From: David Uhden Collado Subject: Re: net/tor-0.4.8.19: major bugfix for relays built with LibreSSL To: ports@openbsd.org Cc: Pascal Stumpf , Stuart Henderson , openbsd@systemfailure.net Date: Wed, 8 Oct 2025 20:31:01 +0200 > The workaround committed to tor-0.4.8.19 for this issue is for the > *client side* i.e. the machine running OpenSSL 3.5 which is unable > to connect to those relays running current libressl. > > i.e. updating tor on the OpenBSD side in ports would not help. > > It is too late to get into 7.8-release packages at this point anyway. > > The actual *fix* (as opposed to workaround) will be in libressl on the > server side. There is an initial fix but it is not completely ready yet > so I believe that would most likely be post-release. > > I have a hunch that LibreSSL doesn't get as many new features and fixes as OpenSSH because it's not as popular. This makes me wonder: Why is LibreSSL better than OpenSSL? > > > >> Hello, >> >> Here's a (very simple) patch for net/tor-0.4.8.19, which was released a few days ago. >> >> This new version ships with an important bug fix for Tor relays built with LibreSSL. Basically, with the previous release, those relays were unreachable because of a TLS error. >> >> I could reproduce this bug myself by launching a Tor bridge, and I can confirm this is fixed in 0.4.8.19 (using the latest Tor browser, which is not in ports yet, on different platforms). >> >> Changelog: https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes >> >> I know that ports are locked down right now, but IMHO this issue is important enough (basically you cannot run a relay on OpenBSD using the current package) to be worth an update anyway. But I'm not the one making the decision ;-) >> >> Best regards. > >> Index: Makefile >> =================================================================== >> RCS file: /cvs/ports/net/tor/Makefile,v >> diff -u -p -r1.173 Makefile >> --- Makefile 28 Sep 2025 10:04:47 -0000 1.173 >> +++ Makefile 7 Oct 2025 05:34:16 -0000 >> @@ -1,6 +1,6 @@ >> COMMENT= anonymity service using onion routing >> >> -DISTNAME= tor-0.4.8.18 >> +DISTNAME= tor-0.4.8.19 >> CATEGORIES= net >> HOMEPAGE= https://www.torproject.org/ >> >> Index: distinfo >> =================================================================== >> RCS file: /cvs/ports/net/tor/distinfo,v >> diff -u -p -r1.138 distinfo >> --- distinfo 24 Sep 2025 18:24:58 -0000 1.138 >> +++ distinfo 7 Oct 2025 05:34:16 -0000 >> @@ -1,2 +1,2 @@ >> -SHA256 (tor-0.4.8.18.tar.gz) = SupsEJ1O/06iuvuQWn5rCpZdFP6FYhSwL82QRrTZOvg= >> -SIZE (tor-0.4.8.18.tar.gz) = 10139317 >> +SHA256 (tor-0.4.8.19.tar.gz) = PLZJodM7pqZfEJ0iRTTpOq8KbehKWxy0sFS/oGu3T1o= >> +SIZE (tor-0.4.8.19.tar.gz) = 10160196 >