[tor-commits] [tor/master] Rename 'dynamic prime' to 'dynamic DH modulus'.

nickm at torproject.org nickm at torproject.org
Tue Nov 29 23:33:59 UTC 2011


commit 7c37a664c17f4dd9748f096ea385c3627cc323fa
Author: George Kadianakis <desnacked at gmail.com>
Date:   Fri Nov 25 01:00:58 2011 +0100

    Rename 'dynamic prime' to 'dynamic DH modulus'.
---
 src/common/crypto.c |   80 +++++++++++++++++++++++++-------------------------
 src/common/crypto.h |    4 +-
 src/or/config.c     |    4 +-
 src/or/router.c     |    4 +-
 4 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 4e96fed..0f828db 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1818,15 +1818,15 @@ static BIGNUM *dh_param_g = NULL;
 
 /** Generate and return a reasonable and safe DH parameter p. */
 static BIGNUM *
-crypto_generate_dynamic_prime(void)
+crypto_generate_dynamic_dh_modulus(void)
 {
-  BIGNUM *dynamic_prime;
+  BIGNUM *dynamic_dh_modulus;
   DH *dh_parameters;
   int r, dh_codes;
   char *s;
 
-  dynamic_prime = BN_new();
-  tor_assert(dynamic_prime);
+  dynamic_dh_modulus = BN_new();
+  tor_assert(dynamic_dh_modulus);
 
   dh_parameters = DH_generate_parameters(DH_BYTES*8, DH_GENERATOR, NULL, NULL);
   tor_assert(dh_parameters);
@@ -1834,24 +1834,24 @@ crypto_generate_dynamic_prime(void)
   r = DH_check(dh_parameters, &dh_codes);
   tor_assert(r && !dh_codes);
 
-  BN_copy(dynamic_prime, dh_parameters->p);
-  tor_assert(dynamic_prime);
+  BN_copy(dynamic_dh_modulus, dh_parameters->p);
+  tor_assert(dynamic_dh_modulus);
 
   DH_free(dh_parameters);
 
-  { /* log the dynamic prime: */
-    s = BN_bn2hex(dynamic_prime);
+  { /* log the dynamic DH modulus: */
+    s = BN_bn2hex(dynamic_dh_modulus);
     tor_assert(s);
-    log_info(LD_OR, "Dynamic prime generated: [%s]", s);
+    log_info(LD_OR, "Dynamic DH modulus generated: [%s]", s);
     OPENSSL_free(s);
   }
 
-  return dynamic_prime;
+  return dynamic_dh_modulus;
 }
 
-/** Store our dynamic prime to <b>fname</b> for future use. */
+/** Store our dynamic DH modulus to <b>fname</b> for future use. */
 int
-crypto_store_dynamic_prime(const char *fname)
+crypto_store_dynamic_dh_modulus(const char *fname)
 {
   FILE *fp = NULL;
   int retval = -1;
@@ -1862,23 +1862,23 @@ crypto_store_dynamic_prime(const char *fname)
   fname_status = file_status(fname);
 
   if (fname_status == FN_FILE) {
-    /* If the fname is a file, then the dynamic prime is already stored. */
+    /* If the fname is a file, then the dynamic DH modulus is already stored. */
     retval = 0;
     goto done;
   } else if (fname_status != FN_NOENT) {
-    log_info(LD_GENERAL, "Dynamic prime filename is occupied.");
+    log_info(LD_GENERAL, "Dynamic DH modulus filename is occupied.");
     goto done;
   }
 
   tor_assert(fname_status == FN_NOENT);
 
   if (!(fp = fopen(fname, "w"))) {
-    log_notice(LD_GENERAL, "Error while creating dynamic prime file.");
+    log_notice(LD_GENERAL, "Error while creating dynamic DH modulus file.");
     goto done;
   }
 
   if (BN_print_fp(fp, dh_param_p_tls) == 0) {
-    log_warn(LD_GENERAL, "Error while printing dynamic prime to file.");
+    log_warn(LD_GENERAL, "Error while printing dynamic DH modulus to file.");
     goto done;
   }
 
@@ -1891,29 +1891,29 @@ crypto_store_dynamic_prime(const char *fname)
   return retval;
 }
 
-/** Return the dynamic prime stored in <b>fname</b>. If there is no
-    dynamic prime stored in <b>fname</b>, return NULL. */
+/** Return the dynamic DH modulus stored in <b>fname</b>. If there is no
+    dynamic DH modulus stored in <b>fname</b>, return NULL. */
 static BIGNUM *
-crypto_get_stored_dynamic_prime(const char *fname)
+crypto_get_stored_dynamic_dh_modulus(const char *fname)
 {
   int retval;
   char *contents = NULL;
   DH *dh = NULL;
   int dh_codes;
-  BIGNUM *dynamic_prime = BN_new();
+  BIGNUM *dynamic_dh_modulus = BN_new();
 
   tor_assert(fname);
 
-  if (!dynamic_prime)
+  if (!dynamic_dh_modulus)
     goto err;
 
   contents = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
   if (!contents)
     goto err;
 
-  retval = BN_hex2bn(&dynamic_prime, contents);
+  retval = BN_hex2bn(&dynamic_dh_modulus, contents);
   if (!retval) {
-    log_warn(LD_GENERAL, "Could not understand the dynamic prime "
+    log_warn(LD_GENERAL, "Could not understand the dynamic DH modulus "
              "format in '%s'", fname);
     goto err;
   }
@@ -1923,7 +1923,7 @@ crypto_get_stored_dynamic_prime(const char *fname)
     if (!dh)
       goto err;
 
-    dh->p = BN_dup(dynamic_prime);
+    dh->p = BN_dup(dynamic_dh_modulus);
     dh->g = BN_new();
     BN_set_word(dh->g, DH_GENERATOR);
 
@@ -1942,19 +1942,19 @@ crypto_get_stored_dynamic_prime(const char *fname)
 
   }
 
-  { /* log the dynamic prime: */
-    char *s = BN_bn2hex(dynamic_prime);
+  { /* log the dynamic DH modulus: */
+    char *s = BN_bn2hex(dynamic_dh_modulus);
     tor_assert(s);
-    log_info(LD_OR, "Found stored dynamic prime: [%s]", s);
+    log_info(LD_OR, "Found stored dynamic DH modulus: [%s]", s);
     OPENSSL_free(s);
   }
 
   goto done;
 
  err:
-  if (dynamic_prime) {
-    BN_free(dynamic_prime);
-    dynamic_prime = NULL;
+  if (dynamic_dh_modulus) {
+    BN_free(dynamic_dh_modulus);
+    dynamic_dh_modulus = NULL;
   }
 
  done:
@@ -1962,18 +1962,18 @@ crypto_get_stored_dynamic_prime(const char *fname)
   if (dh)
     DH_free(dh);
 
-  return dynamic_prime;
+  return dynamic_dh_modulus;
 }
 
 
 /** Set the global TLS Diffie-Hellman modulus.
- * If <b>dynamic_prime_fname</b> is set, try to read a dynamic prime
+ * If <b>dynamic_dh_modulus_fname</b> is set, try to read a dynamic DH modulus
  * off it and use it as the DH modulus. If that's not possible,
- * generate a new dynamic prime.
- * If <b>dynamic_prime_fname</b> is NULL, use the Apache mod_ssl DH
+ * generate a new dynamic DH modulus.
+ * If <b>dynamic_dh_modulus_fname</b> is NULL, use the Apache mod_ssl DH
  * modulus. */
 void
-crypto_set_tls_dh_prime(const char *dynamic_prime_fname)
+crypto_set_tls_dh_prime(const char *dynamic_dh_modulus_fname)
 {
   BIGNUM *tls_prime = NULL;
   int r;
@@ -1984,14 +1984,14 @@ crypto_set_tls_dh_prime(const char *dynamic_prime_fname)
     dh_param_p_tls = NULL;
   }
 
-  if (dynamic_prime_fname) { /* use dynamic primes: */
-    log_info(LD_OR, "Using stored dynamic prime.");
-    tls_prime = crypto_get_stored_dynamic_prime(dynamic_prime_fname);
+  if (dynamic_dh_modulus_fname) { /* use dynamic DH moduluss: */
+    log_info(LD_OR, "Using stored dynamic DH modulus.");
+    tls_prime = crypto_get_stored_dynamic_dh_modulus(dynamic_dh_modulus_fname);
 
     if (!tls_prime) {
-      log_notice(LD_OR, "Generating fresh dynamic prime. "
+      log_notice(LD_OR, "Generating fresh dynamic DH modulus. "
                  "This might take a while...");
-      tls_prime = crypto_generate_dynamic_prime();
+      tls_prime = crypto_generate_dynamic_dh_modulus();
     }
   } else { /* use the static DH prime modulus used by Apache in mod_ssl: */
     tls_prime = BN_new();
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 20298b3..504c59b 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -95,8 +95,8 @@ int crypto_global_cleanup(void);
 crypto_pk_env_t *crypto_new_pk_env(void);
 void crypto_free_pk_env(crypto_pk_env_t *env);
 
-void crypto_set_tls_dh_prime(const char *dynamic_prime_fname);
-int crypto_store_dynamic_prime(const char *fname);
+void crypto_set_tls_dh_prime(const char *dynamic_dh_modulus_fname);
+int crypto_store_dynamic_dh_modulus(const char *fname);
 
 /* convenience function: wraps crypto_create_crypto_env, set_key, and init. */
 crypto_cipher_env_t *crypto_create_init_cipher(const char *key,
diff --git a/src/or/config.c b/src/or/config.c
index fc3cc74..d403dec 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1365,7 +1365,7 @@ options_act(const or_options_t *old_options)
   /* If needed, generate a new TLS DH prime according to the current torrc. */
   if (!old_options) {
     if (options->DynamicDHGroups) {
-      char *fname = get_datadir_fname2("keys", "dynamic_prime");
+      char *fname = get_datadir_fname2("keys", "dynamic_dh_modulus");
       crypto_set_tls_dh_prime(fname);
       tor_free(fname);
     } else {
@@ -1373,7 +1373,7 @@ options_act(const or_options_t *old_options)
     }
   } else {
     if (options->DynamicDHGroups && !old_options->DynamicDHGroups) {
-      char *fname = get_datadir_fname2("keys", "dynamic_prime");
+      char *fname = get_datadir_fname2("keys", "dynamic_dh_modulus");
       crypto_set_tls_dh_prime(fname);
       tor_free(fname);
     } else if (!options->DynamicDHGroups && old_options->DynamicDHGroups) {
diff --git a/src/or/router.c b/src/or/router.c
index fa791fc..963c781 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -636,8 +636,8 @@ init_keys(void)
 
   /** 3b. If we use a dynamic prime, store it to disk. */
   if (get_options()->DynamicDHGroups) {
-    char *fname = get_datadir_fname2("keys", "dynamic_prime");
-    if (crypto_store_dynamic_prime(fname)) {
+    char *fname = get_datadir_fname2("keys", "dynamic_dh_modulus");
+    if (crypto_store_dynamic_dh_modulus(fname)) {
       log_notice(LD_GENERAL, "Failed while storing dynamic prime. "
                  "Make sure your data directory is sane.");
     }





More information about the tor-commits mailing list