Merge remote-tracking branch 'public/bug4591'

This commit is contained in:
Nick Mathewson 2012-05-10 15:55:12 -04:00
commit 62f8e3926d
2 changed files with 9 additions and 1 deletions

6
changes/bug4591 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes:
- If the client fails to set a reasonable set of ciphersuites
during its v2 handshake renegotiation, allow the renegotiation
to continue nevertheless (i.e., send all the required
certificates). Fix for bug 4591; bugfix on 0.2.0.20-rc.

View File

@ -1370,7 +1370,9 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val)
/* Now check the cipher list. */ /* Now check the cipher list. */
if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) { if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) {
/*XXXX_TLS keep this from happening more than once! */ if (tls->wasV2Handshake)
return; /* We already turned this stuff off for the first handshake;
* This is a renegotiation. */
/* Yes, we're casting away the const from ssl. This is very naughty of us. /* Yes, we're casting away the const from ssl. This is very naughty of us.
* Let's hope openssl doesn't notice! */ * Let's hope openssl doesn't notice! */