[tor-dev] TLS warning using static OpenSSL 1.0.1c

Gino Badouri g.badouri at gmail.com
Thu Jun 21 21:05:26 UTC 2012 

Hi there,

My goal is to run Tor on small cluster of embedded mips devices.
Because the platform runs on an older version of OpenSSL and libevent I
have chosen to statically link them with Tor.

So I went ahead to compile the components.
I'm aiming at the beta version: 0.2.3.17

OpenSSL 1.0.1c has been build with:
./Configure debian-mipsel shared enable-tlsext zlib-dynamic no-ssl2


libevent-2.0.19-stable has been built with:
./configure --enable-openssl --disable-debug-mode --with-pic

And of course Tor:

./configure --prefix=/usr --libdir=/usr/lib --localstatedir=/var
--sysconfdir=/etc \
--with-zlib-dir=/home/mastag/build-mipsel/tmp/staging/mipsel-linux/lib \
--with-openssl-dir=/home/mastag/build-mipsel/tmp/staging/mipsel-linux/lib \
--with-libevent-dir=/home/mastag/build-mipsel/tmp/staging/mipsel-linux/lib \
--disable-asciidoc --enable-static-openssl --enable-static-libevent \
--host=mipsel-linux
--with-libnatpmp-dir=/home/mastag/build-mipsel/tmp/staging/mipsel-linux/lib
\
--with-libminiupnpc-dir=/home/mastag/build-mipsel/tmp/staging/mipsel-linux/lib
\
--enable-upnp --enable-nat-pmp --enable-bufferevents \
CPPFLAGS="-I/home/mastag/openpli/build-dm800/tmp/staging/mipsel-linux/include"

This produces the src/or/Tor binary which runs great on the cluster.
Only it's giving me the following messages:

Jun 21 23:02:12.000 [notice] Tor 0.2.3.17-beta opening new log file.
Jun 21 23:02:12.000 [warn] You are running Tor as root. You don't need to,
and you probably shouldn't.
Jun 21 23:02:13.000 [notice] No AES engine found; using AES_* functions.
Jun 21 23:02:13.000 [notice] This OpenSSL has a good implementation of
counter mode; using it.
Jun 21 23:02:15.000 [notice] OpenSSL OpenSSL 1.0.1c 10 May 2012 looks like
version 0.9.8m or later; I will try SSL_OP to enable renegotiation
Jun 21 23:02:37.000 [notice] Reloaded microdescriptor cache.  Found 4807
descriptors.
Jun 21 23:02:42.000 [notice] We now have enough directory information to
build circuits.
Jun 21 23:02:42.000 [notice] Bootstrapped 80%: Connecting to the Tor
network.
Jun 21 23:02:43.000 [notice] Heartbeat: Tor's uptime is 0:00 hours, with 1
circuits open. I've sent 0 kB and received 0 kB.
Jun 21 23:02:43.000 [notice] Bootstrapped 85%: Finishing handshake with
first hop.
Jun 21 23:02:43.000 [warn] TLS error while creating tor_tls_t object: could
not load the shared library (in DSO support routines:DLFCN_LOAD:---)
Jun 21 23:02:43.000 [warn] TLS error while creating tor_tls_t object: could
not load the shared library (in DSO support routines:DSO_load:---)
Jun 21 23:02:47.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Jun 21 23:02:53.000 [notice] Tor has successfully opened a circuit. Looks
like client functionality is working.
Jun 21 23:02:53.000 [notice] Bootstrapped 100%: Done.

The warning about the AES engine is probably because OpenSSL has no engine
for mips.
However the following two lines bother me:

[warn] TLS error while creating tor_tls_t object: could not load the shared
library (in DSO support routines:DLFCN_LOAD:---)
[warn] TLS error while creating tor_tls_t object: could not load the shared
library (in DSO support routines:DSO_load:---)

Any way to get rid of these?
I did compile OpenSSL with "enable-tlsext" so I don't understand why it
warns me about it.

Thanks in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20120621/05bec776/attachment.html>

More information about the tor-dev mailing list