Log an error if openssl fails to copy a key for us

This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209.  If it ever happens again,
let's get some info we can use.

diff --git a/changes/copy_key_log_bug1209 b/changes/copy_key_log_bug1209
new file mode 100644 (file)
index 0000000..f77e600
--- /dev/null
+++ b/changes/copy_key_log_bug1209
@@ -0,0 +1,4 @@
+ o Minor bugfixes
+   - If OpenSSL fails to make a duplicate of a private or public key, log
+     an error message and try to exit cleanly.  May help with debugging
+     if bug 1209 ever remanifests.

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1a1dad616c1a7fbe324b28e72b4d9a2e97b878af..06b6aa4b51959c88490d6477769e8a412b8a1097 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -779,14 +779,25 @@ crypto_pk_env_t *
 crypto_pk_copy_full(crypto_pk_env_t *env)
 {
   RSA *new_key;
+  int privatekey = 0;
   tor_assert(env);
   tor_assert(env->key);
 
   if (PRIVATE_KEY_OK(env)) {
     new_key = RSAPrivateKey_dup(env->key);
+    privatekey = 1;
   } else {
     new_key = RSAPublicKey_dup(env->key);
   }
+  if (!new_key) {
+    log_err(LD_CRYPTO, "Unable to duplicate a %s key: openssl failed.",
+            privatekey?"private":"public");
+    crypto_log_errors(LOG_ERR,
+                      privatekey ? "Duplicating a private key" :
+                      "Duplicating a public key");
+    tor_fragile_assert();
+    return NULL;
+  }
 
   return _crypto_new_pk_env_rsa(new_key);
 }