Re: tor-0.2.1.22 renegotiating problem

To: Chuck Swiger <cswiger%mac.com@localhost>
Subject: Re: tor-0.2.1.22 renegotiating problem
From: Victor Dorneanu <victor%dornea.nu@localhost>
Date: Thu, 28 Jan 2010 20:40:40 +0100

Chuck Swiger wrote:
> Ah, I found the bug discussed in tor's bugtracker; it sounds like they have a 
> code fix in TRUNK to work with OpenSSL versions with the renegotiation patch:
>
>   https://bugs.torproject.org/flyspray/index.php?do=details&id=1144
>
> Otherwise, you can revert to linking to an older OpenSSL version, if you are 
> willing to tolerate the security risks...
>
> Regards,
>   
Unfortunately nothing worked as expected.

 $ pkg_info -b openssl 

 Information for openssl-0.9.8lnb1:

 ...
 $ pwd
 /root/torproject/trunk

 $ ldd ./src/or/tor
 ./src/or/tor:
        -lc.12 => /usr/lib/libc.so.12
        -lz.1 => /usr/lib/libz.so.1
        -lm.0 => /usr/lib/libm.so.0
        -levent.2 => /usr/lib/libevent.so.2
        -lcrypt.0 => /lib/libcrypt.so.0
        -lcrypto.4 => /usr/lib/libcrypto.so.4
        -lssl.6 => /usr/lib/libssl.so.6
        -lpthread.0 => /usr/lib/libpthread.so.0

 $ ./src/or/tor 
 Jan 28 20:19:21.467 [notice] Tor v0.2.2.5-alpha-dev. This is experimental 
software. Do not rely on it for strong anonymity. (Running on NetBSD amd64)
 Jan 28 20:19:21.468 [notice] Initialized libevent version 1.4.11-stable using 
method kqueue. Good.
 Jan 28 20:19:21.468 [notice] Opening Socks listener on 127.0.0.1:9050
 Jan 28 20:19:21.469 [notice] Parsing GEOIP file.
 Jan 28 20:19:21.661 [warn] You are running Tor as root. You don't need to, and 
you probably shouldn't.
 Jan 28 20:19:21.943 [notice] No current certificate known for authority 
dannenberg; launching request.
 Jan 28 20:19:21.943 [notice] No current certificate known for authority urras; 
launching request.
 Jan 28 20:19:21.943 [notice] Bootstrapped 5%: Connecting to directory server.
 Jan 28 20:19:21.943 [notice] I learned some more directory information, but 
not enough to build a circuit: We have no network-status consensus.
 Jan 28 20:19:21.975 [notice] Bootstrapped 10%: Finishing handshake with 
directory server.
 Jan 28 20:19:22.070 [warn] TLS error: unexpected close while renegotiating 
(SSL_ST_OK)
 Jan 28 20:19:22.106 [warn] TLS error: unexpected close while renegotiating 
(SSL_ST_OK)
 Jan 28 20:19:22.106 [notice] No current certificate known for authority 
dannenberg; launching request.
 Jan 28 20:19:22.106 [notice] No current certificate known for authority urras; 
launching request.
 Jan 28 20:19:22.244 [warn] TLS error: unexpected close while renegotiating 
(SSL_ST_OK)

So the problem still persists.
> Already fixed in svn trunk and maint-0.2.1.  The next releases will work
> fine with OpenSSL 0.9.8L.
>   
As you noticed I did a svn checkout on
https://svn.torproject.org/svn/tor/trunk/ but the bug is still there.
Due to security reasons I'm not willing to downgrade openssl to a
previous version. *But* if this is the only workaround available, I
think I'll have no choice. BTW: I tried to compile openssl-0.9.8k but it
failed (error log is attached).

-- 
Victor Dorneanu

Contact
- Web/Blog: http://dornea.nu

GnuPG information
- KeyID = 0xD20870F4 (pgp.mit.edu)
- Key fingerprint = DD6B 5E09 242F 7410 3F90 492A 4CBA FD13 D208 70F4

gmake[2]: Entering directory `/home/victor/pkgsrc/openssl-0.9.8k/apps'
speed.o: In function `speed_main':
speed.c:(.text+0xaf6): undefined reference to `idea_set_encrypt_key'
speed.c:(.text+0x1784): undefined reference to `idea_cbc_encrypt'
speed.c:(.text+0x3559): undefined reference to `idea_options'
version.o: In function `version_main':
version.c:(.text+0x1f7): undefined reference to `idea_options'
../libcrypto.so: undefined reference to `ENGINE_load_ubsec'
../libcrypto.so: undefined reference to `ENGINE_load_4758cca'
../libcrypto.so: undefined reference to `ENGINE_load_aep'
../libcrypto.so: undefined reference to `idea_ecb_encrypt'
../libcrypto.so: undefined reference to `ENGINE_load_sureware'
../libcrypto.so: undefined reference to `idea_cfb64_encrypt'
../libcrypto.so: undefined reference to `ENGINE_load_cswift'
../libcrypto.so: undefined reference to `ENGINE_load_chil'
../libcrypto.so: undefined reference to `idea_ofb64_encrypt'
../libcrypto.so: undefined reference to `idea_set_decrypt_key'
../libcrypto.so: undefined reference to `ENGINE_load_atalla'
../libcrypto.so: undefined reference to `ENGINE_load_nuron'
gmake[2]: *** [link_app.gnu] Error 1
gmake[2]: Leaving directory `/home/victor/pkgsrc/openssl-0.9.8k/apps'
gmake[1]: *** [openssl] Error 2
gmake[1]: Leaving directory `/home/victor/pkgsrc/openssl-0.9.8k/apps'
gmake: *** [build_apps] Error 1

References:
- tor-0.2.1.22 renegotiating problem
  - From: Victor Dorneanu
- Re: tor-0.2.1.22 renegotiating problem
  - From: Chuck Swiger
- Re: tor-0.2.1.22 renegotiating problem
  - From: Victor Dorneanu
- Re: tor-0.2.1.22 renegotiating problem
  - From: Chuck Swiger

Prev by Date: Re: ACPI problems
Next by Date: Re: ACPI problems
Previous by Thread: Re: tor-0.2.1.22 renegotiating problem
Next by Thread: Belkin wi-fi USB dongle
Indexes:

Home | Main Index | Thread Index | Old Index