current tor package in openSUSE 12.3

Discussion:

Lars Edman @ LinuxSuSE

2014-09-15 07:35:37 UTC

Hi!

Not certain if this packaging list is the best to subscribe to? But
start here.

I run an updated openSUSE 12.3 x86_64 with openssl-1.0.1i-1.64.1.x86_64
Current tor-0.2.4.23-2.12.1.x86_64 from openSUSE-update seems to be
built against OpenSSL-1.0.1h and leaves the following warning msg:
sep 14 12:01:58.258 [Varning] OpenSSL version from headers does not
match the version we're running with. If you get weird crashes, that
might be why. (Compiled with 1000108f: OpenSSL 1.0.1h 5 Jun 2014;
running with 1000109f: OpenSSL 1.0.1i 6 Aug 2014).

I've experienced the same problem (and the "weird crashes") in my
Slackware server after upgrading OpenSSL, and rebuilt tor.
Will you rebuild tor and make an update, or do I have to build it
myself?

Tor also leaves another warning msg concerning the build:
sep 14 12:01:58.258 [Varning] Tor was compiled with the
--enable-bufferevents option. This is still experimental, and might
cause strange bugs. If you want a more stable Tor, be sure to build
without --enable-bufferevents.

And finally an ordinary message concering the build of openssl:
sep 14 12:01:58.258 [Meddelande] We were built to run on a 64-bit CPU,
with OpenSSL 1.0.1 or later, but with a version of OpenSSL that
apparently lacks accelerated support for the NIST P-224 and P-256
groups. Building openssl with such support (using the
enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH
much faster.

Best regards

Lars

--
To unsubscribe, e-mail: opensuse-packaging+***@opensuse.org
To contact the owner, e-mail: opensuse-packaging+***@opensuse.org

Bruno Friedmann

2014-09-15 10:14:12 UTC

Permalink

Post by Lars Edman @ LinuxSuSE
Hi!
Not certain if this packaging list is the best to subscribe to? But
start here.
I run an updated openSUSE 12.3 x86_64 with openssl-1.0.1i-1.64.1.x86_64
Current tor-0.2.4.23-2.12.1.x86_64 from openSUSE-update seems to be
sep 14 12:01:58.258 [Varning] OpenSSL version from headers does not
match the version we're running with. If you get weird crashes, that
might be why. (Compiled with 1000108f: OpenSSL 1.0.1h 5 Jun 2014;
running with 1000109f: OpenSSL 1.0.1i 6 Aug 2014).
I've experienced the same problem (and the "weird crashes") in my
Slackware server after upgrading OpenSSL, and rebuilt tor.
Will you rebuild tor and make an update, or do I have to build it
myself?
sep 14 12:01:58.258 [Varning] Tor was compiled with the
--enable-bufferevents option. This is still experimental, and might
cause strange bugs. If you want a more stable Tor, be sure to build
without --enable-bufferevents.
sep 14 12:01:58.258 [Meddelande] We were built to run on a 64-bit CPU,
with OpenSSL 1.0.1 or later, but with a version of OpenSSL that
apparently lacks accelerated support for the NIST P-224 and P-256
groups. Building openssl with such support (using the
enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH
much faster.
Best regards
Lars

Hey Lars, if you are able to build it for yourself, then I would recommend to try the
update package for released product

https://en.opensuse.org/openSUSE:Package_maintenance

The first thing I would do is opening a bug which will drive the submit request to update channel

You should be able to rebuild tor, for 12.3 and 13.1 then.
And this will be useful for everybody.
--
Bruno Friedmann
Ioda-Net Sàrl www.ioda-net.ch

------------------------
/ openSUSE Member & Board \
/ GPG KEY : D5C9B751C4653227 \
\ irc: tigerfoot /
------------------------
\
/@ --~-.
\/ __ .- |
// // @

--
To unsubscribe, e-mail: opensuse-packaging+***@opensuse.org
To contact the owner, e-mail: opensuse-packaging+***@opensuse.org

Cristian Rodríguez

2014-09-16 03:58:29 UTC

Permalink

Post by Lars Edman @ LinuxSuSE
I run an updated openSUSE 12.3 x86_64 with openssl-1.0.1i-1.64.1.x86_64
Current tor-0.2.4.23-2.12.1.x86_64 from openSUSE-update seems to be
sep 14 12:01:58.258 [Varning] OpenSSL version from headers does not
match the version we're running with. If you get weird crashes, that
might be why. (Compiled with 1000108f: OpenSSL 1.0.1h 5 Jun 2014;
running with 1000109f: OpenSSL 1.0.1i 6 Aug 2014).

This is not a problem..the tor package however should silence that
warnings, which are intended for people that build packages from source
such as gentoo..

Post by Lars Edman @ LinuxSuSE
I've experienced the same problem (and the "weird crashes") in my
Slackware server after upgrading OpenSSL, and rebuilt tor.
Will you rebuild tor and make an update, or do I have to build it
myself?

Neither, you will be creating a problem where there is none.

Post by Lars Edman @ LinuxSuSE
sep 14 12:01:58.258 [Meddelande] We were built to run on a 64-bit CPU,
with OpenSSL 1.0.1 or later, but with a version of OpenSSL that
apparently lacks accelerated support for the NIST P-224 and P-256
groups. Building openssl with such support (using the
enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH
much faster.

This feature is enabled in code 13 (13.1, 13.2, factory) in x86_64.
however not in 12.3... Someone (i.e ME) already thought about enabling
this feature in the last security update..but decided not to, because
using almost any additional feature flag in openssl changes the ABI and
the "weird crashes" warning above starts to apply.

Though this particular flag *appears* to be safe to enable in an
update..I didn't want my inbox to get flooded with angry complains about
a broken update, since I currently have neither the time not the
necessary patience to deal with them, even less if we are talking about
an ancient product that should just die. (scheduled EOL is Sep 15th 2014)

ps: there will be no new openssl update for 12.3

--
To unsubscribe, e-mail: opensuse-packaging+***@opensuse.org
To contact the owner, e-mail: opensuse-packaging+***@opensuse.org