Tor v0.2.1.23 dose not work in my windowsXP box and Tor v0.2.1.24 can not work in my Debain
Peng Zhou
zpbrent at gmail.com
Sun Feb 28 04:33:02 UTC 2010
Furthermore, I run "openssl s_client -connect IP:port" for the bridge may
get a CONNECTED(00000003) and permenant hang, but I do it for
bridges.torproject.org:443, after CONNECTED(00000003), I can get information
like below immediately:
=================================================================
depth=0 /serialNumber=aUVt2jpYrUSfuqm7lWOF81xG9CFh9r1-/C=US/O=*.
torproject.org/OU=GT86487530/OU=See
www.rapidssl.com/resources/cps(c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.
torproject.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /serialNumber=aUVt2jpYrUSfuqm7lWOF81xG9CFh9r1-/C=US/O=*.
torproject.org/OU=GT86487530/OU=See
www.rapidssl.com/resources/cps(c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.
torproject.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /serialNumber=aUVt2jpYrUSfuqm7lWOF81xG9CFh9r1-/C=US/O=*.
torproject.org/OU=GT86487530/OU=See
www.rapidssl.com/resources/cps(c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.
torproject.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/serialNumber=aUVt2jpYrUSfuqm7lWOF81xG9CFh9r1-/C=US/O=*.
torproject.org/OU=GT86487530/OU=See
www.rapidssl.com/resources/cps(c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.
torproject.org
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDXTCCAsagAwIBAgIDD4pqMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTAwMjI1MDEzNzI5WhcNMTEwMjI3MDYyMDMw
WjCB5zEpMCcGA1UEBRMgYVVWdDJqcFlyVVNmdXFtN2xXT0Y4MXhHOUNGaDlyMS0x
CzAJBgNVBAYTAlVTMRkwFwYDVQQKFBAqLnRvcnByb2plY3Qub3JnMRMwEQYDVQQL
EwpHVDg2NDg3NTMwMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNvbS9yZXNv
dXJjZXMvY3BzIChjKTEwMS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBWYWxpZGF0
ZWQgLSBSYXBpZFNTTChSKTEZMBcGA1UEAxQQKi50b3Jwcm9qZWN0Lm9yZzCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/zFwQPQQ5znAF25kxcf1OGHUhdJExQB
svfi2kov0L/tqCw53++zJ5iQjIfTx+hbixEJIv+u6XDu9WKl1FtyZkV/CcrRp0oC
p07SDK1uRd09Chvws7MGJi4I+rcIzhu3tNDLXQHMcLjz5v+2cdnA/jKKWbeUatMd
uYSaTrM+09kCAwEAAaOBrjCBqzAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0OBBYEFJCL
ANJ+x/1iMVb4KTCYWWZiZJtuMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwu
Z2VvdHJ1c3QuY29tL2NybHMvc2VjdXJlY2EuY3JsMB8GA1UdIwQYMBaAFEjmaPkr
0rKV10fYIyAQTzOYkJ/UMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAN
BgkqhkiG9w0BAQUFAAOBgQBk5qPU6HAByBgD5XMDtA2w/NLXEVm9o/xCtPBpfl7u
8LvnL/WqBPvHhH77V8dU7l73wbdqbe3eNHrm5xu7WxKVrBeq4qz5uoi2/vHEJ9/+
vGPpVMHzHMnUFpJWxoARy5dNp2QHSngOs8fCXvtNwb1d7iLn18oWPuk1bn6uMI9x
7w==
-----END CERTIFICATE-----
subject=/serialNumber=aUVt2jpYrUSfuqm7lWOF81xG9CFh9r1-/C=US/O=*.
torproject.org/OU=GT86487530/OU=See
www.rapidssl.com/resources/cps(c)10/OU=Domain Control Validated -
RapidSSL(R)/CN=*.
torproject.org
issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
No client certificate CA names sent
---
SSL handshake has read 1429 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID:
6C10366E7BB529BF9F4EAE5E851A1918E1634F79E36536812B4D5D12E14F2BB1
Session-ID-ctx:
Master-Key:
30F830369A5662636957D5E1AB733AE590F019A9A0245BC6DDB60D32521C022FFABD7C6BA30DE6B9C16D780398433492
Key-Arg : None
Start Time: 1267331357
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
===============================================================
Best Regards
Brent
2010/2/28 Peng Zhou <zpbrent at gmail.com>
> The result of "openssl s_client -connect IP:port" is CONNECTED(00000003)
>
> And I can use Gmail via https successfully, I also can access
> https://bridges.torproject.org/ successfully too :-)
>
> 2010/2/28 Andrew Lewman <andrew at torproject.org>
>
> On 02/27/2010 09:41 AM, Peng Zhou wrote:
>> > Previously, I use the network from HongKong Polytechnical University
>> > (I don't know who is the ISP for HK PolyU), when I try to connect with
>> Tor.
>> > via bridge 74.207.232.33:443, I have found its TCP handshaking works
>> fine,
>> > but SSL handshaking is blocked (A packet for SSL client Hello is sent to
>> > 74.207.232.33, but the bridge never gives me reponse):
>>
>> This could also mean the bridge is offline. If you can "openssl
>> s_client -connect IP:port", does this work?
>>
>> Is ssl to say, gmail, or taobao also messed up?
>>
>> --
>> Andrew Lewman
>> The Tor Project
>> pgp 0x31B0974B
>>
>> Website: https://torproject.org/
>> Blog: https://blog.torproject.org/
>> Identi.ca: torproject
>> ***********************************************************************
>> To unsubscribe, send an e-mail to majordomo at torproject.org with
>> unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100228/bf2e96a3/attachment.htm>
More information about the tor-talk
mailing list