[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/main] conn: add ClientHello Padding TLS extension

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/main] conn: add ClientHello Padding TLS extension
From: dgoulet@xxxxxxxxxxxxxx
Date: Wed, 9 Feb 2022 15:37:07 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Feb 2022 10:37:18 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: pseudonymisaTor <1397-pseudonymisaTor@xxxxxxxxxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit f1387b398c130eac740b759db5101d8c469114d5
Author: pseudonymisaTor <1397-pseudonymisaTor@xxxxxxxxxxxxxxxxxxxxx>
Date:   Sun Jan 23 09:24:28 2022 +0000

    conn: add ClientHello Padding TLS extension
---
 src/lib/tls/tortls_openssl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index d59d65d995..77de2d6a11 100644
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -701,6 +701,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
   /* let us realloc bufs that we're writing from */
   SSL_CTX_set_mode(result->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 
+#ifdef SSL_OP_TLSEXT_PADDING
+  /* Adds a padding extension to ensure the ClientHello size is never between
+   * 256 and 511 bytes in length. */
+  SSL_CTX_set_options(result->ctx, SSL_OP_TLSEXT_PADDING);
+#endif
+
   return result;
 
  error:



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/main] Exit slow start at the gamma threshold
Next by Author: [tor-commits] [tor/main] hs: Fix tests for congestion control
Previous by thread: [tor-commits] [tor/main] Merge branch 'tor-gitlab/mr/518'
Next by thread: [tor-commits] [tor-browser-build/master] Release prep for 11.5a4 (desktop only)
Index(es):
- Author
- Thread