[tor-bugs] #22961 [Core Tor/Tor]: Should tor-spec say that nodes MUST NOT use TLS compression?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 18 09:10:49 UTC 2017
#22961: Should tor-spec say that nodes MUST NOT use TLS compression?
-------------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-spec security | Actual Points:
Parent ID: #18856 | Points:
Reviewer: | Sponsor:
-------------------------------+------------------------------------
Comment (by yawning):
Yes, because that's what the code does:
{{{
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(result->ctx, SSL_OP_NO_COMPRESSION);
#endif
#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
#ifndef OPENSSL_NO_COMP
/* Don't actually allow compression; it uses ram and time, but the data
* we transmit is all encrypted anyway. */
if (result->ctx->comp_methods)
result->ctx->comp_methods = NULL;
#endif
#endif
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22961#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list