Tor fails to build connections after FreeBSD security update
Andrew Lewman
andrew at torproject.org
Sat Dec 5 16:39:33 UTC 2009
On 12/05/2009 09:54 AM, Hans Schnehl wrote:
> [snip]]
> NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate
> SSL / TLS session parameters. As a result, connections in which the other
> party attempts to renegotiate session parameters will break. In practice,
> however, session renegotiation is a rarely-used feature, so disabling this
> functionality is unlikely to cause problems for most systems.
> [snip]
Tor initiates a ssl renegotiate at the start of a circuit, the latest
openssl breaks tor. The fixes for this are currently in -alpha only.
The 0.2.1.21-dev in git also contains the fix. We're testing
0.2.2.6-alpha right now,
https://blog.torproject.org/blog/tor-0226-alpha-released. Please try
0.2.2.6-alpha and let us know if it works.
If 0.2.2.6-alpha is shown to work well, then we'll release
0.2.1.21-stable soon.
Thanks for running a relay!
--
Andrew Lewman
The Tor Project
pgp 0x31B0974B
Website: https://torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject
More information about the tor-relays
mailing list