Handle crypto_pk_get_digest failures semi-sensibly

Fixes bug 3106.

diff --git a/changes/warn-if-get_digest-fails b/changes/warn-if-get_digest-fails
new file mode 100644 (file)
index 0000000..6cfc108
--- /dev/null
+++ b/changes/warn-if-get_digest-fails
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - If we fail to compute the identity digest of a v3 legacy
+      keypair, warn, and don't use a buffer-full of junk instead.
+      Bugfix on 0.2.1.1-alpha; fixes bug 3106.
+
+

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index c8dda665e4d7d3a3b536b7bd8e8247ee421f2b5a..860ac1f7001854a53510b0cb5416627653fd5e88 100644 (file)
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -2705,7 +2705,10 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
   if (options->V3AuthUseLegacyKey) {
     authority_cert_t *c = get_my_v3_legacy_cert();
     if (c) {
-      crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest);
+      if (crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest)) {
+        log_warn(LD_BUG, "Unable to compute digest of legacy v3 identity key");
+        memset(voter->legacy_id_digest, 0, DIGEST_LEN);
+      }
     }
   }
 

diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 9273dbc90d42d237d56892a66009dba94dbb061b..db2eaf0f4f5b252d4c0019d281755844032d78a3 100644 (file)
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -3129,8 +3129,12 @@ dirvote_compute_consensuses(void)
       authority_cert_t *cert = get_my_v3_legacy_cert();
       legacy_sign = get_my_v3_legacy_signing_key();
       if (cert) {
-        crypto_pk_get_digest(cert->identity_key, legacy_dbuf);
-        legacy_id_digest = legacy_dbuf;
+        if (crypto_pk_get_digest(cert->identity_key, legacy_dbuf)) {
+          log_warn(LD_BUG,
+                   "Unable to compute digest of legacy v3 identity key");
+        } else {
+          legacy_id_digest = legacy_dbuf;
+        }
       }
     }