[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21406 [Core Tor/Tor]: The channel is_client flag is inaccurate



#21406: The channel is_client flag is inaccurate
--------------------------+------------------------------------
 Reporter:  teor          |          Owner:  teor
     Type:  defect        |         Status:  needs_revision
 Priority:  Medium        |      Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.2.4.23
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:  0.5
Parent ID:                |         Points:  0.5
 Reviewer:  nickm         |        Sponsor:
--------------------------+------------------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision
 * reviewer:   => nickm


Comment:

 I think the change in connection_or_check_valid_tls_handshake() may be
 wrong: This is about the certificate received in the TLS handshake, not
 the certificate received in the CERTS cell during the v3 Tor handshake.
 But in the v3 handshake, ''nobody'' provides a client certificate during
 TLS negotiation.

 You can test this yourself by adding `tor_assert(!has_cert ||
 started_here)`, and running a test network.  (Don't do this in real life,
 since it would crash whenever somebody tried running an ancient server
 and/or sending you a client TLS certificate by mistake.)

 The other changes look okay to me.  I would like to rename
 "channel_mark_client" to "channel_mark_as_client" and "channel_is_client"
 to "channel_comes_from_client" or something, but that's another ticket.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21406#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs