[or-cvs] r17674: {tor} Backport: Fix bug 889: share deep-copied keys between thread (in tor/branches/tor-0_2_0-patches: . src/common src/or)

[nickm at seul.org]

Author: nickm
Date: 2008-12-18 00:47:28 -0500 (Thu, 18 Dec 2008)
New Revision: 17674

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/src/common/crypto.c
   tor/branches/tor-0_2_0-patches/src/common/crypto.h
   tor/branches/tor-0_2_0-patches/src/or/router.c
Log:
Backport: Fix bug 889: share deep-copied keys between threads to avoid races in reference counts.  Bugfix on 0.1.0.1-rc.

Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2008-12-18 05:40:57 UTC (rev 17673)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2008-12-18 05:47:28 UTC (rev 17674)
@@ -46,6 +46,9 @@
     - Fix a memory leak when we decline to add a v2 rendezvous descriptor to
       the cache because we already had a v0 descriptor with the same ID.
       Bugfix on 0.2.0.18-alpha.
+    - Fix a race condition when freeing keys shared between main thread
+      and CPU workers that could result in a memory leak.  Bugfix on
+      0.1.0.1-rc.  Fixes bug 889.
 
   o Minor features:
     - Report the case where all signatures in a detached set are rejected

Modified: tor/branches/tor-0_2_0-patches/src/common/crypto.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/common/crypto.c	2008-12-18 05:40:57 UTC (rev 17673)
+++ tor/branches/tor-0_2_0-patches/src/common/crypto.c	2008-12-18 05:47:28 UTC (rev 17674)
@@ -631,6 +631,23 @@
   return env;
 }
 
+/** Make a real honest-to-goodness copy of <b>env</b>, and return it. */
+crypto_pk_env_t *
+crypto_pk_copy_full(crypto_pk_env_t *env)
+{
+  RSA *new_key;
+  tor_assert(env);
+  tor_assert(env->key);
+
+  if (PRIVATE_KEY_OK(env)) {
+    new_key = RSAPrivateKey_dup(env->key);
+  } else {
+    new_key = RSAPublicKey_dup(env->key);
+  }
+
+  return _crypto_new_pk_env_rsa(new_key);
+}
+
 /** Encrypt <b>fromlen</b> bytes from <b>from</b> with the public key
  * in <b>env</b>, using the padding method <b>padding</b>.  On success,
  * write the result to <b>to</b>, and return the number of bytes

Modified: tor/branches/tor-0_2_0-patches/src/common/crypto.h
===================================================================
--- tor/branches/tor-0_2_0-patches/src/common/crypto.h	2008-12-18 05:40:57 UTC (rev 17673)
+++ tor/branches/tor-0_2_0-patches/src/common/crypto.h	2008-12-18 05:47:28 UTC (rev 17674)
@@ -88,6 +88,7 @@
 int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
 size_t crypto_pk_keysize(crypto_pk_env_t *env);
 crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
+crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
 
 int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
                              const char *from, size_t fromlen, int padding);

Modified: tor/branches/tor-0_2_0-patches/src/or/router.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/router.c	2008-12-18 05:40:57 UTC (rev 17673)
+++ tor/branches/tor-0_2_0-patches/src/or/router.c	2008-12-18 05:47:28 UTC (rev 17674)
@@ -75,8 +75,8 @@
   return onionkey;
 }
 
-/** Store a copy of the current onion key into *<b>key</b>, and a copy
- * of the most recent onion key into *<b>last</b>.
+/** Store a full copy of the current onion key into *<b>key</b>, and a full
+ * copy of the most recent onion key into *<b>last</b>.
  */
 void
 dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last)
@@ -85,9 +85,9 @@
   tor_assert(last);
   tor_mutex_acquire(key_lock);
   tor_assert(onionkey);
-  *key = crypto_pk_dup_key(onionkey);
+  *key = crypto_pk_copy_full(onionkey);
   if (lastonionkey)
-    *last = crypto_pk_dup_key(lastonionkey);
+    *last = crypto_pk_copy_full(lastonionkey);
   else
     *last = NULL;
   tor_mutex_release(key_lock);