[tor-dev] Quick logjam/Tor analysis.

Yawning Angel yawning at schwanenlied.me
Tue Jun 2 14:58:12 UTC 2015


On Wed, 3 Jun 2015 00:43:50 +1000
teor <teor2345 at gmail.com> wrote:
> (Mac) OS X Yosemite 10.10 and earlier ship with OpenSSL 0.9.8 and
> 0.9.7.
>
> [snip]
>
> While it's possible to build or install OpenSSL 1.0 or 1.1 on OS X,
> it's not the default.
> 
> How does this affect Tor and/or Tor Browser on OS X?

Tor Browser builds/includes it's own copy of OpenSSL, so there is no
impact there.

As of a little while ago on master, tor requires OpenSSL 1.0.0 with
ECDH support at build time. AFAIK this breaks the build with OSX,
FreeBSD 9.x, and certain (Old) versions of Centos/RHEL when compiling
against the vendor's OpenSSL.  The only resolution is "Too bad,
so sad, install a modern OpenSSL".

See #16034 and #16040 for details.

-- 
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150602/c6afd2e1/attachment.sig>


More information about the tor-dev mailing list