summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-11-25 22:33:49 -0500
committerNick Mathewson <nickm@torproject.org>2015-11-25 22:33:49 -0500
commite5754c42d124549b3fd8e8d7c11d4dde3b5acec1 (patch)
treeb0ff2b0c1f4cfb44f087df8d062e3a56fd766046 /src/or
parentc875265bbbddc50674f65169ee49d5612bef72a7 (diff)
parent943369f927967268cacd2067ccae0bc5f1c5835e (diff)
downloadtor-e5754c42d124549b3fd8e8d7c11d4dde3b5acec1.tar.gz
tor-e5754c42d124549b3fd8e8d7c11d4dde3b5acec1.zip
Merge branch 'bug17686_v2_027'
Diffstat (limited to 'src/or')
-rw-r--r--src/or/config.c3
-rw-r--r--src/or/connection_or.c3
-rw-r--r--src/or/control.c3
-rw-r--r--src/or/ext_orport.c3
-rw-r--r--src/or/main.c6
-rw-r--r--src/or/onion_fast.c8
-rw-r--r--src/or/rendclient.c6
-rw-r--r--src/or/rendcommon.c12
8 files changed, 13 insertions, 31 deletions
diff --git a/src/or/config.c b/src/or/config.c
index 290bf3db6f..8d8c186d9c 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -7335,8 +7335,7 @@ init_cookie_authentication(const char *fname, const char *header,
/* Generate the cookie */
*cookie_out = tor_malloc(cookie_len);
- if (crypto_rand((char *)*cookie_out, cookie_len) < 0)
- goto done;
+ crypto_rand((char *)*cookie_out, cookie_len);
/* Create the string that should be written on the file. */
memcpy(cookie_file_str, header, strlen(header));
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 08962bd4db..73e4d19369 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2256,8 +2256,7 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn)
auth_challenge_cell_t *ac = auth_challenge_cell_new();
- if (crypto_rand((char*)ac->challenge, sizeof(ac->challenge)) < 0)
- goto done;
+ crypto_rand((char*)ac->challenge, sizeof(ac->challenge));
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET);
auth_challenge_cell_set_n_methods(ac,
diff --git a/src/or/control.c b/src/or/control.c
index 7e65611a88..f2eab7b352 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -3442,8 +3442,7 @@ handle_control_authchallenge(control_connection_t *conn, uint32_t len,
tor_free(client_nonce);
return -1;
}
- const int fail = crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
- tor_assert(!fail);
+ crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
/* Now compute and send the server-to-controller response, and the
* server's nonce. */
diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c
index e8c8aa60a4..f159f7d0a6 100644
--- a/src/or/ext_orport.c
+++ b/src/or/ext_orport.c
@@ -193,8 +193,7 @@ handle_client_auth_nonce(const char *client_nonce, size_t client_nonce_len,
return -1;
/* Get our nonce */
- if (crypto_rand(server_nonce, EXT_OR_PORT_AUTH_NONCE_LEN) < 0)
- return -1;
+ crypto_rand(server_nonce, EXT_OR_PORT_AUTH_NONCE_LEN);
{ /* set up macs */
size_t hmac_s_msg_len = strlen(EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST) +
diff --git a/src/or/main.c b/src/or/main.c
index c9007b9798..1469fd1da1 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1616,7 +1616,6 @@ rotate_x509_certificate_callback(time_t now, const or_options_t *options)
/* We also make sure to rotate the TLS connections themselves if they've
* been up for too long -- but that's done via is_bad_for_new_circs in
* run_connection_housekeeping() above. */
-
return MAX_SSL_KEY_LIFETIME_INTERNAL;
}
@@ -1626,7 +1625,10 @@ add_entropy_callback(time_t now, const or_options_t *options)
(void)now;
(void)options;
/* We already seeded once, so don't die on failure. */
- crypto_seed_rng();
+ if (crypto_seed_rng() < 0) {
+ log_warn(LD_GENERAL, "Tried to re-seed RNG, but failed. We already "
+ "seeded once, though, so we won't exit here.");
+ }
/** How often do we add more entropy to OpenSSL's RNG pool? */
#define ENTROPY_INTERVAL (60*60)
diff --git a/src/or/onion_fast.c b/src/or/onion_fast.c
index 7584112570..22bef4eee0 100644
--- a/src/or/onion_fast.c
+++ b/src/or/onion_fast.c
@@ -30,10 +30,7 @@ fast_onionskin_create(fast_handshake_state_t **handshake_state_out,
{
fast_handshake_state_t *s;
*handshake_state_out = s = tor_malloc(sizeof(fast_handshake_state_t));
- if (crypto_rand((char*)s->state, sizeof(s->state)) < 0) {
- tor_free(s);
- return -1;
- }
+ crypto_rand((char*)s->state, sizeof(s->state));
memcpy(handshake_out, s->state, DIGEST_LEN);
return 0;
}
@@ -56,8 +53,7 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
size_t out_len;
int r = -1;
- if (crypto_rand((char*)handshake_reply_out, DIGEST_LEN)<0)
- return -1;
+ crypto_rand((char*)handshake_reply_out, DIGEST_LEN);
memcpy(tmp, key_in, DIGEST_LEN);
memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN);
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index b8a4b2ab9b..3e1c4f3613 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -65,11 +65,7 @@ rend_client_send_establish_rendezvous(origin_circuit_t *circ)
tor_assert(circ->rend_data);
log_info(LD_REND, "Sending an ESTABLISH_RENDEZVOUS cell");
- if (crypto_rand(circ->rend_data->rend_cookie, REND_COOKIE_LEN) < 0) {
- log_warn(LD_BUG, "Internal error: Couldn't produce random cookie.");
- circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
- return -1;
- }
+ crypto_rand(circ->rend_data->rend_cookie, REND_COOKIE_LEN);
/* Set timestamp_dirty, because circuit_expire_building expects it,
* and the rend cookie also means we've used the circ. */
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index f9d47d13f5..8c02b67556 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -269,11 +269,7 @@ rend_encrypt_v2_intro_points_basic(char **encrypted_out,
tor_assert(client_cookies && smartlist_len(client_cookies) > 0);
/* Generate session key. */
- if (crypto_rand(session_key, CIPHER_KEY_LEN) < 0) {
- log_warn(LD_REND, "Unable to generate random session key to encrypt "
- "introduction point string.");
- goto done;
- }
+ crypto_rand(session_key, CIPHER_KEY_LEN);
/* Determine length of encrypted introduction points including session
* keys. */
@@ -335,11 +331,7 @@ rend_encrypt_v2_intro_points_basic(char **encrypted_out,
REND_BASIC_AUTH_CLIENT_MULTIPLE;
i < REND_BASIC_AUTH_CLIENT_MULTIPLE - 1; i++) {
client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- if (crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN) < 0) {
- log_warn(LD_REND, "Unable to generate fake client entry.");
- tor_free(client_part);
- goto done;
- }
+ crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
smartlist_add(encrypted_session_keys, client_part);
}
/* Sort smartlist and put elements in result in order. */