[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Still problems with TLS negotiation



On Sat, Jan 02, 2010 at 07:53:03PM +0100, Hans de Hartog wrote:
> Hi,
> 
> I upgraded all my servers from FreeBSD 7.2-RELEASE-p4 to 8.0-RELEASE
> and tor stopped working because of the TLS renegotiation problem.
> So I upgraded to tor 0.2.1.21 (promised to solve that problem) but the
> problem
> is still there. Going back to FreeBSD 7.2 is no option so I tried tor
> 0.2.2.6-alpha.


You need to compile the mentioned versions of Tor against openssl-0.9.8.l,
which is the one in the FreeBSD ports tree. neither 7-stable or 8-stable
ship with openssl-0.9.8.l, but the versions or Tor you are trying to run
need that version of openssl.


> Still no go. However, the error message (TLS error: unexpected close while
> renegotiating) is now suffixed with (SSL_ST_OK) but tor isn't doing any
> usefull
> work.
> If it helps: openssl version: 0.9.8k 25 Mar 2009 (I can not change that,
> it's part
> of the base system).

You do not need to change that, just install the ports version in
addition.


> So, this was the end of a faithfull tor-supporting system, running for
> months as
> an exit-router... :-(

No, it is not ! Keep going, please :) There is a thread under Tor-relays
dealing exactly with this issue. If you want to skip the 'introduction'
you may want to see :
http://archives.seul.org/tor/relays/Dec-2009/msg00013.html

which handles how to compile Tor  against openssl-0.9.8.l by using the ports
systems built in routines.
 
If you wish not to use this routine just scroll down and you will find a
description of how to do without.          


> 
> Regards,
> Hans.

dito
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/