[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Sat, 02 Jun 2012 23:59:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 02 Jun 2012 19:59:32 -0400
In-reply-to: <046.360404451f03d4f0ed3cd8c300e45ad0@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.360404451f03d4f0ed3cd8c300e45ad0@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#6033: Tor v2 handshake does not work with openssl 1.0.1
------------------------+---------------------------------------------------
 Reporter:  murble      |          Owner:                     
     Type:  defect      |         Status:  new                
 Priority:  critical    |      Milestone:  Tor: 0.2.2.x-final 
Component:  Tor Bridge  |        Version:  Tor: 0.2.3.15-alpha
 Keywords:              |         Parent:                     
   Points:              |   Actualpoints:                     
------------------------+---------------------------------------------------

Comment(by marshray):

 I have reproed the problem and attached a packet capture.

 Packets 4 and 6 show TLS 1.1 being negotiated successfully.

 Packet 11 is an encrypted handshake message that is the client initiated
 renegotiation. However, note that the record layer version has jumped
 backwards from 1.1 to 1.0. It's expected that the initial Client Hello
 will have a record layer version of TLS 1.0 because the client doesn't
 know if the server supports anything higher. But once encryption has
 started, it's not OK for the client to change the record layer version
 because that would change the encryption format and the server wouldn't be
 able to decode it. I believe this behavior is against RFC 5246.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6033#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #6033 [Tor Bridge]: 0.2.2.35 can't connect to 0.2.3.15-alpha bridges
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #5374 [Tor Relay]: getsockname() to check for address change failed
Next by Author: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
Previous by thread: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
Next by thread: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
Index(es):
- Author
- Thread