[SOLVED] Re: Tor fails to build connections after FreeBSD security update

Scott Bennett bennett at cs.niu.edu
Fri Dec 11 11:04:02 UTC 2009 

     I wrote:
>     On Sun, 6 Dec 2009 14:13:14 +0100 Hans Schnehl <torvallenator at gmail.com>
>wrote:
>>On Sun, Dec 06, 2009 at 04:37:51AM -0600, Scott Bennett wrote:
>>>      Hmm.  I have 0.9.8l installed, too, but I guess I don't know which
>>> version (i.e., base system vs. port) the build procedure for tor links in.
>>
>    [Much stuff deleted  --SB]
>>
>>I added  'WITH_OPENSSL_PORT=YES' to /etc/make.conf and let FreeBSD do the
>>rest with 'make install clean' in the tor-devel directory.
>>
>>Out comes a perfectly compiled binary doing what it is supposed to.
>>
>>The jail Tor is running in now actually has both, base and ports openssl
>>but Tor doesn't care. Building a system without base openssl, see
>>the documentation.
>>Removing the formerly set LD_LIBRARY_PATH does now have no effect, there
>>are two openssl binaries: /usr/bin/openssl (base) and
>>/usr/local/bin/openssl ( ports) which shows no negative impact on Tor.
>>
>>this is what it looks like if compiled with the appropriate setting in
>>/etc/make.conf:
>>root at ato# ldd /usr/local/bin/tor
>>/usr/local/bin/tor:
>>	libz.so.4 => /lib/libz.so.4 (0x8817f000)
>>	libm.so.5 => /lib/libm.so.5 (0x88191000)
>>	libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x881a6000)
>>	libssl.so.5 => /usr/local/lib/libssl.so.5 (0x881bb000)
>>	libcrypto.so.5 => /usr/local/lib/libcrypto.so.5 (0x881ff000)
>>	libthr.so.3 => /lib/libthr.so.3 (0x88346000)
>>	libc.so.7 => /lib/libc.so.7 (0x8835a000)
>>	librt.so.1 => /usr/lib/librt.so.1 (0x88449000)
>>
>>
>>
>>> until you provided the search string.  The low rate of occurrence may be
>>> due to the relatively small portion of FreeBSD-based routers that have been
>>> updated and rebooted out of the relatively small fraction of the router
>>> population that is FreeBSD-based.
>>> 
>>
>>
>>So if the operators of the committedly small portion of FreeBSD Tornodes
>>encounter similar, just leave the base openssl.
>>This is untested yet on other than the 7.2-Stable platform.
>>
>>Tor 0.2.2.6-alpha runs fine against openssl 0.9.8l on FreeBSD. Sorry for the
>>noise and thanks to all.
>>
>     Huh.  I guess now *I'm* the one who needs a clue.  I stopped building tor
>from ports a long time ago.  
>     I updated FreeBSD, and I've now tried everything I could think of to get
>tor built using the openssl port, barring renaming the base system's version,
>but nothing has worked.  Even explicitly specifying
>--with-openssl-dir=/usr/local/lib on ./configure, it still links it with the
>wrong one:
>
>/usr/local/bin/tor:
>	libz.so.4 => /lib/libz.so.4 (0x4817b000)
>	libm.so.5 => /lib/libm.so.5 (0x4818d000)
>	libevent-1.4.so.3 => /usr/local/lib/libevent-1.4.so.3 (0x481a2000)
>	libssl.so.5 => /usr/lib/libssl.so.5 (0x481b7000)
>                       ^^^^^^^^^^^^^^^^^^^^
>	libcrypto.so.5 => /lib/libcrypto.so.5 (0x481f7000)
>	libthr.so.3 => /lib/libthr.so.3 (0x48346000)
>	libc.so.7 => /lib/libc.so.7 (0x4835a000)
>	librt.so.1 => /usr/lib/librt.so.1 (0x4845a000)
>
>What, exactly, does the ports subsystem do to make tor build using the openssl
>port?
>     Any helpful suggestions, other than to build tor from the tor-devel port,
>which I have no intention of doing, would be greatly appreciated.  In the
>meantime, I no longer have a working tor. :---*(
>
     Never mind. :-)
     I did play with the security/tor-devel port, but didn't install it.
Looking at the output, I noticed that the link edit of tor had a
"-rpath=/usr/local/lib" on the gcc command that I didn't have in mine.
Adding 'LDFLAGS="-rpath-/usr/local/lib"' to the ./configure took care of the
problem.  0.2.2.6-alpha is running properly now. :-)
     Thanks, Hans, for the clues that were indeed in your message.  I just
was a bit slow on the uptake.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-relays mailing list