From c939c953aef7018f9581d934ef9713e50bd8df16 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 25 Jan 2011 18:07:02 -0500 Subject: Remove an unused function in crypto.c --- src/common/crypto.c | 11 ----------- src/common/crypto.h | 1 - 2 files changed, 12 deletions(-) (limited to 'src') diff --git a/src/common/crypto.c b/src/common/crypto.c index 5264fd8085..4223b10a7f 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -326,17 +326,6 @@ _crypto_new_pk_env_rsa(RSA *rsa) return env; } -/** used by tortls.c: wrap the RSA from an evp_pkey in a crypto_pk_env_t. - * returns NULL if this isn't an RSA key. */ -crypto_pk_env_t * -_crypto_new_pk_env_evp_pkey(EVP_PKEY *pkey) -{ - RSA *rsa; - if (!(rsa = EVP_PKEY_get1_RSA(pkey))) - return NULL; - return _crypto_new_pk_env_rsa(rsa); -} - /** Helper, used by tor-checkkey.c and tor-gencert.c. Return the RSA from a * crypto_pk_env_t. */ RSA * diff --git a/src/common/crypto.h b/src/common/crypto.h index 7134956731..05185f3f18 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -249,7 +249,6 @@ struct evp_pkey_st; struct dh_st; struct rsa_st *_crypto_pk_env_get_rsa(crypto_pk_env_t *env); crypto_pk_env_t *_crypto_new_pk_env_rsa(struct rsa_st *rsa); -crypto_pk_env_t *_crypto_new_pk_env_evp_pkey(struct evp_pkey_st *pkey); struct evp_pkey_st *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env, int private); struct dh_st *_crypto_dh_env_get_dh(crypto_dh_env_t *dh); -- cgit v1.2.3-54-g00ecf From 76582442a8baefe1b469f86d35ce2d00f01a00ca Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 25 Jan 2011 18:09:38 -0500 Subject: Handle failing cases of DH allocation --- src/common/tortls.c | 1 + src/or/onion.c | 4 ++++ 2 files changed, 5 insertions(+) (limited to 'src') diff --git a/src/common/tortls.c b/src/common/tortls.c index 8ad0f2f310..10f4440cb4 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -808,6 +808,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime) goto error; { crypto_dh_env_t *dh = crypto_dh_new(DH_TYPE_TLS); + tor_assert(dh); SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh)); crypto_dh_free(dh); } diff --git a/src/or/onion.c b/src/or/onion.c index 9aa16d2747..e1d10a60bb 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -259,6 +259,10 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/ } dh = crypto_dh_new(DH_TYPE_CIRCUIT); + if (!dh) { + log_warn(LD_BUG, "Couldn't allocate DH key"); + goto err; + } if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) { log_info(LD_GENERAL, "crypto_dh_get_public failed."); goto err; -- cgit v1.2.3-54-g00ecf From bfde636aaddf22f68c090a76aa6387975a57c308 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 25 Jan 2011 18:19:09 -0500 Subject: Always treat failure to allocate an RSA key as an unrecoverable allocation error --- changes/bug2378 | 3 +++ src/common/crypto.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 changes/bug2378 (limited to 'src') diff --git a/changes/bug2378 b/changes/bug2378 new file mode 100644 index 0000000000..a3ae196dc2 --- /dev/null +++ b/changes/bug2378 @@ -0,0 +1,3 @@ + o Minor code simplifications and refactorings + - Always treat failure to allocate an RSA key as an unrecoverable + allocation error. diff --git a/src/common/crypto.c b/src/common/crypto.c index 4223b10a7f..09d7fc886b 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -379,7 +379,7 @@ crypto_new_pk_env(void) RSA *rsa; rsa = RSA_new(); - if (!rsa) return NULL; + tor_assert(rsa); return _crypto_new_pk_env_rsa(rsa); } -- cgit v1.2.3-54-g00ecf From e80bdfb4a02c6f8313baec6e9b00ec3baac3da87 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 25 Jan 2011 18:26:49 -0500 Subject: Correctly detect BIO_new failures This bug was noticed by cypherpunks; fixes bug 2378. Bugfix on svn commit r110. --- changes/bug2378 | 5 +++++ src/common/crypto.c | 6 ++++++ 2 files changed, 11 insertions(+) (limited to 'src') diff --git a/changes/bug2378 b/changes/bug2378 index a3ae196dc2..227968869f 100644 --- a/changes/bug2378 +++ b/changes/bug2378 @@ -1,3 +1,8 @@ + o Minor bugfixes + - Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378; + found by "cypherpunks". This bug was introduced before the + first Tor release, in svn commit r110. + o Minor code simplifications and refactorings - Always treat failure to allocate an RSA key as an unrecoverable allocation error. diff --git a/src/common/crypto.c b/src/common/crypto.c index 09d7fc886b..cfbc002dca 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -524,6 +524,8 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env, /* Create a read-only memory BIO, backed by the string 's' */ b = BIO_new_mem_buf((char*)s, (int)len); + if (!b) + return -1; if (env->key) RSA_free(env->key); @@ -584,6 +586,8 @@ crypto_pk_write_key_to_string_impl(crypto_pk_env_t *env, char **dest, tor_assert(dest); b = BIO_new(BIO_s_mem()); /* Create a memory BIO */ + if (!b) + return -1; /* Now you can treat b as if it were a file. Just use the * PEM_*_bio_* functions instead of the non-bio variants. @@ -651,6 +655,8 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, tor_assert(len