[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor and Openssl on old OSX [was Tor and Openssl bug CVE-2014-0160]
On Tue, Apr 8, 2014, at 06:13 PM, Andreas Krey wrote:
> On Tue, 08 Apr 2014 13:31:01 +0000, Geoff Down wrote:
> > b) if some other object, where is it in OSX10.4 and how do I check the
> > version
> That depends on whether your tor binary is build with shared libraries;
> 'otool -L path/to/your/tor' will show which libraries it uses.
/opt/local/lib/libz.1.dylib (compatibility version 1.0.0,
current version 1.2.5)
/opt/local/lib/libevent-2.0.5.dylib (compatibility version
7.0.0, current version 7.4.0)
/opt/local/lib/libssl.1.0.0.dylib (compatibility version 1.0.0,
current version 1.0.0)
/opt/local/lib/libcrypto.1.0.0.dylib (compatibility version
1.0.0, current version 1.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current
libssl==openssl? If so, not vulnerable
> (Apart from that the Macos libraryes may be patched by apple
> from the original openssl.org versions.)
> > c) if the version is a vulnerable one, how do I update it
> > ?
> Install new versions of the openssl libs as soon as apple provides
> them when you use the ones from the system.
Not a supported OS any more.
> Then you (probably)
> need to recompile tor itself and make sure that it references the
> proper version of openssl libraries.
> tor, when started, also tells the openssl version in the first message.
Not any more, apparently, at Notice level. At Info level though:
[info] tor_tls_init(): OpenSSL OpenSSL 1.0.0g 18 Jan 2012 looks like
version 0.9.8m or later; I will try SSL_OP to enable renegotiation
> You may also download and compile openssl yourself and link
> against that version, but I can't just write down how to
> do that - there are some macos specials to find out to do
> that, and I didn't yet.
Thanks for this much help anyway :)
http://www.fastmail.fm - The professional email service
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to