[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Still problems with TLS negotiation
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Still problems with TLS negotiation
- From: Hans Schnehl <torvallenator@xxxxxxxxx>
- Date: Sat, 2 Jan 2010 21:32:50 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sat, 02 Jan 2010 15:33:12 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:references:mime-version:content-type:content-disposition :in-reply-to:user-agent; bh=TEIUVWmfWFdUqjJ0ePTp2R61TK3z19dn1VjhnUD8G7w=; b=I9QzygAskzZR1pQocyp2x+OdIA4yUXQuUut38U3/74PYLzeRMCkmbRbiE3U3BiquGf R+0ISCTeLZAZ1B0XU2/YNpff5qMPbypWPhTMGUYfSUQp3GHSiGFRkVUIMWLVKJVETDeu mUJmsQWpx/Fjnd2ilVYeuEI/TgeOQYcFjahio=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; b=Mw4N5NhIh4iSGtN0MkSF6tVwutHJuWj0stdgj6RC2lLSFcbnh5vz57xzrPACFrBFD9 zv53k1gdTiP09HCyWDY4Q/pzDvqz44Iok6Xzle4g2VUqmc5elb4QLQrB+JME6W+1k9Mw cXxbN7NgjzPRe59mv/4+jmk4RxU30xTJGzhq8=
- In-reply-to: <4B3F960F.70802@xxxxxxxxx>
- References: <4B3F960F.70802@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mutt/1.5.19 (2009-01-05)
On Sat, Jan 02, 2010 at 07:53:03PM +0100, Hans de Hartog wrote:
> Hi,
>
> I upgraded all my servers from FreeBSD 7.2-RELEASE-p4 to 8.0-RELEASE
> and tor stopped working because of the TLS renegotiation problem.
> So I upgraded to tor 0.2.1.21 (promised to solve that problem) but the
> problem
> is still there. Going back to FreeBSD 7.2 is no option so I tried tor
> 0.2.2.6-alpha.
You need to compile the mentioned versions of Tor against openssl-0.9.8.l,
which is the one in the FreeBSD ports tree. neither 7-stable or 8-stable
ship with openssl-0.9.8.l, but the versions or Tor you are trying to run
need that version of openssl.
> Still no go. However, the error message (TLS error: unexpected close while
> renegotiating) is now suffixed with (SSL_ST_OK) but tor isn't doing any
> usefull
> work.
> If it helps: openssl version: 0.9.8k 25 Mar 2009 (I can not change that,
> it's part
> of the base system).
You do not need to change that, just install the ports version in
addition.
> So, this was the end of a faithfull tor-supporting system, running for
> months as
> an exit-router... :-(
No, it is not ! Keep going, please :) There is a thread under Tor-relays
dealing exactly with this issue. If you want to skip the 'introduction'
you may want to see :
http://archives.seul.org/tor/relays/Dec-2009/msg00013.html
which handles how to compile Tor against openssl-0.9.8.l by using the ports
systems built in routines.
If you wish not to use this routine just scroll down and you will find a
description of how to do without.
>
> Regards,
> Hans.
dito
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/