commit db1664e5932ae0435b23c2ca92e74f3a5c64c1f8 Author: Nick Mathewson nickm@torproject.org Date: Mon Jul 24 14:15:40 2017 -0400

Improve comment about why we disable TLS compression.

Closes bug 22964. Based on Teor's replacement there, but tries to put the comment in a more logical place, and explain why we're actually disabling compression in the first place. --- src/common/tortls.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c index 44db3aec5..dfc85ee31 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1174,17 +1174,20 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, SSL_CTX_set_options(result->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); } + + /* Don't actually allow compression; it uses RAM and time, it makes TLS + * vulnerable to CRIME-style attacks, and most of the data we transmit over + * TLS is encrypted (and therefore uncompressible) anyway. */ #ifdef SSL_OP_NO_COMPRESSION SSL_CTX_set_options(result->ctx, SSL_OP_NO_COMPRESSION); #endif #if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) #ifndef OPENSSL_NO_COMP - /* Don't actually allow compression; it uses ram and time, but the data - * we transmit is all encrypted anyway. */ if (result->ctx->comp_methods) result->ctx->comp_methods = NULL; #endif #endif + #ifdef SSL_MODE_RELEASE_BUFFERS SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS); #endif