[tor-bugs] #2204 [Tor Relay]: Recent openssls (1.0.0b and 0.9.8p) break relay handshakes
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Nov 21 00:32:55 UTC 2010
#2204: Recent openssls (1.0.0b and 0.9.8p) break relay handshakes
--------------------------------+-------------------------------------------
Reporter: stars | Type: defect
Status: new | Priority: critical
Milestone: Tor: 0.2.1.x-final | Component: Tor Relay
Version: | Keywords:
Parent: |
--------------------------------+-------------------------------------------
Comment(by Sebastian):
Here a few quick notes: This gets triggered by this call
{{{
result = tor_tls_handshake(conn->tls);
}}}
inside connection_tls_continue_handshake. In the client use case,
{{{
result = tor_tls_renegotiate(conn->tls);
}}}
doesn't trigger the issue.
The error we get is a decode error like it could be triggered by
{{{
+
if(s->session->tlsext_hostname)
+ {
+ *al =
SSL_AD_DECODE_ERROR;
+ return 0;
+ }
}}}
which is part of the openssl patch.
Typical Tor log line:
{{{
[info] connection_tls_continue_handshake(): tls error [unexpected close].
breaking connection.
[info] TLS error while handshaking with [scrubbed]: parse tlsext (in SSL
routines:SSL3_GET_CLIENT_HELLO)
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2204#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list