[tor-bugs] #4587 [Tor Client]: Bugs in tor_tls_got_client_hello()
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Nov 29 05:14:49 UTC 2011
#4587: Bugs in tor_tls_got_client_hello()
------------------------+---------------------------------------------------
Reporter: Sebastian | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by troll_un):
Replying to [comment:15 troll_un]:
> Replying to [comment:12 asn]:
> > Hm, looking at #4594. Do you think we can get the correct count of
handshakes by only counting them in `SSL3_ST_SR_CLNT_HELLO_A`?
> For distinguish reneg req only you need another logic (not depends of
state during callbacks).
Actually, You could detect parasitic hello instead of try to detect
correct count of handshakes (in other words all that not a parasitic hello
will be reneg request).
You need to remember the ssl->state for each callback and then to compare
previous state and current state. Working condition could be looks like:
{{{
if ((prev == SSL3_ST_SR_CERT_A || prev == SSL3_ST_SR_CERT_B) &&
curr == SSL3_ST_SR_CLNT_HELLO_C) { /* parasitic hello detected */
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4587#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list