Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote branch 'public/bug2378' into maint-0.2.2

Nick Mathewson 14 years ago
parent
e6da9a98e9 e80bdfb4a0
commit
2fa9ddb958
5 changed files with 20 additions and 13 deletions
Split View Show Diff Stats
  1. 8 0
      changes/bug2378
  2. 7 12
      src/common/crypto.c
  3. 0 1
      src/common/crypto.h
  4. 1 0
      src/common/tortls.c
  5. 4 0
      src/or/onion.c

+ 8 - 0
changes/bug2378
View File 

@@ -0,0 +1,8 @@
 
+  o Minor bugfixes
 
+    - Correctly detect failure to allocate an OpenSSL BIO.  Fixes bug 2378;
 
+      found by "cypherpunks".   This bug was introduced before the
 
+      first Tor release, in svn commit r110.
 
+
 
+  o Minor code simplifications and refactorings
 
+    - Always treat failure to allocate an RSA key as an unrecoverable
 
+      allocation error.

+ 7 - 12
src/common/crypto.c
View File 

@@ -326,17 +326,6 @@ _crypto_new_pk_env_rsa(RSA *rsa)
 
   return env;
 
 }
 
 
-/** used by tortls.c: wrap the RSA from an evp_pkey in a crypto_pk_env_t.
 
- * returns NULL if this isn't an RSA key. */
 
-crypto_pk_env_t *
 
-_crypto_new_pk_env_evp_pkey(EVP_PKEY *pkey)
 
-{
 
-  RSA *rsa;
 
-  if (!(rsa = EVP_PKEY_get1_RSA(pkey)))
 
-    return NULL;
 
-  return _crypto_new_pk_env_rsa(rsa);
 
-}
 
-
 
 /** Helper, used by tor-checkkey.c and tor-gencert.c.  Return the RSA from a
 
  * crypto_pk_env_t. */
 
 RSA *
 
@@ -390,7 +379,7 @@ crypto_new_pk_env(void)
 
   RSA *rsa;
 
 
   rsa = RSA_new();
 
-  if (!rsa) return NULL;
 
+  tor_assert(rsa);
 
   return _crypto_new_pk_env_rsa(rsa);
 
 }
 
 
@@ -535,6 +524,8 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
 
 
   /* Create a read-only memory BIO, backed by the string 's' */
 
   b = BIO_new_mem_buf((char*)s, (int)len);
 
+  if (!b)
 
+    return -1;
 
 
   if (env->key)
 
     RSA_free(env->key);
 
@@ -595,6 +586,8 @@ crypto_pk_write_key_to_string_impl(crypto_pk_env_t *env, char **dest,
 
   tor_assert(dest);
 
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
 
+  if (!b)
 
+    return -1;
 
 
   /* Now you can treat b as if it were a file.  Just use the
 
    * PEM_*_bio_* functions instead of the non-bio variants.
 
@@ -662,6 +655,8 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src,
 
   tor_assert(len<INT_MAX);
 
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
 
+  if (!b)
 
+    return -1;
 
 
   BIO_write(b, src, (int)len);

+ 0 - 1
src/common/crypto.h
View File 

@@ -249,7 +249,6 @@ struct evp_pkey_st;
 
 struct dh_st;
 
 struct rsa_st *_crypto_pk_env_get_rsa(crypto_pk_env_t *env);
 
 crypto_pk_env_t *_crypto_new_pk_env_rsa(struct rsa_st *rsa);
 
-crypto_pk_env_t *_crypto_new_pk_env_evp_pkey(struct evp_pkey_st *pkey);
 
 struct evp_pkey_st *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env,
 
                                                 int private);
 
 struct dh_st *_crypto_dh_env_get_dh(crypto_dh_env_t *dh);

+ 1 - 0
src/common/tortls.c
View File 

@@ -808,6 +808,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
 
     goto error;
 
   {
 
     crypto_dh_env_t *dh = crypto_dh_new(DH_TYPE_TLS);
 
+    tor_assert(dh);
 
     SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
 
     crypto_dh_free(dh);
 
   }

+ 4 - 0
src/or/onion.c
View File 

@@ -259,6 +259,10 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
 
   }
 
 
   dh = crypto_dh_new(DH_TYPE_CIRCUIT);
 
+  if (!dh) {
 
+    log_warn(LD_BUG, "Couldn't allocate DH key");
 
+    goto err;
 
+  }
 
   if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) {
 
     log_info(LD_GENERAL, "crypto_dh_get_public failed.");
 
     goto err;