Merge remote-tracking branch 'public/ticket11150_client_only'

changes/11150

@@ -0,0 +1,6 @@
+  o Removed features:
+    - Remove client-side support for connecting to Tor servers running
+      versions of Tor before 0.2.3.6-alpha. These servers didn't
+      support the v3 TLS handshake protocol, and are no longer allowed
+      on the Tor network.  Implements the client side of ticket
+      11150. Based on patches by Tom van der Woerdt.

src/common/tortls.c

@@ -80,11 +80,6 @@
 #define X509_get_notAfter_const(cert) \
   ((const ASN1_TIME*) X509_get_notAfter((X509 *)cert))
 
-/* Enable the "v2" TLS handshake.
- */
-#define V2_HANDSHAKE_SERVER
-#define V2_HANDSHAKE_CLIENT
-
 /* Copied from or.h */
 #define LEGAL_NICKNAME_CHARACTERS \
   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
@@ -1129,23 +1124,6 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
   * historically been chosen for fingerprinting resistance. */
   SSL_CTX_set_options(result->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
 
-  /* Disable TLS1.1 and TLS1.2 if they exist.  We need to do this to
-   * workaround a bug present in all OpenSSL 1.0.1 versions (as of 1
-   * June 2012), wherein renegotiating while using one of these TLS
-   * protocols will cause the client to send a TLS 1.0 ServerHello
-   * rather than a ServerHello written with the appropriate protocol
-   * version.  Once some version of OpenSSL does TLS1.1 and TLS1.2
-   * renegotiation properly, we can turn them back on when built with
-   * that version. */
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,1,'e')
-#ifdef SSL_OP_NO_TLSv1_2
-  SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_2);
-#endif
-#ifdef SSL_OP_NO_TLSv1_1
-  SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_1);
-#endif
-#endif
-
   /* Disable TLS tickets if they're supported.  We never want to use them;
    * using them can make our perfect forward secrecy a little worse, *and*
    * create an opportunity to fingerprint us (since it's unusual to use them
@@ -1288,8 +1266,6 @@ tor_tls_get_ciphersuite_name(tor_tls_t *tls)
   return SSL_get_cipher(tls->ssl);
 }
 
-#ifdef V2_HANDSHAKE_SERVER
-
 /* Here's the old V2 cipher list we sent from 0.2.1.1-alpha up to
  * 0.2.3.17-beta. If a client is using this list, we can't believe the ciphers
  * that it claims to support.  We'll prune this list to remove the ciphers
@@ -1567,7 +1543,6 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val)
     }
   }
 }
-#endif
 
 /** Callback to get invoked on a server after we've read the list of ciphers
  * the client supports, but before we pick our own ciphersuite.
@@ -1677,12 +1652,9 @@ tor_tls_new(int sock, int isServer)
     log_warn(LD_NET, "Newly created BIO has read count %lu, write count %lu",
              result->last_read_count, result->last_write_count);
   }
-#ifdef V2_HANDSHAKE_SERVER
   if (isServer) {
     SSL_set_info_callback(result->ssl, tor_tls_server_info_callback);
-  } else
-#endif
-  {
+  } else {
     SSL_set_info_callback(result->ssl, tor_tls_debug_state_callback);
   }
 
@@ -1721,13 +1693,11 @@ tor_tls_set_renegotiate_callback(tor_tls_t *tls,
   tls->negotiated_callback = cb;
   tls->callback_arg = arg;
   tls->got_renegotiate = 0;
-#ifdef V2_HANDSHAKE_SERVER
   if (cb) {
     SSL_set_info_callback(tls->ssl, tor_tls_server_info_callback);
   } else {
     SSL_set_info_callback(tls->ssl, tor_tls_debug_state_callback);
   }
-#endif
 }
 
 /** If this version of openssl requires it, turn on renegotiation on
@@ -1814,7 +1784,6 @@ tor_tls_read,(tor_tls_t *tls, char *cp, size_t len))
   tor_assert(len<INT_MAX);
   r = SSL_read(tls->ssl, cp, (int)len);
   if (r > 0) {
-#ifdef V2_HANDSHAKE_SERVER
     if (tls->got_renegotiate) {
       /* Renegotiation happened! */
       log_info(LD_NET, "Got a TLS renegotiation from %s", ADDR(tls));
@@ -1822,7 +1791,6 @@ tor_tls_read,(tor_tls_t *tls, char *cp, size_t len))
         tls->negotiated_callback(tls, tls->callback_arg);
       tls->got_renegotiate = 0;
     }
-#endif
     return r;
   }
   err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_DEBUG, LD_NET);
@@ -1943,7 +1911,6 @@ tor_tls_finish_handshake(tor_tls_t *tls)
     SSL_set_info_callback(tls->ssl, NULL);
     SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb);
     SSL_clear_mode(tls->ssl, SSL_MODE_NO_AUTO_CHAIN);
-#ifdef V2_HANDSHAKE_SERVER
     if (tor_tls_client_is_using_v2_ciphers(tls->ssl)) {
       /* This check is redundant, but back when we did it in the callback,
        * we might have not been able to look up the tor_tls_t if the code
@@ -1958,26 +1925,10 @@ tor_tls_finish_handshake(tor_tls_t *tls)
     } else {
       tls->wasV2Handshake = 0;
     }
-#endif
   } else {
-#ifdef V2_HANDSHAKE_CLIENT
-    /* If we got no ID cert, we're a v2 handshake. */
-    X509 *cert = SSL_get_peer_certificate(tls->ssl);
-    STACK_OF(X509) *chain = SSL_get_peer_cert_chain(tls->ssl);
-    int n_certs = sk_X509_num(chain);
-    if (n_certs > 1 || (n_certs == 1 && cert != sk_X509_value(chain, 0))) {
-      log_debug(LD_HANDSHAKE, "Server sent back multiple certificates; it "
-                "looks like a v1 handshake on %p", tls);
-      tls->wasV2Handshake = 0;
-    } else {
-      log_debug(LD_HANDSHAKE,
-                "Server sent back a single certificate; looks like "
-                "a v2 handshake on %p.", tls);
-      tls->wasV2Handshake = 1;
-    }
-    if (cert)
-      X509_free(cert);
-#endif
+    /* Client-side */
+    tls->wasV2Handshake = 1;
+    /* XXXX this can move, probably? -NM */
     if (SSL_set_cipher_list(tls->ssl, SERVER_CIPHER_LIST) == 0) {
       tls_log_errors(NULL, LOG_WARN, LD_HANDSHAKE, "re-setting ciphers");
       r = TOR_TLS_ERROR_MISC;
@@ -1987,52 +1938,6 @@ tor_tls_finish_handshake(tor_tls_t *tls)
   return r;
 }
 
-#ifdef USE_BUFFEREVENTS
-/** Put <b>tls</b>, which must be a client connection, into renegotiation
- * mode. */
-int
-tor_tls_start_renegotiating(tor_tls_t *tls)
-{
-  int r = SSL_renegotiate(tls->ssl);
-  if (r <= 0) {
-    return tor_tls_get_error(tls, r, 0, "renegotiating", LOG_WARN,
-                             LD_HANDSHAKE);
-  }
-  return 0;
-}
-#endif
-
-/** Client only: Renegotiate a TLS session.  When finished, returns
- * TOR_TLS_DONE.  On failure, returns TOR_TLS_ERROR, TOR_TLS_WANTREAD, or
- * TOR_TLS_WANTWRITE.
- */
-int
-tor_tls_renegotiate(tor_tls_t *tls)
-{
-  int r;
-  tor_assert(tls);
-  /* We could do server-initiated renegotiation too, but that would be tricky.
-   * Instead of "SSL_renegotiate, then SSL_do_handshake until done" */
-  tor_assert(!tls->isServer);
-
-  check_no_tls_errors();
-  if (tls->state != TOR_TLS_ST_RENEGOTIATE) {
-    int r = SSL_renegotiate(tls->ssl);
-    if (r <= 0) {
-      return tor_tls_get_error(tls, r, 0, "renegotiating", LOG_WARN,
-                               LD_HANDSHAKE);
-    }
-    tls->state = TOR_TLS_ST_RENEGOTIATE;
-  }
-  r = SSL_do_handshake(tls->ssl);
-  if (r == 1) {
-    tls->state = TOR_TLS_ST_OPEN;
-    return TOR_TLS_DONE;
-  } else
-    return tor_tls_get_error(tls, r, 0, "renegotiating handshake", LOG_INFO,
-                             LD_HANDSHAKE);
-}
-
 /** Shut down an open tls connection <b>tls</b>.  When finished, returns
  * TOR_TLS_DONE.  On failure, returns TOR_TLS_ERROR, TOR_TLS_WANTREAD,
  * or TOR_TLS_WANTWRITE.
@@ -2410,117 +2315,7 @@ check_no_tls_errors_(const char *fname, int line)
 int
 tor_tls_used_v1_handshake(tor_tls_t *tls)
 {
-#if defined(V2_HANDSHAKE_SERVER) && defined(V2_HANDSHAKE_CLIENT)
   return ! tls->wasV2Handshake;
-#else
-  if (tls->isServer) {
-# ifdef V2_HANDSHAKE_SERVER
-    return ! tls->wasV2Handshake;
-# endif
-  } else {
-# ifdef V2_HANDSHAKE_CLIENT
-    return ! tls->wasV2Handshake;
-# endif
-  }
-  return 1;
-#endif
-}
-
-/** Return true iff <b>name</b> is a DN of a kind that could only
- * occur in a v3-handshake-indicating certificate */
-STATIC int
-dn_indicates_v3_cert(X509_NAME *name)
-{
-#ifdef DISABLE_V3_LINKPROTO_CLIENTSIDE
-  (void)name;
-  return 0;
-#else
-  X509_NAME_ENTRY *entry;
-  int n_entries;
-  ASN1_OBJECT *obj;
-  ASN1_STRING *str;
-  unsigned char *s;
-  int len, r;
-
-  n_entries = X509_NAME_entry_count(name);
-  if (n_entries != 1) {
-    return 1; /* More than one entry in the DN. */
-  }
-  entry = X509_NAME_get_entry(name, 0);
-
-  obj = X509_NAME_ENTRY_get_object(entry);
-  if (OBJ_obj2nid(obj) != OBJ_txt2nid("commonName")) {
-    return 1; /* The entry isn't a commonName. */
-  }
-
-  str = X509_NAME_ENTRY_get_data(entry);
-  len = ASN1_STRING_to_UTF8(&s, str);
-  if (len < 0) {
-    return 0;
-  }
-  if (len < 4) {
-    OPENSSL_free(s);
-    return 1;
-  }
-  r = fast_memneq(s + len - 4, ".net", 4);
-  OPENSSL_free(s);
-  return r;
-#endif
-}
-
-/** Return true iff the peer certificate we're received on <b>tls</b>
- * indicates that this connection should use the v3 (in-protocol)
- * authentication handshake.
- *
- * Only the connection initiator should use this, and only once the initial
- * handshake is done; the responder detects a v1 handshake by cipher types,
- * and a v3/v2 handshake by Versions cell vs renegotiation.
- */
-int
-tor_tls_received_v3_certificate(tor_tls_t *tls)
-{
-  check_no_tls_errors();
-
-  X509 *cert = SSL_get_peer_certificate(tls->ssl);
-  EVP_PKEY *key = NULL;
-  X509_NAME *issuer_name, *subject_name;
-  int is_v3 = 0;
-
-  if (!cert) {
-    log_warn(LD_BUG, "Called on a connection with no peer certificate");
-    goto done;
-  }
-
-  subject_name = X509_get_subject_name(cert);
-  issuer_name = X509_get_issuer_name(cert);
-
-  if (X509_name_cmp(subject_name, issuer_name) == 0) {
-    is_v3 = 1; /* purportedly self signed */
-    goto done;
-  }
-
-  if (dn_indicates_v3_cert(subject_name) ||
-      dn_indicates_v3_cert(issuer_name)) {
-    is_v3 = 1; /* DN is fancy */
-    goto done;
-  }
-
-  key = X509_get_pubkey(cert);
-  if (EVP_PKEY_bits(key) != 1024 ||
-      EVP_PKEY_type(key->type) != EVP_PKEY_RSA) {
-    is_v3 = 1; /* Key is fancy */
-    goto done;
-  }
-
- done:
-  tls_log_errors(tls, LOG_WARN, LD_NET, "checking for a v3 cert");
-
-  if (key)
-    EVP_PKEY_free(key);
-  if (cert)
-    X509_free(cert);
-
-  return is_v3;
 }
 
 /** Return the number of server handshakes that we've noticed doing on

src/common/tortls.h

@@ -136,7 +136,6 @@ STATIC int tor_tls_classify_client_ciphers(const SSL *ssl,
 STATIC int tor_tls_client_is_using_v2_ciphers(const SSL *ssl);
 MOCK_DECL(STATIC void, try_to_extract_certs_from_tls,
           (int severity, tor_tls_t *tls, X509 **cert_out, X509 **id_cert_out));
-STATIC int dn_indicates_v3_cert(X509_NAME *name);
 #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
 STATIC size_t SSL_SESSION_get_master_key(SSL_SESSION *s, uint8_t *out,
                                          size_t len);
@@ -196,7 +195,6 @@ MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len));
 int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
 int tor_tls_handshake(tor_tls_t *tls);
 int tor_tls_finish_handshake(tor_tls_t *tls);
-int tor_tls_renegotiate(tor_tls_t *tls);
 void tor_tls_unblock_renegotiation(tor_tls_t *tls);
 void tor_tls_block_renegotiation(tor_tls_t *tls);
 void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
@@ -214,7 +212,6 @@ int tor_tls_get_buffer_sizes(tor_tls_t *tls,
 MOCK_DECL(double, tls_get_write_overhead_ratio, (void));
 
 int tor_tls_used_v1_handshake(tor_tls_t *tls);
-int tor_tls_received_v3_certificate(tor_tls_t *tls);
 int tor_tls_get_num_server_handshakes(tor_tls_t *tls);
 int tor_tls_server_got_renegotiate(tor_tls_t *tls);
 MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out));

src/or/connection_or.c

@@ -1450,17 +1450,12 @@ connection_tls_continue_handshake(or_connection_t *conn)
 {
   int result;
   check_no_tls_errors();
- again:
-  if (conn->base_.state == OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING) {
-    // log_notice(LD_OR, "Renegotiate with %p", conn->tls);
-    result = tor_tls_renegotiate(conn->tls);
-    // log_notice(LD_OR, "Result: %d", result);
-  } else {
-    tor_assert(conn->base_.state == OR_CONN_STATE_TLS_HANDSHAKING);
-    // log_notice(LD_OR, "Continue handshake with %p", conn->tls);
-    result = tor_tls_handshake(conn->tls);
-    // log_notice(LD_OR, "Result: %d", result);
-  }
+
+  tor_assert(conn->base_.state == OR_CONN_STATE_TLS_HANDSHAKING);
+  // log_notice(LD_OR, "Continue handshake with %p", conn->tls);
+  result = tor_tls_handshake(conn->tls);
+  // log_notice(LD_OR, "Result: %d", result);
+
   switch (result) {
     CASE_TOR_TLS_ERROR_ANY:
     log_info(LD_OR,"tls error [%s]. breaking connection.",
@@ -1469,23 +1464,10 @@ connection_tls_continue_handshake(or_connection_t *conn)
     case TOR_TLS_DONE:
       if (! tor_tls_used_v1_handshake(conn->tls)) {
         if (!tor_tls_is_server(conn->tls)) {
-          if (conn->base_.state == OR_CONN_STATE_TLS_HANDSHAKING) {
-            if (tor_tls_received_v3_certificate(conn->tls)) {
-              log_info(LD_OR, "Client got a v3 cert!  Moving on to v3 "
-                       "handshake with ciphersuite %s",
-                       tor_tls_get_ciphersuite_name(conn->tls));
-              return connection_or_launch_v3_or_handshake(conn);
-            } else {
-              log_debug(LD_OR, "Done with initial SSL handshake (client-side)."
-                        " Requesting renegotiation.");
-              connection_or_change_state(conn,
-                  OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING);
-              goto again;
-            }
-          }
-          // log_notice(LD_OR,"Done. state was %d.", conn->base_.state);
+          tor_assert(conn->base_.state == OR_CONN_STATE_TLS_HANDSHAKING);
+          return connection_or_launch_v3_or_handshake(conn);
         } else {
-          /* v2/v3 handshake, but not a client. */
+          /* v2/v3 handshake, but we are not a client. */
           log_debug(LD_OR, "Done with initial SSL handshake (server-side). "
                            "Expecting renegotiation or VERSIONS cell");
           tor_tls_set_renegotiate_callback(conn->tls,
@@ -1498,6 +1480,7 @@ connection_tls_continue_handshake(or_connection_t *conn)
           return 0;
         }
       }
+      tor_assert(!tor_tls_is_server(conn->tls));
       return connection_tls_finish_handshake(conn);
     case TOR_TLS_WANTWRITE:
       connection_start_writing(TO_CONN(conn));
@@ -1533,22 +1516,8 @@ connection_or_handle_event_cb(struct bufferevent *bufev, short event,
     if (! tor_tls_used_v1_handshake(conn->tls)) {
       if (!tor_tls_is_server(conn->tls)) {
         if (conn->base_.state == OR_CONN_STATE_TLS_HANDSHAKING) {
-          if (tor_tls_received_v3_certificate(conn->tls)) {
-            log_info(LD_OR, "Client got a v3 cert!");
-            if (connection_or_launch_v3_or_handshake(conn) < 0)
-              connection_or_close_for_error(conn, 0);
-            return;
-          } else {
-            connection_or_change_state(conn,
-                OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING);
-            tor_tls_unblock_renegotiation(conn->tls);
-            if (bufferevent_ssl_renegotiate(conn->base_.bufev)<0) {
-              log_warn(LD_OR, "Start_renegotiating went badly.");
-              connection_or_close_for_error(conn, 0);
-            }
-            tor_tls_unblock_renegotiation(conn->tls);
-            return; /* ???? */
-          }
+          if (connection_or_launch_v3_or_handshake(conn) < 0)
+            connection_or_close_for_error(conn, 0);
         }
       } else {
         const int handshakes = tor_tls_get_num_server_handshakes(conn->tls);
@@ -1800,6 +1769,8 @@ connection_tls_finish_handshake(or_connection_t *conn)
   char digest_rcvd[DIGEST_LEN];
   int started_here = connection_or_nonopen_was_started_here(conn);
 
+  tor_assert(!started_here);
+
   log_debug(LD_HANDSHAKE,"%s tls handshake on %p with %s done, using "
             "ciphersuite %s. verifying.",
             started_here?"outgoing":"incoming",
@@ -1815,10 +1786,8 @@ connection_tls_finish_handshake(or_connection_t *conn)
 
   if (tor_tls_used_v1_handshake(conn->tls)) {
     conn->link_proto = 1;
-    if (!started_here) {
-      connection_or_init_conn_from_address(conn, &conn->base_.addr,
-                                           conn->base_.port, digest_rcvd, 0);
-    }
+    connection_or_init_conn_from_address(conn, &conn->base_.addr,
+                                         conn->base_.port, digest_rcvd, 0);
     tor_tls_block_renegotiation(conn->tls);
     rep_hist_note_negotiated_link_proto(1, started_here);
     return connection_or_set_state_open(conn);
@@ -1826,10 +1795,8 @@ connection_tls_finish_handshake(or_connection_t *conn)
     connection_or_change_state(conn, OR_CONN_STATE_OR_HANDSHAKING_V2);
     if (connection_init_or_handshake_state(conn, started_here) < 0)
       return -1;
-    if (!started_here) {
-      connection_or_init_conn_from_address(conn, &conn->base_.addr,
-                                           conn->base_.port, digest_rcvd, 0);
-    }
+    connection_or_init_conn_from_address(conn, &conn->base_.addr,
+                                         conn->base_.port, digest_rcvd, 0);
     return connection_or_send_versions(conn, 0);
   }
 }
@@ -1844,7 +1811,6 @@ static int
 connection_or_launch_v3_or_handshake(or_connection_t *conn)
 {
   tor_assert(connection_or_nonopen_was_started_here(conn));
-  tor_assert(tor_tls_received_v3_certificate(conn->tls));
 
   circuit_build_times_network_is_live(get_circuit_build_times_mutable());
 

src/test/test_tortls.c

@@ -1243,147 +1243,6 @@ test_tortls_used_v1_handshake(void *ignored)
   tor_free(tls);
 }
 
-static void
-test_tortls_dn_indicates_v3_cert(void *ignored)
-{
-  (void)ignored;
-  int ret;
-  X509_NAME *name;
-
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC,
-                             (const unsigned char *)"US", -1, -1, 0);
-  X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC,
-                             (const unsigned char *)"Foobar", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(name);
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC,
-                             (const unsigned char *)"US", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(name);
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "commonName", V_ASN1_REAL,
-                             (const unsigned char *)"123", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 0);
-
-  X509_NAME_free(name);
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"hello.com", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(name);
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"hello.net", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 0);
-
-  X509_NAME_free(name);
-  name = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"x.s", -1, -1, 0);
-  ret = dn_indicates_v3_cert(name);
-  tt_int_op(ret, OP_EQ, 1);
-
- done:
-  X509_NAME_free(name);
-}
-
-#ifndef OPENSSL_OPAQUE
-static void
-test_tortls_received_v3_certificate(void *ignored)
-{
-  (void)ignored;
-  int ret;
-  tor_tls_t *tls;
-  X509 *validCert = read_cert_from(validCertString);
-  X509_NAME *subject=NULL, *issuer=NULL;
-  EVP_PKEY *key = NULL;
-
-  tls = tor_malloc_zero(sizeof(tor_tls_t));
-  tls->ssl = tor_malloc_zero(sizeof(SSL));
-  tls->ssl->session = tor_malloc_zero(sizeof(SSL_SESSION));
-
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 0);
-
-  tls->ssl->session->peer = validCert;
-
-  subject = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"same.com", -1, -1, 0);
-  X509_set_subject_name(validCert, subject);
-
-  issuer = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(issuer, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"same.com", -1, -1, 0);
-  X509_set_issuer_name(validCert, issuer);
-
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(subject);
-  subject = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC,
-                           (const unsigned char *)"different.net", -1, -1, 0);
-  X509_set_subject_name(validCert, subject);
-
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(subject);
-  subject = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC,
-                      (const unsigned char *)"same.com", -1, -1, 0);
-  X509_set_subject_name(validCert, subject);
-
-  X509_NAME_free(issuer);
-  issuer = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(issuer, "commonName", MBSTRING_ASC,
-                       (const unsigned char *)"different.net", -1, -1, 0);
-  X509_set_issuer_name(validCert, issuer);
-
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 1);
-
-  X509_NAME_free(subject);
-  subject = X509_NAME_new();
-  X509_NAME_add_entry_by_txt(subject, "commonName", MBSTRING_ASC,
-                      (const unsigned char *)"different2.net", -1, -1, 0);
-  X509_set_subject_name(validCert, subject);
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 0);
-
-  key = X509_get_pubkey(validCert);
-  key->type = 5;
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 1);
-
-  key->type = 6;
-  key->ameth = NULL;
-  ret = tor_tls_received_v3_certificate(tls);
-  tt_int_op(ret, OP_EQ, 1);
-
- done:
-  X509_NAME_free(subject);
-  X509_NAME_free(issuer);
-  tor_free(tls->ssl->session);
-  tor_free(tls->ssl);
-  tor_free(tls);
-  X509_free(validCert);
-  if (key)
-    EVP_PKEY_free(key);
-}
-#endif
-
 static void
 test_tortls_get_num_server_handshakes(void *ignored)
 {
@@ -2311,64 +2170,6 @@ test_tortls_write(void *ignored)
   tor_free(tls);
   tor_free(method);
 }
-
-static int fixed_ssl_renegotiate_result;
-
-static int
-fixed_ssl_renegotiate(SSL *s)
-{
-  (void) s;
-  return fixed_ssl_renegotiate_result;
-}
-
-static void
-test_tortls_renegotiate(void *ignored)
-{
-  (void)ignored;
-  int ret;
-  tor_tls_t *tls;
-  SSL_CTX *ctx;
-  SSL_METHOD *method = give_me_a_test_method();
-  int previous_log = setup_capture_of_logs(LOG_WARN);
-
-  SSL_library_init();
-  SSL_load_error_strings();
-
-  ctx = SSL_CTX_new(TLSv1_method());
-
-  tls = tor_malloc_zero(sizeof(tor_tls_t));
-  tls->ssl = SSL_new(ctx);
-  tls->state = TOR_TLS_ST_OPEN;
-
-  ret = tor_tls_renegotiate(tls);
-  tt_int_op(ret, OP_EQ, -9);
-
-  tls->ssl->method = method;
-  method->ssl_renegotiate = fixed_ssl_renegotiate;
-  fixed_ssl_renegotiate_result = 0;
-  ERR_clear_error();
-  ret = tor_tls_renegotiate(tls);
-  tt_int_op(ret, OP_EQ, -9);
-
-  ERR_clear_error();
-  tls->ssl->handshake_func = dummy_handshake_func;
-  tls->state = TOR_TLS_ST_RENEGOTIATE;
-  ret = tor_tls_renegotiate(tls);
-  tt_int_op(ret, OP_EQ, TOR_TLS_DONE);
-
-  ERR_clear_error();
-  tls->state = TOR_TLS_ST_OPEN;
-  fixed_ssl_renegotiate_result = -1;
-  ret = tor_tls_renegotiate(tls);
-  tt_int_op(ret, OP_EQ, -9);
-
- done:
-  teardown_capture_of_logs(previous_log);
-  SSL_free(tls->ssl);
-  SSL_CTX_free(ctx);
-  tor_free(tls);
-  tor_free(method);
-}
 #endif
 
 #ifndef OPENSSL_OPAQUE
@@ -2496,7 +2297,6 @@ test_tortls_finish_handshake(void *ignored)
   SSL_load_error_strings();
 
   X509 *c1 = read_cert_from(validCertString);
-  X509 *c2 = read_cert_from(caCertString);
   SESS_CERT_local *sess = NULL;
 
   ctx = SSL_CTX_new(method);
@@ -2537,18 +2337,6 @@ test_tortls_finish_handshake(void *ignored)
   tt_int_op(ret, OP_EQ, 0);
   tt_int_op(tls->wasV2Handshake, OP_EQ, 1);
 
-  tls->ssl->session->peer = c2;
-  tls->wasV2Handshake = 1;
-  ret = tor_tls_finish_handshake(tls);
-  tt_int_op(ret, OP_EQ, 0);
-  tt_int_op(tls->wasV2Handshake, OP_EQ, 0);
-
-  sk_X509_push(sess->cert_chain, c2);
-  tls->wasV2Handshake = 1;
-  ret = tor_tls_finish_handshake(tls);
-  tt_int_op(ret, OP_EQ, 0);
-  tt_int_op(tls->wasV2Handshake, OP_EQ, 0);
-
   method->num_ciphers = fake_num_ciphers;
   ret = tor_tls_finish_handshake(tls);
   tt_int_op(ret, OP_EQ, -9);
@@ -2563,7 +2351,6 @@ test_tortls_finish_handshake(void *ignored)
   tor_free(tls);
   SSL_CTX_free(ctx);
   tor_free(method);
-  X509_free(c1);
 }
 #endif
 
@@ -3025,8 +2812,6 @@ struct testcase_t tortls_tests[] = {
   LOCAL_TEST_CASE(get_forced_write_size, 0),
   LOCAL_TEST_CASE(get_write_overhead_ratio, TT_FORK),
   LOCAL_TEST_CASE(used_v1_handshake, TT_FORK),
-  LOCAL_TEST_CASE(dn_indicates_v3_cert, 0),
-  INTRUSIVE_TEST_CASE(received_v3_certificate, 0),
   LOCAL_TEST_CASE(get_num_server_handshakes, 0),
   LOCAL_TEST_CASE(server_got_renegotiate, 0),
   INTRUSIVE_TEST_CASE(SSL_SESSION_get_master_key, 0),
@@ -3037,7 +2822,6 @@ struct testcase_t tortls_tests[] = {
   INTRUSIVE_TEST_CASE(get_peer_cert, 0),
   INTRUSIVE_TEST_CASE(peer_has_cert, 0),
   INTRUSIVE_TEST_CASE(shutdown, 0),
-  INTRUSIVE_TEST_CASE(renegotiate, 0),
   INTRUSIVE_TEST_CASE(finish_handshake, 0),
   INTRUSIVE_TEST_CASE(handshake, 0),
   INTRUSIVE_TEST_CASE(write, 0),