[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Problem with Tor managed to confirm that its ORPort is reachable

On Wed, Feb 17, 2010 at 02:13:30PM +0000, Soviet Union wrote:
> > https://bugs.torproject.org/flyspray/index.php?do=details&id=1252
> > 
> > Hopefully our debian maintainer will get it sorted out in the next
> > few days.
> Did the new subversion tor-geoipdb_0.2.1.23-2~~lenny+1_all.deb be maked
> as imrpovement of that bug?

Yes, the new deb should take care of it for now.

The bug was that Tor detects openssl's version by asking openssl what
version it is, and turns on various openssl features (such as re-enabling
tls renegotiation) based on the version. But when Debian backports
features (or backports the removal of features) to its openssl lib, it
never changes the openssl version. In summary, we were foolish enough
to believe that Debian's openssl would not lie to us. Lesson learned. :)


To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/