Merge remote-tracking branch 'origin/maint-0.2.3'

changes/bug7139

@@ -0,0 +1,9 @@
+  o Major bugfixes (security):
+
+    - Disable TLS session tickets.  OpenSSL's implementation were giving
+      our TLS session keys the lifetime of our TLS context objects, when
+      perfect forward secrecy would want us to discard anything that
+      could decrypt a link connection as soon as the link connection was
+      closed.  Fixes bug 7139; bugfix on all versions of Tor linked
+      against OpenSSL 1.0.0 or later. Found by "nextgens".
+

src/common/tortls.c

@@ -1190,6 +1190,14 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
 #ifdef SSL_OP_NO_TLSv1_1
   SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_1);
 #endif
+  /* Disable TLS tickets if they're supported.  We never want to use them;
+   * using them can make our perfect forward secrecy a little worse, *and*
+   * create an opportunity to fingerprint us (since it's unusual to use them
+   * with TLS sessions turned off).
+   */
+#ifdef SSL_OP_NO_TICKET
+  SSL_CTX_set_options(result->ctx, SSL_OP_NO_TICKET);
+#endif
 
   if (
 #ifdef DISABLE_SSL3_HANDSHAKE