Merge remote branch 'public/bug2378' into maint-0.2.2

5 files changed, 20 insertions, 13 deletions

diff --git a/changes/bug2378 b/changes/bug2378
new file mode 100644
index 000000000..227968869
--- /dev/null
+++ b/changes/bug2378
@@ -0,0 +1,8 @@
+  o Minor bugfixes
+    - Correctly detect failure to allocate an OpenSSL BIO.  Fixes bug 2378;
+      found by "cypherpunks".   This bug was introduced before the
+      first Tor release, in svn commit r110.
+
+  o Minor code simplifications and refactorings
+    - Always treat failure to allocate an RSA key as an unrecoverable
+      allocation error.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 5264fd808..cfbc002dc 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -326,17 +326,6 @@ _crypto_new_pk_env_rsa(RSA *rsa)
   return env;
 }
 
-/** used by tortls.c: wrap the RSA from an evp_pkey in a crypto_pk_env_t.
- * returns NULL if this isn't an RSA key. */
-crypto_pk_env_t *
-_crypto_new_pk_env_evp_pkey(EVP_PKEY *pkey)
-{
-  RSA *rsa;
-  if (!(rsa = EVP_PKEY_get1_RSA(pkey)))
-    return NULL;
-  return _crypto_new_pk_env_rsa(rsa);
-}
-
 /** Helper, used by tor-checkkey.c and tor-gencert.c.  Return the RSA from a
  * crypto_pk_env_t. */
 RSA *
@@ -390,7 +379,7 @@ crypto_new_pk_env(void)
   RSA *rsa;
 
   rsa = RSA_new();
-  if (!rsa) return NULL;
+  tor_assert(rsa);
   return _crypto_new_pk_env_rsa(rsa);
 }
 
@@ -535,6 +524,8 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
 
   /* Create a read-only memory BIO, backed by the string 's' */
   b = BIO_new_mem_buf((char*)s, (int)len);
+  if (!b)
+    return -1;
 
   if (env->key)
     RSA_free(env->key);
@@ -595,6 +586,8 @@ crypto_pk_write_key_to_string_impl(crypto_pk_env_t *env, char **dest,
   tor_assert(dest);
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
+  if (!b)
+    return -1;
 
   /* Now you can treat b as if it were a file.  Just use the
    * PEM_*_bio_* functions instead of the non-bio variants.
@@ -662,6 +655,8 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src,
   tor_assert(len<INT_MAX);
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
+  if (!b)
+    return -1;
 
   BIO_write(b, src, (int)len);
 
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 713495673..05185f3f1 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -249,7 +249,6 @@ struct evp_pkey_st;
 struct dh_st;
 struct rsa_st *_crypto_pk_env_get_rsa(crypto_pk_env_t *env);
 crypto_pk_env_t *_crypto_new_pk_env_rsa(struct rsa_st *rsa);
-crypto_pk_env_t *_crypto_new_pk_env_evp_pkey(struct evp_pkey_st *pkey);
 struct evp_pkey_st *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env,
                                                 int private);
 struct dh_st *_crypto_dh_env_get_dh(crypto_dh_env_t *dh);
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 8ad0f2f31..10f4440cb 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -808,6 +808,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
     goto error;
   {
     crypto_dh_env_t *dh = crypto_dh_new(DH_TYPE_TLS);
+    tor_assert(dh);
     SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
     crypto_dh_free(dh);
   }
diff --git a/src/or/onion.c b/src/or/onion.c
index 9aa16d274..e1d10a60b 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -259,6 +259,10 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
   }
 
   dh = crypto_dh_new(DH_TYPE_CIRCUIT);
+  if (!dh) {
+    log_warn(LD_BUG, "Couldn't allocate DH key");
+    goto err;
+  }
   if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) {
     log_info(LD_GENERAL, "crypto_dh_get_public failed.");
     goto err;