diff --git a/src/common/tortls.c b/src/common/tortls.c index 62d34f7ff3..65c26cc515 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1323,21 +1323,17 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address) return 1; } -/** We got an SSL ClientHello message. This might mean that the - * client wants to initiate a renegotiation and appropriate actions - * must be taken. */ +/** We sent the ServerHello part of an SSL handshake. This might mean + * that we completed a renegotiation and appropriate actions must be + * taken. */ static void -tor_tls_got_client_hello(tor_tls_t *tls) +tor_tls_got_server_hello(tor_tls_t *tls) { if (tls->server_handshake_count < 3) ++tls->server_handshake_count; if (tls->server_handshake_count == 2) { - if (!tls->negotiated_callback) { - log_warn(LD_BUG, "Got a renegotiation request but we don't" - " have a renegotiation callback set!"); - } - + tor_assert(tls->negotiated_callback); tls->got_renegotiate = 1; } @@ -1380,8 +1376,8 @@ tor_tls_state_changed_callback(const SSL *ssl, int type, int val) if (type == SSL_CB_ACCEPT_LOOP && ssl->state == SSL3_ST_SW_SRVR_HELLO_A) { - /* Call tor_tls_got_client_hello() for every SSL ClientHello we - receive. */ + /* Call tor_tls_got_server_hello() for every SSL ServerHello we + send. */ tor_tls_t *tls = tor_tls_get_by_ssl(ssl); if (!tls) { @@ -1389,7 +1385,7 @@ tor_tls_state_changed_callback(const SSL *ssl, int type, int val) return; } - tor_tls_got_client_hello(tls); + tor_tls_got_server_hello(tls); } #endif @@ -1660,10 +1656,8 @@ tor_tls_read(tor_tls_t *tls, char *cp, size_t len) #ifdef V2_HANDSHAKE_SERVER if (tls->got_renegotiate) { - if (tls->server_handshake_count != 2) { - log_warn(LD_BUG, "We did not notice renegotiation in a timely fashion (%u)!", - tls->server_handshake_count); - } + tor_assert(tls->server_handshake_count == 2); + /* XXX tor_assert(err == TOR_TLS_WANTREAD); */ /* Renegotiation happened! */ log_info(LD_NET, "Got a TLS renegotiation from %s", ADDR(tls));