[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Declining traffic

     On Sat, 24 Apr 2010 06:45:38 -0400 Roger Dingledine <arma@xxxxxxx>
>On Fri, Apr 23, 2010 at 08:51:32PM -0500, Scott Bennett wrote:
>>      I hope that, in the future, openssl.org will make some effort to
>> coordinate such things with the various operating system developers in
>> a way that avoids turning the situation into such a cl*****f*** again.
>> It's obviously been a nightmare for you and the rest of the tor project,
>> and I'd bet heavily that the tor project is not the only one so affected.
>> >But we haven't yet put out a stable release that includes that patch.
>> >
>> >So if you upgraded to the latest 0.2.2.x-alpha to get the fixes for other
>> >bugs, you would get the fix for this bug too. Let us know if it works.
>> >
>>      Are there any ideas floating around yet as to why tor doesn't work
>> with openssl 1.0.0?
>It does work, as far as I am told. Or are you talking about yet another
>operating system vendor that crippled its openssl in some new way?

     I tried it from ports, so it's not the aborted version in the FreeBSD
base system.  I first posted about the problem on tor-relays earlier this


Ended up using portdowngrade to get back to 0.9.8n, which works just fine.
>I believe some of the BSDs took tls renegotiation out of their openssl
>entirely. It's quite possible they would be bold enough to declare that
>their openssl is the real openssl 1.0.0. The only answer there is to
>not use their crippled openssl.

     No, the version in the FreeBSD base system is a crippled 0.9.8e, IIRC.
>Has anybody else here tried Tor with openssl 1.0.0 and found that it
>worked / didn't work?
     Someone (perhaps Nick or Andrew--I don't remember who) posted a note
before that to the effect that a 1.0.0-beta seemed to work with tor and
was faster, to boot, which I was looking forward to.  I didn't try the beta
version, though, so I have no direct experience with it myself.  The released
version definitely does not work with tor.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/