mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 20:33:31 +01:00
Merge remote branch 'public/bug2378' into maint-0.2.2
This commit is contained in:
commit
2fa9ddb958
8
changes/bug2378
Normal file
8
changes/bug2378
Normal file
@ -0,0 +1,8 @@
|
||||
o Minor bugfixes
|
||||
- Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378;
|
||||
found by "cypherpunks". This bug was introduced before the
|
||||
first Tor release, in svn commit r110.
|
||||
|
||||
o Minor code simplifications and refactorings
|
||||
- Always treat failure to allocate an RSA key as an unrecoverable
|
||||
allocation error.
|
@ -326,17 +326,6 @@ _crypto_new_pk_env_rsa(RSA *rsa)
|
||||
return env;
|
||||
}
|
||||
|
||||
/** used by tortls.c: wrap the RSA from an evp_pkey in a crypto_pk_env_t.
|
||||
* returns NULL if this isn't an RSA key. */
|
||||
crypto_pk_env_t *
|
||||
_crypto_new_pk_env_evp_pkey(EVP_PKEY *pkey)
|
||||
{
|
||||
RSA *rsa;
|
||||
if (!(rsa = EVP_PKEY_get1_RSA(pkey)))
|
||||
return NULL;
|
||||
return _crypto_new_pk_env_rsa(rsa);
|
||||
}
|
||||
|
||||
/** Helper, used by tor-checkkey.c and tor-gencert.c. Return the RSA from a
|
||||
* crypto_pk_env_t. */
|
||||
RSA *
|
||||
@ -390,7 +379,7 @@ crypto_new_pk_env(void)
|
||||
RSA *rsa;
|
||||
|
||||
rsa = RSA_new();
|
||||
if (!rsa) return NULL;
|
||||
tor_assert(rsa);
|
||||
return _crypto_new_pk_env_rsa(rsa);
|
||||
}
|
||||
|
||||
@ -535,6 +524,8 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
|
||||
|
||||
/* Create a read-only memory BIO, backed by the string 's' */
|
||||
b = BIO_new_mem_buf((char*)s, (int)len);
|
||||
if (!b)
|
||||
return -1;
|
||||
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
@ -595,6 +586,8 @@ crypto_pk_write_key_to_string_impl(crypto_pk_env_t *env, char **dest,
|
||||
tor_assert(dest);
|
||||
|
||||
b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
|
||||
if (!b)
|
||||
return -1;
|
||||
|
||||
/* Now you can treat b as if it were a file. Just use the
|
||||
* PEM_*_bio_* functions instead of the non-bio variants.
|
||||
@ -662,6 +655,8 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src,
|
||||
tor_assert(len<INT_MAX);
|
||||
|
||||
b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
|
||||
if (!b)
|
||||
return -1;
|
||||
|
||||
BIO_write(b, src, (int)len);
|
||||
|
||||
|
@ -249,7 +249,6 @@ struct evp_pkey_st;
|
||||
struct dh_st;
|
||||
struct rsa_st *_crypto_pk_env_get_rsa(crypto_pk_env_t *env);
|
||||
crypto_pk_env_t *_crypto_new_pk_env_rsa(struct rsa_st *rsa);
|
||||
crypto_pk_env_t *_crypto_new_pk_env_evp_pkey(struct evp_pkey_st *pkey);
|
||||
struct evp_pkey_st *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env,
|
||||
int private);
|
||||
struct dh_st *_crypto_dh_env_get_dh(crypto_dh_env_t *dh);
|
||||
|
@ -808,6 +808,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
|
||||
goto error;
|
||||
{
|
||||
crypto_dh_env_t *dh = crypto_dh_new(DH_TYPE_TLS);
|
||||
tor_assert(dh);
|
||||
SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
|
||||
crypto_dh_free(dh);
|
||||
}
|
||||
|
@ -259,6 +259,10 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
|
||||
}
|
||||
|
||||
dh = crypto_dh_new(DH_TYPE_CIRCUIT);
|
||||
if (!dh) {
|
||||
log_warn(LD_BUG, "Couldn't allocate DH key");
|
||||
goto err;
|
||||
}
|
||||
if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) {
|
||||
log_info(LD_GENERAL, "crypto_dh_get_public failed.");
|
||||
goto err;
|
||||
|
Loading…
Reference in New Issue
Block a user