[tor-bugs] #4592 [Tor Relay]: tor_tls_server_info_callback(): SSL3_ST_SW_SRVR_HELLO_B missed.

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Dec 8 04:27:29 UTC 2011

#4592: tor_tls_server_info_callback(): SSL3_ST_SW_SRVR_HELLO_B missed.
    Reporter:  troll_un   |       Owner:                    
        Type:  defect     |      Status:  new               
    Priority:  normal     |   Milestone:  Tor: 0.2.2.x-final
   Component:  Tor Relay  |     Version:  Tor:     
  Resolution:             |    Keywords:                    
      Parent:  #4668      |      Points:                    
Actualpoints:             |  

Comment(by asn):

 This ticket applies to current code, but I was naughty and set its parent
 to #4668.

 As far as I can tell, it's not exploitable, and it hasn't disrupted v2
 handshake in real-life yet, otherwise we would have probably gotten bug
 reports with:
         log_warn(LD_BUG, "For some reason, wasV2Handshake didn't"
                  " get set. Fixing that.");

 A patch that might fix this bug or it might break it even further could

 if (!(((type == SSL_CB_ACCEPT_LOOP) && (ssl->state ==
      ((type == SSL_CB_ACCEPT_EXIT) && (ssl->state ==
 instead of the current:
   if (type != SSL_CB_ACCEPT_LOOP)
   if (ssl->state != SSL3_ST_SW_SRVR_HELLO_A)
 in `tor_tls_server_info_callback()`. I thought of this fix carelessly, and
 I'm not a good thinker, so we will probably need to re-think it when we
 actually fix this issue.

 We might want to fix this during 0.2.3.x or during 0.2.4.x along with the
 #4668 stuff.
 In any case, the fix will need to be adjusted to any #4594 fixes.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4592#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list