Date: Tue, 8 Jun 2010 12:10:55 -0500 (CDT) From: Scott Bennett <bennett@cs.niu.edu> To: "b. f." <bf1783@googlemail.com>, Ruslan Mahmatkhanov <cvs-src@yandex.ru> Cc: freebsd-ports@freebsd.org Subject: Re: security/tor and WITH_OPENSSL_PORT=yes Message-ID: <201006081710.o58HAt4M006906@mp.cs.niu.edu>
next in thread | raw e-mail | index | archive | help
On Mon, 7 Jun 2010 19:24:36 +0000 "b. f." <bf1783@googlemail.com>
wrote:
>>Why we need uncoditional WITH_OPENSSL_PORT=yes in security/tor?
>>It builds fine on 8-stable with base system openssl.
>>
>>Moreover this setting isn't needed on -CURRENT because openssl 1.0 is in
>>base system. May be it should be removed from port's Makefile?
>
>You are right that it no longer should be unconditional, but not that
>it should be removed altogether. Remember, although you may be
>running a recent version of 8-stable, with openssl 0.9.8n, others may
>still be using older, but still supported, versions of the FreeBSD,
>with older base system openssl.
>
>And, as far as I know, openssl 1.0 is _not_ in the base system, even
>in -CURRENT. We are still at 0.9.8n.
>
>Anyway, I think Martin planned to fix this, now that __FreeBSD_version
>has been bumped after some recent changes.
>
Before anyone decides to "fix" this, they should keep in mind that
the port needs not only to build correctly, but to *run* correctly. tor
built with openssl 1.0.0 builds just fine on 7.3-STABLE, but definitely
does not work in relay mode. Clients and other relays attempt to connect
to it, but no data packets ever get through, and the connections are soon
closed. Because of this, tor's self-reachability testing fails, so it
never publishes a descriptor. After the update from openssl 0.9.8n, a
version that had worked just fine, came through, I had to install
portdowngrade and use it to get back from openssl 1.0.0 to openssl 0.9.8n
in order to get tor to work properly again.
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201006081710.o58HAt4M006906>