[tor-commits] [tor/maint-0.2.2] Handle crypto_pk_get_digest failures semi-sensibly

nickm at torproject.org nickm at torproject.org
Thu May 5 03:18:57 UTC 2011


commit 66339f74b4affcb02a3160014efe6ce9aca339e1
Author: Robert Ransom <rransom.8774 at gmail.com>
Date:   Wed May 4 20:06:24 2011 -0700

    Handle crypto_pk_get_digest failures semi-sensibly
    
    Fixes bug 3106.
---
 changes/warn-if-get_digest-fails |    6 ++++++
 src/or/dirserv.c                 |    5 ++++-
 src/or/dirvote.c                 |    8 ++++++--
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/changes/warn-if-get_digest-fails b/changes/warn-if-get_digest-fails
new file mode 100644
index 0000000..6cfc108
--- /dev/null
+++ b/changes/warn-if-get_digest-fails
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - If we fail to compute the identity digest of a v3 legacy
+      keypair, warn, and don't use a buffer-full of junk instead.
+      Bugfix on 0.2.1.1-alpha; fixes bug 3106.
+
+
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index c8dda66..860ac1f 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -2705,7 +2705,10 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
   if (options->V3AuthUseLegacyKey) {
     authority_cert_t *c = get_my_v3_legacy_cert();
     if (c) {
-      crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest);
+      if (crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest)) {
+        log_warn(LD_BUG, "Unable to compute digest of legacy v3 identity key");
+        memset(voter->legacy_id_digest, 0, DIGEST_LEN);
+      }
     }
   }
 
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 9273dbc..db2eaf0 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -3129,8 +3129,12 @@ dirvote_compute_consensuses(void)
       authority_cert_t *cert = get_my_v3_legacy_cert();
       legacy_sign = get_my_v3_legacy_signing_key();
       if (cert) {
-        crypto_pk_get_digest(cert->identity_key, legacy_dbuf);
-        legacy_id_digest = legacy_dbuf;
+        if (crypto_pk_get_digest(cert->identity_key, legacy_dbuf)) {
+          log_warn(LD_BUG,
+                   "Unable to compute digest of legacy v3 identity key");
+        } else {
+          legacy_id_digest = legacy_dbuf;
+        }
       }
     }
 





More information about the tor-commits mailing list