Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #8179

Closed (moved)
(moved)
Open
Created Feb 06, 2013 by Trac@tracbot

stitched aes-ni ciphers in openssl 1.0.1d seems to break SSL Handshakes/Renegotiations

running the tor deamon with static openssl 1.0.1d led to masses of

[warn] 45 connections have failed: [warn] 32 connections died in state handshaking (Tor, v3 handshake) with SSL state SSL negotiation finished successfully in OPEN [warn] 13 connections died in state renegotiating (TLS, v2 handshake) with SSL state SSLv3 read server hello A in RENEGOTIATE

while bootstraping the node. please see attached excerpt of the debug-log.

what's odd looking to my untrained eye there is:

[debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state before accept initialization [type=16,val=1]. [debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state before accept initialization [type=8193,val=1]. [debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state SSLv3 read client hello B [type=16392,val=522]. [debug] tor_tls_debug_state_callback(): SSL 0x7f70e1390720 is now in state SSLv3 read client hello B [type=8194,val=-1]. [debug] TLS error while reading with [scrubbed]: unexpected message (in SSL routines:SSL3_GET_MESSAGE:SSLv3 read client hello B) [debug] tor_tls_read(): read returned r=-1, err=-9 [debug] connection_read_to_buf(): tls error [misc error]. breaking (nickname not set, address xx.xxx.xx.xx).

compiling tor with 1.0.0k seems to fix this.

Trac:
Username: ruebezahl

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking