aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/cov4795
-rw-r--r--changes/cov4844
-rw-r--r--src/common/crypto.c4
-rw-r--r--src/or/main.c3
4 files changed, 15 insertions, 1 deletions
diff --git a/changes/cov479 b/changes/cov479
new file mode 100644
index 000000000..afbaffc63
--- /dev/null
+++ b/changes/cov479
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - Fix internal bug-checking logic that was supposed to catch
+ failures in digest generation so that it will fail more robustly
+ if we ask for a nonexistent algorithm. Found by Coverity Scan.
+ Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479.
diff --git a/changes/cov484 b/changes/cov484
new file mode 100644
index 000000000..33adbda18
--- /dev/null
+++ b/changes/cov484
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Report any failure in init_keys() calls done because our IP address
+ has changed. Spotted by Coverity Scan. Bugfix on 0.1.1.4-alpha;
+ fixes CID 484.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 851f11bf3..235bd88ff 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1663,6 +1663,10 @@ crypto_digest_get_digest(crypto_digest_env_t *digest,
SHA256_Final(r, &tmpenv.d.sha2);
break;
default:
+ log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
+ /* If fragile_assert is not enabled, then we should at least not
+ * leak anything. */
+ memset(r, 0xff, sizeof(r));
tor_fragile_assert();
break;
}
diff --git a/src/or/main.c b/src/or/main.c
index 95acea4f5..b1159746a 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1378,7 +1378,8 @@ ip_address_changed(int at_interface)
if (at_interface) {
if (! server) {
/* Okay, change our keys. */
- init_keys();
+ if (init_keys()<0)
+ log_warn(LD_GENERAL, "Unable to rotate keys after IP change!");
}
} else {
if (server) {