diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-11-29 19:15:40 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-11-29 19:15:40 -0500 |
| commit | 8bb23c7def49e5a090d337e56eee8398261d9fb6 (patch) | |
| tree | 38943d424308f6a904a924ab6774b28c5ed78032 | |
| parent | e718397880e47f7b194c5c05112df37eb0e86371 (diff) | |
| parent | e27a26d568a257cf350814a9abfa47d3b41ad9f3 (diff) | |
| download | tor-8bb23c7def49e5a090d337e56eee8398261d9fb6.tar.gz tor-8bb23c7def49e5a090d337e56eee8398261d9fb6.zip | |
Merge branch 'bug4587_v2'
| -rw-r--r-- | src/common/tortls.c | 2 | ||||
| -rw-r--r-- | src/or/connection_or.c | 17 |
2 files changed, 7 insertions, 12 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index a6947c87d8..18f2684707 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1573,7 +1573,6 @@ tor_tls_set_renegotiate_callbacks(tor_tls_t *tls, tls->excess_renegotiations_callback = cb2; tls->callback_arg = arg; tls->got_renegotiate = 0; - SSL_set_info_callback(tls->ssl, tor_tls_state_changed_callback); } /** If this version of openssl requires it, turn on renegotiation on @@ -1777,7 +1776,6 @@ tor_tls_finish_handshake(tor_tls_t *tls) { int r = TOR_TLS_DONE; if (tls->isServer) { - SSL_set_info_callback(tls->ssl, NULL); SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb); /* There doesn't seem to be a clear OpenSSL API to clear mode flags. */ tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 246b08ad77..e178f3a8c0 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -42,6 +42,7 @@ static int connection_or_check_valid_tls_handshake(or_connection_t *conn, char *digest_rcvd_out); static void connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn); +static void connection_or_close_connection_cb(void *_conn); #ifdef USE_BUFFEREVENTS static void connection_or_handle_event_cb(struct bufferevent *bufev, @@ -1099,12 +1100,16 @@ connection_tls_start_handshake(or_connection_t *conn, int receiving) conn->_base.state = OR_CONN_STATE_TLS_HANDSHAKING; tor_assert(!conn->tls); conn->tls = tor_tls_new(conn->_base.s, receiving); - tor_tls_set_logged_address(conn->tls, // XXX client and relay? - escaped_safe_str(conn->_base.address)); if (!conn->tls) { log_warn(LD_BUG,"tor_tls_new failed. Closing."); return -1; } + tor_tls_set_logged_address(conn->tls, // XXX client and relay? + escaped_safe_str(conn->_base.address)); + tor_tls_set_renegotiate_callbacks(conn->tls, + connection_or_tls_renegotiated_cb, + connection_or_close_connection_cb, + conn); #ifdef USE_BUFFEREVENTS if (connection_type_uses_bufferevent(TO_CONN(conn))) { const int filtering = get_options()->_UseFilteringSSLBufferevents; @@ -1230,10 +1235,6 @@ connection_tls_continue_handshake(or_connection_t *conn) /* v2/v3 handshake, but not a client. */ log_debug(LD_OR, "Done with initial SSL handshake (server-side). " "Expecting renegotiation or VERSIONS cell"); - tor_tls_set_renegotiate_callbacks(conn->tls, - connection_or_tls_renegotiated_cb, - connection_or_close_connection_cb, - conn); conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; connection_stop_writing(TO_CONN(conn)); connection_start_reading(TO_CONN(conn)); @@ -1294,10 +1295,6 @@ connection_or_handle_event_cb(struct bufferevent *bufev, short event, } else if (tor_tls_get_num_server_handshakes(conn->tls) == 1) { /* v2 or v3 handshake, as a server. Only got one handshake, so * wait for the next one. */ - tor_tls_set_renegotiate_callbacks(conn->tls, - connection_or_tls_renegotiated_cb, - connection_or_close_connection_cb, - conn); conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; /* return 0; */ return; /* ???? */ |