[tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Jun 2 23:59:21 UTC 2012
#6033: Tor v2 handshake does not work with openssl 1.0.1
------------------------+---------------------------------------------------
Reporter: murble | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.2.x-final
Component: Tor Bridge | Version: Tor: 0.2.3.15-alpha
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by marshray):
I have reproed the problem and attached a packet capture.
Packets 4 and 6 show TLS 1.1 being negotiated successfully.
Packet 11 is an encrypted handshake message that is the client initiated
renegotiation. However, note that the record layer version has jumped
backwards from 1.1 to 1.0. It's expected that the initial Client Hello
will have a record layer version of TLS 1.0 because the client doesn't
know if the server supports anything higher. But once encryption has
started, it's not OK for the client to change the record layer version
because that would change the encryption format and the server wouldn't be
able to decode it. I believe this behavior is against RFC 5246.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6033#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list