[tor-bugs] #4779 [Tor Relay]: AES broken since on CentOS 6

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Dec 27 22:14:39 UTC 2011

#4779: AES broken since on CentOS 6
 Reporter:  Pascal     |          Owner:  nickm             
     Type:  defect     |         Status:  accepted          
 Priority:  major      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay  |        Version:  Tor:
 Keywords:  aes        |         Parent:                    
   Points:             |   Actualpoints:                    

Comment(by Pascal):

 The following testing was performed inside the VMWare image

 Nickm's test and "make test" from both failed in this image (as

 I installed http://www.openssl.org/source/openssl-1.0.0e.tar.gz using the

 ./config shared --prefix=/usr --openssldir=/usr/include/openssl
 make test
 make install

 After confirming the new version of OpenSSL was installed (using the
 "openssl version" command) I reran both tests.  Both passed.  I then
 installed http://www.openssl.org/source/openssl-1.0.0.tar.gz again using
 the above commands.  I again confirmed the new version of OpenSSL was
 installed and reran both tests.  Both failed.

 This would appear to indicate the bug was in OpenSSL 1.0.0 and has since
 been fixed.  I was unable to get OpenSSL 1.0.0a to build, but the 1.0.0b
 of Fedora 12 has previously tested good.

 Rather than doing a version check, I would recommend implementing a test
 during startup to determine if the installed OpenSSL is working correctly
 and use a workaround if not.

 Anyone know how to get Red Hat to upgrade RHEL 6 to a newer OpenSSL?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list