Strange it happens all the time with OpenSSL 1.0.1c Even with the non-debian version. I tried the vanilla OpenSSL with only the patch for "linux-mipsel" in Configure.
When it performs it's handshake it will still spawn the message: Jun 25 20:57:31.000 [warn] TLS error while creating tor_tls_t object: could not load the shared library (in DSO support routines:DLFCN_LOAD:---) Jun 25 20:57:31.000 [warn] TLS error while creating tor_tls_t object: could not load the shared library (in DSO support routines:DSO_load:---) However Tor continues to work fine. I think the warning can be ignored because Tor has been compiled with "--enable-static-openssl" Also OpenSSL has been compiled with "enable-tlsext" and I've checked my static libssl.a with mipsel-linux-objdump and the tls symbols are there. So I guess Tor looks for the shared tls extension first (which doesn't exist) and then continues with its statically linked tls-enabled-openssl instead. Would Tor fail to connect without tls? 2012/6/22 Gino Badouri <[email protected]> > Hi Nick, > > Thanks for your response. > I've recompiled Tor with --disable-linker-hardening and > --disable-gcc-hardening but I still get the warning regarding tls support. > > Jun 22 18:00:04.000 [notice] Tor 0.2.3.17-beta opening new log file. > Jun 22 18:00:04.000 [warn] You are running Tor as root. You don't need to, > and you probably shouldn't. > Jun 22 18:00:05.000 [notice] No AES engine found; using AES_* functions. > Jun 22 18:00:05.000 [notice] This OpenSSL has a good implementation of > counter mode; using it. > Jun 22 18:00:06.000 [notice] OpenSSL OpenSSL 1.0.1c 10 May 2012 looks like > version 0.9.8m or later; I will try SSL_OP to enable renegotiation > Jun 22 18:00:12.000 [notice] Reloaded microdescriptor cache. Found 0 > descriptors. > Jun 22 18:00:12.000 [notice] I learned some more directory information, > but not enough to build a circuit: We have no usable consensus. > Jun 22 18:00:13.000 [notice] Bootstrapped 5%: Connecting to directory > server. > Jun 22 18:00:13.000 [notice] Heartbeat: Tor's uptime is 0:00 hours, with 1 > circuits open. I've sent 0 kB and received 0 kB. > Jun 22 18:00:13.000 [notice] Bootstrapped 10%: Finishing handshake with > directory server. > Jun 22 18:00:13.000 [warn] TLS error while creating tor_tls_t object: > could not load the shared library (in DSO support routines:DLFCN_LOAD:---) > Jun 22 18:00:13.000 [warn] TLS error while creating tor_tls_t object: > could not load the shared library (in DSO support routines:DSO_load:---) > Jun 22 18:00:14.000 [notice] Bootstrapped 15%: Establishing an encrypted > directory connection. > Jun 22 18:00:14.000 [notice] Bootstrapped 20%: Asking for networkstatus > consensus. > Jun 22 18:00:14.000 [notice] Bootstrapped 25%: Loading networkstatus > consensus. > Jun 22 18:00:17.000 [notice] I learned some more directory information, > but not enough to build a circuit: We have no usable consensus. > Jun 22 18:00:18.000 [notice] Bootstrapped 40%: Loading authority key certs. > Jun 22 18:00:21.000 [notice] Bootstrapped 45%: Asking for relay > descriptors. > Jun 22 18:00:21.000 [notice] I learned some more directory information, > but not enough to build a circuit: We have only 0/2920 usable > microdescriptors. > Jun 22 18:00:42.000 [notice] We now have enough directory information to > build circuits. > Jun 22 18:00:42.000 [notice] Bootstrapped 80%: Connecting to the Tor > network. > Jun 22 18:00:42.000 [notice] Bootstrapped 90%: Establishing a Tor circuit. > Jun 22 18:00:47.000 [notice] Tor has successfully opened a circuit. Looks > like client functionality is working. > Jun 22 18:00:47.000 [notice] Bootstrapped 100%: Done. > > It could be that Debian FIPS' version of OpenSSL 1.0.1c is causing this > problem. > But it was only "mipsel" patch for OpenSSL 1.0.1c I could find. > > I'll try the stable build of Tor and report back. > > > 2012/6/21 Nick Mathewson <[email protected]> > >> On Thu, Jun 21, 2012 at 5:05 PM, Gino Badouri <[email protected]> >> wrote: >> > Hi there, >> > >> > My goal is to run Tor on small cluster of embedded mips devices. >> > Because the platform runs on an older version of OpenSSL and libevent I >> have >> > chosen to statically link them with Tor. >> > >> > So I went ahead to compile the components. >> > I'm aiming at the beta version: 0.2.3.17 >> > >> > OpenSSL 1.0.1c has been build with: >> > ./Configure debian-mipsel shared enable-tlsext zlib-dynamic no-ssl2 >> > >> > >> > libevent-2.0.19-stable has been built with: >> > ./configure --enable-openssl --disable-debug-mode --with-pic >> >> Hm. Just to rule something out that got added in 0.2.3.17-beta: could >> you try configuring Tor with --disable-compiler-hardening and >> --disable-linker-hardening, and see if that makes a difference? >> _______________________________________________ >> tor-dev mailing list >> [email protected] >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev >> > >
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
