Simplify DH prime generation logic some.

This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.

Also add a changes file for bug 5572.

diff --git a/changes/bug5572 b/changes/bug5572
new file mode 100644 (file)
index 0000000..e263088
--- /dev/null
+++ b/changes/bug5572
@@ -0,0 +1,5 @@
+  o Major bugfixes:
+    - Make sure we create the keys directory if it doesn't exist and we're
+      about to store the dynamic diffie hellman parameters. Fixes bug 5572;
+      bugfix on 0.2.3.13-alpha.
+

diff --git a/src/or/config.c b/src/or/config.c
index 75a1bd2df118065cf66414967623fe936cb99f0e..696bbd04409899681075001416e7dcdc552feb71 100644 (file)
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1332,7 +1332,6 @@ options_act(const or_options_t *old_options)
   or_options_t *options = get_options_mutable();
   int running_tor = options->command == CMD_RUN_TOR;
   char *msg;
-  char *keydir;
   const int transition_affects_workers =
     old_options && options_transition_affects_workers(old_options, options);
 
@@ -1459,35 +1458,18 @@ options_act(const or_options_t *old_options)
   }
 
   /* If needed, generate a new TLS DH prime according to the current torrc. */
-  if (server_mode(options)) {
-    if (!old_options) {
-      if (options->DynamicDHGroups) {
-        char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
-        keydir = get_datadir_fname("keys");
-        if (check_private_dir(keydir, CPD_CREATE, options->User)) {
-          tor_free(keydir);
-          return -1;
-        }
-        tor_free(keydir);
-        crypto_set_tls_dh_prime(fname);
-        tor_free(fname);
-      } else {
-        crypto_set_tls_dh_prime(NULL);
-      }
-    } else {
-      if (options->DynamicDHGroups && !old_options->DynamicDHGroups) {
-        char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
-        keydir = get_datadir_fname("keys");
-        if (check_private_dir(keydir, CPD_CREATE, options->User)) {
-          tor_free(keydir);
-          return -1;
-        }
-        tor_free(keydir);
-        crypto_set_tls_dh_prime(fname);
-        tor_free(fname);
-      } else if (!options->DynamicDHGroups && old_options->DynamicDHGroups) {
-        crypto_set_tls_dh_prime(NULL);
-      }
+  if (server_mode(options) && options->DynamicDHGroups) {
+    char *keydir = get_datadir_fname("keys");
+    if (check_private_dir(keydir, CPD_CREATE, options->User)) {
+      tor_free(keydir);
+      return -1;
+    }
+    tor_free(keydir);
+
+    if (!old_options || !old_options->DynamicDHGroups) {
+      char *fname = get_datadir_fname2("keys", "dynamic_dh_params");
+      crypto_set_tls_dh_prime(fname);
+      tor_free(fname);
     }
   } else { /* clients don't need a dynamic DH prime. */
     crypto_set_tls_dh_prime(NULL);