Properly refcount client_identity_key

In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.

diff --git a/src/common/crypto.c b/src/common/crypto.c
index bfb81d3ccdd644eb25542bc723a341f61008406f..b49547fa4debb03ac26d843f38d8fd8c4c17f956 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -405,6 +405,7 @@ crypto_free_pk_env(crypto_pk_env_t *env)
 
   if (--env->refs > 0)
     return;
+  tor_assert(env->refs == 0);
 
   if (env->key)
     RSA_free(env->key);

diff --git a/src/or/router.c b/src/or/router.c
index 3fd7b7fc3981d275feab2e8ee885520c66cf797b..725a515e0c3fd90b0f17821d8815d3526bb26e06 100644 (file)
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -573,7 +573,7 @@ init_keys(void)
    * otherwise, set the server identity key as our client identity
    * key. */
   if (public_server_mode(options)) {
-    set_client_identity_key(prkey); /* set above */
+    set_client_identity_key(crypto_pk_dup_key(prkey)); /* set above */
   } else {
     if (!(prkey = crypto_new_pk_env()))
       return -1;