| commit | 6b79d8a7e9d84de8193c6a749932674d1f41e047 | |
| author | Nick Mathewson <nickm@torproject.org> | |
| Thu, 23 Oct 2003 14:20:51 +0000 (23 14:20 +0000) | ||
| committer | Nick Mathewson <nickm@torproject.org> | |
| Thu, 23 Oct 2003 14:20:51 +0000 (23 14:20 +0000) | ||
| tree | 7f54840bb2582484e99dce9c64bea6671d6c5bda | treesnapshot (tar.gz zip) |
| parent | 03964490973422d34f5b43c1ccf8d38a2f9b45ab | commitdiff |
Two-pronged attack at my overzealous skew fixes.
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
| src/common/tortls.c | diffblobblamehistory |