Even more conservative option-setting for SSL renegotiation.

This time, set the SSL3_FLAGS_ALLOW_UNSAFE_RENEGOTIATION flag on every
version before OpenSSL 0.9.8l.  I can confirm that the option value (0x0010)
wasn't reused until OpenSSL 1.0.0beta3.

1 files changed, 8 insertions, 2 deletions

diff --git a/src/common/tortls.c b/src/common/tortls.c
index f552f2162d..ddcb94ebe6 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -345,7 +345,7 @@ tor_tls_init(void)
      * OpenSSL 0.9.8l.
      *
      * No, we can't just set flag 0x0010 everywhere.  It breaks Tor with
-     * OpenSSL 1.0.0beta, since i.  No, we can't just set option
+     * OpenSSL 1.0.0beta3 and later.  No, we can't just set option
      * 0x00040000L everywhere: before 0.9.8m, it meant something else.
      *
      * No, we can't simply detect whether the flag or the option is present
@@ -358,7 +358,7 @@ tor_tls_init(void)
      */
     if (version >= 0x009080c0L && version < 0x009080d0L) {
       log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l; "
-                 "I will try SSL3_FLAGS  to enable renegotation.",
+                 "I will try SSL3_FLAGS to enable renegotation.",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_flag = 1;
       use_unsafe_renegotiation_op = 1;
@@ -367,6 +367,12 @@ tor_tls_init(void)
                  "I will try SSL_OP to enable renegotiation",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_op = 1;
+    } else if (version < 0x009080c0L) {
+      log_notice(LD_GENERAL, "OpenSSL %s [%lx] looks like it's older than "
+                 "0.9.8l, but some vendors have backported 0.9.8l's "
+                 "renegotiation code to earlier versions.  I'll set "
+                 "SSL3_FLAGS just to be safe.");
+      use_unsafe_renegotiation_flag = 1;
     } else {
       log_info(LD_GENERAL, "OpenSSL %s has version %lx",
                SSLeay_version(SSLEAY_VERSION), version);