Opened 11 years ago

Closed 10 years ago

Last modified 8 years ago

#1190 closed defect (fixed)

Renegotiation bug still present on OpenBSD 4.6 stable

Reported by: nixmlists Owned by: nickm
Priority: Low Milestone: Tor: 0.2.2.x-final
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: nixmlists, Sebastian, bsdtechie, arma, nickm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by nickm)

Renegotiation bug still present on OpenBSD 4.6 with applied.

Results in the supposedly fixed TLS renegotiation errors in .21, and prevents it from working. Works without the patch, but that
leaves the whole system vulnerable.

[warn] TLS error: unexpected close while renegotiating

same exact problem with

OpenBSD 4.6 ships with OpenSSL 0.9.8k

What is the work-around?

[Automatically added by flyspray2trac: Operating System: Other]

Child Tickets

Change History (6)

comment:1 Changed 11 years ago by arma

Does openbsd still ship with a crippled openssl?

Do the newer Tor builds build better? Or do you need to use your
own openssl on openbsd now since they removed critical functionality?

See also bug 1225.

comment:2 Changed 10 years ago by nickm

I think the newer Tor alphas handle this properly; somebody should fire up an OpenBSD to confirm.

comment:3 Changed 10 years ago by nickm

Description: modified (diff)
Milestone: Tor: 0.2.2.x-final
Owner: set to nickm
Status: newassigned

comment:4 Changed 10 years ago by nickm

Resolution: Nonefixed
Status: assignedclosed

There seem to be several openbsd Tor nodes running happily. Since nobody has confirmed this (or talked to us at all about it) in the last 5 months, I think we can call this fixed.

[I tried to confirm/disconfirm myself, but trying to update my openbsd vm was a very 1990s experience that ultimately ended in partition-full errors.]

comment:5 Changed 10 years ago by nickm

(Tas has just confirmed:

01:37 < Tas> nickm: as far as I can tell the patch fixed it all


comment:6 Changed 8 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.