Commit cebdf939 authored by Nick Mathewson's avatar Nick Mathewson 🏃
Browse files

Fix bug 889: share deep-copied keys between threads to avoid races in...

Fix bug 889: share deep-copied keys between threads to avoid races in reference counts.  Bugfix on

parent 7b5be147
......@@ -66,6 +66,9 @@ Changes in version - 2008-12-2?
- Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
user if lower values are given in the configuration. Bugfix on Patch by Sebastian.
- Fix a race condition when freeing keys shared between main thread
and CPU workers that could result in a memory leak. Bugfix on Fixes bug 889.
o Minor bugfixes (hidden services):
- Do not throw away existing introduction points on SIGHUP; bugfix on
......@@ -672,6 +672,23 @@ crypto_pk_dup_key(crypto_pk_env_t *env)
return env;
/** Make a real honest-to-goodness copy of <b>env</b>, and return it. */
crypto_pk_env_t *
crypto_pk_copy_full(crypto_pk_env_t *env)
RSA *new_key;
if (PRIVATE_KEY_OK(env)) {
new_key = RSAPrivateKey_dup(env->key);
} else {
new_key = RSAPublicKey_dup(env->key);
return _crypto_new_pk_env_rsa(new_key);
/** Encrypt <b>fromlen</b> bytes from <b>from</b> with the public key
* in <b>env</b>, using the padding method <b>padding</b>. On success,
* write the result to <b>to</b>, and return the number of bytes
......@@ -92,6 +92,7 @@ int crypto_pk_check_key(crypto_pk_env_t *env);
int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
size_t crypto_pk_keysize(crypto_pk_env_t *env);
crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
int crypto_pk_key_is_private(const crypto_pk_env_t *key);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
......@@ -75,8 +75,8 @@ get_onion_key(void)
return onionkey;
/** Store a copy of the current onion key into *<b>key</b>, and a copy
* of the most recent onion key into *<b>last</b>.
/** Store a full copy of the current onion key into *<b>key</b>, and a full
* copy of the most recent onion key into *<b>last</b>.
dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last)
......@@ -85,9 +85,9 @@ dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last)
*key = crypto_pk_dup_key(onionkey);
*key = crypto_pk_copy_full(onionkey);
if (lastonionkey)
*last = crypto_pk_dup_key(lastonionkey);
*last = crypto_pk_copy_full(lastonionkey);
*last = NULL;
......@@ -740,6 +740,14 @@ test_crypto_pk(void)
/* Try copy_full */
pk2 = crypto_pk_copy_full(pk1);
test_assert(pk2 != NULL);
test_neq_ptr(pk1, pk2);
test_assert(crypto_pk_cmp_keys(pk1,pk2) == 0);
if (pk1)
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment