FS#61623 - [openssl] regression in 1.1.1a breaks tor

Attached to Project: Arch Linux
Opened by Jon Gjengset (Jonhoo) - Monday, 04 February 2019, 00:29 GMT
Last edited by Jan de Groot (JGC) - Friday, 31 May 2019, 06:51 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Pierre Schmitz (Pierre)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:

The release of openssl 1.1.1a breaks tor due to an erroneous backwards-incompatible change in OpenSSL (https://github.com/openssl/openssl/issues/7712). It's been fixed in https://github.com/openssl/openssl/pull/7755, but that fix isn't schedule for a release for another few months. In the meantime, tor fails to establish any connections with:

Feb 03 19:23:01 Tor[331]: Unhandled OpenSSL errors found at src/common/buffers_tls.c:65:
Feb 03 19:23:01 Tor[331]: TLS error: internal error (in SSL routines:tls13_hkdf_expand:---)

Observed with:

- openssl 1.1.1.a-1
- tor 0.3.4.9-1

We should probably include https://github.com/openssl/openssl/pull/7755 until a new OpenSSL release is published.
This task depends upon

Closed by  Jan de Groot (JGC)
Friday, 31 May 2019, 06:51 GMT
Reason for closing:  Fixed
Additional comments about closing:  1.1.1.b-1
Comment by regid (regid1) - Saturday, 23 February 2019, 21:20 GMT
Was I expected to see that log snippet in the journal when starting tor? tor 0.3.5.8-1 was uploaded a short while ago. With it, and openssl 1.1.1.a-1, there is no such snippet in the journal after tor has started.
Comment by loqs (loqs) - Saturday, 23 February 2019, 22:06 GMT
https://github.com/torproject/tor/pull/625 the bug is detected and worked around.
Comment by Eli Schwartz (eschwartz) - Sunday, 24 February 2019, 03:41 GMT
  • Field changed: Summary ([openssl] 1.1.1a breaks tor → [openssl] regression in 1.1.1a breaks tor)
  • Field changed: Status (Unconfirmed → Assigned)
  • Task assigned to Pierre Schmitz (Pierre)
The workaround is to detect the buggy behavior and disable TLS 1.3 entirely, so we'd better backport the fix for openssl instead...

Loading...