diff --git a/debian/changelog b/debian/changelog index 45b6b910f0..11b2dc3815 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +tor (0.2.2.6-alpha-1) experimental; urgency=low + + * New upstream version. + - Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch + (part of upstream). + + -- Peter Palfrader Mon, 23 Nov 2009 18:52:04 +0100 + tor (0.2.2.5-alpha-1) experimental; urgency=low * New upstream version. diff --git a/debian/patches/00list b/debian/patches/00list index 63c52165c8..9260bb7ed5 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -3,4 +3,3 @@ 06_add_compile_time_defaults.dpatch 07_log_to_file_by_default.dpatch 14_fix_geoip_warning -0a58567c-work-with-reneg-ssl.dpatch diff --git a/debian/patches/0a58567c-work-with-reneg-ssl.dpatch b/debian/patches/0a58567c-work-with-reneg-ssl.dpatch deleted file mode 100644 index 886e2d18ae..0000000000 --- a/debian/patches/0a58567c-work-with-reneg-ssl.dpatch +++ /dev/null @@ -1,129 +0,0 @@ -#! /bin/sh -e - -if [ $# -lt 1 ]; then - echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 - exit 1 -fi - -[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" - -case "$1" in - -patch) patch -p1 ${patch_opts} < $0;; - -unpatch) patch -R -p1 ${patch_opts} < $0;; - *) - echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 - exit 1;; -esac - -exit 0 - -#diff --git a/ChangeLog b/ChangeLog -#index 0109ff5..679d576 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -311,6 +311,12 @@ Changes in version 0.2.2.1-alpha - 2009-08-26 -# -# -# Changes in Version 0.2.1.21 - 20??-??-?? -#+ o Major bugfixes: -#+ - Work around a security feature in OpenSSL 0.9.8l that prevents our -#+ handshake from working unless we explicitly tell OpenSSL that we are -#+ using SSL renegotiation safely. We are, of course, but OpenSSL -#+ 0.9.8l won't work unless we say we are. -#+ -# o Minor bugfixes: -# - Do not refuse to learn about authority certs and v2 networkstatus -# documents that are older than the latest consensus. This bug might -@DPATCH@ -diff --git a/src/common/tortls.c b/src/common/tortls.c -index 6e09325..ff49ecf 100644 ---- a/src/common/tortls.c -+++ b/src/common/tortls.c -@@ -154,6 +154,7 @@ static X509* tor_tls_create_certificate(crypto_pk_env_t *rsa, - const char *cname, - const char *cname_sign, - unsigned int lifetime); -+static void tor_tls_unblock_renegotiation(tor_tls_t *tls); - - /** Global tls context. We keep it here because nobody else needs to - * touch it. */ -@@ -927,6 +928,36 @@ tor_tls_set_renegotiate_callback(tor_tls_t *tls, - #endif - } - -+/** If this version of openssl requires it, turn on renegotiation on -+ * tls. (Our protocol never requires this for security, but it's nice -+ * to use belt-and-suspenders here.) -+ */ -+static void -+tor_tls_unblock_renegotiation(tor_tls_t *tls) -+{ -+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -+ /* Yes, we know what we are doing here. No, we do not treat a renegotiation -+ * as authenticating any earlier-received data. */ -+ tls->ssl->s3->flags |= SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; -+#else -+ (void)tls; -+#endif -+} -+ -+/** If this version of openssl supports it, turn off renegotiation on -+ * tls. (Our protocol never requires this for security, but it's nice -+ * to use belt-and-suspenders here.) -+ */ -+void -+tor_tls_block_renegotiation(tor_tls_t *tls) -+{ -+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -+ tls->ssl->s3->flags &= ~SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; -+#else -+ (void)tls; -+#endif -+} -+ - /** Return whether this tls initiated the connect (client) or - * received it (server). */ - int -@@ -1058,6 +1089,9 @@ tor_tls_handshake(tor_tls_t *tls) - if (oldstate != tls->ssl->state) - log_debug(LD_HANDSHAKE, "After call, %p was in state %s", - tls, ssl_state_to_string(tls->ssl->state)); -+ /* We need to call this here and not earlier, since OpenSSL has a penchant -+ * for clearing its flags when you say accept or connect. */ -+ tor_tls_unblock_renegotiation(tls); - r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO, LD_HANDSHAKE); - if (ERR_peek_error() != 0) { - tls_log_errors(tls, tls->isServer ? LOG_INFO : LOG_WARN, LD_HANDSHAKE, -diff --git a/src/common/tortls.h b/src/common/tortls.h -index d006909..871fec3 100644 ---- a/src/common/tortls.h -+++ b/src/common/tortls.h -@@ -65,6 +65,7 @@ int tor_tls_read(tor_tls_t *tls, char *cp, size_t len); - int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n); - int tor_tls_handshake(tor_tls_t *tls); - int tor_tls_renegotiate(tor_tls_t *tls); -+void tor_tls_block_renegotiation(tor_tls_t *tls); - int tor_tls_shutdown(tor_tls_t *tls); - int tor_tls_get_pending_bytes(tor_tls_t *tls); - size_t tor_tls_get_forced_write_size(tor_tls_t *tls); -diff --git a/src/or/connection_or.c b/src/or/connection_or.c -index c3d35e1..bbd6439 100644 ---- a/src/or/connection_or.c -+++ b/src/or/connection_or.c -@@ -799,6 +799,7 @@ connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn) - - /* Don't invoke this again. */ - tor_tls_set_renegotiate_callback(tls, NULL, NULL); -+ tor_tls_block_renegotiation(tls); - - if (connection_tls_finish_handshake(conn) < 0) { - /* XXXX_TLS double-check that it's ok to do this from inside read. */ -@@ -1045,6 +1046,7 @@ connection_tls_finish_handshake(or_connection_t *conn) - connection_or_init_conn_from_address(conn, &conn->_base.addr, - conn->_base.port, digest_rcvd, 0); - } -+ tor_tls_block_renegotiation(conn->tls); - return connection_or_set_state_open(conn); - } else { - conn->_base.state = OR_CONN_STATE_OR_HANDSHAKING;