From 411cf8f71455926db119259545ac8d5c80a5fb58 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 11 Jan 2012 15:41:46 -0500 Subject: [PATCH] Make openssl 0.9.8l log message accurate fixes 4837 --- changes/bug4837 | 4 ++++ src/common/tortls.c | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 changes/bug4837 diff --git a/changes/bug4837 b/changes/bug4837 new file mode 100644 index 0000000000..16a61d1b39 --- /dev/null +++ b/changes/bug4837 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Fix the log message describing how we work around discovering + that our version is the ill-fated OpenSSL 0.9.8l. Fixes bug + 4837; bugfix on 0.2.2.9-alpha. diff --git a/src/common/tortls.c b/src/common/tortls.c index 28bb3f9b41..908337f799 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -475,8 +475,10 @@ tor_tls_init(void) * a test of intelligence and determination. */ if (version > OPENSSL_V(0,9,8,'k') && version <= OPENSSL_V(0,9,8,'l')) { - log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l; " - "I will try SSL3_FLAGS to enable renegotation.", + log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l, but " + "some vendors have backported renegotiation code from " + "0.9.8m without updating the version number. " + "I will try SSL3_FLAGS and SSL_OP to enable renegotation.", SSLeay_version(SSLEAY_VERSION)); use_unsafe_renegotiation_flag = 1; use_unsafe_renegotiation_op = 1;