[SOLVED] Re: Tor fails to build connections after FreeBSD security update

Scott Bennett bennett at cs.niu.edu
Fri Dec 11 09:55:00 UTC 2009 

     On Sun, 6 Dec 2009 14:13:14 +0100 Hans Schnehl <torvallenator at gmail.com>
wrote:
>On Sun, Dec 06, 2009 at 04:37:51AM -0600, Scott Bennett wrote:
>>      Hmm.  I have 0.9.8l installed, too, but I guess I don't know which
>> version (i.e., base system vs. port) the build procedure for tor links in.
>
>BINGO. Thanks, Scott.
>
>According to this (it makes sense to read the whole thread, though):
>http://lists.freebsd.org/pipermail/freebsd-ports/2009-December/058074.html
>
     Interesting.
>
>I rebuilt Tor version 0.2.2.6-alpha (git-1ee580407ccb9130) 
>available in the portstree and compiled against openssl  0.9.8l .
>I did that in a buildjail, but nevertheless should it should work on the
>main system, if desired.
>
>I added  'WITH_OPENSSL_PORT=YES' to /etc/make.conf and let FreeBSD do the
>rest with 'make install clean' in the tor-devel directory.
>
>Out comes a perfectly compiled binary doing what it is supposed to.
>
>The jail Tor is running in now actually has both, base and ports openssl
>but Tor doesn't care. Building a system without base openssl, see
>the documentation.
>Removing the formerly set LD_LIBRARY_PATH does now have no effect, there
>are two openssl binaries: /usr/bin/openssl (base) and
>/usr/local/bin/openssl ( ports) which shows no negative impact on Tor.
>
>this is what it looks like if compiled with the appropriate setting in
>/etc/make.conf:
>root at ato# ldd /usr/local/bin/tor
>/usr/local/bin/tor:
>	libz.so.4 => /lib/libz.so.4 (0x8817f000)
>	libm.so.5 => /lib/libm.so.5 (0x88191000)
>	libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x881a6000)
>	libssl.so.5 => /usr/local/lib/libssl.so.5 (0x881bb000)
>	libcrypto.so.5 => /usr/local/lib/libcrypto.so.5 (0x881ff000)
>	libthr.so.3 => /lib/libthr.so.3 (0x88346000)
>	libc.so.7 => /lib/libc.so.7 (0x8835a000)
>	librt.so.1 => /usr/lib/librt.so.1 (0x88449000)
>
>
>
>> until you provided the search string.  The low rate of occurrence may be
>> due to the relatively small portion of FreeBSD-based routers that have been
>> updated and rebooted out of the relatively small fraction of the router
>> population that is FreeBSD-based.
>> 
>
>
>So if the operators of the committedly small portion of FreeBSD Tornodes
>encounter similar, just leave the base openssl.
>This is untested yet on other than the 7.2-Stable platform.
>
>Tor 0.2.2.6-alpha runs fine against openssl 0.9.8l on FreeBSD. Sorry for the
>noise and thanks to all.
>
     Huh.  I guess now *I'm* the one who needs a clue.  I stopped building tor
from ports a long time ago.  
     I updated FreeBSD, and I've now tried everything I could think of to get
tor built using the openssl port, barring renaming the base system's version,
but nothing has worked.  Even explicitly specifying
--with-openssl-dir=/usr/local/lib on ./configure, it still links it with the
wrong one:

/usr/local/bin/tor:
	libz.so.4 => /lib/libz.so.4 (0x4817b000)
	libm.so.5 => /lib/libm.so.5 (0x4818d000)
	libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x481a2000)
	libssl.so.5 => /usr/lib/libssl.so.5 (0x481b7000)
                       ^^^^^^^^^^^^^^^^^^^^
	libcrypto.so.5 => /lib/libcrypto.so.5 (0x481f7000)
	libthr.so.3 => /lib/libthr.so.3 (0x48346000)
	libc.so.7 => /lib/libc.so.7 (0x4835a000)
	librt.so.1 => /usr/lib/librt.so.1 (0x4845a000)

What, exactly, does the ports subsystem do to make tor build using the openssl
port?
     Any helpful suggestions, other than to build tor from the tor-devel port,
which I have no intention of doing, would be greatly appreciated.  In the
meantime, I no longer have a working tor. :---*(


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-relays mailing list