From: Martin Peck <coder@peertech.org>
Date: Fri, 4 Dec 2009 19:25:08 +0000 (-0500)
Subject: Improved workaround for disabled OpenSSL renegotiation.
X-Git-Tag: tor-0.2.1.21~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3a2d677fa70be56054dcabb43a88cab75500e162;p=thirdparty%2Ftor.git

Improved workaround for disabled OpenSSL renegotiation.

It turns out that OpenSSL 0.9.8m is likely to take a completely
different approach for reenabling renegotiation than OpenSSL 0.9.8l
did, so we need to work with both. :p   Fixes bug 1158.

(patch by coderman; commit message by nickm)
---

diff --git a/src/common/tortls.c b/src/common/tortls.c
index bcc6780a65..5b323267c1 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -565,6 +565,18 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
 #ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
   SSL_CTX_set_options(result->ctx,
                       SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
+#endif
+#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+  /* Yes, we know what we are doing here.  No, we do not treat a renegotiation
+   * as authenticating any earlier-received data.
+   *
+   * (OpenSSL 0.9.8l introdeced SSL3_FLAGS_ALLOW_UNSAGE_LEGACY_RENEGOTIATION
+   * here.  OpenSSL 0.9.8m thoughtfully turned it into an option and (it
+   * seems) broke anything that used SSL3_FLAGS_* for the purpose.  So we need
+   * to do both.)
+   */
+  SSL_CTX_set_options(result->ctx,
+                      SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
 #endif
   /* Don't actually allow compression; it uses ram and time, but the data
    * we transmit is all encrypted anyway. */