[tor-bugs] #4779 [Tor Relay]: AES broken since 0.2.3.9-alpha on CentOS 6
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Dec 27 22:14:39 UTC 2011
#4779: AES broken since 0.2.3.9-alpha on CentOS 6
-----------------------+----------------------------------------------------
Reporter: Pascal | Owner: nickm
Type: defect | Status: accepted
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version: Tor: 0.2.3.9-alpha
Keywords: aes | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by Pascal):
The following testing was performed inside the VMWare image
http://downloads.sourceforge.net/thoughtpolicevm/centos-6.0-x86_64-minimal.zip
Nickm's test and "make test" from 0.2.3.10 both failed in this image (as
expected).
I installed http://www.openssl.org/source/openssl-1.0.0e.tar.gz using the
commands:
./config shared --prefix=/usr --openssldir=/usr/include/openssl
make
make test
make install
After confirming the new version of OpenSSL was installed (using the
"openssl version" command) I reran both tests. Both passed. I then
installed http://www.openssl.org/source/openssl-1.0.0.tar.gz again using
the above commands. I again confirmed the new version of OpenSSL was
installed and reran both tests. Both failed.
This would appear to indicate the bug was in OpenSSL 1.0.0 and has since
been fixed. I was unable to get OpenSSL 1.0.0a to build, but the 1.0.0b
of Fedora 12 has previously tested good.
Rather than doing a version check, I would recommend implementing a test
during startup to determine if the installed OpenSSL is working correctly
and use a workaround if not.
Anyone know how to get Red Hat to upgrade RHEL 6 to a newer OpenSSL?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4779#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list