[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [SOLVED] Re: Tor fails to build connections after FreeBSD security update



Excellent, thank you, it's working here again.

On Sun, Dec 6, 2009 at 8:13 AM, Hans Schnehl <torvallenator@xxxxxxxxx> wrote:
On Sun, Dec 06, 2009 at 04:37:51AM -0600, Scott Bennett wrote:


>      Hmm.  I have 0.9.8l installed, too, but I guess I don't know which
> version (i.e., base system vs. port) the build procedure for tor links in.

BINGO. Thanks, Scott.

According to this (it makes sense to read the whole thread, though):
http://lists.freebsd.org/pipermail/freebsd-ports/2009-December/058074.html


I rebuilt Tor version 0.2.2.6-alpha (git-1ee580407ccb9130)
available in the portstree and compiled against openssl  0.9.8l .
I did that in a buildjail, but nevertheless should it should work on the
main system, if desired.

I added  'WITH_OPENSSL_PORT=YES' to /etc/make.conf and let FreeBSD do the
rest with 'make install clean' in the tor-devel directory.

Out comes a perfectly compiled binary doing what it is supposed to.

The jail Tor is running in now actually has both, base and ports openssl
but Tor doesn't care. Building a system without base openssl, see
the documentation.
Removing the formerly set LD_LIBRARY_PATH does now have no effect, there
are two openssl binaries: /usr/bin/openssl (base) and
/usr/local/bin/openssl ( ports) which shows no negative impact on Tor.

this is what it looks like if compiled with the appropriate setting in
/etc/make.conf:
root@ato# ldd /usr/local/bin/tor
/usr/local/bin/tor:
       libz.so.4 => /lib/libz.so.4 (0x8817f000)
       libm.so.5 => /lib/libm.so.5 (0x88191000)
       libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x881a6000)
       libssl.so.5 => /usr/local/lib/libssl.so.5 (0x881bb000)
       libcrypto.so.5 => /usr/local/lib/libcrypto.so.5 (0x881ff000)
       libthr.so.3 => /lib/libthr.so.3 (0x88346000)
       libc.so.7 => /lib/libc.so.7 (0x8835a000)
       librt.so.1 => /usr/lib/librt.so.1 (0x88449000)



> until you provided the search string.  The low rate of occurrence may be
> due to the relatively small portion of FreeBSD-based routers that have been
> updated and rebooted out of the relatively small fraction of the router
> population that is FreeBSD-based.
>


So if the operators of the committedly small portion of FreeBSD Tornodes
encounter similar, just leave the base openssl.
This is untested yet on other than the 7.2-Stable platform.

Tor 0.2.2.6-alpha runs fine against openssl 0.9.8l on FreeBSD. Sorry for the
noise and thanks to all.

Regards

Hans