Roger Dingledine wrote: > On Sat, Sep 26, 2009 at 06:16:59PM -0400, Wyllys Ingersoll wrote: >> Im trying to run a tor relay (v2.1.19) and am seeing the following errors >> repeatedly: >> >> Sep 26 18:16:03 spyglass Tor[851]: [ID 702911 daemon.warning] >> onion_skin_client_handshake failed. >> Sep 26 18:16:03 spyglass Tor[851]: [ID 702911 daemon.warning] >> circuit_finish_handshake failed. >> Sep 26 18:16:03 spyglass Tor[851]: [ID 702911 daemon.warning] Digest DOES >> NOT MATCH on onion handshake. Bug or attack. >> >> I'm not sure how to fix this - any suggestions? > > How odd. What's happening is your Tor is trying to extend a circuit > (this is a client-side circuit, that is, a circuit that your Tor could > use for its own connections), and you send your half of the handshake, > and get back the other half of the handshake. Then you compute what you > think the session key should be (based on both halves of the handshake), > and compare that to what the fellow on the other end thought the session > key should be. They don't match. > > Has anybody else been seeing these? > > If not, my guess is there's something weird with your hardware or > your openssl libs. You don't happen to be using some sort of crypto > accelerator, do you? :) If so, try turning it off and see if the problems > go away.
Oddly enough, on the one system that I use that DOES have HW support, I don't have the problem. I am seeing it on several systems that do not have any HW support. -Wyllys *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
