[tor-commits] [tor/master] Merge branch 'bug17686_v2_027'
nickm at torproject.org
nickm at torproject.org
Thu Nov 26 03:33:57 UTC 2015
commit e5754c42d124549b3fd8e8d7c11d4dde3b5acec1
Merge: c875265 943369f
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Nov 25 22:33:49 2015 -0500
Merge branch 'bug17686_v2_027'
changes/bug17686 | 4 ++++
src/common/compat.h | 2 ++
src/common/crypto.c | 35 +++++++++++++++++++++--------------
src/common/crypto.h | 11 ++++++-----
src/common/crypto_curve25519.c | 3 +--
src/common/tortls.c | 3 +--
src/or/config.c | 3 +--
src/or/connection_or.c | 3 +--
src/or/control.c | 3 +--
src/or/ext_orport.c | 3 +--
src/or/main.c | 6 ++++--
src/or/onion_fast.c | 8 ++------
src/or/rendclient.c | 6 +-----
src/or/rendcommon.c | 12 ++----------
src/test/bench.c | 5 ++++-
src/test/test_extorport.c | 5 ++---
src/test/test_workqueue.c | 10 ++++++++--
src/test/testing_common.c | 5 ++++-
18 files changed, 66 insertions(+), 61 deletions(-)
diff --cc src/or/main.c
index c9007b9,0f8d7ff..1469fd1
--- a/src/or/main.c
+++ b/src/or/main.c
@@@ -1607,37 -1371,43 +1607,39 @@@ rotate_x509_certificate_callback(time_
/* 1b. Every MAX_SSL_KEY_LIFETIME_INTERNAL seconds, we change our
* TLS context. */
- if (!time_to.last_rotated_x509_certificate)
- time_to.last_rotated_x509_certificate = now;
- if (time_to.last_rotated_x509_certificate +
- MAX_SSL_KEY_LIFETIME_INTERNAL < now) {
- log_info(LD_GENERAL,"Rotating tls context.");
- if (router_initialize_tls_context() < 0) {
- log_warn(LD_BUG, "Error reinitializing TLS context");
- /* XXX is it a bug here, that we just keep going? -RD */
- }
- time_to.last_rotated_x509_certificate = now;
- /* We also make sure to rotate the TLS connections themselves if they've
- * been up for too long -- but that's done via is_bad_for_new_circs in
- * connection_run_housekeeping() above. */
- }
-
- if (time_to.add_entropy < now) {
- if (time_to.add_entropy) {
- /* We already seeded once, so don't die on failure. */
- if (crypto_seed_rng() < 0) {
- log_warn(LD_GENERAL, "Tried to re-seed RNG, but failed. We already "
- "seeded once, though, so we won't exit here.");
- }
- }
-/** How often do we add more entropy to OpenSSL's RNG pool? */
-#define ENTROPY_INTERVAL (60*60)
- time_to.add_entropy = now + ENTROPY_INTERVAL;
+ log_info(LD_GENERAL,"Rotating tls context.");
+ if (router_initialize_tls_context() < 0) {
+ log_warn(LD_BUG, "Error reinitializing TLS context");
+ /* XXX is it a bug here, that we just keep going? -RD */
}
- /* 1c. If we have to change the accounting interval or record
- * bandwidth used in this accounting interval, do so. */
- if (accounting_is_enabled(options))
- accounting_run_housekeeping(now);
+ /* We also make sure to rotate the TLS connections themselves if they've
+ * been up for too long -- but that's done via is_bad_for_new_circs in
+ * run_connection_housekeeping() above. */
-
+ return MAX_SSL_KEY_LIFETIME_INTERNAL;
+}
+
+static int
+add_entropy_callback(time_t now, const or_options_t *options)
+{
+ (void)now;
+ (void)options;
+ /* We already seeded once, so don't die on failure. */
- crypto_seed_rng();
++ if (crypto_seed_rng() < 0) {
++ log_warn(LD_GENERAL, "Tried to re-seed RNG, but failed. We already "
++ "seeded once, though, so we won't exit here.");
++ }
+
+ /** How often do we add more entropy to OpenSSL's RNG pool? */
+#define ENTROPY_INTERVAL (60*60)
+ return ENTROPY_INTERVAL;
+}
- if (time_to.launch_reachability_tests < now &&
- (authdir_mode_tests_reachability(options)) &&
- !net_is_disabled()) {
- time_to.launch_reachability_tests = now + REACHABILITY_TEST_INTERVAL;
+static int
+launch_reachability_tests_callback(time_t now, const or_options_t *options)
+{
+ if (authdir_mode_tests_reachability(options) &&
+ !net_is_disabled()) {
/* try to determine reachability of the other Tor relays */
dirserv_test_reachability(now);
}
More information about the tor-commits
mailing list