June 2013 - tor-commits - lists.torproject.org

[tor/release-0.2.4] Merge branch 'maint-0.2.4' into release-0.2.4
by arma＠torproject.org 10 Jun '13

10 Jun '13

commit b4b14921da4a81b5ed2cdafd5b7ff230b298edd4 Merge: a7958a7 607b29a Author: Roger Dingledine <arma(a)torproject.org> Date: Mon Jun 10 15:01:25 2013 -0400 Merge branch 'maint-0.2.4' into release-0.2.4 changes/bug9017 | 6 ++++++ src/or/connection_edge.c | 11 ++++++----- 2 files changed, 12 insertions(+), 5 deletions(-)

1 0

[tor/release-0.2.4] Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
by arma＠torproject.org 10 Jun '13

10 Jun '13

commit 607b29ae1abe7da7d06e4e9282ed88a2dd7fe8d4 Merge: c860a96 4835fae Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Jun 10 12:26:39 2013 -0400 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 changes/bug9017 | 6 ++++++ src/or/connection_edge.c | 11 ++++++----- 2 files changed, 12 insertions(+), 5 deletions(-)

1 0

[tor/release-0.2.4] fold in one more
by arma＠torproject.org 10 Jun '13

10 Jun '13

commit e86f12226540ea058defc892cc55cfed744c33d8 Author: Roger Dingledine <arma(a)torproject.org> Date: Mon Jun 10 15:02:30 2013 -0400 fold in one more --- ChangeLog | 12 ++++++++---- changes/bug9017 | 6 ------ 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 621f426..9bf0c3f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,10 +9,6 @@ Changes in version 0.2.4.13-alpha - 2013-06-1? the list of freelists if it somehow gets an unrecognized allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by eugenis. - - Follow the socks5 protocol when offering username/password - authentication. The fix for bug 8117 exposed this bug, and it - turns out real-world applications like Pidgin do care. Bugfix on - 0.2.3.2-alpha; fixes bug 8879. - We used to always request authority certificates by identity digest, meaning we'd get the newest one even when we wanted one with a different signing key. Then we would complain about being given @@ -20,6 +16,14 @@ Changes in version 0.2.4.13-alpha - 2013-06-1? wanted. Now we use the "fp-sk/" resource as well as the "fp/" resource to request the one we want. Fixes bug 5595; bugfix on 0.2.0.8-alpha. + - Avoid an assertion failure on OpenBSD (and perhaps other BSDs) + when an exit connection with optimistic data succeeds immediately + rather than returning EINPROGRESS. Fixes bug 9017; bugfix on + 0.2.3.1-alpha. + - Follow the socks5 protocol when offering username/password + authentication. The fix for bug 8117 exposed this bug, and it + turns out real-world applications like Pidgin do care. Bugfix on + 0.2.3.2-alpha; fixes bug 8879. - Fix a directory authority crash bug when building a consensus using an older consensus as its basis. Fixes bug 8833. Bugfix on 0.2.4.12-alpha. diff --git a/changes/bug9017 b/changes/bug9017 deleted file mode 100644 index 359c526..0000000 --- a/changes/bug9017 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Avoid an assertion failure on OpenBSD (and perhaps other BSDs) - when an exit connection with optimistic data succeeds immediately - rather than returning EINPROGRESS. Fixes bug 9017; bugfix on - 0.2.3.1-alpha. -

1 0

[tor/release-0.2.4] fold in (and fix up) some changes entries so far
by arma＠torproject.org 10 Jun '13

10 Jun '13

commit a7958a7a2ef7f84f338f18ada197fbc0b2f5a9d0 Author: Roger Dingledine <arma(a)torproject.org> Date: Mon Jun 10 15:00:09 2013 -0400 fold in (and fix up) some changes entries so far --- ChangeLog | 64 ++++++++++++++++++++++++++++++++++++++++++++ changes/bug5595 | 8 ------ changes/bug6026 | 4 --- changes/bug7982 | 3 --- changes/bug8093.part1 | 3 --- changes/bug8253-fix | 6 ----- changes/bug8711 | 6 ----- changes/bug8716 | 3 --- changes/bug8719 | 6 ----- changes/bug8833 | 3 --- changes/bug8844 | 6 ----- changes/bug8845 | 3 --- changes/bug8846 | 4 --- changes/bug8879 | 5 ---- changes/geoip-june2013 | 3 --- changes/geoip-may2013 | 3 --- changes/less_charbuf_usage | 5 ---- 17 files changed, 64 insertions(+), 71 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6a5ab8d..621f426 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,67 @@ +Changes in version 0.2.4.13-alpha - 2013-06-1? + + o Major bugfixes: + - Avoid a memory leak where we would leak a consensus body when we + find that a consensus which we couldn't previously verify due to + missing certificates is now verifiable. Fixes bug 8719; bugfix + on 0.2.0.10-alpha. + - Prevent the get_freelists() function from running off the end of + the list of freelists if it somehow gets an unrecognized + allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by + eugenis. + - Follow the socks5 protocol when offering username/password + authentication. The fix for bug 8117 exposed this bug, and it + turns out real-world applications like Pidgin do care. Bugfix on + 0.2.3.2-alpha; fixes bug 8879. + - We used to always request authority certificates by identity digest, + meaning we'd get the newest one even when we wanted one with a + different signing key. Then we would complain about being given + a certificate we already had, and never get the one we really + wanted. Now we use the "fp-sk/" resource as well as the "fp/" + resource to request the one we want. Fixes bug 5595; bugfix on + 0.2.0.8-alpha. + - Fix a directory authority crash bug when building a consensus + using an older consensus as its basis. Fixes bug 8833. Bugfix + on 0.2.4.12-alpha. + + o Minor bugfixes: + - Fix an impossible buffer overrun in the AES unit tests. Fixes + bug 8845; bugfix on 0.2.0.7-alpha. Found by eugenis. + - Fix a memory leak that would occur whenever a configuration + option changed. Fixes bug 8718; bugfix on 0.2.3.3-alpha. + - Paste the description for PathBias parameters from the man + page into or.h, so the code documents them too. Fixes bug 7982; + bugfix on 0.2.3.17-beta and 0.2.4.8-alpha. + - Relays now treat a changed IPv6 ORPort as sufficient reason to + publish an updated descriptor. Fixes bug 6026; bugfix on + 0.2.4.1-alpha. + + o Minor bugfixes (log messages): + - Fix a scaling issue in the path bias accounting code that + resulted in "Bug:" log messages from either + pathbias_scale_close_rates() or pathbias_count_build_success(). + This represents a bugfix on a previous bugfix: the original fix + attempted in 0.2.4.10-alpha was incomplete. Fixes bug 8235; bugfix + on 0.2.4.1-alpha. + - Give a less useless error message when the user asks for an IPv4 + address on an IPv6-only port, or vice versa. Fixes bug 8846; bugfix + on 0.2.4.7-alpha. + + o Minor features: + - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4.x, + to tolerate bug 8093 for now. + - Add an "ignoring-advertised-bws" boolean to the flag-threshold lines + in directory authority votes to describe whether they have enough + measured bandwidths to ignore advertised (relay descriptor) + bandwidth claims. Resolves ticket 8711. + - Update to the June 5 2013 Maxmind GeoLite Country database. + + o Code simplification and refactoring: + - Avoid using character buffers when constructing most directory + objects: this approach was unwieldy and error-prone. Instead, + build smartlists of strings, and concatenate them when done. + + Changes in version 0.2.4.12-alpha - 2013-04-18 Tor 0.2.4.12-alpha moves Tor forward on several fronts: it starts the process for lengthening the guard rotation period, makes directory diff --git a/changes/bug5595 b/changes/bug5595 deleted file mode 100644 index 31f4b84..0000000 --- a/changes/bug5595 +++ /dev/null @@ -1,8 +0,0 @@ - o Critical bugfixes: - - Distinguish downloading an authority certificate by identity digest from - downloading one by identity digest/signing key digest pair; formerly we - always request them only by identity digest and get the newest one even - when we wanted one with a different signing key. Then we would complain - about being given a certificate we already had, and never get the one we - really wanted. Now we use the "fp-sk/" resource as well as the "fp/" - resource to request the one we want. Fixes bug 5595. diff --git a/changes/bug6026 b/changes/bug6026 deleted file mode 100644 index de5d6ea..0000000 --- a/changes/bug6026 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Relays now treat a changed IPv6 ORPort as sufficient reason to - publish an updated descriptor. Fix for bug 6026; bugfix for - 0.2.4.1-alpha. diff --git a/changes/bug7982 b/changes/bug7982 deleted file mode 100644 index 46aa532..0000000 --- a/changes/bug7982 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Copy-paste description for PathBias params from man page into or.h - comment. Fixes bug 7982. diff --git a/changes/bug8093.part1 b/changes/bug8093.part1 deleted file mode 100644 index 2450794..0000000 --- a/changes/bug8093.part1 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4, - for bug 8093. diff --git a/changes/bug8253-fix b/changes/bug8253-fix deleted file mode 100644 index 3d36d06..0000000 --- a/changes/bug8253-fix +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (log messages) - - Fix a scaling issue in the path bias accounting code that resulted in - "Bug:" log messages from either pathbias_scale_close_rates() or - pathbias_count_build_success(). This represents a bugfix on a previous - bugfix: The original fix attempted in 0.2.4.10-alpha was incomplete. - Fixes bug 8235; bugfix on 0.2.4.1-alpha. diff --git a/changes/bug8711 b/changes/bug8711 deleted file mode 100644 index 28a1daa..0000000 --- a/changes/bug8711 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (authority): - - Add a "ignoring-advertised-bws" boolean to our flag-thresholds - lines to describe whether we have enough measured bandwidths to - ignore advertised bandwidth claims. Closes ticket 8711. - - diff --git a/changes/bug8716 b/changes/bug8716 deleted file mode 100644 index 74c74f8..0000000 --- a/changes/bug8716 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Fix a memory leak that would occur whenever a configuration - option changed. Fixes bug #8718; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug8719 b/changes/bug8719 deleted file mode 100644 index c05b79d..0000000 --- a/changes/bug8719 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (memory leak): - - Avoid a memory leak where we would leak a consensus body when we find - that a consensus which we couldn't previously verify due to missing - certificates is now verifiable. Fixes bug 8719; bugfix on - 0.2.0.10-alpha. - diff --git a/changes/bug8833 b/changes/bug8833 deleted file mode 100644 index 681a861..0000000 --- a/changes/bug8833 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (directory authority): - - Fix a crash bug when building a consensus using an older consensus as - its basis. Fixes bug 8833. Bugfix on 0.2.4.12-alpha. diff --git a/changes/bug8844 b/changes/bug8844 deleted file mode 100644 index 320e5f2..0000000 --- a/changes/bug8844 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Prevent the get_freelists() function from running off the end of - the list of freelists if it somehow gets an unrecognized - allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by - eugenis. - diff --git a/changes/bug8845 b/changes/bug8845 deleted file mode 100644 index ace043a..0000000 --- a/changes/bug8845 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (test): - - Fix an impossible buffer overrun in the AES unit tests. Fixes bug 8845; - bugfix on 0.2.0.7-alpha. Found by eugenis. diff --git a/changes/bug8846 b/changes/bug8846 deleted file mode 100644 index 377cc37..0000000 --- a/changes/bug8846 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Give a less useless error message when the user asks for an IPv4 - address on an IPv6-only port, or vice versa. Fixes bug 8846; bugfix - on 0.2.4.7-alpha. diff --git a/changes/bug8879 b/changes/bug8879 deleted file mode 100644 index 0d2a700..0000000 --- a/changes/bug8879 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Follow the socks5 protocol when offering username/password - authentication. The fix for bug 8117 exposed this bug, and it - turns out real-world applications like Pidgin do care. Bugfix on - 0.2.3.2-alpha; fixes bug 8879. diff --git a/changes/geoip-june2013 b/changes/geoip-june2013 deleted file mode 100644 index f8e00a6..0000000 --- a/changes/geoip-june2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the June 5 2013 Maxmind GeoLite Country database. - diff --git a/changes/geoip-may2013 b/changes/geoip-may2013 deleted file mode 100644 index ff4b98f..0000000 --- a/changes/geoip-may2013 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the May 9 2013 Maxmind GeoLite Country database. - diff --git a/changes/less_charbuf_usage b/changes/less_charbuf_usage deleted file mode 100644 index 2ec42b5..0000000 --- a/changes/less_charbuf_usage +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplification and refactoring: - - Avoid using character buffers when constructing most directory - objects: this approach was unweildy and error-prone. Instead, - build smartlists of strings, and concatenate them when done. -

1 0

[tor/master] Fix tor-fw-helper exit code.
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit 6fc3997307b1a2729dcc651102e79b195698b6af Author: Arlo Breault <arlolra(a)gmail.com> Date: Fri Jun 7 11:24:39 2013 -0700 Fix tor-fw-helper exit code. It's returning the number of initialized backends. (changes file added by nickm; this is a fix for bug #9030) --- changes/bug9030 | 4 ++++ src/tools/tor-fw-helper/tor-fw-helper.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/changes/bug9030 b/changes/bug9030 new file mode 100644 index 0000000..d0be582 --- /dev/null +++ b/changes/bug9030 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - The tor-fw-helper program now follows the standard convention and + exits with status code "0" on success. Fixes bug 9030; bugfix on + 0.2.3.1-alpha. Patch by Arlo Breault. diff --git a/src/tools/tor-fw-helper/tor-fw-helper.c b/src/tools/tor-fw-helper/tor-fw-helper.c index bb6e70a..84cc21e 100644 --- a/src/tools/tor-fw-helper/tor-fw-helper.c +++ b/src/tools/tor-fw-helper/tor-fw-helper.c @@ -496,6 +496,6 @@ main(int argc, char **argv) smartlist_free(tor_fw_options.ports_to_forward); } - exit(r); + exit(0); }

1 0

[tor/master] Fix "make check-spaces"
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit c94f6b228b0f6296a1fd74a5e12373754d5f07a9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Jun 10 13:51:53 2013 -0400 Fix "make check-spaces" --- src/test/test_crypto.c | 8 ++++---- src/test/test_tortls.c | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index e45fbb8..f391cce 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -526,15 +526,15 @@ test_crypto_digests(void) r = crypto_pk_get_digest(k, digest); test_assert(r == 0); test_memeq(hex_str(digest, DIGEST_LEN), - AUTHORITY_SIGNKEY_1_DIGEST, HEX_DIGEST_LEN); + AUTHORITY_SIGNKEY_1_DIGEST, HEX_DIGEST_LEN); r = crypto_pk_get_all_digests(k, &pkey_digests); test_memeq(hex_str(pkey_digests.d[DIGEST_SHA1], DIGEST_LEN), - AUTHORITY_SIGNKEY_1_DIGEST, HEX_DIGEST_LEN); + AUTHORITY_SIGNKEY_1_DIGEST, HEX_DIGEST_LEN); test_memeq(hex_str(pkey_digests.d[DIGEST_SHA256], DIGEST256_LEN), - AUTHORITY_SIGNKEY_1_DIGEST256, HEX_DIGEST256_LEN); -done: + AUTHORITY_SIGNKEY_1_DIGEST256, HEX_DIGEST256_LEN); + done: crypto_pk_free(k); } diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 28ffbb1..5409ced 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -9,7 +9,6 @@ #include "or.h" #include "test.h" - static void test_tortls_evp_pkey_eq(void) { @@ -27,7 +26,7 @@ test_tortls_evp_pkey_eq(void) test_assert(tor_tls_evp_pkey_eq(evp1, evp2) == 0); test_assert(tor_tls_evp_pkey_eq(evp1, evp1) == 1); -done: + done: crypto_pk_free(pk1); crypto_pk_free(pk2); if (evp1) @@ -43,3 +42,4 @@ struct testcase_t tortls_tests[] = { TORTLS_LEGACY(evp_pkey_eq), END_OF_TESTCASES }; +

1 0

[tor/master] Bug #5170 - also simplify i2d_DHparams
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit 6f1c67195c6a477d16d9ef7a97bd2da86fdfd225 Author: Marek Majkowski <marek(a)popcount.org> Date: Thu Jun 6 12:13:24 2013 +0100 Bug #5170 - also simplify i2d_DHparams --- src/common/crypto.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/src/common/crypto.c b/src/common/crypto.c index 40e15bb..adbf639 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1688,7 +1688,7 @@ crypto_store_dynamic_dh_modulus(const char *fname) { int len, new_len; DH *dh = NULL; - unsigned char *dh_string_repr = NULL, *cp = NULL; + unsigned char *dh_string_repr = NULL; char *base64_encoded_dh = NULL; char *file_string = NULL; int retval = -1; @@ -1712,15 +1712,8 @@ crypto_store_dynamic_dh_modulus(const char *fname) if (!BN_set_word(dh->g, DH_GENERATOR)) goto done; - len = i2d_DHparams(dh, NULL); - if (len < 0) { - log_warn(LD_CRYPTO, "Error occured while DER encoding DH modulus (1)."); - goto done; - } - - cp = dh_string_repr = tor_malloc_zero(len+1); - len = i2d_DHparams(dh, &cp); - if ((len < 0) || ((cp - dh_string_repr) != len)) { + len = i2d_DHparams(dh, &dh_string_repr); + if ((len < 0) || (dh_string_repr == NULL)) { log_warn(LD_CRYPTO, "Error occured while DER encoding DH modulus (2)."); goto done; } @@ -1747,7 +1740,7 @@ crypto_store_dynamic_dh_modulus(const char *fname) done: if (dh) DH_free(dh); - tor_free(dh_string_repr); + OPENSSL_free(dh_string_repr); tor_free(base64_encoded_dh); tor_free(file_string);

1 0

[tor/master] Bug #5170 - remove id_to_fp.c as it's not used anywhere
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit b235c1c1945cc55d022ad84a3f04448e165e1063 Author: Marek Majkowski <marek(a)popcount.org> Date: Thu Jun 6 11:45:03 2013 +0100 Bug #5170 - remove id_to_fp.c as it's not used anywhere --- changes/bug5170 | 2 ++ contrib/id_to_fp.c | 77 ---------------------------------------------------- 2 files changed, 2 insertions(+), 77 deletions(-) diff --git a/changes/bug5170 b/changes/bug5170 new file mode 100644 index 0000000..564c946 --- /dev/null +++ b/changes/bug5170 @@ -0,0 +1,2 @@ + o Code simplification and refactoring: + - Remove contrib/id_to_fp.c since it wasn't used anywhere. diff --git a/contrib/id_to_fp.c b/contrib/id_to_fp.c deleted file mode 100644 index 55b025d..0000000 --- a/contrib/id_to_fp.c +++ /dev/null @@ -1,77 +0,0 @@ -/* Copyright 2006 Nick Mathewson; see LICENSE for licensing information */ - -/* id_to_fp.c : Helper for directory authority ops. When somebody sends us - * a private key, this utility converts the private key into a fingerprint - * so you can de-list that fingerprint. - */ - -#include <openssl/rsa.h> -#include <openssl/bio.h> -#include <openssl/sha.h> -#include <openssl/pem.h> - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#define die(s) do { fprintf(stderr, "%s\n", s); goto err; } while (0) - -int -main(int argc, char **argv) -{ - BIO *b = NULL; - RSA *key = NULL; - unsigned char *buf = NULL, *bufp; - int len, i; - unsigned char digest[20]; - int status = 1; - - if (argc < 2) { - fprintf(stderr, "Reading key from stdin...\n"); - if (!(b = BIO_new_fp(stdin, BIO_NOCLOSE))) - die("couldn't read from stdin"); - } else if (argc == 2) { - if (strcmp(argv[1], "-h") == 0 || - strcmp(argv[1], "--help") == 0) { - fprintf(stdout, "Usage: %s [keyfile]\n", argv[0]); - status = 0; - goto err; - } else { - if (!(b = BIO_new_file(argv[1], "r"))) - die("couldn't open file"); - } - } else { - fprintf(stderr, "Usage: %s [keyfile]\n", argv[0]); - goto err; - } - if (!(key = PEM_read_bio_RSAPrivateKey(b, NULL, NULL, NULL))) - die("couldn't parse key"); - - len = i2d_RSAPublicKey(key, NULL); - if (len < 0) - die("Bizarre key"); - bufp = buf = malloc(len+1); - if (!buf) - die("Out of memory"); - len = i2d_RSAPublicKey(key, &bufp); - if (len < 0) - die("Bizarre key"); - - SHA1(buf, len, digest); - for (i=0; i < 20; i += 2) { - printf("%02X%02X ", (int)digest[i], (int)digest[i+1]); - } - printf("\n"); - - status = 0; - -err: - if (buf) - free(buf); - if (key) - RSA_free(key); - if (b) - BIO_free(b); - return status; -} -

1 0

[tor/master] Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit 2132d036e371210052ebea7dbf9905abc824eee2 Author: Marek Majkowski <marek(a)popcount.org> Date: Thu Jun 6 11:45:35 2013 +0100 Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer --- changes/bug5170 | 2 ++ src/common/crypto.c | 51 ++++++++++++++++++--------------------------------- 2 files changed, 20 insertions(+), 33 deletions(-) diff --git a/changes/bug5170 b/changes/bug5170 index 564c946..8aefe8d 100644 --- a/changes/bug5170 +++ b/changes/bug5170 @@ -1,2 +1,4 @@ o Code simplification and refactoring: - Remove contrib/id_to_fp.c since it wasn't used anywhere. + - Since OpenSSL 0.9.7 i2d_RSAPublicKey supports allocating output buffer. + Use this feature to avoid calling this function twice. Fixes #5170. diff --git a/src/common/crypto.c b/src/common/crypto.c index bda1ed0..40e15bb 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1152,22 +1152,21 @@ int crypto_pk_asn1_encode(crypto_pk_t *pk, char *dest, size_t dest_len) { int len; - unsigned char *buf, *cp; - len = i2d_RSAPublicKey(pk->key, NULL); - if (len < 0 || (size_t)len > dest_len || dest_len > SIZE_T_CEILING) + unsigned char *buf = NULL; + + len = i2d_RSAPublicKey(pk->key, &buf); + if (len < 0 || buf == NULL) return -1; - cp = buf = tor_malloc(len+1); - len = i2d_RSAPublicKey(pk->key, &cp); - if (len < 0) { - crypto_log_errors(LOG_WARN,"encoding public key"); - tor_free(buf); + + if ((size_t)len > dest_len || dest_len > SIZE_T_CEILING) { + OPENSSL_free(buf); return -1; } /* We don't encode directly into 'dest', because that would be illegal * type-punning. (C99 is smarter than me, C99 is smarter than me...) */ memcpy(dest,buf,len); - tor_free(buf); + OPENSSL_free(buf); return len; } @@ -1198,24 +1197,17 @@ crypto_pk_asn1_decode(const char *str, size_t len) int crypto_pk_get_digest(crypto_pk_t *pk, char *digest_out) { - unsigned char *buf, *bufp; + unsigned char *buf = NULL; int len; - len = i2d_RSAPublicKey(pk->key, NULL); - if (len < 0) + len = i2d_RSAPublicKey(pk->key, &buf); + if (len < 0 || buf == NULL) return -1; - buf = bufp = tor_malloc(len+1); - len = i2d_RSAPublicKey(pk->key, &bufp); - if (len < 0) { - crypto_log_errors(LOG_WARN,"encoding public key"); - tor_free(buf); - return -1; - } if (crypto_digest(digest_out, (char*)buf, len) < 0) { - tor_free(buf); + OPENSSL_free(buf); return -1; } - tor_free(buf); + OPENSSL_free(buf); return 0; } @@ -1224,24 +1216,17 @@ crypto_pk_get_digest(crypto_pk_t *pk, char *digest_out) int crypto_pk_get_all_digests(crypto_pk_t *pk, digests_t *digests_out) { - unsigned char *buf, *bufp; + unsigned char *buf = NULL; int len; - len = i2d_RSAPublicKey(pk->key, NULL); - if (len < 0) - return -1; - buf = bufp = tor_malloc(len+1); - len = i2d_RSAPublicKey(pk->key, &bufp); - if (len < 0) { - crypto_log_errors(LOG_WARN,"encoding public key"); - tor_free(buf); + len = i2d_RSAPublicKey(pk->key, &buf); + if (len < 0 || buf == NULL) return -1; - } if (crypto_digest_all(digests_out, (char*)buf, len) < 0) { - tor_free(buf); + OPENSSL_free(buf); return -1; } - tor_free(buf); + OPENSSL_free(buf); return 0; }

1 0

[tor/master] Bug 5170 - simplify i2d_PublicKey in pkey_eq
by nickm＠torproject.org 10 Jun '13

10 Jun '13

commit 68be3469c55ac1e4b8f2fecf2a82bcced7f949c8 Author: Marek Majkowski <marek(a)popcount.org> Date: Thu Jun 6 13:32:46 2013 +0100 Bug 5170 - simplify i2d_PublicKey in pkey_eq --- changes/bug5170 | 5 +++-- src/common/tortls.c | 28 +++++++++++++--------------- 2 files changed, 16 insertions(+), 17 deletions(-) diff --git a/changes/bug5170 b/changes/bug5170 index 8aefe8d..4e52c5e 100644 --- a/changes/bug5170 +++ b/changes/bug5170 @@ -1,4 +1,5 @@ o Code simplification and refactoring: - Remove contrib/id_to_fp.c since it wasn't used anywhere. - - Since OpenSSL 0.9.7 i2d_RSAPublicKey supports allocating output buffer. - Use this feature to avoid calling this function twice. Fixes #5170. + - Since OpenSSL 0.9.7 i2d_* functions support allocating output + buffer. Avoid calling twice: i2d_RSAPublicKey, i2d_DHparams, + i2d_X509, i2d_PublicKey. Fixes #5170. diff --git a/src/common/tortls.c b/src/common/tortls.c index 0773068..fd0a410 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -986,21 +986,19 @@ pkey_eq(EVP_PKEY *a, EVP_PKEY *b) /* We'd like to do this, but openssl 0.9.7 doesn't have it: return EVP_PKEY_cmp(a,b) == 1; */ - unsigned char *a_enc=NULL, *b_enc=NULL, *a_ptr, *b_ptr; - int a_len1, b_len1, a_len2, b_len2, result; - a_len1 = i2d_PublicKey(a, NULL); - b_len1 = i2d_PublicKey(b, NULL); - if (a_len1 != b_len1) - return 0; - a_ptr = a_enc = tor_malloc(a_len1); - b_ptr = b_enc = tor_malloc(b_len1); - a_len2 = i2d_PublicKey(a, &a_ptr); - b_len2 = i2d_PublicKey(b, &b_ptr); - tor_assert(a_len2 == a_len1); - tor_assert(b_len2 == b_len1); - result = tor_memeq(a_enc, b_enc, a_len1); - tor_free(a_enc); - tor_free(b_enc); + unsigned char *a_enc = NULL, *b_enc = NULL; + int a_len, b_len, result; + a_len = i2d_PublicKey(a, &a_enc); + b_len = i2d_PublicKey(b, &b_enc); + if (a_len != b_len || a_len < 0) { + result = 0; + } else { + result = tor_memeq(a_enc, b_enc, a_len); + } + if (a_enc) + OPENSSL_free(a_enc); + if (b_enc) + OPENSSL_free(b_enc); return result; }

1 0