From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 28 May 2015 14:44:09 +0000 (-0400)
Subject: Regenerate ed25519 keys when they will expire soon.
X-Git-Tag: tor-0.2.7.2-alpha~137^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32f59d73372f5843ceb305a9d58387573d90f4f6;p=thirdparty%2Ftor.git

Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.
---

diff --git a/src/or/config.c b/src/or/config.c
index 34e7e767a0..07451b321e 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3643,9 +3643,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
     REJECT("SigningKeyLifetime is too short.");
   if (options->TestingLinkKeyLifetime < options->TestingAuthKeySlop*2)
-    REJECT("LinkKeyLifetime is too short.");
+    REJECT("TestingLinkKeyLifetime is too short.");
   if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
-    REJECT("AuthKeyLifetime is too short.");
+    REJECT("TestingAuthKeyLifetime is too short.");
 
   if (options->TestingV3AuthInitialVotingInterval
       < MIN_VOTE_INTERVAL_TESTING_INITIAL) {