[tor-commits] [tor/master] Split the client-only parts of init_keys() into a separate function
nickm at torproject.org
nickm at torproject.org
Fri Aug 14 12:48:33 UTC 2015
commit 835e09e54b07cac826e1d2efb450b0223e8a92ba
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue Aug 11 10:35:10 2015 -0400
Split the client-only parts of init_keys() into a separate function
This should simplify the callgraph a little more.
---
changes/decouple_init_keys | 3 ++
src/or/main.c | 2 +-
src/or/router.c | 68 ++++++++++++++++++++++++++++----------------
src/or/router.h | 1 +
4 files changed, 48 insertions(+), 26 deletions(-)
diff --git a/changes/decouple_init_keys b/changes/decouple_init_keys
new file mode 100644
index 0000000..7f48d2b
--- /dev/null
+++ b/changes/decouple_init_keys
@@ -0,0 +1,3 @@
+ o Code simplification and refactoring:
+ - Move the client-only parts of init_keys() into a separate function.
+ Closes ticket 16763.
diff --git a/src/or/main.c b/src/or/main.c
index e564e6c..c6dcd2a 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1888,7 +1888,7 @@ ip_address_changed(int at_interface)
if (at_interface) {
if (! server) {
/* Okay, change our keys. */
- if (init_keys()<0)
+ if (init_keys_client() < 0)
log_warn(LD_GENERAL, "Unable to rotate keys after IP change!");
}
} else {
diff --git a/src/or/router.c b/src/or/router.c
index 47825e2..03973ae 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -767,6 +767,46 @@ router_write_fingerprint(int hashed)
return result;
}
+static int
+init_keys_common(void)
+{
+ if (!key_lock)
+ key_lock = tor_mutex_new();
+
+ /* There are a couple of paths that put us here before we've asked
+ * openssl to initialize itself. */
+ if (crypto_global_init(get_options()->HardwareAccel,
+ get_options()->AccelName,
+ get_options()->AccelDir)) {
+ log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
+ return -1;
+ }
+
+ return 0;
+}
+
+int
+init_keys_client(void)
+{
+ crypto_pk_t *prkey;
+ if (init_keys_common() < 0)
+ return -1;
+
+ if (!(prkey = crypto_pk_new()))
+ return -1;
+ if (crypto_pk_generate_key(prkey)) {
+ crypto_pk_free(prkey);
+ return -1;
+ }
+ set_client_identity_key(prkey);
+ /* Create a TLS context. */
+ if (router_initialize_tls_context() < 0) {
+ log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
+ return -1;
+ }
+ return 0;
+}
+
/** Initialize all OR private keys, and the TLS context, as necessary.
* On OPs, this only initializes the tls context. Return 0 on success,
* or -1 if Tor should die.
@@ -786,35 +826,13 @@ init_keys(void)
int v3_digest_set = 0;
authority_cert_t *cert = NULL;
- if (!key_lock)
- key_lock = tor_mutex_new();
-
- /* There are a couple of paths that put us here before we've asked
- * openssl to initialize itself. */
- if (crypto_global_init(get_options()->HardwareAccel,
- get_options()->AccelName,
- get_options()->AccelDir)) {
- log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
- return -1;
- }
-
/* OP's don't need persistent keys; just make up an identity and
* initialize the TLS context. */
if (!server_mode(options)) {
- if (!(prkey = crypto_pk_new()))
- return -1;
- if (crypto_pk_generate_key(prkey)) {
- crypto_pk_free(prkey);
- return -1;
- }
- set_client_identity_key(prkey);
- /* Create a TLS context. */
- if (router_initialize_tls_context() < 0) {
- log_err(LD_GENERAL,"Error creating TLS context for Tor client.");
- return -1;
- }
- return 0;
+ return init_keys_client();
}
+ if (init_keys_common() < 0)
+ return -1;
/* Make sure DataDirectory exists, and is private. */
if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
return -1;
diff --git a/src/or/router.h b/src/or/router.h
index 61b35d6..d8fcf0a 100644
--- a/src/or/router.h
+++ b/src/or/router.h
@@ -37,6 +37,7 @@ void ntor_key_map_free(di_digest256_map_t *map);
int router_initialize_tls_context(void);
int init_keys(void);
+int init_keys_client(void);
int check_whether_orport_reachable(void);
int check_whether_dirport_reachable(void);
More information about the tor-commits
mailing list