[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor fails to build connections after FreeBSD security update



On 12/05/2009 09:54 AM, Hans Schnehl wrote:
> [snip]]
> NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate
> SSL / TLS session parameters.  As a result, connections in which the other
> party attempts to renegotiate session parameters will break.  In practice,
> however, session renegotiation is a rarely-used feature, so disabling this
> functionality is unlikely to cause problems for most systems.
> [snip]

Tor initiates a ssl renegotiate at the start of a circuit, the latest
openssl breaks tor.  The fixes for this are currently in -alpha only.
The 0.2.1.21-dev in git also contains the fix.  We're testing
0.2.2.6-alpha right now,
https://blog.torproject.org/blog/tor-0226-alpha-released.  Please try
0.2.2.6-alpha and let us know if it works.

If 0.2.2.6-alpha is shown to work well, then we'll release
0.2.1.21-stable soon.

Thanks for running a relay!

-- 
Andrew Lewman
The Tor Project
pgp 0x31B0974B

Website: https://torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject