Date: Tue, 26 May 2015 09:25:22 -0400 From: Nick Mathewson nickm@torproject.org
I posted this on a blog comment, but others may be interested too.
As near as I can tell, the "logjam"/"weakdh" attacks should not affect current Tor software very much, for a few reasons:
- All currently supported Tor versions, when built with OpenSSL 1.0 or later, prefer 256-bit elliptic-curve Diffie Hellman for their TLS connections, not the 1024-bit Diffie Hellman over Z_p as discussed in this paper.
…
Recommendations:
…
- If you're running OpenSSL 0.9.8 or earlier, you should consider upgrading to 1.0.0 or later.
(Mac) OS X Yosemite 10.10 and earlier ship with OpenSSL 0.9.8 and 0.9.7.
For Yosemite 10.10.3 (14D136) in particular, these are:
$ ls -l /usr/lib/libssl.* -rwxr-xr-x 1 root wheel 400608 10 Sep 2014 /usr/lib/libssl.0.9.7.dylib -rwxr-xr-x 1 root wheel 616512 20 Mar 13:16 /usr/lib/libssl.0.9.8.dylib lrwxr-xr-x 1 root wheel 18 28 Jan 23:16 /usr/lib/libssl.dylib -> libssl.0.9.8.dylib
$ strings /usr/lib/libssl.0.9.8.dylib | grep "OpenSSL 0.9.8" OpenSSL 0.9.8zd 8 Jan 2015 …
$ strings /usr/lib/libssl.0.9.7.dylib | grep "OpenSSL 0.9.7" … OpenSSL 0.9.7l 28 Sep 2006 …
(As an aside, please avoid running strings on any untrusted binaries.)
While it's possible to build or install OpenSSL 1.0 or 1.1 on OS X, it's not the default.
How does this affect Tor and/or Tor Browser on OS X?
teor
teor2345 at gmail dot com pgp 0xABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5
teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
On Wed, 3 Jun 2015 00:43:50 +1000 teor teor2345@gmail.com wrote:
(Mac) OS X Yosemite 10.10 and earlier ship with OpenSSL 0.9.8 and 0.9.7.
[snip]
While it's possible to build or install OpenSSL 1.0 or 1.1 on OS X, it's not the default.
How does this affect Tor and/or Tor Browser on OS X?
Tor Browser builds/includes it's own copy of OpenSSL, so there is no impact there.
As of a little while ago on master, tor requires OpenSSL 1.0.0 with ECDH support at build time. AFAIK this breaks the build with OSX, FreeBSD 9.x, and certain (Old) versions of Centos/RHEL when compiling against the vendor's OpenSSL. The only resolution is "Too bad, so sad, install a modern OpenSSL".
See #16034 and #16040 for details.