[tor-bugs] #3754 [TorBrowserButton]: SafeCache implementation breaks OCSP validation
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Sep 3 00:41:09 UTC 2011
#3754: SafeCache implementation breaks OCSP validation
---------------------------------------------+------------------------------
Reporter: gk | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone:
Component: TorBrowserButton | Version: Torbutton: 1.4
Keywords: MikePerryIterationFires20110911 | Parent:
Points: | Actualpoints:
---------------------------------------------+------------------------------
Comment(by mikeperry):
Ok, the string did not solve the issue...
Monitoring about:cache definitely shows that without safecache, the ocsp
requests are getting a postID prepended, and it is a very high value (the
internal use of mPostID increments starting from 0). Perhaps the OCSP
support is also abusing the cacheKey for internal use? But that still
doesn't explain why leaving it alone and appending a different string at
the end of the cache key makes a difference...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3754#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list