[tor-bugs] #6465 [Tor Relay]: Build abstraction layer around TLS

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Sep 19 16:41:20 UTC 2012


#6465: Build abstraction layer around TLS
-----------------------+----------------------------------------------------
 Reporter:  andrea     |          Owner:  andrea            
     Type:  project    |         Status:  needs_review      
 Priority:  major      |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Relay  |        Version:  Tor: unspecified  
 Keywords:             |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by andrea):

 Responses to part 4 (points in potential need of further discussion):

 > The removal of stats_n_vpadding_cells_processed and
 > stats_n_padding_cells_processed is a little worrisome; those cell types
 are
 > still real, generic cell types. Must investigate to make sure they're
 still
 > handled right. I think these probably need to go back in command.c

 Those ended up in channeltls.c; those are generic enough we should have
 them in
 command.c, you think?

 > Oh, a subtle point I should have added to the list of stuff I worry
 about:
 > I worry about making sure that there can be no data on the TLS
 connection
 > before the handshake, and no data on the TLS connection before the
 VERSIONS
 > cell. If anything gets sent first, the connection needs to close.

 See channel_tls_handle_cell() in channeltls.c; we set handshaking =
 (TO_CONN(conn)->state != OR_CONN_STATE_OPEN), which was the same test
 used in the old command_process_cell(), and then if we see anything other
 than NETINFO or VERSIONS with that true we kill the connection.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6465#comment:35>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list