[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [tor/master] Log an error if openssl fails to copy a key for us
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Tue, 22 Jun 2010 22:20:52 -0400
Subject: Log an error if openssl fails to copy a key for us
Commit: 8e1bf98f4a36d54ccb0ca8b30e9c66d0935ba97c
This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209. If it ever happens again,
let's get some info we can use.
---
changes/copy_key_log_bug1209 | 4 ++++
src/common/crypto.c | 11 +++++++++++
2 files changed, 15 insertions(+), 0 deletions(-)
create mode 100644 changes/copy_key_log_bug1209
diff --git a/changes/copy_key_log_bug1209 b/changes/copy_key_log_bug1209
new file mode 100644
index 0000000..f77e600
--- /dev/null
+++ b/changes/copy_key_log_bug1209
@@ -0,0 +1,4 @@
+ o Minor bugfixes
+ - If OpenSSL fails to make a duplicate of a private or public key, log
+ an error message and try to exit cleanly. May help with debugging
+ if bug 1209 ever remanifests.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1a1dad6..06b6aa4 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -779,14 +779,25 @@ crypto_pk_env_t *
crypto_pk_copy_full(crypto_pk_env_t *env)
{
RSA *new_key;
+ int privatekey = 0;
tor_assert(env);
tor_assert(env->key);
if (PRIVATE_KEY_OK(env)) {
new_key = RSAPrivateKey_dup(env->key);
+ privatekey = 1;
} else {
new_key = RSAPublicKey_dup(env->key);
}
+ if (!new_key) {
+ log_err(LD_CRYPTO, "Unable to duplicate a %s key: openssl failed.",
+ privatekey?"private":"public");
+ crypto_log_errors(LOG_ERR,
+ privatekey ? "Duplicating a private key" :
+ "Duplicating a public key");
+ tor_fragile_assert();
+ return NULL;
+ }
return _crypto_new_pk_env_rsa(new_key);
}
--
1.7.1