificate = now; - if (last_rotated_x509_certificate+MAX_SSL_KEY_LIFETIME < now) { + if (last_rotated_x509_certificate+MAX_SSL_KEY_LIFETIME_INTERNAL < now) { log_info(LD_GENERAL,"Rotating tls context."); - if (tor_tls_context_new(get_identity_key(), - MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { + if (tor_tls_context_init(public_server_mode(options), + get_tlsclient_identity_key(), + is_server ? get_server_identity_key() : NULL, - MAX_SSL_KEY_LIFETIME) < 0) { ++ MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { log_warn(LD_BUG, "Error reinitializing TLS context"); /* XXX is it a bug here, that we just keep going? -RD */ } diff --cc src/or/router.c index 2165e6e,2afde74..365e888 --- a/src/or/router.c +++ b/src/or/router.c @@@ -521,12 -456,10 +521,12 @@@ init_keys(void crypto_free_pk_env(prkey); return -1; } - set_identity_key(prkey); - /* Create a TLS context; default the client nickname to "client". */ - if (tor_tls_context_new(get_identity_key(), - MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { + set_client_identity_key(prkey); + /* Create a TLS context. */ + if (tor_tls_context_init(0, + get_tlsclient_identity_key(), + NULL, - MAX_SSL_KEY_LIFETIME) < 0) { ++ MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { log_err(LD_GENERAL,"Error creating TLS context for Tor client."); return -1; } @@@ -619,10 -537,8 +619,10 @@@ tor_free(keydir);
/* 3. Initialize link key and TLS context. */ - if (tor_tls_context_new(get_identity_key(), - MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { + if (tor_tls_context_init(public_server_mode(options), + get_tlsclient_identity_key(), + get_server_identity_key(), - MAX_SSL_KEY_LIFETIME) < 0) { ++ MAX_SSL_KEY_LIFETIME_ADVERTISED) < 0) { log_err(LD_GENERAL,"Error initializing TLS context"); return -1; }