[tor-bugs] #4592 [Tor Relay]: tor_tls_server_info_callback(): SSL3_ST_SW_SRVR_HELLO_B missed.
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Dec 8 04:27:29 UTC 2011
#4592: tor_tls_server_info_callback(): SSL3_ST_SW_SRVR_HELLO_B missed.
--------------------------+-------------------------------------------------
Reporter: troll_un | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Relay | Version: Tor: 0.2.2.34
Resolution: | Keywords:
Parent: #4668 | Points:
Actualpoints: |
--------------------------+-------------------------------------------------
Comment(by asn):
This ticket applies to current code, but I was naughty and set its parent
to #4668.
As far as I can tell, it's not exploitable, and it hasn't disrupted v2
handshake in real-life yet, otherwise we would have probably gotten bug
reports with:
{{{
log_warn(LD_BUG, "For some reason, wasV2Handshake didn't"
" get set. Fixing that.");
}}}
A patch that might fix this bug or it might break it even further could
be:
{{{
if (!(((type == SSL_CB_ACCEPT_LOOP) && (ssl->state ==
SSL3_ST_SW_SRVR_HELLO_A)) ||
((type == SSL_CB_ACCEPT_EXIT) && (ssl->state ==
SSL3_ST_SW_SRVR_HELLO_B))))
return;
}}}
instead of the current:
{{{
if (type != SSL_CB_ACCEPT_LOOP)
return;
if (ssl->state != SSL3_ST_SW_SRVR_HELLO_A)
return;
}}}
in `tor_tls_server_info_callback()`. I thought of this fix carelessly, and
I'm not a good thinker, so we will probably need to re-think it when we
actually fix this issue.
We might want to fix this during 0.2.3.x or during 0.2.4.x along with the
#4668 stuff.
In any case, the fix will need to be adjusted to any #4594 fixes.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4592#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list