[tor-bugs] #8179 [Tor]: openssl 1.0.1d seems to break SSL Handshakes/Renegotiations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Feb 6 22:31:20 UTC 2013
#8179: openssl 1.0.1d seems to break SSL Handshakes/Renegotiations
-----------------------+----------------------------------------------------
Reporter: ruebezahl | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: 0.2.4.10-alpha
Keywords: openssl | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
running the tor deamon with static openssl 1.0.1d led to masses of
[warn] 45 connections have failed:
[warn] 32 connections died in state handshaking (Tor, v3 handshake) with
SSL state SSL negotiation finished successfully in OPEN
[warn] 13 connections died in state renegotiating (TLS, v2 handshake)
with SSL state SSLv3 read server hello A in RENEGOTIATE
while bootstraping the node. please see attached excerpt of the debug-log.
what's odd looking to my untrained eye there is:
[debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state
before accept initialization [type=16,val=1].
[debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state
before accept initialization [type=8193,val=1].
[debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state
SSLv3 read client hello B [type=16392,val=522].
[debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state
SSLv3 read client hello B [type=8194,val=-1].
[debug] TLS error while reading with [scrubbed]: unexpected message (in
SSL routines:SSL3_GET_MESSAGE:SSLv3 read client hello B)
[debug] tor_tls_read(): read returned r=-1, err=-9
[debug] connection_read_to_buf(): tls error [misc error]. breaking
(nickname not set, address xx.xxx.xx.xx).
compiling tor with 1.0.0k seems to fix this.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8179>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list