[tor-bugs] #16901 [Tor]: tor 0.2.7 configures OS X system OpenSSL, even though it's to old to work
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 26 22:43:00 UTC 2015
#16901: tor 0.2.7 configures OS X system OpenSSL, even though it's to old to work
---------------------------------------------+-----------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor:
Component: Tor | 0.2.7.x-final
Keywords: TorCoreTeam201509 Post027Freeze | Version: Tor:
Parent ID: | 0.2.7.2-alpha
| Actual Points:
| Points:
---------------------------------------------+-----------------------------
Since we've deprecated OpenSSL 0.9.8, it's important that OpenSSL
autodetection works on platforms that only ship old OpenSSL versions (this
includes OS X and OpenBSD at least).
Currently, OpenSSL autodetection fails on OS X when the following typical
setup steps are taken:
1. Install MacPorts OpenSSL/Libevent
2. Build tor with `./configure --with-libevent-dir=/opt/local`
Tor appears to detect and accept the system OpenSSL at configure, then
fail late in the build process. It should fail at configure, say that
OpenSSL is too old, and ask the user to specify `--with-openssl-dir`.
Using `--with-openssl-dir` works as expected.
I don't know if I (teor) can fix this, but it's important it works on
release.
Relevant versions and logs are as follows:
{{{
$ gcc -v
Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr
--with-gxx-include-dir=/usr/include/c++/4.2.1
Apple LLVM version 6.1.0 (clang-602.0.53) (based on LLVM 3.6.0svn)
Target: x86_64-apple-darwin14.5.0
Thread model: posix
}}}
{{{
$ echo $PATH
/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:...
}}}
Note that using the standard path
`/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin` makes no difference -
configure still fails.
{{{
checking build system type... x86_64-apple-darwin14.5.0
checking host system type... x86_64-apple-darwin14.5.0
checking for gcc... gcc
...
checking for openssl directory... (system)
checking whether we need extra options to link openssl... (none)
checking for struct ssl_method_st.get_cipher_by_char... yes
checking for SSL_SESSION_get_master_key... no
checking for SSL_get_server_random... no
checking for SSL_get_client_ciphers... no
checking for SSL_get_client_random... no
checking for SSL_CIPHER_find... no
checking for TLS_method... no
checking for EVP_PBE_scrypt... no
...
CCLD src/tools/tor-gencert
Undefined symbols for architecture x86_64:
"_EVP_aes_128_ctr", referenced from:
_aes_new_cipher in libor-crypto.a(aes.o)
"_CRYPTO_THREADID_set_numeric", referenced from:
_tor_set_openssl_thread_id in libor-crypto.a(crypto.o)
"_CRYPTO_THREADID_set_callback", referenced from:
_crypto_early_init in libor-crypto.a(crypto.o)
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see
invocation)
make[1]: *** [src/tools/tor-gencert] Error 1
make: *** [all] Error 2
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16901>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list