[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Sat, 02 Jun 2012 22:37:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 02 Jun 2012 18:38:12 -0400
In-reply-to: <046.360404451f03d4f0ed3cd8c300e45ad0@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.360404451f03d4f0ed3cd8c300e45ad0@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#6033: Tor v2 handshake does not work with openssl 1.0.1
------------------------+---------------------------------------------------
 Reporter:  murble      |          Owner:                     
     Type:  defect      |         Status:  new                
 Priority:  critical    |      Milestone:  Tor: 0.2.2.x-final 
Component:  Tor Bridge  |        Version:  Tor: 0.2.3.15-alpha
 Keywords:              |         Parent:                     
   Points:              |   Actualpoints:                     
------------------------+---------------------------------------------------

Comment(by nickm):

 It appears that renegotiation in openssl 1.0.1 is broken when you use TLS
 1.1 or TLS 1.2.  To reproduce: Run openssl s_server.  Run openssl
 s_client.  Type "R" into the s_client, and hit enter.

 To prevent this from messing up the Tor network, we should disable TLS 1.1
 and TLS 1.2 when they are present, until some version of OpenSSL
 implements them correctly.  To fix this, we should report it to
 appropriate OpenSSL devs.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6033#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #6033 [Tor Bridge]: 0.2.2.35 can't connect to 0.2.3.15-alpha bridges
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1 (was: 0.2.2.35 can't connect to 0.2.3.15-alpha bridges)
Next by Author: Re: [tor-bugs] #6007 [Tor Relay]: Be more strict about rejecting pre-handshake data in 0.2.2
Previous by thread: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1 (was: 0.2.2.35 can't connect to 0.2.3.15-alpha bridges)
Next by thread: Re: [tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1
Index(es):
- Author
- Thread