Set OpenSSL 0.9.8l renegotiation flag early enough for bufferevents

This seems to fix another case of bug2001.

src/common/tortls.c

@@ -863,6 +863,10 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val)
 
     if (tls) {
       tls->wasV2Handshake = 1;
+#ifdef USE_BUFFEREVENTS
+      if (use_unsafe_renegotiation_flag)
+        tls->ssl->s3->flags |= SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+#endif
     } else {
       log_warn(LD_BUG, "Couldn't look up the tls for an SSL*. How odd!");
     }
@@ -1071,6 +1075,18 @@ tor_tls_block_renegotiation(tor_tls_t *tls)
   tls->ssl->s3->flags &= ~SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
 }
 
+void
+tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls)
+{
+  if (use_unsafe_renegotiation_flag) {
+    tor_assert(0 != (tls->ssl->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION));
+  }
+  if (use_unsafe_renegotiation_op) {
+    long options = SSL_get_options(tls->ssl);
+    tor_assert(0 != (options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION));
+  }
+}
+
 /** Return whether this tls initiated the connect (client) or
  * received it (server). */
 int
@@ -1752,6 +1768,10 @@ tor_tls_init_bufferevent(tor_tls_t *tls, struct bufferevent *bufev_in,
                                        state,
                                        BEV_OPT_DEFER_CALLBACKS);
 #endif
+  /* Unblock _after_ creating the bufferevent, since accept/connect tend to
+   * clear flags. */
+  tor_tls_unblock_renegotiation(tls);
+
   return out;
 }
 #endif

src/common/tortls.h

@@ -68,6 +68,7 @@ int tor_tls_finish_handshake(tor_tls_t *tls);
 int tor_tls_renegotiate(tor_tls_t *tls);
 void tor_tls_unblock_renegotiation(tor_tls_t *tls);
 void tor_tls_block_renegotiation(tor_tls_t *tls);
+void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
 int tor_tls_shutdown(tor_tls_t *tls);
 int tor_tls_get_pending_bytes(tor_tls_t *tls);
 size_t tor_tls_get_forced_write_size(tor_tls_t *tls);