[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #6465 [Tor Relay]: Build abstraction layer around TLS
#6465: Build abstraction layer around TLS
-----------------------+----------------------------------------------------
Reporter: andrea | Owner: andrea
Type: project | Status: needs_review
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor Relay | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by nickm):
PART 3:
Woo. 29% done.
General stuff: I'm perpetually terrified of breaking the handshake in a
way to allow us to count as authenticated, or to process cells we
shouldn't, or to send data we shouldn't, without actually completing the
TLS handshake and verifying the other party with the Tor handshake. I'm
also perpetually afraid of breaking the v2 or v1 TLS handshakes and not
noticing because I only tested master against master.
* Weird thing: connection_or.c in your branch is 2322 lines long. In
master, it's 2290 lines long. I would have expected it to get shorter as
code moved out.
* The BASE_CHAN_TO_TLS(c) and TLS_CHAN_TO_BASE(c) macros are dicey; look
at how connection_t and circuit_t handle these for safety.
* The new log_debug in connection_mark_for_close makes me wonder: can we
be checking for this case and warning/asserting if it hits? If the new
rule is "never call connection_mark_for_close on an or_conn directly",
that's going to be fragile.
* We'd better audit to make sure there are no more conn->state changes in
connection_or.c
* Where did that big block of code in connection_or_set_state_open go?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6465#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs