diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-12-06 19:49:20 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-12-06 19:49:20 -0500 |
| commit | 616b60cef39f78d8a6ebb984096ff0ec09a3021c (patch) | |
| tree | 67a55d954df61d3dfd370866d242cbf19fd44859 /src/or/connection_or.c | |
| parent | 53f535aeb863204470379b2da4631770fa10b13f (diff) | |
| download | tor-616b60cef39f78d8a6ebb984096ff0ec09a3021c.tar.gz tor-616b60cef39f78d8a6ebb984096ff0ec09a3021c.zip | |
Revert "Use callback-driven approach to block renegotiations."
This reverts commit 406ae1ba5ad529a4d0e710229dab6ed645d42b50.
Diffstat (limited to 'src/or/connection_or.c')
| -rw-r--r-- | src/or/connection_or.c | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/src/or/connection_or.c b/src/or/connection_or.c index ff696f8c31..992db9a40c 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1156,20 +1156,6 @@ connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn) } } -/** Invoked on the server side using a timer from inside - * tor_tls_got_client_hello() when the server receives excess - * renegotiation attempts; probably indicating a DoS. */ -static void -connection_or_close_connection_cb(evutil_socket_t fd, short what, void *_conn) -{ - or_connection_t *conn = _conn; - (void) what; - (void) fd; - - connection_stop_reading(TO_CONN(conn)); - connection_mark_for_close(TO_CONN(conn)); -} - /** Move forward with the tls handshake. If it finishes, hand * <b>conn</b> to connection_tls_finish_handshake(). * @@ -1216,9 +1202,8 @@ connection_tls_continue_handshake(or_connection_t *conn) /* v2/v3 handshake, but not a client. */ log_debug(LD_OR, "Done with initial SSL handshake (server-side). " "Expecting renegotiation or VERSIONS cell"); - tor_tls_set_renegotiate_callbacks(conn->tls, + tor_tls_set_renegotiate_callback(conn->tls, connection_or_tls_renegotiated_cb, - connection_or_close_connection_cb, conn); conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; connection_stop_writing(TO_CONN(conn)); @@ -1280,9 +1265,8 @@ connection_or_handle_event_cb(struct bufferevent *bufev, short event, } else if (tor_tls_get_num_server_handshakes(conn->tls) == 1) { /* v2 or v3 handshake, as a server. Only got one handshake, so * wait for the next one. */ - tor_tls_set_renegotiate_callbacks(conn->tls, + tor_tls_set_renegotiate_callback(conn->tls, connection_or_tls_renegotiated_cb, - connection_or_close_connection_cb, conn); conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; /* return 0; */ |