[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[SUCCESS] Re: descriptor published, but router missing from consensus
On Sat, 10 Apr 2010 14:25:35 +0200 Hans Schnehl <torvallenator@xxxxxxxxx>
wrote:
>On Fri, Apr 09, 2010 at 05:53:15PM -0500, Scott Bennett wrote:
The short and simple: tor 0.2.2.7-alpha is working correctly again after
I downgraded openssl to 0.9.8n. That fact, combined with its failure to work
as a relay with openssl 1.0.0, strongly suggests that something crucial in
openssl broke between 0.9.8n and 1.0.0.
>> On Sat, 10 Apr 2010 00:26:39 +0200 Sebastian Hahn <mail@xxxxxxxxxxxxxxxxx>
>> wrote:
>> >On Apr 9, 2010, at 11:44 PM, Scott Bennett wrote:
>> >> Do you know whether anyone else has tor working properly with
>> >> openssl 1.0.0 ? I'm considering downgrading it back to 0.9.8n as a
>> >> test to begin eliminating different possible sources of trouble.
>[...]
>
>Tor 0.2.2.10-alpha (git-81b84c0b017267b4) on FreeBSD 8-Stable amd64
>runs a little bumpy (these are, of course, strictly scientific terms) with
>openssl 1.0.0.
> Tor is statically compiled against the most recent libevent (git) and
>openssl-1.0.0.
>There's higher load to the cpu with less utilized bandwidt than with
>previous versions.
I have:
FreeBSD hellas 7.3-STABLE FreeBSD 7.3-STABLE #7: Thu Mar 25 21:28:02 CDT 2010
bennett@hellas:/usr/obj/usr/src/sys/hellas i386
Also, I am reluctant to upgrade to 0.2.2.10-alpha unless and until someone
can show me a suitable substitute for .exit for testing the truthfulness of
exit nodes.
>
>Best performance was with Tor 0.2.2.10-alpha (git-81b84c0b017267b4)
>statically compiled against libevent-1.4.13 (the one in the FreeBSD
That's the libevent I'm using, too.
>ports tree) and openssl-1.0.0-beta5. Probably will build that again in order
>to regain performance.
>Some change in between O*ssl-1.0.0-beta5 and -stable might be the reason.
> Don't know.
>
>> >> (That
>> >> is what was working before.) However, it is a bit of a nuisance to do
>> >> that, so I'd rather not do it if it's clear that the openssl version
>> >> isn't the source of my troubles.
>> >
>> >openssl 1.0.0, but we did some testing with the beta versions before
>> >and it seemed to work; afaik. Getting your results with a downgraded
>>
>[...]
>> I don't actually know how much work it is because I've never tried
>> it. There is now a tool called "ports-mgmt/portdowngrade" in the ports
>> tree that I'll need to install first to do the job. That *shouldn't* be
>[...]
>
>portdowngrade works fine, even if not at all new, by talking to cvs-servers.
>You might want to save time and nerves by statically compiling the
>tor-binary, though.
>There's a post in or-talk
>http://archives.seul.org/or/talk/Jan-2010/msg00011.html ( by grarpamp )
>about how to do that.
That's okay. If openssl 1.0.0 is broken, then I just won't update from
0.9.8n again until someone reports that a newer version works. I've already
added a /var/db/pkg/openssl-0.9.8n/+IGNOREME file and also a "-x openssl" to
my list of portmaster -x options for various unbuildable ports, so that a
"portmaster [various options] -a" *should* avoid it.
>
>Just run 'configure' and 'make', _avoid_ 'make install' and drop the
>resulting tor-binary from /src/or/tor to your PATH. (Remove or hide the
>old one before, of course)
>
>I do not intend to start a bikeshed discussion about pro's and con's of
>statically compiled binaries, but this saves the nuisance and keeps
>the rest of your system away from testing different library versions
>three times a day :)
>
:-)
As noted above, I will keep only a single version, 0.9.8n, until I know
of a version to which I can safely update.
On another note, working backward from today, portdowngrade shows the
comment for commission #11 (port version 0.9.8l_2) as:
- new option WITH_OPENSSL_THREADS
Can anyone tell me what WITH_OPENSSL_THREADS enables and whether it provides
anything new and beneficial for tor relays running on systems with multiple
logical and/or physical CPUs?
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************