[tor-bugs] #10402 [Tor]: Force disable use of RDRAND in OpenSSL when HardwareAccel is enabled
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 22 08:20:22 UTC 2013
#10402: Force disable use of RDRAND in OpenSSL when HardwareAccel is enabled
------------------------+---------------------------------------------
Reporter: anon | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor | Version:
Resolution: | Keywords: 023-backport tor-relay security
Actual Points: | Parent ID:
Points: |
------------------------+---------------------------------------------
Comment (by anon):
arma: only an issue on first-start with no state file AND HardwareAccel 1
(enable) set in config. This is not the default.
Subsequent runs with a state file, or systems using default without
hardware acceleration, will not use RDRAND to generate keys.
If there are any relay operators who deployed new relays on Sandy Bridge
or Ivy Bridge hardware with HardwareAccel enabled on first run, then they
should re-generate keys.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10402#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list