Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2

2024-09-21 05:26:20 +02:00 · 2010-11-21 14:33:11 -05:00 · 2010-11-21 14:33:11 -05:00 · 2bd64f9e8f
commit 2bd64f9e8f
parent a33b338c5b a9d2148f53
2 changed files with 8 additions and 1 deletions
--- a/changes/fix2204
+++ b/changes/fix2204
@ -0,0 +1,7 @@
+  o Major bugfixes
+    - Do not set the tlsext_host_name extension on server SSL objects;
+      only on client SSL objects.  We set it to immitate a browser, not a
+      vhosting server. This resolves an incompatibility with openssl 0.9.8p
+      and openssl 1.0.0b.  Fixes bug 2204; bugfix on 0.2.1.1-alpha.
+
+
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@ -1027,7 +1027,7 @@ tor_tls_new(int sock, int isServer)

 #ifdef SSL_set_tlsext_host_name
  /* Browsers use the TLS hostname extension, so we should too. */
-  {
+  if (!isServer) {
    char *fake_hostname = crypto_random_hostname(4,25, "www.",".com");
    SSL_set_tlsext_host_name(result->ssl, fake_hostname);
    tor_free(fake_hostname);