[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 27 Dec 2011 22:14:39 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 27 Dec 2011 17:14:51 -0500
In-reply-to: <046.007d65a3572214d149c9452c7aa96a0c@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.007d65a3572214d149c9452c7aa96a0c@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4779: AES broken since 0.2.3.9-alpha on CentOS 6
-----------------------+----------------------------------------------------
 Reporter:  Pascal     |          Owner:  nickm             
     Type:  defect     |         Status:  accepted          
 Priority:  major      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay  |        Version:  Tor: 0.2.3.9-alpha
 Keywords:  aes        |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by Pascal):

 The following testing was performed inside the VMWare image
 http://downloads.sourceforge.net/thoughtpolicevm/centos-6.0-x86_64-minimal.zip

 Nickm's test and "make test" from 0.2.3.10 both failed in this image (as
 expected).

 I installed http://www.openssl.org/source/openssl-1.0.0e.tar.gz using the
 commands:

 ./config shared --prefix=/usr --openssldir=/usr/include/openssl
 make
 make test
 make install

 After confirming the new version of OpenSSL was installed (using the
 "openssl version" command) I reran both tests.  Both passed.  I then
 installed http://www.openssl.org/source/openssl-1.0.0.tar.gz again using
 the above commands.  I again confirmed the new version of OpenSSL was
 installed and reran both tests.  Both failed.

 This would appear to indicate the bug was in OpenSSL 1.0.0 and has since
 been fixed.  I was unable to get OpenSSL 1.0.0a to build, but the 1.0.0b
 of Fedora 12 has previously tested good.

 Rather than doing a version check, I would recommend implementing a test
 during startup to determine if the installed OpenSSL is working correctly
 and use a workaround if not.

 Anyone know how to get Red Hat to upgrade RHEL 6 to a newer OpenSSL?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #4463 [Website]: Set up web log analysis tool
Next by Author: Re: [tor-bugs] #3763 [EFF-HTTPS Everywhere]: allow changing local rules without restarting Firefox
Previous by thread: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Next by thread: Re: [tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Index(es):
- Author
- Thread