[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #19910 [Applications/Tor Browser]: Rip out optimistic data socks handshake variant (#3875)

Subject: [tor-bugs] #19910 [Applications/Tor Browser]: Rip out optimistic data socks handshake variant (#3875)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 12 Aug 2016 17:39:07 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 12 Aug 2016 18:43:27 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#19910: Rip out optimistic data socks handshake variant (#3875)
------------------------------------------+----------------------
     Reporter:  cypherpunks               |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 Optimistic data socks handshake variant violates RFC we could to ignore
 except total code logic brokenness.

 For something like https transport code functionality depends timing of
 socks proxy. If socks-proxy answer before TLS handshake can to start then
 browser process socks handshake as server hello therefore violates TLS
 session.

 You can't to use code fully based on race condition. You can't to fix code
 so it never process any input data as soon as you start TLS handshake.
 Only solution to rip out that code entirely.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19910>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #19910 [Applications/Tor Browser]: Rip out optimistic data socks handshake variant (#3875)
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #19910 [Applications/Tor Browser]: Rip out optimistic data socks handshake variant (#3875)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #19163 [Core Tor/Tor]: Make sure clients almost always use ntor
Next by Author: Re: [tor-bugs] #19837 [Applications/Tor Browser]: Audio/video player is blank in 6.5a2
Previous by thread: Re: [tor-bugs] #18788 [Core Tor/Tor]: Make the copyright license clear for torspec and proposals
Next by thread: Re: [tor-bugs] #19910 [Applications/Tor Browser]: Rip out optimistic data socks handshake variant (#3875)
Index(es):
- Author
- Thread