[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[SOLVED] Re: Tor fails to build connections after FreeBSD security update
- To: tor-relays@xxxxxxxxxxxxxx
- Subject: [SOLVED] Re: Tor fails to build connections after FreeBSD security update
- From: Hans Schnehl <torvallenator@xxxxxxxxx>
- Date: Sun, 6 Dec 2009 14:13:14 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: tor-relays-outgoing@xxxxxxxx
- Delivered-to: tor-relays@xxxxxxxx
- Delivery-date: Sun, 06 Dec 2009 08:13:38 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:references:mime-version:content-type:content-disposition :in-reply-to:user-agent; bh=IkPcXgs1vPBhW7FVnJ1EEYlZ0yt0RHAMU1vqnxqGjzw=; b=X1H5IH/gfZZkk0t23eVyeOn4Rro54nOlcBJf51oartv64ifpkonaMVhvbksmkG6fnY ZqjORCNyiEdhhEjRvdO35OkDVIr7lL5mXyB9KxogMy5J4bM4/wKzueCR3fcmpe5RyL8b gHsFfxdtNWiAL+anP/ssJ7QwPzycRVEQYfwTA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; b=Tvax3nZHPmmCUNeoKdbLhQcspCQcEwm+cgeio7Lx8Xfuox05tc8pGcXAjIh8lq7hDi a160QoqBPAG1qeLocCiJbYPWJcBsyhw4Xs1a39p9JSu3OpQ6th48JW6xR9OVet2fIzWy 9RS8l8eGcGFDjQhFpr3lDKU8s7BgV4zQXIXGY=
- In-reply-to: <200912061037.nB6Abpwe021202@xxxxxxxxxxxxx>
- References: <200912061037.nB6Abpwe021202@xxxxxxxxxxxxx>
- Reply-to: tor-relays@xxxxxxxxxxxxxx
- Sender: owner-tor-relays@xxxxxxxxxxxxxx
- User-agent: Mutt/1.5.19 (2009-01-05)
On Sun, Dec 06, 2009 at 04:37:51AM -0600, Scott Bennett wrote:
> Hmm. I have 0.9.8l installed, too, but I guess I don't know which
> version (i.e., base system vs. port) the build procedure for tor links in.
BINGO. Thanks, Scott.
According to this (it makes sense to read the whole thread, though):
http://lists.freebsd.org/pipermail/freebsd-ports/2009-December/058074.html
I rebuilt Tor version 0.2.2.6-alpha (git-1ee580407ccb9130)
available in the portstree and compiled against openssl 0.9.8l .
I did that in a buildjail, but nevertheless should it should work on the
main system, if desired.
I added 'WITH_OPENSSL_PORT=YES' to /etc/make.conf and let FreeBSD do the
rest with 'make install clean' in the tor-devel directory.
Out comes a perfectly compiled binary doing what it is supposed to.
The jail Tor is running in now actually has both, base and ports openssl
but Tor doesn't care. Building a system without base openssl, see
the documentation.
Removing the formerly set LD_LIBRARY_PATH does now have no effect, there
are two openssl binaries: /usr/bin/openssl (base) and
/usr/local/bin/openssl ( ports) which shows no negative impact on Tor.
this is what it looks like if compiled with the appropriate setting in
/etc/make.conf:
root@ato# ldd /usr/local/bin/tor
/usr/local/bin/tor:
libz.so.4 => /lib/libz.so.4 (0x8817f000)
libm.so.5 => /lib/libm.so.5 (0x88191000)
libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x881a6000)
libssl.so.5 => /usr/local/lib/libssl.so.5 (0x881bb000)
libcrypto.so.5 => /usr/local/lib/libcrypto.so.5 (0x881ff000)
libthr.so.3 => /lib/libthr.so.3 (0x88346000)
libc.so.7 => /lib/libc.so.7 (0x8835a000)
librt.so.1 => /usr/lib/librt.so.1 (0x88449000)
> until you provided the search string. The low rate of occurrence may be
> due to the relatively small portion of FreeBSD-based routers that have been
> updated and rebooted out of the relatively small fraction of the router
> population that is FreeBSD-based.
>
So if the operators of the committedly small portion of FreeBSD Tornodes
encounter similar, just leave the base openssl.
This is untested yet on other than the 7.2-Stable platform.
Tor 0.2.2.6-alpha runs fine against openssl 0.9.8l on FreeBSD. Sorry for the
noise and thanks to all.
Regards
Hans