[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 13 Mar 2012 16:07:50 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Mar 2012 12:08:04 -0400
In-reply-to: <043.7f6071672bc6560be46416d542ff3270@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.7f6071672bc6560be46416d542ff3270@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4744: GFW probes based on Tor's SSL cipher list
--------------------------------+-------------------------------------------
 Reporter:  asn                 |          Owner:  nickm             
     Type:  defect              |         Status:  needs_revision    
 Priority:  major               |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Bridge          |        Version:                    
 Keywords:  tls fingerprinting  |         Parent:  #4185             
   Points:                      |   Actualpoints:                    
--------------------------------+-------------------------------------------

Comment(by nickm):

 Wanoskarnet recommends this version instead.

 {{{
 --- tortls.c.orig       2011-12-15
 +++ tortls.c    2012-03-13
 @@ -907,6 +907,24 @@
    return 1;
  }

 +static void
 +tor_tls_client_hack_callback(const SSL *ssl, int type, int val)
 +{
 +  (void) val;
 +  if (type == SSL_CB_HANDSHAKE_START &&
 +      !ssl->new_session) {
 +    SSL *_ssl = (SSL *)ssl;
 +    _ssl->new_session = 3; /* XxXXxX Hack. Do not repeat if alone at home
 */
 +    return;
 +  }
 +  if (type == SSL_CB_CONNECT_LOOP &&
 +      ssl->new_session == 3) {
 +    SSL *_ssl = (SSL *)ssl;
 +    _ssl->new_session = 0; /* XxXXxX Hack. Do not repeat if alone at home
 */
 +    return;
 +  }
 +}
 +
  /** Invoked when we're accepting a connection on <b>ssl</b>, and the
 connection
   * changes state. We use this:
   * <ul><li>To alter the state of the handshake partway through, so we
 @@ -1092,6 +1110,12 @@
    }
  #endif

 +#ifdef V2_HANDSHAKE_CLIENT
 +  if (!isServer) {
 +    SSL_set_info_callback(result->ssl, tor_tls_client_hack_callback);
 +  }
 +#endif
 +
    /* Not expected to get called. */
    tls_log_errors(NULL, LOG_WARN, LD_NET, "creating tor_tls_t object");
    return result;
 @@ -1324,6 +1348,7 @@
  #endif
      } else {
  #ifdef V2_HANDSHAKE_CLIENT
 +      SSL_set_info_callback(tls->ssl, NULL);
        /* If we got no ID cert, we're a v2 handshake. */
        X509 *cert = SSL_get_peer_certificate(tls->ssl);
        STACK_OF(X509) *chain = SSL_get_peer_cert_chain(tls->ssl);
 }}}

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4744#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2690 [Torperf]: Compare circuit build timeouts to Torperf completion times
Next by Author: Re: [tor-bugs] #4563 [Tor Client]: Enable clients to talk to public bridges via IPv6
Previous by thread: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
Next by thread: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
Index(es):
- Author
- Thread