[SOLVED] Re: Tor fails to build connections after FreeBSD security update
Hans Schnehl
torvallenator at gmail.com
Sun Dec 6 13:13:14 UTC 2009
On Sun, Dec 06, 2009 at 04:37:51AM -0600, Scott Bennett wrote:
> Hmm. I have 0.9.8l installed, too, but I guess I don't know which
> version (i.e., base system vs. port) the build procedure for tor links in.
BINGO. Thanks, Scott.
According to this (it makes sense to read the whole thread, though):
http://lists.freebsd.org/pipermail/freebsd-ports/2009-December/058074.html
I rebuilt Tor version 0.2.2.6-alpha (git-1ee580407ccb9130)
available in the portstree and compiled against openssl 0.9.8l .
I did that in a buildjail, but nevertheless should it should work on the
main system, if desired.
I added 'WITH_OPENSSL_PORT=YES' to /etc/make.conf and let FreeBSD do the
rest with 'make install clean' in the tor-devel directory.
Out comes a perfectly compiled binary doing what it is supposed to.
The jail Tor is running in now actually has both, base and ports openssl
but Tor doesn't care. Building a system without base openssl, see
the documentation.
Removing the formerly set LD_LIBRARY_PATH does now have no effect, there
are two openssl binaries: /usr/bin/openssl (base) and
/usr/local/bin/openssl ( ports) which shows no negative impact on Tor.
this is what it looks like if compiled with the appropriate setting in
/etc/make.conf:
root at ato# ldd /usr/local/bin/tor
/usr/local/bin/tor:
libz.so.4 => /lib/libz.so.4 (0x8817f000)
libm.so.5 => /lib/libm.so.5 (0x88191000)
libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x881a6000)
libssl.so.5 => /usr/local/lib/libssl.so.5 (0x881bb000)
libcrypto.so.5 => /usr/local/lib/libcrypto.so.5 (0x881ff000)
libthr.so.3 => /lib/libthr.so.3 (0x88346000)
libc.so.7 => /lib/libc.so.7 (0x8835a000)
librt.so.1 => /usr/lib/librt.so.1 (0x88449000)
> until you provided the search string. The low rate of occurrence may be
> due to the relatively small portion of FreeBSD-based routers that have been
> updated and rebooted out of the relatively small fraction of the router
> population that is FreeBSD-based.
>
So if the operators of the committedly small portion of FreeBSD Tornodes
encounter similar, just leave the base openssl.
This is untested yet on other than the 7.2-Stable platform.
Tor 0.2.2.6-alpha runs fine against openssl 0.9.8l on FreeBSD. Sorry for the
noise and thanks to all.
Regards
Hans
More information about the tor-relays
mailing list