diff options
Diffstat (limited to 'src/common/tortls.c')
| -rw-r--r-- | src/common/tortls.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index a6947c87d8..b4d81de2f3 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1339,9 +1339,16 @@ tor_tls_got_client_hello(tor_tls_t *tls) tls->excess_renegotiations_callback) { /* We got more than one renegotiation requests. The Tor protocol needs just one renegotiation; more than that probably means - They are trying to DoS us and we have to stop them. */ - - tls->excess_renegotiations_callback(tls->callback_arg); + They are trying to DoS us and we have to stop them. We can't + close their connection from in here since it's an OpenSSL + callback, so we set a libevent timer that triggers in the next + event loop and closes the connection. */ + + if (tor_run_in_libevent_loop(tls->excess_renegotiations_callback, + tls->callback_arg) < 0) { + log_warn(LD_GENERAL, "Didn't manage to set a renegotiation " + "limiting callback."); + } } /* Now check the cipher list. */ |