[tor-bugs] #6033 [Tor Bridge]: Tor v2 handshake does not work with openssl 1.0.1 (was: 0.2.2.35 can't connect to 0.2.3.15-alpha bridges)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Jun 2 21:56:46 UTC 2012
#6033: Tor v2 handshake does not work with openssl 1.0.1
------------------------+---------------------------------------------------
Reporter: murble | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.2.x-final
Component: Tor Bridge | Version: Tor: 0.2.3.15-alpha
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Changes (by nickm):
* priority: major => critical
Comment:
Further testing shows that when both sides are using a released version of
openssl 1.0.1 (in other words, not openssl 1.0.1-beta1), the v2 handshake
does not complete.
Please correct me if we get any data to contradict the above.
This issue is probably either:
* A bug in OpenSSL 1.0.1, or
* A problem with how Tor is using OpenSSL 1.0.1.
To confirm 1.0.1, we could write a trivial SSL client and SSL server using
openssl 1.0.1, and show that they cannot renegotiate. I think this might
be worth looking into, since Libevent's unit tests are seeing some issues
with OpenSSL 1.0.1 and renegotiation as well, and Libevent doesn't do half
of the crazy stuff that Tor tries.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6033#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list