diff options
author | Nick Mathewson <nickm@torproject.org> | 2007-12-01 08:09:46 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2007-12-01 08:09:46 +0000 |
commit | 1789f94668f8da029d18efb51bc3d0652488f706 (patch) | |
tree | eda08e0e6866bd45859f43acb422efe595e3f918 /src/or | |
parent | f8df8d791e4a58ab65d8903a0522b4cfa55cc163 (diff) | |
download | tor-1789f94668f8da029d18efb51bc3d0652488f706.tar.gz tor-1789f94668f8da029d18efb51bc3d0652488f706.zip |
r15087@tombo: nickm | 2007-11-30 22:32:26 -0500
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation. None of this is enabled unless you define V2_HANDSHAKE_SERVER.
svn:r12622
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/command.c | 19 | ||||
-rw-r--r-- | src/or/connection_or.c | 2 | ||||
-rw-r--r-- | src/or/or.h | 5 |
3 files changed, 14 insertions, 12 deletions
diff --git a/src/or/command.c b/src/or/command.c index b882878ee1..41c0c1112b 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -38,8 +38,10 @@ static void command_process_destroy_cell(cell_t *cell, or_connection_t *conn); static void command_process_versions_cell(var_cell_t *cell, or_connection_t *conn); static void command_process_netinfo_cell(cell_t *cell, or_connection_t *conn); +#if 0 static void command_process_cert_cell(var_cell_t *cell, or_connection_t *conn); static void command_process_link_auth_cell(cell_t *cell,or_connection_t *conn); +#endif #ifdef KEEP_TIMING_STATS /** This is a wrapper function around the actual function that processes the @@ -151,13 +153,6 @@ command_process_cell(cell_t *cell, or_connection_t *conn) ++stats_n_netinfo_cells_processed; PROCESS_CELL(netinfo, cell, conn); break; - case CELL_CERT: - tor_fragile_assert(); - break; - case CELL_LINK_AUTH: - ++stats_n_link_auth_cells_processed; - PROCESS_CELL(link_auth, cell, conn); - break; default: log_fn(LOG_INFO, LD_PROTOCOL, "Cell of unknown type (%d) received. Dropping.", cell->command); @@ -201,10 +196,6 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn) ++stats_n_versions_cells_processed; PROCESS_CELL(versions, cell, conn); break; - case CELL_CERT: - ++stats_n_cert_cells_processed; - PROCESS_CELL(cert, cell, conn); - break; default: log_warn(LD_BUG, "Variable-length cell of unknown type (%d) received.", @@ -484,6 +475,8 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn) conn->link_proto = highest_supported_version; conn->handshake_state->received_versions = 1; +#if 0 + /*XXXX020 not right; references dead functions */ if (highest_supported_version >= 2) { if (connection_or_send_netinfo(conn) < 0 || connection_or_send_cert(conn) < 0) { @@ -495,6 +488,7 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn) } else { /* XXXX020 finish v1 verification. */ } +#endif } /** Process a 'netinfo' cell. DOCDOC say more. */ @@ -612,6 +606,7 @@ connection_or_act_on_netinfo(or_connection_t *conn) return 0; } +#if 0 /*DOCDOC*/ static void command_process_cert_cell(var_cell_t *cell, or_connection_t *conn) @@ -780,4 +775,4 @@ command_process_link_auth_cell(cell_t *cell, or_connection_t *conn) tor_free(checked); connection_mark_for_close(TO_CONN(conn)); } - +#endif diff --git a/src/or/connection_or.c b/src/or/connection_or.c index c3f2774b49..d7fa2dbb3e 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1057,6 +1057,7 @@ connection_or_send_netinfo(or_connection_t *conn) return 0; } +#if 0 #define LINK_AUTH_STRING "Tor initiator certificate verification" /** DOCDOC */ int @@ -1166,4 +1167,5 @@ connection_or_send_link_auth(or_connection_t *conn) return 0; } +#endif diff --git a/src/or/or.h b/src/or/or.h index 261c582d71..edaeaf9f7f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -656,12 +656,17 @@ typedef enum { #define CELL_CREATED_FAST 6 #define CELL_VERSIONS 7 #define CELL_NETINFO 8 +#if 0 #define CELL_CERT 9 #define CELL_LINK_AUTH 10 +#endif #define CELL_RELAY_EARLY 11 /*DOCDOC*/ +#if 0 #define CELL_COMMAND_IS_VAR_LENGTH(x) \ ((x) == CELL_CERT || (x) == CELL_VERSIONS) +#endif +#define CELL_COMMAND_IS_VAR_LENGTH(x) ((x) == CELL_VERSIONS) /** How long to test reachability before complaining to the user. */ #define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60) |