Libevent2 port is not passing SSL regression tests
Scot Hetzel
swhetzel at gmail.com
Mon Jun 4 02:52:37 UTC 2012
On Sun, Jun 3, 2012 at 5:29 PM, Oleg Moskalenko
<oleg.moskalenko at citrix.com> wrote:
> I got reply from libevent guys:
>
> ======================================
> This is actually an openssl bug that prevents OpenSSL 1.0.1 from
> renegotiating with itself successfully when it has negotiated TLS 1.1 or
> TLS 1.2.
>
> It doesn't seem to have an OpenSSL ticket yet; we only figured it out
> yesterday on the Tor bugtracker. See
> https://trac.torproject.org/projects/tor/ticket/6033 for what we learned
> there. With any luck, this should be fixed in openssl 1.0.1d or 1.0.1e.
> It is nothing to worry about, unless you're using renegotiation with
> OpenSSL and TLS 1.1 or TLS 1.2.
>
Looks like OpenSSL has a fix for this:
http://cvs.openssl.org/chngview?cn=22567
We might want to add a patch to the OpenSSL port to fix this before
1.01d is released.
Scot
More information about the freebsd-ports
mailing list