Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #24978

Closed (moved)
Open
Opened Jan 23, 2018 by Nick Mathewson@nickm🤠

Tor doesn't work when built with (unreleased) OpenSSL 1.1.1 built with enable-tls1_3

From https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/ :

If you explicitly configure your ciphersuites then care should be taken to ensure that you are not inadvertently excluding all TLSv1.3 compatible ciphersuites. If a client has TLSv1.3 enabled but no TLSv1.3 ciphersuites configured then it will immediately fail (even if the server does not support TLSv1.3) with an error message

That's the situation we're in now. When OpenSSL 1.1.1 releases in April, current Tor versions just won't work with it at all, since they have neither disabled TLS1.3 nor enabled any TLS1.3 ciphers.

We have two options for fixing this: I'll implement both and we can see what we like.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Tor: 0.3.3.x-final
Milestone
Tor: 0.3.3.x-final
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#24978