[tor-bugs] #4594 [Tor Relay]: tor_tls_state_changed_callback(): detects of ClientHello is too late
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Nov 28 16:02:43 UTC 2011
#4594: tor_tls_state_changed_callback(): detects of ClientHello is too late
-----------------------+----------------------------------------------------
Reporter: troll_un | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version: Tor: 0.2.3.8-alpha
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by troll_un):
But early detect have no sense:
{{{
/* We got more than one renegotiation requests. The Tor protocol
needs just one renegotiation; more than that probably means
They are trying to DoS us and we have to stop them. We can't
close their connection from in here since it's an OpenSSL
callback, so we set a libevent timer that triggers in the next
event loop and closes the connection. */
if (tor_run_in_libevent_loop(tls->excess_renegotiations_callback,
tls->callback_arg) < 0) {
log_warn(LD_GENERAL, "Didn't manage to set a renegotiation "
"limiting callback.");
}
}}}
Server anyway continues handshaking while looping ssl3_accept() and sends
hellos and key stuff and anything that it can to do for nonblocking io.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4594#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list