From f0212197cccf461e431d6807a94ea0fdc411e179 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 27 Apr 2012 12:13:56 -0400
Subject: Only disable cert chaining on the first TLS handshake

If the client uses a v2 cipherlist on the renegotiation handshake,
it looks as if they could fail to get a good cert chain from the
server, since they server would re-disable certificate chaining.

This patch makes it so the code that make the server side of the
first v2 handshake special can get called only once.

Fix for 4591; bugfix on 0.2.0.20-rc.
---
 src/common/tortls.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/common')

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 4c9d2188d..abdd411df 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -965,7 +965,9 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val)
 
   /* Now check the cipher list. */
   if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) {
-    /*XXXX_TLS keep this from happening more than once! */
+    if (tls->wasV2Handshake)
+      return; /* We already turned this stuff off for the first handshake;
+               * This is a renegotiation. */
 
     /* Yes, we're casting away the const from ssl.  This is very naughty of us.
      * Let's hope openssl doesn't notice! */
-- 
cgit v1.2.3