Tor for Mac OSX will not work after install the Security Update 2010-001
apple disabled the renegotiation in OpenSSL in this update. So the tor all the systems that installed this update will fail to connect to the server. The following warning will be showned: TLS error: unexpected close while renegotiating (SSL_ST_OK)
please check http://support.apple.com/kb/HT4004 for the details
*
OpenSSL
CVE-ID: CVE-2009-3555
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2, Mac OS X Server v10.6.2
Impact: An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL
Description: A man-in-the-middle vulnerability exists in the SSL and TLS protocols. Further information is available at http://www.phonefactor.com/sslgap A change to the renegotiation protocol is underway within the IETF. This update disables renegotiation in OpenSSL as a preventive security measure. The issue does not affect services using Secure Transport as it does not support renegotiation. Credit to Steve Dispensa and Marsh Ray of PhoneFactor, Inc. for reporting this issue.
[Automatically added by flyspray2trac: Operating System: OSX 10.4 Tiger]
Trac:
Username: cluckly