int n_days_to_exhaust_bw;
int n_days_to_consider;
+ if (! identity_key_is_set()) {
+ if (init_keys() < 0) {
+ log_fn(LOG_ERR, "Error initializing keys");
+ tor_assert(0);
+ }
+ }
+
format_iso_time(buf, interval_start_time);
crypto_pk_get_digest(get_identity_key(), digest);
/* load the private keys, if we're supposed to have them, and set up the
* TLS context. */
- if (init_keys() < 0) {
- log_fn(LOG_ERR,"Error initializing keys; exiting");
- return -1;
+ if (! identity_key_is_set()) {
+ if (init_keys() < 0) {
+ log_fn(LOG_ERR,"Error initializing keys; exiting");
+ return -1;
+ }
}
/* Set up our buckets */
time_t get_onion_key_set_at(void);
void set_identity_key(crypto_pk_env_t *k);
crypto_pk_env_t *get_identity_key(void);
+int identity_key_is_set(void);
void dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last);
int init_keys(void);
crypto_pk_env_t *init_key_from_file(const char *fname);
return identitykey;
}
+/** Return truf iff the identity key has been set. */
+int identity_key_is_set(void) {
+ return identitykey != NULL;
+}
+
+
/** Replace the previous onion key with the current onion key, and generate
* a new previous onion key. Immediately after calling this function,
* the OR should:
* On OPs, this only initializes the tls context.
*/
int init_keys(void) {
+ /* XXX009 Two problems with how this is called:
+ * 1. It should be idempotent for servers, so we can call init_keys
+ * as much as we need to.
+ * 2. Clients should rotate their identity keys at least whenever
+ * their IPs change.
+ */
char keydir[512];
char keydir2[512];
char fingerprint[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];
projects / thirdparty / tor.git / commitdiff
