[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #4587 [Tor Client]: Bugs in tor_tls_got_client_hello()
#4587: Bugs in tor_tls_got_client_hello()
------------------------+---------------------------------------------------
Reporter: Sebastian | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by troll_un):
Replying to [comment:15 troll_un]:
> Replying to [comment:12 asn]:
> > Hm, looking at #4594. Do you think we can get the correct count of
handshakes by only counting them in `SSL3_ST_SR_CLNT_HELLO_A`?
> For distinguish reneg req only you need another logic (not depends of
state during callbacks).
Actually, You could detect parasitic hello instead of try to detect
correct count of handshakes (in other words all that not a parasitic hello
will be reneg request).
You need to remember the ssl->state for each callback and then to compare
previous state and current state. Working condition could be looks like:
{{{
if ((prev == SSL3_ST_SR_CERT_A || prev == SSL3_ST_SR_CERT_B) &&
curr == SSL3_ST_SR_CLNT_HELLO_C) { /* parasitic hello detected */
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4587#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs