From owner-freebsd-bugs@freebsd.org Sat Dec 29 03:00:18 2018 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1273A142EC77 for ; Sat, 29 Dec 2018 03:00:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 8D597814BA for ; Sat, 29 Dec 2018 03:00:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 50FF6142EC76; Sat, 29 Dec 2018 03:00:17 +0000 (UTC) Delivered-To: bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1DA94142EC75 for ; Sat, 29 Dec 2018 03:00:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ABFA4814B9 for ; Sat, 29 Dec 2018 03:00:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id E94F7187D2 for ; Sat, 29 Dec 2018 03:00:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id wBT30Feu050111 for ; Sat, 29 Dec 2018 03:00:15 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id wBT30FXk050110 for bugs@FreeBSD.org; Sat, 29 Dec 2018 03:00:15 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 234483] Tor relay on FreeBSD 12.0-RELEASE gives OpenSSL errors with Base OpenSSL 1.1.1a Date: Sat, 29 Dec 2018 03:00:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: neel@neelc.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Dec 2018 03:00:18 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D234483 Bug ID: 234483 Summary: Tor relay on FreeBSD 12.0-RELEASE gives OpenSSL errors with Base OpenSSL 1.1.1a Product: Base System Version: 12.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: neel@neelc.org When I run a Tor relay on FreeBSD 12.0-RELEASE with Base OpenSSL (1.1.1a), I get errors like: Dec 28 21:34:13.000 [warn] Unhandled OpenSSL errors found at src/common/buffers_tls.c:155:=20 Dec 28 21:34:13.000 [warn] TLS error: internal error (in SSL routines:tls13_hkdf_expand:---) This is an OpenSSL error, as described in Tor's bug tracker of the same err= or on Debian Buster: https://trac.torproject.org/projects/tor/ticket/28616 A GitHub pull request with a fix is here: https://github.com/openssl/openssl/pull/7755 This fix has been committed to OpenSSL. The full Tor execution log is: neel@xb3:~ % tor -f /tmp/torrc Dec 28 21:34:00.959 [notice] Tor 0.3.4.9 (git-4ac3ccf2863b86e7) running on FreeBSD with Libevent 2.1.8-stable, OpenSSL 1.1.1a-freebsd, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.7. Dec 28 21:34:00.960 [notice] Tor can't help you if you use it wrong! Learn = how to be safe at https://www.torproject.org/download/download#warning Dec 28 21:34:00.960 [notice] Read configuration file "/tmp/torrc". Dec 28 21:34:00.963 [notice] Your ContactInfo config option is not set. Ple= ase consider setting it, so we can contact you if your server is misconfigured = or something else goes wrong. Dec 28 21:34:00.963 [notice] Based on detected system memory, MaxMemInQueue= s is set to 5582 MB. You can override this by setting MaxMemInQueues by hand. Dec 28 21:34:00.964 [notice] Scheduler type KISTLite has been enabled. Dec 28 21:34:00.964 [notice] Opening OR listener on 0.0.0.0:12345 Dec 28 21:34:00.000 [notice] Parsing GEOIP IPv4 file /usr/local/share/tor/geoip. Dec 28 21:34:01.000 [notice] Parsing GEOIP IPv6 file /usr/local/share/tor/geoip6. Dec 28 21:34:01.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours = from now. Dec 28 21:34:01.000 [notice] You are running a new relay. Thanks for helping the Tor network! If you wish to know what will happen in the upcoming weeks regarding its usage, have a look at https://blog.torproject.org/blog/lifecycle-of-a-new-relay Dec 28 21:34:01.000 [notice] It looks like I need to generate and sign a new medium-term signing key, because I don't have one. To do that, I need to lo= ad (or create) the permanent master identity key. If the master identity key w= as not moved or encrypted with a passphrase, this will be done automatically a= nd no further action is required. Otherwise, provide the necessary data using = 'tor --keygen' to do it manually. Dec 28 21:34:01.000 [notice] Your Tor server's identity key fingerprint is = 'FU 826502AA721AC21F0E54104490DB3D97932C6D05' Dec 28 21:34:01.000 [notice] Bootstrapped 0%: Starting Dec 28 21:34:01.000 [notice] Starting with guard context "default" Dec 28 21:34:02.000 [notice] Guessed our IP address as 103.60.128.113 (sour= ce: 204.13.164.118). Dec 28 21:34:04.000 [notice] I learned some more directory information, but= not enough to build a circuit: We have no usable consensus. Dec 28 21:34:05.000 [notice] I learned some more directory information, but= not enough to build a circuit: We have no usable consensus. Dec 28 21:34:06.000 [notice] The current consensus has no exit nodes. Tor c= an only build internal paths, such as paths to onion services. Dec 28 21:34:06.000 [notice] Bootstrapped 45%: Asking for relay descriptors= for internal paths Dec 28 21:34:06.000 [notice] I learned some more directory information, but= not enough to build a circuit: We need more microdescriptors: we have 0/6304, a= nd can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint= bw, and 100% of end bw (no exits in consensus) =3D 0% of path bw.) Dec 28 21:34:09.000 [warn] Received http status code 414 ("Request-URI Too Large") from server '178.62.197.82:80' while fetching "/tor/server/d/6BA61E560AA0735A1F4BD3C95E971F9CE7DCE144+6BABC0C026A98AB5BFE= 784A15801F1B946668E41+6BB0D1D17BA554F0A20B9590A94D6D8C39AB5C84+6BB2E76B5348= A9A37B74F7846C9D30977275E441+6BB4C962BF1BA9E2A505CE9F28A99F528D2D14DD+6BC8F= 61B06E45F678A150B3DB8436D6F847E2E23+6BCD375642BDDD664BC1DBD9DB54D2051420922= D+6BD76E196205882E4620784AFAF150D7E9A907F6+6BE53CFC03F4D32CE3237CDDA6E29FC9= FB9895B6+6BF8059B7DA3FE596C093F1FAF38D8461E078893+6C0EE8EBBFF6CD7D84B676B8D= DA1446AAC93712B+6C0F87282C66DD30FDB99509DB38304D69988348+6C1CFE9F68F6778BC1= 05737B3EF7A25D31F5AF4A+6C21B2D2DA835AA3ADD67B6542E7A5ED5C8885B9+6C249E61254= EFD932DC499EFEDB5B0769CAE5D2B+6C27A1B3664B1A90A8A1353B03FB278DB884C07C+6C2F= 1A173B2B9CDBE43083B0DF23EB017F601447+6C38295E21263A32F675B2A8AB830C2ADA30E0= C4+6C3D5949A41ED1B56D93B159CBAD7B9BE991005F+6C40A586AC9ACC83480494B53BB308C= A4CE7EBC8+6C4A304C8CC2667D2E22FEC9FBD679A3F7CBF23C+6C4A4A52ECCAA10D15092BBC= 20D2A3D0574A3EE4+6C4E269053A63D9BDF6E7D8A5ECEA22A7A21A580+6C598B5C1EB3D83E9= 72BFFC2B7C8C33CBA2871AA+6C5A736A9E3D33B68D8B6C84779B0EF87743D758+6C641C0CB4= 58D4073032F65E4C2E8C96DA1F446C+6C73EB9BBEB0AE02FED374B3E00D2818380BA5BF+6C7= 92A41D02154C2A4F7D4B9261030A7700A366D+6C7EA551EB3CE2BB3E15F9BEDA9FF8D519BCF= 27F+6C83F23B397EAB37D8FEA86379A7577142D3EFB3+6C85720AF0A54A2D9B49C93711CE41= 32A27EF5A6+6C86B6C9F657BDC2AFFC1E2C55F9789A853036C5+6C97E7917B6ECF576A975A0= 1AAF66BFE7AF498DD+6C9937743CD50CCC3846D1B3D67CA8867CE6EBD4+6CB91AFCCA20BDC1= 4D291A839685B09F520C91E2+6CB9573D1A0BAF2B19A7C9BA0FA57C01693A2EB6+6CBA4C440= 38A5E267D7769140F7F32F85C694445+6CCACA542DBE3173C86856D36CA8057E69CC33F4+6C= CBC5A623551FFD6203BD90DE763B7BFD945021+6CD1E5ECC008985BF35BDAA00519A99C9367= 3966+6CD30F84AC39A6402FDBF724B4E7FCDFBE372870+6CDE25228815AFAC8DA00BBCCCC60= A704367BD62+6CDF2A69D7885B7FB0100049996D853CC4FE7A54+6CE1C6BA07C1808E679A0D= 3681FEC0D4A6AC8092+6D01575370CEC6C72C49D4A5AB0DFC3C6629FCFB+6D06821CBA1DFE3= 9189CD23BA0438D76953F44D5+6D19178EEDDB8479C1E90DDC8F4B3C88A8B3C8BE+6D1E03DA= 2148BD231E0615BEA0320F936CEDABA1+6D1F07C0E04F118550195EBA5A5B6D128604377C+6= D2505D71CE9DCCEC1AD604DAEC4579A9F553E90+6D2651D3C3826294ACF6D7D537C6C532FC0= 53584+6D3C2DDBB3EBFF4A89E23696E729C81C75820F7C+6D4D7DBFABE3DE2CE69AB3E0C84E= 9AEED8801DA7+6D582F3436B346350BDD46A5A11891917EC4426D+6D6D26B86C690FD8134DB= C4142A446DD8E02BFE1+6D7ED32B00B84558F2720AA70FA5DE4FC9305085+6D853941FC535C= BB0956D0239213280E4C26245E+6D910B5C0E3357F4DECA50C38A9A47B2C883E103+6D9F071= 9859053BFC6A930ADDE82A20F818355C8+6DA1E4695AA0E3A0BF2CAA24266A009A15452DF9+= 6DA2AADC0B7A11B41733B03A683511BBAEDBA46D+6DA771CB739D6802325751DBD7E40C2B9B= 44F31D+6DAA9FE04800845B0D960BF0E1798DFB2605C658+6DAC14FBBFD1E584EE280610B0F= 8D9626449AF4F+6DAF18DAE204455941FA748CD8548E63EDB3503F+6DC1D9AE9FC403F35FDF= E00759BD66E5D1049CD7+6DD07B2D3B3C06A29CF69BE4A71BDF86F5023854+6DD7C1A6D726E= D6B98AB940D40BB1ABA61AA8773+6DD916B324256E3CA4B7D50E21A0994DB8CA28E1+6DE2BC= 24AF8C907F1435136894C5A2EABBCC86A0+6E063D7BDB7F3AC7524029B9C4F5882B7B30EAC1= +6E1075B6572DB25E69992B5CB65D91BC732D3666+6E10AFC73CC97C47A31A0F5E5ADA6B622= 97DA45F+6E1114E01EB05D149D5A41B75BE1E666A5D81BF2+6E2C4E9E5946722F8469173675= 00989F60827635+6E355CB6E35F917785DBB83FC3088D004AAF33DA+6E3CBB023867A0152CD= B9555217C613B51EB6580+6E4E95F64203CE76E3FD2611C4D178CC7C995D27+6E736C50A1D5= A2F31A8488EA1B5D60E191565E2D+6E737E6FB161B76241DD1A9E4D8131B7DDB18064+6E820= C77795AAAA98FEA53E68F286CF2231AD522+6E98E191C7AE23F6C9A6B560390D489B3908D68= 7+6EBF7859B66AA81F3CE613D89D6A4F305F34DC0B+6EC884F48706EAE59B9F8039DC0090F7= 315EED28+6ECF2C557213DDC854C0E6DA65C6714178A2665A+6ED2B5F47AE7C7D06E70C53A4= 5687FA71FEBF4B1+6ED73979E12D72BF410147B9301B7AC7ED51DB83+6ED8830BDF8854028B= 3AA7C41A3289AEBBAC1EE5+6EDF9F1363AAC35FB453712583937D2545FB02E3+6EE119C13B9= B3FF746AE49442E4D86C60A79E3A2+6EE8DD17A38DD08F14490EED3ACDFF5EF544C5FA+6EEA= 62C69077D535B25FE7054E50F6C2B100F6EF+6EF280D7DA24B69712156AA3B93CD8A777DFB0= F2+6EF5E021C907705A798BC80E3ABD1C7A0D6DDE12+6EFDAE0D1482779806F61690B192708= CB72B75CF+6F010960B1FDC6A6DA0C69EC9FA1A29F6D009ACE.z". I'll try again soon. Dec 28 21:34:10.000 [notice] The current consensus contains exit nodes. Tor= can build exit and internal paths. Dec 28 21:34:10.000 [notice] Bootstrapped 50%: Loading relay descriptors Dec 28 21:34:13.000 [warn] Unhandled OpenSSL errors found at src/common/buffers_tls.c:155:=20 Dec 28 21:34:13.000 [warn] TLS error: internal error (in SSL routines:tls13_hkdf_expand:---) Dec 28 21:34:14.000 [warn] Received http status code 502 ("Bad Gateway") fr= om server '91.219.237.229:80' while fetching "/tor/server/d/FBF21FF9897F474297A746122A983E5BE4FE3807+FBFD95D0C5602846E2B= 029FCA1AD9EF32EC15933+FBFFF51CCEC022453BDC2EAB63797AD66168102B+FC2FD14EDFA1= 9B90A42388A9CD83BBE9E46F5C4D+FC40639DCA5D0869D937C9F9DE36172BCC6C61C8+FC47A= BD004E3ABBFAF1C831AF227CA67D9D53809+FC563EDF7A9DE0309DE7ACA53BFA8C6CAFB8FCA= 7+FC6A7F68B91E1A0BFDE6D7F1F137D6AFA7E362B4+FC6B51D3722A64F5224BE97E0DD7A7CF= 854EACEC+FC6BD554E8AA2D5E9E52E632A9B11D314B042F76+FC7612BA423D7DE0620647A90= 461B0726F46C54E+FC7BC79A13B264E12C06D68DF1C8E1BE424918DA+FC93A69831E407D44E= A3786EA223E99031C5A725+FC9E2985F8F478ED0DDA74E90268FCA79384B50B+FCA41BEA99B= EC4F134740F8FF55DC9F9A6E4B071+FCAEBA0E828A0B00A3E71EF486422DB6BF66B46D+FCB0= 008EEAEF4701510A93374BF9352ADB74F58E+FCB3A1AE6E93AA48FA7E10555027BF8CE806E8= A9+FCB4E1FF5F2F64813206CB69C849F084ABB1D8F8+FCB61C968F25056E7F33A24781C74AB= 8226B5475+FCB8CB03630C3EC476A3F9FE3B058C0579159B08+FCC0335C94BF02A0954E10D3= 0728459AF87C7FCF+FCC77C7A8E1A0EAD7C56B7E09C353CDF7FA7C8BB+FCC908AC69730D514= 1B394DA0EFC1AC456A84628+FCCC3460380BF5818E272B598029F26E82D26826+FCD9725C55= FEBB8CCAEB978215C9CBBE8AB2E510+FCE1193DF6ACBDE74FF1D8A6337141939AC05CD1+FCE= 8517CB110D928D8204C893E29C538D169B41F+FCED665B79EA5A1B730B994302980BB20598B= BB9+FD0295FFFE94FCC2DBEE25447A9E493B62397327+FD1A61A3FB3FC1C47C72DE6CA36A5A= 46950F4136+FD20E1591EA023EF89371E624ABC35E26045FFF5+FD23197A0C539D1CFA56598= C84B81D40F1B5B1AC+FD2CA408DCF637C18284858CFB42EE77ED463569+FD32D2DFB824B0D5= B32A5936DC7C18A9560848B0+FD85DE1ECF1AE55D8B0D196468FF8B34E707A3ED+FD89C73CC= 3C6823050DABAAE4D23026E725C2D9B+FD989CFC7D2C25CDCA248E52F01F59FA24558DC6+FD= A49681DD606E43F12A6881BBC95CB2629DF691+FDAAD4D02358F67A7694CB9912608A6B4CBF= B1CE+FDACE198B28F61772C2398F1347F58E7F2F6717B+FDAF59BD3F812EE4F62940EBDB03E= 8F2697135F6+FDE2887BE85E4DC874CE4255FD1EA35A4F1A9E8A+FDEA865DBA2D5B1CB684B8= 383282544A4C1080C5+FDF013495487AD3180CA5F35CE5EEA5AD1CF358E+FDFBDEABA5B75E6= 78AED82354435CA48951B6D95+FE0AF05467957FD9F93378E8215218705AFE058B+FE192A0D= 2FAB6CE92115F456E634DA44812FCA7E+FE1BEFD2BB86E512B4787A2E1BC56333AC877316+F= E264E779B92592B35FAD8910D4072815EB895A0+FE2E6199696AED4851DE3D21DFCDF6B0D1D= 29CC7+FE51135C218ED4CF00CDD2182D46B7E11DE030A3+FE557E0A047843027088450D31D0= 7A9B7DC57718+FE5E4A424D51FCA3976CA8BAC51DE99E4B7DC33F+FE75A220DD30F2E5C7413= D8D3170BA0A6F47CAB3+FE7EAA8998DCDD0A5F5FF19673C0561BC11F3F5E+FE83BA9A8CDB50= 76C8127FE216C0682474D7F0C5+FE8A407C3A9A628E40BF30C223187325C60D6AED+FEA3274= 1E3E91C52904323DED19B8FBB54604F04+FEA5FDCF21F0643EEDE989A1ADDB7E108093C7EE+= FEAE6B4BF73AD6E8D9918FAD64554FE6D31FF349+FED85AB37322A6061F17C0522D61DB4A59= 0F71CC+FEE62E20AED0712F7E0D5C1C549C0B004DC08C99+FEFD9E2BA82382CB6350B0CD6B3= 2385D64917DD9+FF0BC4FB558CF8AF3D9F12B12822AB21C381FC5E+FF13770F9AB1FD078E2E= 72A841C7CCF5B5AB70B2+FF1BC37B42EC7DBA0AD5FDC4869C72ABD01E90A9+FF2F0788AA5BF= 98E7020F2211AE21BD769895CEC+FF39BF5564D1E4496FB8124407F0276F76C21720+FF4202= 07BF9B1EF41AB99FC1455DD6662A1A9D2F+FF5565D70661C973A8003449D1739523723373B9= +FF58875F8A3738D80EBDD76CF24DC96BA5EF655A+FF657A99C674DE4A1B14E2FB85B36348C= 49F0737+FF751CC45CA98EAF8A1FA65AC8C992598BDA0259+FF7A9D3356B0722F6F232FF2CF= 961A5B4BA57B9E+FF7C46AF64EAA7D35BCC25CC5775FB5FBC522785+FF7F1E7AEB02F6EF9C9= 8F97E118C837C29EE3738+FF7F2A374A5AA42BAC302A36AA888782C7DF547E+FF88E5E33E61= 68DCE872541DC3CBB605010C1F08+FF8E391B2D3FE964C1F5DABD89D0063EC5BBC1C7+FF9CF= 8E72E09F5CB503BEFF368367F5081A97F06+FFA0289428477B55B3AA9C2266406CEFE80C47D= 3+FFC01983508CF9722A3DFF9A8EEBC136F97BBCF8+FFD110A122B68041EBE5D57FDA44A3CE= 060CA4A5+FFE832B65EB739F0A5D7CB7BD034CC343DE1E7A1.z". I'll try again soon. ^Crm^C^C Dec 28 21:34:23.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. Dec 28 21:34:23.000 [notice] Delaying directory fetches: We are hibernating= or shutting down. Dec 28 21:34:25.000 [notice] SIGINT received a second time; exiting now. neel@xb3:~ % --=20 You are receiving this mail because: You are the assignee for the bug.=