Properly refcount client_identity_key

In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.

diff --git a/src/common/crypto.c b/src/common/crypto.c
index c723c33dd07931b067532bb0ce5d813723a4c2b4..a444cf126a8e4834c1db01b8fd345529872b7b35 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -326,6 +326,7 @@ crypto_free_pk_env(crypto_pk_env_t *env)
 
   if (--env->refs > 0)
     return;
+  tor_assert(env->refs == 0);
 
   if (env->key)
     RSA_free(env->key);

diff --git a/src/or/router.c b/src/or/router.c
index 96aca88376ee68ed6ab6cc4efaca959110c2151d..c471599cb6dd50f3bdfa9b2078252c58c7f76511 100644 (file)
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -559,7 +559,7 @@ init_keys(void)
    * otherwise, set the server identity key as our client identity
    * key. */
   if (public_server_mode(options)) {
-    set_client_identity_key(prkey); /* set above */
+    set_client_identity_key(crypto_pk_dup_key(prkey)); /* set above */
   } else {
     if (!(prkey = crypto_new_pk_env()))
       return -1;