[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Operator straw poll: Reasons why you use Tor LTS versions?
- To: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-relays] Operator straw poll: Reasons why you use Tor LTS versions?
- From: George <george@xxxxxxxxxx>
- Date: Mon, 21 Oct 2019 16:29:52 -0400
- Autocrypt: addr=george@xxxxxxxxxx; keydata= mQINBFnk+YcBEAC8eaom0XY5RWEUtcPYEvpNEnJVhThasrN9+jNjz1Oj8Dm/esj+yoY0WSzv MpIPKTcow68Am3yrtnnFCSfnJeaBxM+EHQF/cYDsi2+9g976kaWVZro+SuSkUGHHU6mEZ+B3 FqOGLLqIG2GdoLYhYKSj+fNcfWdOzC8d2HUxNiZ6ElsclebcQKTOeOlHxVQu8lIanTsbcnAE jjlWKRh70jViECxc0h92x++eCWSOGypiFLZhjOopt+2nEjCLov4+kGRCF4XK3wdooOhnlSq9 d6i3CudzZD/VoA0+56q7gbbtwBKHTeOzuqZQPqcaXJqXIfy5MpOhphv4TC7O0hguC+qEMd+X hTcNe6I0Ran9JqOLYVha3hrAXgmZzqDmAHj5ZjYEt3UqEpWqPvs7xEnpp/6B7kAwl0PWDqRb G2n1JYRdydxkjfUCJdjjWJiUM+AVvi9sjZ216kUIJeEE1rN3B0q/rjANCiICU6G0ZB5/F2Rh +iZ4Xh0f2UazLgBgHRncGGv/YpmxVKfnzoDEU3FIHVBM9o3P1K53FLJySapZXYP03VhzNkTx /IDviDY7KoVbUAM++stV9N6fCcUIUo0BcWakv7zEuCh7BoBI8NhQlPI4COsBEvm2OHeKpHHA 0/VMTD7HujVcWv93BdzjFt5b4qNthU1tS4zHDHVSfp63MVGqJQARAQABtBpHZW9yZ2UgPGdl b3JnZUBxdWVhaXIubmV0PokCPgQTAQIAKAUCWeT5hwIbAwUJA8JnAAYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQXZIf0ez2FoINZRAAjdcdp1bzEIhh4wF56KkuzCLdSKH8G+PqOiA/ PJujnhTpJBRlfZviPHIAh85EMLpTb7RjkTLdhb9WX0u9Gz26SnqN6CpUFWTlQAB+akjy43Mu IwUqmNcK9OU2r76ozA9jIvPNe7S+ikB5jiJDEjkBPGsdLbbADUS7I5hRn/k92qy1ym65JK8G hK7TBpXBF7fhwl39x6WIQJVemun2ZDpc2ydcFN5UYiw+6eCYHwbcB03czv02NhdPdS6ZSQfN 2RsdmT1LGzD9YN133h9dJUW4cOrA9Gd38E4QSibgrzscwGJCidoL+EJeIMooZgBEdheDrtzE rvA+5+x+163qfJLAtjJgUugZxO6Q9KbRFWklVpEGomGlvuBUAfo9TvjmHSDO/ufJiLOBHHXe +NVPjP8ByUNXr/QPm6byvg+3HThg5VPReWMVjR/ifVHFcLSc+G5qjWzW6oKSecyLnyvu1BKd HJBpU1oy6vAHgIEZjbOgI4mz7KuAS0vONVZBODR6Ypvh8qyu2WoS383YJrIjARLnnIV0wGdN dVbc6q/BtPAjzf4EnrJFQYNBxw7Ol+oWaAsHq7LB/Hz3+kZnnAE45j3oXy27lUbm+60tUPXe Yts2F/J36ZTZzDIl2TjHQPswIgowY92YE5thOteikuyDudz3rjbDe2wKoE2Da02D14B37BI=
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Mon, 21 Oct 2019 16:30:09 -0400
- In-reply-to: <4D82D671-11B1-4EF3-8072-B1F451CCA4DD@rockenhaus.com>
- List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
- List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
- List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
- List-post: <mailto:tor-relays@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
- References: <24343600-a536-0515-c961-a5ef8a2e4f1e@torproject.org> <F2374B69-6CDC-4CCB-83A4-BFAD2B5EEE78@riseup.net> <c18bf951-25f3-95d0-9dc5-4fec8cc716a0@torproject.org> <24A46F51-2E2B-47F4-AE4A-8234EA9FCBAA@rockenhaus.com> <CAD2Ti28_yNsLq+MGiu96yYR8WpoF67bQnxDJFDyprsAHiOEVtg@mail.gmail.com> <4D82D671-11B1-4EF3-8072-B1F451CCA4DD@rockenhaus.com>
- Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
Conrad Rockenhaus:
>
>
>> On Sep 5, 2019, at 10:21 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:
>>
>>> never relied on the OS Package of Tor, mainly because OS’s OpenSSL versions
>>> are behind the current version of OpenSSL, so I normally compile Tor against
>>> the latest OpenSSL. Example, FreeBSD 12.0-RELEASE has OpenSSL
>>> 1.1.1a-freebsd, which generates a slight crypto error during the startup of
>>> Tor. If you download OpenSSL 1.1.1c and just compile against it, eh, problem
>>> fixed.
>>
>> As to realtime, hardly any behind...
>> ver openssl 12-stable ports-head
>> 1.1.1c 20190528 20190528 20190528
>> 1.1.1b 20190226 20190226 20180227
>> 1.1.1a 20181120 20181120 20181120
>> ... not including any 'responsible disclosure' bs
>> around any HW / SW that users may or may not
>> be affected by.
>>
>> As to release mechanics...
>> 12.0-release base had latest 1.1.1a at release,
>> release ports tags were one letter rev behind
>> at 1.0.2p and 1.1.0i, release ports head was
>> latest at 1.0.2q and 1.1.1a, quarterly was similar.
>>
>> tor follows same pattern, people can research
>> and post those datas if they want.
>>
>> Of course people's boxes will be behind if they never
>> update them beyond release, that's not fault of any OS.
>>
>> https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/updating-upgrading.html
>> https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports.html
>> https://download.freebsd.org/ftp/snapshots/
>>
>> Either update base per binary, snapshot, releng, or stable...
>> or track and install ports (packages) quarterly, latest / head...
>> and compile against that as needed.
>>
>> Or get the upstream sources and do by hand.
>>
>> If people aren't on FreeBSD or a well supported
>> Linux distro they should expect their OS to be
>> laggy in areas.
>>
>> Many FreeBSD tor users would be fine tracking
>> base stable and packages latest (ports head).
>> pkg.conf: url: "pkg+https://pkg.FreeBSD.org/${ABI}/latest",
>>
>> If their OS of choice is still a bit laggy for them, they
>> can join their OS community and start generating
>> update commits... :)
>>
>> https://freebsd.org/
>> https://openbsd.org/
>> etc
>> or whatever pump and dump linux distro is hot this year.
>
> Grampamp,
>
> You know I love you tons - but the problem with the FreeBSD release of Tor isn’t fixed by switching to “latest”, you’ll still get the error upon startup. It’s compiled against an older version of OpenSSL. Since it already has an active maintainer I can’t just go in and take it over. That would be rude.
>
> Yes, OpenSSL on mainline 12.0-RELEASE is fixed, but what they compiled the package against isn’t, so it’s either compile the port or don’t use pkgs. I for one believe in the philosophy of not mixing pkgs and ports so…. Ports it is.
Way late to the party on this, and I don't know if it's resolved on the
FreeBSD side yet, but you need to try https://bugs.freebsd.org/bugzilla/
for issues like this, especially if it's a sync issue between base and
the package.
I did not have any issues with FreeBSD 12-RELEASE with pkgs set to
"latest" with net/tor.
IMHO, issues like this are inevitable when you have THREE supported
"production" releases...
Oh, how I miss the FreeBSD 4.x era.
g
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays