[tor-bugs] #11500 [Tor]: tor_tls_classify_client_ciphers() returns CIPHERS_UNRESTRICTED even if client sent old V2 cipher list and don't support all ciphers

[Tor Bug Tracker & Wiki]

#11500: tor_tls_classify_client_ciphers() returns CIPHERS_UNRESTRICTED even if
client sent old V2 cipher list and don't support all ciphers
-------------------------+------------------------------------
 Reporter:  cypherpunks  |          Owner:
     Type:  defect       |         Status:  new
 Priority:  normal       |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:
 Keywords:  tor-relay    |  Actual Points:
Parent ID:               |         Points:
-------------------------+------------------------------------
 tor_tls_classify_client_ciphers() returns CIPHERS_UNRESTRICTED even if
 CIPHERS_V2 should be returned.

 After prune v2_cipher_list to remove the ciphers server side don't
 recognize it will remove at least `0xfeff` that is
 SSL3_TXT_RSA_FIPS_WITH_3DES_EDE_CBC_SHA.
 So v2_cipher_list ends:
   ...
   0xc003, /* TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA */
   0x000a, /* SSL3_TXT_RSA_DES_192_CBC3_SHA */

 While peer sent cipher list that ends:
   ...
   0xc003, /* TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA */
   0xfeff, /* SSL3_TXT_RSA_FIPS_WITH_3DES_EDE_CBC_SHA */
   0x000a, /* SSL3_TXT_RSA_DES_192_CBC3_SHA */

 {{{
     const uint16_t *v2_cipher = v2_cipher_list;
     for (i = 0; i < sk_SSL_CIPHER_num(peer_ciphers); ++i) {
       SSL_CIPHER *cipher = sk_SSL_CIPHER_value(peer_ciphers, i);
       uint16_t id = cipher->id & 0xffff;
       if (id == 0x00ff) /* extended renegotiation indicator. */
         continue;
       if (!id || id != *v2_cipher) {
         res = CIPHERS_UNRESTRICTED;
         goto dump_ciphers;
 }}}
 Then 0xfeff (from peer_ciphers) != 0x000a (from pruned list)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11500>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online