Opened 10 years ago

Closed 9 years ago

Last modified 7 years ago

#1209 closed defect (worksforme)

crypto.c:322 _crypto_new_pk_env_rsa: Assertion rsa failed; aborting.

Reported by: Safari Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version: 0.2.2.6-alpha
Severity: Keywords:
Cc: Safari, nickm, Sebastian, arma Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I get this after SIGHUP
...
[debug] Removing exit policy reject 172.16.0.0/12:*. It is already covered by reject *:*.
[err] _crypto_new_pk_env_rsa(): Bug: crypto.c:322: _crypto_new_pk_env_rsa: Assertion rsa failed; aborting.
crypto.c:322 _crypto_new_pk_env_rsa: Assertion rsa failed; aborting.

I have openssl cvs version from 20091229 (newer ones do not compile (without disabling ASM))

[Automatically added by flyspray2trac: Operating System: Fedora Core Linux]

Child Tickets

Change History (6)

comment:1 Changed 10 years ago by nickm

Does this happen after every sighup, or only occasionally?

Can you get a stack trace on this?

comment:2 Changed 10 years ago by Safari

This does not happen very often, but I attach to tor process when I do SIGHUP from now on...

comment:3 Changed 10 years ago by arma

Still happening? Perhaps it was a bug with your cvs version of openssl?

comment:4 Changed 10 years ago by Safari

I haven't seen this in at least a month (when I nuked the old log files).

Maybe the bug is in openssl, I would not be surprised.

comment:5 Changed 9 years ago by nickm

Resolution: Noneworksforme
Status: newclosed

So there are only a few call-sites for _crypto_new_pk_env_rsa(). The only one right now that doesn't check for a NULL value of the argument before calling it is crypto_pk_copy_full(). This was also true in Tor 0.2.2.6-alpha, where the bug occurred.

I've updated the crypto_pk_copy_full function (as of git commit 8e1bf98) so that if copying the key fails, it will log any errors that openssl generates. Unfortunately, the key-copying logic in openssl uses the ASN1 machinery so heavily that I'm really not able to look at changes between openssl 20091229 and now to see if any of them might have been responsible.

Closing this bug as 'worksforme' for now since it hasn't come back; please let us know if it ever comes back, especially if you can get the message generated by the next Tor version.

comment:6 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.