[tor-bugs] #8179 [Tor]: stitched aes-ni ciphers in openssl 1.0.1d seems to break SSL Handshakes/Renegotiations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 7 03:15:17 UTC 2013
#8179: stitched aes-ni ciphers in openssl 1.0.1d seems to break SSL
Handshakes/Renegotiations
----------------------------------------------------------+-----------------
Reporter: ruebezahl | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version: Tor: 0.2.4.10-alpha
Keywords: openssl tor-client backport-022 backport-023 | Parent:
Points: | Actualpoints:
----------------------------------------------------------+-----------------
Comment(by nickm):
Okay, there's a possible set of workaround in my repository as branches
"bug8179_022", "bug8179_023", and "bug8179_024". They don't fix the
underlying problem -- they just tell OpenSSL it's not allowed to use those
stitched ciphers.
It would be great to have a fix in openssl; some understanding of how this
broke without getting caught; and some code Tor can call at runtime to see
whether it has a broken openssl or not.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8179#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list