[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #4591 [Tor Relay]: Don't set SSL_MODE_NO_AUTO_CHAIN during renegotiation.
#4591: Don't set SSL_MODE_NO_AUTO_CHAIN during renegotiation.
-----------------------+----------------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
If during the renegotiation's ClientHello a client passes:
{{{
if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) {
}}}
in `tor_tls_server_info_callback()` (or `tor_tls_got_client_hello()` in
`master`), we don't send a full certificate chain to the client.
The above `if` statement should only be examined during the initial SSL
handshake.
There was already a
{{{
/*XXXX_TLS keep this from happening more than once! */
}}}
comment that never got implemented.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4591>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs