Merge origin/maint-0.2.2 for 6007_strict

This code shouldn't have any effect in 0.2.3, since we already accept (and handle) data received while we are expecting a renegotiation. (That's because the 0.2.3.x handshake _does_ have data there instead of the renegotiation.) I'm leaving it in anyway, since if it breaks anything, we'll want it broken in master too so we can find out about it. I added an XXX023 comment so that we can come back later and fix that.
author: Nick Mathewson <nickm@torproject.org> 2012-06-04 11:47:36 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-06-04 11:47:36 -0400
commit: 41e8bee188571ca61c2f5628ea99dff34343d673 (patch)
tree: e6055eb8b470fad84f384197d9876392d0570a09 /changes
parent: 329e1c65d3c73ad7b3b4cdaa870dd04fd7fb01b7 (diff)
parent: 491dc3a601d7c2610503f73192bd1a40bcb37ab2 (diff)
download: tor-41e8bee188571ca61c2f5628ea99dff34343d673.tar.gz
tor-41e8bee188571ca61c2f5628ea99dff34343d673.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug6007 b/changes/bug6007
new file mode 100644
index 0000000000..4e815754aa
--- /dev/null
+++ b/changes/bug6007
@@ -0,0 +1,5 @@
+  o Major bugfixes (security):
+    - When waiting for a client to renegotiate, don't allow it to add
+      any bytes to the input buffer. This fixes a DoS issue. Fix for
+      bugs 6007 and 5934; bugfix on 0.2.0.20-rc.
+
author	Nick Mathewson <nickm@torproject.org>	2012-06-04 11:47:36 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-06-04 11:47:36 -0400
commit	41e8bee188571ca61c2f5628ea99dff34343d673 (patch)
tree	e6055eb8b470fad84f384197d9876392d0570a09 /changes
parent	329e1c65d3c73ad7b3b4cdaa870dd04fd7fb01b7 (diff)
parent	491dc3a601d7c2610503f73192bd1a40bcb37ab2 (diff)
download	tor-41e8bee188571ca61c2f5628ea99dff34343d673.tar.gz tor-41e8bee188571ca61c2f5628ea99dff34343d673.zip