[tor-bugs] #8179 [Tor]: openssl 1.0.1d seems to break SSL Handshakes/Renegotiations

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Feb 6 23:16:18 UTC 2013 

#8179: openssl 1.0.1d seems to break SSL Handshakes/Renegotiations
----------------------------------------------------------+-----------------
 Reporter:  ruebezahl                                     |          Owner:                     
     Type:  defect                                        |         Status:  new                
 Priority:  critical                                      |      Milestone:  Tor: 0.2.4.x-final 
Component:  Tor                                           |        Version:  Tor: 0.2.4.10-alpha
 Keywords:  openssl tor-client backport-022 backport-023  |         Parent:                     
   Points:                                                |   Actualpoints:                     
----------------------------------------------------------+-----------------

Comment(by ruebezahl):

 The SSL-Errors seem to disapear when building with no-asm, and
 bootstraping is 100% complete.

 But now I got this after the first Bootstrap:

 [notice] Bootstrapped 100%: Done.
 [warn] Your Guard
 AccessNowKromyon03=6557396CF0EE5B72563A22BCAA0FF26E77FA3D08 is failing a
 very large amount of circuits. Most likely this means the Tor network is
 overloaded, but it could also mean an attack against you or potentially
 the guard itself. Success counts are 62/177. Use counts are 0/0. 62
 circuits completed, 0 were unusable, 0 collapsed, and 0 timed out. For
 reference, your timeout cutoff is 131 seconds.
 [warn] Your Guard jalopy=35BDC6486420EFD442C985D8D3C074988BFE544B is
 failing an extremely large amount of circuits. This could indicate a route
 manipulation attack, extreme network overload, or a bug. Success counts
 are 51/192. Use counts are 0/0. 51 circuits completed, 0 were unusable, 0
 collapsed, and 0 timed out. For reference, your timeout cutoff is 131
 seconds.
 [warn] Your Guard lilith=6BE0C165B88EBE0371597F9E2230D3F253A299EF is
 failing an extremely large amount of circuits. This could indicate a route
 manipulation attack, extreme network overload, or a bug. Success counts
 are 48/195. Use counts are 0/0. 48 circuits completed, 0 were unusable, 0
 collapsed, and 0 timed out. For reference, your timeout cutoff is 131
 seconds.
 [notice] Self-testing indicates your DirPort is reachable from the
 outside. Excellent.

 I restarted the daemon two more times and did not get this warning again.
 Not sure if related.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8179#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list