Opened 11 years ago

Last modified 8 years ago

#1223 closed defect (Duplicate)

Latest OS X security update disables renegotiation

Reported by: Sebastian Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: Sebastian, nickm, arma, phobos Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Meaning our current Tor bundles will not work

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 11 years ago by nickm

Sounds like we ought to statically link openssl. :p

comment:2 Changed 11 years ago by Sebastian

I thought about that as a workaround for our packages, yes. :/

comment:3 Changed 11 years ago by rft

Is this the bug that manifests itself with the following warning line in the message log:

TLS error unexpectd close while renegotiating

All of the MacOS X bundles I tried, (all the latest ones) exhibit this problem for me,
so I cannot use tor at all at the moment. Is there a workaround on MacOS X?

[running MacOS X 10.6.2 all updates installed]

Thanks in advance for any help!

comment:4 Changed 11 years ago by Sebastian

Yes, that's the one.

ln5 on IRC claimed that some apple security team member said that they
just updated to a new openssl version, instead of really making
renegotiation impossible. If that is true, our fixes fail to work on OS X. No
idea how to look at that more.

comment:5 Changed 11 years ago by phobos

flyspray2trac: bug closed.
see bug 1225

comment:6 Changed 8 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.