site setup: Correct logic for DEFAULT_KEY_RENEGOTIATE_GAP

Previously, key_renegotiate_time would be set to
   key_lifetime - DEFAULT_KEY_RENEGOTIATE_GAP
unless that was negative, in which case it would be set to
   key_lifetime / 2
This is illogical as it is not monotonic in key_lifetime.
Instead we now set it to the larger of those two values.

(This bug has had no effect as the buggy calculation was ignored due
to another bug, which will be fixed in a later patch.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/site.c b/site.c
index 8a2d69ae5b5f713b28ab8099dea4c07b47e9657e..835ccc80065a1e5709f3d7c5b890d859b8975468 100644 (file)
--- a/site.c
+++ b/site.c
@@ -1238,7 +1238,7 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
 
     st->key_lifetime=dict_read_number(
        dict,"key-lifetime",False,"site",loc,DEFAULT_KEY_LIFETIME);
-    if (st->key_lifetime < DEFAULT_KEY_RENEGOTIATE_GAP)
+    if (st->key_lifetime < DEFAULT_KEY_RENEGOTIATE_GAP*2)
        st->key_renegotiate_time=st->key_lifetime/2;
     else
        st->key_renegotiate_time=st->key_lifetime-DEFAULT_KEY_RENEGOTIATE_GAP;