building Tor against LibreSSL 2.1.1 fails with "undefined reference to `EVP_aes_128_ctr'" error
I'm trying to build tor-0.2.5.10 from source against LibreSSL 2.1.1 on a FreeBSD 9.3x jail system.
It fails with this message
-----------------------------------
CC src/tools/tor-gencert.o CCLD src/tools/tor-gencert src/common/libor-crypto.a(aes.o): In function `aes_new_cipher': /usr/local/src/tor-0.2.5.10/src/common/aes.c:100: undefined reference to `EVP_aes_128_ctr' *** [src/tools/tor-gencert] Error code 1
Stop in /usr/local/src/tor-0.2.5.10. *** [all] Error code 1
Stop in /usr/local/src/tor-0.2.5.10.
--------------------------------------
Has anyone has any luck building Tor against LibreSSL?
I am also very interested in hearing from people who have built tor with LibreSSL... specifically I'd love it if someone worked out all the details to do this as a static build in OpenBSD.
On Fri, Nov 21, 2014 at 3:22 PM, Seth list@sysfu.com wrote:
I'm trying to build tor-0.2.5.10 from source against LibreSSL 2.1.1 on a FreeBSD 9.3x jail system.
It fails with this message
CC src/tools/tor-gencert.o CCLD src/tools/tor-gencert src/common/libor-crypto.a(aes.o): In function `aes_new_cipher': /usr/local/src/tor-0.2.5.10/src/common/aes.c:100: undefined reference to `EVP_aes_128_ctr' *** [src/tools/tor-gencert] Error code 1
Stop in /usr/local/src/tor-0.2.5.10. *** [all] Error code 1
Stop in /usr/local/src/tor-0.2.5.10.
Has anyone has any luck building Tor against LibreSSL?
-- Seth I <3 nicely trimmed email replies _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Fri, 21 Nov 2014 09:10:11 -0800, David Stainton dstainton415@gmail.com wrote:
I am also very interested in hearing from people who have built tor with LibreSSL...
If you want to try building a FreeBSD port using LibreSSL instead of OpenSSL add this to /etc/make.conf
OPENSSL_PORT=security/libressl WITH_OPENSSL_PORT=yes
specifically I'd love it if someone worked out all the details to do this as a static build in OpenBSD.
Not sure about static builds, what's the benefit?
I do know OpenBSD 5.6 has LibreSSL baked in and it works with Tor. Just install the tor package, edit /etc/tor/torrc and you're up and running.
Next time I stand up another relay or exit node on OpenBSD I think I'll kick it up a notch with some chroot and/or systrace sauce.
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity#RunTor...
Am also interested in hearing any tips for minimizing data retention. I thought about making a hardlink or symlink from /var/log to /dev/null, but I have a feeling there's more to it than that.
tor-relays@lists.torproject.org
-
David Stainton -
Seth