[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28616 [Core Tor/Tor]: TLS internal error running Tor 0.3.4.9 on Debian Buster (OpenSSL 1.1.1a)



#28616: TLS internal error running Tor 0.3.4.9 on Debian Buster (OpenSSL 1.1.1a)
--------------------------+------------------------------------
 Reporter:  filippo       |          Owner:  (none)
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.4.0.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.4.9
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by nickm):

 Replying to [comment:11 nickm]:
 > I've asked on the ticket, but I don't have a great sense of when it will
 happen.

 They are not sure; it will either happen when the next major security fix
 happens, or probably 3-4 months after OpenSSL 1.1.1a.

 > One possibility might be to write a patch to detect this issue and
 disable TLS 1.3 when it happens.

 I've done a minimal patch for this as #28973, but it needs testing,
 especially with OpenSSL 1.1.1a.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28616#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs