#28973: Disable TLS1.3 when openssl bug 7712 is present
-------------------------------------------------+-------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status:
| needs_review
Priority: High | Milestone: Tor:
| 0.4.0.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.4.9
Severity: Normal | Resolution:
Keywords: 033-backport 034-backport | Actual Points:
035-backport |
Parent ID: #28616 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by nickm):
* status: accepted => needs_review
* keywords: => 033-backport 034-backport 035-backport
Comment:
I made branch `ticket28973_033` to test a fix here; it should also merge
cleanly into 0.3.4, 0.3.5, and 0.4.0.
I expect that a few warnings will still happen with this branch: it waits
for the bug to happen once before disabling TLS 1.3, by which point other
TLS 1.3 connections may already be in progress.
I have tested this branch with a good OpenSSL version, but not with
openssl 1.1.1a: I hope somebody else can do that.
Only servers will encounter this issue.
There is a github PR at https://github.com/torproject/tor/pull/625 .
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28973#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
