[tor-dev] Proposal 190: Password-based Bridge Client Authorization

Ian Goldberg iang at cs.uwaterloo.ca
Tue Jan 17 18:48:16 UTC 2012


On Tue, Jan 17, 2012 at 08:43:00PM +0200, George Kadianakis wrote:
> [0]: Did the Telex people clean up the patch, generalize it, and post
> it in openssl-dev? Having configurable {Server,Client}Hello.Random in
> a future version of OpenSSL would be neat.

At USENIX Security, Adam opined that openssl's callback mechanism should
be able to do this with no patches to the source.  (I think there was
one part of Telex that would still need patches to openssl, but I don't
think that was it.)  You basically request a callback right after the
clienthello.random is generated, and in the callback, overwrite the
value.  Or something like that; I don't remember exactly.

   - Ian


More information about the tor-dev mailing list