[Bug 897113] New: tor is built with/against previous openssl-1.0.1h and with a problematic configuration option
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c0 Summary: tor is built with/against previous openssl-1.0.1h and with a problematic configuration option Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: x86-64 OS/Version: openSUSE 12.3 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: lars.edman@bredband.net QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36 I run an updated openSUSE 12.3 x86_64 with openssl-1.0.1i-1.64.1.x86_64 Current tor-0.2.4.23-2.12.1.x86_64 from openSUSE-update seems to be built against OpenSSL-1.0.1h and leaves the following warning msg: sep 14 12:01:58.258 [Varning] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 1000108f: OpenSSL 1.0.1h 5 Jun 2014; running with 1000109f: OpenSSL 1.0.1i 6 Aug 2014). I have experienced the same after upgrading openssl to -1.0.1i in my Slackware server and got rid of the weird crashes through rebuilding tor against openssl-1.0.1i. -Will you do the same and update the tor.rpm? (I myself got problems trying to build it from source). Besides: The tor.log reports an other warning msg concerning your config: 14 12:01:58.258 [Varning] Tor was compiled with the --enable-bufferevents option. This is still experimental, and might cause strange bugs. If you want a more stable Tor, be sure to build without --enable-bufferevents. I can report that my current tor show strange bugs. It would be nice if you made an update of tor-0.2.4.23 built against openssl-1.0.1i and without --enable-bufferevents! Reproducible: Always Steps to Reproduce: 1. Start current tor-0.2.4.23-2.12.1.x86_64 with logging enabled 2. Read tor-log 3. (The crashes does not always come, but after a longer or shorter period) Actual Results: The warning msgs in the tor log always appear. The crashes does not come immediately, but after a longer or shorter period. The "weird bugs" described above appear from time to time, reported in the log, sometimes first after an hour or more. One "weird bug" example: sep 14 13:05:01.526 [Warning] Something tried to close an or_connection_t without going through channels at src/or/connection.c:3228 Expected Results: none of the events described under Actual Results About the severity: I can't call the bug severe, but every time I use tor as a client and it crashes: Of course I loose data. I would say it's an update miss: You should know that every time you update openssl you have to rebuild and update tor as well. Regards -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c1 --- Comment #1 from Lars Edman <lars.edman@bredband.net> 2014-09-17 12:52:38 UTC --- Created an attachment (id=606690) --> (http://bugzilla.novell.com/attachment.cgi?id=606690) my latest tor-log -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c2 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com AssignedTo|bnc-team-screening@forge.pr |Andreas.Stieger@gmx.de |ovo.novell.com | --- Comment #2 from Marcus Meissner <meissner@suse.com> 2014-09-17 13:44:45 UTC --- assign to maintainer. the openssl warning should be harmless and unrelated. if you see crashes, a backtrace from gdb would be helpful -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c3 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO CC| |Andreas.Stieger@gmx.de InfoProvider| |lars.edman@bredband.net --- Comment #3 from Andreas Stieger <Andreas.Stieger@gmx.de> 2014-09-17 14:25:00 UTC --- Thanks for the report. To isolate openSSL vs. buffered events, can you please test tor 0.2.4.23 from the network repository which is built against openSUSE:13.1:Update and thus sees OpenSSL 1.0.1i at build time? https://software.opensuse.org/ymp/network/openSUSE_12.3/tor.ymp?base=openSUSE%3A12.3&query=tor http://download.opensuse.org/repositories/network/openSUSE_12.3/x86_64/tor-0... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c4 --- Comment #4 from Lars Edman <lars.edman@bredband.net> 2014-09-17 19:35:54 UTC --- I will, as soon as possible tomorrow! In fact I was on my way trying the 13.1-version of tor. I'll get back and report. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c5 --- Comment #5 from Andreas Stieger <Andreas.Stieger@gmx.de> 2014-09-17 19:38:29 UTC --- (In reply to comment #4)
I will, as soon as possible tomorrow! In fact I was on my way trying the 13.1-version of tor. I'll get back and report.
Sorry I really _did_ mean network / tor built for the openSUSE_12.3 target which is openSUSE:12.3:Update, with OpenSSL 1.0.1i. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c6 --- Comment #6 from Lars Edman <lars.edman@bredband.net> 2014-09-17 20:08:09 UTC --- OK, my misunderstanding too! Did not know of that repo. I'll get it and try tomorrow and report back! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c7 --- Comment #7 from Lars Edman <lars.edman@bredband.net> 2014-09-18 07:54:07 UTC --- Created an attachment (id=606798) --> (http://bugzilla.novell.com/attachment.cgi?id=606798) log-tor-0.2.4.23-64.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c8 --- Comment #8 from Lars Edman <lars.edman@bredband.net> 2014-09-18 07:57:08 UTC --- So I tried tor-0.2.4.23-64.1.x86_64.rpm from http://download.opensuse.org/repositories/network/openSUSE_12.3/x86_64/: The OpenSSL-warning was gone, and in my experience that is was causes crashes. The warning about --enable-bufferevents option remained; Of course I'm not certain, but I think the bufferevents is what caused the warning: "Something tried to close an or_connection_t without going through channels at src/or/connection.c:3228" in my first attached log. I've been using tor as a client for som 7-8 years and as a node for 2 ½ years and have never seen anything like it. However, I'm fairly satisfied with the openssl-correction and do not know if you've got some special reason for the --enabe-bufferevents option. Attach a short log (just some 5 minutes) from running tor-0.2.4.23-64.1.x86_64.rpm. Regards Lars -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|lars.edman@bredband.net | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c9 --- Comment #9 from Lars Edman <lars.edman@bredband.net> 2014-09-18 11:34:09 UTC --- I later let tor-0.2.4.23-64.1.x86_64.rpm run a little longer, and the strange log Warning returned after some 10 minutes: "sep 18 13:20:17.541 [Varning] Something tried to close an or_connection_t without going through channels at src/or/connection.c:3228" Made a quick search and the tor-project confirms that this is related to the --enable-bufferevents option. https://trac.torproject.org/projects/tor/ticket/7734 Regards Lars -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=897113 https://bugzilla.novell.com/show_bug.cgi?id=897113#c10 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low Status|NEW |ASSIGNED --- Comment #10 from Andreas Stieger <Andreas.Stieger@gmx.de> 2014-09-20 13:41:21 UTC --- disabled build with experimental feature bufferevents in network / tor. Will be included for openSUSE:12.3:Update and openSUSE:13.1:Update with the next security update when it comes along. This will also re-link it against the updated openSSL. I did see the same messages but not the crash. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=897113 --- Comment #14 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2014:1265-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 897113,898268 CVE References: Sources used: openSUSE 13.1 (src): tor-0.2.4.24-5.16.1 openSUSE 12.3 (src): tor-0.2.4.24-2.16.1 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=897113 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED --- Comment #15 from Andreas Stieger <Andreas.Stieger@gmx.de> --- Update released, closing. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com