nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support

Browse Source 
It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it
decides to renegotiate, the client will send a record with version "1.0"
rather than with the current TLS version.  This would cause the
connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor
handshake was in use.

As a workaround, disable TLS 1.1 and TLS 1.2.  When a later version of
OpenSSL is released, we can make this conditional on running a fixed
version of OpenSSL.

Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client
side.  But doing it this way for now means that we not only fix TLS with
patched clients; we also fix TLS when the server has this patch and the
client does not.  That could be important to keep the network running
well.

Fixes bug 6033.
This commit is contained in:
Nick Mathewson 2012-06-02 20:05:32 -04:00
parent 75fc4dbbca
commit 841a8d551a
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
changes/bug6033 Normal file
View File

@ -0,0 +1,6 @@
o Major bugfixes:
- Work around a bug in OpenSSL that broke renegotiation with
TLS 1.1 and TLS 1.2. Without this workaround, all attempts
to speak the v2 Tor network protocol when both sides were
using OpenSSL 1.0.1 would fail. Fix for bug 6033, which is
not a bug in Tor.

15
src/common/tortls.c
View File

@ -790,6 +790,21 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
goto error;
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
/* Disable TLS1.1 and TLS1.2 if they exist. We need to do this to
* workaround a bug present in all OpenSSL 1.0.1 versions (as of 1
* June 2012), wherein renegotiating while using one of these TLS
* protocols will cause the client to send a TLS 1.0 ServerHello
* rather than a ServerHello written with the appropriate protocol
* version. Once some version of OpenSSL does TLS1.1 and TLS1.2
* renegotiation properly, we can turn them back on when built with
* that version. */
#ifdef SSL_OP_NO_TLSv1_2
SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_2);
#endif
#ifdef SSL_OP_NO_TLSv1_1
SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_1);
#endif
if (
#ifdef DISABLE_SSL3_HANDSHAKE
1 ||