tor/changes/bug4591
Nick Mathewson f0212197cc Only disable cert chaining on the first TLS handshake
If the client uses a v2 cipherlist on the renegotiation handshake,
it looks as if they could fail to get a good cert chain from the
server, since they server would re-disable certificate chaining.

This patch makes it so the code that make the server side of the
first v2 handshake special can get called only once.

Fix for 4591; bugfix on 0.2.0.20-rc.
2012-04-27 12:13:56 -04:00

7 lines
278 B
Plaintext

o Minor bugfixes:
- If the client fails to set a reasonable set of ciphersuites
during its v2 handshake renegotiation, allow the renegotiation
to continue nevertheless (i.e., send all the required
certificates). Fix for bug 4591; bugfix on 0.2.0.20-rc.