Log an error if openssl fails to copy a key for us

This should never happen unless openssl is buggy or some of our assumptions are deeply wrong, but one of those might have been the cause of the not-yet-reproducible bug 1209. If it ever happens again, let's get some info we can use.
2025-02-23 14:40:51 +01:00 · 2010-06-22 22:20:52 -04:00 · 2010-06-22 22:20:52 -04:00 · 8e1bf98f4a
commit 8e1bf98f4a
parent e2b117eb80
2 changed files with 15 additions and 0 deletions
--- a/changes/copy_key_log_bug1209
+++ b/changes/copy_key_log_bug1209
@ -0,0 +1,4 @@
+ o Minor bugfixes
+   - If OpenSSL fails to make a duplicate of a private or public key, log
+     an error message and try to exit cleanly.  May help with debugging
+     if bug 1209 ever remanifests.
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@ -779,14 +779,25 @@ crypto_pk_env_t *
 crypto_pk_copy_full(crypto_pk_env_t *env)
 {
  RSA *new_key;
+  int privatekey = 0;
  tor_assert(env);
  tor_assert(env->key);

  if (PRIVATE_KEY_OK(env)) {
    new_key = RSAPrivateKey_dup(env->key);
+    privatekey = 1;
  } else {
    new_key = RSAPublicKey_dup(env->key);
  }
+  if (!new_key) {
+    log_err(LD_CRYPTO, "Unable to duplicate a %s key: openssl failed.",
+            privatekey?"private":"public");
+    crypto_log_errors(LOG_ERR,
+                      privatekey ? "Duplicating a private key" :
+                      "Duplicating a public key");
+    tor_fragile_assert();
+    return NULL;
+  }

  return _crypto_new_pk_env_rsa(new_key);
 }