From 6b79d8a7e9d84de8193c6a749932674d1f41e047 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 23 Oct 2003 14:20:51 +0000 Subject: [PATCH] Two-pronged attack at my overzealous skew fixes. The problem was that the fixes had us generating TLS certs with a 2-day lifetime on the assumption that we'd rotate fairly often. In fact, we never rotate our TLS keys. This patch fixes the situation in 2 ways: 1. It bumps the default lifetime back up to one year until we get rotation in place. 2. It changes tor_tls_context_new() so that it doesn't leak memory when you call it more than once. svn:r663 --- src/common/tortls.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index b7f13aae0f..a665909bb2 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -23,9 +23,9 @@ #include /* How long do certificates live? (sec) */ -#define CERT_LIFETIME (2*24*60*60) +#define CERT_LIFETIME (365*24*60*60) /* How much clock skew do we tolerate when checking certificates? (sec) */ -#define CERT_ALLOW_SKEW (3*60) +#define CERT_ALLOW_SKEW (30*60) struct tor_tls_context_st { SSL_CTX *ctx; @@ -46,7 +46,7 @@ static X509* tor_tls_create_certificate(crypto_pk_env_t *rsa, const char *nickname); /* global tls context, keep it here because nobody else needs to touch it */ -static tor_tls_context *global_tls_context=NULL; +static tor_tls_context *global_tls_context = NULL; static int tls_library_is_initialized = 0; #define _TOR_TLS_SYSCALL -6 @@ -269,6 +269,13 @@ tor_tls_context_new(crypto_pk_env_t *rsa, always_accept_verify_cb); /* let us realloc bufs that we're writing from */ SSL_CTX_set_mode(result->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + + /* Free the old context if one exists. */ + if (global_tls_context) { + /* This is safe even if there are open connections: OpenSSL does + * reference counting with SSL and SSL_CTX objects. */ + SSL_CTX_free(global_tls_context); + } global_tls_context = result; return 0;