[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [tor/master] Log an error if openssl fails to copy a key for us



Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Tue, 22 Jun 2010 22:20:52 -0400
Subject: Log an error if openssl fails to copy a key for us
Commit: 8e1bf98f4a36d54ccb0ca8b30e9c66d0935ba97c

This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209.  If it ever happens again,
let's get some info we can use.
---
 changes/copy_key_log_bug1209 |    4 ++++
 src/common/crypto.c          |   11 +++++++++++
 2 files changed, 15 insertions(+), 0 deletions(-)
 create mode 100644 changes/copy_key_log_bug1209

diff --git a/changes/copy_key_log_bug1209 b/changes/copy_key_log_bug1209
new file mode 100644
index 0000000..f77e600
--- /dev/null
+++ b/changes/copy_key_log_bug1209
@@ -0,0 +1,4 @@
+ o Minor bugfixes
+   - If OpenSSL fails to make a duplicate of a private or public key, log
+     an error message and try to exit cleanly.  May help with debugging
+     if bug 1209 ever remanifests.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1a1dad6..06b6aa4 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -779,14 +779,25 @@ crypto_pk_env_t *
 crypto_pk_copy_full(crypto_pk_env_t *env)
 {
   RSA *new_key;
+  int privatekey = 0;
   tor_assert(env);
   tor_assert(env->key);
 
   if (PRIVATE_KEY_OK(env)) {
     new_key = RSAPrivateKey_dup(env->key);
+    privatekey = 1;
   } else {
     new_key = RSAPublicKey_dup(env->key);
   }
+  if (!new_key) {
+    log_err(LD_CRYPTO, "Unable to duplicate a %s key: openssl failed.",
+            privatekey?"private":"public");
+    crypto_log_errors(LOG_ERR,
+                      privatekey ? "Duplicating a private key" :
+                      "Duplicating a public key");
+    tor_fragile_assert();
+    return NULL;
+  }
 
   return _crypto_new_pk_env_rsa(new_key);
 }
-- 
1.7.1