diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-05-10 15:55:12 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-05-10 15:55:12 -0400 |
| commit | 62f8e3926d62ff4aaefedfe89355f04f3a8d74fa (patch) | |
| tree | c6289a9175a5e9b74603918781de07e50f67c601 | |
| parent | 0b1a334842f632b935d0b23757722d06bd145724 (diff) | |
| parent | f0212197cccf461e431d6807a94ea0fdc411e179 (diff) | |
| download | tor-62f8e3926d62ff4aaefedfe89355f04f3a8d74fa.tar.gz tor-62f8e3926d62ff4aaefedfe89355f04f3a8d74fa.zip | |
Merge remote-tracking branch 'public/bug4591'
| -rw-r--r-- | changes/bug4591 | 6 | ||||
| -rw-r--r-- | src/common/tortls.c | 4 |
2 files changed, 9 insertions, 1 deletions
diff --git a/changes/bug4591 b/changes/bug4591 new file mode 100644 index 0000000000..59b25a5252 --- /dev/null +++ b/changes/bug4591 @@ -0,0 +1,6 @@ + o Minor bugfixes: + - If the client fails to set a reasonable set of ciphersuites + during its v2 handshake renegotiation, allow the renegotiation + to continue nevertheless (i.e., send all the required + certificates). Fix for bug 4591; bugfix on 0.2.0.20-rc. + diff --git a/src/common/tortls.c b/src/common/tortls.c index cffba2e6ce..12d982defb 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1370,7 +1370,9 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val) /* Now check the cipher list. */ if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) { - /*XXXX_TLS keep this from happening more than once! */ + if (tls->wasV2Handshake) + return; /* We already turned this stuff off for the first handshake; + * This is a renegotiation. */ /* Yes, we're casting away the const from ssl. This is very naughty of us. * Let's hope openssl doesn't notice! */ |