[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Declining traffic



On Fri, Apr 23, 2010 at 08:51:32PM -0500, Scott Bennett wrote:
>      I hope that, in the future, openssl.org will make some effort to
> coordinate such things with the various operating system developers in
> a way that avoids turning the situation into such a cl*****f*** again.
> It's obviously been a nightmare for you and the rest of the tor project,
> and I'd bet heavily that the tor project is not the only one so affected.
> 
> >But we haven't yet put out a stable release that includes that patch.
> >
> >So if you upgraded to the latest 0.2.2.x-alpha to get the fixes for other
> >bugs, you would get the fix for this bug too. Let us know if it works.
> >
>      Are there any ideas floating around yet as to why tor doesn't work
> with openssl 1.0.0?

It does work, as far as I am told. Or are you talking about yet another
operating system vendor that crippled its openssl in some new way?

I believe some of the BSDs took tls renegotiation out of their openssl
entirely. It's quite possible they would be bold enough to declare that
their openssl is the real openssl 1.0.0. The only answer there is to
not use their crippled openssl.

Has anybody else here tried Tor with openssl 1.0.0 and found that it
worked / didn't work?

--Roger

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/