[tor-commits] [tor/master] Change changes file and comment for 7189, for making it 0.2.4-only for now
nickm at torproject.org
nickm at torproject.org
Thu Oct 25 02:11:51 UTC 2012
commit a1c121e78e09ad29a60f1ed4ab1c8d1333bb4236
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Oct 24 22:11:43 2012 -0400
Change changes file and comment for 7189, for making it 0.2.4-only for now
---
changes/bug7189_server_only | 5 ++---
src/common/tortls.c | 8 ++++++--
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/changes/bug7189_server_only b/changes/bug7189_server_only
index 6c24621..9ad5ad9 100644
--- a/changes/bug7189_server_only
+++ b/changes/bug7189_server_only
@@ -1,5 +1,4 @@
o Minor bugfixes:
- Only disable TLS session ticket support when running as a TLS
- server. It's important for clients to remain hard to distinguish
- from regular firefox connections. Fixes bug 7189; bugfix on
- Tor 0.2.3.23-rc.
+ server. This keeps clients harder to distinguish from regular firefox
+ connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 3bb0581..1b7b544 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1193,8 +1193,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
/* Disable TLS tickets if they're supported. We never want to use them;
* using them can make our perfect forward secrecy a little worse, *and*
* create an opportunity to fingerprint us (since it's unusual to use them
- * with TLS sessions turned off). Clients need to advertise support for
- * them, though to avoid a TLS distinguishability vector.
+ * with TLS sessions turned off).
+ *
+ * In 0.2.4, clients advertise support for them, though to avoid a TLS
+ * distinguishability vector. This can give us worse PFS, though, if we
+ * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will
+ * be few such servers by the time 0.2.4 is more stable.
*/
#ifdef SSL_OP_NO_TICKET
if (! is_client) {
More information about the tor-commits
mailing list