[tor-commits] [tor/master] Move broken primes to dynamic_dh_modulus.broken.
nickm at torproject.org
nickm at torproject.org
Tue Nov 29 23:33:59 UTC 2011
commit 1df6b5a734acd381d49a57bb689c7dcd2cd66ad9
Author: George Kadianakis <desnacked at gmail.com>
Date: Fri Nov 25 17:39:45 2011 +0100
Move broken primes to dynamic_dh_modulus.broken.
---
src/common/crypto.c | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1974a39..da3b80b 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1900,6 +1900,7 @@ crypto_get_stored_dynamic_dh_modulus(const char *fname)
char *contents = NULL;
DH *dh = NULL;
int dh_codes;
+ char *fname_new = NULL;
BIGNUM *dynamic_dh_modulus = BN_new();
tor_assert(fname);
@@ -1951,6 +1952,24 @@ crypto_get_stored_dynamic_dh_modulus(const char *fname)
goto done;
err:
+
+ { /* move broken prime to $filename.broken */
+
+ fname_new = tor_malloc(strlen(fname) + 8);
+
+ /* no can do if these functions return error */
+ strlcpy(fname_new, fname, strlen(fname) + 8);
+ strlcat(fname_new, ".broken", strlen(fname) + 8);
+
+ log_warn(LD_GENERAL, "Moving broken dynamic DH prime to '%s'.", fname_new);
+
+ if (replace_file(fname, fname_new))
+ log_warn(LD_GENERAL, "Error while moving '%s' to '%s'.", fname, fname_new);
+
+ tor_free(fname_new);
+
+ }
+
if (dynamic_dh_modulus) {
BN_free(dynamic_dh_modulus);
dynamic_dh_modulus = NULL;
More information about the tor-commits
mailing list