[tor-bugs] #6465 [Tor Relay]: Build abstraction layer around TLS
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Sep 19 16:41:20 UTC 2012
#6465: Build abstraction layer around TLS
-----------------------+----------------------------------------------------
Reporter: andrea | Owner: andrea
Type: project | Status: needs_review
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor Relay | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by andrea):
Responses to part 4 (points in potential need of further discussion):
> The removal of stats_n_vpadding_cells_processed and
> stats_n_padding_cells_processed is a little worrisome; those cell types
are
> still real, generic cell types. Must investigate to make sure they're
still
> handled right. I think these probably need to go back in command.c
Those ended up in channeltls.c; those are generic enough we should have
them in
command.c, you think?
> Oh, a subtle point I should have added to the list of stuff I worry
about:
> I worry about making sure that there can be no data on the TLS
connection
> before the handshake, and no data on the TLS connection before the
VERSIONS
> cell. If anything gets sent first, the connection needs to close.
See channel_tls_handle_cell() in channeltls.c; we set handshaking =
(TO_CONN(conn)->state != OR_CONN_STATE_OPEN), which was the same test
used in the old command_process_cell(), and then if we see anything other
than NETINFO or VERSIONS with that true we kill the connection.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6465#comment:35>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list