Commit cebdf939 authored by Nick Mathewson's avatar Nick Mathewson 🏃
Browse files

Fix bug 889: share deep-copied keys between threads to avoid races in...

Fix bug 889: share deep-copied keys between threads to avoid races in reference counts.  Bugfix on 0.1.0.1-rc.

svn:r17672
parent 7b5be147
......@@ -66,6 +66,9 @@ Changes in version 0.2.1.9-alpha - 2008-12-2?
- Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
user if lower values are given in the configuration. Bugfix on
0.1.1.17-rc. Patch by Sebastian.
- Fix a race condition when freeing keys shared between main thread
and CPU workers that could result in a memory leak. Bugfix on
0.1.0.1-rc. Fixes bug 889.
o Minor bugfixes (hidden services):
- Do not throw away existing introduction points on SIGHUP; bugfix on
......
......@@ -672,6 +672,23 @@ crypto_pk_dup_key(crypto_pk_env_t *env)
return env;
}
/** Make a real honest-to-goodness copy of <b>env</b>, and return it. */
crypto_pk_env_t *
crypto_pk_copy_full(crypto_pk_env_t *env)
{
RSA *new_key;
tor_assert(env);
tor_assert(env->key);
if (PRIVATE_KEY_OK(env)) {
new_key = RSAPrivateKey_dup(env->key);
} else {
new_key = RSAPublicKey_dup(env->key);
}
return _crypto_new_pk_env_rsa(new_key);
}
/** Encrypt <b>fromlen</b> bytes from <b>from</b> with the public key
* in <b>env</b>, using the padding method <b>padding</b>. On success,
* write the result to <b>to</b>, and return the number of bytes
......
......@@ -92,6 +92,7 @@ int crypto_pk_check_key(crypto_pk_env_t *env);
int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
size_t crypto_pk_keysize(crypto_pk_env_t *env);
crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
int crypto_pk_key_is_private(const crypto_pk_env_t *key);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
......
......@@ -75,8 +75,8 @@ get_onion_key(void)
return onionkey;
}
/** Store a copy of the current onion key into *<b>key</b>, and a copy
* of the most recent onion key into *<b>last</b>.
/** Store a full copy of the current onion key into *<b>key</b>, and a full
* copy of the most recent onion key into *<b>last</b>.
*/
void
dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last)
......@@ -85,9 +85,9 @@ dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last)
tor_assert(last);
tor_mutex_acquire(key_lock);
tor_assert(onionkey);
*key = crypto_pk_dup_key(onionkey);
*key = crypto_pk_copy_full(onionkey);
if (lastonionkey)
*last = crypto_pk_dup_key(lastonionkey);
*last = crypto_pk_copy_full(lastonionkey);
else
*last = NULL;
tor_mutex_release(key_lock);
......
......@@ -740,6 +740,14 @@ test_crypto_pk(void)
test_memeq(data1,data3,j);
}
}
/* Try copy_full */
crypto_free_pk_env(pk2);
pk2 = crypto_pk_copy_full(pk1);
test_assert(pk2 != NULL);
test_neq_ptr(pk1, pk2);
test_assert(crypto_pk_cmp_keys(pk1,pk2) == 0);
done:
if (pk1)
crypto_free_pk_env(pk1);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment