[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Refactor crypto error handling to be more like TLS error ha...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] Refactor crypto error handling to be more like TLS error ha...
- From: nickm@seul.org (Nick Mathewson)
- Date: Mon, 26 Apr 2004 14:09:52 -0400 (EDT)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Mon, 26 Apr 2004 14:10:25 -0400
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv11146/src/or
Modified Files:
circuit.c router.c test.c
Log Message:
Refactor crypto error handling to be more like TLS error handling:
crypto_perror is a no-no, since an operation can set more than one
error.
Also, fix a bug in the unix crypto_seed_rng: mixing stdio with
/dev/urandom is a bad idea, since fopen can make all kinds of weird
extraneous syscalls (mmap, fcntl, stat64, etc.) and since fread tends
to buffer data in big chunks, thus depleting the entropy pool.
Index: circuit.c
===================================================================
RCS file: /home/or/cvsroot/src/or/circuit.c,v
retrieving revision 1.221
retrieving revision 1.222
diff -u -d -r1.221 -r1.222
--- circuit.c 26 Apr 2004 04:32:01 -0000 1.221
+++ circuit.c 26 Apr 2004 18:09:49 -0000 1.222
@@ -683,7 +683,7 @@
// log_fn(LOG_DEBUG,"before crypt: %d",rh.recognized);
if(( encrypt_mode && crypto_cipher_encrypt(cipher, in, CELL_PAYLOAD_SIZE, out)) ||
(!encrypt_mode && crypto_cipher_decrypt(cipher, in, CELL_PAYLOAD_SIZE, out))) {
- log_fn(LOG_WARN,"Error during crypt: %s", crypto_perror());
+ log_fn(LOG_WARN,"Error during relay encryption");
return -1;
}
memcpy(in,out,CELL_PAYLOAD_SIZE);
Index: router.c
===================================================================
RCS file: /home/or/cvsroot/src/or/router.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -d -r1.32 -r1.33
--- router.c 25 Apr 2004 20:37:37 -0000 1.32
+++ router.c 26 Apr 2004 18:09:50 -0000 1.33
@@ -62,7 +62,7 @@
goto error;
}
if (crypto_pk_generate_key(prkey)) {
- log(LOG_ERR, "Error generating key: %s", crypto_perror());
+ log(LOG_ERR, "Error generating onion key");
goto error;
}
if (crypto_pk_write_private_key_to_filename(prkey, fname)) {
@@ -104,7 +104,7 @@
case FN_NOENT:
log(LOG_INFO, "No key found in %s; generating fresh key.", fname);
if (crypto_pk_generate_key(prkey)) {
- log(LOG_ERR, "Error generating key: %s", crypto_perror());
+ log(LOG_ERR, "Error generating onion key");
goto error;
}
if (crypto_pk_check_key(prkey) <= 0) {
Index: test.c
===================================================================
RCS file: /home/or/cvsroot/src/or/test.c,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -d -r1.83 -r1.84
--- test.c 25 Apr 2004 20:37:37 -0000 1.83
+++ test.c 26 Apr 2004 18:09:50 -0000 1.84
@@ -242,7 +242,6 @@
crypto_cipher_env_t *env1, *env2;
crypto_pk_env_t *pk1, *pk2;
char *data1, *data2, *data3, *cp;
- FILE *f;
int i, j, p, len;
data1 = tor_malloc(1024);
@@ -376,16 +375,11 @@
PK_PKCS1_OAEP_PADDING));
/* File operations: save and load private key */
- f = fopen("/tmp/tor_test/pkey1", "wb");
- test_assert(! crypto_pk_write_private_key_to_file(pk1, f));
- fclose(f);
- f = fopen("/tmp/tor_test/pkey1", "rb");
- test_assert(! crypto_pk_read_private_key_from_file(pk2, f));
- fclose(f);
- test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
- PK_PKCS1_OAEP_PADDING));
+ test_assert(! crypto_pk_write_private_key_to_filename(pk1,
+ "/tmp/tor_test/pke1y"));
+
test_assert(! crypto_pk_read_private_key_from_filename(pk2,
- "/tmp/tor_test/pkey1"));
+ "/tmp/tor_test/pke1y"));
test_eq(15, crypto_pk_private_decrypt(pk2, data1, 128, data3,
PK_PKCS1_OAEP_PADDING));