tls and connection hacking

Roger Dingledine arma at mit.edu
Wed Feb 7 02:11:00 UTC 2007


On Wed, Feb 07, 2007 at 12:18:46AM +0100, robert schade wrote:
> Can anyone tell me how to properly connect to the tor or-port (mostly
> port 9001) so that tor accepts my connection, without telling me that I
> did not send a certificate.
> (I've already tried the standart tlsv1-client)
> 
> Why I need this:
> I'm trying to do a fuzz test on tor, but you have to make a valid tlsv1
> connection in order to fuzz the inner functions of tor.

If you're just trying to fuzz Tor, your easiest path might be to disable
the parts of Tor that get upset when you don't have the right certificate
chain.

See connection_or_check_valid_handshake() in connection_or.c

--Roger



More information about the tor-talk mailing list